Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
linux_wiki:network_services_overview_nfs [2016/10/01 22:54] billdozor [Firewall] |
linux_wiki:network_services_overview_nfs [2018/04/12 23:58] billdozor [Host Based] |
||
---|---|---|---|
Line 12: | Line 12: | ||
* Configure the service for basic operation | * Configure the service for basic operation | ||
* Configure host-based and user-based security for the service | * Configure host-based and user-based security for the service | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ====== Lab Setup ====== | ||
+ | |||
+ | The following virtual machines will be used: | ||
+ | * server1.example.com (192.168.1.150) -> Perform all NFS client tests from here | ||
+ | * server2.example.com (192.168.1.151) -> Install the NFS server here | ||
---- | ---- | ||
Line 42: | Line 50: | ||
Check Current Service Status | Check Current Service Status | ||
<code bash> | <code bash> | ||
- | systemctl status | + | systemctl status |
</ | </ | ||
* Also displays if the service is enabled or disabled | * Also displays if the service is enabled or disabled | ||
Line 49: | Line 57: | ||
Enabling a service to start on boot | Enabling a service to start on boot | ||
<code bash> | <code bash> | ||
- | systemctl enable | + | systemctl enable |
</ | </ | ||
Line 58: | Line 66: | ||
Enable and Start the service | Enable and Start the service | ||
<code bash> | <code bash> | ||
- | systemctl enable | + | systemctl enable |
- | systemctl start <service-name> | + | systemctl start nfs-server |
</ | </ | ||
Line 68: | Line 76: | ||
===== Firewall ===== | ===== Firewall ===== | ||
- | Allow access through the firewall | + | Allow access through the firewall |
<code bash> | <code bash> | ||
firewall-cmd --permanent --add-service=nfs | firewall-cmd --permanent --add-service=nfs | ||
+ | firewall-cmd --reload | ||
+ | </ | ||
+ | |||
+ | \\ | ||
+ | Allow access through the firewall to allow the showmount command from clients to work | ||
+ | <code bash> | ||
+ | firewall-cmd --permanent --add-service=rpc-bind | ||
+ | firewall-cmd --permanent --add-service=mountd | ||
firewall-cmd --reload | firewall-cmd --reload | ||
</ | </ | ||
Line 76: | Line 92: | ||
===== Host Based ===== | ===== Host Based ===== | ||
+ | Configure host based access in / | ||
+ | <code bash> | ||
+ | / | ||
+ | / | ||
+ | </ | ||
+ | * Hostname based and network based | ||
+ | * Others refused | ||
+ | |||
+ | Export modifications< | ||
===== User Based ===== | ===== User Based ===== | ||
+ | |||
+ | Default NFS security (sec=sys) is via IP addresses or hostname. | ||
+ | |||
+ | [[linux_wiki: | ||
---- | ---- | ||