HP-UX Reference (11i v3 07/02) - 1M System Administration Commands N-Z (vol 4)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

371

372

373

374

375

376

377

378

379

380

share_nfs(1M) share_nfs(1M)

used if the ﬁle system shared is using UNIX authentication (

AUTH_SYS).

rw Sharing will be read-write to all clients. This is the default behavior.

rw=access_list

Sharing will be read-mostly to clients in access_list. Read-mostly means read-write to

those clients speciﬁed and read-only for all other systems. If

sec= option is provided,

sharing will be read-write to the clients listed in access_list; overrides the

ro subop-

tion for the clients speciﬁed. See access_list below.

sec=mode[:mode] ...

Sharing will use one or more of the speciﬁed security modes. The mode in the

sec=mode option must be a mode name supported on the client. If the

sec= option

is not speciﬁed, the default security mode used is

AUTH_SYS. Multiple sec= options

can be speciﬁed on the command line, although each mode can appear only once. The

security modes are deﬁned in nfssec(5).

Each

sec= option speciﬁes modes that apply to any subsequent

window=, rw, ro,

rw=, ro=, and root= options that are provided before another

sec=mode. Each

additional

sec= resets the security mode context, so that more window=, rw, ro,

rw=, ro=, and root= options can be supplied for additional modes.

sec=none If the option sec=none is speciﬁed when the client uses AUTH_NONE, or if the

client uses a security mode that is not one that the ﬁle system is shared with, then the

credential of each NFS request is treated as unauthenticated. See the

anon=uid

option for a description of how unauthenticated requests are handled.

window=value

When sharing with sec=dh, set the maximum life time (in seconds) of the RPC

request’s credential (in the authentication header) that the NFS server will allow. If a

credential arrives with a life time larger than what is allowed, the NFS server will

reject the request. The default value is 30000 seconds (8.3 hours).

Operands

The following operands are supported:

pathname The pathname of the ﬁle system to be shared.

The access_list Argument

The access_list argument is used in many of the options described above. The access_list is a colon-

separated list whose components may be any number of the following.

hostname

The name of a host. With a server conﬁgured for DNS or LDAP naming in the

nsswitch "hosts"

entry, any hostname must be represented as a fully qualiﬁed DNS or LDAP name.

netgroup

A netgroup contains a number of hostnames. With a server conﬁgured for DNS or LDAP naming in

the

nsswitch "hosts" entry, any hostname in a netgroup must be represented as a fully qualiﬁed

DNS or LDAP name.

domain name suffix

To use domain membership, the server must use DNS or LDAP to resolve hostnames to IP addresses;

that is, the "hosts" entry in the /etc/nsswitch.conf must specify dns

or ldap ahead of nis,

since only DNS and LDAP return the full domain name of the host. Other name services like NIS

cannot be used to resolve hostnames on the server, because when mapping an IP address to a host-

name they do not return domain information. For example,

NIS 129.144.45.9 --> "myhost"

DNS or LDAP 129.144.45.9 --> "myhost.mydomain.mycompany.com"

The domain name sufﬁx is distinguished from hostnames and netgroups by a preﬁxed dot. For exam-

ple,

rw=.mydomain.mycompany.com

378 Hewlett-Packard Company − 2 − HP-UX 11i Version 3: February 2007