X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/9bccf70c0258c7cac2dcb80011b2a964d884c552..593a1d5fd87cdf5b46dd5fcb84467b432cea0f91:/bsd/man/man2/nfssvc.2?ds=inline diff --git a/bsd/man/man2/nfssvc.2 b/bsd/man/man2/nfssvc.2 index 297472162..3670146e0 100644 --- a/bsd/man/man2/nfssvc.2 +++ b/bsd/man/man2/nfssvc.2 @@ -1,3 +1,25 @@ +.\" +.\" Copyright (c) 1999-2007 Apple Inc. All rights reserved. +.\" +.\" @APPLE_LICENSE_HEADER_START@ +.\" +.\" This file contains Original Code and/or Modifications of Original Code +.\" as defined in and that are subject to the Apple Public Source License +.\" Version 2.0 (the 'License'). You may not use this file except in +.\" compliance with the License. Please obtain a copy of the License at +.\" http://www.opensource.apple.com/apsl/ and read it before using this +.\" file. +.\" +.\" The Original Code and all software distributed under the License are +.\" distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER +.\" EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, +.\" INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, +.\" FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. +.\" Please see the License for the specific language governing rights and +.\" limitations under the License. +.\" +.\" @APPLE_LICENSE_HEADER_END@ +.\" .\" $NetBSD: nfssvc.2,v 1.6 1995/02/27 12:35:08 cgd Exp $ .\" .\" Copyright (c) 1989, 1991, 1993 @@ -33,7 +55,7 @@ .\" .\" @(#)nfssvc.2 8.1 (Berkeley) 6/9/93 .\" -.Dd June 9, 1993 +.Dd January 9, 2007 .Dt NFSSVC 2 .Os .Sh NAME @@ -47,139 +69,27 @@ .Sh DESCRIPTION The .Fn nfssvc -function is used by the NFS daemons to pass information into and out +function is used by the NFS server daemon to pass information into and out of the kernel and also to enter the kernel as a server daemon. The .Fa flags argument consists of several bits that show what action is to be taken once in the kernel and the .Fa argstructp -points to one of three structures depending on which bits are set in -flags. -.Pp -On the client side, -.Xr nfsiod 8 -calls -.Fn nfssvc -with the -.Fa flags -argument set to -.Dv NFSSVC_BIOD -and -.Fa argstructp -set to -.Dv NULL -to enter the kernel as a block I/O server daemon. -For -.Nm NQNFS , -.Xr mount_nfs 8 -calls -.Fn nfssvc -with the -.Dv NFSSVC_MNTD -flag, optionally or'd with the flags -.Dv NFSSVC_GOTAUTH -and -.Dv NFSSVC_AUTHINFAIL -along with a pointer to a -.Bd -literal -struct nfsd_cargs { - char *ncd_dirp; /* Mount dir path */ - uid_t ncd_authuid; /* Effective uid */ - int ncd_authtype; /* Type of authenticator */ - int ncd_authlen; /* Length of authenticator string */ - char *ncd_authstr; /* Authenticator string */ -}; -.Ed -.sp -structure. -The initial call has only the -.Dv NFSSVC_MNTD -flag set to specify service for the mount point. -If the mount point is using Kerberos, then the -.Xr mount_nfs 8 -daemon will return from -.Fn nfssvc -with errno == ENEEDAUTH whenever the client side requires an ``rcmd'' -authentication ticket for the user. -.Xr Mount_nfs 8 -will attempt to get the Kerberos ticket, and if successful will call -.Fn nfssvc -with the flags -.Dv NFSSVC_MNTD -and -.Dv NFSSVC_GOTAUTH -after filling the ticket into the -ncd_authstr field -and -setting the ncd_authlen and ncd_authtype -fields of the nfsd_cargs structure. -If -.Xr mount_nfs 8 -failed to get the ticket, -.Fn nfssvc -will be called with the flags -.Dv NFSSVC_MNTD , -.Dv NFSSVC_GOTAUTH -and -.Dv NFSSVC_AUTHINFAIL -to denote a failed authentication attempt. +points to any corresponding data that the action may require. .Pp -On the server side, .Fn nfssvc is called with the flag .Dv NFSSVC_NFSD -and a pointer to a -.Bd -literal -struct nfsd_srvargs { - struct nfsd *nsd_nfsd; /* Pointer to in kernel nfsd struct */ - uid_t nsd_uid; /* Effective uid mapped to cred */ - u_long nsd_haddr; /* Ip address of client */ - struct ucred nsd_cr; /* Cred. uid maps to */ - int nsd_authlen; /* Length of auth string (ret) */ - char *nsd_authstr; /* Auth string (ret) */ -}; -.Ed -.sp +and a NULL +.Fa argstructp to enter the kernel as an .Xr nfsd 8 -daemon. -Whenever an -.Xr nfsd 8 -daemon receives a Kerberos authentication ticket, it will return from -.Fn nfssvc -with errno == ENEEDAUTH. -The -.Xr nfsd 8 -will attempt to authenticate the ticket and generate a set of credentials -on the server for the ``user id'' specified in the field nsd_uid. -This is done by first authenticating the Kerberos ticket and then mapping -the Kerberos principal to a local name and getting a set of credentials for -that user via. -.Xr getpwnam 3 -and -.Xr getgrouplist 3 . -If successful, the -.Xr nfsd 8 -will call -.Fn nfssvc -with the -.Dv NFSSVC_NFSD -and -.Dv NFSSVC_AUTHIN -flags set to pass the credential mapping in nsd_cr into the -kernel to be cached on the server socket for that client. -If the authentication failed, -.Xr nfsd 8 -calls -.Fn nfssvc -with the flags +daemon. The .Dv NFSSVC_NFSD -and -.Dv NFSSVC_AUTHINFAIL -to denote an authentication failure. +action normally does not return until the NFS server is stopped. .Pp -The master +The .Xr nfsd 8 server daemon calls .Fn nfssvc @@ -199,27 +109,53 @@ to pass a server side socket into the kernel for servicing by the .Xr nfsd 8 daemons. +.Pp +The +.Xr nfsd 8 +server daemon calls +.Fn nfssvc +with the flag +.Dv NFSSVC_EXPORT +and a pointer to a +.Bd -literal +struct nfs_export_args { + uint32_t nxa_fsid; /* export FS ID */ + uint32_t nxa_expid; /* export ID */ + char *nxa_fspath; /* export FS path */ + char *nxa_exppath; /* export sub-path */ + uint32_t nxa_flags; /* export arg flags */ + uint32_t nxa_netcount; /* #entries in ex_nets array */ + struct nfs_export_net_args *nxa_nets; /* array of net args */ +}; +.Ed +.sp +to pass exported file system information into the kernel. .Sh RETURN VALUES -Normally -.Nm nfssvc -does not return unless the server -is terminated by a signal when a value of 0 is returned. -Otherwise, -1 is returned and the global variable +Upon successful completion, a value of 0 is returned. Otherwise, -1 is +returned the global variable .Va errno is set to specify the error. +.Pp .Sh ERRORS .Bl -tag -width Er -.It Bq Er ENEEDAUTH -This special error value -is really used for authentication support, particularly Kerberos, -as explained above. .It Bq Er EPERM The caller is not the super-user. +.It Bq Er EINVAL +The action specified by the +.Fa flags +argument was not valid. +.It Bq EFAULT +.Fa argstructp +points to an invalid address. +.It Bq ENOMEM +A memory allocation failure prevented the action from completing. +.It Bq EEXIST +An attempt was made to add a UDP socket via the +.Dv NFSSVC_ADDSOCK +action, but the UDP socket has already been added. .El .Sh SEE ALSO -.Xr nfsd 8 , -.Xr mount_nfs 8 , -.Xr nfsiod 8 +.Xr nfsd 8 .Sh HISTORY The .Nm nfssvc @@ -229,12 +165,7 @@ The .Nm nfssvc system call is designed specifically for the .Tn NFS -support daemons and as such is specific to their requirements. -It should really return values to indicate the need for authentication -support, since -.Dv ENEEDAUTH -is not really an error. -Several fields of the argument structures are assumed to be valid and -sometimes to be unchanged from a previous call, such that +server daemons and as such is specific to their requirements. Several +fields of the argument structures are assumed to be valid, such that .Nm nfssvc must be used with extreme care.