FSIRAND(8) MidnightBSD System Manager’s Manual FSIRAND(8)

NAME

fsirand — randomize inode generation numbers

SYNOPSIS

fsirand [−b] [−f] [−p] special [special ...]

DESCRIPTION

The fsirand utility installs random generation numbers on all the inodes for each file system specified on the command line by special. This increases the security of NFS-exported file systems by making it difficult to ‘‘guess’’ filehandles.

Note: newfs(8) now does the equivalent of fsirand itself so it is no longer necessary to run fsirand by hand on a new file system. It is only used to re-randomize or report on an existing file system.

The fsirand utility should only be used on an unmounted file system that has been checked with fsck(8) or a file system that is mounted read-only. The fsirand utility may be used on the root file system in single-user mode but the system should be rebooted via ‘‘reboot -n’’ afterwards.

OPTIONS

The available options are as follows:

−b

Use the default block size (usually 512 bytes) instead of the value gleaned from the disklabel.

−f

Force fsirand to run even if the file system on special is not marked as clean.

−p

Print the current generation numbers for all inodes instead of generating new ones.

CAVEATS

Since fsirand allocates enough memory to hold all the inodes in a given cylinder group it may use a large amount of memory for large disks with few cylinder groups.

SEE ALSO

fs(5), fsck(8), newfs(8)

HISTORY

The fsirand utility appeared in SunOS 3.x.

This version of fsirand first appeared in OpenBSD 2.1.

A FreeBSD version first appeared in FreeBSD 2.2.5.

AUTHORS

Todd C. Miller 〈Todd.Miller@courtesan.com〉

MidnightBSD 0.3 January 25, 1997 MidnightBSD 0.3