123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267 |
- .TH EXPORTFS 4
- .SH NAME
- exportfs, srvfs \- network file server plumbing
- .SH SYNOPSIS
- .B exportfs
- [
- .I options
- ]
- .PP
- .B srvfs
- [
- .B -dR
- ]
- [
- .B -p
- .I perm
- ]
- [
- .B -P
- .I patternfile
- ] [
- .B -e
- .I exportprog
- ]
- .I name
- .I path
- .SH DESCRIPTION
- .I Exportfs
- is a user level file server that allows Plan 9 compute servers, rather
- than file servers, to export portions of a name space across networks.
- The service is started either by the
- .IR cpu (1)
- command or by a network listener process. An initial protocol
- establishes a root directory for the exported name space.
- The
- connection to
- .I exportfs
- is then mounted, typically on
- .BR /mnt/term .
- .I Exportfs
- then acts as a relay file server: operations in the imported file
- tree are executed on the remote server and the results returned. This
- gives the appearance of exporting a name space from a remote machine
- into a local file tree.
- .PP
- The options are:
- .TF "-A \fIaddress"
- .PD
- .TP
- .B -A \fIaddress
- Use the network
- .I address
- to announce
- .IR aan (8)
- connections,
- if requested by the initial protocol.
- .TP
- .B -a
- Authenticate the user with the
- .I p9any
- protocol before running the regular
- .I exportfs
- session; used when
- .I exportfs
- is invoked to handle an incoming network connection.
- .I Exportfs
- creates a new name space for each connection, using
- .B /lib/namespace
- by default (see
- .IR namespace (6)).
- .TP
- .B -B \fIaddress
- Dial
- .IR address ,
- authenticate as a
- .I p9any
- client, and then
- serve that network connection.
- Requires setting the root of the name space with
- .B -r
- or
- .BR -s .
- The remote system should run
- .B import
- .B -B
- to handle the call.
- See
- .IR import (4)
- for an example.
- .TP
- .B -d -f \fIdbgfile
- Log all 9P traffic to
- .I dbgfile
- (default
- .BR /tmp/exportdb ).
- .TP
- .B -e '\fIenc auth\fL'
- Set the encryption and authentication algorithms to use for
- encrypting the wire traffic (see
- .IR ssl (3)).
- The defaults are
- .B rc4_256
- and
- .BR sha1 .
- .TP
- .B -m \fImsize
- Set the maximum message size that
- .I exportfs
- should offer to send (see
- .IR version (5));
- this helps tunneled
- 9P connections to avoid unnecessary fragmentation.
- .TP
- .B -N \fInsfile
- Serve the name space described by
- .IR nsfile .
- .TP
- .B -n
- Disallow mounts by user
- .BR none .
- .TP
- .B -P \fIpatternfile
- Restrict the set of exported files.
- .I Patternfile
- contains one regular expression per line,
- to be matched against path names
- relative to the current working directory
- and starting with
- .BR ./ .
- For a file to be exported, all lines with a prefix
- .B +
- must match and all those with prefix
- .B -
- must not match.
- .TP
- .B -R
- Make the served name space read only.
- .TP
- .B -r \fIroot
- Bypass the initial protocol, serving the name space rooted at
- .IR root .
- A corresponding
- .IR import (4)
- must use the
- .B -m
- option.
- .TP
- .B -S \fIservice
- Bypass the initial protocol, serving the result of mounting
- .IR service .
- A separate mount is used for each
- .IR attach (5)
- message,
- to correctly handle servers in which each mount
- corresponds to a different client
- (e.g.,
- .IR rio (4)).
- A corresponding
- .IR import (4)
- must use the
- .B -m
- option.
- .TP
- .B -s
- equivalent to
- .B -r
- .BR / ;
- kept for compatibility.
- .PD
- .PP
- The
- .B cpu
- command uses
- .I exportfs
- to serve device files in the terminal. The
- .IR import (4)
- command calls
- .I exportfs
- on a remote machine, permitting users to access arbitrary pieces of
- name space on other systems.
- .PP
- Because the kernel disallows reads and writes on mounted pipes
- (as might be found in
- .BR /srv ),
- .I exportfs
- calls itself (with appropriate
- .B -m
- and
- .B -S
- options) to simulate reads and writes on such files.
- .PP
- .I Srvfs
- invokes
- .I exportprog
- (default
- .BR /bin/exportfs )
- to create a mountable file system from a name space
- and posts it at
- .BI /srv/ name ,
- which is created with mode
- .I perm
- (default 0600).
- The name space is the directory tree rooted at
- .IR path .
- The
- .BR -d ,
- .BR -P ,
- and
- .B -R
- options, if present, are relayed to
- .IR exportprog .
- .SH EXAMPLES
- To export the archive of one user for one month, except for secrets,
- .IP
- .EX
- cd /n/dump
- echo '+ ^\e.(/2003(/10..(/usr(/glenda/?)?)?)?)?' > /tmp/pattern
- echo '- \e.(aes|pgp)$' >> /tmp/pattern
- exportfs -P /tmp/pattern
- .EE
- .LP
- Use
- .I srvfs
- to enable mounting of an FTP file system (see
- .IR ftpfs (4))
- in several windows,
- or to publish a
- .B /proc
- (see
- .IR proc (3))
- with a broken process so a remote person may debug the program:
- .IP
- .EX
- srvfs ftp /n/ftp
- srvfs broke /mnt/term/proc
- .EE
- .LP
- Use
- .I srvfs
- to obtain a copy of a service to be manipulated directly
- by a user program like
- .IR nfsserver (8):
- .IP
- .EX
- srvfs nfs.boot /srv/boot
- aux/nfsserver -f /srv/nfs.boot
- .EE
- .LP
- Use
- .I srvfs
- to spy on all accesses to a particular subtree:
- .IP
- .EX
- srvfs -d spy /
- tail -f /tmp/exportdb &
- mount /srv/spy /n/spy
- cd /n/spy; ls
- .EE
- .SH SOURCE
- .B /sys/src/cmd/exportfs
- .br
- .B /sys/src/cmd/srvfs.c
- .SH SEE ALSO
- .IR dial (2),
- .IR import (4),
- .IR aan (8),
- .IR listen (8)
|