int
nfssvc(
int flags
, void *argstructp
)
)
function is used by the NFS daemons to pass information into and out
of the kernel and also to enter the kernel as a server daemon.
The
flags
argument consists of several bits that show what action is to be taken
once in the kernel and the
argstructp
points to one of three structures depending on which bits are set in
flags.
)
is called with the flag
NFSSVC_NFSD
and a pointer to a
struct nfsd_srvargs {
struct nfsd *nsd_nfsd; /* Pointer to in kernel nfsd struct */
uid_t nsd_uid; /* Effective uid mapped to cred */
u_long nsd_haddr; /* Ip address of client */
struct ucred nsd_cr; /* Cred. uid maps to */
int nsd_authlen; /* Length of auth string (ret) */
char *nsd_authstr; /* Auth string (ret) */
};
to enter the kernel as an
nfsd(8)
daemon.
Whenever an
nfsd(8)
daemon receives a Kerberos authentication ticket, it will return from
nfssvc()
with errno set to
ENEEDAUTH
.
The
nfsd(8)
will attempt to authenticate the ticket and generate a set of credentials
on the server for the
``user id''
specified in the field nsd_uid.
This is done by first authenticating the Kerberos ticket and then mapping
the Kerberos principal to a local name and getting a set of credentials for
that user via
getpwnam(3)
and
getgrouplist(3).
If successful, the
nfsd(8)
will call
nfssvc()
with the
NFSSVC_NFSD
and
NFSSVC_AUTHIN
flags set to pass the credential mapping in nsd_cr into the
kernel to be cached on the server socket for that client.
If the authentication failed,
nfsd(8)
calls
nfssvc()
with the flags
NFSSVC_NFSD
and
NFSSVC_AUTHINFAIL
to denote an authentication failure.
The master
nfsd(8)
server daemon calls
nfssvc()
with the flag
NFSSVC_ADDSOCK
and a pointer to a
struct nfsd_args {
int sock; /* Socket to serve */
caddr_t name; /* Client address for connection based sockets */
int namelen; /* Length of name */
};
to pass a server side NFS socket into the kernel for servicing by the nfsd(8) daemons.
)
with the flag
NFSSVC_SETEXPORTSLIST
and a pointer to a
struct
mountd_exports_list
object to atomically change the exports lists of a specific file system.
This structure has the following fields:
ENEEDAUTH
]
EPERM
]
ENEEDAUTH
is not really an error.
Several fields of the argument structures are assumed to be valid and
sometimes to be unchanged from a previous call, such that
nfssvc
must be used with extreme care.