fsirand -- randomize inode generation numbers
fsirand [-b] [-f] [-p] special [special ...]
The fsirand utility installs random generation numbers on all the inodes
for each file system specified on the command line by special. This
increases the security of NFS-exported file systems by making it difficult
to ``guess'' filehandles.
Note: newfs(8) now does the equivalent of fsirand itself so it is no
longer necessary to run fsirand by hand on a new file system. It is only
used to re-randomize or report on an existing file system.
The fsirand utility should only be used on an unmounted file system that
has been checked with fsck(8) or a file system that is mounted read-only.
The fsirand utility may be used on the root file system in single-user
mode but the system should be rebooted via ``reboot -n'' afterwards.
The available options are as follows:
-b Use the default block size (usually 512 bytes) instead of the
value gleaned from the disklabel.
-f Force fsirand to run even if the file system on special is not
marked as clean.
-p Print the current generation numbers for all inodes instead of
generating new ones.
Since fsirand allocates enough memory to hold all the inodes in a given
cylinder group it may use a large amount of memory for large disks with
few cylinder groups.
fs(5), fsck(8), newfs(8)
The fsirand utility appeared in SunOS 3.x.
This version of fsirand first appeared in OpenBSD 2.1.
A FreeBSD version first appeared in FreeBSD 2.2.5.
Todd C. Miller <Todd.Miller@courtesan.com>
FreeBSD 5.2.1 January 25, 1997 FreeBSD 5.2.1 [ Back ] |