NFS Exports Basics
What is NFS?
Network File System (NFS) is a distributed file system protocol that allows a user to access files over a network in a manner similar to local file access. Developed by Sun Microsystems, NFS enables seamless file sharing between Unix and Linux systems.
NFS Export Fundamentals
NFS exports are directories or file systems that a server makes available to other network clients. These exports are configured in the /etc/exports
configuration file, which defines:
- Shared directories
- Client access permissions
- Access control options
Key Export Parameters
Parameter |
Description |
Example |
ro |
Read-only access |
/home 192.168.1.0/24(ro) |
rw |
Read-write access |
/data 10.0.0.0/16(rw) |
root_squash |
Prevent root user from having root privileges |
*(root_squash) |
no_root_squash |
Allow root user full access |
*(no_root_squash) |
Basic NFS Configuration Workflow
graph TD
A[Configure NFS Server] --> B[Define Exports in /etc/exports]
B --> C[Start NFS Service]
C --> D[Configure Firewall]
D --> E[Mount NFS Shares on Clients]
Example NFS Export Configuration
## Install NFS server
sudo apt update
sudo apt install nfs-kernel-server
## Create directory to export
sudo mkdir /opt/shared
## Configure /etc/exports
sudo echo "/opt/shared 192.168.1.0/24(rw,sync,no_subtree_check)" >> /etc/exports
## Reload exports
sudo exportfs -a
## Start NFS service
sudo systemctl start nfs-kernel-server
Security Considerations
- Always use network-level restrictions
- Implement proper authentication
- Use minimal export permissions
- Regularly audit NFS configurations
By understanding these NFS export basics, you'll be well-prepared to explore potential unauthorized access risks in the upcoming sections. LabEx recommends practicing these configurations in a controlled environment to gain practical experience.