NFS配置手册

1) 安装NFS服务
[root@nfssrv ~]# yum install nfs-utils -y

2) 配置NFS服务
[root@nfssrv ~]# vim /etc/idmapd.conf
# 取消第5行注释，并更改所在的domain_name
Domain = 1000cc.net

3) 设置共享目录
[root@nfssrv ~]# vim /etc/exports
/mnt *(rw,no_root_squash)

4) 启动NFS服务
[root@nfssrv ~]# systemctl enable --now rpcbind nfs-server

5) 防火墙设置--NFSv4
[root@nfssrv ~]# firewall-cmd --add-service=nfs --permanent
success

6) 防火墙设置--NFSv3
[root@nfssrv ~]# firewall-cmd --add-service={nfs3,mountd,rpc-bind} --permanent
success

[root@nfssrv ~]# firewall-cmd --reload
success

1) 安装NFS客户端工具
[root@client ~]# yum install nfs-utils -y

2)配置NFS客户端
[root@client ~]# vim /etc/idmapd.conf
# 取消第5行注释，并更改所在的domain_name
Domain = 1000cc.net

3) 启动NFS客户端服务
[root@client ~]# systemctl enable --now rpcbind

4) 挂载NFSv4服务器的共享目录
[root@client ~]# mount.nfs nfssrv.1000cc.net:/mnt /mnt
[root@client ~]# df -Th | grep /mnt
nfssrv.1000cc.net:/mnt nfs4      8.4G  1.7G  6.2G  22% /mnt

5) 挂载NFSv3服务器的共享目录
[root@client ~]# mount -t nfs -o vers=3 nfsrv.1000cc.net:/mnt /mnt
[root@client ~]# df -Th | grep /mnt
nfssrv.1000cc.net:/mnt nfs       8.4G  1.7G  6.2G  22% /mnt

1. /etc/fstab实现
[root@client ~]# vim /etc/fstab
......
......
......
......
......
......

# 于最后行追加如下内容
nfssrv.1000cc.net:/mnt	/mnt	nfs	defaults	0 0

2. autofs实现
[root@client ~]# yum install -y autofs
[root@client ~]# vim /etc/auto.master
......
......
......
......
......
......

# 于最后行追加如下内容
/-    /etc/auto.mount

[root@client ~]# vim /etc/auto.mount
......
......
......
......
......
......

# 追加如下内容
/mnt -fstype=nfs,rw  nfssrv.1000cc.net:/home

[root@client ~]# systemctl enable --now autofs

[root@client ~]# cat /proc/mounts | grep mnt
/etc/auto.mount /mnt autofs rw,relatime,fd=17,pgrp=1994,timeout=300,minproto=5,maxproto=5,direct,pipe_ino=22472 0 0

1. 安装nfs-acl工具
[root@client ~]# yum install -y nfs4-acl-tools

2. 挂载NFS共享目录
[root@client ~]# mount.nfs nfssrv.1000cc.net:/mnt /mnt
[root@client ~]# df -Th | grep /mnt
nfssrv.1000cc.net:/mnt nfs4      8.4G  1.7G  6.2G  22% /mnt

3. 显示现有的NFS ACL
[root@client ~]# nfs4_getfacl /mnt
# file: /mnt
A::OWNER@:rwaDxtTcCy
A::GROUP@:rxtcy
A::EVERYONE@:rxtcy

4. 添加NFS ACL
[root@client ~]# getent passwd snow
snow:x:1000:1000::/home/snow:/bin/bash

[root@client ~]# getent group snow
snow:x:1000:

[root@client ~]# touch /mnt/test.txt
[root@client ~]# nfs4_setfacl -a A:g:1000:rxtncy /mnt/test.txt
[root@client ~]# nfs4_setfacl -a A::1000:rxtncy /mnt/test.txt
[root@client ~]# nfs4_getfacl /mnt/test.txt
# file: /mnt/test.txt
D::OWNER@:x
A::OWNER@:rwatTcCy
A::1000:rxtcy
A::GROUP@:rtcy
A:g:1000:rxtcy
A::EVERYONE@:rtcy

5. 删除NFS ACL
[root@client ~]# nfs4_setfacl -x A:g:1000:rxtcy /mnt/test.txt
[root@client ~]# nfs4_setfacl -x A::1000:rxtcy /mnt/test.txt
[root@client ~]# nfs4_getfacl /mnt/test.txt

# file: /mnt/test.txt
A::OWNER@:rwatTcCy
A::GROUP@:rtcy
A::EVERYONE@:rtcy

5. 编辑NFS ACL
[root@client ~]# nfs4_setfacl -e /mnt/test.txt

# 将打开vi/vim编辑ACL规则
## Editing NFSv4 ACL for file: /mnt/test.txt
A::OWNER@:rwatTcCy
A::GROUP@:rtcy
A::EVERYONE@:rtcy

6. 从文件中添加ACL规则
[root@client ~]# vim acl-list.txt 
A::1000:RX

[root@client ~]# nfs4_setfacl -A acl-list.txt /mnt/test.txt
[root@client ~]# nfs4_getfacl /mnt/test.txt
# file: /mnt/test.txt
D::OWNER@:x
A::OWNER@:rwatTcCy
A::1000:rxtcy
A::GROUP@:rtcy
A::EVERYONE@:rtcy

7. 从文件中替换ACL规则
[root@client ~]# vim acl-list.txt 
A::1000:tcy

[root@client ~]# nfs4_setfacl -S acl-list.txt /mnt/test.txt
[root@client ~]# nfs4_getfacl /mnt/test.txt
# file: /mnt/test.txt
A::OWNER@:tTcCy
A::1000:tcy
A::GROUP@:tcy
A::EVERYONE@:tcy

8. 替换指定的ACL规则
[root@client ~]# nfs4_getfacl /mnt/test.txt
# file: /mnt/test.txt
A::OWNER@:tTcCy
A::1000:tcy
A::GROUP@:tcy
A::EVERYONE@:tcy

[root@client ~]# nfs4_setfacl -m A::EVERYONE@:tcy A::EVERYONE@:RX /mnt/test.txt
[root@client ~]# nfs4_getfacl /mnt/test.txt
# file: /mnt/test.txt
A::OWNER@:rxtTcCy
A::1000:rxtcy
A::GROUP@:rxtcy
A::EVERYONE@:rxtcy