The fedfs(7) man page contains a section discussing how to create FedFS domain root directories. This level of detail belongs in the new fedfs-domainroot(8) man page.
Signed-off-by: Chuck Lever <[email protected]> --- doc/man/fedfs-domainroot.8 | 31 ++++++++++++++++++++++++------- doc/man/fedfs.7 | 38 -------------------------------------- 2 files changed, 24 insertions(+), 45 deletions(-) diff --git a/doc/man/fedfs-domainroot.8 b/doc/man/fedfs-domainroot.8 index 359a416..c50a6e5 100644 --- a/doc/man/fedfs-domainroot.8 +++ b/doc/man/fedfs-domainroot.8 @@ -129,13 +129,6 @@ These can be modified by editing after the domain root export is created. .P -The final step of setting up a FedFS domain is adding a set of DNS SRV -records that direct FedFS-enabled clients to the fileserver -where the domain's root directory resides. -Adding DNS SRV records is outside the scope of the -.BR fedfs-domainroot (8) -command. -.P The .BR fedfs-domainroot (8) command must run as root in order to create and remove NFS exports @@ -251,6 +244,28 @@ Removed domain root for FedFS domain "example.net" .br # .RE +.SH DOMAIN ROOT DISCOVERY +To enable discovery of new domain roots +by FedFS-enabled file-access clients, +a DNS SRV record must be added to an appropriate authoritative DNS server. +.P +If you created your domain root on the fileserver named +.IR foo.example.net , +a record for the above domain root should be added to the DNS +server authoritative for the +.I example.net +domain. +Such a record might look like +.RS +.sp + _nfs-domainroot._tcp IN SRV 0 0 2049 foo.example.net. +.sp +.RE +Adding DNS SRV records is outside the scope of the +.BR fedfs-domainroot (8) +command. +Consult with your network administrator for details +on how to add appropriate DNS SRV records for your FedFS domain root. .SH SECURITY FedFS domain root exports created by .BR fedfs-domainroot (8) @@ -296,6 +311,8 @@ directory containing domain root exports .BR rpc.fedfsd (8), .BR exportfs (8), .BR exports (5) +.sp +RFC 6641 for the specification of FedFS DNS SRV records .SH COLOPHON This page is part of the fedfs-utils package. A description of the project and information about reporting bugs diff --git a/doc/man/fedfs.7 b/doc/man/fedfs.7 index 27769a0..556f41a 100644 --- a/doc/man/fedfs.7 +++ b/doc/man/fedfs.7 @@ -194,44 +194,6 @@ or hide parts of the FedFS namespace for security purposes. However, it breaks cross-platform application interoperability by presenting applications with multiple pathnames to the same file object. Therefore it should be avoided. -.SS Creating domain roots -NFSv4 FedFS domain roots are mounted via a standard export pathname. -The first component of the domain root's export pathname is always -.IR /.domainroot . -The second component is a FedFS domain name. -For instance, the export pathname of the domain root of the -.I example.net -FedFS domain would be -.IR /.domainroot/example.net . -.P -After creating this directory on a FedFS-enabled -fileserver and making it world readable, -an entry in /etc/exports for this export might look like: -.RS -.sp -/.domainroot/example.net *(ro) -.sp -.RE -At this point, FedFS junctions can be created in the domain's root directory -using FedFS administrative tools. -You can also add other objects that might be useful -at the top of a FedFS domain namespace, such as standard NFS referrals, -or files, like a terms-of-use document. -.P -To enable discovery of this domain root -by FedFS-enabled file-access clients, -a DNS SRV record is added to an appropriate authoritative DNS server. -If you created your domain root on the fileserver named -.IR foo.example.net , -a record for the above domain root should be added to the DNS -server authoritative for the -.I example.net -domain. -Such a record might look like -.RS -.sp - _nfs-domainroot._tcp IN SRV 0 0 2049 foo.example.net. -.RE .SH SECURITY Each host in a FedFS domain plays one or more of the following roles, each of which have different security requirements. _______________________________________________ fedfs-utils-devel mailing list [email protected] https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel
