<<  < 2015 - >  >>
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30




NFS题:

 

1.共享/nfs/media,使192.168.1.0/24下的所有人只读,root用户映射为匿名用户。

 

/nfs/media       192.168.1.0/255.255.255.0(ro,root_squash)

 

2.共享/nfs/***,使s168.365linux.com这台主机可以读写,其他用户只读,且root映射为匿名用户。

 

/nfs/***         s168.365linux.com(rw)    *(ro,root_squash)

 

3.共享/nfs/software,所有人只读访问,访问者(包括root)映射成用户nfsuser,nfsuser

 

/nfs/software  *(ro,anonuid=500,anongid=500)

 

 

Useradd –s /sbin/nologin nfsuser

 

查看ID

Cat /

 

安装配置过程

1.安装NFS

 [root@localhost ~]# mkdir /cdrom

[root@localhost ~]# mount /dev/cdrom-hdc /cdrom/

mount: block device /dev/cdrom-hdc is write-protected, mounting read-only

1.1 RPM安装方式

[root@localhost ~]# cd /cdrom/Server/

[root@localhost Server]# rpm -ivh portmap-4.0-65.2.2.1.i386.rpm

Preparing...                                                            (100########################################### [100%]

        package portmap-4.0-65.2.2.1.i386 is already installed

 

[root@localhost Server]# rpm -ivh nfs-utils-1.0.9-44.el5.i386.rpm

Preparing...                                                            (100########################################### [100%]

        package nfs-utils-1.0.9-44.el5.i386 is already installed

 [root@localhost Server]#

1.2 YUM安装方式

配置YUM

[root@localhost Server]# vi /etc/yum.repos.d/rhel-debuginfo.repo

修改如下:

[rhel-debuginfo]

name=Red Hat Enterprise Linux $releasever - $basearch - Debug

baseurl=file:///cdrom/Server

enabled=1

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

安装

 

[root@localhost Server]# yum -y install nfs-utils

 

 

2.配置

[root@localhost Server]# vi /etc/exports

 

配置文件中的内容按照题目,配置

/nfs/media      192.168.1.0/255.255.255.0(ro,root_squash)

/nfs/***   s168.365linux.com(rw)   *(ro,root_squash)

/nfs/software   *(ro,anonuid=503,anongid=503)

~                                               

[root@localhost Server]# useradd -s /sbin/nologin nfsuser

查看此用户的ID

[root@localhost Server]# cat /etc/passwd

3.测试

[root@localhost Server]# service portmap restart

Stopping portmap:                                          [  OK  ]

Starting portmap:                                          [  OK  ]

[root@localhost Server]# service nfs restart

Shutting down NFS mountd:                                  [FAILED]

Shutting down NFS daemon:                                  [FAILED]

Shutting down NFS quotas:                                  [FAILED]

Shutting down NFS services:                                [FAILED]

Starting NFS services:  exportfs: s168.365linux.com has non-inet addr

exportfs: s168.365linux.com has non-inet addr

                                                           [  OK  ]

Starting NFS quotas:                                       [  OK  ]

Starting NFS daemon:                                       [  OK  ]

Starting NFS mountd:                                       [  OK  ]

Starting RPC idmapd:                                       [  OK  ]

 

[root@localhost Server]# vi /etc/hosts

在此文件中加入红色部分内容

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1               localhost.localdomain localhost

::1             localhost6.localdomain6 localhost6

172.16.41.180   s168.365linux.com

~                                   

 

[root@localhost Server]# service nfs restart

Shutting down NFS mountd:                                  [  OK  ]

Shutting down NFS daemon:                                  [  OK  ]

Shutting down NFS quotas:                                  [  OK  ]

Shutting down NFS services:                                [  OK  ]

Starting NFS services:                                     [  OK  ]

Starting NFS quotas:                                       [  OK  ]

Starting NFS daemon:                                       [  OK  ]

Starting NFS mountd:                                       [  OK  ]

[root@localhost Server]#

 

[root@localhost Server]# showmount -e 172.16.41.144

Export list for 172.16.41.180:

/nfs/software *

/nfs/media    192.168.1.0/255.255.255.0

/nfs/*** (everyone)

 

考试非必需

 

进入另一台LINUX

 

 

 

权限规则(就是小括号内的参数)

l  rwread-write,可读/

l  roread-only,只读

l  sync:数据同步写入到内存与硬盘当中

l  async:数据会先暂存于内存当中,而非直接写入硬盘

l  no_root_squash:登录NFS主机使用共享目录的用户,如果是ROOT,那么对于这个共享的目录来说,它就具有ROOT的权限,这个设置“极不安全”不建议使用

l  root_squash:在登录NFS主机使用共享目录的用户如果是ROOT,那么这个用户的权限将被压缩成匿名用户,通常它的UIDGID都会变成NOBODYnfsnobody)这个系统账号的身份

l  all_squash:不论登录NFS的用户身份如何,它的身份都会被压缩成匿名用户,NOBODYnfsnobody

l  anonuidanon是指anonymous(匿名)

l  anongid

发表评论:
天涯博客欢迎您!