exports - list of NFS filesystems being exported
The file /etc/exports describes the filesystems that are being exported
to NFS clients. It is created by the system administrator using a text
editor It is processed by exportfs(1M) at system startup and by the mount
request daemon, mountd(1M), each time a mount request is received.
exportfs should be re-executed after making changes to the file.
The file consists of a list of filesystems, the netgroup(4) or machine
names allowed to remote mount each filesystem and possibly a list of
options. The filesystem names are left justified and followed by a list
of names separated by white space. The names are looked up in
/etc/netgroup and then in /etc/hosts. A hyphen indicates the start of
the options list. Multiple options are separated by commas. The default
options are rw,anon=nobody.
ro Export the directory read-only. If not specified, the
directory is exported read-write.
Export the directory read-mostly. Read-mostly means exported
read-only to most machines, but read-write to those specified.
If no hosts are specified, the directory is exported read-write
anon=uid If a request comes from a host for uid 0 (typically ``root'')
or from a host using null authentication, use uid as the
effective user ID. uid can be either a name or an integer user
ID from /etc/passwd. The default value for this option is
``nobody'' (uid -2). Because uid 0 permits access to files
regardless of permission and ownership, NFS servers change uid
0 to the anonymous uid by default. Use the root option to
permit accesses from hosts using uid 0. Setting the value of
uid to -1 disables accesses from unknown users or from root on
hosts not included in the root option.
Give root access only to the root (uid 0) users from a
specified hostname. The default is for no hosts to be granted
Give mount access to each client listed. A client can either
be a hostname, or a netgroup (see netgroup(4)). Each client in
the list is first checked for in the /etc/netgroup database and
then in the /etc/hosts database. The default value allows any
machine to mount the given directory.
nohide Allows a client who mounts this entry's parent filesystem to
access files in this filesystem. This is ``off'' by default,
preventing a client who mounts this entry's parent filesystem
from accessing files in this filesystem. Clients who mount a
filesystem containing a hidden filesystem access the directory
on which the hidden child is mounted, not the child
filesystem's root directory. Be aware that using this option
introduces a violation of RFC 1094, RFC 1813, and the XNFS
specification. Using this option may cause the server not to
interoperate properly with non-IRIX clients, particularly Linux
wsync Causes all writes to this filesystem to be performed
synchronously. With this option, the server waits until
written data is safely stored on a magnetic disk or other nonvolatile
medium before sending a positive response to the
client. Without this option, the server performs delayed
writes (it responds positively to the client, then writes the
data at its convenience or when a sync(2) is executed).
Delaying writes provides a great performance boost, but also
introduces the risk of losing data if the server crashes after
the response but before the data is stored. Use the wsync
option if this risk is unacceptable.
Causes the server to mask off the high order 32 bits of
directory cookies in NFS version 3 directory operations. This
option may be required when clients run 32-bit operating
systems that assume the entire cookie is contained in 32 bits
and reject responses containing version 3 cookies with high
bits on. IRIX 5.3 and Solaris 2.5 are examples of 32-bit
operating systems with this behavior, which produces error
messages like "Cannot decode response" on directory operations.
XFS filesystems on the server can generate cookies with high
bits on. Exporting filesystems with the 32bitclients option
causes these bits to be masked and prevents error messages.
A filesystem name that is not followed by a name list is exported to
everyone. A ``#'' anywhere in the file indicates a comment extending to
the end of the line on which it appears. A backslash ``\'' at the end of
a line permits splitting long lines into shorter ones. When splitting
the options across multiple lines, the character immediately preceeding
the backslash must be one of ``-'', ``='', ``:'', or ``,''. Also, no
whitespace may follow the backslash nor proceed the first character of
the next line.
/usr/local # export to the world
/usr clients # export to my clients
/usr2 bonnie clyde # export to only these machines
/usr3 -anon=guest # map client root & anonymous to guest
/ -ro # export the root filesystem
/usr -ro,nohide # export all local filesystems read-only
-rw,anon=guest,root=bonnie # multi-line example
Exporting all your machine's local filesystems requires enumerating all
local mount points and using nohide for filesystem other than root:
The nohide and wsync options are specific to IRIX.
exportfs(1M), mountd(1M), showmount(1M), netgroup(4), passwd(4).
You cannot export a directory that is either a parent- or a sub-directory
of one that is currently exported and within the same filesystem. It
would be illegal, for example, to export both /usr and /usr/local if both
directories resided in the same disk partition.
While there is no hard-coded maximum length, extremely long export lists
(hundreds of hosts or netgroups for a single exported directory) may
cause mount requests for that exported directory to time out.
PPPPaaaaggggeeee 3333 [ Back ]