1. Managing Network File Systems in Oracle Solaris 11.4
  2. Commands for Managing Network File Systems
  3. NFS Commands
  4. mount Command
  5. mount Options for NFS File Systems

mount Options for NFS File Systems

This section describes some of the options that can follow the -o flag when you are mounting an NFS file system. For a complete list of options, refer to the mount_nfs(8) man page.

bg|fg

These options can be used to select the retry behavior if a mount fails. The bg option causes the mount attempts to be run in the background. The fg option causes the mount attempt to be run in the foreground. The default is fg, which is the best selection for file systems that must be available because it prevents further processing until the mount is complete. bg is a good selection for noncritical file systems because the client can do other processing while waiting for the mount request to be completed.

forcedirectio

This option improves performance of large sequential data transfers. Data is copied directly to a user buffer. No caching is performed in the kernel on the client. This option is off by default (noforcedirectio).

To permit an application to issue concurrent writes, as well as concurrent reads and writes, to a single file on the client, use the forcedirectio mount option. This option, enables this functionality for all files within the mounted file system. You could also enable this functionality on a single file on the client by using the directio() interface. Unless this functionality has been enabled, writes to files are serialized. Also, if concurrent writes or concurrent reads and writes are occurring, then POSIX semantics are no longer being supported for that file.

For an example of how to use this option, refer to Using the mount Command.

largefiles

With this option, you can access files that are larger than 2 GB. Whether a large file can be accessed can only be controlled on the server, so this option is silently ignored on NFS Version 3 mounts. By default, all UFS file systems are mounted with largefiles. For mounts that use the NFS Version 2 protocol, the largefiles option causes the mount to fail with an error.

nolargefiles

This option for UFS mounts guarantees that no large files can exist on the file system. Because the existence of large files can be controlled only on the NFS server, no option for nolargefiles exists when using NFS mounts. Attempts to NFS-mount a file system by using this option are rejected with an error.

nosuid|suid

The nosuid option is the equivalent of specifying the nodevices option with the nosetuid option. When the nodevices option is specified, the opening of device-special files on the mounted file system is disallowed. When the nosetuid option is specified, the setuid bit and setgid bit in binary files that are located in the file system are ignored. The processes run with the privileges of the user who executes the binary file.

The suid option is the equivalent of specifying the devices option with the setuid option. When the devices option is specified, the opening of device-special files on the mounted file system is allowed. When the setuid option is specified, the setuid bit and the setgid bit in binary files that are located in the file system are honored by the kernel.

If neither option is specified, the default option is suid, which provides the default behavior of specifying the devices option with the setuid option.

The following table describes the effect of combining nosuid or suid with devices or nodevices, and setuid or nosetuid. Note that in each combination of options, the most restrictive option determines the behavior.

Behavior From the Combined Options Option Option Option

The equivalent of nosetuid with nodevices

nosuid

nosetuid

nodevices

The equivalent of nosetuid with nodevices

nosuid

nosetuid

devices

The equivalent of nosetuid with nodevices

nosuid

setuid

nodevices

The equivalent of nosetuid with nodevices

nosuid

setuid

devices

The equivalent of nosetuid with nodevices

suid

nosetuid

nodevices

The equivalent of nosetuid with devices

suid

nosetuid

devices

The equivalent of setuid with nodevices

suid

setuid

nodevices

The equivalent of setuid with devices

suid

setuid

devices

The nosuid option provides additional security for NFS clients that access potentially untrusted servers. Mounting remote file systems with this option reduces the chance of privilege escalation through importing untrusted devices or importing untrusted setuid binary files. All these options are available in all Oracle Solaris file systems.

public

This option forces the use of the public file handle when contacting the NFS server. If the public file handle is supported by the server, the mounting operation is faster because the MOUNT protocol is not used. Also, because the MOUNT protocol is not used, the public option allows mounting to occur through a firewall.

rw|ro

The -rw and -ro options indicate whether a file system is to be mounted read-write or read-only. The default is read-write, which is the appropriate option for remote home directories, mail-spooling directories, or other file systems that need to be changed by users. The read-only option is appropriate for directories that should not be changed by users. For example, shared copies of the man pages should not be writable by users.

sec= mode

You can use this option to specify the authentication mechanism to be used during the mount transaction. The available values for mode are:

  • krb5 for Kerberos Version 5 authentication service

  • krb5i for Kerberos Version 5 with integrity

  • krb5p for Kerberos Version 5 with privacy

  • none for no authentication

  • dh for Diffie-Hellman (DH) authentication

  • sys for standard UNIX authentication

The modes are also defined in /etc/nfssec.conf.

soft|hard

An NFS file system that is mounted with the soft option returns an error if the server does not respond. The hard option causes the mount to continue to retry until the server responds. The default is hard, which should be used for most file systems. Applications frequently do not check return values from soft-mounted file systems, which can make the application fail or can lead to corrupted files. If the application does check the return values, routing problems and other conditions can still confuse the application or lead to file corruption. In most situations, the soft option should not be used. If a file system is mounted by using the hard option and becomes unavailable, an application that uses this file system hangs until the file system becomes available.