Oo class for representing nfs exports
use NetApp::Filer; my $filer = NetApp::Filer->new({ ... }); # Filer methods for querying exports: my @exports = $filer->get_exports; my @temporary_exports = $filer->get_temporary_exports; my @permanent_exports = $filer->get_permanent_exports; my @active_exports = $filer->get_active_exports; my @inactive_exports = $filer->get_inactive_exports; # Methods for accessing export attributes foreach my $export ( @exports ) { } # Methods for changing export attributes
This class encapsulates a single \s-1NFS\s0 export on a NetApp filer, and provides methods for managing them. There are related methods in the NetApp::Filer class for manging exports as a whole, but the methods in this class are specific to a single \s-1NFS\s0 export.
This \s-1API\s0 also attempts to bring some sanity to how exports are managed, and some consistency to the interface. Most of the attributes of an export are fairly obvious, and they map directly to the options supported by \*(L"exportfs\*(R" and the /etc/exports file. This \s-1API\s0 introduces two new attributes: 'type' and 'active';
The type attribute
In order to distinguish between exports which are temporary (i.e. \s-1NOT\s0 saved to /etc/exports) and those which are permanent (i.e. \s-1ARE\s0 saved to /etc/exports), this \s-1API\s0 support a \*(L"type\*(R", which be either of:
permanent temporary
A temporary export is one which was created using \*(L"exportfs -io\*(R", and which was not saved to /etc/exports. These exports will not survive a reboot of the filer.
A permanent export is one which is found in /etc/exports.
The active attribute
Since you can change the export options for a filesystem temporarily (for example, by using the \*(L"fencing\*(R" option -b, or just manually specifying different options and re-exporting using -io), some permanent exports may not be in effect on the system.
The active attribute is used to track these. If the active attribute is true, then the export is currently in effect. Almost by definition, all temporary exports are always active. However, if a permanent export is not in effect because a temporary export for the same pathname has been created, then such an export is considerd inactive.
The \*(L"ro\*(R" and \*(L"rw\*(R" export options really have two different modes of use. If either option is specified with no \*(L"=a[:b[:c...]]\*(R" list, then it means \s-1ALL\s0 hosts. Since this \s-1API\s0 provides methods for adding and removing entries from those lists, it treats the \*(L"all\*(R" cases special, by managing thenm as separate attributes.
To specify global readonly or readwrite access, use the following options:
ro_all rw_all
These have boolean values. The \*(L"rw\*(R" and \*(L"ro\*(R" attributes/options are \s-1ARRAY\s0 references, each containing the list of entries for an \*(L"rw=\*(R" or \*(L"ro=\*(R" list for managing limited access.
There are several methods for changing the attributes of an export object, but in \s-1ALL\s0 cases, these merely change the object in memory. In order for the attribute change to take effect, the update method must be called, which will generate and execute the appropriate \*(L"exportfs\*(R" command.
For example, suppose you wanted to remove root access for a specific hostname from all exports on a filer:
my $untrusted = 'unsafe.foo.com';
my @exports = $filer->get_exports;
foreach my $export ( @exports ) { if ( $export->has_root( $untrusted ) ) { $export->remove_root( $untrusted ); $export->update; } }
The \*(L"remove_root\*(R" method simply removes the entry from the object in memory. The \*(L"update\*(R" method re-exports that filesystem to make the change take effect on the filer.
Returns the NetApp::Filer object for the filer on which this export exists.
Returns a string with one of the following values:
temporary permanent
indicating whether or not this particular export has been written to /etc/exports.
Returns a boolean value, false only if the type is \*(L"permanent\*(R", and the same export was not found in the list of currently active exports (i.e. not found in the output of \*(L"exportfs\*(R"). A temporary export is always active, by definition.
Returns a string representing the path for the export. Note that this may not necessarily be the same as the actual pathname of the underlying volume or qtree.
Returns a string representing the \*(L"actual\*(R" path of the underlying volume or qtree for the export. If a volume or qtree as been exported using a different name, this is the actual path of the underlying object. If this export option was not used, this method will return an empty string.
Returns a boolean value, indicating whether or not the \*(L"nosuid\*(R" option is used by the export. This method takes a single argument, interpreted in boolean context, an sets the \*(L"nosuid\*(R" option for the export.
Returns the value of the \*(L"anon\*(R" option, if set. Since this option can have the value of \*(L"0\*(R", it returns undef when this option has not been set.
\s-1WARNING:\s0 be careful interpreting this in a simple boolean context. To test whether or not this option has been set use \*(L"defined\*(R". Takes a single argument, and sest the \*(L"anon\*(R" opton to that value. To unset this option, pass an undefined value:
$export->set_anon( undef );
Returns a list of the \*(L"sec\*(R" option values. Takes a single argument, an array reference of \*(L"sec\*(R" values, which can be any of: none, sec, krb5, krb5i, or krb5p. This \s-1API\s0 does no validation of these values, so if an invalid value is given, this will result in a fatal exception when the \*(L"update\*(R" method is called. Takes a single string argument, and returns true if that value is found in the list of \*(L"sec\*(R" options, false otherwise. Takes a single string argument, and adds that value to the list of \*(L"sec\*(R" options, if not already present. Takes a single string argument, and removes that value from the list of \*(L"sec\*(R" options, if present.
Returns a list of the \*(L"root\*(R" option values. Takes a single argument, an array reference of \*(L"root\*(R" values, which can be any combination of hostnames, \s-1IP\s0 addresses, or networks. Again, no data validation is performed, so bogus values will not be detected until the export is updated on the filer, using the \*(L"update\*(R" method.
To clear the root option entirely, simply pass an empty array reference. Takes a single string argument, and returns true if that value is found in the list of \*(L"root\*(R" options, false otherwise. Takes a single string argument, and adds that value to the list of \*(L"root\*(R" options, if not already present. Takes a single string argument, and removes that value from the list of \*(L"root\*(R" options, if present.
Returns a boolean value, indicating whether or not the \*(L"ro_all\*(R" option has been set. Takes a single boolean argument, and sets the \*(L"ro_all\*(R" option to it's value. Setting \*(L"ro_all\*(R" to a true value will clear the \*(L"ro\*(R" list, if it exists.
Also, if \*(L"ro_all\*(R" is true, then the following methods will quietly do nothing:
has_ro add_ro remove_ro
The \*(L"ro_all\*(R" option must be cleared (set to a false value) first.
Returns a list of the \*(L"ro\*(R" entries, if any. Returns nothing if \*(L"ro_all\*(R" has been set. Takes a single argument, an array reference of \*(L"ro\*(R" values. Setting the \*(L"ro\*(R" list explicitly will set clear \*(L"ro_all\*(R" (set it to a false value). Takes a single argument, and returns true if that value is found in the list of \*(L"ro\*(R" options, false otherwise. If \*(L"ro_all\*(R" is true, then it always returns false. Takes a single string argument, and adds that value to the list of \*(L"ro\*(R" options, if not already present. If \*(L"ro_all\*(R" is true, then this method will do nothing. Takes a single string argument, and removes that value from the list of \*(L"ro\*(R" options, if present. If \*(L"ro_all\*(R" is true, then this method does nothing.
All of these methods behave exactly the same as their \*(L"ro\*(R" counterparts described immediately above. They apply to the \*(L"rw\*(R" option, instead of \*(L"ro\*(R", but if that isn't obvious...
This method re-exports the export, using \*(L"exportfs\*(R". If \s-1ANY\s0 of the object attributes have been changed programmatically, those changes will not take effect on the filer until this method has been called.
Note that updating an export will not necessarily change it's \*(L"type\*(R" from temporary to permanent, unless the \*(L"type\*(R" is explicitly changed. This method takes a single NetApp::Filer::Export object, and compares the current object (that is, the one on which the method was called) to it. If they have the same basic export options, it returns true, otherwise, it returns false. Only the following options are compared:
actual nosuid anon sec root rw/rw_all ro/ro_all