fedfs-lookup-junction (8) - Linux Manuals

fedfs-lookup-junction: send a FEDFS_LOOKUP_JUNCTION ADMIN protocol request


fedfs-lookup-junction - send a FEDFS_LOOKUP_JUNCTION ADMIN protocol request


fedfs-lookup-junction [-?d] [-n nettype] [-h hostname] [-s security] [-t resolvetype] path


RFC 5716 introduces the Federated File System (FedFS, for short). FedFS is an extensible standardized mechanism by which system administrators construct a coherent namespace across multiple file servers using file system referrals. For further details, see fedfs(7).

FedFS-enabled file servers allow remote administrative access via an authenticated RPC protocol known as the FedFS ADMIN protocol. Using this protocol, FedFS administrators manage FedFS junctions and NSDB connection parameter information on remote FedFS-enabled file servers.


The fedfs-lookup-junction(8) command is part of a collection of low-level single-use programs that is intended for testing the FedFS ADMIN protocol or for use in scripts. It sends a single FEDFS_LOOKUP_JUNCTION request to a remote FedFS ADMIN protocol service.

The FEDFS_LOOKUP_JUNCTION request causes a remote server to reveal the contents of a junction, or to report cached or immediate NSDB lookup results as that server sees them. The contents of a FedFS junction are an FSN UUID and an NSDB name and port.

The fedfs-lookup-junction(8) command takes a single positional parameter which is the pathname on the remote server of the junction to be looked up. The pathname is relative to the root of the local file system on the remote server.

Resolving a junction means performing an NSDB query with the contents of the junction to obtain a list of fileset locations, or FSLs, matching the stored FSN UUID. The meaning of these is described in more detail in fedfs(7).

There are three distinct types of junction lookup:

The remote server reports the actual contents of the junction stored on its local disk. This includes an FSN UUID and the name and port of an NSDB. If the -t option is not specified, this type of lookup is performed.
The remote server reports lookup results it may have cached from previous junction lookup requests. This includes an FSN UUID, the name and port of an NSDB, and the cached list of fileset locations matching the FSN UUID in the junction. Not all FedFS ADMIN service implementations support this type of request.
The remote server performs a fresh junction lookup and the results are returned. This includes an FSN UUID, the name and port of an NSDB, and a list of fileset locations matching the FSN UUID in the junction.


-d, --debug
Enables debugging messages during operation.
-?, --help
Displays fedfs-lookup-junction(8) version information and a usage message on stderr.
-h, --hostname=hostname
Specifies the hostname of a remote FedFS ADMIN service. If this option is not specified, the default value is localhost.
-n, --nettype=nettype
Specifies the transport to use when contacting the remote FedFS ADMIN service. Typically the nettype is one of tcp or udp. If this option is not specified, the default value is netpath. See rpc(3t) for details.
-p, --path=pathname
Specifies the location on the remote server where the target FedFS junction resides. This pathname is relative to the remote server's physical root directory, not the remote server's NFS pseudoroot.
-t, --resolvetype=type
Specifies the desired type of resolution. Valid values for type are 0, none, fedfs_resolve_none, 1, cache, fedfs_resolve_cache, 2, nsdb, or fedfs_resolve_nsdb. The value is not case-sensitive. If this option is not specified, the default value is none.
-s, --security=flavor
Specifies the security flavor to use when contacting the remote FedFS ADMIN service. Valid flavors are sys, unix, krb5, krb5i, and krb5p. If this option is not specified, the unix flavor is used. See the SECURITY section of this man page for details.


Suppose you are the FedFS administrator of the example.net FedFS domain and that your domain's NSDB hostname is nsdb.example.net. You have created a FedFS junction on remote server fs.example.net. To see how the junction appears on the file server, use:

$ fedfs-lookup-junction -h fs.example.net /export/junction1
Call completed successfully
FSN UUID: 89c6d208-7280-11e0-9f1d-000c297fd679
NSDB: nsdb.example.net:389

To see real-time junction lookup results as the remote server sees them, use:

$ fedfs-lookup-junction -h fs.example.net -t nsdb /export/junction1
Server returned FEDFS_ERR_NSDB_NOFSN

In this example, the junction exists on the file server, but the domain's NSDB has not yet been updated to contain a list of fileset locations for the FSN UUID contained in the junction. The file server is therefore not able to resolve the junction.


By default, or if the sys and unix flavors are specified with the --security=flavor option, the fedfs-create-junction(8) command uses AUTH_SYS security for the Remote Procedure Call. AUTH_SYS has known weaknesses and should be avoided on untrusted networks.

The RPC client uses the Kerberos v5 GSS mechanism if a Kerberos security flavor is specified. When specifying a Kerberos security flavor, the user must first obtain a valid Kerberos ticket using kinit(1) before running fedfs-create-junction(8).

The AUTH_NONE security flavor is no longer supported by this implementation.


This page is part of the fedfs-utils package. A description of the project and information about reporting bugs can be found at http://wiki.linux-nfs.org/wiki/index.php/FedFsUtilsProject.


Chuck Lever <chuck.lever [at] oracle.com>


fedfs(7), rpc.fedfsd(8), kinit(1), rpc(3t)

RFC 5716 for FedFS requirements and overview