1 | .TH ATTACH.CONF 5 "July 4, 1989" |
---|
2 | .SH NAME |
---|
3 | attach.conf \- attach configuration file |
---|
4 | .SH DESCRIPTION |
---|
5 | The behavior of |
---|
6 | .IR Attach , detach , |
---|
7 | and |
---|
8 | .I nfsid |
---|
9 | are controlled by attach.conf. These programs read /etc/athena/attach.conf |
---|
10 | when they start up, so the system administrator can customize their |
---|
11 | behavior without needing to recompile the programs. |
---|
12 | |
---|
13 | The format of attach.conf is line oriented, with one configuration |
---|
14 | option per line. Blank lines and lines which begin with a pound sign |
---|
15 | (#) are ignored as comments. The configuration keyword is the first |
---|
16 | whitespace-delimited string on the line, with its arguments following |
---|
17 | it, also delimited by whitespace. |
---|
18 | |
---|
19 | There are several different types of keywords, which determine what |
---|
20 | type of argument or arguments they require. |
---|
21 | .IP boolean |
---|
22 | Keywords of type boolean are typically options which can be |
---|
23 | enabled or disabled, as specified by their arguments. Legal arguments |
---|
24 | are |
---|
25 | .I on |
---|
26 | or |
---|
27 | .IR off . |
---|
28 | .IP string |
---|
29 | Keywords of type string are typically filenames. Any argument |
---|
30 | is legal; the configuration option is assigned the first |
---|
31 | argument following the keyword. |
---|
32 | .IP user-list |
---|
33 | Keywords of type user-list take one or more arguments, which may |
---|
34 | either be a number representing a user-id or a username. |
---|
35 | .IP regexp-argument |
---|
36 | Keywords of type regexp-argument take the first argument as a regular |
---|
37 | expression. The remainder of the line is kept as a string which |
---|
38 | applies if the regular expression matches the filesystem being |
---|
39 | attached or detached. |
---|
40 | .IP regexp-list |
---|
41 | Keywords of type regexp-list take oneor more arguments, which are |
---|
42 | regular expressions. |
---|
43 | .PP |
---|
44 | The following keywords are supported in attach.conf: |
---|
45 | .IP "verbose (type boolean) (default: on)" |
---|
46 | If this option is on, then messages indicating success or failure are |
---|
47 | printed as each filesystem is attached or detached. If this option is |
---|
48 | off, only error messages are printed. |
---|
49 | .IP "debug (type boolean) (default: off)" |
---|
50 | If this option is on, then various debuging messages are printed as |
---|
51 | the attach or detach operation proceeds. This is normally only of |
---|
52 | interest to attach developers. |
---|
53 | .IP "ownercheck (type boolean) (default: off)" |
---|
54 | If this option is on, then only the user which attached a filesystem |
---|
55 | may detach it. |
---|
56 | .I Trusted users |
---|
57 | (as specified by the |
---|
58 | .B trusted |
---|
59 | keyword) may use the -override (-O) flag to forcibly detach a |
---|
60 | filesystem attached by another user. |
---|
61 | .IP "keep-mount (type boolean) (default: off)" |
---|
62 | If this option is on, then when a user attaches a filesystem |
---|
63 | which is already mounted but not in attachtab a flag is set so that |
---|
64 | when that filesystem is detached, its entry is removed from attachtab |
---|
65 | without unmounting it. This is useful to prevent users from being |
---|
66 | able to forcibly unmount partitions by attaching them and then |
---|
67 | detaching them. |
---|
68 | .IP "nfs-root-hack (type boolean) (default: on)" |
---|
69 | This option affects the construction of the default mount point for |
---|
70 | explicit NFS attaches. The default mount point is constructed by |
---|
71 | appending the value of |
---|
72 | .I nfs-mount-dir |
---|
73 | followed by the hostname of the NFS server, followed by the remotely |
---|
74 | mounted directory. If |
---|
75 | .I nfs-root-hack |
---|
76 | is on, then if the remotely mounted directory is the root (/), it is |
---|
77 | replaced by ``/root'' for the purposes of contructing the default |
---|
78 | mount point. |
---|
79 | .IP "nfs-mount-dir (type string) (default: /)" |
---|
80 | This option affects the construction of the default mount point for |
---|
81 | explicit NFS attaches. See the description for |
---|
82 | .I nfs-root-hack |
---|
83 | above. |
---|
84 | .IP "attachtab (type string) (default: /usr/tmp/attachtab)" |
---|
85 | This option specifies the location of the |
---|
86 | .I attachtab(5) |
---|
87 | file. It is generally located in /usr/tmp, /etc, or /site/etc. |
---|
88 | .IP "mtab (type string) (default: /etc/mtab)" |
---|
89 | This option specifies the location of the |
---|
90 | .I mtab(5) |
---|
91 | file. Since other programs, such as mount(8) and umount(8) expect |
---|
92 | mtab to be in /etc, it is probably unwise to change the location of |
---|
93 | this file. |
---|
94 | .IP "aklog (type string)" |
---|
95 | (default: /afs/athena/mit/andrew/@sys/aklog) |
---|
96 | |
---|
97 | This keyword specifies the location of the |
---|
98 | .I aklog |
---|
99 | - program. It is used to authenticate the user to the AFS system. |
---|
100 | .IP "fsck (type string) (default: /etc/fsck)" |
---|
101 | This option specifies the location of |
---|
102 | .IR fsck(8) , |
---|
103 | which is used to check the integrity of a Unix filesystem. It is used |
---|
104 | when UFS or RVD filesystems are attached. |
---|
105 | .IP "trusted (type user-list) (default: root)" |
---|
106 | This option allows the system administrator to specify a list of |
---|
107 | trusted users who are allowed to use certain restricted options found |
---|
108 | in |
---|
109 | .I attach(1) |
---|
110 | and |
---|
111 | .IR detach(1) . |
---|
112 | This includes the ability to detach a filesystem owned by another user |
---|
113 | (if ownercheck is enabled) and the ability to force a filesystem to be |
---|
114 | mounted without the nosuid mount option. |
---|
115 | .IP "nosetuid or nosuid (type regexp-list)" |
---|
116 | Filesystems which match the regular expresions listed as arguments are |
---|
117 | mounted with the nosuid flag. This instructs the operating system to |
---|
118 | disregard set-uid flags found on files in the mounted filesystem. |
---|
119 | (See mount(8) for more information.) |
---|
120 | .IP "setuid or suid (type regexp-list)" |
---|
121 | Filesystems which match the regular expresions listed as arguments are |
---|
122 | mounted without the nosuid flag. |
---|
123 | .IP "allow (type regexp-list)" |
---|
124 | Filesystems which match the regular expresions listed as arguments may |
---|
125 | be mounted with attach. |
---|
126 | .IP "noallow (type regexp-list)" |
---|
127 | Filesystems which match the regular expresions listed as arguments may |
---|
128 | not be mounted with attach. This prohibition can be bypassed with the |
---|
129 | -override (-O) flag, if the user is one of the ``trusted users.'' |
---|
130 | .IP "mountpoint (type regexp-list)" |
---|
131 | Mountpoint which match one of the regular expressions listed as |
---|
132 | arguments are allowed. |
---|
133 | .IP "nomountpoint (type regexp-list)" |
---|
134 | Mountpoint which match one of the regular expressions listed as |
---|
135 | arguments are not allowed. This prohibition can be bypassed with the |
---|
136 | -override (-O) flag, if the user is one of the ``trusted users.'' |
---|
137 | .IP "filesystem (type string-argument)" |
---|
138 | This keyword allows the system administrator to give a filesystem |
---|
139 | definition for a filesystem. Definitions in attach.conf take |
---|
140 | precedence over Hesiod(3) definitions.. |
---|
141 | .IP "options (type regexp-argument)" |
---|
142 | Filesystems which match the regular expresions listed as arguments are |
---|
143 | mounted with the specified argument as a mount option. This is |
---|
144 | particularly useful in forcing the NFS packet size to something which |
---|
145 | can be handled by local gateways. This can be done including the |
---|
146 | following line in attach.conf: |
---|
147 | .IP |
---|
148 | options {nfs}:.* rsize=1024,wsize=1024 |
---|
149 | .PP |
---|
150 | .SH "FILESYSTEM DEFINITIONS" |
---|
151 | Filesystem definitions are used by attach to determine how a named |
---|
152 | filesystem should be attached. These definitions can be found either |
---|
153 | in attach.conf or by performing Hesiod(3) lookup. In general, the |
---|
154 | definition consists of a filesystem type (NFS, RVD, UFS, etc.) |
---|
155 | followed by information specific to that fileststem type. Here are |
---|
156 | some typical filesystem definitions, as would be found in |
---|
157 | attach.conf (in Hesiod, the first two fields would be absent and the |
---|
158 | definition would be keyed to a filesystem name): |
---|
159 | |
---|
160 | .nf |
---|
161 | filesystem thor:site UFS /dev/ra0g w /site |
---|
162 | filesystem priam:slush NFS /slush priam w /priam/slush |
---|
163 | filesystem tytso-afs AFS /afs/athena/mit/tytso w /mit/tytso-afs |
---|
164 | filesystem bldge40test-vsusr-63A AFS /afs/testers/@sys/urvd r /urvd |
---|
165 | filesystem bldgw20-vsusr-62A filsys RVD vsusr slartibartfast r /urvd |
---|
166 | filesystem games ERR Sorry, the games filesystem is not available |
---|
167 | .fi |
---|
168 | .PP |
---|
169 | The following are the supported filesystem types and the format a |
---|
170 | filesystem definition for that type: |
---|
171 | .IP NFS |
---|
172 | .IP RVD |
---|
173 | .IP UFS |
---|
174 | .IP AFS |
---|
175 | .IP ERR |
---|
176 | .SH "EXTENSIONS TO REGEULAR EXPRESIONS" |
---|
177 | Regular expressions in an attach.conf file can be prefixed by a |
---|
178 | .IR type-delimiter , |
---|
179 | an optional string delimited by curly braces and followed a colon. If |
---|
180 | this string is present, it consists of a list of filesystem types |
---|
181 | separated by commas. The regular expression is matched against the |
---|
182 | filesystem only if the filesystem type matches one of the filesystem |
---|
183 | types listed in the |
---|
184 | .IR type-delimiter . |
---|
185 | The |
---|
186 | .I type-delimiter |
---|
187 | may be prefixed by a caret (^), which reverses the |
---|
188 | .I type-delimiter |
---|
189 | check. That is, the regular expression is considered only if the |
---|
190 | filesystem type is |
---|
191 | .I not |
---|
192 | one listed in the |
---|
193 | .IR type-delimiter . |
---|
194 | The |
---|
195 | .I type-delimiter |
---|
196 | may be further optionally prefixed with either a plus (+) or minus (-) sign. |
---|
197 | If present, the plus sign indicates that the regular expression should |
---|
198 | be considered only if the filesystem was explicitly definied on the |
---|
199 | command line. Likewise, the minus sign indicates that the regular |
---|
200 | expression should be considered only if the filesystem was not |
---|
201 | explicitly definied. |
---|
202 | .SH BUGS |
---|
203 | |
---|
204 | .SH FILES |
---|
205 | /etc/athena/attach.conf |
---|
206 | .SH SEE ALSO |
---|
207 | attach(1), attachtab(5) |
---|