xnu-1228.9.59.tar.gz

[apple/xnu.git] / bsd / man / man2 / nfssvc.2

diff --git a/bsd/man/man2/nfssvc.2 b/bsd/man/man2/nfssvc.2
index 297472162c1a416a764a4bbbc506772c958dd320..3670146e00be8928fbdbfb9a042da8a30c557753 100644 (file)
--- a/bsd/man/man2/nfssvc.2
+++ b/bsd/man/man2/nfssvc.2
@@ -1,3 +1,25 @@
+.\"
+.\" Copyright (c) 1999-2007 Apple Inc.  All rights reserved.
+.\"
+.\" @APPLE_LICENSE_HEADER_START@
+.\" 
+.\" This file contains Original Code and/or Modifications of Original Code
+.\" as defined in and that are subject to the Apple Public Source License
+.\" Version 2.0 (the 'License'). You may not use this file except in
+.\" compliance with the License. Please obtain a copy of the License at
+.\" http://www.opensource.apple.com/apsl/ and read it before using this
+.\" file.
+.\" 
+.\" The Original Code and all software distributed under the License are
+.\" distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+.\" EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+.\" INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+.\" FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+.\" Please see the License for the specific language governing rights and
+.\" limitations under the License.
+.\" 
+.\" @APPLE_LICENSE_HEADER_END@
+.\"

 .\"    $NetBSD: nfssvc.2,v 1.6 1995/02/27 12:35:08 cgd Exp $
 .\"
 .\" Copyright (c) 1989, 1991, 1993
 .\"    $NetBSD: nfssvc.2,v 1.6 1995/02/27 12:35:08 cgd Exp $
 .\"
 .\" Copyright (c) 1989, 1991, 1993


@@ -33,7 +55,7 @@
 .\"
 .\"    @(#)nfssvc.2    8.1 (Berkeley) 6/9/93
 .\"
 .\"
 .\"    @(#)nfssvc.2    8.1 (Berkeley) 6/9/93
 .\"

-.Dd June 9, 1993
+.Dd January 9, 2007

 .Dt NFSSVC 2
 .Os
 .Sh NAME
 .Dt NFSSVC 2
 .Os
 .Sh NAME


@@ -47,139 +69,27 @@
 .Sh DESCRIPTION
 The
 .Fn nfssvc
 .Sh DESCRIPTION
 The
 .Fn nfssvc

-function is used by the NFS daemons to pass information into and out
+function is used by the NFS server daemon to pass information into and out

 of the kernel and also to enter the kernel as a server daemon.
 The
 .Fa flags
 argument consists of several bits that show what action is to be taken
 once in the kernel and the
 .Fa argstructp
 of the kernel and also to enter the kernel as a server daemon.
 The
 .Fa flags
 argument consists of several bits that show what action is to be taken
 once in the kernel and the
 .Fa argstructp

-points to one of three structures depending on which bits are set in
-flags.
-.Pp
-On the client side,
-.Xr nfsiod 8
-calls
-.Fn nfssvc
-with the
-.Fa flags
-argument set to
-.Dv NFSSVC_BIOD
-and
-.Fa argstructp
-set to
-.Dv NULL
-to enter the kernel as a block I/O server daemon.
-For
-.Nm NQNFS ,
-.Xr mount_nfs 8
-calls
-.Fn nfssvc
-with the
-.Dv NFSSVC_MNTD
-flag, optionally or'd with the flags
-.Dv NFSSVC_GOTAUTH
-and
-.Dv NFSSVC_AUTHINFAIL
-along with a pointer to a
-.Bd -literal
-struct nfsd_cargs {
-       char            *ncd_dirp;      /* Mount dir path */
-       uid_t           ncd_authuid;    /* Effective uid */
-       int             ncd_authtype;   /* Type of authenticator */
-       int             ncd_authlen;    /* Length of authenticator string */
-       char            *ncd_authstr;   /* Authenticator string */
-};
-.Ed
-.sp
-structure.
-The initial call has only the
-.Dv NFSSVC_MNTD
-flag set to specify service for the mount point.
-If the mount point is using Kerberos, then the
-.Xr mount_nfs 8
-daemon will return from
-.Fn nfssvc
-with errno == ENEEDAUTH whenever the client side requires an ``rcmd''
-authentication ticket for the user.
-.Xr Mount_nfs 8
-will attempt to get the Kerberos ticket, and if successful will call
-.Fn nfssvc
-with the flags
-.Dv NFSSVC_MNTD
-and
-.Dv NFSSVC_GOTAUTH
-after filling the ticket into the 
-ncd_authstr field
-and
-setting the ncd_authlen and ncd_authtype
-fields of the nfsd_cargs structure.
-If
-.Xr mount_nfs 8
-failed to get the ticket,
-.Fn nfssvc
-will be called with the flags
-.Dv NFSSVC_MNTD ,
-.Dv NFSSVC_GOTAUTH
-and
-.Dv NFSSVC_AUTHINFAIL
-to denote a failed authentication attempt.
+points to any corresponding data that the action may require.

 .Pp
 .Pp

-On the server side,

 .Fn nfssvc
 is called with the flag
 .Dv NFSSVC_NFSD
 .Fn nfssvc
 is called with the flag
 .Dv NFSSVC_NFSD

-and a pointer to a
-.Bd -literal
-struct nfsd_srvargs {
-       struct nfsd     *nsd_nfsd;      /* Pointer to in kernel nfsd struct */
-       uid_t           nsd_uid;        /* Effective uid mapped to cred */
-       u_long          nsd_haddr;      /* Ip address of client */
-       struct ucred    nsd_cr;         /* Cred. uid maps to */
-       int             nsd_authlen;    /* Length of auth string (ret) */
-       char            *nsd_authstr;   /* Auth string (ret) */
-};
-.Ed
-.sp
+and a NULL
+.Fa argstructp

 to enter the kernel as an
 .Xr nfsd 8
 to enter the kernel as an
 .Xr nfsd 8

-daemon.
-Whenever an
-.Xr nfsd 8
-daemon receives a Kerberos authentication ticket, it will return from
-.Fn nfssvc
-with errno == ENEEDAUTH.
-The
-.Xr nfsd 8
-will attempt to authenticate the ticket and generate a set of credentials
-on the server for the ``user id'' specified in the field nsd_uid.
-This is done by first authenticating the Kerberos ticket and then mapping
-the Kerberos principal to a local name and getting a set of credentials for
-that user via.
-.Xr getpwnam 3
-and
-.Xr getgrouplist 3 .
-If successful, the
-.Xr nfsd 8
-will call
-.Fn nfssvc
-with the
-.Dv NFSSVC_NFSD
-and
-.Dv NFSSVC_AUTHIN
-flags set to pass the credential mapping in nsd_cr into the
-kernel to be cached on the server socket for that client.
-If the authentication failed,
-.Xr nfsd 8
-calls
-.Fn nfssvc
-with the flags
+daemon.  The

 .Dv NFSSVC_NFSD
 .Dv NFSSVC_NFSD

-and
-.Dv NFSSVC_AUTHINFAIL
-to denote an authentication failure.
+action normally does not return until the NFS server is stopped.

 .Pp
 .Pp

-The master
+The

 .Xr nfsd 8
 server daemon calls
 .Fn nfssvc
 .Xr nfsd 8
 server daemon calls
 .Fn nfssvc


@@ -199,27 +109,53 @@ to pass a server side
 socket into the kernel for servicing by the
 .Xr nfsd 8
 daemons.
 socket into the kernel for servicing by the
 .Xr nfsd 8
 daemons.

+.Pp
+The
+.Xr nfsd 8
+server daemon calls
+.Fn nfssvc
+with the flag
+.Dv NFSSVC_EXPORT
+and a pointer to a
+.Bd -literal
+struct nfs_export_args {
+       uint32_t                nxa_fsid;       /* export FS ID */
+       uint32_t                nxa_expid;      /* export ID */
+       char                    *nxa_fspath;    /* export FS path */
+       char                    *nxa_exppath;   /* export sub-path */
+       uint32_t                nxa_flags;      /* export arg flags */
+       uint32_t                nxa_netcount;   /* #entries in ex_nets array */
+       struct nfs_export_net_args *nxa_nets;   /* array of net args */
+};
+.Ed
+.sp
+to pass exported file system information into the kernel.

 .Sh RETURN VALUES
 .Sh RETURN VALUES

-Normally
-.Nm nfssvc
-does not return unless the server
-is terminated by a signal when a value of 0 is returned.
-Otherwise, -1 is returned and the global variable
+Upon successful completion, a value of 0 is returned.  Otherwise, -1 is
+returned the global variable

 .Va errno
 is set to specify the error.
 .Va errno
 is set to specify the error.

+.Pp

 .Sh ERRORS
 .Bl -tag -width Er
 .Sh ERRORS
 .Bl -tag -width Er

-.It Bq Er ENEEDAUTH
-This special error value
-is really used for authentication support, particularly Kerberos,
-as explained above.

 .It Bq Er EPERM
 The caller is not the super-user.
 .It Bq Er EPERM
 The caller is not the super-user.

+.It Bq Er EINVAL
+The action specified by the
+.Fa flags
+argument was not valid.
+.It Bq EFAULT
+.Fa argstructp
+points to an invalid address.
+.It Bq ENOMEM
+A memory allocation failure prevented the action from completing.
+.It Bq EEXIST
+An attempt was made to add a UDP socket via the
+.Dv NFSSVC_ADDSOCK
+action, but the UDP socket has already been added.

 .El
 .Sh SEE ALSO
 .El
 .Sh SEE ALSO

-.Xr nfsd 8 ,
-.Xr mount_nfs 8 ,
-.Xr nfsiod 8
+.Xr nfsd 8

 .Sh HISTORY
 The
 .Nm nfssvc
 .Sh HISTORY
 The
 .Nm nfssvc


@@ -229,12 +165,7 @@ The
 .Nm nfssvc
 system call is designed specifically for the
 .Tn NFS
 .Nm nfssvc
 system call is designed specifically for the
 .Tn NFS

-support daemons and as such is specific to their requirements.
-It should really return values to indicate the need for authentication
-support, since
-.Dv ENEEDAUTH
-is not really an error.
-Several fields of the argument structures are assumed to be valid and
-sometimes to be unchanged from a previous call, such that
+server daemons and as such is specific to their requirements.  Several
+fields of the argument structures are assumed to be valid, such that

 .Nm nfssvc
 must be used with extreme care.
 .Nm nfssvc
 must be used with extreme care.