nfsserver, portmapper, pcnfsd – NFS service

aux/nfsserver [ rpc–options... ] [ nfs–options... ]
aux/pcnfsd [ rpc–options... ]
aux/portmapper [ rpc–options... ]

These programs collectively provide NFS access to Plan 9 file servers. Nfsserver, pcnfsd, and portmapper run on a Plan 9 CPU server, and should be started in that order. All users on client machines have the access privileges of the Plan 9 user none. Currently only NFS version 2 is served.

The rpc–options are all intended for debugging:
r      Reject: answer all RPC requests by returning the AUTH_TOOWEAK error.
v      Verbose: show all RPC calls and internal program state, including 9P messages. (In any case, the program creates a file /srv/ where name is that of the program; echoing 1 or 0 into this file sets or clears the –v flag dynamically.)
D      Debug: show all RPC messages (at a lower level than –v). This flag may be repeated to get more detail.
C      Turn off caching: do not answer RPC requests using the RPC reply cache.

The nfs–options are:
a addrSet up NFS service for the 9P server at network address addr.
f file   Set up NFS service for the 9P server at file (typically an entry in /srv).
n      Do not allow per–user authentication (default and mandatory).
c file   File contains the uid/gid map configuration. It is read at startup and subsequently every hour (or if c is echoed into /srv/ Blank lines or lines beginning with # are ignored; lines beginning with ! are executed as commands; otherwise lines contain four fields separated by white space:
a regular expression (in the notation of regexp(6)) for a class of servers, a regular expression for a class of clients, a file of user id's (in the format of a Unix password file), and a file of group id's (same format).
s      Expect a network connection on file descriptor 1 instead of listening for incoming calls.
t      Listen for incoming TCP calls, rather than UDP calls.

NFS clients must be in the Plan 9 /lib/ndb database. The machine name is deduced from the IP address via ndb/query. The machine name specified in the NFS Unix credentials is completely ignored.

Pcnfsd is a toy program that authorizes PC–NFS clients. All clients are mapped to uid=1, gid=1 (daemon on most systems) regardless of name or password.

A simple /lib/ndb/nfs might contain:

!9fs tcp!ivy
.+    [^.]+\.cvrd\.hall\.edu    /n/ivy/etc/passwd    /n/ivy/etc/group

A typical entry in /rc/bin/cpurc might be:

aux/nfsserver –a tcp!pie –a tcp!yoshimi –c /lib/ndb/nfs

Assuming the CPU server's name is eduardo, the mount commands on the client would be:

/etc/mount –o soft,intr eduardo:pie /n/pie
/etc/mount –o soft,intr eduardo:yoshimi /n/yoshimi

Note that a single instance of nfsserver may provide access to several 9P servers.

/lib/ndb/nfs   List of uid/gid maps.
/sys/log/nfs   Log file.


It would be nice to provide authentication for users, but Unix systems provide too low a level of security to be trusted in a Plan 9 world.

RFC1057, RPC: Remote Procedure Call Protocol Specification, Version 2, describes Sun's RPC protocol.
RFC1094, NFS: Network File System Protocol Specification, describes NFS version 2.
RFC1813, NFS Version 3 Protocol Specification.
RFC3530, Network File System (NFS) version 4 Protocol.