Manualshelf

NFS Services Administrator's Guide (B.11.31.05) September 2009

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
21222324252627282930
sec
Enables you to specify the security mode to be used. Specify krb5, krb5p or krb5i as
the Security flavor.
<svr:/dir>
Enables you to specify the location of the directory.
<mount-point>
Enables you to specify the mount-point location where the filesystem is mounted.
An initial ticket grant is carried out when the user accesses the mounted filesystem.
Example
onc36# mount -F nfs -o sec=krb5 onc36:/export_krb5 /aaa
1. To verify that your file system is mounted, enter the following command:
onc36# nfsstat -m
/aaa from onc52:/export_krb5l
Flags: vers=3,proto=tcp,sec=krb5,hard,intr,link,symlink,acl,devs,rsize=65536,wsize=65536,retrans=5,timeo=600
Attr cache: acregmin=3,acregmax=60,acdirmin=30,acdirmax=60
2. If everything is correct, 'll' command on the mount point:
onc36# ll /aaa
total 0
drwxrwxrwx 2 nobody sys 96 Feb 11 17:04 arul
drwxrwxrwx 2 nobody sys 96 Feb 11 17:11 congrats
If there is any problem,
onc36# ll /aaa
bad directory
onc36# cd /aaa
lsh: /aaa: Permission denied.
Accessing Shared NFS Directories across a Firewall
To access shared NFS directories across a firewall, you must configure the firewall based on the
ports that the NFS service daemons listen on. To access NFS directories, the following daemons
are required: rpcbind, nfsd, rpc.lockd, rpc.statd, and rpc.mountd. The rpcbind
daemon uses a fixed port, 111, and the nfsd daemon uses 2049 as its default port. To configure
the firewall, you must know the port numbers of the other NFS daemons, to ensure that the NFS
client requests are not denied.
NOTE: This section does not document how to configure a firewall. This section documents
the considerations to keep in mind while sharing a directory across a firewall.
Shared NFS directories can be accessed across a firewall in the following ways:
Sharing directories across a firewall without fixed port numbers
Sharing directories across a firewall using fixed port numbers in the /etc/default/nfs
file
Sharing directories across a firewall using the NFSv4 protocol
Sharing directories across a firewall using the WebNFS feature
Sharing directories across a firewall without fixed port numbers (NFSv2 and NFSv3)
This is the default method of sharing directories across a firewall. In this method, the rpc.statd
and rpc.mountd daemons do not run on fixed ports. The ports used by these daemons are
assigned from the anonymous port range. By default, the anonymous port range is configured
between 49152 and 65535.
30 Configuring and Administering NFS Services