架设一台NFS服务器,并按照以下要求配置
1、开放/nfs/shared目录 ,供所有用户查询资料
2、开放/nfs/upload目录 ,为192.168.100.0/24网段主机可以上传目录,
并将所有用户及所属的组映射为nfs-upload,其UID和GID均为210
3、将/home/tom 目录仅共享给192.168.100.136这台主机,并只有用户tom可以完全访问该目录
注意: tom是- -一个用户目录,并且在客户端创建tom用户一定与服务端的tom用户的uid/gid保持一致。
首先装包,关闭防护墙
给文件相关的配置
[root@localhost ztx]# vim /etc/exports
[root@localhost ztx]# mkdir -p /nfs/shared
[root@localhost ztx]# systemctl restart rpcbind
[root@localhost ztx]# systemctl restart nfs-server.service
[root@localhost ztx]# showmount -e
Export list for localhost.localdomain:
/nfs/shared *
关闭防火墙
[root@localhost ztx]# systemctl stop firewalld.service
[root@localhost ztx]# setenforce 0
客户端测试
创建目录并挂载
[root@localhost admin]# mkdir -p /client/1
[root@localhost etc]# mount -t nfs 192.168.101.131:/nfs/shared /client/1
服务端
客户端
开放/nfs/upload
服务端:
[root@localhost shared]# mkdir -pv /nfs/upload
[root@localhost shared]# vim /etc/exports
服务端
重新加载测试
[root@localhost shared]# exportfs -ra
[root@localhost shared]# showmount -e 192.168.101.131
Export list for 192.168.101.131:
/nfs/shared *
/nfs/upload 192.168.101.0/24
创建用户
[root@localhost shared]# groupadd -g 210 nfs-upload
[root@localhost shared]# useradd -u 210 nfs-upload
客户端
创建目录
[root@localhost 1]# mkdir /client/2
[root@localhost 1]# mount 192.168.101.131:/nfs/upload /client/2
服务端创建文件客户端查看
这时在客户端创建不了文件,没有权限,去服务端给它权限
[root@localhost nfs]# chmod o+w upload/
客户端
[root@localhost 2]# touch file
[root@localhost 2]# ll
total 4
-rw-r--r--. 1 2001 2001 0 Apr 1 05:38 file
-rw-r--r--. 1 root root 4 Apr 1 05:30 test
服务端
创建用户,修改配置
[root@localhost upload]# useradd -u 1111 tom
[root@localhost upload]# id tom
uid=1111(tom) gid=1111(tom) groups=1111(tom)
[root@localhost upload]# passwd tom
Changing password for user tom.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[root@localhost upload]# vim /etc/exports
测试
[root@localhost upload]# exportfs -ra
[root@localhost upload]# showmount -e 192.168.101.131
Export list for 192.168.101.131:
/nfs/shared *
/home/tom 192.168.101.131/24
/nfs/upload 192.168.101.0/24
客户端
[root@localhost 2]# useradd -u 1111 jhon
[root@localhost 2]# id jhon
uid=1111(jhon) gid=1111(jhon) groups=1111(jhon)
[root@localhost 2]# passwd jhon
Changing password for user jhon.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[root@localhost 2]# mkdir /client/3
[root@localhost 2]# mount 192.168.101.131:/home/tom /client/3
服务端创建文件
[root@localhost tom]# touch test
[root@localhost tom]# ll
total 0
-rw-r--r--. 1 root root 0 Apr 1 05:47 test
客户端用jhon用户查看
[root@localhost 2]# su jhon
[jhon@localhost 2]$ cd /client/3
[jhon@localhost 3]$ ll
total 0
-rw-r--r--. 1 root root 0 Apr 1 05:47 test