7.6. Network File System (NFS) Services

Linux can act as both client and server for file systems shared using the Network File System (NFS) protocol, which is the defacto standard for providing file system mounts among Unix systems.

Note: Note: Please be aware that having an NFS service available on your system can be a security risk. Personally, I don't recommend using it.

In order to use NFS, you will need to ensure that NFS support has been included in your kernel or kernel modules. See Section 10.4 for details on how to upgrade or customize the Linux kernel.

NFS shares are configured by modifying the ``/etc/exports'' file. Here are some example entries, showing some of the options available:

/archive spock.mydomain.name(ro)  
/archive2 spock.mydomain.name(ro)  
/mnt/cdrom other.domain(ro)

The first couple of lines allow the host, ``spock.mydomain.name'' access to both the ``/archive'' as well as the ``/archive2'' directories via NFS. These shares are made available read-only with the ``(ro)'' option. For security reasons, it is a good idea to do this for all of your NFS shares if at all possible.

The third line will allow any host in the ``domain.name'' domain name space to access the CD-ROM drive. Of course, it is necessary to mount the CD-ROM device to ``/mnt/cdrom'' first.

Note: Note: Using the ``(ro))'' option to mark this device read-only may seem a bit redundant, however doing so will prevent a miscreant from writing to a real file system should the CD-ROM device not be mounted.

After you have made changes to the ``/etc/exports'' file, you will need to restart the NFS daemon. To do so, type:

/etc/rc.d/init.d/nfs restart

You can also configure your NFS mount points with the ``Network Configurator'' tool included in the ``Linuxconf'' utility. For more information on the Linuxconf utility, see Section 7.7.

More information on NFS can be found in the ``NFS-HOWTO'' guide at http://metalab.unc.edu/LDP/HOWTO/NFS-HOWTO.html, as well as in the man pages on ``nfsd'' and ``exports''.