xref: /illumos-gate/usr/src/man/man5/nfs.5 (revision 9b664393d4fdda96221e6ea9ea95790d3c15be70) 
1.\"
2.\" The contents of this file are subject to the terms of the
3.\" Common Development and Distribution License (the "License").
4.\" You may not use this file except in compliance with the License.
5.\"
6.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
7.\" or http://www.opensolaris.org/os/licensing.
8.\" See the License for the specific language governing permissions
9.\" and limitations under the License.
10.\"
11.\" When distributing Covered Code, include this CDDL HEADER in each
12.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
13.\" If applicable, add the following below this CDDL HEADER, with the
14.\" fields enclosed by brackets "[]" replaced with your own identifying
15.\" information: Portions Copyright [yyyy] [name of copyright owner]
16.\"
17.\"
18.\" Copyright 1989 AT&T
19.\" Copyright (c) 2004, Sun Microsystems, Inc. All Rights Reserved.
20.\" Copyright 2016 Nexenta Systems, Inc.
21.\" Copyright 2020 Joyent, Inc.
22.\"
23.Dd November 22, 2021
24.Dt NFS 5
25.Os
26.Sh NAME
27.Nm nfs
28.Nd NFS configuration properties
29.Sh DESCRIPTION
30The behavior of the
31.Xr nfsd 8 ,
32.Xr nfsmapid 8 ,
33.Xr lockd 8 ,
34and
35.Xr mountd 8
36daemons and
37.Xr mount_nfs 8
38command is controlled by property values that are stored in the Service
39Management Facility, smf(7).
40The
41.Xr sharectl 8
42command should be used to query or change values for these properties.
43.Pp
44Changes made to
45.Nm
46property values on the
47.Nm nfsd ,
48.Nm lockd ,
49.Nm mountd ,
50or
51.Nm mount_nfs
52command line override the values set using
53.Xr sharectl 8 .
54.Pp
55The following list describes the properties:
56.Bl -tag -width Ds
57.It Xo
58.Sy client_versmin Ns = Ns Ar num
59.br
60.Sy client_versmax Ns = Ns Ar num
61.Xc
62The NFS client only uses NFS versions in the range specified by these
63properties.
64Valid values of versions are: 2, 3, and 4.
65Default minimum version is
66.Li 2 ,
67while default maximum is
68.Li 4 .
69.Pp
70You can override this range on a per-mount basis by using the
71.Fl o Sy vers Ns =
72option to
73.Xr mount_nfs 8 .
74.It Xo
75.Sy server_versmin Ns = Ns Ar num
76.br
77.Sy server_versmax Ns = Ns Ar num
78.Xc
79The NFS server only uses NFS versions in the range specified by these
80properties.
81Valid values of versions are: 2, 3, and 4.
82Default minimum version is
83.Li 2 ,
84while the default maximum version is
85.Li 4 .
86.It Sy server_delegation Ns = Ns Sy on Ns | Ns Sy off
87By default the NFS server provides delegations to clients.
88The user can turn off delegations for all exported filesystems by setting this
89variable to
90.Li off .
91This variable only applies to NFS Version 4.
92.It Sy nfsmapid_domain Ns = Ns Op Ar string
93By default, the
94.Nm nfsmapid
95uses the DNS domain of the system.
96This setting overrides the default.
97This domain is used for identifying user and group attribute strings in the NFS
98Version 4 protocol.
99Clients and servers must match with this domain for operation to proceed
100normally.
101This variable only applies to NFS Version 4.
102See
103.Sx Setting nfsmapid_domain
104below for further details.
105.It Sy max_connections Ns = Ns Ar num
106Sets the maximum number of concurrent, connection-oriented connections.
107The default is
108.Li -1
109.Pq unlimited .
110Equivalent to the
111.Fl c
112option in
113.Nm nfsd .
114.It Sy listen_backlog Ns = Ns Ar num
115Set connection queue length for the NFS over a connection-oriented transport.
116The default value is
117.Li 32 ,
118meaning 32 entries in the queue.
119Equivalent to the
120.Fl l
121option in
122.Nm nfsd .
123.It Sy protocol Ns = Ns Op Sy all Ns | Ns Ar protocol
124Start
125.Nm nfsd
126over the specified protocol only.
127Equivalent to the
128.Fl p
129option in
130.Nm nfsd .
131.Sy all
132is equivalent to
133.Fl a
134on the
135.Nm nfsd
136command line.
137Mutually exclusive of
138.Sy device .
139For the UDP protocol, only version 2 and version 3 service is established.
140NFS Version 4 is not supported for the UDP protocol.
141.It Sy device Ns = Ns Op Ar devname
142Start NFS daemon for the transport specified by the given device only.
143Equivalent to the
144.Fl t
145option in
146.Nm nfsd .
147Mutually exclusive of
148.Sy protocol .
149.It Sy servers Ns = Ns Ar num
150Maximum number of concurrent NFS requests.
151Equivalent to last numeric argument on the
152.Nm nfsd
153command line.
154The default is
155.Li 1024 .
156.It Sy lockd_listen_backlog Ns = Ns Ar num
157Set connection queue length for
158.Nm lockd
159over a connection-oriented transport.
160The default and minimum value is
161.Li 32 .
162.It Sy lockd_servers Ns = Ns Ar num
163Maximum number of concurrent
164.Nm lockd
165requests.
166The default is 256.
167.It Sy lockd_retransmit_timeout Ns = Ns Ar num
168Retransmit timeout, in seconds, before
169.Nm lockd
170retries.
171The default is
172.Li 5 .
173.It Sy grace_period Ns = Ns Ar num
174Grace period, in seconds, that all clients
175.Pq both NLM and NFSv4
176have to reclaim locks after a server reboot.
177This parameter also controls the NFSv4 lease interval.
178The default is
179.Li 90 .
180.It Sy mountd_listen_backlog Ns = Ns Ar num
181Set the connection queue length for
182.Nm mountd
183over a connection-oriented transport.
184The default value is
185.Li 64 .
186.It Sy mountd_max_threads Ns = Ns Ar num
187Maximum number of threads for
188.Nm mountd .
189The default value is
190.Li 16 .
191.It Sy mountd_port Ns = Ns Ar num
192The IP port number on which
193.Nm mountd
194should listen.
195The default value is
196.Li 0 ,
197which means it should use a default binding.
198.It Sy statd_port Ns = Ns Ar num
199The IP port number on which
200.Nm statd
201should listen.
202The default value is
203.Li 0 ,
204which means it should use a default binding.
205.El
206.Ss Setting nfsmapid_domain
207As described above, the setting for
208.Sy nfsmapid_domain
209overrides the domain used by
210.Xr nfsmapid 8
211for building and comparing outbound and inbound attribute strings, respectively.
212This setting overrides any other mechanism for setting the NFSv4 domain.
213In the absence of a
214.Sy nfsmapid_domain
215setting, the
216.Xr nfsmapid 8
217daemon determines the NFSv4 domain as follows:
218.Bl -bullet
219.It
220If a properly configured
221.Pa /etc/resolv.conf
222.Po see
223.Xr resolv.conf 5
224.Pc
225exists,
226.Nm nfsmapid
227queries specified nameserver(s) for the domain.
228.It
229If a properly configured
230.Pa /etc/resolv.conf
231.Po see
232.Xr resolv.conf 5
233.Pc
234exists, but the queried nameserver does not have a proper record of the domain
235name,
236.Nm nfsmapid
237attempts to obtain the domain name through the BIND interface
238.Po see
239.Xr resolver 3RESOLV
240.Pc .
241.It
242If no
243.Pa /etc/resolv.conf
244exists,
245.Nm nfsmapid
246falls back on using the configured domain name
247.Po see
248.Xr domainname 8
249.Pc ,
250which is returned with the leading domain suffix removed.
251For example, for
252.Li widgets.sales.example.com ,
253.Li sales.example.com
254is returned.
255.It
256If
257.Pa /etc/resolv.conf
258does not exist, no domain name has been configured
259.Po or no
260.Pa /etc/defaultdomain
261exists
262.Pc ,
263.Nm nfsmapid
264falls back on obtaining the domain name from the host name, if the host name
265contains a fully qualified domain name
266.Pq FQDN .
267.El
268.Pp
269If a domainname is still not obtained following all of the preceding steps,
270.Nm nfsmapid
271will have no domain configured.
272This results in the following behavior:
273.Bl -bullet
274.It
275Outbound
276.Qq owner
277and
278.Qq owner_group
279attribute strings are encoded as literal id's.
280For example, the UID 12345 is encoded as
281.Li 12345 .
282.It
283.Nm nfsmapid
284ignores the
285.Qq domain
286portion of the inbound attribute string and performs name service lookups only
287for the user or group.
288If the user/group exists in the local system name service databases, then the
289proper uid/gid will be mapped even when no domain has been configured.
290.Pp
291This behavior implies that the same administrative user/group domain exists
292between NFSv4 client and server (that is, the same uid/gid's for users/groups
293on both client and server).
294In the case of overlapping id spaces, the inbound attribute string could
295potentially be mapped to the wrong id.
296However, this is not functionally different from mapping the inbound string to
297.Sy nobody ,
298yet provides greater flexibility.
299.El
300.Sh ZONES
301NFS can be served out of a non-global zone.
302All of the above documentation applies to an in-zone NFS server.
303File sharing in zones is restricted to filesystems a zone completely controls.
304Some zone brands (see
305.Xr brands 7 )
306do not give the zone's root its own filesystem, for example.
307Delegated ZFS datasets to a zone are shareable, as well as lofs-remounted
308directories.
309The zone must have sys_nfs privileges; most brands grant this already.
310.Sh SEE ALSO
311.Xr brands 7 ,
312.Xr smf 7 ,
313.Xr zones 7 ,
314.Xr lockd 8 ,
315.Xr mount_nfs 8 ,
316.Xr mountd 8 ,
317.Xr nfsd 8 ,
318.Xr nfsmapid 8 ,
319.Xr sharectl 8
320