1.\" Copyright (c) 1989, 1991 The Regents of the University of California. 2.\" All rights reserved. 3.\" 4.\" %sccs.include.redist.roff% 5.\" 6.\" @(#)exports.5 5.4 (Berkeley) 11/14/91 7.\" 8.Dd 9.Dt EXPORTS 5 10.Os 11.Sh NAME 12.Nm exports 13.Nd define remote mount points for 14.Tn NFS 15mount requests 16.Sh SYNOPSIS 17.Nm exports 18.Sh DESCRIPTION 19The 20.Nm exports 21file 22specifies remote mount points for the 23.Tn NFS 24mount protocol per the 25.Tn NFS 26server specification; see 27.%T "Network File System Protocol Specification \\*(tNRFC\\*(sP 1094, Appendix A" . 28.Pp 29Each line in the file 30(other than comment lines that begin with a #) 31specifies either a ``netgroup'' list or a remote mount point. 32If the first field begins with a '/' then it is considered a mount entry. 33Otherwise it is considered a ``netgroup'', 34a list of hosts that are to be referred to by a group name. 35In a ``netgroup'' list, 36the first field is the name of the ``netgroup'' followed 37by a list of hosts separated by whitespace. 38.Pp 39In a mount entry, 40the first field is the mount point directory path optionally followed 41by groups of export options and specific hosts or ``netgroups'' 42to which those options apply. 43The name of a ``netgroup'' is distinguished from that of a host 44by preceeding it with a dollar sign. 45A filesystem may appear multiple times with 46different sets of hosts each with different export options. 47If a set of export options are specified at the end 48of the line with no hosts following them, 49then the mount point is exported to all 50other hosts with those export options. 51There may be at most one such listing per local filesystem. 52.Pp 53Export options are specified as follows: 54.Pp 55.Sm off 56.Fl root No = Sy user 57.Sm on 58The credential of the specified user is used for remote access by root. 59The credential includes all the groups to which the user is a member 60on the local machine (see 61.Xr id 1 ). 62The user may be specified by name or number. 63.Pp 64.Sm off 65.Fl root No = Sy user:group1:group2:... 66.Sm on 67The colon separated list is used to specify the precise credential 68to be used for remote access by root. 69The elements of the list may be either names or numbers. 70Note that user: should be used to distinguish a credential containing 71no groups from a complete credential for that user. 72.Pp 73.Sm off 74.Fl allanon No = Sy user 75.Sm on 76or 77.Sm off 78.Fl allanon No = Sy user:group1:group2:... 79.Sm on 80specifies a mapping for all client uids (including root) 81using the same semantics as 82.Fl root . 83.Pp 84The option 85.Fl r 86is synonyms for 87.Fl root 88in an effort to be backward compatible with older export file formats. 89.Pp 90In the absence of 91.Fl root 92and 93.Fl allanon 94options, remote accesses by root will result in using a credential of -2:-2. 95All other users will have their remote credentials applied. 96If a 97.Fl root 98option is given, 99remote access by root will have that credential applied instead of -2:-2. 100If a 101.Fl allanon 102option is given, 103all users (including root) will have that credential applied in 104place of their own. 105If an entry specifies a list of hosts, the 106.Fl root 107and 108.Fl allanon 109options apply only to those hosts. 110If an entry without a list of hosts appears, the 111.Fl root 112and 113.Fl allanon 114options apply to all hosts that connect that are 115not otherwise explicitly listed. 116Note that each local filesystem may have only a single 117definition for ``all unspecified hosts''. 118.Pp 119The 120.Fl kerb 121option specifies that the Kerberos authentication server should be 122used to authenticate and uid map client credentials. 123(Note that this is NOT Sun NFS compatible and 124is supported for TCP transport only.) 125.Pp 126The 127.Fl ro 128option specifies that the filesystem should be exported Read-only 129(default Read/Write). 130The option 131.Fl o 132is synonyms for 133.Fl ro 134in an effort to be backward compatible with older export file formats. 135.Pp 136For example: 137.Bd -literal -offset indent 138friends= snowhite grumpy 139/usr -root=0:10 $friends 140/usr -root=daemon 131.104.48.16 -ro -allanon=daemon 141/usr/local 142/u -root=bin: 143/u2 -ro -root=5:20 144.Ed 145.Pp 146Given that 147.Sy /usr , 148.Sy /u 149and 150.Sy /u2 151are 152local filesystem mount points, the above example specifies the following: 153.Sy /usr 154is exported to hosts 155.Em snowhite 156and 157.Em grumpy 158with users applying their remote credentials and 159root mapped to uid 0 and group 10; 160it is exported to 161.Em 131.104.48.16 162with users applying their remote credentials and 163root mapped to the user and groups associated with ``daemon''; 164it is exported to the rest of the world as read-only with 165all users mapped to the user and groups associated with ``daemon''. 166.Pp 167.Sy /usr/local 168is exported to the rest of the world as read-only with all users 169mapped to the user and groups associated with ``daemon'', since 170.Sy /usr/local 171already has a definition for world access from the /usr entry 172(which is the local mount point). 173The entry 174.Bd -literal -offset indent 175/usr/local -allanon=daemon 176.Ed 177.sp 178would be illegal because a local filesystem can only have a 179single mapping for ``all unspecified hosts''. 180.Pp 181.Sy /u 182is exported to all hosts with root mapped to the uid for ``bin'' 183and with no group access. 184.Pp 185.Sy /u2 186is exported read-only to all hosts with root mapped to uid 5 and gid 20. 187.Sh FILES 188.Bl -tag -width /etc/exports -compact 189.It Pa /etc/exports 190The default remote mount-point file. 191.El 192.Sh SEE ALSO 193.Xr mountd 8 , 194.Xr nfsd 8 , 195.Xr showmount 8 196.Sh BUGS 197The export options are tied to the local mount points in the kernel and 198must be non-contradictory for any exported subdirectory of the local 199server mount point. 200It is recommended that all exported directories within the same server 201filesystem be specified on adjacent lines going down the tree. 202.Sh HISTORY 203The 204.Nm 205file format is 206.Ud . 207