source: trunk/athena/bin/attach/attach.conf.5 @ 5481

Revision 5481, 8.4 KB checked in by lwvanels, 33 years ago (diff)
new directory structure
Line 
1.TH ATTACH.CONF 5  "July 4, 1989"
2.SH NAME
3attach.conf \- attach configuration file
4.SH DESCRIPTION
5The behavior of
6.IR Attach , detach ,
7and
8.I nfsid
9are controlled by attach.conf.  These programs read /etc/athena/attach.conf
10when they start up, so the system administrator can customize their
11behavior without needing to recompile the programs.
12
13The format of attach.conf is line oriented, with one configuration
14option per line.  Blank lines and lines which begin with a pound sign
15(#) are ignored as comments.  The configuration keyword is the first
16whitespace-delimited string on the line, with its arguments following
17it, also delimited by whitespace.
18
19There are several different types of keywords, which determine what
20type of argument or arguments they require.
21.IP boolean
22Keywords of type boolean are typically options which can be
23enabled or disabled, as specified by their arguments.  Legal arguments
24are
25.I on
26or
27.IR off .
28.IP string
29Keywords of type string are typically filenames.  Any argument
30is legal; the configuration option is assigned the first
31argument following the keyword.
32.IP user-list
33Keywords of type user-list take one or more arguments, which may
34either be a number representing a user-id or a username.
35.IP regexp-argument
36Keywords of type regexp-argument take the first argument as a regular
37expression.  The remainder of the line is kept as a string which
38applies if the regular expression matches the filesystem being
39attached or detached. 
40.IP regexp-list
41Keywords of type regexp-list take oneor more arguments, which are
42regular expressions.
43.PP
44The following keywords are supported in attach.conf:
45.IP "verbose (type boolean) (default: on)"
46If this option is on, then messages indicating success or failure are
47printed as each filesystem is attached or detached.  If this option is
48off, only error messages are printed.
49.IP "debug (type boolean) (default: off)"
50If this option is on, then various debuging messages are printed as
51the attach or detach operation proceeds.  This is normally only of
52interest to attach developers.
53.IP "ownercheck (type boolean) (default: off)"
54If this option is on, then only the user which attached a filesystem
55may detach it. 
56.I Trusted users
57(as specified by the
58.B trusted
59keyword) may use the -override (-O) flag to forcibly detach a
60filesystem attached by another user.
61.IP "keep-mount (type boolean) (default: off)"
62If this option is on, then when a user attaches a filesystem
63which is already mounted but not in attachtab a flag is set so that
64when that filesystem is detached, its entry is removed from attachtab
65without unmounting it.  This is useful to prevent users from being
66able to forcibly unmount partitions by attaching them and then
67detaching them.
68.IP "nfs-root-hack (type boolean) (default: on)"
69This option affects the construction of the default mount point for
70explicit NFS attaches.  The default mount point is constructed by
71appending the value of
72.I nfs-mount-dir
73followed by the hostname of the NFS server, followed by the remotely
74mounted directory.  If
75.I nfs-root-hack
76is on, then if the remotely mounted directory is the root (/), it is
77replaced by ``/root'' for the purposes of contructing the default
78mount point.
79.IP "nfs-mount-dir (type string) (default: /)"
80This option affects the construction of the default mount point for
81explicit NFS attaches.  See the description for
82.I nfs-root-hack
83above.
84.IP "attachtab (type string) (default: /usr/tmp/attachtab)"
85This option specifies the location of the
86.I attachtab(5)
87file.  It is generally located in /usr/tmp, /etc, or /site/etc.
88.IP "mtab (type string) (default: /etc/mtab)"
89This option specifies the location of the
90.I mtab(5)
91file.  Since other programs, such as mount(8) and umount(8) expect
92mtab to be in /etc, it is probably unwise to change the location of
93this file.
94.IP "aklog (type string)"
95(default: /afs/athena/mit/andrew/@sys/aklog)
96
97This keyword specifies the location of the
98.I aklog
99- program.  It is used to authenticate the user to the AFS system.
100.IP "fsck (type string) (default: /etc/fsck)"
101This option specifies the location of
102.IR fsck(8) ,
103which is used to check the integrity of a Unix filesystem.  It is used
104when UFS or RVD filesystems are attached.
105.IP "trusted (type user-list) (default: root)"
106This option allows the system administrator to specify a list of
107trusted users who are allowed to use certain restricted options found
108in
109.I attach(1)
110and
111.IR detach(1) .
112This includes the ability to detach a filesystem owned by another user
113(if ownercheck is enabled) and the ability to force a filesystem to be
114mounted without the nosuid mount option.
115.IP "nosetuid or nosuid (type regexp-list)"
116Filesystems which match the regular expresions listed as arguments are
117mounted with the nosuid flag.  This instructs the operating system to
118disregard set-uid flags found on files in the mounted filesystem.
119(See mount(8) for more information.)
120.IP "setuid or suid (type regexp-list)"
121Filesystems which match the regular expresions listed as arguments are
122mounted without the nosuid flag.
123.IP "allow (type regexp-list)"
124Filesystems which match the regular expresions listed as arguments may
125be mounted with attach.
126.IP "noallow (type regexp-list)"
127Filesystems which match the regular expresions listed as arguments may
128not be mounted with attach.  This prohibition can be bypassed with the
129-override (-O) flag, if the user is one of the ``trusted users.''
130.IP "mountpoint (type regexp-list)"
131Mountpoint which match one of the regular expressions listed as
132arguments are allowed.
133.IP "nomountpoint (type regexp-list)"
134Mountpoint which match one of the regular expressions listed as
135arguments are not allowed.   This prohibition can be bypassed with the
136-override (-O) flag, if the user is one of the ``trusted users.''
137.IP "filesystem (type string-argument)"
138This keyword allows the system administrator to give a filesystem
139definition for a filesystem.  Definitions in attach.conf take
140precedence over Hesiod(3) definitions..
141.IP "options (type regexp-argument)"
142Filesystems which match the regular expresions listed as arguments are
143mounted with the specified argument as a mount option.  This is
144particularly useful in forcing the NFS packet size to something which
145can be handled by local gateways.  This can be done including the
146following line in attach.conf:
147.IP
148options {nfs}:.*        rsize=1024,wsize=1024
149.PP
150.SH "FILESYSTEM DEFINITIONS"
151Filesystem definitions are used by attach to determine how a named
152filesystem should be attached.  These definitions can be found either
153in attach.conf or by performing Hesiod(3) lookup.  In general, the
154definition consists of a filesystem type (NFS, RVD, UFS, etc.)
155followed by information specific to that fileststem type.  Here are
156some typical filesystem definitions, as would be found in
157attach.conf (in Hesiod, the first two fields would be absent and the
158definition would be keyed to a filesystem name):
159
160.nf
161filesystem thor:site    UFS /dev/ra0g w /site
162filesystem priam:slush  NFS /slush priam w /priam/slush
163filesystem tytso-afs    AFS /afs/athena/mit/tytso w /mit/tytso-afs
164filesystem bldge40test-vsusr-63A        AFS /afs/testers/@sys/urvd r /urvd
165filesystem bldgw20-vsusr-62A filsys     RVD vsusr slartibartfast r /urvd
166filesystem games        ERR Sorry, the games filesystem is not available
167.fi
168.PP
169The following are the supported filesystem types and the format a
170filesystem definition for that type:
171.IP NFS
172.IP RVD
173.IP UFS
174.IP AFS
175.IP ERR
176.SH "EXTENSIONS TO REGEULAR EXPRESIONS"
177Regular expressions in an attach.conf file can be prefixed by a
178.IR type-delimiter ,
179an optional string delimited by curly braces and followed a colon.  If
180this string is present, it consists of a list of filesystem types
181separated by commas.  The regular expression is matched against the
182filesystem only if the filesystem type matches one of the filesystem
183types listed in the
184.IR type-delimiter .
185The
186.I type-delimiter
187may be prefixed by a caret (^), which reverses the
188.I type-delimiter
189check.  That is, the regular expression is considered only if the
190filesystem type is
191.I not
192one listed in the
193.IR type-delimiter .
194The
195.I type-delimiter
196may be further optionally prefixed with either a plus (+) or minus (-) sign.
197If present, the plus sign indicates that the regular expression should
198be considered only if the filesystem was explicitly definied on the
199command line.  Likewise, the minus sign indicates that the regular
200expression should be considered only if the filesystem was not
201explicitly definied.
202.SH BUGS
203
204.SH FILES
205/etc/athena/attach.conf
206.SH SEE ALSO
207attach(1), attachtab(5)
Note: See TracBrowser for help on using the repository browser.