nbd-server.</para>
<para>The default configuration file is
- <filename>@SCD@/nbd-server/config</filename>, but this
+ <filename>@sysconfdir@/nbd-server/config</filename>, but this
can be varied with the <option>-C</option> option to
<command>nbd-server</command>(1).
</para>
<listitem>
<para>
Optional; string; default
- <filename>@SCD@/nbd-server/allow</filename>.
+ <filename>@sysconfdir@/nbd-server/allow</filename>.
</para>
<para>
The name of the authorization file for this export. This
- file should contain one line per IP-address, and must not
- contain wildcards of any kind or empty lines. If the file
+ file should contain one line per IP-address, or per
+ network (which must be specified in CIDR-style
+ <option><replaceable>network</replaceable>/<replaceable>masklen</replaceable></option>)
+ and must not contain empty lines. If the file
does not exist, everyone is allowed to connect. If the
file exists but is empty, nobody is allowed to
connect. Otherwise, <command>nbd-server</command> will
will use sparse files to implement the copy-on-write
option; such files take up less space then they appear to,
which allows <command>nbd-server</command> to handle the
- file as if it was just as large as the block device it's for.
+ file as if it was just as large as the block device it's
+ for.
</para>
<para>
If this option is disabled, <command>nbd-server</command>
</para>
<variablelist>
<varlistentry>
+ <term><option>none</option></term>
+ <listitem>
+ <para>
+ No virtualization. Will attempt to open the filename
+ as it was written, even if it contains '%s' in the
+ name.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
<term><option>ipliteral</option></term>
<listitem>
<para>
after it. <command>nbd-server</command> will use the
number as a network mask in CIDR style, and use that
as a hash cutoff point. In the above example, if
- <option>virtstyle</option> has been specified
- as <constant>cidrhash 16</constant>, then
+ <option>virtstyle</option> has been specified as
+ <constant>cidrhash 16</constant>, then
<command>nbd-server</command> will try to open
- <filename>/export/192.168.0.0/192.168.1.100</filename>; if
- <option>virtstyle</option> were specified as
+ <filename>/export/192.168.0.0/192.168.1.100</filename>;
+ if <option>virtstyle</option> were specified as
<constant>cidrhash 26</constant>, then
<command>nbd-server</command> will try to open
<filename>/export/192.168.1.64/192.168.1.100</filename>.
</variablelist>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>prerun</option></term>
+ <listitem>
+ <para>Optional; string</para>
+ <para>
+ If specified, then this command will be ran after a
+ client has connected to the server (and has been
+ accepted), but before the server starts serving. If
+ the command contains the literal string '%s', then
+ this string will be replaced by the filename of the
+ file which nbd-server wants to export.
+ </para>
+ <para>
+ This is useful to create export files on the fly, or
+ to verify that a file can be used for export, to
+ write something to a log file, or similar.
+ </para>
+ <para>
+ If the command runs with a non-zero exit status,
+ then nbd-server will assume the export will fail,
+ and refuse to serve it.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>postrun</option></term>
+ <listitem>
+ <para>Optional; string</para>
+ <para>
+ If specified, then it is assumed to be a command
+ that will be ran when a client has
+ disconnected. This can be useful to clean up
+ whatever <option>prerun</option> has set up, to log
+ something, or similar.
+ </para>
+ <para>
+ If the literal string '%s' is present in the
+ command, it will be replaced by the file name that
+ has just been closed.
+ </para>
+ <para>
+ In contrast to the <option>prerun</option> option,
+ the exit state of <option>postrun</option> is
+ <emphasis>ignored</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
</variablelist>
-
- </refsect1>
- <refsect1>
- <title>EXAMPLES</title>
- <para>Some examples of nbd-server usage:</para>
- <itemizedlist mark="none">
- <listitem>
- <para>To export a file /export/nbd/exp-bl-dev on port 2000:</para>
- <para><command>nbd-server 2000 /export/nbd/exp-bl-dev</command></para>
- </listitem>
- <listitem>
- <para>To export a the same file read-only:</para>
- <para><command>nbd-server 2000 /export/nbd/exp-bl-dev -r</command></para>
- </listitem>
- <listitem>
- <para>To export the same file read-write, but make sure
- changes are lost after restarting the client or the
- server:</para>
- <para><command>nbd-server 2000 /export/nbd/exp-bl-dev
- -c</command></para>
- </listitem>
- </itemizedlist>
+
</refsect1>
<refsect1>
<title>SEE ALSO</title>
version 2, as published by the Free Software Foundation.</para>
</refsect1>
+ <refsect1>
+ <title>EXAMPLES</title>
+ <para>A simple <command>nbd-server</command> configuration file
+ would look like this:</para>
+ <programlisting>
+ [generic]
+ [export]
+ exportname = /export/blkdev
+ port = 12345
+ </programlisting>
+ <para>For increased security, one might want to create an
+ authorization file, and set the UID and GID to run as:</para>
+ <programlisting>
+ [generic]
+ user = nbd
+ group = nbd
+ [export]
+ exportname = /export/blkdev
+ port = 12345
+ authfile = /etc/nbd-server/allow
+ </programlisting>
+ <para>With /etc/nbd-server/allow containing the following:</para>
+ <programlisting>
+ 127.0.0.1
+ 192.168.0.0/8
+ 192.168.1.1
+ </programlisting>
+ </refsect1>
</refentry>
<!-- Keep this comment at the end of the file