Of Stack

CentOS6.9 NFS service Installation configuration tutorial

  • 2020-06-15 11:01:23
  • OfStack

Server environment: CentOS6.9 Linux 2.6.32-696. el6.x86_64

Install the NFS service

The nfs client and server only need to install the nfs-ES12en package, and the yum installation is accompanied by the installation of rpcbind services 


# yum -y install nfs-utils

Powered up 


# chkconfig rpcbind on
# chkconfig nfs on

For the needs of operation and maintenance management, it can quickly find relevant startup services, configure chkconfig and append startup scripts 


# tail -2 /etc/rc.local
/etc/init.d/rpcbind start 
/etc/init.d/nfs start

Configure port

In addition to port 2049 for the main program and Port 111 for rpcbind being fixed, nfs USES 1 random port, which will be defined in the following configuration to configure the firewall 


# vim /etc/sysconfig/nfs
# Append port configuration 
MOUNT_PORT=4001  
STATD_PORT=4002
LOCKD_TCPPORT=4003
LOCKD_UDPPORT=4004
RQUOTAD_PORT=4005

Configure the directory to share 


# mkdir -p /var/nfs/simple-nfs  # Directories to share 
# vim /etc/exports  # Configure access permissions 
/var/nfs/simple-nfs  192.168.100.0/24(rw,async,root_squash)

Access rights:

rw: ES39en-ES40en, read-write; Note that the client will not be able to write properly if it is only set to read and write, and that the permissions for the Shared directory should also be set correctly, as shown in Question 7
ro: ES43en-ES44en, read only;
sync: Files are written to both disk and memory;
async: Files are stored in memory instead of being written directly to memory;
no_root_squash: NFS also has root permissions for directories Shared by the server if the client is using root when connecting to the server. Obviously it's not safe to turn this on.
root_squash: NFS if the client is using root to connect to the server, it will have anonymous user permissions for the directory Shared by the server, and it will usually use nobody or nfsnobody identity.
all_squash: No matter what user the NFS client USES when connecting to the server, it has anonymous user rights to the directory Shared by the server.
anonuid: The value of UID for anonymous users, usually nobody or nfsnobody, can be set here.
anongid: The GID value for an anonymous user.

Configure the firewall 


# vim /etc/sysconfig/iptables
-A INPUT -p tcp -m tcp --dport 111 -j ACCEPT
-A INPUT -p udp -m udp --dport 111 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 2049 -j ACCEPT
-A INPUT -p udp -m udp --dport 2049 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 4001:4005 -j ACCEPT
-A INPUT -p udp -m udp --dport 4001:4005 -j ACCEPT

Restart the service and firewall 


# service nfs restart
# service iptables restart  # or reload

The Linux client is mounted 


# mount -t nfs 192.168.100.110:/var/nfs/simple-nfs /mnt

You can also write the mount configuration to an fstab file, just like a normal disk mount, where permissions can also be specified, but of type nfs.

Related articles: