NFS(5) File Formats and Configurations NFS(5)
NAME
nfs - NFS configuration properties
DESCRIPTION
The behavior of the
nfsd(8),
nfsmapid(8),
lockd(8), and
mountd(8) daemons
and
mount_nfs(8) command is controlled by property values that are stored
in the Service Management Facility,
smf(7). The
sharectl(8) command should
be used to query or change values for these properties.
Changes made to
nfs property values on the
nfsd,
lockd,
mountd, or
mount_nfs command line override the values set using
sharectl(8).
The following list describes the properties:
client_versmin=
num client_versmax=
num The NFS client only uses NFS versions in the range specified by
these properties. Valid values of versions are: 2, 3, and 4.
Default minimum version is 2, while default maximum is 4.
You can override this range on a per-mount basis by using the
-o vers= option to
mount_nfs(8).
server_versmin=
num server_versmax=
num The NFS server only uses NFS versions in the range specified by
these properties. Valid values of versions are: 2, 3, and 4.
Default minimum version is 2, while the default maximum version is
4.
server_delegation=
on|
off By default the NFS server provides delegations to clients. The
user can turn off delegations for all exported filesystems by
setting this variable to off. This variable only applies to NFS
Version 4.
nfsmapid_domain=[
string]
By default, the
nfsmapid uses the DNS domain of the system. This
setting overrides the default. This domain is used for identifying
user and group attribute strings in the NFS Version 4 protocol.
Clients and servers must match with this domain for operation to
proceed normally. This variable only applies to NFS Version 4.
See
Setting nfsmapid_domain below for further details.
max_connections=
num Sets the maximum number of concurrent, connection-oriented
connections. The default is -1 (unlimited). Equivalent to the
-c option in
nfsd.
listen_backlog=
num Set connection queue length for the NFS over a connection-oriented
transport. The default value is 32, meaning 32 entries in the
queue. Equivalent to the
-l option in
nfsd.
protocol=[
all|
protocol]
Start
nfsd over the specified protocol only. Equivalent to the
-p option in
nfsd.
all is equivalent to
-a on the
nfsd command line.
Mutually exclusive of
device. For the UDP protocol, only version 2
and version 3 service is established. NFS Version 4 is not
supported for the UDP protocol.
device=[
devname]
Start NFS daemon for the transport specified by the given device
only. Equivalent to the
-t option in
nfsd. Mutually exclusive of
protocol.
servers=
num Maximum number of concurrent NFS requests. Equivalent to last
numeric argument on the
nfsd command line. The default is 1024.
lockd_listen_backlog=
num Set connection queue length for
lockd over a connection-oriented
transport. The default and minimum value is 32.
lockd_servers=
num Maximum number of concurrent
lockd requests. The default is 256.
lockd_retransmit_timeout=
num Retransmit timeout, in seconds, before
lockd retries. The default
is 5.
grace_period=
num Grace period, in seconds, that all clients (both NLM and NFSv4)
have to reclaim locks after a server reboot. This parameter also
controls the NFSv4 lease interval. The default is 90.
mountd_listen_backlog=
num Set the connection queue length for
mountd over a connection-
oriented transport. The default value is 64.
mountd_max_threads=
num Maximum number of threads for
mountd. The default value is 16.
mountd_port=
num The IP port number on which
mountd should listen. The default
value is 0, which means it should use a default binding.
mountd_remote_dump=
boolean Should
mountd respond to remote
MOUNTPROC_DUMP queries to read the
list of remote mounts. The default value is false, which means
only queries from local host will be allowed.
statd_port=
num The IP port number on which
statd should listen. The default value
is 0, which means it should use a default binding.
Setting nfsmapid_domain As described above, the setting for
nfsmapid_domain overrides the domain
used by
nfsmapid(8) for building and comparing outbound and inbound
attribute strings, respectively. This setting overrides any other
mechanism for setting the NFSv4 domain. In the absence of a
nfsmapid_domain setting, the
nfsmapid(8) daemon determines the NFSv4 domain
as follows:
+o If a properly configured
/etc/resolv.conf (see
resolv.conf(5)) exists,
nfsmapid queries specified nameserver(s) for the domain.
+o If a properly configured
/etc/resolv.conf (see
resolv.conf(5)) exists,
but the queried nameserver does not have a proper record of the domain
name,
nfsmapid attempts to obtain the domain name through the BIND
interface (see
resolver(3RESOLV)).
+o If no
/etc/resolv.conf exists,
nfsmapid falls back on using the
configured domain name (see
domainname(8)), which is returned with the
leading domain suffix removed. For example, for
widgets.sales.example.com, sales.example.com is returned.
+o If
/etc/resolv.conf does not exist, no domain name has been configured
(or no
/etc/defaultdomain exists),
nfsmapid falls back on obtaining the
domain name from the host name, if the host name contains a fully
qualified domain name (FQDN).
If a domainname is still not obtained following all of the preceding steps,
nfsmapid will have no domain configured. This results in the following
behavior:
+o Outbound "owner" and "owner_group" attribute strings are encoded as
literal id's. For example, the UID 12345 is encoded as 12345.
+o nfsmapid ignores the "domain" portion of the inbound attribute string
and performs name service lookups only for the user or group. If the
user/group exists in the local system name service databases, then the
proper uid/gid will be mapped even when no domain has been configured.
This behavior implies that the same administrative user/group domain
exists between NFSv4 client and server (that is, the same uid/gid's for
users/groups on both client and server). In the case of overlapping id
spaces, the inbound attribute string could potentially be mapped to the
wrong id. However, this is not functionally different from mapping the
inbound string to
nobody, yet provides greater flexibility.
ZONES
NFS can be served out of a non-global zone. All of the above documentation
applies to an in-zone NFS server. File sharing in zones is restricted to
filesystems a zone completely controls. Some zone brands (see
brands(7))
do not give the zone's root its own filesystem, for example. Delegated ZFS
datasets to a zone are shareable, as well as lofs-remounted directories.
The zone must have sys_nfs privileges; most brands grant this already.
SEE ALSO
brands(7),
smf(7),
zones(7),
lockd(8),
mount_nfs(8),
mountd(8),
nfsd(8),
nfsmapid(8),
sharectl(8)illumos September 15, 2022 illumos