1.\" 2.\" The contents of this file are subject to the terms of the 3.\" Common Development and Distribution License (the "License"). 4.\" You may not use this file except in compliance with the License. 5.\" 6.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 7.\" or http://www.opensolaris.org/os/licensing. 8.\" See the License for the specific language governing permissions 9.\" and limitations under the License. 10.\" 11.\" When distributing Covered Code, include this CDDL HEADER in each 12.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE. 13.\" If applicable, add the following below this CDDL HEADER, with the 14.\" fields enclosed by brackets "[]" replaced with your own identifying 15.\" information: Portions Copyright [yyyy] [name of copyright owner] 16.\" 17.\" 18.\" Copyright 1989 AT&T 19.\" Copyright (c) 2004, Sun Microsystems, Inc. All Rights Reserved. 20.\" Copyright 2016 Nexenta Systems, Inc. 21.\" Copyright 2020 Joyent, Inc. 22.\" Copyright 2022-2024 RackTop Systems. 23.\" 24.Dd March 23, 2024 25.Dt NFS 5 26.Os 27.Sh NAME 28.Nm nfs 29.Nd NFS configuration properties 30.Sh DESCRIPTION 31The behavior of the 32.Xr nfsd 8 , 33.Xr nfsmapid 8 , 34.Xr lockd 8 , 35and 36.Xr mountd 8 37daemons and 38.Xr mount_nfs 8 39command is controlled by property values that are stored in the Service 40Management Facility, smf(7). 41The 42.Xr sharectl 8 43command should be used to query or change values for these properties. 44.Pp 45Changes made to 46.Nm 47property values on the 48.Nm nfsd , 49.Nm lockd , 50.Nm mountd , 51or 52.Nm mount_nfs 53command line override the values set using 54.Xr sharectl 8 . 55.Pp 56The following list describes the properties: 57.Bl -tag -width Ds 58.It Xo 59.Sy client_versmin Ns = Ns Ar num 60.br 61.Sy client_versmax Ns = Ns Ar num 62.Xc 63The NFS client only uses NFS versions in the range specified by these 64properties. 65Valid values of versions are: 2, 3, and 4. 66Default minimum version is 67.Li 2 , 68while default maximum is 69.Li 4 . 70.Pp 71You can override this range on a per-mount basis by using the 72.Fl o Sy vers Ns = 73option to 74.Xr mount_nfs 8 . 75.It Xo 76.Sy server_versmin Ns = Ns Ar num 77.br 78.Sy server_versmax Ns = Ns Ar num 79.Xc 80The NFS server only uses NFS versions in the range specified by these 81properties. 82Valid values of versions are: 2, 3, 4, 4.0, 4.1 and 4.2. 83Version 4 is an alias for 4.0. 84Default minimum version is 85.Li 2 , 86while the default maximum version is 87.Li 4 . 88.It Sy server_delegation Ns = Ns Sy on Ns | Ns Sy off 89By default the NFS server provides delegations to clients. 90The user can turn off delegations for all exported filesystems by setting this 91variable to 92.Li off . 93This variable only applies to NFS Version 4. 94.It Sy nfsmapid_domain Ns = Ns Op Ar string 95By default, the 96.Nm nfsmapid 97uses the DNS domain of the system. 98This setting overrides the default. 99This domain is used for identifying user and group attribute strings in the NFS 100Version 4 protocol. 101Clients and servers must match with this domain for operation to proceed 102normally. 103This variable only applies to NFS Version 4. 104See 105.Sx Setting nfsmapid_domain 106below for further details. 107.It Sy max_connections Ns = Ns Ar num 108Sets the maximum number of concurrent, connection-oriented connections. 109The default is 110.Li -1 111.Pq unlimited . 112Equivalent to the 113.Fl c 114option in 115.Nm nfsd . 116.It Sy listen_backlog Ns = Ns Ar num 117Set connection queue length for the NFS over a connection-oriented transport. 118The default value is 119.Li 32 , 120meaning 32 entries in the queue. 121Equivalent to the 122.Fl l 123option in 124.Nm nfsd . 125.It Sy protocol Ns = Ns Op Sy all Ns | Ns Ar protocol 126Start 127.Nm nfsd 128over the specified protocol only. 129Equivalent to the 130.Fl p 131option in 132.Nm nfsd . 133.Sy all 134is equivalent to 135.Fl a 136on the 137.Nm nfsd 138command line. 139Mutually exclusive of 140.Sy device . 141For the UDP protocol, only version 2 and version 3 service is established. 142NFS Version 4 is not supported for the UDP protocol. 143.It Sy device Ns = Ns Op Ar devname 144Start NFS daemon for the transport specified by the given device only. 145Equivalent to the 146.Fl t 147option in 148.Nm nfsd . 149Mutually exclusive of 150.Sy protocol . 151.It Sy servers Ns = Ns Ar num 152Maximum number of concurrent NFS requests. 153Equivalent to last numeric argument on the 154.Nm nfsd 155command line. 156The default is 157.Li 1024 . 158.It Sy lockd_listen_backlog Ns = Ns Ar num 159Set connection queue length for 160.Nm lockd 161over a connection-oriented transport. 162The default and minimum value is 163.Li 32 . 164.It Sy lockd_servers Ns = Ns Ar num 165Maximum number of concurrent 166.Nm lockd 167requests. 168The default is 256. 169.It Sy lockd_retransmit_timeout Ns = Ns Ar num 170Retransmit timeout, in seconds, before 171.Nm lockd 172retries. 173The default is 174.Li 5 . 175.It Sy grace_period Ns = Ns Ar num 176Grace period, in seconds, that all clients 177.Pq both NLM and NFSv4 178have to reclaim locks after a server reboot. 179This parameter also controls the NFSv4 lease interval. 180The default is 181.Li 90 . 182.It Sy mountd_listen_backlog Ns = Ns Ar num 183Set the connection queue length for 184.Nm mountd 185over a connection-oriented transport. 186The default value is 187.Li 64 . 188.It Sy mountd_max_threads Ns = Ns Ar num 189Maximum number of threads for 190.Nm mountd . 191The default value is 192.Li 16 . 193.It Sy mountd_port Ns = Ns Ar num 194The IP port number on which 195.Nm mountd 196should listen. 197The default value is 198.Li 0 , 199which means it should use a default binding. 200.It Sy mountd_remote_dump Ns = Ns Ar boolean 201Should 202.Nm mountd 203respond to remote 204.Sy MOUNTPROC_DUMP 205queries to read the list of remote mounts. 206The default value is 207.Li false , 208which means only queries from local host will be allowed. 209.It Sy statd_port Ns = Ns Ar num 210The IP port number on which 211.Nm statd 212should listen. 213The default value is 214.Li 0 , 215which means it should use a default binding. 216.El 217.Ss Setting nfsmapid_domain 218As described above, the setting for 219.Sy nfsmapid_domain 220overrides the domain used by 221.Xr nfsmapid 8 222for building and comparing outbound and inbound attribute strings, respectively. 223This setting overrides any other mechanism for setting the NFSv4 domain. 224In the absence of a 225.Sy nfsmapid_domain 226setting, the 227.Xr nfsmapid 8 228daemon determines the NFSv4 domain as follows: 229.Bl -bullet 230.It 231If a properly configured 232.Pa /etc/resolv.conf 233.Po see 234.Xr resolv.conf 5 235.Pc 236exists, 237.Nm nfsmapid 238queries specified nameserver(s) for the domain. 239.It 240If a properly configured 241.Pa /etc/resolv.conf 242.Po see 243.Xr resolv.conf 5 244.Pc 245exists, but the queried nameserver does not have a proper record of the domain 246name, 247.Nm nfsmapid 248attempts to obtain the domain name through the BIND interface 249.Po see 250.Xr resolver 3RESOLV 251.Pc . 252.It 253If no 254.Pa /etc/resolv.conf 255exists, 256.Nm nfsmapid 257falls back on using the configured domain name 258.Po see 259.Xr domainname 8 260.Pc , 261which is returned with the leading domain suffix removed. 262For example, for 263.Li widgets.sales.example.com , 264.Li sales.example.com 265is returned. 266.It 267If 268.Pa /etc/resolv.conf 269does not exist, no domain name has been configured 270.Po or no 271.Pa /etc/defaultdomain 272exists 273.Pc , 274.Nm nfsmapid 275falls back on obtaining the domain name from the host name, if the host name 276contains a fully qualified domain name 277.Pq FQDN . 278.El 279.Pp 280If a domainname is still not obtained following all of the preceding steps, 281.Nm nfsmapid 282will have no domain configured. 283This results in the following behavior: 284.Bl -bullet 285.It 286Outbound 287.Qq owner 288and 289.Qq owner_group 290attribute strings are encoded as literal id's. 291For example, the UID 12345 is encoded as 292.Li 12345 . 293.It 294.Nm nfsmapid 295ignores the 296.Qq domain 297portion of the inbound attribute string and performs name service lookups only 298for the user or group. 299If the user/group exists in the local system name service databases, then the 300proper uid/gid will be mapped even when no domain has been configured. 301.Pp 302This behavior implies that the same administrative user/group domain exists 303between NFSv4 client and server (that is, the same uid/gid's for users/groups 304on both client and server). 305In the case of overlapping id spaces, the inbound attribute string could 306potentially be mapped to the wrong id. 307However, this is not functionally different from mapping the inbound string to 308.Sy nobody , 309yet provides greater flexibility. 310.El 311.Sh ZONES 312NFS can be served out of a non-global zone. 313All of the above documentation applies to an in-zone NFS server. 314File sharing in zones is restricted to filesystems a zone completely controls. 315Some zone brands (see 316.Xr brands 7 ) 317do not give the zone's root its own filesystem, for example. 318Delegated ZFS datasets to a zone are shareable, as well as lofs-remounted 319directories. 320The zone must have sys_nfs privileges; most brands grant this already. 321.Sh SEE ALSO 322.Xr brands 7 , 323.Xr smf 7 , 324.Xr zones 7 , 325.Xr lockd 8 , 326.Xr mount_nfs 8 , 327.Xr mountd 8 , 328.Xr nfsd 8 , 329.Xr nfsmapid 8 , 330.Xr sharectl 8 331