NFS服务器配置教程及代码.doc

rootlocalhost CDROM# pwd/media/CDROMrootlocalhost CDROM# cp /media/CDROM/Server/vsftpd-2.0.5-10.el5.i386.rpm /home/cyyrootlocalhost CDROM# cd /home/cyyrootlocalhost cyy# lsDesktop hello.txt vsftpd-2.0.5-10.el5.i386.rpmrootlocalhost cyy# rpm -ivh vsftpd-2.0.5-10.el5.i386.rpm warning: vsftpd-2.0.5-10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186Preparing. # 100% 1:vsftpd # 100%rootlocalhost vsftpd# grep -v # /etc/vsftpd/vsftpd.confanonymous_enable=YESlocal_enable=YESwrite_enable=YESlocal_umask=022dirmessage_enable=YESxferlog_enable=YESconnect_from_port_20=YESxferlog_std_format=YESlisten=YESpam_service_name=vsftpduserlist_enable=YEStcp_wrappers=YESrootlocalhost vsftpd# ls -a. . ftpusers user_list vsftpd.conf vsftpd_conf_migrate.shrootlocalhost vsftpd# mv /etc/vsftpd/vsftpd.conf,.orgrootlocalhost vsftpd# lsftpusers user_list vsftpd_conf_migrate.sh rootlocalhost etc# cp /usr/share/doc/vsftpd-2.0.5/EXAMPLE/INTERNET_SITE_NOINETD/vsftpd.conf /etc/vsftpd/cp: overwrite /etc/vsftpd/vsftpd.conf?rootlocalhost etc# cd /etc/vsftpdrootlocalhost vsftpd# cp vsftpd.conf vsftpd.conf.anon_readonlyrootlocalhost vsftpd# vi vsftpd.confwrite_enable=YESanon_upload_enable=YESanon_mkdir_write_enable=YESanon_other_write_enable=YESrootlocalhost vsftpd# mkdir /var/ftp/incomingrootlocalhost vsftpd# cd /var/ftprootlocalhost ftp# lsincoming pubrootlocalhost ftp# ls -ltotal 16drwxr-xr-x 2 root root 4096 Apr 21 03:15 incomingdrwxr-xr-x 2 root root 4096 Jan 17 2007 pubrootlocalhost ftp# chown ftp /var/ftp/incomingrootlocalhost ftp# ls -ltotal 16drwxr-xr-x 2 ftp root 4096 Apr 21 03:15 incomingdrwxr-xr-x 2 root root 4096 Jan 17 2007 pubrootlocalhost ftp# service vsftpd restartShutting down vsftpd: FAILEDStarting vsftpd for vsftpd: OK rootlocalhost ftp# lftp ftp:/localhost/incomingcd ok, cwd=/incoming lftp localhost:/incoming put /home/cyy/hello.txtput: Access failed: 553 Could not create file. (hello.txt)lftp localhost:/incoming lslftp localhost:/incoming mkdir moimkdir: Access failed: 550 Create directory operation failed. (moi)上面文件上传失败，目录创建失败，原因是SELinux没有设置好， SELinux(Security-Enhanced Linux) 是美国国家安全局（NSA）对于强制访问控制的实现，是 Linux 上最杰出的新安全子系统。NSA是在Linux社区的帮助下开发了一种访问控制体系，在这种访问控制体系的限制下，进程只能访问那些在他的任务中所需要文件。SELinux 默认安装在 Fedora 和 Red Hat Enterprise Linux 上，也可以作为其他发行版上容易安装的包得到。下面是SELinux设置方法rootlocalhost vsftpd# getenforceEnforcingrootlocalhost vsftpd# setenforce 0rootlocalhost vsftpd# getenforcePermissiverootlocalhost vsftpd# lftp ftp:/localhost/incomingcd ok, cwd=/incoming lftp localhost:/incoming put /home/cyy/hello.txtlftp localhost:/incoming ls-rw- 1 ftp ftp 0 Apr 21 10:47 hello.txtlftp localhost:/incoming mkdir mydirmkdir ok, mydir createdlftp localhost:/incoming ls-rw- 1 ftp ftp 0 Apr 21 10:47 hello.txtdrwx- 2 ftp ftp 4096 Apr 21 10:54 mydirlftp localhost:/incoming rm hello.txtrm ok, hello.txt removedlftp localhost:/incoming lsdrwx- 2 ftp ftp 4096 Apr 21 10:54 mydirlftp localhost:/incoming rm mydirrm: Access failed: 550 Delete operation failed. (mydir)lftp localhost:/incoming lsdrwx- 2 ftp ftp 4096 Apr 21 10:54 mydirlftp localhost:/incoming quitrootlocalhost vsftpd# cp vsftpd.confrootlocalhost vsftpd# vi vsftpd.confpam_service_name=vsftpduerlist_enable=YEStcp_wrappers=YESlocal_max_rate=50000anon_max_rate=30000max_per_ip=5user_config_dir=/etc/vsftpd/userconfrootlocalhost vsftpd# cp vsftpd.conf,.max_rate-and-per_iprootlocalhost vsftpd# useradd user1rootlocalhost vsftpd# passwd user1Changing password for user user1.New UNIX password: Retype new UNIX password: passwd: all authentication tokens updated successfully.rootlocalhost vsftpd# useradd user2 rootlocalhost vsftpd# passwd user2Changing password for user user2.New UNIX password: Retype new UNIX password: passwd: all authentication tokens updated successfully.rootlocalhost vsftpd# mkdir /etc/vsftpd/userconfrootlocalhost vsftpd# vi /etc/vsftpd/userconf/user1local_max_rate=250000rootlocalhost vsftpd# vi /etc/vsftpd/userconf/user2max_per_ip=20local_max_rate=500000rootlocalhost vsftpd# service vsftpd restartShutting down vsftpd: OK Starting vsftpd for vsftpd: OK rootinfoschool cyy# chkconfig -level 3 portmap onrootinfoschool cyy# chkconfig -level 3 nfs onrootinfoschool cyy# service portmap startStarting portmap: OK rootinfoschool cyy# service nfs startStarting NFS services: OK Starting NFS quotas: OK Starting NFS daemon: OK Starting NFS mountd: OK rootinfoschool cyy# vi /etc/exports/back /24(rw) rootinfoschool cyy# cd /rootinfoschool /# lsbin dev home lost+found misc net proc sbin srv tmp varboot etc lib media mnt opt root selinux sys usrrootinfoschool /# mkdir backuprootinfoschool /# lsbackup boot etc lib media mnt opt root selinux sys usrbin dev home lost+found misc net proc sbin srv tmp varrootinfoschool /# cd /var/ftprootinfoschool ftp# lsincoming pubrootinfoschool ftp# service portmap restartStopping portmap: OK Starting portmap: OK rootinfoschool ftp# service nfs restartShutting down NFS mountd: OK Shutting down NFS daemon: OK Shutting down NFS quotas: OK Shutting down NFS services: OK Starting NFS services: OK Starting NFS quotas: OK Starting NFS daemon: OK Starting NFS mountd: OK rootinfoschool ftp# exportfs -rv/重新挂载exporting /24:/var/ftp/incomingexporting host?:/srv/wwwexporting *:/var/ftp/pubexporting *:/backup rootinfoschool ftp# cat /var/lib/nfs/etab/var/ftp/incoming /24(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,all_squash,no_subtree_check,secure_locks,acl,mapping=identity,anonuid=14,anongid=50)/srv/www host?(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,mapping=identity,anonuid=65534,anongid=65534)/var/ftp/pub *(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,mapping=identity,anonuid=65534,anongid=65534)/backup *(rw,sync,wdelay,hide,nocrossmnt,secure,no_root_squash,no_all_squash,no_subtree_check,secure_locks,acl,mapping=identity,anonuid=65534,anongid=65534) rootinfoschool ftp# vi /etc/sysconfig/nfsRQUOTAD_PORT=4001LOCKD_UDPPORT=4002LOCKD_TCPPORT=4002MOUNTD_PORT=4003STATD_PORT=4004rootinfoschool ftp# service nfs restartShutting down NFS mountd: OK Shutting down NFS daemon: OK Shutting down NFS quotas: OK Shutting down NFS services: OK Starting NFS services: OK Starting NFS quotas: OK Starting NFS daemon: OK Starting NFS mountd: OK rootinfoschool ftp# rpcinfo -p program vers proto port 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100024 1 udp 963 status 100024 1 tcp 966 status 100011 1 udp 4001 rquotad 100011 2 udp 4001 rquotad 100011 1 tcp 4001 rquotad 100011 2 tcp 4001 rquotad 100003 2 udp 2049 nfs 100003 3 udp 2049 nfs 100003 4 udp 2049 nfs 100003 2 tcp 2049 nfs 100003 3 tcp 2049 nfs 100003 4 tcp 2049 nfs 100021 1 udp 4002 nlockmgr 100021 3 udp 4002 nlockmgr 100021 4 udp 4002 nlockmgr 100021 1 tcp 4002 nlockmgr 100021 3 tcp 4002 nlockmgr 100021 4 tcp 4002 nlockmgr 100005 1 udp 4003 mountd 100005 1 tcp 4003 mountd 100005 2 udp 4003 mountd 100005 2 tcp 4003 mountd 100005 3 udp 4003 mountd 100005 3 tcp 4003 mountdrootinfoschool ftp# showmount -e localhostExport list for localhost