distnoted — distributed notification server
distnoted provides distributed notifications services.
There are no configuration options to distnoted. Users should not run
diskarbitrationd — disk arbitration daemon
diskarbitrationd listens for connections from clients, notifies clients
of the appearance of disks and filesystems, and governs the mounting of
filesystems and the claiming of disks amongst clients.
diskarbitrationd is accessed via the Disk Arbitration framework.
-d Report detailed information in /var/log/diskarbitrationd.log.
This option forces diskarbitrationd to run in the foreground.
The file /etc/fstab is consulted for user-defined mount points, indexed
by filesystem, in the mount point determination for a filesystem. Each
filesystem can be identified by its UUID or by its label, using the con-
structs „UUID“ or „LABEL“, respectively. For example:
UUID=DF000C7E-AE0C-3B15-B730-DFD2EF15CB91 /export ufs ro
UUID=FAB060E9-79F7-33FF-BE85-E1D3ABD3EDEA none hfs rw,noauto
LABEL=The\040Volume\040Name\040Is\040This none msdos ro
cupsd.conf – server configuration file for cups
The cupsd.conf file configures the CUPS scheduler, cupsd(8). It is
normally located in the /etc/cups directory.
Each line in the file can be a configuration directive, a blank line,
or a comment. Comment lines start with the # character. The configura-
tion directives are intentionally similar to those used by the popular
Apache web server software and are described below.
The following directives are understood by cupsd. Consult the CUPS
Software Administrators Manual for a detailed description:
Defines the access log filename.
Allows access from the named hosts or addresses.
Specifies the authentication class (User, Group, System)
Specifies the authentication group.
Specifies the authentication type (None, Basic, Digest)
Specifies whether to purge job history data automatically when it
is no longer required for quotas.
Specifies a broadcast address for outgoing printer information
Allows incoming printer information packets from the named host or
Denies incoming printer information packets from the named host or
Specifies the maximum interval between printer information broad-
Specifies the order of printer information access control
(allow,deny or deny,allow)
Specifies a server to poll for printer information.
Specifies the port to listen to for printer information packets.
Specifies the protocols to use for printer registration and dis-
covery. Using BrowseProtocols sets the BrowseLocalProtocols and
BrowseRemoteProtocols directives to the specified value.
Specifies the protocols to use for the sending or registration of
Specifies the protocols to use for printer discovery of remote
Specifies that printer information packets should be relayed from
one host or network to another.
Specifies whether remote printers will use short names („printer“)
or not („printer@server“). This option is ignored if more than one
remote printer exists with the same name.
Specifies the maximum interval between printer information updates
before remote printers will be removed from the list of available
Specifies whether or not remote printer browsing should be
Specifies the security classification of the server.
Specifies whether to allow users to override the classification of
individual print jobs.
Specifies the permissions for all configuration files that the
Specified the directory where data files can be found.
Specifies the default character set to use for text.
Specifies the default language to use for text and web content.
Denies access to the named host or address.
Specifies the root directory for the internal web server docu-
Specifies the level of encryption that is required for a particu-
Specifies the error log filename.
Specifies the interval between retries of fax jobs in seconds.
Specifies the number of retries that are done for fax jobs.
Specifies whether the file pseudo-device can be used for new
Specifies the maximum cost of filters that are run concurrently.
Specifies the scheduling priority („nice“ value) of filters that
are run to print a job.
Specifies the search path for fonts.
Specifies the group name or ID that will be used when executing
Specifies whether to hide members of implicit classes.
Specifies whether or not to do reverse lookups on client
Specifies whether or not to create implicit classes for local and
remote printers, e.g. „AnyPrinter“ from „Printer“,
„Printer@server1“, and „Printer@server2“.
Specifies whether or not to create implicit classes from identical
Includes the named file.
Specifies whether or not to support HTTP Keep-Alive.
Specifies the connection timeout for HTTP Keep-Alive.
Specifies the HTTP methods that are being limited inside a loca-
Specifies the maximum size of any print job request.
Listens to the specified address and port.
Specifies access control for the named location.
Specifies the permissions for all log files that the scheduler
Specifies the logging level (none, warn, error, info, debug, or
Specifies the maximum number of simultaneous clients to support.
Specifies the maximum number of simultaneous clients to support
from a single address.
Specifies the maximum number of copies that a user can print of
Specifies the maximum number of simultaneous jobs to support.
Specifies the maximum number of simultaneous jobs per printer to
Specifies the maximum number of simultaneous jobs per user to sup-
Specifies the maximum size of the log files before they are
rotated (0 to disable rotation)
Specifies the maximum request/file size in bytes (0 for no limit)
Specifies the order of HTTP access control (allow,deny or
Specifies the page log filename.
Specifies a port number to listen to for HTTP requests.
Specifies whether or not to preserve job files after they are
Specifies whether or not to preserve the job history after they
Specifies the filename for a printcap file that is updated auto-
matically with a list of available printers (needed for legacy
Specifies the format of the printcap file.
Specifies whether to generate option panel definition files on
some operating systems.
Specifies the username that is associated with unauthenticated
Specifies the directory to store print jobs and other HTTP request
Specifies that user or group authentication is required.
Specifies the maximum amount of memory to use when converting
images and PostScript files to bitmaps for a printer.
Specifies that the scheduler should run as the unpriviledged user
set with the User directive.
Specifies whether all or any limits set for a Location must be
satisfied to allow access.
Specifies the email address of the server administrator.
Specifies the directory where backends, CGIs, daemons, and filters
may be found.
Specifies the encryption certificate to use.
Specifies the encryption key to use.
Specifies the fully-qualified hostname of the server.
Specifies the directory where the server configuration files can
Listens on the specified address and port for encrypted connec-
Listens on the specified port for encrypted connections.
Specifies the group to use for System class authentication.
Specifies the directory where temporary files are stored.
Specifies the HTTP request timeout in seconds.
Specifies the user name or ID that is used when running external
crypt, setkey, encrypt, des_setkey, des_cipher, — DES encryption
*crypt(const char *key, const char *setting);
encrypt(char *block, int flag);
des_setkey(const char *key);
des_cipher(const char *in, char *out, long salt, int count);
The crypt() function performs password encryption, based on the NBS Data
Encryption Standard (DES). Additional code has been added to deter key
search attempts. The first argument to crypt() is a null-terminated
string, typically a user’s typed password. The second is in one of two
forms: if it begins with an underscore („_“) then an extended format is
used in interpreting both the key and the setting, as outlined below.
The key is divided into groups of 8 characters (the last group is null-
padded) and the low-order 7 bits of each each character (56 bits per
group) are used to form the DES key as follows: the first group of 56
bits becomes the initial DES key. For each additional group, the XOR of
the encryption of the current DES key with itself and the group bits
becomes the next DES key.
The setting is a 9-character array consisting of an underscore followed
by 4 bytes of iteration count and 4 bytes of salt. These are encoded as
printable characters, 6 bits per character, least significant character
first. The values 0 to 63 are encoded as „./0-9A-Za-z“. This allows
24 bits for both count and salt.
The first 8 bytes of the key are null-padded, and the low-order 7 bits of
each character is used to form the 56-bit DES key.
The setting is a 2-character array of the ASCII-encoded salt. Thus only
12 bits of salt are used. count is set to 25.
The salt introduces disorder in the DES algorithm in one of 16777216 or
4096 possible ways (ie. with 24 or 12 bits: if bit i of the salt is set,
then bits i and i+24 are swapped in the DES E-box output).
The DES key is used to encrypt a 64-bit constant using count iterations
of DES. The value returned is a null-terminated string, 20 or 13 bytes
(plus null) in length, consisting of the setting followed by the encoded
The functions, encrypt(), setkey(), des_setkey() and des_cipher() provide
access to the DES algorithm itself. setkey() is passed a 64-byte array
of binary values (numeric 0 or 1). A 56-bit key is extracted from this
array by dividing the array into groups of 8, and ignoring the last bit
in each group. That bit is reserved for a byte parity check by DES, but
is ignored by these functions.
The block argument to encrypt() is also a 64-byte array of binary values.
If the value of flag is 0, block is encrypted otherwise it is decrypted.
The result is returned in the original array block after using the key
specified by setkey() to process it.
The argument to des_setkey() is a character array of length 8. The least
significant bit (the parity bit) in each character is ignored, and the
remaining bits are concatenated to form a 56-bit key. The function
des_cipher() encrypts (or decrypts if count is negative) the 64-bits
stored in the 8 characters at in using abs(3) of count iterations of DES
and stores the 64-bit result in the 8 characters at out (which may be the
same as in ). The salt specifies perturbations to the DES E-box output
as described above.
The function crypt() returns a pointer to the encrypted value on success,
and NULL on failure. The functions setkey(), encrypt(), des_setkey(),
and des_cipher() return 0 on success and 1 on failure.
The crypt(), setkey() and des_setkey() functions all manipulate the same
configd — System Configuration Daemon
configd [-bdv] [-B bundleID] [-V bundleID] [-t bundle-path]
The configd daemon is responsible for many configuration aspects of the
local system. configd maintains data reflecting the desired and current
state of the system, provides notifications to applications when this
data changes, and hosts a number of configuration agents in the form of
Each configuration agent is responsible for a well-defined aspect of con-
figuration management. The agents look to one or more input sources
(preferences, low-level kernel events, configd notifications, etc) and,
through a set of policy modules, interacts with the system to establish
the desired operational configuration.
Access to the data maintained by configd is via the SystemConfigura-
tion.framework SCDynamicStore APIs.
The command line options are as follows:
-b Don’t actually load any bundles.
-B bundleID Prevents the loading of the bundle with the specified bundleID.
-d Run configd in the foreground without forking. This is useful for debugging.
-v Puts configd into verbose mode. Displays debugging information about bundles as they are being loaded.
-V bundleID Turns verbose mode on for the bundle with the specified bundleID.
-t bundle-path Loads only the bundle specified by bundle-path.
At the present time, the majority of the configuration agents (or bun-
dles) hosted by configd are used to establish and maintain the network
configuration. These agents include:
This bundle is responsible for establishing and maintaining the AppleTalk
network configuration on the system.
This bundle is responsible for monitoring kernel events and conveying
changes to the network state (e.g. link status) to other configuration
agents and interested applications.
This bundle provides a name to each of the system’s network interfaces.
The bundle queries the IOKit Registry for a list of network devices
attached to the system and gives them BSD style names such as „en0“.
This agent is responsible for establishing and maintaining IPv4 addresses
on the system. These addresses may be manually specified in the network
preferences or acquired using DHCP (or BOOTP).
This agent is responsible for establishing and maintaining IPv6 addresses
on the system.
This agent is responsible for establishing and maintaining the primary
network service, the default route, the active DNS configuration, and the
active network proxies on the system.
This agent is responsible for establishing and maintaining the media
type, media options, and MTU for ethernet interfaces.
This agent is responsible for conveying the network configuration prefer-
ences specified by the administrator to the various configuration agents
(AppleTalk, IPv4, IPv6, …).
This agent is responsible for establishing and maintaining PPP connec-
tions on the system.
/System/Library/SystemConfiguration/Directory of configd bundles
/Library/Preferences/SystemConfiguration/Default directory for system configuration persistent store files.
…/preferences.plist System configuration
…/NetworkInterfaces.plist Network interface –> BSD interface mappings
…/VirtualNetworkInterfaces.plist Virtual network interface (VLAN) configuration
Log messages generated by configd and any configuration agents will are
sent to the system log daemon by syslog(3). The syslog facility used is
LOG_DAEMON. If the -d option is specified, log messages with written to
stdout (or stderr if the priority is greater than LOG_NOTICE).
configd was designed to run without any intervention but if you insist on
sending a signal to the daemon then the following are available:
SIGHUP This signal, typically used to tell a daemon to reload it’s con-
figuration, is ignored (there is no configuration).
SIGTERM This signal initiates a „graceful“ shutdown of the daemon.
The configd daemon appeared in Mac OS X Public Beta.
Unless started with the -d option, configd will register with
mach_init(8) such that the daemon will be restarted in the event of a
crash. This registration will be removed during „graceful“ shutdowns of
This daemon and its current behavior may change without notice. Do not
rely on its existence or its behavior. Consider it an unsupported com-
cksum – checksum and count the bytes in a file
cksum [–help] [–version] [file…]
This manual page documents the GNU version of cksum.
cksum computes a cyclic redundancy check (CRC) for each
named file, or the standard input if none are given or
when a file named `-‚ is given. It prints the CRC for
each file along with the number of bytes in the file, and
the file name unless no arguments were given.
cksum is typically used to make sure that files have been
transferred by unreliable means (such as netnews) have not
been corrupted, by comparing the cksum output for the
received files with the cksum output for the original
files. The CRC algorithm is specified by the POSIX.2
standard. It is not compatible with the BSD or System V
sum programs; it is more robust.
–help Print a usage message and exit with a status code
Print version information on standard output then
charset – Set an ACM for use in one of the G0/G1 charset
charset [-v] G0|G1 [cp437|iso01|vt100|user|]
The linux console has 2 slots for charsets, labeled G0 and
G1. charset changes the slot in use by the current VT to
either G0 or G1, and fills the slot either with one of the
3 predefined ACMs (cp437, iso01, vt100) or with a user-
You can ask for the current user-defined ACM by specifying
user, or ask a new ACM to be loaded from a file into the
user slot, by specifying a filename.
You will note that, although each VT has its own slot set-
tings, there is only one user-defined ACM for all the VTs.
That is, whereas you can have tty1 using G0=cp437 and
G1=vt100, at the same time as tty2 using G0=iso01 and
G1=iso02 (user-defined), you cannot have at the same time
tty1 using iso02 and tty2 using iso03. This is a limita-
tion of the linux kernel.
Note that you can emulate such a setting using the fil-
term(1) utility, with your console in UTF8-mode, by
telling filterm to translate screen output on-the-fly to
You’ll find filterm(1) in the konwert(1) package, by
Marcin Kowalczyk, which is available from
-v be verbose. charset will then print what it does
as it does it.
charset cannot determine which of the 2 slots is in use at
a given time, so you have to tell him which one you want,
even if you don’t want to change to the other one. This
is a limitation of the console driver.
consolechars(8), unicode_start(1), filterm(1).
blowfish, BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt,
BF_cbc_encrypt, BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options – Blow-
void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
BF_KEY *key, int enc);
void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
long length, BF_KEY *schedule, unsigned char *ivec, int enc);
void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, BF_KEY *schedule, unsigned char *ivec, int *num,
void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
long length, BF_KEY *schedule, unsigned char *ivec, int *num);
const char *BF_options(void);
void BF_encrypt(BF_LONG *data,const BF_KEY *key);
void BF_decrypt(BF_LONG *data,const BF_KEY *key);
This library implements the Blowfish cipher, which was invented and
described by Counterpane.
Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of
data. It uses a variable size key, but typically, 128 bit (16 byte)
keys are a considered good for strong encryption. Blowfish can be used
in the same modes as DES (see des_modes(7)). Blowfish is currently one
of the faster block ciphers. It is quite a bit faster than DES, and
much faster than IDEA or RC2.
Blowfish consists of a key setup phase and the actual encryption or
BF_set_key() sets up the BF_KEY key using the len bytes long key at
BF_ecb_encrypt() is the basic Blowfish encryption and decryption func-
tion. It encrypts or decrypts the first 64 bits of in using the key
key, putting the result in out. enc decides if encryption (BF_ENCRYPT)
or decryption (BF_DECRYPT) shall be performed. The vector pointed at
by in and out must be 64 bits in length, no less. If they are larger,
everything after the first 64 bits is ignored.
The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and
BF_ofb64_encrypt() all operate on variable length data. They all take
an initialization vector ivec which needs to be passed along into the
next call of the same function for the same message. ivec may be ini-
tialized with anything, but the recipient needs to know what it was
initialized with, or it won’t be able to decrypt. Some programs and
protocols simplify this, like SSH, where ivec is simply initialized to
zero. BF_cbc_encrypt() operates on data that is a multiple of 8 bytes
long, while BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to
encrypt an variable number of bytes (the amount does not have to be an
exact multiple of 8 ). The purpose of the latter two is to simulate
stream ciphers, and therefore, they need the parameter num, which is a
pointer to an integer where the current offset in ivec is stored
between calls. This integer must be initialized to zero when ivec is
BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish.
It encrypts or decrypts the 64 bits chunks of in using the key sched-
ule, putting the result in out. enc decides if encryption (BF_ENCRYPT)
or decryption (BF_DECRYPT) shall be performed. ivec must point at an 8
byte long initialization vector.
BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback.
It encrypts or decrypts the bytes in in using the key schedule, putting
the result in out. enc decides if encryption (BF_ENCRYPT) or decryp-
tion (BF_DECRYPT) shall be performed. ivec must point at an 8 byte
long initialization vector. num must point at an integer which must be
BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback.
It uses the same parameters as BF_cfb64_encrypt(), which must be ini-
tialized the same way.
BF_encrypt() and BF_decrypt() are the lowest level functions for Blow-
fish encryption. They encrypt/decrypt the first 64 bits of the vector
pointed by data, using the key key. These functions should not be used
unless you implement ‚modes‘ of Blowfish. The alternative is to use
BF_ecb_encrypt(). If you still want to use these functions, you should
be aware that they take each 32-bit chunk in host-byte order, which is
little-endian on little-endian platforms and big-endian on big-endian
None of the functions presented here return any value.
Applications should use the higher level functions EVP_EncryptInit(3)
etc. instead of calling the blowfish functions directly.
base64 – Encoding „base64“
package require Tcl 8.2
package require Trf 2.1p2
base64 options… data
The command base64 is one of several data encodings provided by the
package trf. See trf-intro for an overview of the whole package.
This encoding transforms every block of three bytes into a block of
four bytes, each of which is printable, i.e. 7bit ASCII. This implies
that the result is valid UTF-8 too. The command uses essentially the
same algorithm as for uuencode, except for a different mapping from
6-bit fragments to printable bytes.
base64 options… data
This option has to be present and is always understood by
For immediate mode the argument value specifies the oper-
ation to use. For an attached encoding it specifies the
operation to use for writing. Reading will automatically
use the reverse operation. See section IMMEDIATE versus
ATTACHED for explanations of these two terms.
Beyond the argument values listed above all unique abbre-
viations are recognized too.
Encode converts from arbitrary (most likely binary) data
into the described representation, decode does the
The presence/absence of this option determines the main
operation mode of the transformation.
If present the transformation will be stacked onto the
channel whose handle was given to the option and run in
attached mode. More about this in section IMMEDIATE ver-
If the option is absent the transformation is used in
immediate mode and the options listed below are recog-
nized. More about this in section IMMEDIATE versus
This options is legal if and only if the transformation
is used in immediate mode. It provides the handle of the
channel the data to transform has to be read from.
If the transformation is in immediate mode and this
option is absent the data to transform is expected as the
last argument to the transformation.
This options is legal if and only if the transformation
is used in immediate mode. It provides the handle of the
channel the generated transformation result is written
If the transformation is in immediate mode and this
option is absent the generated data is returned as the
result of the command itself.
 The encoding is equivalent to PGP’s ASCII armor and was also
accepted as one of the MIME encodings for encapsulation of
binary data. See RFC 2045
tor.org/rfc/rfc2045.txt) for details and the specification of
 The encoding buffers 2 bytes.
IMMEDIATE versus ATTACHED
The transformation distinguishes between two main ways of using it.
These are the immediate and attached operation modes.
For the attached mode the option -attach is used to associate the
transformation with an existing channel. During the execution of the
command no transformation is performed, instead the channel is changed
in such a way, that from then on all data written to or read from it
passes through the transformation and is modified by it according to
the definition above. This attachment can be revoked by executing the
command unstack for the chosen channel. This is the only way to do this
at the Tcl level.
In the second mode, which can be detected by the absence of option
-attach, the transformation immediately takes data from either its com-
mandline or a channel, transforms it, and returns the result either as
result of the command, or writes it into a channel. The mode is named
after the immediate nature of its execution.
Where the data is taken from, and delivered to, is governed by the
presence and absence of the options -in and -out. It should be noted
that this ability to immediately read from and/or write to a channel is
an historic artifact which was introduced at the beginning of Trf’s
life when Tcl version 7.6 was current as this and earlier versions have
trouble to deal with \0 characters embedded into either input or out-
automount — automatic server mount / unmount daemon
automount [-V] [-d] [-D type] [-1] [-tm secs] [-tl secs] [-s] [-tcp]
[-m directory map -mnt directory] …
automount is a daemon that automatically mounts network filesystems when
they are first accessed and later unmounts them when they are idle.
automount creates a virtual filesystem mounted at one or more places in
the client’s file and directory hierarchy. Potential server mount points
within this virtual filesystem appear as symbolic links. Reading a sym-
bolic link causes automount to mount the associated remote filesystem in
a separate hierarchy and to return the path to the real mount point as
the target of the symlink.
To make the „trigger“ symbolic links used by automount distinguishable
from normal symbolic links, the sticky bit is set in the mode flags for
the link. Programs which would normally traverse symbolic links can test
for this bit and avoid triggering the mount. Various parts of the sys-
tem, including ls(1), have been modified in this way.
Each virtual filesystem created by automount is governed by a correspond-
ing map. One or more maps and the location in the hierarchy where they
are to appear may be specified on the command line with -m and -mnt:
-m directory map
is followed by a specification of the private mount directory where the
actual mounts are to be established:
Each map’s hierarchy is rooted at the directory specified.
A map may be file or a special map. A file map is a file containing a
list of entries of the form:
location mount_options server:path
mount_options must be a comma-separated list of options drawn from the
options known to mount(8) and mount_nfs(8). automount will automatically
make available at the map’s mount point the directory specified by
server:path (as a symlink). When the symlink is traversed, it will mount
the server in the directory specified with -mnt and return the real mount
point as the result of the symlink resolution.
In addition to reading files specifying mount maps, automount supports
the „-fstab“, „-static“, and „-nsl“ maps. The „-fstab“ and
„-static“ maps are derived from fstab(5) data (as provided by
All mounts in fstab(5) without the „net“ option will be made to appear
at the fstab(5)-specified location in the form of a symlink into the
directory where the „-static“ map is actually mounted (itself a direc-
tory of symlinks). For example, the entry:
server:/Network/Applications /Network/Applications nfs nosuid 0 0
and automount invocation
automount -m /automount/static -static -mnt /private/var/automount
result in a non-trigger symlink /Network/Applications pointing to /auto-
mount/static/Network/Applications which, when traversed, causes
server:/Network/Applications to be mounted on /private/var/automount/Net-
work/Applications (which would then be returned from reading the link).
All mounts with the „net“ option will be mounted within the „-fstab“
map’s filesystem using a path of the form:
For such mounts, the path specified in the fstab(5) entry will be
ignored. For example, if the fstab(5) database contained an entry for
and automount was started as follows:
automount -m /Useful -fstab -mnt /private/Useful
then a symlink would appear in /Useful, /Useful/polaris/Library/Fonts,
and link to /private/Useful/polaris/Library/Fonts where the filesystem is
actually mounted when the symlink is traversed.
The „-nsl“ map generates its filesystem hierarchy from information gen-
erated by NSL. NSL „neighborhoods“ are presented as directories, popu-
lated by server entries.
Accessing servers in the NSL hierarchy may prompt the user for authenti-
-V Print version and host information, then quit
-m directory map
Associate the specified map with the given directory. The direc-
tory will be created if it doesn’t exist. map may be the name of
a file, or it may be the name of a special map. See the FILE
MAPS and SPECIAL MAPS sections above.
-d Run automount in debug mode. The program remains in the fore-
ground and sends debugging information to standard output.
Log debug messages for type. type may be „mount“, „proc“,
„mount“, „select“, „options“, „nsl“, or „all“. Multiple -D
options may be specified.
-1 (The numeric digit „one“.) Modifies the „-fstab“ and
„-static“ maps to do mounts „one at a time“, when an actual
mount point is traversed rather than mounting all mounts from a
given server when the first of its mounts is referenced and
Set the timeout for NFS mounts to secs seconds. The default
value is 20 seconds. The „mnttimeo=n“ mount option overrides
Set the time-to-live for NFS mounts to secs seconds. The default
value is 3600 seconds. The „ttl=n“ mount option overrides this
automount periodically checks all its mounted filesystems. If it
finds any filesystems that have been idle for their associated
time-to-live value, it will attempt to unmount them. An unmount
will only be successful if there are no processes with open files
in that filesystem. Unless -1 is specified, if one or more
mounts from a given server are found to be active, any mounts
from that server that were successfully unmounted will be immea-
Supplying a ttl value of 0 will disable this behavior and allow
servers to remain mounted forever.
-s Force all mounts at startup and never expire any mounts.
-tcp Mount servers using TCP if possible, otherwise using UDP (the
default is to try UDP first, then TCP). Per mount_nfs(8), „-T“,
„TCP“, or „tcp“ mount options have the same effect as specifying
-tcp; „-U“, „UDP“, or „udp“ mount options force the default
behavior of trying UDP first even if -tcp is specified.