linux 裝機寶典之一NFS安裝（linux之間共享）

NFS的安裝配置：
centos 5 :
yum install nfs-utils portmap
centos 6 :
yum install nfs-utils rpcbind


本節是使用centos 6的配置過程：
設備：兩臺 centos6 OS 安裝的時候選擇的是"Basic Server"軟件配置包。
首先，讓兩臺機器都安裝NFS的 軟件包，以下顯示的是服務器端：
[root@roothomes /home]$ yum install nfs-utils rpcbind
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: centos.ustc.edu.cn
 * extras: centos.ustc.edu.cn
 * updates: centos.ustc.edu.cn
Setting up Install Process
Package rpcbind-0.2.0-8.el6.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package nfs-utils.x86_64 1:1.2.3-15.el6 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package            Arch            Version                 Repository     Size
================================================================================
Updating:
 nfs-utils          x86_64          1:1.2.3-15.el6          base          308 k

Transaction Summary
================================================================================
Install       0 Package(s)
Upgrade       1 Package(s)

Total download size: 308 k
Is this ok [y/N]: y
Downloading Packages:
nfs-utils-1.2.3-15.el6.x86_64.rpm                        | 308 kB     00:10
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
base/gpgkey                                              | 3.3 kB     00:00 ...
Importing GPG key 0xC105B9DE "CentOS-6 Key (CentOS 6 Official Signing Key) <cent                                                                                                                                                              os-6-key@centos.org>" from /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating       : 1:nfs-utils-1.2.3-15.el6.x86_64                          1/2
  Cleanup        : 1:nfs-utils-1.2.2-7.el6.x86_64                           2/2

Updated:
  nfs-utils.x86_64 1:1.2.3-15.el6

Complete!
[root@roothomes /home]$

服務器端：
###(創建掛載的目錄，而且掛載目錄。)
[root@roothomes /etc]$ mkdir /opt/centos6
[root@roothomes /etc]$ cd /opt/centos6/
[root@roothomes /opt/centos6]$ mkdir thisISnfsFile
[root@roothomes /opt/centos6]$ ls
thisISnfsFile
[root@roothomes /etc]$ vi /etc/exports
[root@roothomes /opt/centos6]$ cat /etc/exports

/opt/centos6 192.168.1.0/24(ro,no_root_squash)
### 備註:/opt/centos6表示nfs共享的目錄 192.168.1.0-192.168.1.254區間的IP能夠訪問，訪問權限是自讀，root 用戶
###(啓動對應的服務)
[root@roothomes /opt/centos6]$ chkconfig nfs on
[root@roothomes /opt/centos6]$ /etc/init.d/rpcbind start
[root@roothomes /opt/centos6]$ /etc/init.d/nfs start
Starting NFS services:                                     [  OK  ]
Starting NFS quotas:                                       [  OK  ]
Starting NFS daemon:                                       [  OK  ]
Starting NFS mountd:                                       [  OK  ]
[root@roothomes /opt/centos6]$ service iptables stop
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]


客戶端：
[root@roothomes /home]$ yum install nfs-utils rpcbind
安裝完畢！
[root@vmBS00 ~]# service iptables stop
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]
###查看是否能訪問nfs服務
[root@vmBS00 ~]# showmount -e 192.168.1.75
Export list for 192.168.1.75:
/opt/centos6 192.168.1.0/24
[root@vmBS00 ~]# mkdir /opt/centos6
[root@vmBS00 ~]# mount -t nfs 192.168.1.75:/opt/centos6/  /opt/centos6/
[root@vmBS00 ~]# ls /opt/centos6/
thisISnfsFile
###配置開機自動掛載
[root@vmBS00 ~]# vi /etc/fstab
### 添加 #192.168.1.75:/opt/centos6/ /opt/centos6/ nfs nodev,ro,rsize=32768,wsize=32768 0 0

[root@vmBS00 ~]# init 6
[root@vmBS00 ~]#
login as: root
root@192.168.1.116's password:
Last login: Mon Mar  5 17:29:04 2012 from 192.168.1.23
[root@vmBS00 ~]# ls /opt/centos6/
thisISnfsFile
[root@vmBS00 ~]#

 

 

 

 

NFS Client：
遠程NFS目錄在客戶端的掛載點：/nfs

[root@ha02 /]# mkdir /nfs
[root@ha02 /]# service rpcbind start

[root@localhost mnt]# showmount -e 192.168.40.18         //測試一下，是否能查詢獲得

[root@localhost Desktop]# mount -t nfs 192.168.40.18:/home/nfs/test  /mnt/

會出現以下問題（）

mount.nfs:access denied by server while mounting .......

[root@raocentos mnt]# cd /mnt
bash: cd: /mnt: 權限不夠

解決方案

一、在服務端更改共享目錄權限：

chmod 777 XXXX  (這個你懂的吧)

二、檢查你共享的目錄是否正確

說明：
一、exports參數說明
rw: 讀寫模式；
async: 異步磁盤讀寫；
anonu(g)id: 指定NFS在進行操做時所使用的匿名用戶uid/gid

二、NFS 管理命令
showmount -e 在NFS Server上執行此命令顯示NFS Server上全部的共享卷；
showmount -e 192.168.1.100在NFS Client上執行此命令顯示NFS Server上全部共享卷；
export -av 根據/etc/exports導出全部卷；
export -rv 從新導出全部卷，增長/etc/exports中的新項目、刪除不存在的項目、更新改變的項目；

二、安全性
portmap PORT: 111
NFS PORT: 2049

防止使用IP欺騙和RPC重定向技術經過lo迴環進行攻擊以及限定受權主機：
iptables -A INPUT -p udp -d 127.0.0.1 --dport 111 -j DROP
iptables -A INPUT -p udp -d 127.0.0.1 --dport 2049 -j DROP
iptables -A INPUT -p udp -s 192.168.100.2 --dport 111 -j ACCEPT
iptables -A INPUT -p udp -s 192.168.100.2 --dport 2049 -j ACCEPT