Node:sfsrwsd_config
,
Next:sfsauthd_config
,
Previous:sfs_config
,
Up:SFS configuration
sfsrwsd_config
--File server configurationHostname name
Keyfile path
sfsrwsd
to look for its private key in file path.
The default is sfs_host_key
. SFS looks for file names that do
not start with /
in /etc/sfs
, or whatever directory you
specified if you used the --with-etcdir
option to
configure
(see configure).
Export local-directory sfs-name [R|W]
sfsrwsd
to export local-directory, giving it the
name sfs-name with respect to the server's self-certifying
pathname. Appending R
to an export directive gives anonymous
users read-only access to the file system (under user ID -2 and group ID
-2). Appending W
gives anonymous users both read and write
access. See Quick server setup, for an example of the Export
directive.
There is almost no reason to use the W
flag. The R
flag
lets anyone on the Internet issue NFS calls to your kernel as user -2.
SFS filters these calls; it makes sure that they operate on files
covered by the export directive, and it blocks any calls that would
modify the file system. This approach is safe given a perfect NFS3
implementation. If, however, there are bugs in your NFS code, attackers
may exploit them if you have the R
option--probably just
crashing your server but possibly doing worse.
LeaseTime seconds