Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
fam(1M)								       fam(1M)

       fam - file alteration monitor

       /usr/etc/fam [ -f | -v |	-d ] [ -l | -t NFS_polling_interval ]
	    [ -T idle_timeout ]	[ -p program.version ] [ -L ] [	-C ]
	    [ -c config_file ]

       fam  is a server	that tracks changes to the filesystem and relays these
       changes to interested applications.  Applications such  as  fm(1G)  and
       mailbox(1)  present  an	up-to-date view	of the filesystem.  In the ab-
       sence of	fam, these applications	and others like	 them  are  forced  to
       poll the	filesystem to detect changes.  fam is more efficient.

       Applications can	request	fam to monitor any files or directories	in any
       filesystem.  When fam detects changes to	monitored files,  it  notifies
       the  appropriate	 application.  The FAM API provides a programmatic in-
       terface to fam; see fam(3X).

       fam is informed of filesystem changes as	 they  happen  by  the	kernel
       through	the  imon(7M) pseudo device driver.  If	asked to monitor files
       on an NFS mounted filesystem, fam tries to use fam on the NFS server to
       monitor	files.	If fam cannot contact a	remote fam, it polls the files
       instead.	 fam also polls	special	files.

       Normally,  fam  is  started  by	inetd(1M).   It	 is  registered	  with
       portmap(1M) as performing the sgi_fam service.

       -l			 Disable  polling  of  NFS files.  It does not
				 disable use of	remote fam on NFS servers, nor
				 does it disable polling of local files.

       -t NFS_polling_interval	 Set   the   interval  for  polling  files  to
				 NFS_polling_interval seconds.	The default is
				 six seconds.

       -T idle_timeout		 Set  the  idle	timeout	interval to idle_time-
				 out.  fam exits  idle_timeout	seconds	 after
				 its  last  client  disconnects.  A value of 0
				 causes	fam to wait indefinitely for new  con-
				 nections.  The	default	is five	seconds.

       -f			 Remain	 in the	foreground instead of spawning
				 a child and exiting.  This option is  ignored
				 if fam	is started by inetd.

       -v			 Turn on verbose messages.

       -d			 Enable	verbose	messages and debug messages.

       -p program.version	 Use  the  specified  RPC  program and version

       -L			 Local-only mode.  fam will  only  accept  re-
				 quests	 from clients running on the local ma-
				 chine.	 This overrides	the local_only flag in
				 the  configuration  file.  This option	is ig-
				 nored if fam is started by inetd.

       -C			 Compatibility mode.  This disables  authenti-
				 cation	 and  reduces  access  security	as de-
				 scribed under SECURITY	below.	This overrides
				 the  insecure_compatibility  flag in the con-
				 figuration file.

       -c config_file		 Read configuration information	from the given
				 file	rather	than  the  default,  which  is

       In addition to its command-line options,	fam's  behavior	 can  also  be
       controlled  through  its	 configuration	file.	By  default,  this  is
       /usr/local/etc/fam.conf;	the -c command-line  option  can  be  used  to
       specify	an  alternate file.  Configuration lines are in	the format op-
       tion=value.  Lines beginning with # or !	are ignored.   fam  recognizes
       the following options:

       insecure_compatibility	 If  set to true, this disables	authentication
				 and reduces access security as	described  un-
				 der  SECURITY	below.	 This  is false	by de-
				 fault.	 Setting this option to	 true  is  the
				 same as using the -C command-line option.

       untrusted_user		 This  is the user name	or UID of the user ac-
				 count which fam will use for  unauthenticated
				 clients.   If a file can't be stat'ed by this
				 user,	fam  will  not	tell   unauthenticated
				 clients  about	 the  file's existence.	 If an
				 untrusted user	is not given in	the configura-
				 tion file, fam	will write an error message to
				 the system log	and terminate.

       local_only		 If set	to true, fam will ignore requests from
				 remote	fams.  This is false by	default.  Set-
				 ting this option to true is the same as using
				 the  -L  command-line option.	This option is
				 ignored if fam	is started by inetd.

       idle_timeout		 This is the time in  seconds  that  fam  will
				 wait  before  exiting	after  its last	client
				 disconnects.  The default  is	five  seconds.
				 This  option is overridden by the -T command-
				 line option.

       nfs_polling_interval	 This  is  the	interval  in  seconds  between
				 polling  files	 over  an NFS filesystem.  The
				 default is six	seconds.  This option is over-
				 ridden	by the -t command-line option.

       xtab_verification	 If  set  to  true, fam	will check the list of
				 exported filesystems when remote requests are
				 received  to verify that the requests fall on
				 filesystems which are	exported  to  the  re-
				 questing hosts.  This is true by default.  If
				 this option is	set to false, fam will service
				 remote	requests without attempting to perform
				 the verification.  If the local_only configu-
				 ration	 option	 or  -L	command-line option is
				 used, xtab_verification has no	effect.

       For backward  compatibility,  the  -C  command-line  option  and	 inse-
       cure_compatibility  configuration option	can be used to disable authen-
       tication.  Configuring fam this way opens a publically  known  security
       weakness	whereby	a "rogue client" can obtain the	names of all the files
       and directories on the system.

       Note that fam never opens the files it's	monitoring, and	cannot be used
       by  a rogue client to read the contents of any file on the system.  fam
       only gives out the names	of monitored files, and	 only  monitors	 files
       which  the  client  can stat(1M).  Users	can stat a file	without	having
       read permission on it as	long as	they have search permission on the di-
       rectory containing it.


       inetd(1M), portmap(1M), fam(3X),	imon(7M), stat(1M).

			       Silicon Graphics				    0a


Want to link to this manual page? Use this URL:

home | help