*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->NetBSD man pages -> nfssvc (2)              



NAME    [Toc]    [Back]

     nfssvc - NFS services

LIBRARY    [Toc]    [Back]

     Standard C Library (libc, -lc)

SYNOPSIS    [Toc]    [Back]

     #include <unistd.h>
     #include <nfs/nfs.h>

     nfssvc(int flags, void *argstructp);

DESCRIPTION    [Toc]    [Back]

     The nfssvc() function is used by the NFS daemons to pass information into
     and out of the kernel and also to enter the kernel as a server daemon.
     The flags argument consists of several bits that show what action is to
     be taken once in the kernel and the argstructp points to one of three
     structures depending on which bits are set in flags.

     On the client side, nfssvc() is only used for NQNFS.  mount_nfs(8) calls
     nfssvc() with the NFSSVC_MNTD flag, optionally or'd with the flags
     NFSSVC_GOTAUTH and NFSSVC_AUTHINFAIL along with a pointer to a

     struct nfsd_cargs {
             char            *ncd_dirp;      /* Mount dir path */
             uid_t           ncd_authuid;    /* Effective uid */
             int             ncd_authtype;   /* Type of authenticator */
             int             ncd_authlen;    /* Length of authenticator string */
             char            *ncd_authstr;   /* Authenticator string */

     structure.  The initial call has only the NFSSVC_MNTD flag set to specify
     service for the mount point.  If the mount point is using Kerberos, then
     the mount_nfs(8) daemon will return from nfssvc() with errno == ENEEDAUTH
     whenever the client side requires an ``rcmd'' authentication ticket for
     the user.  The mount_nfs(8) program will attempt to get the Kerberos
     ticket, and if successful will call nfssvc() with the flags NFSSVC_MNTD
     and NFSSVC_GOTAUTH after filling the ticket into the ncd_authstr field
     and setting the ncd_authlen and ncd_authtype fields of the nfsd_cargs
     structure.  If mount_nfs(8) failed to get the ticket, nfssvc() will be
     to denote a failed authentication attempt.

     On the server side, nfssvc() is called with the flag NFSSVC_NFSD and a
     pointer to a

     struct nfsd_srvargs {
             struct nfsd     *nsd_nfsd;      /* Pointer to in kernel nfsd struct */
             uid_t           nsd_uid;        /* Effective uid mapped to cred */
             u_long          nsd_haddr;      /* Ip address of client */
             struct ucred    nsd_cr;         /* Cred. uid maps to */
             int             nsd_authlen;    /* Length of auth string (ret) */
             char            *nsd_authstr;   /* Auth string (ret) */

     to enter the kernel as an nfsd(8) daemon.  Whenever an nfsd(8) daemon
     receives a Kerberos authentication ticket, it will return from nfssvc()
     with errno == ENEEDAUTH.  The nfsd(8) will attempt to authenticate the
     ticket and generate a set of credentials on the server for the ``user
     id'' specified in the field nsd_uid.  This is done by first authenticating
 the Kerberos ticket and then mapping the Kerberos principal to a
     local name and getting a set of credentials for that user via.
     getpwnam(3) and getgrouplist(3).  If successful, the nfsd(8) will call
     nfssvc() with the NFSSVC_NFSD and NFSSVC_AUTHIN flags set to pass the
     credential mapping in nsd_cr into the kernel to be cached on the server
     socket for that client.  If the authentication failed, nfsd(8) calls
     nfssvc() with the flags NFSSVC_NFSD and NFSSVC_AUTHINFAIL to denote an
     authentication failure.

     The master nfsd(8) server daemon calls nfssvc() with the flag
     NFSSVC_ADDSOCK and a pointer to a

     struct nfsd_args {
             int     sock;           /* Socket to serve */
             caddr_t name;           /* Client address for connection based sockets */
             int     namelen;        /* Length of name */

     to pass a server side NFS socket into the kernel for servicing by the
     nfsd(8) daemons.

RETURN VALUES    [Toc]    [Back]

     Normally nfssvc does not return unless the server is terminated by a signal
 when a value of 0 is returned.  Otherwise, -1 is returned and the
     global variable errno is set to specify the error.

ERRORS    [Toc]    [Back]

     [ENEEDAUTH]        This special error value is really used for authentication
 support, particularly Kerberos, as explained

     [EPERM]            The caller is not the super-user.

SEE ALSO    [Toc]    [Back]

     mount_nfs(8), nfsd(8)

HISTORY    [Toc]    [Back]

     The nfssvc function first appeared in 4.4BSD.

BUGS    [Toc]    [Back]

     The nfssvc system call is designed specifically for the NFS support daemons
 and as such is specific to their requirements.  It should really
     return values to indicate the need for authentication support, since
     ENEEDAUTH is not really an error.  Several fields of the argument structures
 are assumed to be valid and sometimes to be unchanged from a previous
 call, such that nfssvc must be used with extreme care.

BSD                              June 9, 1993                              BSD
[ Back ]
 Similar pages
Name OS Title
getservent Tru64 Get a services file entry from the /etc/services file.
getservent_r Tru64 Get a services file entry from the /etc/services file.
ThreadGetId Tru64 Atom services
ThreadLockedAdd Tru64 Atom services
ThreadMutexLock Tru64 Atom services
ThreadLookup Tru64 Atom services
ThreadMutexPoll Tru64 Atom services
ThreadExcludeProc Tru64 Atom services
ThreadForeach Tru64 Atom services
ThreadCreationProc Tru64 Atom services
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service