exportfs(1M) exportfs(1M)
NAME [Toc] [Back]
exportfs - export and unexport directories to NFS clients
SYNOPSIS [Toc] [Back]
/usr/sbin/exportfs [-auv]
/usr/sbin/exportfs [-uv] [dir ...]
/usr/sbin/exportfs -i [-o options] [-v] [dir ...]
DESCRIPTION [Toc] [Back]
The exportfs command makes a local directory or file available to NFS
clients for mounting over the network. Directories and files cannot
be NFS-mounted unless they are first exported by exportfs.
exportfs is normally invoked at boot time by the
/sbin/init.d/nfs.server script, and uses information contained in the
/etc/exports file to export the file or file system named by each dir,
which must be specified as a full path name.
If no options or arguments are specified in the command line, exportfs
displays a list of the currently exported directories and files on
standard output.
A superuser can run exportfs at any time to alter the list or
characteristics of exported directories and files.
Options [Toc] [Back]
exportfs recognizes the following options:
-a Export all directories listed in /etc/exports. If -u is
also specified, unexport all of the currently exported
directories.
-i Ignore the options in /etc/exports. Normally, exportfs
consults /etc/exports for the options associated with the
exported directory.
-u Unexport the indicated directories.
-v Verbose. Print each directory or file name as it is
exported or unexported.
-o options
Specify a comma-separated list of optional characteristics
for the directory being exported. The list of options can
include any of the following:
async
All NFS Protocol Version 2 mounts will be asynchronous.
This option is ignored for NFS PV3. Refer to
Hewlett-Packard Company - 1 - HP-UX 11i Version 2: August 2003
exportfs(1M) exportfs(1M)
exports(4) for warnings when using this option.
ro Export the directory read-only. If not specified, the
directory is exported read-write. The ro and rw
options cannot be used on the same exportfs command
line.
rw=hostname[:hostname]...
Export the directory read-mostly. Read-mostly means
read-only to most machines, but read-write to those
specified. If neither ro nor rw is specified, the
directory is exported read-write to all. The ro and rw
options cannot be used on the same exportfs command
line. Up to 256 hostnames can be specified. With a
server configured for DNS naming in the nsswitch
"hosts" entry, any hostname must be represented as a
fully qualified DNS name. Currently HP-UX will attempt
to match a non-fully qualified hostname; this HP-only
feature will be obsoleted in a later release of HP-UX.
anon=uid
If a request comes from an unknown user, use uid as the
effective user ID.
Root users (user ID 0) are always treated as user
unknown by the NFS server unless they are included in
the root option below.
If the client is a UNIX system, only root users are
considered unknown. All other users are recognized
even if they are not in /etc/passwd.
The default value for uid is the user ID of user
nobody. If user nobody does not exist, the value -2 is
used. Setting the value of anon to -1 disables
anonymous access.
root=hostname[:hostname]...
Give root access only to the root users from a
specified hostname. The default is for no hosts to be
granted root access. Up to 256 hostnames can be
specified. hostnames on this list are not guaranteed
to successfully mount the specified file system. If a
non-empty access list is specified, the hostname must
also meet one of the access_list criteria for access=
or be on the rw= list. With a server configured for
DNS naming in the nsswitch "hosts" entry, any hostname
must be represented as a fully qualified DNS name.
Currently HP-UX will attempt to match a non-fully
qualified hostname; this HP-only feature will be
obsoleted in a later release of HP-UX.
Hewlett-Packard Company - 2 - HP-UX 11i Version 2: August 2003
exportfs(1M) exportfs(1M)
access=[access_list][:access_list]...
Give mount access to each access_list listed. See the
"access_list" subsection below. An empty access= list
allows all machines to mount the specified mount point.
hostnames on the rw= list do not have to exist on the
access list in order to successfully mount the exported
file system. hostnames on the root= list must either
appear on the rw= list or access= list in order to
successfully mount the file system.
access_list
The access_list argument is a colon-separated list
whose components may be one or more of the
following:
hostname
The name of a host. With a server configured
for DNS naming in the nsswitch "hosts" entry,
any hostname must be represented as a fully
qualified DNS name. Currently HP-UX will
allow a match for a non-fully qualified
hostname; this HP only feature will be
obsoleted in a later release of HP-UX.
netgroup
A netgroup contains a number of hostnames.
With a server configured for DNS naming in
the nsswitch "hosts" entry, any hostname in a
netgroup must be represented as a fully
qualified DNS name.
DNS suffix
To use domain membership, the server must use
DNS to resolve hostnames to IP addresses.
That is, the "hosts" entry in the
/etc/nsswitch.conf file must specify "dns"
ahead of "nis" or "nisplus", since only DNS
returns the full domain name of the host.
Other name services like NIS or NIS+ cannot
be used to resolve hostnames on the server,
because when mapping an IP address to a
hostname, they do not return domain
information. For example,
NIS or NIS+
129.144.45.9 --> "myhost"
DNS
Hewlett-Packard Company - 3 - HP-UX 11i Version 2: August 2003
exportfs(1M) exportfs(1M)
129.144.45.9 --> "myhost.myd.myc.com"
The DNS suffix is distinguished from
hostnames and netgroups by a prefixed dot. A
dot by itself will match "myhost" but not
"myhost.myd.mycy.com". This single dot
feature can be used to match hosts resolved
from NIS and NIS+ rather than DNS.
network
The network or subnet component is preceded
by an at-sign (@). It can be either a name
or a dotted address. If a name, it will be
converted to a dotted address by getnetbyname
(see getnetent(3N)). Entries in
/etc/networks must contain all four octets in
order to be valid.
The network prefix assumes an octet aligned
netmask determined from the zero octets in
the low order part of the address. In the
case where network prefixes are not bytealigned,
the syntax will allow a mask length
to be specified explicitly following a slash
(/) delimiter. The mask is the number of
leftmost contiguous significant bits in the
corresponding IP address.
- A prefixed minus sign (-) denies access to
that component of access_list. The list is
searched sequentially until a match is found
that either grants or denies access, or until
the end of the list is reached. This option
is valid only in conjunction with hostname,
network and DNS Suffix. If prefixing a
hostname and you are configured for DNS
naming, you must fully qualify the hostname.
DIAGNOSTICS [Toc] [Back]
If an NFS-mounted directory is unexported by exportfs, any access by
the client to the directory causes an NFS stale file handle error.
However, if exportfs is used to remove a client from the access list
of an exported directory, an NFS stale file handle error does not
result from any access by the client to the directory.
EXAMPLES [Toc] [Back]
The following invocation of exportfs lists currently exported
directories and files:
exportfs
Hewlett-Packard Company - 4 - HP-UX 11i Version 2: August 2003
exportfs(1M) exportfs(1M)
Export entries in /etc/exports:
exportfs -a
Unexport all exported files and directories:
exportfs -ua
Unexport all exported files and directories and print each directory
or file name as it is unexported:
exportfs -uav
Export /usr to the world, ignoring options in /etc/exports:
exportfs -i /usr
or
exportfs -i -o access= /usr
Export /usr/bin and /var/adm read-only to the world:
exportfs -i -o ro /usr/bin /var/adm
Export /usr/bin read-write only to systems, polk and vanness, when
using DNS as the name service:
exportfs -i -o rw=polk.myd.myc.com:vanness.myd.myc.com /usr/bin
Export /usr/bin read-write only to systems, polk and vanness, when
using NIS or NIS+ as the name services:
exportfs -i -o rw=polk:vanness /usr/bin
Export root access on /var/adm only to the system named pine, and
mount access to both pine and geary when using DNS as the name
services:
exportfs -i -o \
root=pine.myd.myc.com,access=pine.myd.myc.com:geary.myd.myc.com \
/var/adm
Export access to /var/adm for all hosts in the myd.myc.com domain.
exportfs -i -o access=.myd.myc.com /var/adm
Export access to /var/adm for all hosts in the same NIS domain, but
deny access to all hosts in the DNS name space:
Hewlett-Packard Company - 5 - HP-UX 11i Version 2: August 2003
exportfs(1M) exportfs(1M)
exportfs -i -o access=. /var/adm
Export access to /var/adm using a network submask that is a dotted
address:
exportfs -i -o access=@192.144 /var/adm
or
exportfs -i -o access=@192.144.0.0 /var/adm
or using a name where mynetwork is defined in /etc/networks as
follows:
mynetwork 192.144.0.0 mount_144 #allow mounts using this mask
exportfs -i -o access=@mynetwork /var/adm
Export access to /var/adm where the network prefixes are not byte
aligned:
exportfs -i -o access=@192.144.132/17 /var/adm
or
exportfs -i -o access=@mynetwork/17 /var/adm
Export access to /var/adm where the hostname, terra, in the netgroup
engineering is denied access:
exportfs -i -o access=-terra:engineering /var/adm
Export access to /var/adm where the hostname, terra, is granted access
because it is part of the netgroup engineering.
exportfs -i -o access=engineering:-terra /var/adm
WARNINGS [Toc] [Back]
You cannot export a directory that resides within the same file system
and is either a parent or sub-directory of a directory that is
currently exported. For example, /usr and /usr/local cannot both be
exported if they reside in the same disk partition.
If you unexport a directory, remove a client from the access list,
then export again, the client still has access to the directory until
the client unmounts the directory. Removing a client from the root or
rw list takes effect immediately.
/etc/xtab is a system file that contains a list of currently exported
directories and files. This file is maintained by exportfs. To
ensure that this file is always synchronous with current system data
Hewlett-Packard Company - 6 - HP-UX 11i Version 2: August 2003
exportfs(1M) exportfs(1M)
structures, do not attempt to edit /etc/xtab by hand.
FILES [Toc] [Back]
/etc/exports Static export information
/etc/hosts List of hostnames
/etc/netgroup List of network groups
/etc/xtab Current state of exported directories
/etc/networks Network information
SEE ALSO [Toc] [Back]
showmount(1M), exports(4), hosts(4), netgroup(4), networks(4).
Hewlett-Packard Company - 7 - HP-UX 11i Version 2: August 2003 [ Back ] |