share_nfs.1m (2010 09)
s
share_nfs(1M) share_nfs(1M)
refer=path@host[+host
][:path@host[+host]]
Refer the client accessing the specified shared file system to an alternative location
on the provided host.
ro Sharing will be read-only to all clients.
ro=access_list
Sharing will be read-only to the clients listed in access_list ; overrides the
rw subop-
tion for the clients specified. See access_list below.
root=access_list
Only root users from the hosts specified in access_list will have root access. See
access_list below. By default, no host has root access, so root users are mapped to
an anonymous user
ID (see the anon=uid option described above). Netgroups can
be used if the file system shared is using UNIX authentication (
AUTH_SYS).
rw Sharing will be read-write to all clients. This is the default behavior.
rw=access_list
Sharing will be read-mostly to clients in access_list . Read-mostly means read-write
to those clients specified and read-only for all other systems. If
sec= option is pro-
vided, sharing will be read-write to the clients listed in access_list ; overrides the
ro
suboption for the clients specified. See access_list below.
sec=mode[:mode] ...
Sharing will use one or more of the specified security modes. The mode in the
sec=mode option must be a mode name supported on the client. If the sec=
option is not specified, the default security mode used is AUTH_SYS.Multiple
sec= options can be specified on the command line, although each mode can appear
only once. The security modes are defined in nfssec (5).
Each
sec= option specifies modes that apply to any subsequent window=, rw, ro
,
rw=, ro=, and root= options that are provided before another sec=mode. Each
additional sec= resets the security mode context, so that more window=, rw, ro,
rw=, ro=, and root= options can be supplied for additional modes.
sec=none If the option sec=none is specified when the client uses AUTH_NONE, or if the
client uses a security mode that is not one that the file system is shared with, then
the credential of each NFS request is treated as unauthenticated. See the
anon=uid option for a description of how unauthenticated requests are handled.
window=value
When sharing with sec=dh, set the maximum life time (in seconds) of the RPC
request’s credential (in the authentication header) that the NFS server will allow.
If a credential arrives with a life time larger than what is allowed, the NFS server
will reject the request. The default value is 30000 seconds (8.3 hours).
Operands
The following operands are supported:
pathname The pathname of the file system to be shared.
The access_list Argument
The access_list argument is used in many of the options described above. The access_list is a colon-
separated list whose components may be any number of the following.
hostname
The name of a host. With a server configured for DNS or LDAP naming in the nsswitch "hosts"
entry, any hostname must be represented as a fully qualified DNS or LDAP name.
netgroup
A netgroup contains a number of hostnames. With a server configured for DNS or LDAP naming in
the
nsswitch "hosts" entry, any hostname in a netgroup must be represented as a fully qualified
DNS or LDAP name.
domain name suffix
To use domain membership, the server must use DNS or LDAP to resolve hostnames to IP
addresses; that is, the "hosts" entry in the
/etc/nsswitch.conf must specify dns or ldap
ahead of nis, since only DNS and LDAP return the full domain name of the host. Other name
2 Hewlett-Packard Company − 2 − HP-UX 11i Version 3: September 2010