Previous | Contents | Index |
If you plan to export file systems to PC-NFS client hosts, you must enable PC-NFS using TCPIP$CONFIG. The PC-NFS process starts automatically.
You can also use the following commands to manage PC-NFS:
For information about setting up PC-NFS for printing, see Chapter 24.
20.5 Managing the MOUNT Service
The MOUNT service responds to Version 1 of the MOUNT protocol, which is used with Version 2 of the NFS protocol. It also supports Version 3 of the MOUNT protocol, which is used with Version 3 of the NFS protocol.
The MOUNT service is started automatically when you start the NFS server (for example, using TCPIP$NFS_SERVER_STARTUP.COM).
You can customize the operation of the MOUNT service by using SYSCONFIG to modify the attributes listed in Table 20-1.
Attribute | Description |
---|---|
mountd_option_a |
Verifies the Internet addresses of hosts that make mount and unmount
requests. If a client's address cannot be translated into a host name
by the
gethostbyaddr()
function and is then translated back into the same Internet address by
the
gethost-byname()
function, the request is rejected.
Requires name resolution to be enabled. |
mountd_option_d | Turns on Internet address verification and domain checking. If you are running the BIND service, MOUNT verifies that a host making a mount or unmount request is in the server's domain. |
mountd_option_i |
Verifies the Internet address of hosts that make mount and unmount
requests. If a client's address cannot be translated into a host name
by the
gethostbyaddr()
function, the request is rejected.
Requires name resolution to be enabled. If the mountd_option_i attribute is not set, and a client's address cannot be translated, the address is converted to a string in the form xx.xx.xx.xx. This allows users to access exported file systems that have a wildcard (*) (allow everybody) as their host list. The mountd_option_i attribute is automatically enabled when either the mountd_option_d or the mountd_option_s attribute is specified. |
mountd_option_n |
Allows nonroot mount requests to be served. In previous versions of
TCP/IP Services, the servicing of nonroot mount requests was allowed by
default. With this version, this attribute must be set to allow nonroot
mount requests.
Specify this attribute only if there are clients (such as desktop computers) that require it. |
mountd_option_s | Turns on Internet address verification and subdomain checking. If you are running the BIND service, the MOUNT service verifies that a host making a mount or unmount request is in the server's domain or subdomain. |
See Section 20.12 for information about using the SYSCONFIG command.
20.6 Registering Users and Hosts
In a NFS environment shared by UNIX hosts, a common user authorization domain may be used. In this configuration, each user's UID is unique for all the hosts. On OpenVMS, however, the user authorization file (UAF) cannot be shared, but client user identifiers must be mapped to OpenVMS accounts. Therefore, users on client hosts must have corresponding OpenVMS accounts on the OpenVMS NFS server.
To establish this common allocation on OpenVMS, each client UID must be mapped to a unique OpenVMS account. This arrangement requires a separate OpenVMS account for each NFS client. It is possible to use the same OpenVMS account for multiple users, but this is not recommended for accounts in which users have read or edit access to files.
After setting up appropriate accounts, you must register users in the
proxy database and set mount points in the export database.
20.6.1 Adding Proxy Entries
Each user accessing your local server must be registered in the proxy database. See Section 20.1.3 if you are not familar with how the server uses this database to grant access to remote users. You should create the proxy database before the NFS server starts. If you are adding proxies, create the OpenVMS accounts before creating the proxy entries.
An empty proxy database file, TCPIP$PROXY.DAT, is created for you when you first use the TCPIP$CONFIG configuration procedure to configure NFS. This file is empty until you populate it with proxy entries for each NFS user. If you do not use TCPIP$CONFIG to configure NFS, use the CREATE PROXY command to create the empty database file. The file TCPIP$PROXY.DAT resides in the SYS$COMMON:[SYSEXE] directory.
Use the ADD PROXY, REMOVE PROXY, and SHOW PROXY commands to maintain the proxy database. Enter these commands at the TCPIP prompt:
TCPIP> ADD PROXY user_name /UID=nn /GID=nn /HOST=host_name |
For example, you can use the following command to register a user:
TCPIP> ADD PROXY SMITH /UID=53 /GID=45 /HOST="june" |
You can specify a list of hosts for which the UID and GID are valid. For example:
TCPIP> ADD PROXY SMITH /UID=53 /GID=45 /HOST=("APRIL","MAY","JUNE") |
You can also specify that all hosts are valid using an asterisk (*) wildcard character. For example:
TCPIP> ADD PROXY SMITH /UID=53 /GID=45 /HOST=* |
If you use the configuration procedure to configure NFS, the export database is created for you, if it does not already exist. This file is empty until you populate it with mount point entries. If you do not use TCPIP$CONFIG to configure NFS, use the CREATE EXPORT command to create the empty database file.
Use the ADD EXPORT, REMOVE EXPORT, and SHOW EXPORT commands to maintain the export database. Enter these commands at the TCPIP prompt:
TCPIP> ADD EXPORT "/path/name" /HOST=host_name |
See the Compaq TCP/IP Services for OpenVMS Management Command Reference manual for more information about these commands and command qualifiers.
You can identify mount points by any of the following methods:
You can back up NFS-mounted files using standard OpenVMS backup procedures. For more information, see the OpenVMS documentation.
If you back up an OpenVMS file system or a container file system while remote users are accessing the files, the resulting save set may contain files that are in an inconsistent state. For a container file system, there is the additional danger that the container file itself may be in an inconsistent state.
Furthermore, the OpenVMS Backup utility does not issue warning messages when backing up files that are opened by the NFS server, even when the /IGNORE=INTERLOCK qualifier to the BACKUP command was not used.
The approach to backing up is to schedule the backup for a time when users will not be accessing the files. Then either unmap the file systems to be backed up or shut down the NFS server.
If you perform an incremental backup (using the /SINCE=MODIFIED
qualifier to the BACKUP command) on container file systems, a separate
copy of the container must also be backed up because the container
file's modification date never changes. See Section 20.9 for
information about setting up container file systems; see Section 20.10
for information about managing container file systems.
20.8 Setting Up and Exporting an OpenVMS File System
The following example describes how to set up an OpenVMS file system on the OpenVMS server and how to make the file system available to Joe Brown, a user on UNIX client ultra .
Joe Brown has an OpenVMS user name of BROWN and a UNIX user name of joe .
% grep joe /etc/passwd joe: (encrypted password) :27:58: ... |
$ TCPIP TCPIP> ADD PROXY BROWN /UID=27 /GID=58 /HOST=ultra TCPIP> MAP "/vmsdisk" DSA301: TCPIP> ADD EXPORT "/vmsdisk/brown/test" /HOST=ultra |
If users need to create files with case-sensitive names or names containing characters that do not conform to the OpenVMS syntax, you can enable name conversion, which gives users more file-naming flexibility without creating a container file system. Use the /OPTIONS=NAME_CONVERSION qualifier to the command ADD EXPORT to enable this option.
With the NAME_CONVERSION option set, users can create files and directories in an OpenVMS file system using names that do not conform to OpenVMS file-naming rules.
If any client hosts had the file system mounted before the name conversion was enabled, they must dismount and remount for this feature to take effect. |
For more information about file name conversion, see Appendix C.
20.9 Setting Up and Exporting a Container File System
A container file system is similar to a UNIX file system. When you create a container file system, you must specify an owner, using the /USER_NAME qualifier to the CREATE CONTAINER command.
When a container file system is created, a container directory is created, along with a container file in it. This container file provides compatibility with UNIX file storage attributes, such as file names, date and time stamps, UNIX protection masks, and UID ownership. If a container file system called NFS is created, it may look like the following example:
$ DIR DKA0:[NFS] Directory DKA0:[NFS] 00012201$BFS.DIR;1 NFS.CONTAINER;1 Total of 2 files. |
The files contained within the directory should not be manipulated directly within OpenVMS except in the case of incremental backups, which require a separate backup of the container file.
If the container file system is for the use of just one remote user, that user can be the owner. If it is for the use of several users, the owner should be a user whose UIC is mapped to UID=0/GID=1 (UNIX user root). In either case, the name set with this qualifier must already be registered in the proxy database. This user also becomes the owner of the internal root directory of the container.
To create a container file system on the NFS server, follow these steps:
TCPIP> ADD PROXY SYSTEM /UID=0 /GID=1 /HOST=* |
TCPIP> CREATE CONTAINER DSA101:[TEST] /USER_NAME=SYSTEM - _TCPIP> /ROOT_MODE=751 /HOST="june" |
Owner: read, write, and execute (7)
Group: read and execute (5)
World: execute (1)
TCPIP> MAP "/test_dsk" DSA101: |
TCPIP> MAP "/test" DSA101:[TEST] |
TCPIP> ADD PROXY USER1 /UID=234 /GID=14 /HOST=* |
TCPIP> CREATE DIRECTORY "/test/user1" /USER_NAME=USER1 /MODE=751 /HOST="june" |
TCPIP> ADD EXPORT "/test" /HOST=* |
TCPIP> ADD EXPORT "/test/user1" /HOST="june" |
This section reviews the commands you use to maintain and examine a container file system. Topics include:
For complete command descriptions, see the Compaq TCP/IP Services for OpenVMS Management Command Reference manual.
20.10.1 Displaying Directory Listings
Use the DIRECTORY command to display the contents of a directory. For example,
TCPIP> DIRECTORY "/path/name" |
In this example, /path/name is a valid UNIX directory specification that begins with a slash (/) and is enclosed in quotation marks.
The DIRECTORY command has the following qualifiers:
You cannot use the DCL command COPY to create files in a container file system, because the UNIX directory structure is fully contained in the corresponding container file. Instead, you must use the TCP/IP Services IMPORT command to copy a file from an OpenVMS directory into a container file system. Similarly, use the TCP/IP Services EXPORT command to copy a file from a container file system into an OpenVMS directory.
If the OpenVMS data file does not have the STREAM_LF record format, it
will automatically be converted to STREAM_LF. Use the /NOCONVERT
qualifier to prevent the conversion.
20.10.3 Removing Links to a File
A link is a directory entry referring to a file. A file can have several links to it. A link (hard link) to a file is indistinguishable from the original directory entry. Any changes to the file are independent of the link used to reference the file. A file cannot be deleted (removed) until the link count is zero.
Users can create multiple links to a file. A user sometimes creates a link to a file so that the file appears in more than one directory.
All links to a file are of equal value. If a file has two links and one link is removed, the file is still accessible through the remaining link. When the last existing link is removed (the link count is zero), the file is no longer accessible and is deleted.
Remove links to a file with the REMOVE FILE command. For example, to remove the link to a file named letter located at /usr/smith , enter the following command:
TCPIP> REMOVE FILE "/usr/smith/letter" |
Like UNIX files, UNIX directories have links to them. An empty directory is deleted when the last link to the directory is removed.
Remove links to a UNIX directory with the REMOVE DIRECTORY command. For example, to remove the directory smith at /usr , enter the following command:
TCPIP> REMOVE DIRECTORY "/usr/smith" |
You can delete a container file system with all its directories and files by issuing the DELETE CONTAINER command. For example, to delete the UNIX container created on WORK1$:[GROUP_A], enter the following command:
TCPIP> DELETE CONTAINER WORK1$:[GROUP_A] |
Use the UNMAP command to unmap the container file system before you
delete it.
20.10.6 Verifying the Integrity of a Container File System
You may want to verify the integrity of your container file system under the following circumstances:
You can use the ANALYZE CONTAINER command to check the integrity of your container file system. This command is similar in function to the DCL ANALYZE/DISK_STRUCTURE command.
Before analyzing the container file system, unmap it to prevent access to it during the analysis.
The underlying OpenVMS file system must be mapped before you use the ANALYZE CONTAINER command. |
For example, to verify the integrity of a container file system called /GroupA located in WORK1$:[GROUP_A], enter the following commands:
TCPIP> UNMAP "/GroupA" TCPIP> MAP "/group_a" WORK1$: TCPIP> ANALYZE CONTAINER WORK1$:[GROUP_A] |
File system access to the container file is suspended while the container is being analyzed.
Table 20-2 lists the components of a container file system that are normally verified by the ANALYZE CONTAINER command.
UNIX Item | OpenVMS Conceptual Equivalent | Description |
---|---|---|
Super block | Home block | Contains the basic information on the internal structuring of the container file. |
Inode | File header | Each file or directory has an inode that contains information describing the file. The inode is a central definition of the file. |
Directory | Directory | Contains the file names and directory hierarchy information. File name entries contain links to the inode information. |
Bitmap | BITMAP.SYS | Contains the container file internal allocation information. Only one bitmap exists in the container file. |
For a complete description of the ANALYZE CONTAINER command and its qualifiers, see the Compaq TCP/IP Services for OpenVMS Management Command Reference manual.
Previous | Next | Contents | Index |