NAME
sm-notify - Send out NSM reboot notifications
SYNOPSIS
/sbin/sm-notify [-dfq] [-m time] [-p port] [-P path] [-v my_name]
DESCRIPTION
File locking over NFS (v2 and v3) requires a facility to notify peers in case of a reboot, so that clients can reclaim locks after a server crash, and/or servers can release locks held by the rebooted client.
This is a two-step process: during normal operations, a mechanism is required to keep track of which hosts need to be informed of a reboot. And of course, notifications need to be sent out during reboot. The protocol used for this is called NSM, for Network Status Monitor.
This implementation separates these into separate program. rpc.statd tracks hosts which need to be notified and this sm-notify performs the notification. When rpc.statd is started it will typically started sm-notify but this is configurable.
Operation
For each NFS client or server machine to be monitored, rpc.statd creates a file in /var/lib/nfs/sm, and removes the file if monitoring is no longer required.
When the machine is rebooted, sm-notify iterates through these files and notifies the peer statd server on those machines.
Each machine has an NSM state , which is basically an integer counter that is incremented each time the machine reboots. This counter is stored in /var/lib/nfs/state, and updated by sm-notify.
Security
sm-notify has little need for root privileges and so drops them as soon as possible. It continues to need to make changes to the sm and sm.bak directories so to be able to drop privileges, these must be writable by a non-privileged user. If these directories are owned by a non-root user, sm-notify will drop privilege to match that user once it has created sockets for sending out request (for which it needs privileged) but before it processes any reply (which is the most likely source of possible privilege abuse).
OPTIONS
-mfailtime | |
When notifying hosts, sm-notify will try to contact each host for up to 15 minutes, and will give up if unable to reach it within this time frame. | |
Using the -m option, you can override this. A value of 0 tells sm-notify to retry indefinitely; any other value is interpreted as the maximum retry time in minutes. | |
-vipaddr-or-hostname | |
This option tells sm-notify to bind to the specified ipaddr, (or the ipaddr of the given hostname) so that all notification packets originate from this address. This is useful for NFS failover. The given name is also used as the name of this host in the NSM request. | |
-pport | |
instructs sm-notify to bind to the indicated IP port number. If this option is not given, it will try to bind to a randomly chosen privileged port below 1024. | |
-q | Be quiet. This suppresses all messages except error messages while collecting the list of hosts. |
-P/path/to/state/directory | |
If sm-notify should look in a no-standard place of state file, the path can be given here. The directories sm and sm.bak and the file state must exist in that directory with the standard names. | |
-f | If the state path has not been reset with -P, sm-notify will normally create a file in /var/run to indicate that it has been run. If this file is found when sm-notify starts, it will not run again (as it is normally only needed once per reboot). If -f (for force) is given, sm-notify will run even if the file in /var/run is present. |
-n | Do not update the NSM state. This is for testing only. Setting this flag implies -f. |
-d | Enables debugging. By default, sm-notify forks and puts itself in the background after obtaining the list of hosts from /var/lib/nfs/sm. |
FILES
/var/lib/nfs/state
/var/lib/nfs/sm/*
/var/lib/nfs/sm.bak/*
/var/run/sm-notify.pid
SEE ALSO
AUTHORS
Olaf Kirch <okir@suse.de>