Chapter 17. Network File System

A Network File System (NFS) allows remote hosts to mount file systems over a network and interact with those file systems as though they are mounted locally. This enables system administrators to consolidate resources onto centralized servers on the network.[18]
In Red Hat Enterprise Linux, the nfs-utils package is required for full NFS support. Run the following command to see if the nfs-utils is installed:
~]$ rpm -q nfs-utils
package nfs-utils is not installed
If it is not installed and you want to use NFS, use the yum utility as root to install it:
~]# yum install nfs-utils

17.1. NFS and SELinux

When running SELinux, the NFS daemons are confined by default except the nfsd process, which is labeled with the unconfined kernel_t domain type. The SELinux policy allows NFS to share files by default. Also, passing SELinux labels between a client and the server is supported, which provides better security control of confined domains accessing NFS volumes. For example, when a home directory is set up on an NFS volume, it is possible to specify confined domains that are able to access only the home directory and not other directories on the volume. Similarly, applications, such as Secure Virtualization, can set the label of an image file on an NFS volume, thus increasing the level of separation of virtual machines.
The support for labeled NFS is disabled by default. To enable it, see Section 17.4.1, “Enabling SELinux Labeled NFS Support”.


[18] See the Network File System (NFS) chapter in the Storage Administration Guide for more information.