share(1Mnfs)

share -- make local NFS resource available for mounting by remote systems

Synopsis

share -F nfs [-o specific_options] [-d description] pathname [resource]

Description

The NFS^®-specific share command makes local resources available for mounting by remote systems.

Options

The following options are available to the share command:

-F

Specifies the File System Type (FSType). This option may be omitted if NFS is the first filesystem type listed in the /etc/dfs/fstypes file.

-o specific_options

Specify options in a comma-separated list of keywords and attribute-value-assertions for interpretation by the file-system-type-specific command.

The specific_options can be any combination of the following:

anon=uid: Set uid to be the effective user ID of unauthenticated users if AUTH_DES authentication is used, or to be root if AUTH_UNIX authentication is used. By default, unknown users are given the effective user ID UID_NOBODY. If uid is set to -1, access is denied.
asyncwrites: All writes to the shared filesystem will be asynchronous. This may improve write performance on the server, but carries with it the risk of data loss on server crashes.
index=index_path: On a web server that supports WebNFS, serve an index file if a remote user browses a directory rather than a file. The specified index_path is appended to the pathname to form the pathname of the index file. If the index option is not used to specify an index_path, the pathname formed from pathname/index.html is used.
public: On a web server, the directory specified by pathname is to be shared as the publicly-accessible WebNFS directory.
ro: Sharing will be read-only to all clients.
ro=client[:client] ...: Sharing will be read-only to the listed clients; overrides the rw suboption for the clients specified.
root=host[:host] ...: Only root users from the specified hosts will have root access. By default, no host has root access.
rw: Sharing will be read-write to all clients.
rw=client[:client] ...: Sharing will be read-write to the listed clients; overrides the ro suboption for the clients specified.
secure: Clients must use the AUTH_DES authentication of RPC. AUTH_UNIX authentication is the default.

If no specific_options are specified, then by default sharing will be read-write to all clients.

-d description

Provides a comment that describes the resource to be shared.

pathname

Specifies the pathname of the resource to be shared.

resource

Specifies the name of the resource to be shared.

Files

/etc/dfs/fstypes
/etc/dfs/sharetab

Usage

If no argument is specified, then share displays all of the NFS resources currently shared.

NOTE: The specific_options ro=, rw=, and root= are guaranteed to work over UDP and TCP but may not work over other transport providers.

In addition, if a resource is shared with a ro= list and a root= list, any host that is on the root= list will be given read-only access, regardless of whether that host is specified in the ro= list, unless rw is declared as the default, or the host is mentioned in a rw= list. The same is true if the resource is shared with ro as the default.

Multiple clients may be specified using the format: ``IPaddr/mask_length'' instead of naming them individually. IPaddr is an IP address, and mask_length is the number of leading 1's in a bitmask that will be applied to both IPaddr and the requesting client's IP address before comparing the resulting values. A match is obtained if the computed values are equal. For example, a client specified as ``192.168.12.0/24'' includes all hosts whose IP address begins ``192.168.12'' when OR'ed with the mask ``255.255.255.0''.

NOTE: The result of ORing IPaddr with the inverse of the specified mask must be zero. Otherwise, share will judge the address invalid. A client specified as ``192.168.12.0/16'' would thus not be allowed.

share advertises its resources on applicable transports specified by the NETPATH environment variable if the variable is not set to NULL. Otherwise, share scans the /etc/netconfig file to find all appropriate transports. The recommended use of the NETPATH variable with the share command is as follows:

   # NETPATH=udp share -F nfs ...

Specifying NETPATH in this manner affects only the execution of the share command and does not affect the shell environment.

Exit codes

0: Successful exit
33: Usage error
34: Could not add to sharetab
35: Could not delete from sharetab
36: Could not share
37: Error in options parsing

Warnings

The share command will fail if both ro and rw (with no qualifiers) are specified. If the same client name exists in both the ro= and rw= lists, the rw will override the ro, giving read/write access to the client specified.

Granting root access to other hosts has far reaching security implications; use the root= option with extreme caution.

Examples

Give read-only permissions to hostb:

   share -F nfs -oro=hosta,root=hostb /var
   share -F nfs -oro,root=hostb /var

Give read/write permissions to hostb:

   share -F nfs -oro=hosta,rw=hostb,root=hostb /var
   share -F nfs -oroot=hostb /var

Give read/write permissions to all hosts on network 192.168.16/24 but only allow read-only access for hosts on networks 192.168.20/24 and 192.168.25/16:

   share -F nfs -orw=192.168.16.0/24,ro=192.168.20.0/24:192.168.25.0/16 /var

References

share(1M), unshare(1M), unshare(1Mnfs)