'\" t .\" Title: mfsexports.cfg .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.79.1 .\" Date: 06/17/2017 .\" Manual: \ \& .\" Source: \ \& .\" Language: English .\" .TH "MFSEXPORTS\&.CFG" "5" "06/17/2017" "\ \&" "\ \&" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .\" http://bugs.debian.org/507673 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .\" ----------------------------------------------------------------- .\" * MAIN CONTENT STARTS HERE * .\" ----------------------------------------------------------------- .SH "NAME" mfsexports.cfg \- LizardFS access control for mfsmounts .SH "DESCRIPTION" .sp The file \fBmfsexports\&.cfg\fR contains LizardFS access list for \fBmfsmount\fR clients\&. .SH "SYNTAX" .sp Syntax is: .sp \fIADDRESS\fR \fIDIRECTORY\fR [\fIOPTIONS\fR] .sp Lines starting with \fB#\fR character are ignored\&. .sp \fIADDRESS\fR can be specified in several forms: .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} \fB*\fR all addresses .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} \fBn\&.n\&.n\&.n\fR single IP address .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} \fBn\&.n\&.n\&.n/b\fR IP class specified by network address and bits number .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} \fBn\&.n\&.n\&.n/m\&.m\&.m\&.m\fR IP class specified by network address and mask .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} \fBf\&.f\&.f\&.f\-t\&.t\&.t\&.t\fR IP range specified by from\-to addresses (inclusive) .RE .sp \fIDIRECTORY\fR could be \fB/\fR or path relative to LizardFS root; special value \fB\&.\fR means MFSMETA companion filesystem\&. .SH "OPTIONS" .PP \fBro\fR, \fBreadonly\fR .RS 4 export tree in read\-only mode (default) .RE .PP \fBrw\fR, \fBreadwrite\fR .RS 4 export tree in read\-write mode .RE .PP \fBignoregid\fR .RS 4 disable testing of group access at \fBmfsmaster\fR level (it\(cqs still done at \fBmfsmount\fR level) \- in this case "group" and "other" permissions are logically added; needed for supplementary groups to work (\fBmfsmaster\fR receives only user primary group information) .RE .PP \fBdynamicip\fR .RS 4 allows reconnecting of already authenticated client from any IP address (the default is to check IP address on reconnect) .RE .PP \fBmaproot=\fR\fIUSER\fR[\fB:\fR\fIGROUP\fR] .RS 4 maps root (uid=0) accesses to given user and group (similarly to maproot option in NFS mounts); \fIUSER\fR and \fIGROUP\fR can be given either as name or number; if no group is specified, \fIUSER\fR\*(Aqs primary group is used\&. Names are resolved on \fBmfsmaster\fR side (see note below)\&. .RE .PP \fBmapall=\fR\fIUSER\fR[\fB:\fR\fIGROUP\fR] .RS 4 like above but maps all non privileged users (uid!=0) accesses to given user and group (see notes below)\&. .RE .PP \fBminversion=\fR\fIVER\fR .RS 4 rejects access from clients older than specified .RE .PP \fBmingoal=\fR\fIN\fR, \fBmaxgoal=\fR\fIN\fR .RS 4 specify range in which goal can be set by users .RE .PP \fBmintrashtime=\fR\fITDUR\fR, \fBmaxtrashtime=\fR\fITDUR\fR .RS 4 specify range in which trashtime can be set by users .RE .PP \fBpassword=\fR\fIPASS\fR, \fBmd5pass=\fR\fIMD5\fR .RS 4 requires password authentication in order to access specified resource .RE .PP \fBalldirs\fR .RS 4 allows to mount any subdirectory of specified directory (similarly to NFS) .RE .PP \fBnonrootmeta\fR .RS 4 allows non\-root users to use filesystem mounted in the meta mode (option available only in this mode) .RE .sp Default options are: \fBro,maproot=999:999\fR\&. .SH "NOTES" .sp \fIUSER\fR and \fIGROUP\fR names (if not specified by explicit uid/gid number) are resolved on \fBmfsmaster\fR host\&. .sp TDUR can be specified as number without time unit (number of seconds) or combination of numbers with time units\&. Time units are: \fBW\fR,\fBD\fR,\fBH\fR,\fBM\fR,\fBS\fR\&. Order is important \- less significant time units can\(cqt be defined before more significant time units\&. .sp Option \fBmapall\fR works in LizardFS in different way than in NFS, because of using FUSE\(cqs "default_permissions" option\&. When mapall option is used, users see all objects with uid equal to mapped uid as their own and all other as root\(cqs objects\&. Similarly objects with gid equal to mapped gid are seen as objects with current user\(cqs primary group and all other objects as objects with group 0 (usually wheel)\&. With \fBmapall\fR option set attribute cache in kernel is always turned off\&. .SH "EXAMPLES" .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} \fB* / ro\fR .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} \fB192\&.168\&.1\&.0/24 / rw\fR .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} \fB192\&.168\&.1\&.0/24 / rw,alldirs,maproot=0,password=passcode\fR .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} \fB10\&.0\&.0\&.0\-10\&.0\&.0\&.5 /test rw,maproot=nobody,password=test\fR .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} \fB10\&.1\&.0\&.0/255\&.255\&.0\&.0 /public rw,mapall=1000:1000\fR .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} \fB10\&.2\&.0\&.0/16 / rw,alldirs,maproot=0,mintrashtime=2h30m,maxtrashtime=2w\fR .RE .SH "COPYRIGHT" .sp Copyright 2008\-2009 Gemius SA, 2013\-2015 Skytechnology sp\&. z o\&.o\&. .sp LizardFS is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3\&. .sp LizardFS is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. .sp You should have received a copy of the GNU General Public License along with LizardFS\&. If not, see http://www\&.gnu\&.org/licenses/\&. .SH "SEE ALSO" .sp mfsmaster(8), mfsmaster\&.cfg(5)