The Nework File System operates in a stateless fashion using remote procedure (RPC) calls built on top of external data representation (XDR) protocol. The RPC protocol provides for version and authentication parameters to be exchanged to ensure security over the network.
A server can grant access to a specific filesystem to certain clients by adding an entry for that filesystem to the server's /etc/exports file.
A client gains access to that filesystem with the mount.2 system call, which requests a file handle for the filesystem itself. Once the filesystem is mounted by the client, the server issues a file handle to the client for each file (or directory) the client accesses. If the file is somehow removed on the server side, the file handle becomes stale (dissociated with a known file).
A server may also be a client with respect to filesystems it has mounted over the network, but its clients cannot gain access to those filesystems. Instead, the client must mount a filesystem directly from the server on which it resides.
The user ID and group ID mappings must be the same between client and server. However, the server maps uid 0 (the super-user) to uid -2 before performing access checks for a client. This inhibits super-user privileges on remote filesystems.
Created by unroff & hp-tools. © somebody (See intro for details). All Rights Reserved. Last modified 11/5/97