LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page NFSv4 and hosts.deny, hosts.allow
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 06-24-2009, 10:31 AM   #1
wizangzing
LQ Newbie
 
Registered: Jun 2009
Posts: 2

Rep: Reputation: 0
NFSv4 and hosts.deny, hosts.allow

I'm setting up some NFSv4 shares and am not using kerberos. I know in the NFSv3 days it was recommended to set up /etc/hosts.allow and /etc/hosts.deny as follows.

I have 3 questions:

-1- is this still needed with nfs4?

-2- is this the right list of daemons for NFS v4?

-3- what else might be affected by these restrictions? Apache, mysql or samba, for example? I don't want to lock anything but NFS down without full knowledge of the consequences.

Thanks!


in /etc/hosts.deny disable services for all hosts:

portmap:ALL
lockd:ALL
mountd:ALL
rquotad:ALL
statd:ALL

in /etc/hosts.allow enable the services for trusted hosts:

portmap : 192.168.16.13 192.168.16.24
lockd : 192.168.16.13 192.168.16.24
mountd : 192.168.16.13 192.168.16.24
rquotad : 192.168.16.13 192.168.16.24
statd : 192.168.16.13 192.168.16.24
Last edited by wizangzing; 06-24-2009 at 10:35 AM.
 
Old 06-25-2009, 02:09 AM   #2
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Rocky 9.2
Posts: 18,359

Rep: Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751
NFS v4
Quote:
NFSv4 has no interaction with portmapper, rpc.mountd, rpc.lockd, and rpc.statd, since protocol support has been incorporated into the v4 protocol. NFSv4 listens on the well known TCP port (2049) which eliminates the need for the portmapper interaction. The mounting and locking protocols have been incorpated into the V4 protocol which eliminates the need for interaction with rpc.mountd and rpc.lockd.
http://www.centos.org/docs/5/html/De...US/ch-nfs.html
 
Old 07-06-2009, 09:43 PM   #3
wizangzing
LQ Newbie
 
Registered: Jun 2009
Posts: 2

Original Poster
Rep: Reputation: 0
Thanks!
 
  


Reply

Tags
configuration, nfs, security, server



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
can't restrict sshd access through hosts.allow and hosts.deny but was working earlier farhan Linux - Security 4 04-18-2008 07:41 AM
Feisty: hosts.allow hosts.deny not present Thane Ubuntu 1 07-08-2007 01:16 PM
/etc/hosts.deny/hosts.allow have no effect on sshd access bganesh Linux - Security 4 05-04-2006 08:06 PM
hosts.allow & hosts.deny question... jonc Linux - Security 9 03-05-2005 09:41 PM
Adding shell commands to hosts.deny and hosts.allow ridertech Linux - Security 3 12-29-2003 03:52 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 03:31 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration