From owner-freebsd-questions@FreeBSD.ORG  Tue Oct 31 21:42:16 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: questions@freebsd.org
Delivered-To: freebsd-questions@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7D98916A407
	for <questions@freebsd.org>; Tue, 31 Oct 2006 21:42:16 +0000 (UTC)
	(envelope-from dan@dan.emsphone.com)
Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E93B743D5C
	for <questions@freebsd.org>; Tue, 31 Oct 2006 21:42:10 +0000 (GMT)
	(envelope-from dan@dan.emsphone.com)
Received: (from dan@localhost)
	by dan.emsphone.com (8.13.6/8.13.8) id k9VLg9dP021628;
	Tue, 31 Oct 2006 15:42:09 -0600 (CST) (envelope-from dan)
Date: Tue, 31 Oct 2006 15:42:09 -0600
From: Dan Nelson <dnelson@allantgroup.com>
To: Brett Glass <brett@lariat.net>
Message-ID: <20061031214209.GF3839@dan.emsphone.com>
References: <200610312102.OAA22245@lariat.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200610312102.OAA22245@lariat.net>
X-OS: FreeBSD 6.2-PRERELEASE
X-message-flag: Outlook Error
User-Agent: Mutt/1.5.13 (2006-08-11)
Cc: questions@freebsd.org
Subject: Re: nfsiod
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Oct 2006 21:42:16 -0000

In the last episode (Oct 31), Brett Glass said:
> I have no interest in running NFS (AKA "no file security") on my 
> FreeBSD boxes, but have  noticed that FreeBSD 6.x seems to start a 
> daemon called "nfsiod" by default even when it is not configured as 
> an NFS server or client. What's the best way to instruct the system 
> not to start these processes, which take up resources and may be a 
> security risk? Why isn't this done at sysinstall time?

nfsiods are kernel threads that allow for parallel client requests from
a machine.  You must still have some sort of NFS client functionality
in the kernel for them to exist, but you can tell them to quit by
setting the vfs.nfs.iodmax sysctl to 0.  They should exit imediately. 
In fact, since iodmin defaults to zero, there shouldn't be any running
unless you are actively using nfs.

-- 
	Dan Nelson
	dnelson@allantgroup.com