Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

bind(1)

aan(1)

ssl(3)

exportfs(4)

listen(8)

ndb(8)

IMPORT(4)

NAME

import − import a name space from a remote system

SYNOPSIS

­import [ ­options ] ­system ­file [ ­mountpoint ]

­import ­-B [ ­options ] ­mountpoint [ ­cmd [ ­args ...  ] ]

DESCRIPTION

­Import allows an arbitrary ­file on a remote ­system to be imported into the local name space.  Usually ­file is a directory, so the complete file tree under the directory is made available. 

A process is started on the remote machine, with authority of the user of import, to perform work for the local machine using the exportfs(4) service. If ­mountpoint is omitted ­import uses the name of the remote ­file as the local mount point. 

The options are:

­-a -b -c -C
Control the construction of union directories, as in ­mount and bind(1). Only valid when ­file is a directory. 

­-B Run in “backwards” mode, described below. 

­-E enc
Push an authentication protocol on its network connection. The supported protocols are ­clear (the default, no protocol) and ssl.  There are plans to make ­tls available. 

­-e ’enc auth’
Specify the encryption and authentication algorithms to use for encrypting the wire traffic (see ssl(3)). The defaults are ­rc4_256 and sha1. 

­-k keypattern
Use ­keypattern to select a key to authenticate to the remote side (see auth(2)).

­-o -O
These equivalent flags run ­import in a pre-9P2000 compatibility mode to import from ancient servers. 

­-p Push the aan(8) filter onto the connection to protect against temporary network outages.

­-s name
Post the connection’s mountable file descriptor as /srv/name. 

The ­-B option runs ­import in “backwards” mode.  In this mode, ­import runs a ­p9any authentication (as server) over its file descriptor 0 (expected to be an incoming network connection from ­exportfs -B), mounts the connection onto mntpt, and optionally runs ­cmd args.

EXAMPLES

Assume a machine ­kremvax that has IP interfaces for the company intranet and the global internet mounted on ­/net and ­/net.alt respectively.  Any machine inside the company can get telnet out to the global internet using:

import -a kremvax /net.alt
telnet /net.alt/tcp!ucbvax

Suppose that the machine ­moscvax is has access to a private file server containing public web pages that need to be served by the less-trusted server webvax.  ­Webvax runs the following listener (see listen(8)) on TCP port 999:

#!/bin/rc
import -B -s rowebfs /usr/web /bin/restarthttpd

When ­moscvax boots, it runs

exportfs -R -r /usr/web -B tcp!webvax!999

to serve a read-only copy of ­/usr/web to webvax.  When ­webvax gets the call, ­import mounts the served tree onto its own ­/usr/web and then runs ­/bin/restarthttpd to restart httpd(8).

SOURCE

­/sys/src/cmd/import.c

SEE ALSO

bind(1), aan(1), ssl(3), exportfs(4), listen(8), ­cs in ndb(8)

Plan 9  —  May 05, 2005

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026