1. File sharing service.
2. RPC based service, so it requires Portmap.
1. nfsd – Provides userland portion of NFS service.
2. lockd – NFS lock manager (kernel module)
3. rpciod –
4. rpc.mountd – Provides mounting services.
5. rpc.rquotad – Returns quota information.
6. rpc.statd – Used by lockd to recovery locks after a server crash.
Provides portmap program. Portmap maps calls made by other hosts to the correct RPC service. Because portmap is compiled with tcp wrappers support (libwrap), those that need to access portmap must be given access via /etc/hosts.allow and/or /etc/hosts.deny.
o TCP/UDP 111 – portmap
o UDP 2049 – nfsd
o The other NFS related services vary in the port numbers they use. Clients contact portmap to find out the port number the other RPC services use.
5. Required Services
Listed in startup order:
o NFS Server
o NFS Client
o NFS server configuration file.
It is critical that there not be any spaces between the host/network and it’s options.
o # Allow all hosts in the somewhere.com domain to mount /var/ftp/pub read-only
o /var/ftp/pub *.somewhere.com(ro)
o # Allow all hosts to mount /var/www/html read-only and allow certain hosts
o # mount it read-write
o /var/www/html *(ro) 192.168.1.0/255.255.255.0(rw) 192.168.2.10(rw)
o # Allow certain hosts to mount /usr read-only and another read-write as root
o /usr 172.16.0.0/255.255.0.0(ro) 172.16.1.10(rw,no_root_squash)
o # Allow access to /usr/local by everyone, but only as the anonymous user
o /usr/local *(ro,all_squash,anonuid=100,anongid=100)
1. Root can’t mount an nfs share as root unless no_root_squash is used. Normally when root mounts a share, NFS maps root to the local user nobody.
2. You can’t export a directory that is a parent or child of another exported directory within the same file system.
e.g. You can’t export both /usr and /usr/local unless /usr/local is a separate file system.
o Common Export Options
o no_root_squash – Remote hosts can access local shares as root (Dangerous!)
o ro – Read-only
o rw – Read/Write
o sync – All file system writes must be committed to disk before the request can be completed.
o all_squash – All remote users are mapped to a local anonymous user.
o anonuid – Specify the uid to user for anonymous access.
o anongid – Specify the gid to user for anonymous access.
o Used for NFS client configuration
o server:/usr /usr nfs user,soft,intr,rsize=8192,wsize=8192 0 0
o Common NFS related mount options
o soft – Processes return with an error on a failed I/O attempt
o hard – If a process tries to access an unavailable share, it will hang until data is retrieved.
o intr – Allows NFS requests to be interrupted or killed if the server is unreachable
o nolock – Disable file locking in order to work with older NFS servers
o rsize – Sets the number of bytes NFS reads from a share at one time (default 1024)
o wsize – Sets the number of bytes NFS writes to a share at one time (default 1024)
o * Setting rsize and wsize to 8192 greatly increases performance.
24.3 Auto Mounting NFS shares
1. Requires autofs package to be installed.
2. Create entry in /etc/auto.misc for the NFS share:
3. ftp -fstype=nfs,intr,soft 192.168.1.20:/var/pub/ftp
If the default autofs setup is used, whenever someone accesses /misc/ftp, the remote NFS share on 192.168.1.20 will be automatically mounted. The options specified in the /etc/auto.misc have the same meaning as when they are used in /etc/fstab.
24.4 NFS Utilities
o Used to maintain the table of exported file systems.
o Example Usage:
o exportfs -r # Refresh the share listing after modifying /etc/exports.
o # This MUST be done in order for your changes to take effect.
o exportfs -v # Display a list of shared directories
o exportfs -a # Exports all shares listed in /etc/exports
o # To export a filesystem not in /etc/exports
o exportfs 192.168.1.0/255.255.255.0:/tmp
o # Unexport a filesystem
o exportfs -u 192.168.1.0/255.255.255.0:/tmp
o Show mount information for an NFS server.
o Does not require that any local NFS services be running in order to use it.
o Example Usage:
o showmount -e 192.168.1.67 # Shows available shares on host 192.168.1.67
o showmount -a 192.168.1.67 # Shows the clients connected to host 192.168.1.67
o # and the shares they have mounted.
o Reports RPC information.
o Can determine if RPC services are running on a host.
o Example Usage:
o rpcinfo -p 192.168.1.77 # Display list of RPC services running on 192.168.1.77