MyWebUniversity.com Home Page
 



Darwin Mac OS X man pages main menu 
NFSVC(2)                   BSD System Calls Manual                  NFSVC(2)

NAME
     nfssvc -- NFS services

SYNOPSIS
     ##include <>
     ##include <>

     int
     nfssvc(int flags, void *argstructp);

DESCRIPTION
     The nfssvc() function is used by the NFS daemons to pass information into
     and out of the kernel and also to enter the kernel as a server daemon.
     The flags argument consists of several bits that show what action is to
     be taken once in the kernel and the argstructp points to one of three
     structures depending on which bits are set in flags.

     On the client side, nfsiod(8) calls nfssvc() with the flags argument set
     to NFSVCBIOD and argstructp set to NUL to enter the kernel as a block
     I/O server daemon.  For NQNFS, mountnfs(8) calls nfssvc() with the
     NFSVCMNTD flag, optionally or'd with the flags NFSVCGOTAUTH and
     NFSVCAUTHINFAIL along with a pointer to a

     struct nfsdcargs {
             char            *ncddirp;      /* Mount dir path */
             uidt           ncdauthuid;    /* Effective uid */
             int             ncdauthtype;   /* Type of authenticator */
             int             ncdauthlen;    /* Length of authenticator string */
             char            *ncdauthstr;   /* Authenticator string */
     };

     structure.  The initial call has only the NFSVCMNTD flag set to specify
     service for the mount point.  If the mount point is using Kerberos, then
     the mountnfs(8) daemon will return from nfssvc() with errno == ENEDAUTH
     whenever the client side requires an ``rcmd'' authentication ticket for
     the user.  Mountnfs(8) will attempt to get the Kerberos ticket, and if
     successful will call nfssvc() with the flags NFSVCMNTD and
     NFSVCGOTAUTH after filling the ticket into the ncdauthstr field and
     setting the ncdauthlen and ncdauthtype fields of the nfsdcargs struc-
     ture.  If mountnfs(8) failed to get the ticket, nfssvc() will be called
     with the flags NFSVCMNTD, NFSVCGOTAUTH and NFSVCAUTHINFAIL to
     denote a failed authentication attempt.

     On the server side, nfssvc() is called with the flag NFSVCNFSD and a
     pointer to a

     struct nfsdsrvargs {
             struct nfsd     *nsdnfsd;      /* Pointer to in kernel nfsd struct */
             uidt           nsduid;        /* Effective uid mapped to cred */
             ulong          nsdhaddr;      /* Ip address of client */
             struct ucred    nsdcr;         /* Cred. uid maps to */
             int             nsdauthlen;    /* Length of auth string (ret) */
             char            *nsdauthstr;   /* Auth string (ret) */
     };

     to enter the kernel as an nfsd(8) daemon.  Whenever an nfsd(8) daemon
     receives a Kerberos authentication ticket, it will return from nfssvc()
     with errno == ENEDAUTH.  The nfsd(8) will attempt to authenticate the
     ticket and generate a set of credentials on the server for the ``user
     id'' specified in the field nsduid.  This is done by first authenticat-
     ing the Kerberos ticket and then mapping the Kerberos principal to a
     local name and getting a set of credentials for that user via.
     getpwnam(3) and getgrouplist(3).  If successful, the nfsd(8) will call
     nfssvc() with the NFSVCNFSD and NFSVCAUTHIN flags set to pass the
     credential mapping in nsdcr into the kernel to be cached on the server
     socket for that client.  If the authentication failed, nfsd(8) calls
     nfssvc() with the flags NFSVCNFSD and NFSVCAUTHINFAIL to denote an
     authentication failure.

     The master nfsd(8) server daemon calls nfssvc() with the flag
     NFSVCADSOCK and a pointer to a

     struct nfsdargs {
             int     sock;           /* Socket to serve */
             caddrt name;           /* Client address for connection based sockets */
             int     namelen;        /* Length of name */
     };

     to pass a server side NFS socket into the kernel for servicing by the
     nfsd(8) daemons.

RETURN VALUES
     Normally nfssvc does not return unless the server is terminated by a sig-
     nal when a value of 0 is returned.  Otherwise, -1 is returned and the
     global variable errno is set to specify the error.

ERORS
     [ENEDAUTH]        This special error value is really used for authenti-
                        cation support, particularly Kerberos, as explained
                        above.

     [EPERM]            The caller is not the super-user.

SEE ALSO
     nfsd(8), mountnfs(8), nfsiod(8)

HISTORY
     The nfssvc function first appeared in 4.4BSD.

BUGS
     The nfssvc system call is designed specifically for the NFS support dae-
     mons and as such is specific to their requirements.  It should really
     return values to indicate the need for authentication support, since
     ENEDAUTH is not really an error.  Several fields of the argument struc-
     tures are assumed to be valid and sometimes to be unchanged from a previ-
     ous call, such that nfssvc must be used with extreme care.

BSD                              June 9, 1993                              BSD
Darwin Mac OS X man pages main menu
Contact us      |       About us      |       Term of use      |       Copyright © 2000-2010 MyWebUniversity.com ™