fedfs-create-junction (8) - Linux Man Pages

fedfs-create-junction: send a FEDFS_CREATE_JUNCTION ADMIN protocol request


fedfs-create-junction - send a FEDFS_CREATE_JUNCTION ADMIN protocol request


fedfs-create-junction [-?d] [-n nettype] [-h hostname] [-l nsdbname] [-r nsdbport] [-s security] path fsn-uuid


RFC 5716 introduces the Federated File System (FedFS, for short). FedFS is an extensible standardized mechanism by which system administrators construct a coherent namespace across multiple file servers using file system referrals. For further details, see fedfs(7).

FedFS-enabled file servers allow remote administrative access via an authenticated RPC protocol known as the FedFS ADMIN protocol. Using this protocol, FedFS administrators manage FedFS junctions and NSDB connection parameter information on remote FedFS-enabled file servers.


The fedfs-create-junction(8) command is part of a collection of low-level single-use programs that is intended for testing the FedFS ADMIN protocol or for use in scripts. It sends a single FEDFS_CREATE_JUNCTION request to a remote FedFS ADMIN protocol service.

The FEDFS_CREATE_JUNCTION request creates a FedFS junction in a local file system on a remote file server. The contents of a FedFS junction are an FSN UUID and an NSDB name and port.

The fedfs-create-junction(8) command takes two positional parameters which specify the pathname on the remote server of the new junction, and the FSN UUID. This pathname is relative to the root of the local file system on the remote server. Required NSDB information can be inferred from the command's environment or specified on the command line. The meaning of these arguments is described in more detail in fedfs(7).

The FEDFS_CREATE_JUNCTION request does not create an FSN record. To create an FSN record, use the nsdb-create-fsn(8) command. Resolving a junction that contains an FSN UUID without a matching FSN record on the NSDB results in an error on the file server.


-d, --debug
Enables debugging messages during operation.
-?, --help
Displays fedfs-create-junction(8) version information and a usage message on stderr.
-h, --hostname=hostname
Specifies the hostname of a remote FedFS ADMIN service. If this option is not specified, the default value is localhost.
-n, --nettype=nettype
Specifies the transport to use when contacting the remote FedFS ADMIN service. Typically the nettype is one of tcp or udp. If this option is not specified, the default value is netpath. See rpc(3t) for details.
-l, --nsdbname=NSDB-hostname
Specifies the hostname of the NSDB to insert into the new FedFS junction. If this option is not specified, the value of the FEDFS_NSDB_HOST environment variable is consulted. If the variable is not set and the --nsdbname option is not specified, the fedfs-create-junction(8) command fails.
-r, --nsdbport=NSDB-port
Specifies the IP port of the NSDB to insert into the new FedFS junction. If this option is not specified, the value of the FEDFS_NSDB_PORT environment variable is consulted. The default value if the variable is not set is 389.
-s, --security=flavor
Specifies the security flavor to use when contacting the remote FedFS ADMIN service. Valid flavors are sys, unix, krb5, krb5i, and krb5p. If this option is not specified, the unix flavor is used. See the SECURITY section of this man page for details.


Suppose you are the FedFS administrator of the example.net FedFS domain and that your domain's NSDB hostname is nsdb.example.net. To create a new FedFS junction on the file server fs.example.net, use:

$ fedfs-create-junction -h fs.example.net -l nsdb.example.net \         /export/junction1 `uuidgen -t`

In this example, a new FSN UUID is created on the spot. It can be read back from the remote server using the fedfs-lookup-junction(8) command, and added to the NSDB using the nsdb-create-fsn(8) command.


By default, or if the sys and unix flavors are specified with the --security=flavor option, the fedfs-create-junction(8) command uses AUTH_SYS security for the Remote Procedure Call. AUTH_SYS has known weaknesses and should be avoided on untrusted networks.

The RPC client uses the Kerberos v5 GSS mechanism if a Kerberos security flavor is specified. When specifying a Kerberos security flavor, the user must first obtain a valid Kerberos ticket using kinit(1) before running fedfs-create-junction(8).

The AUTH_NONE security flavor is no longer supported by this implementation.


This page is part of the fedfs-utils package. A description of the project and information about reporting bugs can be found at http://wiki.linux-nfs.org/wiki/index.php/FedFsUtilsProject.


Chuck Lever <chuck.lever [at] oracle.com>


fedfs(7), rpc.fedfsd(8), fedfs-lookup-junction(8), nsdb-create-fsn(8), kinit(1), rpc(3t)

RFC 5716 for FedFS requirements and overview