Node:sfssd_config
,
Next:sfs_srp_params
,
Previous:sfs_users
,
Up:SFS configuration
sfssd_config
--Meta-server configurationsfssd_config
configures sfssd
, the server that accepts
connections for sfsrwsd
and sfsauthd
.
sfssd_config
can be used to run multiple "virtual servers", or
to run several versions of the server software for compatibility with
old clients.
Directives are:
BindAddr ip-addr [port]
sfssd
should listen
for TCP connections. The default is INADDR_ANY
for the address
and port 4.
RevocationDir path
sfssd
should search for
revocation/redirection certificates when clients connect to unknown
(potentially revoked) self-certifying pathnames. The default value is
/var/sfs/srvrevoke
. Use the command sfskey revokegen
to
generate revocation certificates.
HashCost bits
Server {* | Location[:HostID]}
:
HostID. If
:
HostID is omitted, then the following lines apply to any
connection that does not match an explicit HostID in another
Server
. The argument *
applies to all clients who do not
have a better match for either Location or HostID.
Release {* | sfs-version}
*
signifies arbitrarily large SFS
release numbers. The Release
directive does not do anything on
its own, but applies to all subsequent Service
directives until
the next Release
or Server
directive.
Extensions ext1 [ext2 ...]
Service
directives apply only to
clients that supply all of the listed extension strings (ext1,
...). Extensions
until the next Extensions
,
Release
or Server
directive
Service srvno daemon [arg ...]
1. File server 2. Authentication server 3. Remote execution (not yet released) 4. SFS/HTTP (not yet released)
Service srvno -u path
Service
, only instead of
spawning a daemon, connects to the unix-domain socket specified by
path
to communicate with an already running daemon. This
option may be useful when debugging SFS servers, as the server for a
particular service on a particular self-certifying pathname can be run
under the debugger and receive connections on the usual SFS port
without interfering with other servers on the same machine.
Service srvno -t host [port]
sfssd
should act as a "TCP proxy" for this
particular service, relaying any incoming connections to TCP port
port on host. If unspecified, port is the default
SFS TCP port 4.
This syntax is useful in a NATted environment. For instance, suppose
you have two SFS servers with addresses 10.0.0.2 and 10.0.0.3 on a
private network, and one machine 10.0.0.1 with an externally visible
interface 4.3.2.1. You can use this proxy syntax to export the
internal file systems. The easiest way is to pick two DNS names for
the new servers, but point them at your outside server. For example:
server-a.mydomain.com. IN A 4.3.2.1 server-b.mydomain.com. IN A 4.3.2.1
Then, on your outside machine, you might have the following
sfssd_config
file:
Server server-a.mydomain.com Release * Service 1 -t 10.0.0.2 Service 2 -t 10.0.0.2 Service 3 -t 10.0.0.2 Server server-b.mydomain.com Release * Service 1 -t 10.0.0.3 Service 2 -t 10.0.0.3 Service 3 -t 10.0.0.3
Then on each of the internal machines, be sure to specify
Hostname server-A.mydomain.com
and Hostname
server-B.mydomain.com
in sfsrwsd_config
.
The default contents of sfssd_config
is:
Server * Release * Service 1 sfsrwsd Service 2 sfsauthd
To run a different server for sfs-0.3 and older clients, you could add
the lines:
Release 0.3 Service 1 /usr/local/lib/sfs-0.3/sfsrwsd