ubuntu 20.04配置nfs服务

最新推荐文章于 2025-03-18 14:58:27 发布

roomtt

最新推荐文章于 2025-03-18 14:58:27 发布

阅读量1.8k

点赞数 12

文章标签： ubuntu linux

本文链接：https://blog.csdn.net/roomtt/article/details/138042651

版权

本文详细介绍了如何在Ubuntu系统上安装NFS服务，包括设置nfs服务器、创建共享文件夹、配置出口规则，以及固定并管理rpc服务端口如mountd、status和nlockmgr，并配合防火墙规则的调整，确保NFS服务的安全运行。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

1.安装NFS服务软件包

sudo apt update
sudo apt install nfs-kernel-server
##安装客户端，非必要##
sudo apt install nfs-common

2.创建nfs的文件夹，修改权限

mkdir -p /home/lin/nfs
chmod 777 /home/lin/nfs

3.配置nfs目录

sudo vi /etc/exports
##在文件后面添加内容##
# /etc/exports: the access control list for filesystems which may be exported
#               to NFS clients.  See exports(5).
#
# Example for NFSv2 and NFSv3:
# /srv/homes       hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
#
# Example for NFSv4:
# /srv/nfs4        gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
# /srv/nfs4/homes  gss/krb5i(rw,sync,no_subtree_check)
#
/home/lin/nfs *(rw,sync,no_subtree_check)

调用命令使其生效

sudo exportfs -ra

4.修改固定端口

使用rpcinfo来查看nfs服务中所使用的端口

rpcinfo -p localhost

nfs使用到的端口中，2049，111是固定的端口号，但是status,mountd,nolockmgr使用的是动态的端口，对于配置ufw不方便，所在把这把端口号修改为固定的，方便配置ufw。

A.修改`/etc/default/nfs-common`文件，配置status服务端口为4000

# Options for rpc.statd.
#   Should rpc.statd listen on a specific port? This is especially useful
#   when you have a port-based firewall. To use a fixed port, set this
#   this variable to a statd argument like: "--port 4000 --outgoing-port 4001".
#   For more information, see rpc.statd(8) or http://wiki.debian.org/SecuringNFS
STATDOPTS="--port 4000"

B.修改`/etc/default/nfs-kernel-server`文件，配置`mountd`服务端口为4001

由于板子端用的协议nfs协议比较老旧，需要在nfs服务配置v2,v3版本生效

在末端加上

# Number of servers to start up
RPCNFSDCOUNT=8

# Runtime priority of server (see nice(1))
RPCNFSDPRIORITY=0

# Options for rpc.mountd.
# If you have a port-based firewall, you might want to set up
# a fixed port here using the --port option. For more information, 
# see rpc.mountd(8) or http://wiki.debian.org/SecuringNFS
# To disable NFSv4 on the server, specify '--no-nfs-version 4' here
RPCMOUNTDOPTS="--manage-gids -p 4001"

# Do you want to start the svcgssd daemon? It is only required for Kerberos
# exports. Valid alternatives are "yes" and "no"; the default is "no".
NEED_SVCGSSD=""

# Options for rpc.svcgssd.
RPCSVCGSSDOPTS=""

RPCNFSDOPTS="--nfs-version 2,3,4 --debug --syslog"

C.创建`/etc/modprobe.d/options.conf`文件，添加如下内容，配置`nlockmgr`端口为4002

options lockd nlm_udpport=4002 nlm_tcpport=4002

然后在/etc/modules文件中添加lockd，

# /etc/modules: kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
lockd

参考博文：https://blog.csdn.net/bryanwang_3099/article/details/114702374

5.设置防火墙放行规则

sudo ufw allow 111/tcp
sudo ufw allow 111/udp
sudo ufw allow 2049/tcp
sudo ufw allow 2049/udp
sudo ufw allow 4000/tcp
sudo ufw allow 4000/udp
sudo ufw allow 4001/tcp
sudo ufw allow 4001/udp
sudo ufw allow 4002/tcp
sudo ufw allow 4002/udp

6.设置nfs服务生效

sudo systemctl start nfs-kernel-server
sudo systemctl enable nfs-kernel-server

由于修改了固定端口号，需要重启一下ubuntu