Installation guide

ManualsBrandsPythonQ ManualsIndustrial248-8XX

241

242

243

244

245

246

247

248

249

250

250 Chapter 17. Network File System (NFS)

17.2.1. /etc/exports

The /etc/exports ﬁle is the standard for controlling which ﬁle systems are exported to which hosts,

as well as specifying particular options that control everything. Blank lines are ignored, comments can

be made using #, and long lines can be wrapped with a backslash (\). Each exported ﬁle system should

be on its own line. Lists of authorized hosts placed after an exported ﬁle system must be separated by

space characters. Options for each of the hosts must be placed in parentheses directly after the host

identiﬁer, without any spaces separating the host and the ﬁrst parenthesis.

In its simplest form, /etc/exports only needs to know the directory to be exported and the hosts

permitted to use it:

/some/directory bob.domain.com

/another/exported/directory 192.168.0.3

After re-exporting /etc/exports with the /sbin/service nfs reload command, the

bob.domain.com host will be able to mount /some/directory and 192.168.0.3 can mount

/another/exported/directory. Because no options are speciﬁed in this example, several

default NFS preferences take effect:

• ro — Read-only. Hosts mounting this ﬁle system will not be able to change it. To allow hosts to

make changes to the ﬁle system, you must specify rw (read-write).

• async — Allows the server to write data to the disk when it sees ﬁt. While this is not important

if the host is accessing data as read-only, if a host is making changes to a read-write ﬁle system

and the server crashes, data could be lost. By specifying the sync option, all ﬁle writes must be

committed to the disk before the write request by the client is actually completed. This may lower

performance.

• wdelay — Causes the NFS server to delay writing to the disk if it suspects another write request

is imminent. This can improve performance by reducing the number of times the disk must be

accessed by separate write commands, reducing write overhead. Use no_wdelay to turn this feature

off, which only works if you are using the sync option.

• root_squash — Makes any client accesses to the exported ﬁle system, made as the root user on

the client machine, take place as the nobody user ID. This effectively "squashes" the power of the

remote root user to the lowest local user, preventing remote root users from acting as though they

were the root user on the local system. Alternatively, the no_root_squash option turns off root

squashing. To squash every remote user, including root, use the all_squash option. To specify

the user and group IDs to use with remote users from a particular host, use the anonuid and

anongid options, respectively. In this way, you can create a special user account for remote NFS

users to share and specify (anonuid=

uid-value ,anongid= gid-value ), where uid-

value

is the user ID number and gid-value is the group ID number.

In order to override these defaults, you must specify an option that takes its place. For example, if

you do not specify rw, then that export will only be shared read-only. Each default for every exported

ﬁle system must be explicitly overridden. Additionally, other options are available where no default

value is in place. These include the ability to disable sub-tree checking, allow access from insecure

ports, and allow insecure ﬁle locks (necessary for certain early NFS client implementations). See the

exports man page for details on these lesser used options.

When specifying hostnames, you can use the following methods:

• single host — Where one particular host is speciﬁed with a fully qualiﬁed domain name, hostname,

or IP address.

• wildcards — Where a * or ? character is used to take into account a grouping of fully qualiﬁed

domain names or IP addresses or those that match a particular string of letters.