+<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [
+
+<!-- Process this file with docbook-to-man to generate an nroff manual
+ page: `docbook-to-man manpage.sgml > manpage.1'. You may view
+ the manual page with: `docbook-to-man manpage.sgml | nroff -man |
+ less'. A typical entry in a Makefile or Makefile.am is:
+
+manpage.1: manpage.sgml
+ docbook-to-man $< > $@
+ -->
+
+ <!-- Fill in your name for FIRSTNAME and SURNAME. -->
+ <!ENTITY dhfirstname "<firstname>Wouter</firstname>">
+ <!ENTITY dhsurname "<surname>Verhelst</surname>">
+ <!-- Please adjust the date whenever revising the manpage. -->
+ <!ENTITY dhdate "<date>$Date: 2006-10-18 15:01:57 +0200 (wo, 18 okt 2006) $</date>">
+ <!-- SECTION should be 1-8, maybe w/ subsection other parameters are
+ allowed: see man(7), man(1). -->
+ <!ENTITY dhsection "<manvolnum>5</manvolnum>">
+ <!ENTITY dhemail "<email>wouter@debian.org</email>">
+ <!ENTITY dhusername "Wouter Verhelst">
+ <!ENTITY dhucpackage "<refentrytitle>NBD-SERVER</refentrytitle>">
+ <!ENTITY dhpackage "@sysconfdir@/nbd-server/config">
+
+ <!ENTITY debian "<productname>Debian GNU/Linux</productname>">
+ <!ENTITY gnu "<acronym>GNU</acronym>">
+]>
+
+<refentry>
+ <refentryinfo>
+ <address>
+ &dhemail;
+ </address>
+ <author>
+ &dhfirstname;
+ &dhsurname;
+ </author>
+ <copyright>
+ <year>2006</year>
+ <holder>&dhusername;</holder>
+ </copyright>
+ &dhdate;
+ </refentryinfo>
+ <refmeta>
+ &dhucpackage;
+
+ &dhsection;
+ </refmeta>
+ <refnamediv>
+ <refname>&dhpackage;</refname>
+
+ <refpurpose>configuration file for nbd-server</refpurpose>
+ </refnamediv>
+ <refsynopsisdiv>
+ <cmdsynopsis>
+ <command>&dhpackage; </command>
+
+ </cmdsynopsis>
+ </refsynopsisdiv>
+ <refsect1>
+ <title>DESCRIPTION</title>
+
+ <para><command>&dhpackage;</command> allows to configure the
+ nbd-server.</para>
+
+ <para>While
+ <filename>@sysconfdir@/nbd-server/config</filename> is the default
+ configuration file, this can be varied with the <option>-C</option>
+ option to <command>nbd-server</command>(1).
+ </para>
+ <para>
+ The configuration file consists of section header lines, comment
+ lines, and option lines.
+ </para>
+ <para>
+ A section header is a unique name that
+ is enclosed in square brackets ("[" and "]"). A section header
+ denotes the beginning of a section; a section continues until
+ the next section or the end of the file, whichever is first. The
+ first section in the configuration file must be called
+ <option>generic</option>, and is used for global options that
+ apply to more than one export. This section must always be
+ present, even if it holds no options. Every other section
+ defines one export; the names of these sections are not
+ important, except that you should take care to make sure that
+ each section name is unique. The section name is used as the name
+ for the export in case the client connects with a name rather than
+ a port to specify an export, and must therefore be unique.
+ </para>
+ <para>
+ A comment line is a line that starts with optional whitespace,
+ followed by a pound sign ("#"), and continues until the end of
+ the line. Comments may <emphasis>not</emphasis> be used on
+ option lines or section header lines.
+ </para>
+ <para>
+ An option line is a line that starts with an option name,
+ followed by an equals sign ("="), followed by the option
+ value. An option can be of type string, of type integer, or of
+ type boolean. The value of a boolean option can be denoted with
+ either true or false (so not yes, no, on, off, 1, or 0). All
+ booleans default to false unless specified otherwise. No value
+ may be quoted; always enter it directly. For a string option,
+ leading whitespace is stripped (but trailing whitespace is not).
+ </para>
+
+ </refsect1>
+ <refsect1>
+ <title>OPTIONS FOR SECTION [generic]</title>
+
+ <!-- These are in alphabetical order, please keep it that way -->
+ <variablelist>
+ <varlistentry>
+ <term><option>group</option></term>
+ <listitem>
+ <para>
+ Optional; string.
+ </para>
+ <para>
+ The name of the group this server must run as. If this
+ parameter is not specified, then nbd-server will not
+ attempt to change its GID (so the GID it runs as will be
+ the primary group of the user who starts nbd-server). If
+ it is specified, then nbd-server will change its GID after
+ opening ports, but before accepting connections or opening
+ files.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>user</option></term>
+ <listitem>
+ <para>
+ Optional; string.
+ </para>
+ <para>
+ The name of the user this server must run as. If this
+ parameter is not specified, then nbd-server will not
+ attempt to change its UID (so the UID it runs as will be
+ the user who starts nbd-server). If it is specified, then
+ nbd-server will change its UID after opening ports, but
+ before accepting connections or opening files.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>oldstyle</option></term>
+ <listitem>
+ <para>
+ Optional; boolean
+ </para>
+ <para>
+ If this option is set to true, nbd-server will export all
+ exports on a separate port with the old (pre-2.9.17)
+ handshake protocol. In that case, the 'port' option for
+ individual exports is mandatory.
+ </para>
+ <para>
+ If the option is set to false, the 'port' option for
+ individual exports is optional (and will be ignored if
+ specified). The server will only export devices on the
+ standard port.
+ </para>
+ <para>
+ For upgrades from pre-2.9.17 versions of nbd, it may be
+ appropriate to enable the oldstyle parameter until all
+ clients have been converted to using name-based exports.
+ </para>
+ <para>
+ Note that exports specified on the command line will
+ always use the old handshake protocol and will not allow
+ name-based exports.
+ </para>
+ <para>
+ Also note that even if this parameter is set to true, all
+ exports will also be made available using the new handshake
+ protocol; it is not possible to switch that off. The reason
+ for this is that the old style protocol will eventually be
+ deprecated, and this option is only available to allow for
+ smooth upgrades.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>listenaddr</option></term>
+ <listitem>
+ <para>
+ Optional; string
+ </para>
+ <para>If this option is set, it should contain the local IP
+ address on which we should listen to
+ <command>nbd-client</command>(8) connections. If it is not
+ set, <command>nbd-server</command> will listen to all
+ local IPv4 and IPv6 addresses. To limit to IPv6, specify the
+ address as "::". To limit to IPv4, specify as "0.0.0.0". It
+ is not possible to specify more than one IP address
+ here.</para>
+ </listitem>
+ </varlistentry
+ </variablelist>
+ </refsect1>
+ <refsect1>
+ <title>OPTIONS FOR EXPORT SECTIONS</title>
+
+ <!-- These are in alphabetical order, please keep it that way -->
+ <variablelist>
+ <varlistentry>
+ <term><option>authfile</option></term>
+ <listitem>
+ <para>
+ Optional; string; default
+ <filename>@sysconfdir@/nbd-server/allow</filename>.
+ </para>
+ <para>
+ The name of the authorization file for this export. This
+ file should contain one line per IP-address, or per
+ network (which must be specified in CIDR-style
+ <option><replaceable>network</replaceable>/<replaceable>masklen</replaceable></option>)
+ and must not contain empty lines. If the file
+ does not exist, everyone is allowed to connect. If the
+ file exists but is empty, nobody is allowed to
+ connect. Otherwise, <command>nbd-server</command> will
+ only allow clients to connect whose IP-adres is listed in
+ this file.
+ </para>
+ <para>Corresponds to the <option>-l</option> option on the
+ command line</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>copyonwrite</option></term>
+ <listitem>
+ <para>
+ Optional; boolean.
+ </para>
+ <para>
+ Whether this is a copy-on-write export. If it is, then any
+ writes to this export will not be written to the master
+ file, but to a separate file which will be removed upon
+ disconnect. The result of using this option is that
+ nbd-server will be somewhat slower, and that any writes will
+ be lost upon disconnect.
+ </para>
+ <para>Corresponds to the <option>-c</option> option on the
+ command line</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>exportname</option></term>
+ <listitem>
+ <para>Required; string.</para>
+ <para>
+ The name of the file (or block device) that will be
+ exported. This must be a fully-qualified path and filename;
+ relative paths are not allowed.
+ </para>
+ <para>
+ Note that <command>nbd-server</command> will only try to
+ find and open the exported file when a client actually
+ connects; as a result, <command>nbd-server</command> must
+ be able to open and read this file
+ <emphasis>after</emphasis> changing to the user and group
+ that have been specified by use of the
+ <option>user</option> and <option>group</option> options;
+ also, <command>nbd-server</command> will only detect
+ errors in this option upon connection of a client.
+ </para>
+ <para>When specified on the command line, this should be the
+ second argument.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>filesize</option></term>
+ <listitem>
+ <para>Optional; integer; default autodetected.</para>
+ <para>
+ Disable autodetection of file or block device size, and
+ forcibly specify a size. Sizes must be specified in
+ bytes. If the <option>multifile</option> option is in
+ effect, this option specifies the size of the
+ <emphasis>entire</emphasis> export, not of individual
+ files.
+ </para>
+ <para>When specified on the command line, this should be the
+ third argument.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>listenaddr</term>
+ <listitem>
+ <para>
+ Optional; string
+ </para>
+ <para>
+ If the 'oldstyle' global parameter is specified, works
+ similarly to the global listenaddr parameter, but for the
+ individual port of this particular export. If the 'oldstyle'
+ parameter is not set, this parameter is ignored.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>multifile</option></term>
+ <listitem>
+ <para>Optional; boolean.</para>
+ <para>
+ If this option is set to true, then
+ <command>nbd-server</command> will search for files of the
+ form
+ <replaceable>exportname</replaceable>.<replaceable>integer</replaceable>,
+ with <replaceable>exportname</replaceable> being the
+ filename that would otherwise have been used (after name
+ transformation for virtualization, if any, has been
+ performed) and <replaceable>integer</replaceable> an
+ integer number, starting with 0 and ending when no more
+ files can be found.
+ </para>
+ <para>
+ The size of the individual files will be autodetected,
+ <emphasis>even</emphasis> if the <option>filesize</option>
+ option has been specified.
+ </para>
+ <para>
+ Corresponds to the <option>-m</option> option on the
+ command line.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>port</option></term>
+ <listitem>
+ <para>Required if 'oldstyle' global parameter is set; integer.</para>
+ <para>
+ The port on which this export is to be served using the
+ old-style handshake protocol.
+ </para>
+ <para>
+ This parameter only makes sense when the 'oldstyle'
+ parameter is set to true in the 'generic' section. If that
+ parameter is not set, but this parameter is found in an
+ export section, then nbd-server will issue a warning upon
+ startup but should otherwise continue to function correctly.
+ </para>
+ <para>
+ It is not possible to combine multiple exports on the same
+ port using the old style handshake. Please use the new style
+ handshake for that purpose.
+ </para>
+ <para>
+ When specified on the command line, this should be the
+ first argument.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>readonly</option></term>
+ <listitem>
+ <para>Optional; boolean.</para>
+ <para>
+ Disallow writes to the device. If this option is
+ specified, <command>nbd-server</command> will issue an
+ error to any client that tries to write to the device.
+ </para>
+ <para>
+ Use of this option in conjunction with
+ <option>copyonwrite</option> is possible, but silly.
+ </para>
+ <para>Corresponds to the <option>-r</option> option on the
+ command line.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>sdp</option></term>
+ <listitem>
+ <para>Optional; boolean.</para>
+ <para>
+ When this option is enabled, <command>nbd-server</command>
+ will use the Socket Direct Protocol (SDP) to serve the
+ export, rather than just IP. This is faster, but requires
+ special hardware (usually something like InfiniBand) and
+ support in the kernel.
+ </para>
+ <para>
+ Additionally, support for this option must be enabled at
+ compile time, using the <option>--enable-sdp</option> option
+ to the <command>configure</command> script. If this option
+ is found in a configuration file and
+ <command>nbd-server</command> does not have support for SDP,
+ then <command>nbd-server</command> will exit with an error
+ message.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>sync</option></term>
+ <listitem>
+ <para>Optional; boolean.</para>
+ <para>When this option is enabled,
+ <command>nbd-server</command> will call an fsync() after every
+ write to the backend storage. Calling fsync() increases
+ reliability in case of an unclean shutdown of nbd-server; but,
+ depending on the file system used on the nbd-server side, may
+ degrade performance. The use of this option isn't always
+ necessary; e.g., on ext3 filesystems, it is recommended that
+ it is <emphasis>not</emphasis> enabled, since it seriously
+ reduces performance on ext3 filesystems while not
+ importantly impacting reliability.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>sparse_cow</option></term>
+ <listitem>
+ <para>Optional; boolean.</para>
+ <para>
+ When this option is enabled, <command>nbd-server</command>
+ will use sparse files to implement the copy-on-write
+ option; such files take up less space then they appear to,
+ which allows <command>nbd-server</command> to handle the
+ file as if it was just as large as the block device it's
+ for.
+ </para>
+ <para>
+ If this option is disabled, <command>nbd-server</command>
+ will map every newly written block to the end of the
+ copy-on-write file, which means that
+ <command>nbd-server</command> will have to lseek(2) to the
+ right position after every 4096-byte block.
+ </para>
+ <para>
+ Using this option may be faster when much is being written
+ during a connection.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>timeout</option></term>
+ <listitem>
+ <para>Optional; integer; default 0</para>
+ <para>
+ How many seconds a connection may be idle for this
+ export. When a connection is idle for a longer time,
+ <command>nbd-server</command> will forcibly disconnect the
+ connection. If you specify 0 (the default), then a
+ connection may be idle forever.
+ </para>
+ <para>
+ Corresponds to the <option>-a</option> option on the
+ command line
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>virtstyle</option></term>
+ <listitem>
+ <para>Optional; string; default "ipliteral"</para>
+ <para>
+ Defines the style of virtualization. Virtualization allows
+ one to create one export that will serve a different file
+ depending on the IP address that is connecting. When
+ virtualization is active, the
+ <replaceable>exportname</replaceable> parameter needs to
+ contain the string '%s'; this will then be replaced by the
+ IP address of the client connecting, in accordance with the
+ option selected here. The result of this transformation is
+ then used as the filename to be opened.
+ </para>
+ <para>
+ There are four types of virtualization that
+ <command>nbd-server</command> supports:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term><option>none</option></term>
+ <listitem>
+ <para>
+ No virtualization. Will attempt to open the filename
+ as it was written, even if it contains '%s' in the
+ name.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>ipliteral</option></term>
+ <listitem>
+ <para>
+ The %s is replaced by the IP address of the connecting
+ host is used as-is. For IPv4, this is done in
+ dotted-quad notation; for IPv6, in hexadecimal form
+ with leading zeros omitted.
+ </para>
+ <para>
+ As an example, if a client connects from 192.168.1.100
+ and <option>exportname</option> is specified as
+ <filename>/export/%s</filename>, then nbd-server will
+ attempt to serve
+ <filename>/export/192.168.1.100</filename>. For IPv6,
+ with a client connecting from 2001:6f8:32f::39, the
+ filename would be
+ <filename>/export/2001:6f8:32f:0:0:0:0:39</filename>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>iphash</option></term>
+ <listitem>
+ <para>
+ Same as above, except that
+ <command>nbd-server</command> will replace the dots
+ in the IP address by forward slashes ('/'); in the
+ same example, <command>nbd-server</command> would
+ open <filename>/export/192/168/1/100</filename>
+ instead.
+ </para>
+ <para>
+ Since there are no dots in most IPv6 addresses, the
+ effect of using this option when IPv6 is in use is
+ indistinguishable from the ipliteral option. It was
+ thought that having to create an eight-deep directory
+ structure would not be as useful.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>cidrhash</option></term>
+ <listitem>
+ <para>
+ This option requires one to add a space and a number
+ after it. <command>nbd-server</command> will use the
+ number as a network mask in CIDR style, and use that
+ as a hash cutoff point. In the above example, if
+ <option>virtstyle</option> has been specified as
+ <constant>cidrhash 16</constant>, then
+ <command>nbd-server</command> will try to open
+ <filename>/export/192.168.0.0/192.168.1.100</filename>;
+ if <option>virtstyle</option> were specified as
+ <constant>cidrhash 26</constant>, then
+ <command>nbd-server</command> will try to open
+ <filename>/export/192.168.1.64/192.168.1.100</filename>.
+ </para>
+ <para>For IPv6, in the above example, with
+ <constant>cidrhash 42</constant>, the filename would
+ be
+ <filename>/export/2001:32f:6c0:0:0:0:0:0/2001:32f:6f8:0:0:0:0:39</filename>.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>prerun</option></term>
+ <listitem>
+ <para>Optional; string</para>
+ <para>
+ If specified, then this command will be ran after a
+ client has connected to the server (and has been
+ accepted), but before the server starts serving. If
+ the command contains the literal string '%s', then
+ this string will be replaced by the filename of the
+ file which nbd-server wants to export.
+ </para>
+ <para>
+ This is useful to create export files on the fly, or
+ to verify that a file can be used for export, to
+ write something to a log file, or similar.
+ </para>
+ <para>
+ If the command runs with a non-zero exit status,
+ then nbd-server will assume the export will fail,
+ and refuse to serve it.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>postrun</option></term>
+ <listitem>
+ <para>Optional; string</para>
+ <para>
+ If specified, then it is assumed to be a command
+ that will be ran when a client has
+ disconnected. This can be useful to clean up
+ whatever <option>prerun</option> has set up, to log
+ something, or similar.
+ </para>
+ <para>
+ If the literal string '%s' is present in the
+ command, it will be replaced by the file name that
+ has just been closed.
+ </para>
+ <para>
+ In contrast to the <option>prerun</option> option,
+ the exit state of <option>postrun</option> is
+ <emphasis>ignored</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ </refsect1>
+ <refsect1>
+ <title>SEE ALSO</title>
+
+ <para>nbd-server (1), nbd-client (8),
+ http://nbd.sourceforge.net/roadmap.html</para>
+
+ </refsect1>
+ <refsect1>
+ <title>AUTHOR</title>
+ <para>The NBD kernel module and the NBD tools were originally
+ written by Pavel Machek (pavel@ucw.cz)</para>
+
+ <para>The Linux kernel module is now maintained by Paul Clements
+ (Paul.Clements@steeleye.com), while the userland tools are
+ maintained by &dhusername; (&dhemail;)</para>
+
+ <para>On The Hurd there is a regular translator available to perform the
+ client side of the protocol, and the use of
+ <command>nbd-client</command> is not required. Please see the
+ relevant documentation for more information.</para>
+
+ <para>This manual page was written by &dhusername; (&dhemail;) for
+ the &debian; system (but may be used by others). Permission is
+ granted to copy, distribute and/or modify this document under
+ the terms of the <acronym>GNU</acronym> General Public License,
+ version 2, as published by the Free Software Foundation.</para>
+
+ </refsect1>
+ <refsect1>
+ <title>EXAMPLES</title>
+ <para>A simple <command>nbd-server</command> configuration file
+ would look like this:</para>
+ <programlisting>
+ [generic]
+ [export]
+ exportname = /export/blkdev
+ port = 12345
+ </programlisting>
+ <para>For increased security, one might want to create an
+ authorization file, and set the UID and GID to run as:</para>
+ <programlisting>
+ [generic]
+ user = nbd
+ group = nbd
+ [export]
+ exportname = /export/blkdev
+ port = 12345
+ authfile = @sysconfdir@/nbd-server/allow
+ </programlisting>
+ <para>With @sysconfdir@/nbd-server/allow containing the following:</para>
+ <programlisting>
+ 127.0.0.1
+ 192.168.0.0/8
+ 192.168.1.1
+ </programlisting>
+ </refsect1>
+</refentry>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+mode: sgml
+sgml-omittag:t
+sgml-shorttag:t
+sgml-minimize-attributes:nil
+sgml-always-quote-attributes:t
+sgml-indent-step:2
+sgml-indent-data:t
+sgml-parent-document:nil
+sgml-default-dtd-file:nil
+sgml-exposed-tags:nil
+sgml-local-catalogs:nil
+sgml-local-ecat-files:nil
+End:
+-->
projects / nbd.git / commitdiff