KSD(1M) K-AShare by Xinet (05/03/00 10.2) KSD(1M)
NAME
ksd - AppleShare file server
SYNOPSIS
/usr/etc/appletalk/ksd [ -oAcfiLlpsSRvVGhHx ] [ -moveinuse ]
[ -ipaddr #.#.#.# ] [ -ipport port ] [ -noddp ]
[ -nc ] [ -m max_files_per_user ] [ -t tcpopt ]
[ -d hex_debug_level ] [ -Z zone ] server-name
DESCRIPTION
Ksd is an AppleShare network file system server. It uses
the K-Talk AppleTalk protocols to service file system
requests from remote clients.
The K-AShare server advertises its services with the Name
Binding Protocol Daemon nbpd(1m) using the server-name
specified (unless the -noddp argument is given). The server
name may contain blanks, but it must then be quoted in the
shell invocation.
The boot-time invocation of the servers normally resides in
the file /usr/etc/appletalk/services, which is used by the
atinit(1m) program. Only one ksd(1m) daemon can be running
on a machine; however ksd will fork slave processes to
distribute the system load between several processes.
The who(1) command shows users currently using the ksd(1m)
daemon.
OPTIONS
-A Attempts to get an AFS token by calling
"/usr/afsws/bin/klog" with the user name and password.
Will not open connections for users who cannot validate
with AFS.
-c Prevents users from saving their password permanently
on the Macintosh.
-t Set the security level for connections via TCP/IP.
Since TCP/IP connections can happen over the Internet,
additional security is often prudent. Tcpopt can be
one of the following: disable prevents TCP logins
completely, localpasswd does not allow "guest", "root",
or logins without a password from clients that are not
directly connected to the server (and is the default),
local allows only users on networks directly connected
to the server access, passwd allows users to connect
from anywhere as long as they have a password and they
are not "guest" or "root", none allows all TCP/IP
connections, and is recommended only on isolated nets
or behind a firewall.
Page 1 (printed 5/4/100)
KSD(1M) K-AShare by Xinet (05/03/00 10.2) KSD(1M)-d Set the debugging level to hex_debug_level. The
debugging levels are documented only in the source
code.
-f A performance option. AFP protocol requires that file
space be reserved before writing data. This implies
that a dummy file has to be written first. With the
-f flag, file space is not reserved and the file is
written only once.
-i Allow users who have blank passwords to login.
-L Do not search for the "user's real name" in the GECOS
field of password entries. This avoids a scan through
every entry in the passwd(4) database at each login,
but requires AppleShare users to use their exact UN*X
login account name.
-l Do not do make any calls to the UNIX lock manager.
This option is intended for users who do not have a
stable lock manager. The server allows the client to
set locks, but they are not really set. Unpredictable
behavior may occur when using clients that depend on
file locking, or when multiple users attempt to access
the same file. Use of this flag is discouraged.
-m Set the maximum number of files that a connected user
can open at one time to max_files_per_user. (The
default is 32). This option is useful if you have users
who are running ill-behaved Macintosh applications
(i.e. programs that fail to close files).
-o Fork a slave process for each user. This should only
be used on systems with lots of memory.
-p Prevent users from changing their password from the
Macintosh. This flag should be used if the unix server
is using any non-standard password scheme.
-s Run ksd(1m) in secure mode. Don't allow root logins
from the client.
-R This option gives the root user administrative
privileges from AppleShare. Without this option, root
behaves just like any other user. This option has no
effect if root logins are disabled with -s or with the
tcp security options.
-v Make dot files visible to user. This is a potentially
dangerous option, since in certain cases files that
start with a dot will be mistaken for device drivers by
the Finder, causing the Macintosh to crash. The
Page 2 (printed 5/4/100)
KSD(1M) K-AShare by Xinet (05/03/00 10.2) KSD(1M)
default is to hide all dot files.
-S Do follow Symbolic links. Normally, ksd(1m) doesn't
follow symbolic links, because of the danger of cycles.
Since the Mac doesn't understand symbolic links, the
Finder and other Mac applications cannot handle these
cycles in the file systems, and can easily crash the
Mac. If your mounted file system is really free of
cycles created by symbolic links, you might want to
follow symbolic links, but this is another potentially
dangerous option.
-V Log verbose messages, mostly about failed login
attempts. Normally, ksd(1m) does not do any error
logging when a login fails. This option causes
messages to be logged in /usr/adm/appletalk/at_log
indicating the net and node of the machine that the
login request came from (and the user name if just the
password was incorrect). This option is mainly for
government installations that require it.
-G Show up to 4 Gigabytes for a volume size. By default,
ksd limits the size it reports to 1.7Gig, which is the
most a pre-7.5-Mac could handle.
-h Don't allow users to mount their home directories, and
don't look for .KSVols files. Only public volumes (in
KASPubVols) are accessable.
-H Do not list public volumes that the user cannot read.
The default bevavior is to show the volumes, but gray
them out.
-x Do not allow Guest access to AppleShare volumes.
Without this flag, ksd(1m) will use any of the
following accounts for guest access, whichever it finds
first: ksdguest, ksd_guest, guest, nobody (if none
exist, it uses UID 65534 and GID 65534 for guest
access, with no personal volumes).
-moveinuse
Allow files that are open to be moved (rather than
returning the specified afpFileBusy). This mirrors the
behavior of Mac personal file sharing.
-nc Disables the ``clear text'' method of accepting
passwords during login.
-ipaddr
Forces the server to advertize the given IP address
(must be specified in ``dot'' notation) as it's
connection address. Without this argument, ksd uses
Page 3 (printed 5/4/100)
KSD(1M) K-AShare by Xinet (05/03/00 10.2) KSD(1M)
one of the configured IP interface addresses, whichever
one seems closest to the client.
-ipport
Use the specified port number as the AppleShare
connection port, instead of the default 548.
-noddp
Turns off connection via AppleTalk. This also prevents
ksd from advertizing its service via NBP, effectively
hiding it from choosers.
-Z zone
Specifies the zone in which to publish this server.
The default zone will be used if this option is not
present. You can publish the server in multiple zones
by using multiple zone options (e.g. -Z net1 -Z net2 ).
FILES
/usr/adm/appletalk/icons/* Icon database
/usr/adm/appletalk/KASPubVols List of K-AShare public
volumes
/usr/adm/appletalk/at_log Log of AppleTalk errors, etc.
/usr/adm/appletalk/motd Message sent to users when
they first connect to K-AShare
/usr/adm/appletalk/msg Message sent to each user when
ksd receives a SIGUSR1, or
sent as a shutdown warning
when ksd receives a SIGUSR2
*/.HSResource/* Directory for storing the
resource fork of files
*/.HSancillary File for additional file
information needed by Mac
~/.KSVols (or $HOME/.KSVols on HP-UX)
User's personal volume
specification files
SEE ALSO
K-AShare Administrator's Guide
K-Talk Administrator's Guide
who(1), ksd_restart(1m), ksd_msg(1m), kats(1), kunarc(1),
katype(1),
Page 4 (printed 5/4/100)
