Chapter 16. Network File System
A Network File System (NFS) allows remote hosts to mount file systems over a network and interact with those file systems as though they are mounted locally. This enables system administrators to consolidate resources onto centralized servers on the network.
In Red Hat Enterprise Linux, the nfs-utils package is required for full NFS support. Enter the following command to see if the nfs-utils is installed:
rpm -q nfs-utilspackage nfs-utils is not installed
If it is not installed and you want to use NFS, use the
yumutility as root to install it:
yum install nfs-utils
16.1. NFS and SELinux
When running SELinux, the NFS daemons are confined by default except the
nfsdprocess, which is labeled with the unconfined
kernel_tdomain type. The SELinux policy allows NFS to share files by default. Also, passing SELinux labels between a client and the server is supported, which provides better security control of confined domains accessing NFS volumes. For example, when a home directory is set up on an NFS volume, it is possible to specify confined domains that are able to access only the home directory and not other directories on the volume. Similarly, applications, such as Secure Virtualization, can set the label of an image file on an NFS volume, thus increasing the level of separation of virtual machines.
The support for labeled NFS is disabled by default. To enable it, see Section 16.4.1, “Enabling SELinux Labeled NFS Support”.