Synology NAS Procedure Share a NFS Folder: Difference between revisions
Line 56: | Line 56: | ||
# Kerberos privacy | # Kerberos privacy | ||
"Enable asynchronous": Checking this option allows your Synology NAS to reply to requests from NFS clients before any changes to files are completed, yielding better performance. ''Check'''. | "Enable asynchronous": Checking this option allows your Synology NAS to reply to requests from NFS clients before any changes to files are completed, yielding better performance. '''Check'''. | ||
"Allow connections from non-privileged ports (ports higher than 1024)": Checking this option allows NFS clients to use non-privileged ports (i.e. ports greater than 1024) when connecting to the Synology NAS. '''Do Not Check'''. | "Allow connections from non-privileged ports (ports higher than 1024)": Checking this option allows NFS clients to use non-privileged ports (i.e. ports greater than 1024) when connecting to the Synology NAS. '''Do Not Check'''. | ||
"Allow users to access mounted subfolders": Checking this option allows NFS clients to access mounted subfolders. '''Check''' | "Allow users to access mounted subfolders": Checking this option allows NFS clients to access mounted subfolders. '''Check''' |
Revision as of 02:49, 15 May 2018
External
Internal
Overview
If the NFS service has not been setup yet, set it up:
Procedure
Main Menu -> Control Panel -> Shard Folder -> Create
Name: The name specified here will propagate as mount path: /volumeX/shared-folder-name
Description:
Volume:
Check "Hide this shared folder in 'My Network Places'"
Check "Hide sub-folders and files from users without permissions"
Leave "Enable Recycle Bin" unchecked.
Permissions
Advanced
NFS Permissions
Access can be restricted to a specific host or network, by specifying "Hostname or IP". The host may be specified in three ways:
- Single host.
- Wildcards *.example.com.
- Network segment: 203.74.205.32/255.255.255.0, 203.74.205.32/24.
Privilege:
- Read/Write
- Read only
Squash:
- "No mapping": Allows all users of NFS client, including root users, to maintain original access privileges.
- "Map root to admin": Assigns access privileges to root users of NFS client equivalent to the admin user access privileges on your system.
- "Map root to guest": Assigns access privileges to root users of NFS client equivalent to the guest access privileges on your system.
- "Map all users to admin": Assigns access privileges to all users of NFS client equivalent to the admin user access privileges on your system.
Security:
- AUTH_SYS: Use the NFS client's UID (user identifier) and GID (group identifier) to check access permissions. The client must have exactly the same numerical UID (user identifier) and GID (group identifier) on the NFS client and Synology NAS, or else the client will be assigned the permissions of others when accessing the shared folder. To avoid any permissions conflicts, you can select Map all users to admin from Squash or give "Everyone" permissions to the shared folder.
- Kerberos authentication
- Kerberos integrity
- Kerberos privacy
"Enable asynchronous": Checking this option allows your Synology NAS to reply to requests from NFS clients before any changes to files are completed, yielding better performance. Check.
"Allow connections from non-privileged ports (ports higher than 1024)": Checking this option allows NFS clients to use non-privileged ports (i.e. ports greater than 1024) when connecting to the Synology NAS. Do Not Check.
"Allow users to access mounted subfolders": Checking this option allows NFS clients to access mounted subfolders. Check