NFSv4 and hosts.deny, hosts.allow
I'm setting up some NFSv4 shares and am not using kerberos. I know in the NFSv3 days it was recommended to set up /etc/hosts.allow and /etc/hosts.deny as follows.
I have 3 questions:
-1- is this still needed with nfs4?
-2- is this the right list of daemons for NFS v4?
-3- what else might be affected by these restrictions? Apache, mysql or samba, for example? I don't want to lock anything but NFS down without full knowledge of the consequences.
Thanks!
in /etc/hosts.deny disable services for all hosts:
portmap:ALL
lockd:ALL
mountd:ALL
rquotad:ALL
statd:ALL
in /etc/hosts.allow enable the services for trusted hosts:
portmap : 192.168.16.13 192.168.16.24
lockd : 192.168.16.13 192.168.16.24
mountd : 192.168.16.13 192.168.16.24
rquotad : 192.168.16.13 192.168.16.24
statd : 192.168.16.13 192.168.16.24
Last edited by wizangzing; 06-24-2009 at 11:35 AM.
|