wiki:linux/Network/NFS4

NFS4, iptables, nmap, ntpdate, route, ssh, ssh/scp, ssh/sshfs, wlan


Server

Installation

# apt install nfs-kernel-server

Set up NFS server export table

manpage exports

The access control list for filesystems which may be exported to NFS clients is written in /etc/exports like this:

[point_on_host] [client_1(export options)] [client_2(export options)] […]
point_on_host
Path on server where the filesystem/data that needs to be exported is stored.
client
Definition of client(s) which should have access to [point_on_host]. Several client definitions must be separated by whitespaces. Clients may be specified in a number of ways:
  • single host:
    Host name recognized by the resolver
  • fully qualified domain name:
    e.g. max.urology.clinic
  • IPv4 address:
    e.g. 192.168.178.21
  • IPv6 address
  • IP network:
    e.g. 192.168.178.0/24
  • wildcards:
    Wildcard characters * and ? or character class lists within []. For instance *.urology.clinic matches all hosts in the domain urology.clinic.
  • netgroups:
    NIS netgroups given as @group.
  • anonymous:
    Specified by a single *. Will match all clients.

Export options

sec
Colon-delimited list of security flavors
secure (default)
Requests must be originate on an Internet port less than IPPORT_RESERVED (1024). In contrast to insecure.
rw
Allow read and write requests. In contrast to ro.
async
Reply requests before these are written to storage. In contrast to sync.
sync (default)
Reply requests only after changes written to storage. In contrast to async.
no_wdelay
No effect if async is set. The NFS server will not delay committing a write request to storage. In contrast to wdelay.
nohide
Not relevant by using NFSv4 which will never hide subordinate filesystems. In contrast to hide.
crossmnt (default)
A client who is mounting an export with this option has also access to sub-filesystems/-paths. In contrast to nocrossmnt.
no_subtree_check (default)
Last modified 3 months ago Last modified on Jul 15, 2020, 5:26:19 PM