In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-02-25 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
Secure mount parameters:
Mount-t nfs-o nosuid,noexec,nodev,rw 192.168.3.188:/data / mnt
1. Test the default shared parameter options for NFS server:
[root@NFSClient /] # mount-t nfs-o nosuid,noexec,nodev,rw 192.168.3.188:/data / mnt
[root@NFSClient mnt] # cat test.sh
Pwd
[root@NFSClient mnt] # chmod + x test.sh
[root@NFSClient mnt] #. / test.sh
Bash:. / test.sh: Permission denied
[root@NFSClient mnt] # sh test.sh
/ mnt
Tip: insufficient permissions are due to the addition of the noexec parameter when mounted above.
This parameter makes the executable file itself unexecutable, which can be executed if you specify the interpreter sh test.sh.
Force uninstall under the mount directory
[root@NFSClient mnt] # umount-lf / mnt
Default mount parameters of NFS Server and NFS Client
[root@NFSServer ~] # cat / var/lib/nfs/etab = = "server
/ data 192.168.3.0 Universe 24 (rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,anonuid=65534,anongid=65534,sec=sys,rw,root_squash,no_all_squash)
[root@NFSClient ~] # grep mnt / proc/mounts = = "client
192.168.3.188:/data/ / mnt nfs4 rw,relatime,vers=4,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.3.200,minorversion=0,local_lock=none,addr=192.168.3.188 00
Rsize,wsize, these two are very important parameters.
Let's test and modify the values of those two parameters to test the speed.
[root@NFSClient ~] # time dd if=/dev/zero of=/mnt/testfile bs=9k count=20000
20000's 0 records in
20000's 0 records out
184320000 bytes (184MB) copied, 17.7761 s, 10.4 MB/s
Real 0m17.834s
User 0m0.017s
Sys 0m8.440s
Parameter suggestion for optimizing mount of NFS network file system
Performance optimization
[root@NFSClient~] # mount-t nfs-o noatime,nodiratime,rsize=131072,wsize=131072 192.168.3.188:/data / mnt
Default settings:
[root@NFSServer ~] # cat / proc/sys/net/core/rmem_default
112640
This file specifies the default value (in bytes) of the receive socket buffer size
[root@NFSServer ~] # cat / proc/sys/net/core/rmem_max
112640
This file specifies the default value (in bytes) of the receive socket buffer size
Add it to this file and take effect permanently. Load configuration sysctl-p
1. Introduction of exportfs command
Exportfs-rv = / etc/init.d/nfs reload load configuration file
[root@NFSServer] # exportfs-o rw,sync 192.168.3.188:/data
[root@NFSServer] # exportfs-o rw,sync,all_squash,anonuid=555,anongid=555 192.168.3.188:/data
This command does not need to configure the file sharing directory
Second, error checking
[root@NFSServer] # rpcinfo-p localhost
Program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100011 2 udp 875 rquotad
100011 1 tcp 875 rquotad
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100227 2 tcp 2049 nfs_acl
100227 3 tcp 2049 nfs_acl
= "check if nfs has registered a port with rpc
Help from Nfs man exports
Mount-a checks the configuration file fstab for errors
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
