9.7. NFS Server Configuration
- Manually editing the NFS configuration file, that is,
- through the command line, that is, by using the command
/etc/exports Configuration File
/etc/exportsfile controls which file systems are exported to remote hosts and specifies options. It follows the following syntax rules:
- Blank lines are ignored.
- To add a comment, start a line with the hash mark (
- You can wrap long lines with a backslash (
- Each exported file system should be on its own individual line.
- Any lists of authorized hosts placed after an exported file system must be separated by space characters.
- Options for each of the hosts must be placed in parentheses directly after the host identifier, without any spaces separating the host and the first parenthesis.
- The directory being exported
- The host or network to which the export is being shared
- The options to be used for host
export host1(options1) host2(options2) host3(options3)
/etc/exportsfile only specifies the exported directory and the hosts permitted to access it, as in the following example:
Example 9.6. The
/exported/directory/from the NFS server. Because no options are specified in this example, NFS will use default settings.
- The exported file system is read-only. Remote hosts cannot change the data shared on the file system. To allow hosts to make changes to the file system (that is, read/write), specify the
- The NFS server will not reply to requests before changes made by previous requests are written to disk. To enable asynchronous writes instead, specify the option
- The NFS server will delay writing to the disk if it suspects another write request is imminent. This can improve performance as it reduces the number of times the disk must be accesses by separate write commands, thereby reducing write overhead. To disable this, specify the
no_wdelayis only available if the default
syncoption is also specified.
- This prevents root users connected remotely (as opposed to locally) from having root privileges; instead, the NFS server will assign them the user ID
nfsnobody. This effectively "squashes" the power of the remote root user to the lowest local user, preventing possible unauthorized writes on the remote server. To disable root squashing, specify
all_squash. To specify the user and group IDs that the NFS server should assign to remote users from a particular host, use the
anongidoptions, respectively, as in:
anongidoptions allow you to create a special user and group account for remote NFS users to share.
no_acloption when exporting the file system.
rwoption is not specified, then the exported file system is shared as read-only. The following is a sample line from
/etc/exportswhich overrides two default options:
/another/exported/directory/read/write and all writes to disk are asynchronous. For more information on exporting options, refer to
man exportsfor details on these less-used options.
/etc/exportsfile is very precise, particularly in regards to use of the space character. Remember to always separate exported file systems from hosts and hosts from one another with a space character. However, there should be no other space characters in the file except on comment lines.
/home bob.example.com(rw) /home bob.example.com (rw)
bob.example.comread/write access to the
/homedirectory. The second line allows users from
bob.example.comto mount the directory as read-only (the default), while the rest of the world can mount it read/write.