Hitchhiker's Guide to Openbsd
Download 1.27 Mb. Pdf ko'rish
|
obsd-faq49
- Bu sahifa navigatsiya:
- /usr/sbin/portmap echo -n >/var/db/mountdtab /sbin/mountd /sbin/nfsd -tun 4
|
Setting up an NFS Server
These services must be enabled and running on the server: ● portmap(8) ● mountd(8) ● nfsd(8) By default each of these is disabled in OpenBSD. Add the following lines to rc.conf.local(8) to enable them: portmap=YES nfs_server=YES The next step is to configure the list of filesystems that will be made available for clients to mount. In this example, we have a server with IP address 10.0.0.1. This server will be serving NFS only to clients within its own subnet. All of this is configured in the /etc/exports file. This file lists which filesystems you wish to have accessible via NFS and defines who is able to access them. There are many options that you can use in /etc/exports; it is best that you read the exports(5) man page. For our example server, we've setup an exports file that looks like this: # # NFS exports Database # See exports(5) for more information. Be very careful, misconfiguration # of this file can result in your filesystems being readable by the world. /work -alldirs -ro -network=10.0.0 -mask=255.255.255.0 http://www.openbsd.org/faq/faq6.html (17 of 33)9/4/2011 10:02:06 AM 6 - Networking This means that the local filesystem /work will be made available via NFS. The -alldirs option specifies that clients will be able to mount at any point under /work as well as /work itself. For example, if there was a directory called /work/monday , clients could mount /work (and have access to all files/directories underneath that directory) or they could mount /work/monday and have access to just the files/directories contained there. The -ro option specifies that clients will only be granted read-only access. The last two arguments specify that only clients within the 10.0.0.0 network using a netmask of 255.255.255.0 will be authorized to mount this filesystem. This is important for some servers that are accessible by different networks. Another important security note: don't just add a filesystem to /etc/exports without some kind of list of allowed host(s). Without a list of hosts which can mount a particular directory, anyone who can reach your server will be able to mount your NFS exported directories. Now you can start the server services. You can either reboot (after enabling them as per the instructions above) or run them manually. # /usr/sbin/portmap # echo -n >/var/db/mountdtab # /sbin/mountd # /sbin/nfsd -tun 4 The arguments passed to nfsd enable TCP (-t) and UDP (-u) connections and enable 4 instances (-n) of nfsd to run. You should set an appropriate number of NFS server instances to handle the maximum number of concurrent client requests that you want to service. You're now ready to mount the exported filesystems from the client(s). Remember: If you make changes to /etc/exports while NFS is already running, you need to make mountd aware of this! Just HUP mountd and the changes will take affect. # kill -HUP `cat /var/run/mountd.pid` Download 1.27 Mb. Do'stlaringiz bilan baham: 
|