{"id":577,"date":"2013-12-06T10:17:12","date_gmt":"2013-12-06T03:17:12","guid":{"rendered":"http:\/\/blog.trichev.com\/?p=577"},"modified":"2017-08-10T09:29:07","modified_gmt":"2017-08-10T02:29:07","slug":"nfs-server-on-rhel-6","status":"publish","type":"post","link":"https:\/\/trichev.com\/blog\/2013\/12\/06\/nfs-server-on-rhel-6\/","title":{"rendered":"NFS Server on RHEL 6"},"content":{"rendered":"<p>yum install nfs* -y<\/p>\n<p>service rpcbind start<br \/>\nservice nfs start<br \/>\nservice nfslock start<\/p>\n<p>chkconfig rpcbind on<br \/>\nchkconfig nfs on<br \/>\nchkconfig nfslock on<\/p>\n<p>vi \/etc\/sysconfig\/nfs<br \/>\nRQUOTAD_PORT=875<br \/>\nLOCKD_TCPPORT=32803<br \/>\nLOCKD_UDPPORT=32769<br \/>\nMOUNTD_PORT=892<br \/>\nSTATD_PORT=662<br \/>\nSTATD_OUTGOING_PORT=2020<\/p>\n<p>rpcinfo -p<\/p>\n<p>vi \/etc\/sysconfig\/iptables<\/p>\n<p>-A INPUT -s 192.168.0.0\/24 -d 192.168.0.1 -m state &#8211;state NEW -m udp -p udp &#8211;dport 2049 -j ACCEPT<br \/>\n-A INPUT -s 192.168.0.0\/24 -d 192.168.0.1 -m state &#8211;state NEW -m tcp -p tcp &#8211;dport 2049 -j ACCEPT<br \/>\n-A INPUT -s 192.168.0.0\/24 -d 192.168.0.1 -m state &#8211;state NEW -m udp -p udp &#8211;dport 111 -j ACCEPT<br \/>\n-A INPUT -s 192.168.0.0\/24 -d 192.168.0.1 -m state &#8211;state NEW -m tcp -p tcp &#8211;dport 111 -j ACCEPT<br \/>\n-A INPUT -s 192.168.0.0\/24 -d 192.168.0.1 -m state &#8211;state NEW -m udp -p udp &#8211;dport 32769 -j ACCEPT<br \/>\n-A INPUT -s 192.168.0.0\/24 -d 192.168.0.1 -m state &#8211;state NEW -m tcp -p tcp &#8211;dport 32803 -j ACCEPT<br \/>\n-A INPUT -s 192.168.0.0\/24 -d 192.168.0.1 -m state &#8211;state NEW -m udp -p udp &#8211;dport 662 -j ACCEPT<br \/>\n-A INPUT -s 192.168.0.0\/24 -d 192.168.0.1 -m state &#8211;state NEW -m tcp -p tcp &#8211;dport 662 -j ACCEPT<br \/>\n-A INPUT -s 192.168.0.0\/24 -d 192.168.0.1 -m state &#8211;state NEW -m udp -p udp &#8211;dport 875 -j ACCEPT<br \/>\n-A INPUT -s 192.168.0.0\/24 -d 192.168.0.1 -m state &#8211;state NEW -m tcp -p tcp &#8211;dport 875 -j ACCEPT<br \/>\n-A INPUT -s 192.168.0.0\/24 -d 192.168.0.1 -m state &#8211;state NEW -m udp -p udp &#8211;dport 892 -j ACCEPT<br \/>\n-A INPUT -s 192.168.0.0\/24 -d 192.168.0.1 -m state &#8211;state NEW -m tcp -p tcp &#8211;dport 892 -j ACCEPT<\/p>\n<p>mkdir \/myexport<br \/>\nvi \/etc\/exports<br \/>\n\/myexport 192.168.0.0\/24(rw,no_root_squash,no_subtree_check)<\/p>\n<p># *note \/home &#8211; shared directory<br \/>\n#192.168.0.0\/24 &#8211; range of networks NFS permits accesses<br \/>\n#rw &#8211; possible to read and write<br \/>\n#sync &#8211; synchronize<br \/>\n#no_root_squash &#8211; enable root privilege<br \/>\n#no_subtree_check &#8211; disable subtree check<\/p>\n<p>\/etc\/hosts.allow:<br \/>\n#mountd: 192.168.0.0\/255.255.255.0<br \/>\n#lockd: 192.168.0.1 , 192.168.0.2<br \/>\n#rquotad: 192.168.0.1 , 192.168.0.2<br \/>\nmountd: 192.168.0.1 , 192.168.0.2<br \/>\n#statd: 192.168.0.1 , 192.168.0.2<\/p>\n<p>vi \/etc\/hosts.deny:<br \/>\nportmap:ALL<br \/>\nlockd:ALL<br \/>\nmountd:ALL<br \/>\nrquotad:ALL<br \/>\nstatd:ALL<\/p>\n<p>service rpcbind restart<br \/>\nservice nfs restart<br \/>\nservice nfslock restart<\/p>\n<p>showmount -e 192.168.0.1<\/p>\n<p>mount -t nfs 192.168.0.1:\/data\/archive \/mnt\/archive<\/p>\n<p>nfsstat<\/p>\n<p>&#8220;Rather than disable SELinux it is a good idea to configure it to allow remote clients to access files that are exported via NFS share.  This is fairly simple and involves setting the SELinux boolean value using the \u201csetsebool\u201d utility.  In this example we\u2019ll use the \u201cread\/write\u201d boolean but we can also use \u201cnfs_export_all_ro\u201d to allow NFS exports read-only and \u201cuse_nfs_home_dirs\u201d to allow home directories to be exported.<br \/>\n# setsebool -P nfs_export_all_rw 1&#8221;<\/p>\n<p>\u0421\u0441\u044b\u043b\u043a\u0438:<br \/>\n<a href=\"http:\/\/mylinuxlife.com\/setting-up-nfs-on-rhel-6-iptables-firewall-solution\/\">http:\/\/mylinuxlife.com\/setting-up-nfs-on-rhel-6-iptables-firewall-solution\/<\/a><br \/>\n<a href=\"http:\/\/aaronwalrath.wordpress.com\/2011\/03\/18\/configure-nfs-server-v3-and-v4-on-scientific-linux-6-and-red-hat-enterprise-linux-rhel-6\/\">http:\/\/aaronwalrath.wordpress.com\/2011\/03\/18\/configure-nfs-server-v3-and-v4-on-scientific-linux-6-and-red-hat-enterprise-linux-rhel-6\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>yum install nfs* -y service rpcbind start service nfs start service nfslock start chkconfig rpcbind on chkconfig nfs on chkconfig nfslock on vi \/etc\/sysconfig\/nfs RQUOTAD_PORT=875 LOCKD_TCPPORT=32803 LOCKD_UDPPORT=32769 MOUNTD_PORT=892 STATD_PORT=662 STATD_OUTGOING_PORT=2020 rpcinfo -p vi \/etc\/sysconfig\/iptables -A INPUT -s 192.168.0.0\/24 -d 192.168.0.1 -m state &#8211;state NEW -m udp -p udp &#8211;dport 2049 -j ACCEPT -A INPUT -s [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[231],"tags":[32,176,86,28,14,11],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/trichev.com\/blog\/wp-json\/wp\/v2\/posts\/577"}],"collection":[{"href":"https:\/\/trichev.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/trichev.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/trichev.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/trichev.com\/blog\/wp-json\/wp\/v2\/comments?post=577"}],"version-history":[{"count":1,"href":"https:\/\/trichev.com\/blog\/wp-json\/wp\/v2\/posts\/577\/revisions"}],"predecessor-version":[{"id":578,"href":"https:\/\/trichev.com\/blog\/wp-json\/wp\/v2\/posts\/577\/revisions\/578"}],"wp:attachment":[{"href":"https:\/\/trichev.com\/blog\/wp-json\/wp\/v2\/media?parent=577"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/trichev.com\/blog\/wp-json\/wp\/v2\/categories?post=577"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/trichev.com\/blog\/wp-json\/wp\/v2\/tags?post=577"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}