Shulou(Shulou.com)06/01 Report--

NFS configuration parameter permissions

Parameter set in brackets () in / etc/exports file configuration format

Parameter name

Parameter usage

Rw coach

Read-write, indicating read and write permissions

Ro

Read-only, which indicates read-only permission

Sync coach

When data is requested or written, the data is synchronously written to NFS Server's hard disk before it is returned.

Pros: data security will not be lost; disadvantages: performance is worse than not enabling this parameter

Async coach

When writing, the data will be written to the memory cache first, and will not be written to the disk until there is a gap on the hard disk, which can improve the writing efficiency! The risk is that if the server goes down or shuts down abnormally, it will lose the data in the cache that is not written to disk (solution: server motherboard battery or UPS uninterruptible power supply)

No_root_squash

If the user who accesses the NFS Server shared directory is root, it has root permission on the shared directory. This configuration was originally intended for diskless clients. Users should avoid using it.

Root_squash

If the user accessing the NFS Server shared directory is root, its permissions will be compressed to anonymous users, and its UID and GID will usually become nfsnobody accounts.

All_squash coach

Regardless of the identity of the user who accesses the NFS Server shared directory, its permissions will be compressed to anonymous users, and its UID and GID will become nfsnobody accounts. This parameter is useful when multiple NFS clients read and write NFS Server data at the same time.

Important techniques for configuring NFS in production:

1) ensure that all client servers have the same user access to the NFS shared directory

A, all_squash compresses all clients into fixed anonymous users (same as UID).

B, which is the user of UID and GID specified by anonuid,anongid.

2) all clients and servers need to have the same UID and GID users, that is, nfsnobody (UID must be the same)

Anonuid coach

The parameter begins with anon to refer to the anonymous anonymous user, whose UID setting value is usually the nfsnobody UID value, of course, you can also set this UID value yourself. However, UID must exist in / etc/passwd. In the case of multiple NFS Clients, such as multiple Web Server sharing a NFS directory, you can use this parameter to make the data written by different NFS Clients keep the same user rights for all NFS Clients, that is, the configured anonymous UID corresponds to the user rights. This parameter is very useful and is generally available by default.

Anongid coach

With anonuid, the difference is that uid (user id) is replaced with gid (group id)

Tip: the one with the symbol indicates the commonly used parameters. For more parameters, please see man exports.

Cat / var/lib/nfs/etab/data 172.16.1.0 cat 24 (rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,\ no_subtree_check,secure_locks,acl,anonuid=65534,anongid=65534,sec=sys,rw,root_squash,\ no_all_squash)

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.