.PP
The file format is similar to the SunOS
.I exports
-file, except that several additional options are permitted. Each line
-contains an export point and a list of machine or netgroup names allowed
-to mount the file system at that point. An optional parenthesized list
-of export parameters may follow each machine name. Blank lines are
-ignored, and a # introduces a comment to the end of the line. Entries may
-be continued across newlines using a backslash.
+file. Each line contains an export point and a whitespace-separated list
+of clients allowed to mount the file system at that point. Each listed
+client may be immediately followed by a parenthesized, comma-separated
+list of export options for that client. No whitespace is permitted
+between a client and its option list.
+.PP
+Blank lines are ignored. A pound sign ("#") introduces a comment to the
+end of the line. Entries may be continued across newlines using a
+backslash. If an export name contains spaces it should be quoted using
+double quotes. You can also specify spaces or other unusual character in
+the export name using a backslash followed by the character code as three
+octal digits.
.PP
.SS Machine Name Formats
NFS clients may be specified in a number of ways:
.IP "wildcards
Machine names may contain the wildcard characters \fI*\fR and \fI?\fR.
This can be used to make the \fIexports\fR file more compact; for instance,
-\fI*.cs.foo.edu\fR matches all hosts in the domain \fIcs.foo.edu\fR. However,
-these wildcard characters do not match the dots in a domain name, so the
-above pattern does not include hosts such as \fIa.b.cs.foo.edu\fR.
+\fI*.cs.foo.edu\fR matches all hosts in the domain
+\fIcs.foo.edu\fR. As these characters also match the dots in a domain
+name, the given pattern will also match all hosts within any subdomain
+of \fIcs.foo.edu\fR.
.IP "IP networks
You can also export directories to all hosts on an IP (sub-) network
simultaneously. This is done by specifying an IP address and netmask pair
as
-.IR address/netmask .
-.TP
+.IR address/netmask
+where the netmask can be specified in dotted-decimal format, or as a
+contiguous mask length (for example, either `/255.255.252.0' or `/22' appended
+to the network base address result in identical subnetworks with 10 bits of
+host). Wildcard characters generally do not work on IP addresses, though they
+may work by accident when reverse DNS lookups fail.
+'''.TP
'''.B =public
'''This is a special ``hostname'' that identifies the given directory name
'''as the public root directory (see the section on WebNFS in
'''.B \-\-public\-root
'''option. Multiple specifications of a public root will be ignored.
.PP
+.SS RPCSEC_GSS security
+To restrict access to an export using rpcsec_gss security, use the special
+string "gss/krb5" as the client. It is not possible to simultaneously require
+rpcsec_gss and to make requirements on the IP address of the client.
+.PP
.SS General Options
.IR exportfs
understands the following export options:
the
.IR ro " option.
.TP
-.IR sync
-This option requests that all file writes be committed to disc before
-the write request completes. This is required for complete safety of
-data in the face of a server crash, but incurs a performance hit.
-The default is to allow the server to write the data out whenever it
-is ready. This can be explicitly requested with the
-.IR async " option.
+.IR async
+This option allows the NFS server to violate the NFS protocol and
+reply to requests before any changes made by that request have been
+committed to stable storage (e.g. disc drive).
+
+Using this option usually improves performance, but at the cost that
+an unclean server restart (i.e. a crash) can cause data to be lost or
+corrupted.
+
+In releases of nfs-utils upto and including 1.0.0, this option was the
+default. In this and future releases,
+.I sync
+is the default, and
+.I async
+must be explicit requested if needed.
+To help make system adminstrators aware of this change, 'exportfs'
+will issue a warning if neither
+.I sync
+nor
+.I async
+is specified.
.TP
.IR no_wdelay
-This option only has effect if
-.I sync
+This option has no effect if
+.I async
is also set. The NFS server will normally delay committing a write request
to disc slightly if it suspects that another related write request may be in
progress or may arrive soon. This allows multiple write requests to
'''.TP
'''.IR link_absolute
'''Leave all symbolic link as they are. This is the default operation.
+
+.TP
+.IR mountpoint= path
+.TP
+.I mp
+This option makes it possible to only export a directory if it has
+successfully been mounted.
+If no path is given (e.g.
+.IR mountpoint " or " mp )
+then the export point must also be a mount point. If it isn't then
+the export point is not exported. This allows you to be sure that the
+directory underneath a mountpoint will never be exported by accident
+if, for example, the filesystem failed to mount due to a disc error.
+
+If a path is given (e.g.
+.IR mountpoint= "/path or " mp= /path)
+then the nominted path must be a mountpoint for the exportpoint to be
+exported.
+
+.TP
+.IR fsid= num
+This option forces the filesystem identification portion of the file
+handle and file attributes used on the wire to be
+.I num
+instead of a number derived from the major and minor number of the
+block device on which the filesystem is mounted. Any 32 bit number
+can be used, but it must be unique amongst all the exported filesystems.
+
+This can be useful for NFS failover, to ensure that both servers of
+the failover pair use the same NFS file handles for the shared filesystem
+thus avoiding stale file handles after failover.
+
+Some Linux filesystems are not mounted on a block device; exporting
+these via NFS requires the use of the
+.I fsid
+option (although that may still not be enough).
+
+The value 0 has a special meaning when use with NFSv4. NFSv4 has a
+concept of a root of the overall exported filesystem. The export point
+exported with fsid=0 will be used as this root.
+
.SS User ID Mapping
.PP
.I nfsd
'''# Mapping for client foobar:
'''# remote local
'''uid 0-99 - # squash these
-'''uid 100-500 1000 # map 100-500 to 1000-1500
+'''uid 100-500 1000 # map 100-500 to 1000-1400
'''gid 0-49 - # squash these
'''gid 50-100 700 # map 50-100 to 700-750
'''.fi