NFS搭建

[root@nfsserver01 ~]# yum install rpcbind nfs-utils -y
[root@nfsserver01 ~]# mkdir /share
[root@nfsserver01 ~]# chmod 755 /share
[root@nfsserver01 ~]# ll -d /share
drwxr-xr-x. 2 root root 6 8月  16 10:42 /share
[root@nfsserver01 ~]# mkdir /share
[root@nfsserver01 ~]# chmod 755 /share
[root@nfsserver01 ~]# ll -d /share
drwxr-xr-x. 2 root root 6 8月  16 10:42 /share
[root@nfsserver01 ~]# vim /etc/exports

#######shared for test by suffergtf at 2018-8-16######
/share  192.168.127.0/24(rw,sync)
[root@nfsserver01 ~]# systemctl start rpcbind
[root@nfsserver01 ~]# systemctl enable rpcbind
[root@nfsserver01 ~]# netstat -lntup|grep rpcbind
tcp        0      0 0.0.0.0:111             0.0.0.0:*               listen      10432/rpcbind       
tcp6       0      0 :::111                  :::*                    listen      10432/rpcbind       
udp        0      0 0.0.0.0:855             0.0.0.0:*                           10432/rpcbind       
udp        0      0 0.0.0.0:111             0.0.0.0:*                           10432/rpcbind       
udp6       0      0 :::855                  :::*                                10432/rpcbind       
udp6       0      0 :::111                  :::*                                10432/rpcbind 
[root@nfsserver01 ~]# rpcinfo -p localhost
   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper

[root@nfsserver01 ~]# systemctl start nfs
[root@nfsserver01 ~]# systemctl enable nfs
created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service.

[root@nfsserver01 ~]# rpcinfo -p localhost
   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  40390  status
    100024    1   tcp  56253  status
    100005    1   udp  20048  mountd
    100005    1   tcp  20048  mountd
    100005    2   udp  20048  mountd
    100005    2   tcp  20048  mountd
    100005    3   udp  20048  mountd
    100005    3   tcp  20048  mountd
    100003    3   tcp   2049  nfs
    100003    4   tcp   2049  nfs
    100227    3   tcp   2049  nfs_acl
    100003    3   udp   2049  nfs
    100003    4   udp   2049  nfs
    100227    3   udp   2049  nfs_acl
    100021    1   udp  50142  nlockmgr
    100021    3   udp  50142  nlockmgr
    100021    4   udp  50142  nlockmgr
    100021    1   tcp  32899  nlockmgr
    100021    3   tcp  32899  nlockmgr
    100021    4   tcp  32899  nlockmgr
[root@nfsserver01 ~]# showmount -e localhost
export list for localhost:
/share 192.168.127.0/24

[root@nfsclient01 ~]# yum install rpcbind nfs-utils -y 　　#nfs-utils可不安装
[root@nfsclient01 ~]# systemctl start rpcbind
[root@nfsclient01 ~]# systemctl enable rpcbind

[root@nfsclient01 ~]# showmount -e 192.168.127.100
clnt_create: rpc: port mapper failure - unable to receive: errno 113 (no route to host)　　##关闭server，client端防火墙和selinux
######nfsserver端
[root@nfsserver01 ~]# systemctl stop firewalld
[root@nfsserver01 ~]# systemctl disable firewalld
removed symlink /etc/systemd/system/dbus-org.fedoraproject.firewalld1.service.
removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[root@nfsserver01 ~]# vim /etc/selinux/config 


# this file controls the state of selinux on the system.
# selinux= can take one of these three values:
#     enforcing - selinux security policy is enforced.
#     permissive - selinux prints warnings instead of enforcing.
#     disabled - no selinux policy is loaded.
selinux=disabled
# selinuxtype= can take one of three two values:
#     targeted - targeted processes are protected,
#     minimum - modification of targeted policy. only selected processes are protected. 
#     mls - multi level security protection.
selinuxtype=targeted
######nfsclient端同上

[root@nfsclient01 ~]# showmount -e 192.168.127.100
export list for 192.168.127.100:
/share 192.168.127.0/24
[root@nfsclient01 ~]# mount -t nfs 192.168.127.100:/share /mnt
[root@nfsclient01 mnt]# echo 'mount -t nfs 192.168.127.100:/share /mnt' >>/etc/profile
[root@nfsclient01 ~]# df -h
文件系统                容量  已用  可用 已用% 挂载点
/dev/sda3                18g  1.2g   17g    7% /
devtmpfs                227m     0  227m    0% /dev
tmpfs                   237m     0  237m    0% /dev/shm
tmpfs                   237m  4.6m  232m    2% /run
tmpfs                   237m     0  237m    0% /sys/fs/cgroup
/dev/sda1                97m   89m  8.6m   92% /boot
tmpfs                    48m     0   48m    0% /run/user/0
192.168.127.100:/share   18g  1.2g   17g    7% /mnt
[root@nfsclient01 mnt]# touch 1.test
touch: 无法创建"1.test": 权限不够

[root@nfsserver01 ~]# cat /var/lib/nfs/etab 　　　　######查看默认共享参数
/share    192.168.127.0/24(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,secure,root_squash,no_all_squash)
[root@nfsserver01 ~]# ll /share/ -d
drwxr-xr-x. 2 root root 6 8月  16 10:42 /share/　　　　###共享文件属主为root，挂载的客户端root用户，被转换成nfsnobody用户，所以没有权限
[root@nfsserver01 ~]# chown nfsnobody.nfsnobody /share
[root@nfsserver01 ~]# ll /share/ -d
drwxr-xr-x. 2 nfsnobody nfsnobody 6 8月  16 10:42 /share/

[root@nfsclient01 mnt]# touch 1.test
[root@nfsclient01 mnt]# ll /mnt/
总用量 0
-rw-r--r--. 1 nfsnobody nfsnobody 0 8月  16 11:22 1.test