Bug of NFS server in Ubuntu

I used the Network File System in Ubuntu a few days ago as a prompt saying that my nfs file system is read-only and I checked it repeatedly, I found my/etc/export file. I clearly specified that my shared directory is for all, and the permission is read/write, but why? I have referenced the information on the Internet. Nextpreviuscontents4. on the server side, configure 4.1 to create a shared directory # mkdir/home/share # chown. I used the Network File System in Ubuntu a few days ago to prompt that my nfs file system is read-only, I checked multiple times,
I found my/etc/export file. I clearly specified that my shared directory is for all and the permission is read/write.
But why?
I have referenced the information on the Internet.
Next Previous Contents 4. server side configuration 4.1 create a shared directory

# mkdir /home/share
        # chown nobody.nogroup /home/share

4.2 create or modify the/etc/exports configuration file.

The content of this file is very simple. Each line consists of the throw path, the list of Customer names, and the Access Options followed by each customer name:

[Shared directory] [host name or IP address (parameter, parameter)]

The parameters are optional. If no parameter is specified, nfs uses the default option. The default sharing options are sync, ro, root_squash, and no_delay.

If the host name or IP address is empty, it indicates that the shared IP address is used to provide services to any client.

If you share the same directory with multiple clients but have different permissions for each client, you can:

[Shared directory] [host name 1 or IP1 (parameter 1, parameter 2)] [host name 2 or IP2 (parameter 3, parameter 4)]

Below are some common NFS sharing parameters:

Ro read-only access
Rw read/write access
Sync all data written for sharing upon request
Async NFS can request data before writing data
Secure NFS is sent through the secure TCP/IP ports below 1024
Insecure NFS is sent over port 1024
Wdelay if multiple users want to write data to the NFS Directory, group write (default)
No_wdelay if multiple users want to write data to the NFS Directory, write the data immediately. This setting is not required when async is used.
Hide does not share its subdirectories in the NFS shared directory.
No_hide shares the subdirectory of the NFS Directory
Subtree_check if sub-directories such as/usr/bin are shared, force NFS to check the permissions of the parent directory (default)
No_subtree_check is opposite to the above. The parent directory permission is not checked.
All_squash: The UID and GID of the shared file are mapped to the anonymous user anonymous, which is suitable for public directories.
No_all_squash retains the UID and GID of the shared file (default)
Root_squash all requests of the root user are mapped to the same permissions as those of the anonymous user (default)
The no_root_squas root user has full management access permissions to the root directory.
Anonuid = xxx specifies the UID of an anonymous user in the NFS server/etc/passwd file
Anongid = xxx specifies the GID of anonymous users in the NFS server/etc/passwd file

The configuration file/etc/exports is as follows:

$ cat /etc/exports

        /home/share 192.168.102.15(rw,sync) *(ro)

Configuration Description: grant the read and write permissions to 192.168.102.15. Other machines only have the read-only permission.

4.3 restart the NFS service

# /etc/init.d/nfs-kernel-server restart

4.4 view NFS resource sharing on the client

# showmount -e 192.168.102.47

        Export list for 192.168.102.47:
        /home/share (everyone)

4.5 Use the mount command to mount shared resources

Load shared resources on client 192.168.102.15

# mount 192.168.102.47:/home/share /mnt

        # cd /mnt
        
        # echo '12345'> 123

You can find that the shared directory on the server is writable.

# umount /mnt

Load shared resources on client 192.168.102.61

# mount 192.168.102.47:/home/share /mnt

        # cd /mnt

        # ls
        123

        # touch 321

        touch: cannot touch `321': Permission denied

        # echo '123455' >123

        -bash: 123: Permission denied

You can find that only the read permission is available for the server shared directory,

This is consistent with our server-side permission settings.

Do we need to restart the nfs service every time we modify the configuration file? At this time, we can use the exportfs command to re-scan the/etc/exports file to make the change take effect immediately.

For example:

# Exportfs-au Uninstall all shared directories

# Exportfs-rv share all directories again and output details

The exportfs command is provided by the software package nfs-kernel-server. For more information about the exportfs command, see:

man exportfs

For instructions on the Chinese manual, see here:

When resources are shared, how do we know which permissions are granted? Now we can view the/var/lib/nfs/etab file, which is generated by the exportfs command according to/etc/exports.

# cat /var/lib/nfs/etab

        /home/share     192.168.102.15(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,subtree_check,secure_locks,acl,mapping=identity,anonuid=65534,anongid=65534)
        /home/share     *(ro,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,subtree_check,secure_locks,acl,mapping=identity,anonuid=65534,anongid=65534)

Now let's check which ports are enabled on the NFS server:

tonybox:/home/share# lsof -i|grep rpc
        portmap   1931 daemon    3u  IPv4   4289       UDP *:sunrpc
        portmap   1931 daemon    4u  IPv4   4290       TCP *:sunrpc (LISTEN)
        rpc.statd 3206  statd    3u  IPv4   7081       UDP *:1029
        rpc.statd 3206  statd    6u  IPv4   7072       UDP *:838
        rpc.statd 3206  statd    7u  IPv4   7085       TCP *:1031 (LISTEN)
        rpc.mount 3483   root    6u  IPv4   7934       UDP *:691
        rpc.mount 3483   root    7u  IPv4   7937       TCP *:694 (LISTEN)

I checked my shared directory, but I wrote RW.
Then I changed. Check that all IP addresses can be read and written, and files can be modified in the test.
I'm dizzy.