1 .TH MOUNTD 8 "11 August 1997"
3 mountd \- NFS mount daemon
6 .B /usr/sbin/rpc.mountd
7 .B "[\ \-f\ exports-file\ ]"
8 .B "[\ \-d\ facility\ ]"
11 .B "[\ \-\-debug\ facility ]"
12 .B "[\ \-\-exports\-file=file\ ]"
14 .B "[\ \-\-allow\-non\-root\ ]"
15 .B "[\ \-\-re\-export\ ]"
16 .B "[\ \-\-no\-spoof\-trace\ ]"
17 .B "[\ \-\-version\ ]"
22 program is an NFS mount daemon. When receiving a MOUNT request from an
23 NFS client, it checks the request against the list of exported file
26 If the client is permitted to mount the file system,
28 creates a file handle for the requested directory, and adds an entry
30 Upon receipt of an UMOUNT request, it removes the client's entry from
32 Note, however, that a client may still be able to use the file handle
33 after the UMOUNT request (for instance, if the client mounts the same
34 remote file system on two different mount points). Similarly, if a client
35 reboots without notifying
37 a stale entry will remain in
39 .SS Running from inetd
43 rather than at system boot time by adding the following two lines to
48 mount/1-2 dgram rpc/udp wait root /usr/sbin/rpc.mountd rpc.mountd
49 mount/1-2 stream rpc/tcp wait root /usr/sbin/rpc.mountd rpc.mountd
55 will terminate after a certain period of inactivity.
58 .BR \-f " or " \-\-exports\-file
59 This option specifies the exports file, listing the clients that this server
60 is prepared to serve and parameters to apply to each such mount (see
62 By default exports are read from
65 .BR \-d " or " \-\-debug
66 Log each transaction verbosely to standard error. Valid log facilities
69 for the logging of all calls,
71 for client authentication,
73 for operations of the file handle cache, and
77 By default, log output is sent to
78 syslogd unless the daemon runs in the foreground.
80 .BR \-F " or " \-\-foreground
81 Unlike normal in operation,
83 will not detach from the terminal when given this option. When debugging is
84 requested, it will be sent to standard error.
86 .BR \-h " or " \-\-help
87 Provide a short help summary.
89 .BR \-n " or " \-\-allow\-non\-root
90 Allow incoming mount requests to be honored even if they do not
91 originate from reserved IP ports. Some older NFS client implementations
92 require this. Some newer NFS client implementations don't believe
93 in reserved port checking.
95 .BR "\-P portnum" " or " "\-\-port portnum"
100 instead of some random port. By default,
102 will listen on the mount/udp port specified in
104 or, if that is undefined, on some arbitrary port number below 1024.
106 .BR \-p " or " \-\-promiscuous
107 Put the server into promiscuous mode where it will serve any host
110 .BR \-r " or " \-\-re\-export
111 Allow imported NFS or SMB file-systems to be exported. This can be used to
112 turn a machine into an NFS/SMB multiplier. Caution should be used when
113 re-exporting loopback mounts because re-entering the mount point
114 will result in deadlock between the client file system code and the server.
116 .BR \-t " or " \-\-no\-spoof\-trace
119 logs every access by unauthorized clients. This option turns off logging
120 of such spoof attempts for all hosts listed explicitly in the
124 .BR \-v " or " \-\-version
125 Report the current version number of the program.
127 For enhanced security, access to
129 can be limited via the TCP wrapper library that's part of Wietse
130 Venema's tcp_wrappers package. Support for this option must be selected
131 at compile time. In order to restrict access to all hosts on
132 your local network (say 192.168.1.0), you would add the following
139 .I "rpc.mountd : 192.168.1. : allow
140 .I "rpc.mountd : ALL : deny
144 This example assumes your TCP wrapper library was compiled with
145 options support (which I highly recommend). If it has been compiled
146 without options support, you need to add the following two lines
148 .I /etc/hosts.allow " and " /etc/hosts.deny,
154 .I "rpc.mountd : 192.168.1
159 When changing this information, you must restart
161 for these changes to take effect, either by killing and restarting, or
162 by sending it the HUP signal.
166 is inaccurate more often than not.
168 When receiving a SIGHUP,
172 file and any access restrictions defined in the
173 .I /etc/hosts.allow and /etc/hosts.deny
174 file. Note that to make export changes take effect, you have to send
182 exports(5), nfsd(8), ugidd(8C), showmount(8).