source: trunk/athena/bin/attach/attach.1 @ 5489

Revision 5489, 12.4 KB checked in by lwvanels, 33 years ago (diff)
remove mention of /etc/nosuid
Line 
1.\" $Id: attach.1,v 1.8 1991-08-15 16:36:37 lwvanels Exp $
2.\"
3.TH ATTACH 1 "1 July 1991"
4.ds ]W MIT Project Athena
5.SH NAME
6attach \- attach a remote file system to your workstation
7.SH SYNOPSIS
8.nf
9attach [ [ options ] \fIfilesystem\fP ... ] ...
10attach -l \fIfilesystem\fP ...
11attach
12.fi
13.SH DESCRIPTION
14
15\fIAttach\fP is a filesystem-independent utility which allows you
16attach a filesystem to a directory hierarchy on your
17workstation.  The following filesystems are currently supported: NFS
18(Network File Protocol), RVD (Remote Virtual Disk), UFS (Unix file
19system), and AFS (Andrew File System).
20
21Attach looks up \fIfilesystem\fP in attach.conf(5) or by
22using Hesiod(3) to retrieve the file system type, the server host, the
23name by which the file system is known to the server (e.g., an RVD
24locker name or NFS server mountpoint), and the default mount point and
25mode (read-only, read-write).  The user may also explicitly specify
26this information, as described below under the -explicit option.
27
28Using the various options specified below, it is possible to supercede
29the default mount point and mode.  In addition, the user can specify
30that a filesystem be nosuid, so that the operating system will not
31honor setuid or setgid permissions on the foreign filesystem.  The
32system maintainer may also forcibly set a filesystem so that it will
33be mounted nosuid by including an entry in the attach.conf file.
34
35\fIAttach\fP will attempt to automatically create a NFS
36mapping using Kerberos (see \fIKerberosintro(1)\fP) for NFS
37filesystems so that the user will have his normal (authenticated)
38access to the filesystem.  \fIAttach\fP will automatically run the
39program \fIaklog\fP for AFS filesystems, to authenticate the user
40with the AFS subsystem.
41
42In the case of RVD packs, it is possible to supply an RVD password if
43Kerberos authentication is not implemented for the RVD subsystem on
44the workstation and the server.  If a password is required and standard
45input is the controlling terminal, \fIattach\fP prompts for a
46password.  If standard input is not a terminal, \fIattach\fP will not
47prompt for a password, and will exit with an error status.
48
49The default mode is 'w' (read-write).
50Also supported are 'r' (read-only), 'n'
51(read-only, do not attempt to authenticate),
52and 'm' (read-write, attempt to authenticate, but authentication
53failure is not a fatal error).
54
55.PP
56The following arguments to \fIattach\fP modify its behavior.  Default
57options are marked as such.  Unless otherwise marked, all arguments
58are processed \fIin order\fP.  Thus, if a -v option is followed by a
59-q option, the -q option will take precedence.  The long and short
60forms of each option function identically.
61
62If no arguments are given to \fIattach\fP, a list of the currently
63attached filesystems will be presented.
64
65.IP "-verbose or -v"
66Display verbose information about a mounted filesystem, such as the
67NFS or RVD server and the server's filesystem name, if the attach is
68successful.  This is the default.  Use of this option automatically
69supresses the -printpath option.
70.IP "-quiet or -q"
71Don't display verbose information.  Error messages will still be printed.
72.IP "-force or -f"
73Ordinarily, \fIattach\fP will not attempt to attach a filesystem which
74it believes is already attached (as indicated by its appearance in
75the \fIattachtab(5)\fP file), or which it thinks is being attached or
76detached by another process.  This flag overrides this behavior and
77\fIforces\fP
78the filesystem to be attached.  This option can be dangerous if used
79indiscriminately since a filesystem could get attached more than once.
80.IP "-printpath or -p"
81\fIAttach\fP normally prints a status message on its standard
82output indicating the success or failure of the attach operation.  This
83flag causes the pathname of the mounted filesystem to be printed
84instead.  This allows an alias which invokes the \fIattach\fP command
85to source a C shell command file relative to this pathname, which
86presumably can set up execution paths and other environment variables
87appropriate for the use of this filesystem.  Use of this option
88automatically surpresses the -verbose option.
89.IP "-lookup or -l"
90This option causes \fIattach\fP to lookup the filesystem definition
91using either attach.conf(5) or Hesiod(3) and print out the definition,
92but not to actually attach the filesystem.
93.IP "-debug or -d"
94Print debugging information.  This will not normally be useful to users.
95.IP "-map or -y"
96Attempt to authenticate the user with Kerberos to the filesystem
97server.  The authentication may be necessary in order to have the
98proper access to the filesystem.  This is the default.  If the
99authentication fails and the filesystem is being mounted read-only, a
100warning is printed and the attach continues.
101.IP "-nomap or -n"
102Do not attempt to authenticate the user to the filesystem server.
103This implicitly invokes the -noremap options.
104.IP "-remap or -g"
105Go ahead and remap the user even if the filesystem is already
106attached.  This is the default.
107.IP "-noremap or -a"
108Don't remap the user if the filesystem is already attached.
109.IP "-zephyr or -z"
110Subscribe to \fIZephyr\fP messages about the server host.  This is the
111default.
112.IP "-nozephyr or -h"
113Don't subscribe to \fIZephyr\fP messages about the server host.
114.IP "-readonly or -r, -write or -w"
115Overrides the default access mode for the next filesystem.
116"-r" indicates read-only access, and "-w" indicates write access.
117.IP "-mountpoint \fImount-point\fP or -m \fImount-point\fP"
118Overrides the default mount point for the next filesystem.  The
119\fImount-point\fP must be an absolute pathname.
120.IP "-noexplicit or -x"
121Tell \fIattach\fP to interpret the \fIfilesystem\fP as a Hesiod name.
122This if the default.
123.IP "-explicit or -e"
124Change the behavior of \fIattach\fP such that the \fIfilesystem\fP is
125now interpreted as \fIhost:directory\fP (in the case of NFS) or
126\fIhost:pack\fP (in the case of RVD) instead of as a Hesiod name.
127This allows arbitrary directories to be attached.  When this option is
128used, the default mount point is \fI/host/directory\fP for NFS
129filesystems (\fI/host/root\fP for host:/), and \fI/host/pack\fP for
130RVDs.  This can still be overridden by the -m option.
131.IP "-type \fIfilesystem-type\fP or -t \fIfilesystem-type\fP"
132Used with the -explicit option to tell \fIattach\fP the type of the
133filesystem that's going to be attached.  It defaults to NFS.
134.IP "-mountoptions \fIoptions\fP or \-o \fIoptions\fP"
135Specify options for the mounting of the filesystem.  The options are
136the same as the ones used by \fImount(8)\fP.
137.IP "-nosetuid or -nosuid or -N"
138With this option, \fIattach\fP will mount the filesystem with the
139nosuid option.  This causes the kernel not to honor setuid or setgid
140permission in the filesystem.  (Note: this option does not have any
141effect with AFS filesystems.)
142.IP "-setuid -suid or -S"
143This option can be used by a trusted user to forcibly mount a
144filesystem without the nosuid option.  This can be used to override
145the fact that the system administrator
146has made an entry such that the filesystem would normally be mounted
147nosuid.
148.IP "-override or -O"
149\fIAttach\fP can be set up so that normal users cannot attach certain
150filsystems.  A trusted user can use this option to override these
151restrictions.  See attach.conf(5) for more information.
152.IP "-skipfsck or -F"
153This option indicates that the \fIfsck\fP command should not be run.
154\fIfsck\fP is normally run on RVD filesystems that are mounted
155read-write (exclusive) mode.
156.IP "-lock or -L"
157This option tells \fIattach\fP to lock the filesystem so that it cannot
158be unmounted except explicitly by one of the trusted users.  This
159command requires the user to be in the trusted users list.
160.IP "-user \fIusername\fP or -U \fIusername\fP"
161This option allows a trusted user to perform an \fIattach\fP command on
162behalf of another person.  The entries added to the \fIattachtab\fP file
163will indicate that the \fIattach\fP command was run by the specified
164\fIusername\fP.
165.IP "-host \fIhostnames\fP or -H \fIhostnames\fP"
166This option causes \fIattach\fP to list all filesystems that are mounted
167from the given \fIhostnames\fP.  After this option appears on the
168command line, no more filesystems may be attached; only hostnames may be
169specified.
170
171.PP
172If the default mount-point for a filesystem (or the mount-point
173specified with the -m option) does not exist, it is created.  Any
174directories in the path that do not exist are also created.  If a
175directory can't be created, the attach fails.  When the filesystem is
176detached, any directories that were created during the attach are
177deleted, if possible.  The -all option to \fIdetach\fP causes
178filesystems to be detached in reverse order so that directories can be
179deleted properly.
180
181The first thing \fIattach\fP and \fIdetach\fP do is to attempt to read
182in /etc/athena/attach.conf, which can be used by the system administrator to
183customize the behavior of \fIattach\fP and \fIdetach\fP.  See
184\fIattach.conf(5)\fP for more information.
185
186If an NFS attach is successful, a mapping for the user is established
187to the NFS server (under the restraints of the -y, -n, and -g options
188above).  If this mapping fails on a read/write attach, the operation
189aborts and the filesystem is not attached.  If the mapping fails on a
190read-only attach, a warning is printed but the filesystem is mounted
191anyway.
192
193When an attach is successful and the -nozephyr option is not specified, a
194\fIZephyr(1)\fP subscription is made for the user for filesystem
195status message for the appropriate server.  These subscriptions are
196removed when the filesystem is detached.
197
198.SH EXAMPLES
199
200.nf
201attach -r -q -m /mymount/X11 x11 -w gnu
202.fi
203
204Attach the filesystem \fIx11\fP to the mountpoint /mymount/X11 in
205read-only mode.  Then attach the filesystem \fIgnu\fP
206to its default mount point in write mode.  Don't print success
207messages for either mount.
208
209.SH DIAGNOSTICS
210
211If \fIattach\fP is executed with only a single filesystem argument,
212the exit status will be one of the following:
213.TP 5
2140
215No error encountered.
216.TP 5
2171
218Bad arguments.
219.TP 5
2202
221Generic error not included in any more specific code.
222.TP 5
2233
224Internal fatal error.
225.TP 5
22610
227Keberos failure.
228.TP 5
22911
230Host communication failure.
231.TP 5
23212
233Authentication failure.
234.TP 5
23513
236No reserved ports available.
237.TP 5
23820
239Bad filesystem name.
240.TP 5
24121
242Filesystem already in use by another \fIattach\fP process.
243.TP 5
24422
245RVD spinup needs a password and standard input is not a tty.
246.TP 5
24723
248FSCK returned an error while validating an RVD spunup in exclusive
249mode.
250.TP 5
25124
252User is not allowed to attach filesystem.
253.TP 5
25425
255User is not allowed to attach a filesystem at this mountpoint.
256.TP 5
25726
258The remote filesystem does not exist.
259.PP
260If more than one filesystem argument is specified, the exit status can
261be either 0, 1, or 3 as listed above, or:
262.TP 5
2632
264Something went wrong with one of the filesystems.
265.PP
266If an error is encountered while manipulating one filesystem in the
267list, \fIattach\fP continues with the other filesystems and returns
268the exit status 2 after attempting to attach all the other filesystems.
269
270.SH NOTE
271The programs \fIattach(1)\fP, \fIdetach(1)\fP, \fInfsid(1)\fP, and
272\fIzinit(8)\fP are all really the same program.  Typically
273\fIdetach(1)\fP, \fInfsid(1)\fP and \fIzinit(8)\fP are links to
274\fIattach\fP.  Argv[0] is used to determine which one of the four
275programs are run.  This may be overridden by specifying -P
276\fIprogname\fP, where \fIprogname\fP should be one of the above four
277program names.
278
279.SH FILES
280/usr/tmp/attachtab
281.br
282/tmp/attach.\fIfilesystem\fP
283
284.SH "SEE ALSO"
285
286detach(1), nfsid(1), zinit(1), zephyr(1), hesiod(3)
287.br
288`Hesiod - Project Athena Technical Plan -- Name Service'
289.br
290`Hesiod Applications Programmers' Guide'
291.br
292`Hesiod Operations and Maintenance Guide'
293
294.SH AUTHORS
295Robert French, Project Athena
296.br
297Theodore Ts'o, Project Athena
298.br
299John Carr, Project Athena
300.br
301Richard Basch, Project Athena
302.br
303Copyright 1988, 1990 Massachusetts Institute of Technology
304
305.SH BUGS
306Nosetuid is not possible for AFS filesystems.
307Except for 'n', modes are ignored for AFS filesystems.
308These are side effects of the current implementation using symbolic links.
309
310\fIAttach -p\fP with filesystems of type \fIMUL\fP will print out
311a newline-separated list of all the directories on which filesystems
312were attached.  If used in conjunction with the standard \fIadd\fP and
313\fIsetup\fP aliases, errors will occur.  It is yet undetermined as to
314what \fIattach -p\fP should output when used on filesystems of type
315\fIMUL\fP.
316
317AIX does not support nosetuid, so attach ignores the nosetuid option
318on this system.
319
320Mount options in attach.conf always override those on the command line.
Note: See TracBrowser for help on using the repository browser.