1.\" 2.\" The contents of this file are subject to the terms of the 3.\" Common Development and Distribution License (the "License"). 4.\" You may not use this file except in compliance with the License. 5.\" 6.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 7.\" or http://www.opensolaris.org/os/licensing. 8.\" See the License for the specific language governing permissions 9.\" and limitations under the License. 10.\" 11.\" When distributing Covered Code, include this CDDL HEADER in each 12.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE. 13.\" If applicable, add the following below this CDDL HEADER, with the 14.\" fields enclosed by brackets "[]" replaced with your own identifying 15.\" information: Portions Copyright [yyyy] [name of copyright owner] 16.\" 17.\" 18.\" Copyright 1989 AT&T 19.\" Copyright (c) 2004, Sun Microsystems, Inc. All Rights Reserved. 20.\" Copyright 2016 Nexenta Systems, Inc. 21.\" Copyright 2020 Joyent, Inc. 22.\" Copyright 2022 RackTop Systems. 23.\" 24.Dd September 15, 2022 25.Dt NFS 5 26.Os 27.Sh NAME 28.Nm nfs 29.Nd NFS configuration properties 30.Sh DESCRIPTION 31The behavior of the 32.Xr nfsd 8 , 33.Xr nfsmapid 8 , 34.Xr lockd 8 , 35and 36.Xr mountd 8 37daemons and 38.Xr mount_nfs 8 39command is controlled by property values that are stored in the Service 40Management Facility, smf(7). 41The 42.Xr sharectl 8 43command should be used to query or change values for these properties. 44.Pp 45Changes made to 46.Nm 47property values on the 48.Nm nfsd , 49.Nm lockd , 50.Nm mountd , 51or 52.Nm mount_nfs 53command line override the values set using 54.Xr sharectl 8 . 55.Pp 56The following list describes the properties: 57.Bl -tag -width Ds 58.It Xo 59.Sy client_versmin Ns = Ns Ar num 60.br 61.Sy client_versmax Ns = Ns Ar num 62.Xc 63The NFS client only uses NFS versions in the range specified by these 64properties. 65Valid values of versions are: 2, 3, and 4. 66Default minimum version is 67.Li 2 , 68while default maximum is 69.Li 4 . 70.Pp 71You can override this range on a per-mount basis by using the 72.Fl o Sy vers Ns = 73option to 74.Xr mount_nfs 8 . 75.It Xo 76.Sy server_versmin Ns = Ns Ar num 77.br 78.Sy server_versmax Ns = Ns Ar num 79.Xc 80The NFS server only uses NFS versions in the range specified by these 81properties. 82Valid values of versions are: 2, 3, and 4. 83Default minimum version is 84.Li 2 , 85while the default maximum version is 86.Li 4 . 87.It Sy server_delegation Ns = Ns Sy on Ns | Ns Sy off 88By default the NFS server provides delegations to clients. 89The user can turn off delegations for all exported filesystems by setting this 90variable to 91.Li off . 92This variable only applies to NFS Version 4. 93.It Sy nfsmapid_domain Ns = Ns Op Ar string 94By default, the 95.Nm nfsmapid 96uses the DNS domain of the system. 97This setting overrides the default. 98This domain is used for identifying user and group attribute strings in the NFS 99Version 4 protocol. 100Clients and servers must match with this domain for operation to proceed 101normally. 102This variable only applies to NFS Version 4. 103See 104.Sx Setting nfsmapid_domain 105below for further details. 106.It Sy max_connections Ns = Ns Ar num 107Sets the maximum number of concurrent, connection-oriented connections. 108The default is 109.Li -1 110.Pq unlimited . 111Equivalent to the 112.Fl c 113option in 114.Nm nfsd . 115.It Sy listen_backlog Ns = Ns Ar num 116Set connection queue length for the NFS over a connection-oriented transport. 117The default value is 118.Li 32 , 119meaning 32 entries in the queue. 120Equivalent to the 121.Fl l 122option in 123.Nm nfsd . 124.It Sy protocol Ns = Ns Op Sy all Ns | Ns Ar protocol 125Start 126.Nm nfsd 127over the specified protocol only. 128Equivalent to the 129.Fl p 130option in 131.Nm nfsd . 132.Sy all 133is equivalent to 134.Fl a 135on the 136.Nm nfsd 137command line. 138Mutually exclusive of 139.Sy device . 140For the UDP protocol, only version 2 and version 3 service is established. 141NFS Version 4 is not supported for the UDP protocol. 142.It Sy device Ns = Ns Op Ar devname 143Start NFS daemon for the transport specified by the given device only. 144Equivalent to the 145.Fl t 146option in 147.Nm nfsd . 148Mutually exclusive of 149.Sy protocol . 150.It Sy servers Ns = Ns Ar num 151Maximum number of concurrent NFS requests. 152Equivalent to last numeric argument on the 153.Nm nfsd 154command line. 155The default is 156.Li 1024 . 157.It Sy lockd_listen_backlog Ns = Ns Ar num 158Set connection queue length for 159.Nm lockd 160over a connection-oriented transport. 161The default and minimum value is 162.Li 32 . 163.It Sy lockd_servers Ns = Ns Ar num 164Maximum number of concurrent 165.Nm lockd 166requests. 167The default is 256. 168.It Sy lockd_retransmit_timeout Ns = Ns Ar num 169Retransmit timeout, in seconds, before 170.Nm lockd 171retries. 172The default is 173.Li 5 . 174.It Sy grace_period Ns = Ns Ar num 175Grace period, in seconds, that all clients 176.Pq both NLM and NFSv4 177have to reclaim locks after a server reboot. 178This parameter also controls the NFSv4 lease interval. 179The default is 180.Li 90 . 181.It Sy mountd_listen_backlog Ns = Ns Ar num 182Set the connection queue length for 183.Nm mountd 184over a connection-oriented transport. 185The default value is 186.Li 64 . 187.It Sy mountd_max_threads Ns = Ns Ar num 188Maximum number of threads for 189.Nm mountd . 190The default value is 191.Li 16 . 192.It Sy mountd_port Ns = Ns Ar num 193The IP port number on which 194.Nm mountd 195should listen. 196The default value is 197.Li 0 , 198which means it should use a default binding. 199.It Sy mountd_remote_dump Ns = Ns Ar boolean 200Should 201.Nm mountd 202respond to remote 203.Sy MOUNTPROC_DUMP 204queries to read the list of remote mounts. 205The default value is 206.Li false , 207which means only queries from local host will be allowed. 208.It Sy statd_port Ns = Ns Ar num 209The IP port number on which 210.Nm statd 211should listen. 212The default value is 213.Li 0 , 214which means it should use a default binding. 215.El 216.Ss Setting nfsmapid_domain 217As described above, the setting for 218.Sy nfsmapid_domain 219overrides the domain used by 220.Xr nfsmapid 8 221for building and comparing outbound and inbound attribute strings, respectively. 222This setting overrides any other mechanism for setting the NFSv4 domain. 223In the absence of a 224.Sy nfsmapid_domain 225setting, the 226.Xr nfsmapid 8 227daemon determines the NFSv4 domain as follows: 228.Bl -bullet 229.It 230If a properly configured 231.Pa /etc/resolv.conf 232.Po see 233.Xr resolv.conf 5 234.Pc 235exists, 236.Nm nfsmapid 237queries specified nameserver(s) for the domain. 238.It 239If a properly configured 240.Pa /etc/resolv.conf 241.Po see 242.Xr resolv.conf 5 243.Pc 244exists, but the queried nameserver does not have a proper record of the domain 245name, 246.Nm nfsmapid 247attempts to obtain the domain name through the BIND interface 248.Po see 249.Xr resolver 3RESOLV 250.Pc . 251.It 252If no 253.Pa /etc/resolv.conf 254exists, 255.Nm nfsmapid 256falls back on using the configured domain name 257.Po see 258.Xr domainname 8 259.Pc , 260which is returned with the leading domain suffix removed. 261For example, for 262.Li widgets.sales.example.com , 263.Li sales.example.com 264is returned. 265.It 266If 267.Pa /etc/resolv.conf 268does not exist, no domain name has been configured 269.Po or no 270.Pa /etc/defaultdomain 271exists 272.Pc , 273.Nm nfsmapid 274falls back on obtaining the domain name from the host name, if the host name 275contains a fully qualified domain name 276.Pq FQDN . 277.El 278.Pp 279If a domainname is still not obtained following all of the preceding steps, 280.Nm nfsmapid 281will have no domain configured. 282This results in the following behavior: 283.Bl -bullet 284.It 285Outbound 286.Qq owner 287and 288.Qq owner_group 289attribute strings are encoded as literal id's. 290For example, the UID 12345 is encoded as 291.Li 12345 . 292.It 293.Nm nfsmapid 294ignores the 295.Qq domain 296portion of the inbound attribute string and performs name service lookups only 297for the user or group. 298If the user/group exists in the local system name service databases, then the 299proper uid/gid will be mapped even when no domain has been configured. 300.Pp 301This behavior implies that the same administrative user/group domain exists 302between NFSv4 client and server (that is, the same uid/gid's for users/groups 303on both client and server). 304In the case of overlapping id spaces, the inbound attribute string could 305potentially be mapped to the wrong id. 306However, this is not functionally different from mapping the inbound string to 307.Sy nobody , 308yet provides greater flexibility. 309.El 310.Sh ZONES 311NFS can be served out of a non-global zone. 312All of the above documentation applies to an in-zone NFS server. 313File sharing in zones is restricted to filesystems a zone completely controls. 314Some zone brands (see 315.Xr brands 7 ) 316do not give the zone's root its own filesystem, for example. 317Delegated ZFS datasets to a zone are shareable, as well as lofs-remounted 318directories. 319The zone must have sys_nfs privileges; most brands grant this already. 320.Sh SEE ALSO 321.Xr brands 7 , 322.Xr smf 7 , 323.Xr zones 7 , 324.Xr lockd 8 , 325.Xr mount_nfs 8 , 326.Xr mountd 8 , 327.Xr nfsd 8 , 328.Xr nfsmapid 8 , 329.Xr sharectl 8 330