FSIRAND(8) - System Manager’s Manual #
FSIRAND(8) - System Manager’s Manual
NAME #
fsirand - randomize inode generation numbers
SYNOPSIS #
fsirand [-bfp] specialĀ …
DESCRIPTION #
The fsirand command installs random generation numbers on all the inodes for each filesystem specified on the command line by special. This increases the security of NFS-exported filesystems by making it difficult to “guess” filehandles.
Note: newfs(8) now does the equivalent of fsirand itself so it is no longer necessary to run fsirand by hand on a new filesystem. It is only used to re-randomize or report on an existing filesystem.
fsirand should only be used on an unmounted filesystem that has been checked with fsck(8) or a filesystem that is mounted read-only. fsirand may be used on the root filesystem in single-user mode but the system should be rebooted via “reboot -n” afterwards.
The options are as follows:
-b
Use the default block size (usually 512 bytes) instead of the value gleaned from the disklabel.
-f
Force fsirand to run even if the filesystem on special is not marked as clean.
-p
Print the current generation numbers for all inodes instead of generating new ones.
SEE ALSO #
fs(5), fsck(8), newfs(8), reboot(8)
HISTORY #
The fsirand command appeared in SunOS 3.x. This version of fsirand first appeared in OpenBSD 2.1.
AUTHORS #
Todd C. Miller
CAVEATS #
Since fsirand allocates enough memory to hold all the inodes in a given cylinder group, it may use a large amount of memory for large disks with few cylinder groups.
OpenBSD 7.5 - January 25, 2019