Shulou(Shulou.com)06/01 Report--

What is the specific method of NFS configuration of Linux system? in view of this problem, this article introduces the corresponding analysis and solution in detail, hoping to help more partners who want to solve this problem to find a more simple and feasible method.

NFS (Network File System), the network file system, is one of the file systems supported by FreeBSD, which allows computers in the network to share resources.

A brief introduction to NFS services

Network File System network file system, kernel-based file system. Developed by Sun, through the use of NFS, users and programs can access files on remote systems as if they were local.

Based on RPC (Remote Procedure Call Protocol remote procedure call), RPC is implemented in Cplink S mode. The client requests the calling process to send a call information with process parameters to the service process, and then waits for the reply message.

On the server side, the process stays asleep until the call message arrives. When a call message arrives, the server gets the process parameters, calculates the result, sends the reply message, and then waits for the next call message. Finally, the client invokes the process to receive the reply message, obtains the process result, and then invokes execution to continue.

II. System environment

System platform: CentOS release 5.6 (Final) NFS Server IP:192.168.1.108 Firewall turned off / iptables: Firewall is not running.SELINUX=disabled

3. Install NFS service

The installation of NFS is very simple, requires only two software packages, and is usually installed as the default package for the system.

Nfs-utils-*: including basic NFS commands and monitoring programs portmap-*: connections that support secure NFS RPC services 1, check whether the system has NFS installed

Two nfs-utils portmap packages have been installed by default.

2. If the software package required by NFS is not installed in the current system, it needs to be installed manually. The installation files for both the nfs-utils and portmap packages are available on the system CD.

The copy code is as follows:

# mount / dev/cdrom / mnt/cdrom/# cd / mnt/cdrom/CentOS/# rpm-ivh portmap-4.0-65.2.2.1.i386.rpm# rpm-ivh nfs-utils-1.0.9-50.el5.i386.rpm# rpm-Q nfs-utils portmap

4. NFS system daemon

Nfsd: it is the basic NFS daemon, the main function is to manage whether the client can log on to the server; mountd: it is the RPC installation daemon, the main function is to manage the file system of NFS. When the client successfully logs in to the NFS server through nfsd, it must also verify the file usage rights before using the files provided by the NFS service. It reads NFS's configuration file / etc/exports to compare client permissions. Portmap: the main function is to do port mapping. When a client tries to connect and use a service provided by a RPC server, such as a NFS service, portmap provides the client with the managed port corresponding to the service, which enables the customer to request the service from the server through that port.

5. Configuration of NFS server

The configuration of the NFS server is relatively simple, just set it in the appropriate configuration file, and then start the NFS server.

Common directories of NFS

/ main configuration file of etc/exports NFS service / administrative command of usr/sbin/exportfs NFS service / view command of usr/sbin/showmount client / var/lib/nfs/etab record full permission setting of directory shared by NFS / var/lib/nfs/xtab record client information once logged in the configuration file of NFS service is / etc/exports, which is the main configuration file of NFS, but the system does not have default value So this file does not necessarily exist, it may have to be created manually using vim, and then write the configuration content in the file.

/ etc/exports file content format:

The copy code is as follows:

[client 1 options (access rights, user mapping, other)] [client 2 options (access rights, user mapping, other)]

a. Output directory:

The output directory refers to the directory in the NFS system that needs to be shared with the client.

b. Client:

A client is a computer on a network that can access this NFS output directory.

The common way of specifying the client

Specify the host of the ip address: 192.168.0.200 all hosts in the specified subnet: 192.168.0.0max 24 192.168.0.0and255.255.255.0 all hosts in the specified domain: david.bsmart.cn all hosts in the specified domain: .bsmart.cn all hosts: C. Options:

Option is used to set the access rights of the output directory, user mapping, and so on.

There are three main types of options for NFS:

Access option

Set output directory read-only: ro sets output directory read-write: rw user mapping option

All_squash: maps all ordinary users and groups to which they belong to remote access to anonymous users or user groups (nfsnobody); no_all_squash: against all_squash (default); root_squash: maps root users and groups to anonymous users or user groups (default); no_root_squash: inverts with rootsquash Anonuid=xxx: maps all users accessed remotely to anonymous users and specifies that user as UID=xxx; anongid=xxx: maps all user groups accessed remotely to anonymous user group accounts and specifies the anonymous user group account as local user group account (GID=xxx); other options

Secure: restricts clients to connect to nfs servers only from tcp/ip ports less than 1024 (default setting); insecure: allows clients to connect to servers from tcp/ip ports greater than 1024; sync: writes data synchronously to memory buffer and disk, which is inefficient, but ensures data consistency; async: saves data in memory buffer first, then writes to disk if necessary Wdelay: check whether there are related writes, and if so, perform them together to improve efficiency (the default); no_wdelay: if there is a write, it should be performed immediately and should be used in conjunction with sync; subtree: if the output directory is a subdirectory, the nfs server will check the permissions of its parent directory (the default) No_subtree: even if the output directory is a subdirectory, the nfs server does not check the permissions of its parent directory, which improves efficiency

VI. Start and stop of NFS server

After you have configured the exports file correctly, you can start the NFS server.

1. Start the NFS server

In order for the NFS server to work properly, you need to start both portmap and nfs services, and portmap must be started before nfs.

The copy code is as follows:

# service portmap start# service nfs start

2. Query the status of NFS server

The copy code is as follows:

# service portmap status# service nfs status

3. Stop the NFS server

To stop the NFS runtime, you need to stop the nfs service and then stop the portmap service. You do not need to stop the portmap service when there are other services in the system (such as NIS) that need to be used

The copy code is as follows:

# service nfs stop# service portmap stop

4. Set the automatic startup status of the NFS server

For the actual application system, it is unrealistic to start the nfs server manually after starting the LINUX system every time. It is necessary to set the system to start portmap and nfs services automatically at the specified running level.

The copy code is as follows:

# chkconfig-list portmap# chkconfig-list nfs

Set the portmap and nfs services to start automatically at system run levels 3 and 5.

The copy code is as follows:

# chkconfig-level 35 portmap on# chkconfig-level 35 nfs on

VII. Examples

1. Share the / home/david/ of NFS Server to the 192.168.1.0 Universe 24 network segment with read and write permissions.

The server-side files are as follows:

# vi / etc/exports/home/david 192.168.1.0 take 24 (rw)

2. Restart portmap and nfs services

The copy code is as follows:

# service portmap restart# service nfs restart# exportfs

3. The server uses the showmount command to query the sharing status of NFS.

# showmount-e / / View your shared services by default, provided that DNS can parse itself, otherwise it is easy to report errors.

# showmount-a / / displays the directory information that has been connected to the client

4. The client uses the showmount command to query the sharing status of NFS.

# showmount-e NFS server IP

5. The client mounts the shared directory in the NFS server

Command format

# mount NFS server IP: shared directory local mount point directory

# mount 192.168.1.108:/home/david/ / tmp/david/

# mount | grep nfs

Mounted successfully.

Check to see if the file is consistent with the server side.

6. Share permissions and access control of NFS

Now let's create a file in / tmp/david/ and see what the permissions are.

# touch 20130103

Permission denied appears here because the write permission of the directory shared on the NFS server side is not open to other users. Open this permission on the server side.

# chmod 777-R / home/david/

Create a file in the client / tmp/david/ again

The file I created with the root user became the nfsnobody user.

NFS has many default parameters. Open / var/lib/nfs/etab to view the shared / home/david/ full permission settings.

# cat / var/lib/nfs/etab

By default, there are sync,wdelay,hide, etc., no_root_squash allows root to maintain permissions, and root_squash maps root to nobody,no_all_squash so that all users do not maintain permissions in the mount directory. Therefore, the owner of the file established by root is nfsnobody.

Next we use ordinary users to mount and write to the file test.

# su-david

$cd / tmp/david/

$touch 2013david

Ordinary users write their own names when they write files, which ensures the security of the server.

Analysis of permissions

1. When the client connects, the check for ordinary users a. If the identity of an ordinary user is explicitly set, then the identity of the client user is converted to the specified user; b. If there is a user with the same name on NFS server, then the identity of the client login account is converted to the user of the same name on NFS server; c. If it is not explicitly specified and there is no user with the same name, the user identity is compressed to nfsnobody; 2. 0. When the client connects, check the root a. If no_root_squash is set, then the identity of the root user is compressed to root; b on NFS server. If all_squash, anonuid, anongid are set, the root identity is compressed to the specified user; c. If it is not explicitly specified, the root user is compressed to nfsnobody; d. If you specify both no_root_squash and all_squash users will be compressed to nfsnobody, and if anonuid is set, anongid will be compressed to the specified users and groups

7. Unmount the mounted NFS shared directory

# umount / tmp/david/

Start the automatic mount of the nfs file system

Format:

: / export > / directory > nfs 0 0

# vi / etc/fstab

Save exit and restart the system.

Check to see if / home/david is automatically mounted.

Automatic mount succeeded.

IX. Relevant orders

1 、 exportfs

If we modify / etc/exports after starting NFS, do we have to restart nfs? At this point, we can use the exportfs command to make the changes take effect immediately, which is in the following format:

# exportfs [- aruv]

-a mount or unmount all the contents of / etc/exports-r reread the information in / etc/exports, and synchronously update / etc/exports, / var/lib/nfs/xtab-u uninstall a single directory (used with-a to uninstall directories in all / etc/exports files)-v outputs detailed information to the screen when export.

Specific example: # exportfs-au uninstalls all shared directories # exportfs-rv re-shares all directories and outputs details

2 、 nfsstat

Viewing the running status of NFS is of great help in adjusting the operation of NFS.

3 、 rpcinfo

Check the rpc execution information, a tool that can be used to detect the operation of rpc, and use rpcinfo-p to find out which programs are provided by the ports opened by RPC.

4 、 showmount

-a displays the directory information already on the client connection-e IP or hostname displays the directory shared by this IP address

5 、 netstat

You can find the ports opened by the nfs service, of which the nfs is opened by 2049 and the rest is opened by rpc. Finally, note two points: although ordinary users can access it through permission settings, only root can be mounted by default when mounting, and ordinary users can execute sudo. When NFS server shuts down, make sure that the NFS service is turned off and that no client is connected! You can view it through showmount-a, and end it with kill killall pkill, if any, (- 9 forced end)

What are the versions of Linux? the versions of Linux are Deepin, UbuntuKylin, Manjaro, LinuxMint, Ubuntu and so on. Among them, Deepin is one of the best-developed Linux distributions in China; UbuntuKylin is a derivative release based on Ubuntu; Manjaro is a Linux release based on Arch; LinuxMint's default Cinnamon desktop is similar to Windows XP's easy-to-use; Ubuntu is the Linux operating system based on desktop applications.

The answer to the question about the specific method of NFS configuration of Linux system is shared here. I hope the above content can be of some help to everyone. If you still have a lot of doubts to be solved, you can follow the industry information channel to learn more about it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.