Date: Wed, 1 Nov 2006 00:48:14 +0100 From: Erik Trulsson <ertr1013@student.uu.se> To: Brett Glass <brett@lariat.net> Cc: questions@freebsd.org, Dan Nelson <dnelson@allantgroup.com> Subject: Re: nfsiod Message-ID: <20061031234814.GA2366@owl.midgard.homeip.net> In-Reply-To: <200610312309.QAA24054@lariat.net> References: <200610312102.OAA22245@lariat.net> <20061031214209.GF3839@dan.emsphone.com> <200610312309.QAA24054@lariat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 31, 2006 at 04:09:14PM -0700, Brett Glass wrote: > On my system, sysctl(8) shows that vfs.nfs.iodmin is 4. And this > is out of the box on a fresh install of 6.1 in which I told > sysinstall that I wanted no NFS. Sounds like a bug. Now that you've > explained where the knobs are, I see that I can work around it > via lines in /boot/loader.conf, which can set sysctl variables > at the time when the kernel is loaded. But the bug should be > addressed in 6.2. If you're not running NFS, you don't need NFS- > related processes laying around. > > --Brett Glass The default value for vfs.nfs.iodmin was 4 in 6.1. It has since been changed to 0 in both -CURRENT and RELENG_6. If you are really sure that you don't need NFS, then I guess the best for you would be to use a custom kernel configuration with all NFS options removed. Then you can be quite certain that nothing NFS-related will be activated. > > At 02:42 PM 10/31/2006, Dan Nelson wrote: > > > >In the last episode (Oct 31), Brett Glass said: > >> I have no interest in running NFS (AKA "no file security") on my > >> FreeBSD boxes, but have noticed that FreeBSD 6.x seems to start a > >> daemon called "nfsiod" by default even when it is not configured as > >> an NFS server or client. What's the best way to instruct the system > >> not to start these processes, which take up resources and may be a > >> security risk? Why isn't this done at sysinstall time? > > > >nfsiods are kernel threads that allow for parallel client requests from > >a machine. You must still have some sort of NFS client functionality > >in the kernel for them to exist, but you can tell them to quit by > >setting the vfs.nfs.iodmax sysctl to 0. They should exit imediately. > >In fact, since iodmin defaults to zero, there shouldn't be any running > >unless you are actively using nfs. > > -- <Insert your favourite quote here.> Erik Trulsson ertr1013@student.uu.se
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061031234814.GA2366>