Linux NFS Learning notes _linux

NFS, is the shorthand for network file system, the network filesystem. The network file system is one of the FreeBSD supported file systems, also known as NFS. NFS allows a system to share directories and files with others on the network. By using NFS, users and programs can access files on the remote system as they would access local files.

NFS is based on the RPC Protocol, NFS itself is only a shared role and client connectivity and data transfer is the function of the RPC protocol

NFS is controlled primarily through two daemon:
1.RPC.NFSD-------It is used to control whether the client can connect to, NFS server
2.RPC.MOUNTD----It is used to control whether the client has permission to manipulate the file after it is connected, mainly based on the/etc/exports file settings

Enabling NFS requires enabling PORTMAP and Nfs-utils
1.portmap the port that is used primarily to control the client connection
2.nfs-utils is the executive document of RPC.NFSD and Rpc.mountd.

/etc/exports                            main configuration file for NFS services
/usr/sbin/exportfs                       Management commands for NFS Services
/usr/sbin/showmount                     View commands for clients
/var/lib/nfs/xtab                       record customer information once logged in

/etc/exports file formatting
"Shared directory" IP or host (parameter 1. Parameter 2) IP or host (parameter 3, parameter 4)
The main parameters are the following several
RW: Reading and writing
RO: Read Only
No_root_squash: Client Login If root, then log on to shared directory with root permission
Root_squash:root identity is compressed to Nfsnobody (by default)
All_squash: The identity of all users logged in is compressed to Nfsnobody (by default)
Anonuid: You can change this if you don't want users to be compressed into nfsnobody after they log on
Anongid: Ditto (this is the group)
Sync: Data is written to the hard drive synchronously
Async: Data is stored in memory first

About the analysis of permissions

1. Client connection, the inspection of ordinary users, No.1 if explicitly set the ordinary user is compressed identity, then the client user's identity converted to a specified user, No.2 if NFS server has the same name, then the identity of the client login account converted to NFS Server with the same name, No.3 if not explicitly specified, there is no user with the same name, then the user identity is compressed into nfsnobody
2. When the client connects, check root, no.1 if set No_root_squash, then the root user's identity is compressed into NFS server root,no.2 if set All_squash, Anonuid, Anongid, when Root is compressed to the specified user, no.3 if not explicitly specified, the root user is compressed to nfsnobody,no.4 if both No_root_squash and All_squash users are compressed to Nfsnobody, if the Anonuid is set, Anongid is compressed to the specified user and group

Start a service
Service Portmap start Or/etc/rc.d/init.d/portmap start
Service NFS Start Or/etc/rc.d/init.d/nfs start

Exportfs command Usage
-A full mount or uninstall
-R re-read the information in the/etc/exports and synchronizes the updates/etc/exports,/var/lib/nfs/xtab
-U unload a single directory (used together with-A to uninstall directories in all/etc/exports files)
-V Output Details on screen

Showmount Command Usage
-A displays directory information that is already on the client connection
-e IP or hostname displays the directory where this IP address is shared

With Netstat you can see that the NFS service has opened a number of ports where NFS is on 2049 Portmap is 111 open and the rest is RPC-enabled
Using Rpcinfo-p, you can see what programs are available from RPC-enabled ports
Use MOUNT-T NFS IP (hostname): Shared directory mount point way to complete mount
Finally note that two points, although through the permission settings to allow ordinary users to access, but mount only by default only root can be mounted (the normal user can perform sudo)

NFS server shuts down a bit to ensure that NFS services are turned off and that no clients are connected!! Through Showmount-a can be viewed, if any, with the kill Killall Pkill to end, (-9 mandatory end)