sm-notify(8)sm-notify(8)NAMEsm-notify - Send out NSM reboot notifications
SYNOPSIS
/sbin/sm-notify [-dfq] [-m time] [-p port] [-P path] [-v my_name ]
DESCRIPTION
File locking over NFS (v2 and v3) requires a facility to notify peers
in case of a reboot, so that clients can reclaim locks after a server
crash, and/or servers can release locks held by the rebooted client.
This is a two-step process: during normal operations, a mechanism is
required to keep track of which hosts need to be informed of a reboot.
And of course, notifications need to be sent out during reboot. The
protocol used for this is called NSM, for Network Status Monitor.
This implementation separates these into separate program. rpc.statd
tracks hosts which need to be notified and this sm-notify performs the
notification. When rpc.statd is started it will typically started sm-
notify but this is configurable.
Operation
For each NFS client or server machine to be monitored, rpc.statd cre‐
ates a file in /var/lib/nfs/sm, and removes the file if monitoring is
no longer required.
When the machine is rebooted, sm-notify iterates through these files
and notifies the peer statd server on those machines.
Each machine has an NSM state , which is basically an integer counter
that is incremented each time the machine reboots. This counter is
stored in /var/lib/nfs/state, and updated by sm-notify.
Security
sm-notify has little need for root privileges and so drops them as soon
as possible. It continues to need to make changes to the sm and sm.bak
directories so to be able to drop privileges, these must be writable by
a non-privileged user. If these directories are owned by a non-root
user, sm-notify will drop privilege to match that user once it has cre‐
ated sockets for sending out request (for which it needs privileged)
but before it processes any reply (which is the most likely source of
possible privilege abuse).
OPTIONS-m failtime
When notifying hosts, sm-notify will try to contact each host
for up to 15 minutes, and will give up if unable to reach it
within this time frame.
Using the -m option, you can override this. A value of 0 tells
sm-notify to retry indefinitely; any other value is interpreted
as the maximum retry time in minutes.
-v ipaddr-or-hostname
This option tells sm-notify to bind to the specified ipaddr, (or
the ipaddr of the given hostname) so that all notification pack‐
ets originate from this address. This is useful for NFS
failover. The given name is also used as the name of this host
in the NSM request.
-p port
instructs sm-notify to bind to the indicated IP port number. If
this option is not given, it will try to bind to a randomly cho‐
sen privileged port below 1024.
-q Be quiet. This suppresses all messages except error messages
while collecting the list of hosts.
-P /path/to/state/directory
If sm-notify should look in a no-standard place of state file,
the path can be given here. The directories sm and sm.bak and
the file state must exist in that directory with the standard
names.
-f If the state path has not been reset with -P, sm-notify will
normally create a file in /var/run to indicate that it has been
run. If this file is found when sm-notify starts, it will not
run again (as it is normally only needed once per reboot). If
-f (for force) is given, sm-notify will run even if the file in
/var/run is present.
-n Do not update the NSM state. This is for testing only. Setting
this flag implies -f.
-d Enables debugging. By default, sm-notify forks and puts itself
in the background after obtaining the list of hosts from
/var/lib/nfs/sm.
FILES
/var/lib/nfs/state
/var/lib/nfs/sm/*
/var/lib/nfs/sm.bak/*
/var/run/sm-notify.pid
SEE ALSOrpc.nfsd(8), portmap(8)AUTHORS
Olaf Kirch <okir@suse.de>
19 Mar 2007 sm-notify(8)