NFS provides a powerful mechanism for sharing files across a network.
When properly configured, remote computers can access entire filesystems on the NFS server as if they were locally stored.
Users never need to know the files reside remotely, and they can use any of the standard file manipulation tools.
By default, Red Hat Linux installs NFS and starts the NFS services automatically at boot. By simply editing the
administrators can give hosts around the world access to their Linux-held files.
This convenience is tempting, but incorrectly configuring your NFS server is potentially disastrous.
NFS does not provide much security itself, so the careful administrator must use other Linux-standard tools, like tcpd, to protect their NFS files.
Combining these other tools with the guidelines presented in this module will help prevent any misuse of your NFS files.
This module discussed how to
Describe the Network File System
Explain the relationship between remote procedure calls and NFS
Configure a NFS server
List potential NFS security problems and resolutions
Start and stop NFS
Display currently mounted NFS filesystems
Mount remote filesystems automatically with automounter
List common NFS problems and resolutions
This module introduced you to the following terms.
- Automount point: A directory monitored by automount.
- Client-server model: A computer design model, where servers offer up one or more services for client use.
- File access semantics: When a file is opened, closed, read from, or written to, certain guidelines, or semantics must be in place.
These semantics are "right-of-way" indicators, describing what happens when programs make conflicting requests. For example, a read/write
semantic would define who has the right-of-way when one program reads from a file that is being written to by another program.
- File Transfer Protocol (FTP): FTP is one way to move a file from computer to computer.
- Network File System (NFS): A network filesystem that allows remote filesystems to attach to the local filesystem. Once attached,
remote files are accessible the same way as local files.
- Remote procedure calls (RPC): A method for invoking a procedure (a specific section within a program) on a remote computer.
- Spoofing: Faking a hostname to bypass one or more security mechanisms.
- Tcpd: A program that provides host-based security for many Linux Internet applications.
- Unexport: The opposite of exporting. A jargon term meaning to make a previously exported NFS filesystem unavailable.
In the next module, you will learn about network file and print services with Samba and Mars.
Before moving on to the next module, click the Quiz link below to test your knowledge of network file services with NFS.
Network File Services - Quiz