1# Allow everything but "meta".
2*			/	rw,alldirs,maproot=0:0
3
4# Allow "meta".
5*			.	rw
6
7# Line format:
8#  [ip range] [path] [options]
9# ip range:
10#  * = any ip (same as 0.0.0.0/0)
11#  A.B.C.D = single ip address
12#  A.B.C.D-E.F.G.H = range of ip addresses
13#  A.B.C.D/XX = A.B.C.D network with XX bits netmask
14#  A.B.C.D/E.F.G.H = A.B.C.D network with E.F.G.H netmask
15# path:
16#  . = special 'path' that means 'meta'
17#  /... = path in mfs structure
18# options:
19#  ro/rw/readonly/readwrite = meaning is obvious
20#  alldirs = any subdirectory can be mounted as root
21#  dynamicip = ip is tested only during first authentication, then client can use the same session id from any ip
22#  ignoregid = group id (gid) is not tested - important when you want to use auxiliary groups
23#  admin = administrative privileges - currently: manipulating quota values is allowed
24#  maproot=UID[:GID] = treat all root (uid zero) operations as operations done by user with uid equal to UID and gid equal to GID (or default gid of this user if GID not specified)
25#  mapall=UID[:GID} = like above but for all operations (for both options UID and/or GID can be specified as username or groupname existing on master machine)
26#  password=TEXT = force authentication using given password
27#  md5pass=MD5 = like above, but with password defined as it's MD5 hash (MD5 specified as 128-bit hexadecimal number)
28#  minversion=VER = allow only clients with version number equal or greater than VER (VER can be specified as X or X.Y or X.Y.Z)
29#  mingoal=N = do not allow to set goal below N (N should be a digit from '1' to '9')
30#  maxgoal=N = do not allow to set goal above N (N as above)
31#  mintrashtime=TIMEDURATION = do not allow to set trashtime below TIMEDURATION (TIMEDURATION can be specified as number of seconds or combination of elements #W,#D,#H,#M,#S in set order)
32#  maxtrashtime=TIMEDURATION = do not allow to set trashtime above TIMEDURATION (TIMEDURATION can be specified as above)
33#
34# Defaults:
35#  readonly,maproot=999:999,mingoal=1,maxgoal=9,mintrashtime=0,maxtrashtime=4294967295
36#
37# TIMEDURATION examples:
38#  2H = 2 hours
39#  4h30M = 4 hours and 30 minutes (time units are case insensitive)
40#  12w = 12 weeks
41#  86400 = 86400 seconds = 1 day
42#  11d13h46m40s = 1000000 seconds (defined in a bit strage way as 11 days, 13 hours, 46 minutes and 40 seconds)
43#  48H = 48 hours = 2 days (it is allowed to use any positive number with any time unit as long as calculated number of seconds do not exceed 4294967295)
44#  30m12h = wrong definition (minutes before hours)
45#  30m12 = wrong definition (12 without unit definition - only a single number is allowed without unit definition, which then defaults to seconds)
46#  50000d = wrong definition (calculated number of seconds is 4320000000, which is greater than 4294967295)
47
48# Some examples:
49
50#  Users from any IP can mount root directory as a read-only file system. Local roots are mapped as users with uid:gid = 999:999.
51#*			/	ro
52
53#  Users from IP 192.168.1.0-192.168.1.255 can mount root directory as a standard read/write file system. Local roots are mapped as users with uid:gid = 999:999.
54#192.168.1.0/24		/	rw
55
56#  Users from IP 192.168.1.0-192.168.1.255 when give password 'passcode' can mount any subdirectory as a standard read/write file system. Local roots are left unmapped.
57#192.168.1.0/24		/	rw,alldirs,maproot=0,password=passcode
58
59#  Users from IP 10.0.0.0-10.0.0.5 when give password 'test' can mount 'test' subdirectory as a standard read/write file system. Local roots are mapped as 'nobody' users (usually uid=65534).
60#10.0.0.0-10.0.0.5	/test	rw,maproot=nobody,password=test
61
62#  Users from IP 10.1.0.0-10.1.255.255 can mount 'public' subdirectory as a standard read/write file system. All users are mapped as users with uid:gid = 1000:1000.
63#10.1.0.0/255.255.0.0	/public	rw,mapall=1000:1000
64
65#  Users from IP 10.2.0.0-10.2.255.255 can mount everything, but can't decrease trash time below 2 hours and 30 minutes nor increse it above 2 weeks
66#10.2.0.0/16		/	rw,alldirs,maproot=0,mintrashtime=2h30m,maxtrashtime=2w
67