Linux NFS Network file sharing

First, the server is first installed nfs-utils and libs two RPM package can be Yum source for yum-y install nfs-utils*

Second, set up the folder to be shared as in mkdir/it settings to change the file share.

Third, set the configuration file/etc/exports open file inside is empty set format/it 192.168.0.0 (network segment or IP address can) (permissions)

td> the right to share is readable (read-write) or read-only (read-only), but can eventually be read, or related to the rwx and identity of the file system.

	content
rw Ro
sync Async	Sync on behalf of the information will be written into the memory and the hard disk, async means that the information will be stored in memory, rather than directly into the hard disk!
no_root_squash Root_squash	client using NFS file the account of the system is how to judge the identity of this account at root. ？ In the scenario, the identity of the user root will be compressed into nfsnobody by the Root_squash, so the system of the server will be more secure. But if you want to open the server's file system using root as the user, then you have to start No_root_squash!
all_squash	regardless of the identity of the user who logged in to NFS, his identity will be compressed into an anonymous user, usually nobody (nfsnobody) Now!
anonuid Anongid	anon means anonymous (anonymous) preceding the UID of the anonymous user mentioned in *_squash Set the value, usually nobody (nfsnobody), but you can set the value of this UID yourself! Of course, this UID must be present in your/etc/passwd! Anonuid refers to the UID and Anongid is the group's GID.

This is a few of the more common limits, and if you're interested in playing other numbers, you can find a lot of interesting information on your own man exports. And then we're actually thinking about a couple of interesting little questions using these few parameters:

Example one: Allow root to have root privileges I would like to share with/tmp for everyone to use, because this is what everyone can read, so we want all people to be accessible. Also, if I want root to be a file that is rooted, how do I design a file? For: [[email protected] ~]# vim/etc/exports# Anyone can use my/tmp, with all the characters to deal with the name of the machine, the key point in the no_root_squash/tmp * (Rw,no_root_squash) The name of the host can be used with all characters, and the head indicates that I can use my/tmp record from anywhere. Again, "* (Rw,no_root_squash)" This set of values in the middle of the space is not empty! The/TMP and * (Rw,no_root_squash) are separated by a white-space element! special attention to the function of the No_root_squash ! In this case, if you are a user and you are logged into your Linux host as root, then you will have "root privileges" on the mount when you mount the "/tmp" on my host machine!!!! 』

case two: the same record has different limits on different ranges I'm going to open up a public/home/public, but only the user who restricts my area network to 192.168.100.0/24 this domain and joins Vbirdgroup (the group set up in the first chapter) can read and read the other sources. For: [Email protected] ~]# mkdir/home/public[[email protected] ~]# setfacl-m g:vbirdgroup:rwx/home/public[[email protected ] ~]# vim/etc/exports/tmp * (rw,no_root_squash)/home/public 192.168.100.0/24 (rw) * (RO) # Continue to accumulate in the back, notice that I have the host machine and the domain of the Two paragraphs (separated by blanks) Oh! The above example says that when my IP is 192.168.100.0/24 this network, then when I load the Server side/home/public on the client side, I have the right to read this item that I've been able to read. If I am not in this network, then this record of information I can only read it, that is, read-only the nature of it! It should be noted that the use of characters can only be used in the name of the main machine,IP or network segment can only be used 192.168.100.0/24, can not use 192.168.100.* Oh!

Example three: only for a single master of the use of the recording set What should I do if I want to use a private recording/home/test to 192.168.100.10 this client machine? Assume that the user's identity is dmtsai to have full rights. For: [[email protected] ~]# mkdir/home/test[[email protected] ~]# setfacl-m u:dmtsai:rwx/home/test[[email protected] ~]# vim /etc/exports/tmp * (Rw,no_root_squash)/home/public 192.168.100.0/24 (rw) * (RO)/home/test 192.168.100.10 (rw) # just make sure the IP is correct! This is done! And, only 192.168.100.10 This machine can access the/home/test this item!

Example four: Open Anonymous login situation

I want to allow the *.centos.vbird domain's host to log into my NFS host and Access/home/linux, but when they do, I want their UID and GID to become 45 users of this identity, assuming that the UID on my NFS server is 45 The user/group name of GID 45 is called Nfsanon.

For:

[email protected] ~]#  groupadd -g 45 nfsanon[[email protected] ~]# useradd -u 45  -g nfsanon nfsanon[[email protected] ~]# mkdir /home/linux[[email protected ] ~]# setfacl -m u:nfsanon:rwx /home/linux[[email protected] ~]# vim  /etc/exports/tmp          * (Rw,no_root_squash)/home/ PUBLIC  192.168.100.0/24 (rw)     * (RO)/home/test     192.168.100.10 (rw)/home/linux   *.centos.vbird (rw,all_squash,anonuid=45,anongid=45) #  If you want to open anonymous, then the heavy point is  all_squash, and to cooperate with  anonuid  Oh!

Special attention to the All_squash and Anonuid, Anongid function! So, when Clientlinux.centos.vbird is logged into this NFS host, and when/home/linux writes the file, all the people and all the groups in the file will become the user of the identity of the 45 in the/etc/passwd.

IV, start the Service services NFS start again before you start Rpcbind start
You can see if the exportfs-v is shared on the server side

Five, install the client rpm-q Nfs-utils is not installed can be installed with the Yum source yum-y install Nfs-utils

VI, client Mount MOUNT-T NFS 192.168.0.132:/it/mnt (Mount directory)

You can use Df-h to see if the mount was successful.

Linux NFS Network file sharing