X-Git-Url: https://git.decadent.org.uk/gitweb/?p=nfs-utils.git;a=blobdiff_plain;f=utils%2Fexportfs%2Fexports.man;h=f9e8304a9512c0eb22bd59bf330068f4a53b2b8d;hp=8e6f880ec02f034439faa168f5467d48cdddcbad;hb=176a53c54701719559c782d1ca513c1c26c883c6;hpb=7d71ff8e3825a7f8c2d5c9b5b9344e95e7aa1392

diff --git a/utils/exportfs/exports.man b/utils/exportfs/exports.man
index 8e6f880..f9e8304 100644
--- a/utils/exportfs/exports.man
+++ b/utils/exportfs/exports.man
@@ -45,9 +45,11 @@ or restart the NFS server.
 .SS Machine Name Formats
 NFS clients may be specified in a number of ways:
 .IP "single host
-This is the most common format. You may specify a host either by an
+You may specify a host either by an
 abbreviated name recognized be the resolver, the fully qualified domain
-name, an IPv4 address, or an IPv6 address.
+name, an IPv4 address, or an IPv6 address. IPv6 addresses must not be
+inside square brackets in /etc/exports lest they be confused with
+character-class wildcard matches.
 .IP "IP networks
 You can also export directories to all hosts on an IP (sub-) network
 simultaneously. This is done by specifying an IP address and netmask pair
@@ -57,11 +59,10 @@ where the netmask can be specified in dotted-decimal format, or as a
 contiguous mask length.
 For example, either `/255.255.252.0' or `/22' appended
 to the network base IPv4 address results in identical subnetworks with 10 bits
-of host. IPv6 addresses must use a contiguous mask length. Wildcard characters
-generally do not work on IP addresses, though they
+of host. IPv6 addresses must use a contiguous mask length and must not be inside square brackets to avoid confusion with character-class wildcards. Wildcard characters generally do not work on IP addresses, though they
 may work by accident when reverse DNS lookups fail.
 .IP "wildcards
-Machine names may contain the wildcard characters \fI*\fR and \fI?\fR.
+Machine names may contain the wildcard characters \fI*\fR and \fI?\fR, or may contain character class lists within [square brackets].
 This can be used to make the \fIexports\fR file more compact; for instance,
 \fI*.cs.foo.edu\fR matches all hosts in the domain
 \fIcs.foo.edu\fR.  As these characters also match the dots in a domain
@@ -129,7 +130,7 @@ this way are ro, rw, no_root_squash, root_squash, and all_squash.
 .BR exportfs
 understands the following export options:
 .TP
-.IR secure "\*d
+.IR secure
 This option requires that requests originate on an Internet port less
 than IPPORT_RESERVED (1024). This option is on by default. To turn it
 off, specify
@@ -488,6 +489,7 @@ The format for extra export tables is the same as
 /pub            *(ro,insecure,all_squash)
 /srv/www        \-sync,rw server @trusted @external(ro)
 /foo            2001:db8:9:e54::/64(rw) 192.0.2.0/24(rw)
+/build          buildhost[0-9].local.domain(rw)
 '''/pub/private    (noaccess)
 .fi
 .PP
@@ -504,7 +506,8 @@ don't use a reserved port for NFS.
 The sixth line exports a directory read-write to the machine 'server'
 as well as the `@trusted' netgroup, and read-only to netgroup `@external',
 all three mounts with the `sync' option enabled. The seventh line exports
-a directory to both an IPv6 and an IPv4 subnet.
+a directory to both an IPv6 and an IPv4 subnet. The eighth line demonstrates
+a character class wildcard match.
 ''' The last line denies all NFS clients
 '''access to the private directory.
 '''.SH CAVEATS