ncpmount, mount.ncp, mount.ncpfs − mount volume(s) from a specified NetWare fileserver.
ncpmount [ -h ] [ -S server ] [ -U user name ] [ -P password | -n ] [ -C ] [ -c client name ] [ -u uid ] [ -g gid ] [ -f file mode ] [ -d dir mode ] [ -V volume ] [ -t time_out ] [ -r retry_count ] [ -b ] [ -i level ] [ -v ] [ -m ] [ -y iocharset ] [ -p codepage ] [ -N ignored namespace ] [ -2 | -3 | -4 ] [ -s ] [ -A dns name ] mount-point
mount.ncp remote-server-and-user mount-point [ -n ] [ -v ] [ -o mount_options ]
This program is used to mount volumes of the specified NetWare Fileserver under the specified mount point.
ncpfs is a linux filesystem which understands the NCP protocol. This is the protocol Novell NetWare clients use to talk to NetWare servers. ncpfs was inspired by lwared, a free NetWare emulator for Linux written by Ales Dryak. See ftp://klokan.sh.cvut.cz/pub/linux for this very interesting program.
ncpmount, when invoked with all appropriate arguments, attaches and logs into specified server and mounts all volumes (or one volume or subtree) from server under the specified mount point. ncpmount when invoked without any arguments specifying the fileserver, user id and password checks the file $HOME/.nwclient to find a file server, a user name and possibly a password to use for the specified mount point. See nwclient(5) for more information. Please note that the access permissions of .nwclient MUST be 600, for security reasons.
mount-point is the directory you want to mount the filesystem over. Its function is the the same as for a normal mount command.
If the real uid of the caller is not root, ncpmount checks whether the user is allowed to mount a filesystem on the mount-point. So it should be safe to make ncpmount setuid root. The filesystem stores the uid of the user who called ncpmount. So ncpumount can check whether the caller is allowed to unmount the filesystem.
-S server (mount option server= or part before / in remote-server-and-user)
server is the name of the server you want to use.
-h is used to print out a short help text.
-C (mount option noupcasepasswd)
By default passwords are converted to uppercase before they are sent to the server because most servers require this. This option disables this feature ensuring that passwords are sent without any case conversion.
-n (mount option nopasswd)
-n must be specified for logins that do not have a password configured. This option means do not update /etc/mtab if there is option -o on command line. You must use -o nopasswd in this case.
passwdfile=file (only mount option)
If you want specify password and you do not want store it into world readable /etc/fstab, you can use this option. file then contains lines in form SERVER/USER:PASSWORD:other_data (other_data are currently unused)
pass-fd=fd (only mount option)
If you want to pass password in secure way to ncpmount, you can pass it through specified fd.
-P password (mount option passwd=)
specifies the password to use for the Netware user id.
If neither -n nor the -P nor the passwdfile= nor the pass-fd= arguments are specified ncpmount will prompt for a password. This makes it difficult to use in scripts such as /etc/rc. If you want to have ncpmount work automatically from a script you must include the appropriate option and be very careful to ensure that appopriate file permissions are set for the script that includes your password to ensure that others can not read it.
-U user name (mount option user= or rest of remote-server-and-user after /)
Specifies the Netware user id to use when logging in to the fileserver. If this option is not specified then ncpmount will attempt to login to the fileserver using the Linux login id of the user invoking ncpmount.
-m (mount option multiple)
Normally, ncpmount limits number of connections from client to server to one per unique user name. If you want mount more than one connection with same username and server, you must specify -m.
-u uid, -g gid (mount option uid= and gid=)
ncpmount does not yet implement a scheme for mapping NetWare users/groups to Linux users/groups. Linux requires that each file has an owner and group id. With -u and -g you can tell ncpmount which id’s it should assign to the files in the mounted directory.
The defaults for these values are the current uid and gid.
-c user name (mount option owner=)
-c names the user who is the owner of the connection, where owner does not refer to file ownership (that "owner" is set by the -u argument), but the owner of the mount, ie: who is allowed to call ncpumount on this mount. The default owner of the connection and the mount is the user who called ncpmount. This option allows you to specify that some other user should be set as the owner.
In this this way it is possible to mount a public read-only directory, but to allow the lp daemon to print on NetWare queues. This is possible because only users who have write permissions on a directory may issue ncp requests over a connection. The exception to this rule is the ’mount owner’, who is also granted ’request permission’.
-f file mode, -d dir mode (mount option mode= (or filemode=) and dirmode=)
Like -u and -g, these options are used to determine what permissions should be assigned files and directories of the mounted volumes. The values must be specified as octal numbers. The default values are taken from the current umask, where the file mode is the current umask, and the dir mode adds execute permissions where the file mode gives read permissions.
Note that these permissions can differ from the rights the server gives to us. If you do not have write permissions on the server, you can very well choose a file mode that tells that you have. This certainly cannot override the restrictions imposed by the server.
-V volume (mount option volume=)
There are 2 general ways you can mount a NetWare server’s disk space: Either you can mount all volumes under one directory, or you can mount only a single volume.
When you choose to mount the complete disk space at once, you have the advantage that only one Linux mount point and only one NetWare connection is used for all the volumes of this server. Both of these are limited resources. (Although raising the number of Linux mount points is significantly cheaper than raising the number of available NetWare connections ;-))
When you specify to mount a single volume by using the option -V volume, you have the big advantage that nfsd is able to re-export this mounted directory. You must invoke nfsd and mountd with the option --re-export to make nfsd re-export ncpfs mounted directories. This uses one Linux mount point and one NetWare connection per mounted volume. Maybe sometime in the future I will make it possible to mount all volumes on different mount points, using only one connection.
-t time_out (mount option timeo= or timeout=)
With -t you can adjust the time ncpfs waits for the server to answer a request it sent. Use the option to raise the timeout value when your ncpfs connections seem to be unstable although your servers are well up. This can happen when you have very busy servers, or servers that are very far away.
time_out is specified in 1/100s, the current default value is 60.
-r retry_count (mount option retry=)
As -t, -r can be used to tune the ncpfs connection to the server. With retry_count you can specify how many times ncpfs will attempt to send a packet to the server before it decides the connection is dead. The current default value is 5.
Currently ncpfs is not too clever when trying to find out that connections are dead. If anybody knows how to do that correctly, as it is done by commercial workstations, please tell me.
-y iocharset (mount option iocharset=)
You can specify character translation rules for converting names from unicode to your desktop (it works together with -p). iocharset is charset name, for example iso8859-1.
-p codepage (mount option codepage=)
You can specify character translation rules for converting names from Netware encoding to unicode (it works together with -y). codepage is codepage name, for example cp437.
-b (mount option bindery)
If you are connecting to NetWare 4 or NetWare 5 through bindery emulation instead of NDS, you must specify this option.
-i level (mount option signature=level)
Enables packet signing. level is from 0 to 3: 0 means disable, 1 means sign if server needs it, 2 means sign if server allows it and 3 means sign packets always.
Print ncpfs version number. It has another meaning (verbose) if you specify -o on command line. If you are interested in version, type ncpmount -v without another options.
-A dns name (mount option ipserver=dns name)
When you are mounting volumes from NetWare 5 server over UDP, you must specify dns name of server here and logical server name in -S (or in server=). This name is used to switch ncpmount into UDP mode and to specify server to connect. Currently, DNS is only supported IP name resolution protocol. There is currently no support for SLP.
-N ignored namespace (mount option nonfs and nolong)
ncpfs supports NFS, LONG (OS/2) and DOS namespace on NetWare volumes. If you do not want to use NFS or LONG namespace (because of bugs in (server) code or for backward compatibility), you must specify these ignored namespaces in mount parameters.
If you have unusual ncpfs code in kernel and ncpmount is not able to autodetect it, use this option. It switches ncpmount to ncpfs interface version 2. This interface was used in 2.0.x kernels, does not support NCP/UDP, does not have NDS authentication info storage and uses only 16bit uid/gid.
If you have unusual ncpfs code in kernel and ncpmount is not able to autodetect it, use this option. It switches ncpmount to ncpfs interface version 3. This interface was used in kernels from 2.1.30 to 2.3.40 (laters 2.3.x and 2.4.x still supports this interface to make transition easier). This interface supports NCP/UDP, does have NDS authentication info storage (if you uncomment it in kernel sources) and uses 16bit uid/gid.
If you have unusual ncpfs code in kernel and ncpmount is not able to autodetect it, use this option. It switches ncpmount to ncpfs interface version 4. This interface is used in kernels after 2.3.40. This interface supports NCP/UDP, does have NDS authentication info storage and uses 32bit uid/gid.
-s (mount option strong)
Normally, files marked read-only cannot be removed from NetWare volume because of they are marked Delete Inhibit and Rename Inhibit. If you want to remove these files by simple unlink, you should mount volume with this option.
mount option nostrong
Refuse to remove read-only files. If you want remove such file, you must first remove read-only attribute. It is standard behavior of ncpfs.
mount option symlinks
Use special, normally unused, attributes combinations to express symlinks, executable attributes and files readable by world.
mount option nosymlinks
Do not allow special meaning of ’shareable’ attribute. This is a default.
mount option ipx
Use IPX for connection to server. Default if no ipserver option specified on cmdline.
mount option udp
Use UDP for connection to server. Not available in 2.0.x kernels. Default if ipserver is used.
mount option tcp
Use TCP for connection to server. Available only with 2.4.0 and later kernels.
mount option nfsextras
Use the meta-data provided by the NFS namespace to allow files’ modes to be changed, and to allow the creation of symlinks and named pipes. This adds significant overhead to fetching file information.
mount option nonfsextras
Do not make use of meta-data provided by the NFS namespace. This is the default.
USER / LOGNAME
The variables USER or LOGNAME may contain the username of the person using the client. USER is tried first. If it’s empty, LOGNAME is tried.
Most diagnostics issued by ncpfs are logged by syslogd. Normally nothing is printed, only error situations are logged there.
If you want to mount volume SYS as user DOWNLOAD from server MIRROR into directory /home/pub/mirror, with files owner mirror.mirror and file mode -rw-r--r--, you can add
MIRROR/DOWNLOAD /home/pub/mirror ncp defaults,mode=644,uid=mirror,gid=mirror,owner=root,volume=SYS,nopasswd,multiple
into /etc/fstab. You should always specify multiple in mount options, otherwise there can be only one connection to server with same name.
You must configure the IPX subsystem before ncpmount will work. It is especially important that there is a route to the internal network of your server.
You must specify both -S logical_name and -A dns_name. logical_name is used for searching .nwclient, other configuration files and is logged into /etc/mtab, dns_name is used for connecting to server. In future, logical_name will be read from server.
ncpfs would not have been possible without lwared, written by Ales Dryak (A.Dryak [AT] sh.cz).
The encryption code was taken from Dr. Dobbs’s Journal 11/93. There Pawel Szczerbina described it in an article on NCP.
Code is currently maintained by Petr Vandrovec (vandrove [AT] vc.cz).