Manualshelf

NFS Services Administrator's Guide (B1031-90072, March 2011)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
21222324252627282930
onc36# gsscred -m krb5_mech -a
7. To mount, secure NFS file system, enter the following command:
mount -o sec=<Security flavor> <svr:/dir> </mount-point>
Where,
-o
Enables you to use some of the specific options of the share command, such as sec, async,
public, and others.
sec
Enables you to specify the security mode to be used. Specify krb5, krb5p or krb5i as the
Security flavor.
<svr:/dir>
Enables you to specify the location of the directory.
<mount-point>
Enables you to specify the mount-point location where the filesystem is mounted.
An initial ticket grant is carried out when the user accesses the mounted filesystem.
Example
onc36# mount -F nfs -o sec=krb5 onc36:/export_krb5 /aaa
1. To verify that your file system is mounted, enter the following command:
onc36# nfsstat -m
/aaa from onc52:/export_krb5l
Flags: vers=3,proto=tcp,sec=krb5,hard,intr,link,symlink,acl,devs,rsize=65536,wsize=65536,retrans=5,timeo=600
Attr cache: acregmin=3,acregmax=60,acdirmin=30,acdirmax=60
2. If everything is correct, 'll' command on the mount point:
onc36# ll /aaa
total 0
drwxrwxrwx 2 nobody sys 96 Feb 11 17:04 arul
drwxrwxrwx 2 nobody sys 96 Feb 11 17:11 congrats
If there is any problem,
onc36# ll /aaa
bad directory
onc36# cd /aaa
lsh: /aaa: Permission denied.
Accessing Shared NFS Directories across a Firewall
To access shared NFS directories across a firewall, you must configure the firewall based on the
ports that the NFS service daemons listen on. To access NFS directories, the following daemons
are required: rpcbind, nfsd, rpc.lockd, rpc.statd, and rpc.mountd. The rpcbind
daemon uses a fixed port, 111, and the nfsd daemon uses 2049 as its default port. To configure
the firewall, you must know the port numbers of the other NFS daemons, to ensure that the NFS
client requests are not denied.
NOTE: This section does not document how to configure a firewall. This section documents the
considerations to keep in mind while sharing a directory across a firewall.
Shared NFS directories can be accessed across a firewall in the following ways:
Sharing directories across a firewall without fixed port numbers
Sharing directories across a firewall using fixed port numbers in the /etc/default/nfs
file
Sharing directories across a firewall using the NFSv4 protocol
Sharing directories across a firewall using the WebNFS feature
28 Configuring and Administering NFS Services