Open System Services Management and Operations Guide (G06.30+, H06.08+, J06.03+)
on the NonStop server using the actual standard OSS permissions or OSS ACL permissions (if
present) on the object. The attribute values for NFSPERMMAP are:
DescriptionValue
The other and owning group fields of the permissions bits returned to NFS V2 clients are
modified such that only access that would be granted to everyone in the ACL, excluding
the owner, is granted in the permissions bits. That is:
RESTRICTIVE
• The ACL entries for the class mask, the owning group, and all optional users are
examined. The group permissions returned to NFS V2 clients for this object are the
most restrictive of the permissions bits of these ACL entries.
• The ACL entries for the class mask, the owning group, other, all optional groups,
and all optional users are examined. The other permissions returned to NFS V2 clients
for this object are the most restrictive of the permissions bits of these ACL entries.
Setting NFSPERMAP to this value can cause some users on NFS V2 clients to be denied
access to objects to which they should legitimately be granted access according to the
OSS ACL on the NonStop server.
The other and owning group fields of the permissions bits returned to NFS V2 clients are
modified such that access that would be granted to anyone in the ACL, excluding the
owner, is granted in the permissions bits. That is:
PERMISSIVE
• The ACL entries for the class mask, the owning group, and all optional users are
examined. The group permissions returned to NFS V2 clients for this object are the
most permissive of the permissions bits, as allowed by the class mask, of these ACL
entries.
• The ACL entries for the class mask, the owning group, other, all optional groups,
and all optional users are examined. The other permissions returned to NFS V2 clients
for this object are the most permissive of the permissions bits for the other ACL entry
and, as allowed by the class mask, the ACL entries of the owning group, optional
groups, and optional users.
Setting NFSPERMMAP to this value guarantees that users who have read permission in
the OSS ACL for an object on the NonStop system will be able to read the object on
NFS V2 clients. However, it also allows users on NFS V2 clients who do not have read
permission in the OSS ACL for an object on the NonStop server to be able to read data
from the object when the data is cached on NFS V2 clients.
The other and user fields of the permissions bits returned to NFS V2 clients are unmodified.
The group field of the permissions bits returned to NFS V2 clients are the permissions of
UNMODIFIED
the class entry of the ACL. This set of permissions bits matches the permissions that are
displayed on the NonStop server by a command such as the ls command.
Disables the mapping of OSS ACLs to NFS file permissions. When NFSPERMMAP is
disabled, NFS requests to objects protected by OSS ACLs that contain optional ACL
DISABLED
entries are denied. This behavior matches the behavior for systems running J06.08 and
earlier J-series RVUs, H06.19 and earlier H-series RVUs, and G-series RVUs. This is the
default value.
For more information about OSS NFS file-system security, see the Overview of NFS for Open
System Services and the Open System Services NFS Management and Operations Guide.
NFSPOOL kbytes
specifies the number of kilobytes that the OSS name server uses for buffers for nonretryable
Network File System (NFS) operations for the fileset.
Possible values are 4 through 128 kilobytes. The default value is 16 kilobytes.
See the Open System Services NFS Management and Operations Guide for more information
about NFS.
NFSTIMEOUT seconds
specifies the number of seconds that the OSS name server retains the results of nonretryable
Network File System (NFS) operations for the fileset.
Valid values are in the range 60 through 300. The default value is 120.
260 Open System Services Monitor