@@ -129,13 +129,6 @@ These can be modified by editing
domain root export is created.
-The final step of setting up a FedFS domain is adding a set of DNS SRV
-records that direct FedFS-enabled clients to the fileserver
-where the domain's root directory resides.
-Adding DNS SRV records is outside the scope of the
-.BR fedfs-domainroot (8)
.BR fedfs-domainroot (8)
command must run as root in order to create and remove NFS exports
@@ -251,6 +244,28 @@ Removed domain root for FedFS domain "example.net"
+.SH DOMAIN ROOT DISCOVERY
+To enable discovery of new domain roots
+by FedFS-enabled file-access clients,
+a DNS SRV record must be added to an appropriate authoritative DNS server.
+If you created your domain root on the fileserver named
+.IR foo.example.net ,
+a record for the above domain root should be added to the DNS
+server authoritative for the
+Such a record might look like
+ _nfs-domainroot._tcp IN SRV 0 0 2049 foo.example.net.
+Adding DNS SRV records is outside the scope of the
+.BR fedfs-domainroot (8)
+Consult with your network administrator for details
+on how to add appropriate DNS SRV records for your FedFS domain root.
FedFS domain root exports created by
.BR fedfs-domainroot (8)
@@ -296,6 +311,8 @@ directory containing domain root exports
.BR rpc.fedfsd (8),
.BR exportfs (8),
.BR exports (5)
+RFC 6641 for the specification of FedFS DNS SRV records
This page is part of the fedfs-utils package.
A description of the project and information about reporting bugs
@@ -194,44 +194,6 @@ or hide parts of the FedFS namespace for security purposes.
However, it breaks cross-platform application interoperability
by presenting applications with multiple pathnames to the same file object.
Therefore it should be avoided.
-.SS Creating domain roots
-NFSv4 FedFS domain roots are mounted via a standard export pathname.
-The first component of the domain root's export pathname is always
-.IR /.domainroot .
-The second component is a FedFS domain name.
-For instance, the export pathname of the domain root of the
-FedFS domain would be
-.IR /.domainroot/example.net .
-After creating this directory on a FedFS-enabled
-fileserver and making it world readable,
-an entry in /etc/exports for this export might look like:
-At this point, FedFS junctions can be created in the domain's root directory
-using FedFS administrative tools.
-You can also add other objects that might be useful
-at the top of a FedFS domain namespace, such as standard NFS referrals,
-or files, like a terms-of-use document.
-To enable discovery of this domain root
-by FedFS-enabled file-access clients,
-a DNS SRV record is added to an appropriate authoritative DNS server.
-If you created your domain root on the fileserver named
-.IR foo.example.net ,
-a record for the above domain root should be added to the DNS
-server authoritative for the
-Such a record might look like
- _nfs-domainroot._tcp IN SRV 0 0 2049 foo.example.net.
Each host in a FedFS domain plays one or more of the following roles,
each of which have different security requirements.