.\" Copyright (c) 1989, 1991, 1993
.\" The Regents of the University of California. All rights reserved.
.\" %sccs.include.redist.roff%
.\" @(#)nfssvc.2 8.1 (Berkeley) %G%
.Fn nfssvc "int flags" "void *argstructp"
function is used by the NFS daemons to pass information into and out
of the kernel and also to enter the kernel as a server daemon.
argument consists of several bits that show what action is to be taken
once in the kernel and the
points to one of three structures depending on which bits are set in
to enter the kernel as a block I/O server daemon.
flag, optionally or'd with the flags
along with a pointer to a
char *ncd_dirp; /* Mount dir path */
uid_t ncd_authuid; /* Effective uid */
int ncd_authtype; /* Type of authenticator */
int ncd_authlen; /* Length of authenticator string */
char *ncd_authstr; /* Authenticator string */
The initial call has only the
flag set to specify service for the mount point.
If the mount point is using Kerberos, then the
with errno == ENEEDAUTH whenever the client side requires an ``rcmd''
authentication ticket for the user.
will attempt to get the Kerberos ticket, and if successful will call
after filling the ticket into the
setting the ncd_authlen and ncd_authtype
fields of the nfsd_cargs structure.
failed to get the ticket,
will be called with the flags
to denote a failed authentication attempt.
struct nfsd *nsd_nfsd; /* Pointer to in kernel nfsd struct */
uid_t nsd_uid; /* Effective uid mapped to cred */
u_long nsd_haddr; /* Ip address of client */
struct ucred nsd_cr; /* Cred. uid maps to */
int nsd_authlen; /* Length of auth string (ret) */
char *nsd_authstr; /* Auth string (ret) */
to enter the kernel as an
daemon receives a Kerberos authentication ticket, it will return from
will attempt to authenticate the ticket and generate a set of credentials
on the server for the ``user id'' specified in the field nsd_uid.
This is done by first authenticating the Kerberos ticket and then mapping
the Kerberos principal to a local name and getting a set of credentials for
flags set to pass the credential mapping in nsd_cr into the
kernel to be cached on the server socket for that client.
If the authentication failed,
to denote an authentication failure.
int sock; /* Socket to serve */
caddr_t name; /* Client address for connection based sockets */
int namelen; /* Length of name */
socket into the kernel for servicing by the
does not return unless the server
is terminated by a signal when a value of 0 is returned.
Otherwise, -1 is returned and the global variable
is set to specify the error.
.Bl -tag -width [ENEEDAUTH]
is really used for authentication support, particularly Kerberos,
The caller is not the super-user.
function first appeared in 4.4BSD.
system call is designed specifically for the
support daemons and as such is specific to their requirements.
It should really return values to indicate the need for authentication
Several fields of the argument structures are assumed to be valid and
sometimes to be unchanged from a previous call, such that
must be used with extreme care.