.\" sm-notify(8)
.\"
.\" Copyright (C) 2004 Olaf Kirch <okir@suse.de>
-.TH sm-notify 8 "8 Mar 2004
+.TH sm-notify 8 "19 Mar 2007
.SH NAME
sm-notify \- Send out NSM reboot notifications
.SH SYNOPSIS
-.BI "/sbin/sm-notify [-d] [-q] [-m " time "]
+.BI "/sbin/sm-notify [-dfq] [-m " time "] [-p " port "] [-P " path "] [-v " my_name " ]
.SH DESCRIPTION
-File locking over NFS requires a facility to notify peers in
+File locking over NFS (v2 and v3) requires a facility to notify peers in
case of a reboot, so that clients can reclaim locks after
a server crash, and/or
servers can release locks held by the rebooted client.
The protocol used for this is called NSM, for
.IR "Network Status Monitor" .
.PP
-Commonly, these two features are provided by the
+This implementation separates these into separate program.
.B rpc.statd
-daemon.
-The SuSE Linux Kernel includes a kernel level implementation
-of
-.BR statd ", "
-which keeps track of the hosts that need notifications, and
-accepts reboot notifications.
-.PP
-This is complemented by the
+tracks hosts which need to be notified and this
+.B sm-notify
+performs the notification. When
+.B rpc.statd
+is started it will typically started
.B sm-notify
-application, which is responsible for sending out the reboot
-notifications.
+but this is configurable.
.SS Operation
For each NFS client or server machine to be monitored,
-the kernel level
-.B statd
+.B rpc.statd
creates a file in
.BR /var/lib/nfs/sm ", "
and removes the file if monitoring is no longer required.
.BR /var/lib/nfs/state ,
and updated by
.BR sm-notify .
+.SS Security
+.B sm-notify
+has little need for root privileges and so drops them as soon as
+possible.
+It continues to need to make changes to the
+.B sm
+and
+.B sm.bak
+directories so to be able to drop privileges, these must be writable
+by a non-privileged user. If these directories are owned by a
+non-root user,
+.B sm-notify
+will drop privilege to match that user once it has created sockets for
+sending out request (for which it needs privileged) but before it
+processes any reply (which is the most likely source of possible
+privilege abuse).
.SH OPTIONS
.TP
.BI -m " failtime
sm-notify to retry indefinitely; any other value is
interpreted as the maximum retry time in minutes.
.TP
-.BI -v " ipaddr
+.BI -v " ipaddr-or-hostname
This option tells
.B sm-notify
to bind to the specified
.IR ipaddr ,
+(or the ipaddr of the given
+.IR hostname )
so that all notification packets originate from this address.
-This is useful for NFS failover.
+This is useful for NFS failover. The given name is also used as the
+.I name
+of this host in the NSM request.
.TP
.BI -p " port
instructs
Be quiet. This suppresses all messages except error
messages while collecting the list of hosts.
.TP
+.BI -P " /path/to/state/directory
+If
+.B sm-notify
+should look in a no-standard place of state file, the path can be
+given here. The directories
+.B sm
+and
+.B sm.bak
+and the file
+.B state
+must exist in that directory with the standard names.
+.TP
+.B -f
+If the state path has not been reset with
+.BR -P ,
+.B sm-notify
+will normally create a file in
+.B /var/run
+to indicate that it has been
+run. If this file is found when
+.B sm-notify
+starts, it will not run again (as it is normally only needed once per
+reboot).
+If
+.B -f
+(for
+.BR force )
+is given,
+.B sm-notify
+will run even if the file in
+.B /var/run
+is present.
+.TP
.B -n
-Do not update the NSM state. This is for testing only.
+Do not update the NSM state. This is for testing only. Setting this
+flag implies
+.BR -f .
.TP
.B -d
Enables debugging.
.BR /var/lib/nfs/sm/*
.br
.BR /var/lib/nfs/sm.bak/*
+.br
+.BR /var/run/sm-notify.pid
.SH SEE ALSO
.BR rpc.nfsd(8),
.BR portmap(8)
projects / nfs-utils.git / blobdiff