bosserver - Initializes the BOS Server
( file | sysvmq )]
The bosserver command initializes the Basic OverSeer (BOS) Server (
process). In the conventional configuration, the binary file
is located in the /usr/lib/openafs
directory on a file server machine.
The BOS Server must run on every file server machine and helps to automate file
server administration by performing the following tasks:
- Monitors the other AFS server processes on the local
machine, to make sure they are running correctly.
- Automatically restarts failed processes, without contacting
a human operator. When restarting multiple server processes
simultaneously, the BOS Server takes interdependencies into account and
initiates restarts in the correct order.
- Processes commands from the bos suite that administrators
issue to verify the status of server processes, install and start new
processes, stop processes either temporarily or permanently, and restart
- Manages system configuration information: the files that
list the cell's server encryption keys, database server machines, and
users privileged to issue commands from the bos and vos
The BOS Server is configured via the BosConfig
Normally, this file is managed via the bos
command suite rather than
edited directly. See the BosConfig
(5) man page for the syntax of this
The BOS Server will rewrite BosConfig
when shutting down, so changes made
manually to it will be discarded. Instead, to change the BOS Server
configuration only for the next restart of bosserver
, create a file
. If BosConfig.new
starts, it is renamed to /etc/openafs/BosConfig
removing any existing file by that name, before bosserver
The BOS Server logs a default set of important events in the file
. To record the name of any user who performs a
command (one that requires being listed in the
file), add the -log
display the contents of the BosLog
file, use the bos getlog
The first time that the BOS Server initializes on a server machine, it creates
several files and subdirectories in the local /usr/afs
sets their mode bits to protect them from unauthorized access. Each time it
restarts, it checks that the mode bits still comply with the settings listed
in the following chart. A question mark indicates that the BOS Server
initially turns off the bit (sets it to the hyphen), but does not check it at
If the mode bits do not comply, the BOS Server writes the following warning to
Bosserver reports inappropriate access on server directories
However, the BOS Server does not reset the mode bits, so the administrator can
set them to alternate values if desired (with the understanding that the
warning message then appears at startup).
This command does not use the syntax conventions of the AFS command suites.
Provide the command name and all option names in full.
- Assigns the unprivileged identity "anonymous" to
the issuer, which is useful only when authorization checking is disabled
on the server machine (for instance, during the installation of a file
- Records in the /var/log/openafs/BosLog file the
names of all users who successfully issue a privileged bos command
(one that requires being listed in the /etc/openafs/server/UserList
- The argument none turns off core file generation.
Otherwise, the argument is a path where core files will be stored.
- -auditlog <log path>
- Turns on audit logging, and sets the path for the audit
log. The audit log records information about RPC calls, including the name
of the RPC call, the host that submitted the call, the authenticated
entity (user) that issued the call, the parameters for the call, and if
the call succeeded or failed.
- -audit-interface (file | sysvmq)
- Specifies what audit interface to use. Defaults to
"file". See fileserver(8) for an explanation of each
- Activates the collection of Rx statistics and allocates
memory for their storage. For each connection with a specific UDP port on
another machine, a separate record is kept for each type of RPC
(FetchFile, GetStatus, and so on) sent or received. To display or
otherwise access the records, use the Rx Monitoring API.
- Activates the collection of Rx statistics and allocates
memory for their storage. A separate record is kept for each type of RPC
(FetchFile, GetStatus, and so on) sent or received, aggregated over all
connections to other machines. To display or otherwise access the records,
use the Rx Monitoring API.
- By default, the RXKAD security layer will disallow access
by Kerberos principals with a dot in the first component of their name.
This is to avoid the confusion where principals user/admin and user.admin
are both mapped to the user.admin PTS entry. Sites whose Kerberos realms
don't have these collisions between principal names may disable this check
by starting the server with this option.
- In normal operation, the bos server allows a super user to
run any command. When the bos server is running in restricted mode (either
due to this command line flag, or when configured by
bos_setrestricted(8)) a number of commands are unavailable. Note
that this flag persists across reboots. Once a server has been placed in
restricted mode, it can only be opened up by sending the SIGFPE
- -rxmaxmtu <bytes>
- Sets the maximum transmission unit for the RX
- Bind the Rx socket to the primary interface only. If not
specified, the Rx socket will listen on all interfaces.
- Specifies that logging output should go to syslog instead
of the normal log file. -syslog=facility can be used to
specify to which facility the log message should be sent.
- Create a one-line file containing the process id (pid) for
each non-cron process started by the BOS Server. This file is removed by
the BOS Server when the process exits. The optional < path>
argument specifies the path where the pid files are to be created. The
default location is "/var/lib/openafs/local".
The name of the pid files for "simple" BOS Server process types
are the BOS Server instance name followed by ".pid".
The name of the pid files for "fs" and "dafs" BOS Server
process types are the BOS Server type name, "fs" or
"dafs", followed by the BOS Server core name of the process,
followed by ".pid". The pid file name for the
"fileserver" process is "fs.file.pid". The pid file
name for the "volserver" is "fs.vol.pid".
BOS Server instance names are specfied using the bos create command.
See bos_create for a description of the BOS Server process types and
- Run the BOS Server in the foreground. By default, the BOS
Server process will fork and detach the stdio, stderr, and stdin
- Prints the online help for this command. All other valid
options are ignored.
The following command initializes the BOS Server and logs the names of users who
issue privileged bos
% bosserver -log
The issuer most be logged onto a file server machine as the local superuser
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
This documentation is covered by the IBM Public License Version 1.0. It was
converted from HTML to POD by software written by Chas Williams and Russ
Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.