NAME
amd.conf - Amd configuration file
SYNOPSIS
amd.conf
DESCRIPTION
The amd.conf file is the configuration file for Amd, as part of the am-
utils suite.
amd.conf contains runtime configuration information for the Amd
automounter program.
FILE FORMAT
The file consists of sections and parameters. A section begins with
the name of the section in square brackets and continues until the next
section begins or the end the file is reached. Sections contain
parameters of the form ’name = value’.
The file is line-based - that is, each newline-terminated line
represents either a comment, a section name or a parameter. No line-
continuation syntax is available.
Section, parameter names and their values are case sensitive.
Only the first equals sign in a parameter is significant. Whitespace
before or after the first equals sign is discarded. Leading, trailing
and internal whitespace in section and parameter names is irrelevant.
Leading and trailing whitespace in a parameter value is discarded.
Internal whitespace within a parameter value is not allowed, unless the
whole parameter value is quoted with double quotes as in ’name = "some
value"’.
Any line beginning with a pound sign (#) is ignored, as are lines
containing only whitespace.
The values following the equals sign in parameters are all either a
string (no quotes needed if string does not include spaces) or a
boolean, which may be given as yes/no. Case is significant in all
values. Some items such as cache timeouts are numeric.
SECTIONS
The [global] section
Parameters in this section either apply to Amd as a whole, or to all
other regular map sections which follow. There should be only one
global section defined in one configuration file.
It is highly recommended that this section be specified first in the
configuration file. If it is not, then regular map sections which
precede it will not use global values defined later.
Regular [/map] sections
Parameters in regular (non-global) sections apply to a single map
entry. For example, if the map section [/homes] is defined, then all
parameters following it will be applied to the /homes Amd-managed mount
point.
PARAMETERS
Parameters common to all sections
These parameters can be specified either in the global or a map
specific section. Entries specified in a map-specific section override
the default value or one defined in the global section. If such a
common parameter is specified only in the global section, it is
applicable to all regular map sections that follow.
browsable_dirs (string, default=no)
If "yes," then Amd’s top-level mount points will be browsable to
readdir(3) calls. This means you could run for example ls(1)
and see what keys are available to mount in that directory. Not
all entries are made visible to readdir(3): the "/default"
entry, wildcard entries, and those with a "/" in them are not
included. If you specify "full" to this option, all but
"/default" will be visible. Note that if you run a command
which will attempt to stat(2) the entries, such as often done by
"ls -l" or "ls -F," Amd will attempt to mount every entry in
that map. This is often called a ‘‘mount storm.’’
map_defaults (string, default to empty)
This option sets a string to be used as the map’s /defaults
entry, overriding any /defaults specified in the map. This
allows local users to override map defaults without modifying
maps globally.
map_options (string, default no options)
This option is the same as specifying map options on the command
line to Amd, such as "cache:=all".
map_type (string, default search all map types)
If specified, Amd will initialize the map only for the type
given. This is useful to avoid the default map search type used
by Amd which takes longer and can have undesired side-effects
such as initializing NIS even if not used. Possible values are
exec executable maps
file plain files
hesiod Hesiod name service from MIT
ldap Lightweight Directory Access Protocol
ndbm (New) dbm style hash files
nis Network Information Services (version 2)
nisplus Network Information Services Plus (version 3)
passwd local password files
union union maps
mount_type (string, default=nfs)
All Amd mount types default to NFS. That is, Amd is an NFS
server on the map mount points, for the local host it is running
on. If "autofs" is specified, Amd will be an autofs server for
those mount points.
autofs_use_lofs (string, default=yes)
When set to "yes" and using Autofs, Amd will use lofs-type
(loopback) mounts for type:=link mounts. This has the advantage
of mounting in place, and users get to the see the same pathname
that they chdir’ed into. If this option is set to "no," then
Amd will use symlinks instead: that code is more tested, but
negates autofs’s big advantage of in-place mounts.
search_path (string, default no search path)
This provides a (colon-delimited) search path for file maps.
Using a search path, sites can allow for local map
customizations and overrides, and can distributed maps in
several locations as needed.
selectors_in_defaults (boolean, default=no)
If "yes," then the /defaults entry of maps will search for and
process any selectors before setting defaults for all other keys
in that map. Useful when you want to set different options for
a complete map based on some parameters. For example, you may
want to better the NFS performance over slow slip-based networks
as follows:
/defaults \
wire==slip-net;opts:=intr,rsize=1024,wsize=1024 \
wire!=slip-net;opts:=intr,rsize=8192,wsize=8192
Deprecated form: selectors_on_default
Parameters applicable to the global section only
arch (string, default to compiled in value)
Same as the -A option to Amd. Allows you to override the value
of the arch Amd variable.
auto_attrcache (numeric, default=0)
Specify in seconds (or units of 0.1 seconds, depending on the
OS), what is the (kernel-side) NFS attribute cache timeout for
@i{Amd}’s own automount points. A value of 0 is supposed to
turn off attribute caching, meaning that @i{Amd} will be
consulted via a kernel-RPC each time someone stat()’s the mount
point (which could be abused as a denial-of-service attack).
Warning: some OSs are incapable of turning off the NFS attribute
cache reliably. On such systems, Amd may not work reliably
under heavy load. See the README.attrcache document in the Am-
utils distribution for more details.
auto_dir (string, default=/a)
Same as the -a option to Amd. This sets the private directory
where Amd will create sub-directories for its real mount points.
cache_duration (numeric, default=300)
Same as the -c option to Amd. Sets the duration in seconds that
looked-up or mounted map entries remain in the cache.
cluster (string, default no cluster)
Same as the -C option to Amd. Specifies the alternate HP-UX
cluster to use.
debug_mtab_file (string, default=/tmp/mnttab)
Path to mtab file that is used by Amd to store a list of mounted
file systems during debug-mtab mode. This option only applies
to systems that store mtab information on disk.
debug_options (string, default no debug options)
Same as the -D option to Amd. Specify any debugging
options for Amd. Works only if am-utils was configured
for debugging using the --enable-debug option. The "mem"
option, as well as all other options, can be turned on
via --enable-debug=mem. Otherwise debugging options are
ignored. Options are comma delimited, and can be
preceded by the string "no" to negate their meaning. You
can get the list of supported debugging options by
running Amd -H. Possible values are:
all all options
amq register for amq
daemon enter daemon mode
fork fork server
full program trace
hrtime print high resolution time stamps (only if syslog(3) is not used)
info info service specific debugging (hesiod, nis, etc.)
mem trace memory allocations
mtab use local "./mtab" file
readdir show browsable_dirs progress
str debug string munging
test full debug but no daemon
trace trace protocol and NFS mount arguments
xdrtrace trace XDR routines
dismount_interval (numeric, default=120)
Same as the -w option to Amd. Specify in seconds, the
time between attempts to dismount file systems that have
exceeded their cached times.
domain_strip (boolean, default=yes)
If "yes," then the domain name part referred to by
${rhost} is stripped off. This is useful to keep logs
and smaller. If "no," then the domain name part is left
changed. This is useful when using multiple domains with
the same maps (as you may have hosts whose domain-
stripped name is identical).
exec_map_timeout (numeric, default=10)
The timeout in seconds that Amd will wait for an
executable map program before an answer is returned from
that program (or script). This value should be set to as
small as possible while still allowing normal replies to
be returned before the timer expires, because during the
time that the executable map program is queried, Amd is
essentially waiting and is thus not responding to any
other queries.
forced_unmounts (boolean, default=no)
If set to "yes," and the client OS supports forced or
lazy unmounts, then Amd will attempt to use them if it
gets any of three serious error conditions when trying to
unmount an existing mount point or mount on top of one:
EIO, ESTALE, or EBUSY.
This could be useful to recover from serious conditions
such as hardware failure of mounted disks, or NFS servers
which are down permanently, were migrated, or changed
their IP address. Only "type:=toplvl" mounts hung with
EBUSY are forcibly unmounted using this option, which is
useful to recover from a hung Amd).
full_os (string, default to compiled in value)
The full name of the operating system, along with its
version. Allows you to override the compiled-in full
name and version of the operating system. Useful when
the compiled-in name is not desired. For example, the
full operating system name on linux comes up as
‘‘linux’’, but you can override it to ‘‘linux-2.2.5.’’
fully_qualified_hosts (string, default=no)
If "yes," Amd will perform RPC authentication using
fully-qualified host names. This is necessary for some
systems, and especially when performing cross-domain
mounting. For this function to work, the Amd variable
${hostd} is used, requiring that ${domain} not be null.
hesiod_base (string, default=automount)
Specify the base name for hesiod maps.
karch (string, default to karch of the system)
Same as the -k option to Amd. Allows you to override the
kernel-architecture of your system. Useful for example
on Sun (Sparc) machines, where you can build one Amd
binary, and run it on multiple machines, yet you want
each one to get the correct karch variable set (for
example, sun4c, sun4m, sun4u, etc.) Note that if not
specified, Amd will use uname(3) to figure out the kernel
architecture of the machine.
ldap_base (string, default not set)
Specify the base name for LDAP. This often includes
LDAP-specific values such as country and organization.
ldap_cache_maxmem (numeric, default=131072)
Specify the maximum memory Amd should use to cache LDAP
entries.
ldap_cache_seconds (numeric, default=0)
Specify the number of seconds to keep entries in the
cache.
ldap_hostports (string, default not set)
Specify the LDAP host and port values.
ldap_proto_version (numeric, default=2)
Specify the version of the LDAP protocol to use.
local_domain (string, default no sub-domain)
Same as the -d option to Amd. Specify the local domain
name. If this option is not given the domain name is
determined from the hostname, by removing the first
component of the fully-qualified host name.
localhost_address (string, default to localhost or 127.0.0.1)
Specify the name or IP address for Amd to use when
connecting the sockets for the local NFS server and the
RPC server. This defaults to 127.0.0.1 or whatever the
host reports as its local address. This parameter is
useful on hosts with multiple addresses where you want to
force Amd to connect to a specific address.
log_file (string, default=/dev/stderr)
Same as the -l option to Amd. Specify a file name to log
Amd events to. If the string /dev/stderr is specified,
Amd will send its events to the standard error file
descriptor. If the string syslog is given, Amd will
record its events with the system logger syslogd(8). The
default syslog facility used is LOG_DAEMON. If you wish
to change it, append its name to the log file name,
delimited by a single colon. For example, if logfile is
the string syslog:local7 then Amd will log messages via
syslog(3) using the LOG_LOCAL7 facility (if it exists on
the system).
log_options (string, default no logging options)
Same as the -x option to Amd. Specify any logging
options for Amd. Options are comma delimited, and can be
preceded by the string "no" to negate their meaning. The
"debug" logging option is only available if am-utils was
configured with --enable-debug. You can get the list of
supported debugging and logging options by running amd
-H. Possible values are:
all all messages
debug debug messages
error non-fatal system errors
fatal fatal errors
info information
map map errors
stats additional statistical information
user non-fatal user errors
warn warnings
warning warnings
map_reload_interval (numeric, default=3600)
The number of seconds that Amd will wait before it checks
to see if any maps have changed at their source (NIS
servers, LDAP servers, files, etc.). Amd will reload
only those maps that have changed.
nfs_allow_any_interface (string, default=no)
Normally Amd accepts local NFS packets only from
127.0.0.1. If this parameter is set to "yes" then Amd
will accept local NFS packets from any local interface;
this is useful on hosts that may have multiple interfaces
where the system is forced to send all outgoing packets
(even those bound to the same host) via an address other
than 127.0.0.1.
nfs_allow_insecure_port (string, default=no)
Normally Amd will refuse requests coming from
unprivileged ports (i.e. ports >= 1024 on Unix systems),
so that only privileged users and the kernel can send NFS
requests to it. However, some kernels (certain versions
of Darwin, MacOS X, and Linux) have bugs that cause them
to use unprivileged ports in certain situations, which
causes Amd to stop dead in its tracks. This parameter
allows Amd to operate normally even on such systems, at
the expense of a slight decrease in the security of its
operations. If you see messages like "ignoring request
from foo:1234, port not reserved" in your Amd log, try
enabling this parameter and give it another go.
nfs_proto (string, default to trying version tcp then udp)
By default, Amd tries TCP and then UDP. This option
forces the overall NFS protocol used to TCP or UDP. It
overrides what is in the Amd maps, and is useful when Amd
is compiled with NFSv3 support that may not be stable.
With this option you can turn off the complete usage of
NFSv3 dynamically (without having to recompile Amd) until
such time as NFSv3 support is desired again.
nfs_retransmit_counter (numeric, default=11)
Same as the retransmit part of the -t timeout.retransmit
option to Amd. Specifies the number of NFS
retransmissions that the kernel will use to communicate
with Amd.
nfs_retransmit_counter_udp (numeric, default=11)
Same as the nfs_retransmit_counter option, but for all
UDP mounts only.
nfs_retransmit_counter_tcp (numeric, default=11)
Same as the nfs_retransmit_counter option, but for all
TCP mounts only.
nfs_retransmit_counter_toplvl (numeric, default=11)
Same as the nfs_retransmit_counter option, but only for
Amd’s top-level UDP mounts.
nfs_retry_interval (numeric, default=8)
Same as the timeout part of the -t timeout.retransmit
option to Amd. Specifies the NFS timeout interval, in
tenths of seconds, between NFS/RPC retries (for UDP and
TCP). This is the value that the kernel will use to
communicate with Amd.
Amd relies on the kernel RPC retransmit mechanism to
trigger mount retries. The values of the
nfs_retransmit_counter and the nfs_retry_interval
parameters change the overall retry interval. Too long
an interval gives poor interactive response; too short an
interval causes excessive retries.
nfs_retry_interval_udp (numeric, default=8)
Same as the nfs_retry_interval option, but for all UDP
mounts only.
nfs_retry_interval_tcp (numeric, default=8)
Same as the nfs_retry_interval option, but for all TCP
mounts only.
nfs_retry_interval_toplvl (numeric, default=8)
Same as the nfs_retry_interval option, but only for Amd’s
top-level UDP mounts.
nfs_vers (numeric, default to trying version 3 then 2)
By default, Amd tries version 3 and then version 2. This
option forces the overall NFS protocol used to version 3
or 2. It overrides what is in the Amd maps, and is
useful when Amd is compiled with NFSv3 support that may
not be stable. With this option you can turn off the
complete usage of NFSv3 dynamically (without having to
recompile Amd) until such time as NFSv3 support is
desired again.
nis_domain (string, default to local NIS domain name)
Same as the -y option to Amd. Specify an alternative NIS
domain from which to fetch the NIS maps. The default is
the system domain name. This option is ignored if NIS
support is not available.
normalize_hostnames (boolean, default=no)
Same as the -n option to Amd. If "yes," then the name
refereed to by ${rhost} is normalized relative to the
host database before being used. The effect is to
translate aliases into ‘‘official’’ names.
normalize_slashes (boolean, default=yes)
If "yes," then Amd will condense all multiple ‘‘/’’
(slash) characters into one and remove all trailing
slashes. If "no," then Amd will not touch strings that
may contain repeated or trailing slashes. The latter is
sometimes useful with SMB mounts, which often require
multiple slash characters in pathnames.
os (string, default to compiled in value)
Same as the -O option to Amd. Allows you to override the
compiled-in name of the operating system. Useful when
the built-in name is not desired for backward
compatibility reasons. For example, if the build in name
is ‘‘sunos5’’, you can override it to ‘‘sos5’’, and use
older maps which were written with the latter in mind.
osver (string, default to compiled in value)
Same as the -o option to Amd. Overrides the compiled-in
version number of the operating system. Useful when the
built in version is not desired for backward
compatibility reasons. For example, if the build in
version is ‘‘2.5.1’’, you can override it to ‘‘5.5.1’’,
and use older maps that were written with the latter in
mind.
pid_file (string, default=/dev/stdout)
Specify a file to store the process ID of the running
daemon into. If not specified, Amd will print its
process id onto the standard output. Useful for killing
Amd after it had run. Note that the PID of a running Amd
can also be retrieved via amq -p. This file is used only
if the print_pid option is on.
plock (boolean, default=yes)
Same as the -S option to Amd. If "yes," lock the running
executable pages of Amd into memory. To improve Amd’s
performance, systems that support the plock(3) or
mlockall(2) call can lock the Amd process into memory.
This way there is less chance it the operating system
will schedule, page out, and swap the Amd process as
needed. This improves Amd’s performance, at the cost of
reserving the memory used by the Amd process (making it
unavailable for other processes).
portmap_program (numeric, default=300019)
Specify an alternate Port-mapper RPC program number,
other than the official number. This is useful when
running multiple Amd processes. For example, you can run
another Amd in "test" mode, without affecting the primary
Amd process in any way. For safety reasons, the
alternate program numbers that can be specified must be
in the range 300019-300029, inclusive. Amq has an option
-P which can be used to specify an alternate program
number of an Amd to contact. In this way, amq can fully
control any number of Amd processes running on the same
host.
preferred_amq_port (numeric, default=0)
Specify an alternate Port-mapper RPC port number for
Amd’s Amq service. This is used for both UDP and TCP.
Setting this value to 0 (or not defining it) will cause
Amd to select an arbitrary port number. Setting the Amq
RPC service port to a specific number is useful in
firewalled or NAT’ed environments, where you need to know
which port Amd will listen on.
print_pid (boolean, default=no)
Same as the -p option to Amd. If "yes," Amd will print
its process ID upon starting.
print_version (boolean, default=no)
Same as the -v option to Amd, but the version prints and
Amd continues to run. If "yes," Amd will print its
version information string, which includes some
configuration and compilation values.
restart_mounts (boolean, default=no)
Same as the -r option to Amd. If "yes" Amd will scan the
mount table to determine which file systems are currently
mounted. Whenever one of these would have been auto-
mounted, Amd inherits it.
show_statfs_entries (boolean), default=no)
If "yes," then all maps which are browsable will also
show the number of entries (keys) they have when "df"
runs. (This is accomplished by returning non-zero values
to the statfs(2) system call).
truncate_log (boolean), default=no)
If "yes," then the log file (if it is a regular file),
will be truncated upon startup.
unmount_on_exit (boolean), default=no)
If "yes," then Amd will attempt to unmount all file
systems which it knows about. Normally Amd leaves all
(esp. NFS) mounted file systems intact. Note that Amd
does not know about file systems mounted before it starts
up, unless the restart_mounts option or -r flag are used.
use_tcpwrappers (boolean), default=yes)
If "yes," then Amd will use the tcpd/librwap tcpwrappers
library (if available) to control access to Amd via the
/etc/hosts.allow and /etc/hosts.deny files.
vendor (string, default to compiled in value)
The name of the vendor of the operating system.
Overrides the compiled-in vendor name. Useful when the
compiled-in name is not desired. For example, most Intel
based systems set the vendor name to ‘‘unknown’’, but you
can set it to ‘‘redhat.’’
Parameters applicable to regular map sections
map_name (string, must be specified)
Name of the map where the keys are located.
tag (string, default no tag)
Each map entry in the configuration file can be tagged.
If no tag is specified, that map section will always be
processed by Amd. If it is specified, then Amd will
process the map if the -T option was given to Amd, and
the value given to that command-line option matches that
in the map section.
EXAMPLES
Here is a real Amd configuration file I use daily.
# GLOBAL OPTIONS SECTION
[ global ]
normalize_hostnames = no
print_pid = no
restart_mounts = yes
auto_dir = /n
log_file = /var/log/amd
log_options = all
#debug_options = all
plock = no
selectors_in_defaults = yes
# config.guess picks up "sunos5" and I don’t want to edit my maps yet
os = sos5
# if you print_version after setting up "os," it will show it.
print_version = no
map_type = file
search_path = /etc/amdmaps:/usr/lib/amd:/usr/local/AMD/lib
browsable_dirs = yes
# DEFINE AN AMD MOUNT POINT
[ /u ]
map_name = amd.u
[ /proj ]
map_name = amd.proj
[ /src ]
map_name = amd.src
[ /misc ]
map_name = amd.misc
[ /import ]
map_name = amd.import
[ /tftpboot/.amd ]
tag = tftpboot
map_name = amd.tftpboot
SEE ALSO
amd(8), amq(8), ctl-amd(8), hosts_access(5).
‘‘am-utils’’ info(1) entry.
Linux NFS and Automounter Administration by Erez Zadok, ISBN
0-7821-2739-8, (Sybex, 2001).
http://www.am-utils.org
Amd - The 4.4 BSD Automounter
AUTHORS
Erez Zadok <ezk@cs.sunysb.edu>, Computer Science Department,
Stony Brook University, Stony Brook, New York, USA.
Other authors and contributors to am-utils are listed in the
AUTHORS file distributed with am-utils.
7 August 1997