1RPC.STATD(8) System Manager's Manual RPC.STATD(8)
2
6 rpc.statd - NSM service daemon
7
9 rpc.statd [-dh?FLNvVw] [-H prog] [-n my-name] [-o outgoing-port] [-p
10 listener-port] [-P path ]
11
13 File locks are not part of persistent file system state. Lock state is
14 thus lost when a host reboots.
15 Network file systems must also detect when lock state is lost because a
17 remote host has rebooted. After an NFS client reboots, an NFS server
18 must release all file locks held by applications that were running on
19 that client. After a server reboots, a client must remind the server
20 of file locks held by applications running on that client.
21 For NFS version 2 [RFC1094] and NFS version 3 [RFC1813], the Network
23 Status Monitor protocol (or NSM for short) is used to notify NFS peers
24 of reboots. On Linux, two separate user-space components constitute
25 the NSM service:
26 rpc.statd
28 A daemon that listens for reboot notifications from other hosts,
29 and manages the list of hosts to be notified when the local sys‐
30 tem reboots
31 sm-notify
33 A helper program that notifies NFS peers after the local system
34 reboots
35 The local NFS lock manager alerts its local rpc.statd of each remote
37 peer that should be monitored. When the local system reboots, the sm-
38 notify command notifies the NSM service on monitored peers of the
39 reboot. When a remote reboots, that peer notifies the local rpc.statd,
40 which in turn passes the reboot notification back to the local NFS lock
41 manager.
42
44 The first file locking interaction between an NFS client and server
45 causes the NFS lock managers on both peers to contact their local NSM
46 service to store information about the opposite peer. On Linux, the
47 local lock manager contacts rpc.statd.
48 rpc.statd records information about each monitored NFS peer on persis‐
50 tent storage. This information describes how to contact a remote peer
51 in case the local system reboots, how to recognize which monitored peer
52 is reporting a reboot, and how to notify the local lock manager when a
53 monitored peer indicates it has rebooted.
54 An NFS client sends a hostname, known as the client's caller_name, in
56 each file lock request. An NFS server can use this hostname to send
57 asynchronous GRANT calls to a client, or to notify the client it has
58 rebooted.
59 The Linux NFS server can provide the client's caller_name or the
61 client's network address to rpc.statd. For the purposes of the NSM
62 protocol, this name or address is known as the monitored peer's
63 mon_name. In addition, the local lock manager tells rpc.statd what it
64 thinks its own hostname is. For the purposes of the NSM protocol, this
65 hostname is known as my_name.
66 There is no equivalent interaction between an NFS server and a client
68 to inform the client of the server's caller_name. Therefore NFS
69 clients do not actually know what mon_name an NFS server might use in
70 an SM_NOTIFY request. The Linux NFS client uses the server hostname
71 from the mount command to identify rebooting NFS servers.
72 Reboot notification
74 When the local system reboots, the sm-notify command reads the list of
75 monitored peers from persistent storage and sends an SM_NOTIFY request
76 to the NSM service on each listed remote peer. It uses the mon_name
77 string as the destination. To identify which host has rebooted, the
78 sm-notify command sends the my_name string recorded when that remote
79 was monitored. The remote rpc.statd matches incoming SM_NOTIFY
80 requests using this string, or the caller's network address, to one or
81 more peers on its own monitor list.
82 If rpc.statd does not find a peer on its monitor list that matches an
84 incoming SM_NOTIFY request, the notification is not forwarded to the
85 local lock manager. In addition, each peer has its own NSM state num‐
86 ber, a 32-bit integer that is bumped after each reboot by the sm-notify
87 command. rpc.statd uses this number to distinguish between actual
88 reboots and replayed notifications.
89 Part of NFS lock recovery is rediscovering which peers need to be moni‐
91 tored again. The sm-notify command clears the monitor list on persis‐
92 tent storage after each reboot.
93
95 -d, --no-syslog
96 Causes rpc.statd to write log messages on stderr instead of to
97 the system log, if the -F option was also specified.
98 -F, --foreground
100 Keeps rpc.statd attached to its controlling terminal so that NSM
101 operation can be monitored directly or run under a debugger. If
102 this option is not specified, rpc.statd backgrounds itself soon
103 after it starts.
104 -h, -?, --help
106 Causes rpc.statd to display usage information on stderr and then
107 exit.
108 -H, --ha-callout prog
110 Specifies a high availability callout program. If this option
111 is not specified, no callouts are performed. See the High-
112 availability callouts section below for details.
113 -L, --no-notify
115 Prevents rpc.statd from running the sm-notify command when it
116 starts up, preserving the existing NSM state number and monitor
117 list.
118 Note: the sm-notify command contains a check to ensure it runs
120 only once after each system reboot. This prevents spurious
121 reboot notification if rpc.statd restarts without the -L option.
122 -n, --name ipaddr | hostname
124 Specifies the bind address used for RPC listener sockets. The
125 ipaddr form can be expressed as either an IPv4 or an IPv6 pre‐
126 sentation address. If this option is not specified, rpc.statd
127 uses a wildcard address as the transport bind address.
128 This string is also passed to the sm-notify command to be used
130 as the source address from which to send reboot notification
131 requests. See sm-notify(8) for details.
132 -N Causes rpc.statd to run the sm-notify command, and then exit.
134 Since the sm-notify command can also be run directly, this
135 option is deprecated.
136 -o, --outgoing-port port
138 Specifies the source port number the sm-notify command should
139 use when sending reboot notifications. See sm-notify(8) for
140 details.
141 -p, --port port
143 Specifies the port number used for RPC listener sockets. If
144 this option is not specified, rpc.statd chooses a random
145 ephemeral port for each listener socket.
146 This option can be used to fix the port value of its listeners
148 when SM_NOTIFY requests must traverse a firewall between clients
149 and servers.
150 -P, --state-directory-path pathname
152 Specifies the pathname of the parent directory where NSM state
153 information resides. If this option is not specified, rpc.statd
154 uses /var/lib/nfs/statd by default.
155 After starting, rpc.statd attempts to set its effective UID and
157 GID to the owner and group of this directory.
158 -v, -V, --version
160 Causes rpc.statd to display version information on stderr and
161 then exit.
162
164 The rpc.statd daemon must be started as root to acquire privileges
165 needed to create sockets with privileged source ports, and to access
166 the state information database. Because rpc.statd maintains a long-
167 running network service, however, it drops root privileges as soon as
168 it starts up to reduce the risk of a privilege escalation attack.
169 During normal operation, the effective user ID it chooses is the owner
171 of the state directory. This allows it to continue to access files in
172 that directory after it has dropped its root privileges. To control
173 which user ID rpc.statd chooses, simply use chown(1) to set the owner
174 of the state directory.
175 You can also protect your rpc.statd listeners using the tcp_wrapper
177 library or iptables(8). To use the tcp_wrapper library, add the host‐
178 names of peers that should be allowed access to /etc/hosts.allow. Use
179 the daemon name statd even if the rpc.statd binary has a different
180 filename.
181 For further information see the tcpd(8) and hosts_access(5) man pages.
183
185 Lock recovery after a reboot is critical to maintaining data integrity
186 and preventing unnecessary application hangs. To help rpc.statd match
187 SM_NOTIFY requests to NLM requests, a number of best practices should
188 be observed, including:
189 The UTS nodename of your systems should match the DNS names that
191 NFS peers use to contact them
192 The UTS nodenames of your systems should always be fully quali‐
194 fied domain names
195 The forward and reverse DNS mapping of the UTS nodenames should
197 be consistent
198 The hostname the client uses to mount the server should match
200 the server's mon_name in SM_NOTIFY requests it sends
201 Unmounting an NFS file system does not necessarily stop either the NFS
203 client or server from monitoring each other. Both may continue moni‐
204 toring each other for a time in case subsequent NFS traffic between the
205 two results in fresh mounts and additional file locking.
206 On Linux, if the lockd kernel module is unloaded during normal opera‐
208 tion, all remote NFS peers are unmonitored. This can happen on an NFS
209 client, for example, if an automounter removes all NFS mount points due
210 to inactivity.
211 High-availability callouts
213 rpc.statd can exec a special callout program during processing of suc‐
214 cessful SM_MON, SM_UNMON, and SM_UNMON_ALL requests. Such a program
215 may be used in High Availability NFS (HA-NFS) environments to track
216 lock state that may need to be migrated after a system reboot.
217 The name of the callout program is specified with the -H option. The
219 program is run with 3 arguments: The first is either add-client or del-
220 client depending on the reason for the callout. The second is the
221 mon_name of the monitored peer. The third is the caller_name of the
222 requesting lock manager.
223 IPv6 and TI-RPC support
225 TI-RPC is a pre-requisite for supporting NFS on IPv6. If TI-RPC sup‐
226 port is built into rpc.statd, it attempts to start listeners on network
227 transports marked /etc/netconfig. As long as at least one network
228 transport listener starts successfully, rpc.statd will operate.
229
231 /var/lib/nfs/statd/sm directory containing monitor list
232 /var/lib/nfs/statd/sm.bak
234 directory containing notify list
235 /var/lib/nfs/statd/state NSM state number for this host
237 /var/run/run.statd.pid pid file
239 /etc/netconfig network transport capability database
241
243 sm-notify(8), nfs(5), rpc.nfsd(8), rpcbind(8), tcpd(8),
244 hosts_access(5), iptables(8), netconfig(5)
245 RFC 1094 - "NFS: Network File System Protocol Specification"
247 RFC 1813 - "NFS Version 3 Protocol Specification"
248 OpenGroup Protocols for Interworking: XNFS, Version 3W - Chapter 11
249
251 Jeff Uphoff <juphoff@users.sourceforge.net>
252 Olaf Kirch <okir@monad.swb.de>
253 H.J. Lu <hjl@gnu.org>
254 Lon Hohberger <hohberger@missioncriticallinux.com>
255 Paul Clements <paul.clements@steeleye.com>
256 Chuck Lever <chuck.lever@oracle.com>
257 1 November 2009 RPC.STATD(8)