LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   NFSv4 and hosts.deny, hosts.allow (http://www.linuxquestions.org/questions/linux-server-73/nfsv4-and-hosts-deny-hosts-allow-735312/)

wizangzing 06-24-2009 11:31 AM

NFSv4 and hosts.deny, hosts.allow
 
I'm setting up some NFSv4 shares and am not using kerberos. I know in the NFSv3 days it was recommended to set up /etc/hosts.allow and /etc/hosts.deny as follows.

I have 3 questions:

-1- is this still needed with nfs4?

-2- is this the right list of daemons for NFS v4?

-3- what else might be affected by these restrictions? Apache, mysql or samba, for example? I don't want to lock anything but NFS down without full knowledge of the consequences.

Thanks!


in /etc/hosts.deny disable services for all hosts:

portmap:ALL
lockd:ALL
mountd:ALL
rquotad:ALL
statd:ALL


in /etc/hosts.allow enable the services for trusted hosts:

portmap : 192.168.16.13 192.168.16.24
lockd : 192.168.16.13 192.168.16.24
mountd : 192.168.16.13 192.168.16.24
rquotad : 192.168.16.13 192.168.16.24
statd : 192.168.16.13 192.168.16.24

chrism01 06-25-2009 03:09 AM

NFS v4
Quote:

NFSv4 has no interaction with portmapper, rpc.mountd, rpc.lockd, and rpc.statd, since protocol support has been incorporated into the v4 protocol. NFSv4 listens on the well known TCP port (2049) which eliminates the need for the portmapper interaction. The mounting and locking protocols have been incorpated into the V4 protocol which eliminates the need for interaction with rpc.mountd and rpc.lockd.
http://www.centos.org/docs/5/html/De...US/ch-nfs.html

wizangzing 07-06-2009 10:43 PM

Thanks!


All times are GMT -5. The time now is 01:28 AM.