Explain the NFS server daemons.

62.Explain the NFS server daemons.
Ans.
NFS server needs following daemons:
1. /sbin/rpc.lockd
It starts kernel’s lock manager.

2. /usr/sbin/rpc.mountd
It processes nfs client’s mount requests.

3. /usr/portmap
It allows client’s to discover services available on the NFS server.

4. /sbin/rpc.statd
It manages lock recovery in case of server crash

5. /usr/sbin/rpc.nfsd
It provides all nfs services other than file locking and quotas.

6. /usr/sbin/rpc.rquotad
It provides NFS client’s quota information of NFS exports.

7. rpc.gssd
Creates security contexts on RPC clients for exchanging RPC information using SecureRPC (RPCSEC) using GSS.

8. rpc.svcgssd
Creates security contexts on RPC servers for exchanging RPC information using SecureRPC (RPCSEC) using GSS.

9. rpc.idmapd
Maps local user and group names to NFSv4 IDs (and vice versa).

10. To start the NFS services there are two commands as follows:
#service nfs start
#/etc/rc.d/init.d/nfs.start

11. The startup scripts starts eight copies of nfsd to enable the server to process multiple request simultaneously. If user wants to change this value then edit /etc/sysconfig/nfs and add a line as follow:
RPSNFDCOUNT =n
n will be replaced by the number of nfsd process according to user.
Example:
#cat>/etc/sysconfig/nfs
RPSNFDCOUNT = 16

Comments

Java,ES,QT practical files

All practical files: Click below to start download Uploaded on special request||||

Vidyalankar Question paper solutions

Download from their website: http://www.vidyalankar.org/index.aspx or just click here to download

Discuss security issues in Network File system.

71.Discuss security issues in Network File system. Ans. 1. NFS protocol version 3 and older have some security problems that make it unsuitable for use across the Internet and potentially unsafe for use even in trusted network. 2. One NFS weakness, in general terms, is the /etc/exports file, if a cracker is able to spoof or take over a trusted address, an address listed in /etc/exports then your exported NFS mount are accessible. 3. NFS has normal Linux file system access controls that take over once a client has mounted an NFS export, once this happens normal user and group permissions on the files take over access control. 4. The 1st way to defense is to use host access control, to limit access to services , particularly the portmapper, which has long been target of exploits attempts. 5. For this add the entries in /etc/hosts.clevy lockd, statd, mountd and rquoted. 6. Careful use of IS packet firewall, using netfilter, dramatically increases NFS server security. ...

Ultimate IT solutions

Search This Blog