NFS Server on RHEL 6

yum install nfs* -y

service rpcbind start
service nfs start
service nfslock start

chkconfig rpcbind on
chkconfig nfs on
chkconfig nfslock on

vi /etc/sysconfig/nfs
RQUOTAD_PORT=875
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
STATD_PORT=662
STATD_OUTGOING_PORT=2020

rpcinfo -p

vi /etc/sysconfig/iptables

-A INPUT -s 192.168.0.0/24 -d 192.168.0.1 -m state –state NEW -m udp -p udp –dport 2049 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -d 192.168.0.1 -m state –state NEW -m tcp -p tcp –dport 2049 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -d 192.168.0.1 -m state –state NEW -m udp -p udp –dport 111 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -d 192.168.0.1 -m state –state NEW -m tcp -p tcp –dport 111 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -d 192.168.0.1 -m state –state NEW -m udp -p udp –dport 32769 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -d 192.168.0.1 -m state –state NEW -m tcp -p tcp –dport 32803 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -d 192.168.0.1 -m state –state NEW -m udp -p udp –dport 662 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -d 192.168.0.1 -m state –state NEW -m tcp -p tcp –dport 662 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -d 192.168.0.1 -m state –state NEW -m udp -p udp –dport 875 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -d 192.168.0.1 -m state –state NEW -m tcp -p tcp –dport 875 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -d 192.168.0.1 -m state –state NEW -m udp -p udp –dport 892 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -d 192.168.0.1 -m state –state NEW -m tcp -p tcp –dport 892 -j ACCEPT

mkdir /myexport
vi /etc/exports
/myexport 192.168.0.0/24(rw,no_root_squash,no_subtree_check)

# *note /home – shared directory
#192.168.0.0/24 – range of networks NFS permits accesses
#rw – possible to read and write
#sync – synchronize
#no_root_squash – enable root privilege
#no_subtree_check – disable subtree check

/etc/hosts.allow:
#mountd: 192.168.0.0/255.255.255.0
#lockd: 192.168.0.1 , 192.168.0.2
#rquotad: 192.168.0.1 , 192.168.0.2
mountd: 192.168.0.1 , 192.168.0.2
#statd: 192.168.0.1 , 192.168.0.2

vi /etc/hosts.deny:
portmap:ALL
lockd:ALL
mountd:ALL
rquotad:ALL
statd:ALL

service rpcbind restart
service nfs restart
service nfslock restart

showmount -e 192.168.0.1

mount -t nfs 192.168.0.1:/data/archive /mnt/archive

nfsstat

“Rather than disable SELinux it is a good idea to configure it to allow remote clients to access files that are exported via NFS share. This is fairly simple and involves setting the SELinux boolean value using the “setsebool” utility. In this example we’ll use the “read/write” boolean but we can also use “nfs_export_all_ro” to allow NFS exports read-only and “use_nfs_home_dirs” to allow home directories to be exported.
# setsebool -P nfs_export_all_rw 1”

Ссылки:
http://mylinuxlife.com/setting-up-nfs-on-rhel-6-iptables-firewall-solution/
http://aaronwalrath.wordpress.com/2011/03/18/configure-nfs-server-v3-and-v4-on-scientific-linux-6-and-red-hat-enterprise-linux-rhel-6/

December 6th, 2013 in IT | tags: , , , , ,

Leave a comment

You must be logged in to post a comment.