NFSv4 Questions

Robert Simmons rsimmons0 at gmail.com
Sun Apr 29 03:54:12 UTC 2012


I've been digging and digging to find sources to clarify the
exports(5) man page with no luck.  What I have read differs from what
I see on my server.  From the man page examples section:

V4: /   -sec=krb5:krb5i:krb5p -network 131.104.48 -mask 255.255.255.0

Now, here is what I have put as an experiment to try to understand
what's happening here (my /etc/exports):

V4: / -sec=krb5 -network 192.168.1 -mask 255.255.255.0
/

In this case, -sec=krb5 is totally ignored.  I can mount / using sys.

If I use this:

V4: /
/ -sec=krb5

It requires proper kerberos authentication.

My next question is can I reject NFSv3/v2 clients/connections?

Third question is: how can I disable rpcbind?  It seems that the
following does not work in rc.conf:
rpcbind_enable="NO"
When I'm running NFSv4 rpcbind is not needed, but it seems that mountd
always starts rpcbind no matter what I do:
/etc/rc.d/rpcbind stop
is the only way to do it, and that is only after boot, or mountd starting.


More information about the freebsd-fs mailing list