1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 4//EN">
3 <TITLE>Administration Reference</TITLE>
4 <!-- Begin Header Records ========================================== -->
5 <!-- /tmp/idwt3672/auarf000.scr converted by idb2h R4.2 (359) ID -->
6 <!-- Workbench Version (AIX) on 3 Oct 2000 at 16:18:30 -->
7 <META HTTP-EQUIV="updated" CONTENT="Tue, 03 Oct 2000 16:18:29">
8 <META HTTP-EQUIV="review" CONTENT="Wed, 03 Oct 2001 16:18:29">
9 <META HTTP-EQUIV="expires" CONTENT="Thu, 03 Oct 2002 16:18:29">
11 <!-- (C) IBM Corporation 2000. All Rights Reserved -->
12 <BODY bgcolor="ffffff">
13 <!-- End Header Records ============================================ -->
14 <A NAME="Top_Of_Page"></A>
15 <H1>Administration Reference</H1>
16 <HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf138.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Bot_Of_Page"><IMG SRC="../bot.gif" BORDER="0" ALT="[Bottom of Topic]"></A> <A HREF="auarf140.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
18 <H2><A NAME="HDRFS_EXPORTAFS" HREF="auarf002.htm#ToC_153">fs exportafs</A></H2>
19 <A NAME="IDX4796"></A>
20 <A NAME="IDX4797"></A>
21 <A NAME="IDX4798"></A>
22 <A NAME="IDX4799"></A>
23 <A NAME="IDX4800"></A>
24 <A NAME="IDX4801"></A>
25 <A NAME="IDX4802"></A>
26 <A NAME="IDX4803"></A>
27 <A NAME="IDX4804"></A>
28 <A NAME="IDX4805"></A>
29 <P><STRONG>Purpose</STRONG>
30 <P>Reports or sets whether the machine can export AFS to clients of other file
32 <P><STRONG>Synopsis</STRONG>
33 <PRE><B>fs exportafs -type</B> <<VAR>exporter name</VAR>>
34 [<B>-start</B> <<VAR>start/stop translator (on | off)</VAR>>]
35 [<B>-convert</B> <<VAR>convert from afs to unix mode (on | off)</VAR>>]
36 [<B>-uidcheck</B> <<VAR>run on strict 'uid check' mode (on | off)</VAR>>]
37 [<B>-submounts</B> <<VAR>allow nfs mounts to subdirs of /afs/.. (on | off)</VAR>>]
40 <B>fs exp -t</B> <<VAR>exporter name</VAR>>
41 [<B>-st</B> <<VAR>start/stop translator (on | off)</VAR>>]
42 [<B>-c</B> <<VAR>convert from afs to unix mode (on | off)</VAR>>]
43 [<B>-u</B> <<VAR>run on strict 'uid check' mode (on | off)</VAR>>]
44 [<B>-su</B> <<VAR>allow nfs mounts to subdirs of /afs/.. (on | off)</VAR>>]
47 <P><STRONG>Description</STRONG>
48 <P>The <B>fs exportafs</B> command sets (if the <B>-start</B> argument
49 is provided) or reports (if it is omitted) whether the machine can reexport
50 the AFS filespace to clients of a non-AFS file system. To control
51 certain features of the translation protocol, use the following
54 <P><LI>To control whether the UNIX <B>group</B> and <B>other</B> mode
55 bits on an AFS file or directory are set to match the <B>owner</B> mode
56 bits when it is exported to the non-AFS file system, use the
57 <B>-convert</B> argument.
58 <P><LI>To control whether tokens can be placed in a credential structure
59 identified by a UID that differs from the local UID of the entity that is
60 placing the tokens in the structure, use the <B>-uidcheck</B>
61 argument. The most common use is to control whether issuers of the
62 <B>knfs</B> command can specify a value for its <B>-id</B> argument
63 that does not match their local UID on the NFS/AFS translator machine.
64 <P><LI>To control whether users can create mounts in the non-AFS filespace to an
65 AFS directory other than <B>/afs</B>, use the <B>-submounts</B>
68 <P><STRONG>Options</STRONG>
71 </B><DD>Names the alternate file system to which to reexport the AFS
72 filespace. The only acceptable value is <B>nfs</B>, in lowercase
75 </B><DD>Enables the local machine to reexport the AFS filespace if the value is
76 <B>on</B>, or disables it if the value is <B>off</B>. Omit this
77 argument to report the current setting for all of the configurable
80 </B><DD>Controls the setting of the UNIX <B>group</B> and <B>other</B>
81 mode bits on AFS files and directories exported to the non-AFS file
82 system. If the value is <B>on</B>, they are set to match the
83 <B>owner</B> mode bits. If the value is <B>off</B>, the bits
84 are not changed. If this argument is omitted, the default value is
87 </B><DD>Controls whether tokens can be placed in a credential structure identified
88 by a UID that differs from the local UID of the entity that is placing the
89 tokens in the structure.
91 <P><LI>If the value is <B>on</B>, the UID that identifies the credential
92 structure must match the local UID.
93 <P>With respect to the <B>knfs</B> command, this value means that the
94 value of <B>-id</B> argument must match the issuer's local UID on the
95 translator machine. In practice, this setting makes it pointless to
96 include the <B>-id</B> argument to the <B>knfs</B> command, because
97 the only acceptable value (the issuer's local UID) is already used when
98 the <B>-id</B> argument is omitted.
99 <P>Enabling UID checking also makes it impossible to issue the <B>klog</B>
100 and <B> pagsh</B> commands on a client machine of the non-AFS file system
101 even though it is a system type supported by AFS. For an explanation,
102 see the reference page for the <B>klog</B> command.
103 <P><LI>If the value is <B>off</B> (the default), tokens can be assigned to a
104 local UID in the non-AFS file system that does not match the local UID of the
105 entity assigning the tokens.
106 <P>With respect to the <B>knfs</B> command, it means that the issuer can
107 use the <B>-id</B> argument to assign tokens to a local UID on the NFS
108 client machine that does not match his or her local UID on the translator
109 machine. (An example is assigning tokens to the MFS client
110 machine's local superuser <B>root</B>.) This setting allows
111 more than one issuer of the <B>knfs</B> command to make tokens available
112 to the same user on the NFS client machine. Each time a different user
113 issues the <B>knfs</B> command with the same value for the <B>-id</B>
114 argument, that user's tokens overwrite the existing ones. This can
115 result in unpredictable access for the user on the NFS client machine.
118 </B><DD>Controls whether a user of the non-AFS filesystem can mount any directory
119 in the AFS filespace other than the top-level <B>/afs</B>
120 directory. If the value is <B>on</B>, such submounts are
121 allowed. If the value is off, only mounts of the <B>/afs</B>
122 directory are allowed. If this argument is omitted, the default value
125 </B><DD>Prints the online help for this command. All other valid options
128 <P><STRONG>Output</STRONG>
129 <P>If the machine is not even configured as a server of the non-AFS file
130 system, the following message appears:
131 <PRE> Sorry, the <VAR>file_system</VAR>-exporter type is currently not supported on
135 <P>If the machine is configured as a server of the non-AFS file system but is
136 not currently enabled to reexport AFS to it (because the <B>-start</B>
137 argument to this command is not set to <B>on</B>), the message is as
139 <PRE> '<VAR>file_system</VAR>' translator is disabled
142 <P>If the machine is enabled to reexport AFS, the following message precedes
143 messages that report the settings of the other parameters.
144 <PRE> '<VAR>file_system</VAR>' translator is enabled with the following options:
147 <P>The following messages indicate that the <B>-convert</B> argument is
148 set to <B>on</B> or <B>off</B> respectively:
149 <PRE> Running in convert owner mode bits to world/other mode
150 Running in strict unix mode
153 <P>The following messages indicate that the <B>-uidcheck</B> argument is
154 set to <B>on</B> or <B>off</B> respectively:
155 <PRE> Running in strict 'passwd sync' mode
156 Running in no 'passwd sync' mode
159 <P>The following messages indicate that the <B>-submounts</B> argument is
160 set to <B>on</B> or <B>off</B> respectively:
161 <PRE> Allow mounts of /afs/.. subdirs
162 Only mounts to /afs allowed
165 <P><STRONG>Examples</STRONG>
166 <P>The following example shows that the local machine can export AFS to NFS
168 <PRE> % <B>fs exportafs nfs</B>
169 'nfs' translator is enabled with the following options:
170 Running in convert owner mode bits to world/other mode
171 Running in no 'passwd sync' mode
172 Only mounts to /afs allowed
175 <P>The following example enables the machine as an NFS server and converts the
176 UNIX <B>group</B> and <B>other</B> mode bits on exported AFS
177 directories and files to match the UNIX <B>owner</B> mode bits.
178 <PRE> % <B>fs exportafs -type nfs -start on -convert on</B>
181 <P>The following example disables the machine from reexporting AFS to NFS
183 <PRE> %<B> fs exportafs -type nfs -start off</B>
186 <P><STRONG>Privilege Required</STRONG>
187 <P>The issuer must be logged in as the local superuser <B>root</B>.
188 <P><STRONG>Related Information</STRONG>
189 <P><A HREF="auarf200.htm#HDRKLOG">klog</A>
190 <P><A HREF="auarf201.htm#HDRKNFS">knfs</A>
192 <HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf138.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Top_Of_Page"><IMG SRC="../top.gif" BORDER="0" ALT="[Top of Topic]"></A> <A HREF="auarf140.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
193 <!-- Begin Footer Records ========================================== -->
195 <br>© <A HREF="http://www.ibm.com/">IBM Corporation 2000.</A> All Rights Reserved
197 <!-- End Footer Records ============================================ -->
198 <A NAME="Bot_Of_Page"></A>
git://git.openafs.org / openafs.git / blob