Linux NFS Configuration
Internal
Exports Configurations
The exported filesystems are specified in /etc/exports and in files available in the /etc/exports.d directory.
The file /etc/exports contains a table of local physical file systems to be made accessible to the NFS clients.
If filesystems are specified in both /etc/exports and /etc/exports.d files, all filesystems are exported.
Export Options
The following export options are used in /etc/exports.
Client Specification
NFS clients may be specified in a number of ways:
Single Host
A host may be specified either by an abbreviated name recognized be the resolver, the fully qualified domain name, an IPv4 address, or an IPv6 address. IPv6 addresses must not be inside square brackets in /etc/exports lest they be confused with character-class wildcard matches.
IP networks
Directories may be exported to all hosts on an IP (sub-) network simultaneously. This is done by specifying an IP address and netmask pair as address/netmask where the netmask can be specified in dotted-decimal format, or as a contiguous mask length. For example, either `/255.255.252.0' or `/22' appended to the network base IPv4 address results in identical subnetworks with 10 bits of host. IPv6 addresses must use a contiguous mask length and must not be inside square brackets to avoid confusion with character-class wildcards. Wildcard characters generally do not work on IP addresses, though they may work by accident when reverse DNS lookups fail.
Wildcards
Machine names may contain the wildcard characters * and ?, or may contain character class lists within [square brackets]. This can be used to make the exports file more compact; for instance, *.cs.foo.edu matches all hosts in the domain cs.foo.edu. As these characters also match the dots in a domain name, the given pattern will also match all hosts within any subdomain of cs.foo.edu.
anonymous
This is specified by a single * character (not to be confused with the wildcard entry above) and will match all clients:
/opt/share0 *(rw,sync,no_root_squash,no_subtree_check)
rw
This option allows both read and write.
sync
The requests to the exported directory are confirmed only after the changes are committed.
no_subtree_check
This option prevents the subtree checking. When a shared directory is the subdirectory of a larger filesystem, nfs performs scans of every directory above it, in order to verify its permissions and details. Disabling the subtree check may increase the reliability of NFS, but reduce security.
no_root_squash
This phrase allows root to connect to the designated directory.
Mount Options
Also see:
dirsync
All directory updates within the filesystem should be done synchronously. This affects the following system calls: creat, link, unlink, symlink, mkdir, rmdir, mknod and rename.
nolock
_netdev, bg
_netdev prevents the mount before the network is up. bg is background so it will proceed with boot if nfs server not available, it will keep trying in background until available.