The network user information service (NIS) enables you to create accounts on your network and share in all systems. This account can only be created on the NIS server. NIS need to download the client username and password data from the NIS server to verify the user's login, users only need to change their passwords on the NIS server, but not every system on the network to change the password used in some distributed software development project and the group members must share many different Server conditions.

    NFS is the abbreviation of Network FileSystem, the biggest function is through the network, so that different machines, different operating systems, can share each other's files (share). So, you can simply see him as a file server, the NFS server allows you to PC to a remote NFS host network shared directory, mounted to the local machine, the local machine looks, the remote host directory is like a disk yourself using the above separation trough, considerable convenience!

CentOS release 6.5 (Final)

192.168.3.211  master     

192.168.3.212  slave      

192.168.3.213  client          

                    

NIS RPM will be installed on the server and client, ypserve and yp-tools on the server, ypbind and yp-tools on the client side.

Ypserv ------- NIS server main program package (both the master server)

Portmap ------- The management of RPC links, start the necessary software package (NFS)

Ypbind  ------ NIS client query instruction software

Yp-tools ------ NIS client software package setting function


The following resolution is added to the hosts file in each machine (because there is no DNS server)


[root@master~]# vim /etc/hosts

127.0.0.1    localhost.localdomain localhost

::1          localhost6.localdomain6 localhost6

192.168.3.211       master

192.168.3.212       slave

192.168.3.213       client

  

  Ensure that NIS services required for ypserv, ypbind, yp-tools, and portmap packages have been installed。

[root@masteryp]# rpm -qa |grep ypserv

ypserv-2.19-31.el6.x86_64

[root@masteryp]# rpm -qa |grep ypbind

ypbind-1.20.4-33.el6.x86_64

[root@masteryrpm -qa |grep yp-tools

yp-tools-2.9-12.el6.x86_64

[root@masteryp]# rpm -qa |grep rpcbind

rpcbind-0.2.0-11.el6.x86_64

 

Set NIS domain

Method 1

[root@master~]# vim /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=master

NISDOMAIN=ccw

(永久性的,但是需要重启机器)

Method2

[root@master~]# nisdomainname ccw

使用nisdomainname ccw也可以,不过是临时的,启动后就失效了

所以添加到启动时要执行的脚本里如echo nisdomainnameccw >> /etc/rc.local 就可以实现永久性的配置了。

 

设置NIS主配置文件/etc/ypserv.conf

[root@master~]# vim /etc/ypserv.conf

# youhave a Linux net.

# Shouldwe do DNS lookups for hosts not found in the hosts table ?

# Thisoption is ignored in the moment.

dns: no

 

# Howmany map file handles should be cached ?

files:30

 

# Shouldwe register ypserv with SLP ?

# slp:no

# Afterhow many seconds we should re-register ypserv with SLP ?

#slp_timeout: 3600

 

# xfrrequests are only allowed from ports < 1024

xfr_check_port:yes

 

# Thefollowing, when uncommented,  will giveyou shadow like passwords.

# Notethat it will not work if you have slave NIS servers in your

#network that do not run the same server as you.

 

#Host                     : Domain  : Map              : Security

#

# *                        : *       : passwd.byname    : port

# *                        : *       : passwd.byuid     : port

 

127.0.0.1/255.255.255.0         : *    : * :none

192.168.0.0/255.255.252.0       : *    : * :none

*:*:*:deny

 

 

# Noteverybody should see the shadow passwords, not secure, since

# underMSDOG everbody is root and can access ports < 1024 !!!

*                          : *       : shadow.byname    : port

*                          : *       : passwd.adjunct.byname : port

 

# If youcomment out the next rule, ypserv and rpc.ypxfrd will

# lookfor YP_SECURE and YP_AUTHDES in the maps. This will make

# thesecurity check a little bit slower, but you only have to

# changethe keys on the master server, not the configuration files

# oneach NIS server.

# If youhave maps with YP_SECURE or YP_AUTHDES, you should create

# a rulefor them above, that's much faster.

# *                        : *       : *                : none

 

1dns:0    用于设置是否使用DNS系统,默认为no 我们设定本地解析即可

2files:30 预设是将30个数据库资料读入告诉缓存中,保持默认即可

3slp:no   如果需要SLP服务则设为yes 默认即可

  slp_timeout:3600 SLP超时设定

4xfr_check_port:yes用于主从结构的环境设yes表示主从同步数据时使用小于1024的端口

5、找到Host:domain:map:security的行(特别重点部分)

添加下面两行

127.0.0.1/255.255.255.0         : *    : * :none

192.168.0.0/255.255.252.0       : *    : * :none

*:*:*:deny

 

上面四列分别说明:

        (1)host   用于指定客户端 可以是ip 也可以是网段

        (2)domain  用于设置NIS域名,特别注意这个跟DNS的域名是不一样的

        (3)map    用于设置可用的数据库名称 默认*代表所有

        (4)security 安全设置参数有

                none 没限制 可以连NIS服务器

                port 只允许小于1-24以下的端口连接NIS服务器

                deny 拒绝链接NIS服务器

设定后需要重启服务,否则建立NIS数据库会报错

[root@master~]# service ypserv restart

StoppingYP server services:                               [  OK  ]

StartingYP server services:                               [  OK  ]

 

[root@master~]# /usr/lib64/yp/ypinit -m

 

At thispoint, we have to construct a list of the hosts which will run NIS

servers.  master is in the list of NIS serverhosts.  Please continue to add

thenames for the other hosts, one per line. When you are done with the

list,type a <control D>.

         next host to add:  master

         next host to add:  此处Ctrl+d即可

Thecurrent list of NIS servers looks like this:

 

master

 

Is thiscorrect?  [y/n: y]  此处y确认

We needa few minutes to build the databases...

Building/var/yp/ccw/ypservers...

Running/var/yp/Makefile...

gmake[1]:Entering directory `/var/yp/ccw'

Updatingpasswd.byname...

Updatingpasswd.byuid...

Updatinggroup.byname...

Updatinggroup.bygid...

Updatinghosts.byname...

Updatinghosts.byaddr...

Updatingrpc.byname...

Updatingrpc.bynumber...

Updatingservices.byname...

Updatingservices.byservicename...

Updatingnetid.byname...

Updatingprotocols.bynumber...

Updatingprotocols.byname...

Updatingmail.aliases...

gmake[1]:Leaving directory `/var/yp/ccw'

 

masterhas been set up as a NIS master server.

 

Now youcan run ypinit -s master on all slave server.

 

到对应的目录确认是否生成数据库

[root@master~]# cd /var/yp/ccw/

[root@masterccw]# ll -a

total2712

drwxr-xr-x.2 root root    4096 Feb 24 04:17 .

drwxr-xr-x.5 root root    4096 Feb 24 02:32 ..

-rw-------.1 root root   12440 Feb 24 04:17group.bygid

-rw-------.1 root root   12447 Feb 24 04:17group.byname

-rw-------.1 root root   12596 Feb 24 04:17hosts.byaddr

-rw-------.1 root root   12589 Feb 24 04:17hosts.byname

-rw-------.1 root root   13164 Feb 24 04:17mail.aliases

-rw-------.1 root root   13149 Feb 24 04:17netid.byname

-rw-------.1 root root   12743 Feb 24 04:17passwd.byname

-rw-------.1 root root   12736 Feb 24 04:17passwd.byuid

-rw-------.1 root root   28936 Feb 24 04:17protocols.byname

-rw-------.1 root root   14653 Feb 24 04:17protocols.bynumber

-rw-------.1 root root   16374 Feb 24 04:17rpc.byname

-rw-------.1 root root   14226 Feb 24 04:17rpc.bynumber

-rw-------.1 root root 1134592 Feb 24 04:17 services.byname

-rw-------.1 root root 1601575 Feb 24 04:17 services.byservicename

-rw-------.1 root root   12346 Feb 24 04:17ypservers

见数据库已生成

修改/var/yp/Makefile 文件 NOPUSH=true选项改成NOPUSH=false

[root@masterccw]# vim /var/yp/Makefile

 

# Makefile for the NIS databases

#

# This Makefile should only be run on the NIS master server of a domain.

# All updated maps will be pushed to all NIS slave servers listed in the

# /var/yp/ypservers file. Please make sure that the hostnames of all

# NIS servers in your domain are listed in /var/yp/ypservers.

#

# This Makefile can be modified to support more NIS maps if desired.

#


# Set the following variable to "-b" to have NIS servers use the domain

# name resolver for hosts not in the current domain. This is only needed,

# if you have SunOS slave YP server, which gets here maps from this

# server. The NYS YP server will ignore the YP_INTERDOMAIN key.

#B=-b

B=


# If we have only one server, we don't have to push the maps to the

# slave servers (NOPUSH=true). If you have slave servers, change this

# to "NOPUSH=false" and put all hostnames of your slave servers in the file

# /var/yp/ypservers.

NOPUSH=true

修改/var/yp/ypservers配置文件,指定要push到的从NIS服务器

添加NIS域中NIS服务器名称

[root@masterccw]# vim /var/yp/ypservers

master

slave

为了使主从NIS服务器完成数据同步 NIS需要启动ypxfrd服务

[root@masterccw]# service ypxfrd restart

StoppingYP map server:                                    [  OK  ]

StartingYP map server:                                    [  OK  ]

 

设置开机启动项

[root@masterccw]# chkconfig --list|grep yp

ypbind             0:off 1:off 2:off 3:off 4:off 5:off 6:off

yppasswdd        0:off 1:off 2:off 3:off 4:off 5:off 6:off

ypserv             0:off 1:off 2:off 3:off 4:off 5:off 6:off

ypxfrd              0:off 1:off 2:off 3:off 4:off 5:off 6:off

 [root@master ccw]# chkconfig ypserv  on

[root@masterccw]# chkconfig  ypxfrd  on

[root@masterccw]# chkconfig  yppasswdd on

[root@masterccw]# chkconfig  ypbind on

  

确保从NIS服务所需ypservypbindyp-toolsportmap软件包已经安装,如果没有则自行安装

[root@slave~]# rpm -qa |grep ypbind

ypbind-1.20.4-33.el6.x86_64

[root@slave~]# rpm -qa |grep ypserv

ypserv-2.19-31.el6.x86_64

[root@slave~]# rpm -qa |grep rpcbind

rpcbind-0.2.0-11.el6.x86_64

设置NIS域名

[root@slave~]# vim /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=slave

NISDOMAIN=ccw

 

[root@slave~]# vim /etc/rc.d/rc.local

#!/bin/sh

#

# Thisscript will be executed *after* all the other init scripts.

# Youcan put your own initialization stuff in here if you don't

# wantto do the full Sys V style init stuff.

 

touch/var/lock/subsys/local

/bin/nisdomainname    ccw

 

 

设置开机启动

[root@slave~]# chkconfig --list |grep yp

ypbind             0:off 1:off 2:off 3:off 4:off 5:off 6:off

yppasswdd        0:off 1:off 2:off 3:off 4:off 5:off 6:off

ypserv             0:off 1:off 2:off 3:off 4:off 5:off 6:off

ypxfrd              0:off 1:off 2:off 3:off 4:off 5:off 6:off

[root@slave~]# chkconfig  ypserv  on

[root@slave~]# chkconfig  ypbind  on

[root@slave~]# chkconfig  yppasswdd  on

[root@slave~]# chkconfig  ypxfrd on

[root@slave~]# chkconfig --list |grep yp

ypbind             0:off 1:off 2:on 3:on 4:on 5:on 6:off

yppasswdd        0:off 1:off 2:on 3:on 4:on 5:on 6:off

ypserv             0:off 1:off 2:on 3:on 4:on 5:on 6:off

ypxfrd              0:off 1:off 2:on 3:on 4:on 5:on 6:off

 

NIS服务器slavenis同步主NIS服务器nis数据库信息

[root@slaveyp]# /usr/lib64/yp/ypinit -s master

We willneed a few minutes to copy the data from master.

Transferringhosts.byaddr...

Tryingypxfrd ... success

 

Transferringypservers...

Tryingypxfrd ... success

 

Transferringpasswd.byuid...

Tryingypxfrd ... success

 

Transferringprotocols.bynumber...

Tryingypxfrd ... success

 

Transferringmail.aliases...

Tryingypxfrd ... success

 

Transferringpasswd.byname...

Tryingypxfrd ... success

 

Transferringrpc.byname...

Tryingypxfrd ... success

 

Transferringgroup.bygid...

Tryingypxfrd ... success

 

Transferringgroup.byname...

Tryingypxfrd ... success

 

Transferringrpc.bynumber...

Tryingypxfrd ... success

 

Transferringprotocols.byname...

Tryingypxfrd ... success

 

Transferringnetid.byname...

Tryingypxfrd ... success

 

Transferringhosts.byname...

Tryingypxfrd ... success

 

Transferringservices.byname...

Tryingypxfrd ... success

 

Transferringservices.byservicename...

Trying ypxfrd... success

 

 

slave'sNIS data base has been set up.

If therewere warnings, please figure out what went wrong, and fix it.

 

At thispoint, make sure that /etc/passwd and /etc/group have

beenedited so that when the NIS is activated, the data bases you

havejust created will be used, instead of the /etc ASCII files.


NIS服务器更新数据并使用ypinit-m命令重新生成数据库后,从NIS服务器上的数据就会不一致

我们可以在从NIS服务器上使用ypxfr命令同步数据库信息保持数据状态为最新

如果主NIS没更新 更新时通常是如下显示:

[root@slaveyp]# /usr/lib64/yp/ypxfr -h master passwd.byname

Map onMaster "master" is not newer

ypxfr:Master's version not newer

[root@slaveyp]# /usr/lib64/yp/ypxfr -h master passwd.byuid

Map onMaster "master" is not newer

ypxfr:Master's version not newer

如果主NIS有更新 更新时通常是如下显示:

[root@slaveyp]# /usr/lib64/yp/ypxfr -h master passwd.byname

Tryingypxfrd ... success

[root@slaveyp]# /usr/lib64/yp/ypxfr -h master passwd.byuid

Tryingypxfrd ... success

 

NIS客户端设置

客户端必须安装ypbindyp-tools这两个软件包

[root@client~]# rpm -qa|grep ypbind

ypbind-1.19-12.el5

[root@client~]# rpm -qa|grep yp-tools

yp-tools-2.9-1.el5

加入NIS域,确保客户端和服务器的NIS域名相同,可以使用nisdomainname命令设置,然后设置开机自动配置NIS域名。

[root@client~]# vim /etc/sysconfig/network

NETWORKING=yes

NETWORKING_IPV6=no

HOSTNAME=client

NISDOMAIN=ccw

 

[root@client~]# vim /etc/rc.d/rc.local

#!/bin/sh

#

# Thisscript will be executed *after* all the other init scripts.

# Youcan put your own initialization stuff in here if you don't

# wantto do the full Sys V style init stuff.

 

touch/var/lock/subsys/local

/bin/nisdomainnameccw

修改/etc/hosts文件

如果没有DNS服务器,那我们必须确保/etc/hosts文件中有NIS服务器的记录

 

[root@client~]# vim /etc/hosts

# Do notremove the following line, or various programs

# thatrequire network functionality will fail.

127.0.0.1    localhost.localdomain localhost

::1         localhost6.localdomain6 localhost6

 

192.168.3.211master

192.168.3.212slave

192.168.3.213client

 

修改密码验证方式

NIS客户端在查找用户名和密码时先从本地开始查找,比如先查询/etc/passwd/etc/shadow文件等,如果没有查询到用户名和密码则发送广播到NIS服务器从而进行查询。

默认情况下客户端如果没有查询到用户名和密码是不会发送广播到NIS服务器的,所以我们需要修改/etc/nsswitch.conf文件

[root@client~]# vim /etc/nsswitch.conf

 

#

#/etc/nsswitch.conf

#

# Anexample Name Service Switch config file. This file should be

# sortedwith the most-used services at the beginning.

#

# Theentry '[NOTFOUND=return]' means that the search for an

# entryshould stop if the search in the previous entry turned

# upnothing. Note that if the search failed due to some other reason

# (likeno NIS server responding) then the search continues with the

# nextentry.

#

# Legalentries are:

#

#       nisplus or nis+         Use NIS+ (NIS version 3)

#       nis or yp               Use NIS (NIS version 2), alsocalled YP

#       dns                     Use DNS (Domain NameService)

#       files                   Use the local files

#       db                      Use the local database (.db)files

#       compat                  Use NIS on compat mode

#       hesiod                  Use Hesiod for user lookups

#       [NOTFOUND=return]       Stop searching if not found so far

#

 

# To usedb, put the "db" in front of "files" for entries you wantto be

# lookedup first in the databases

#

#Example:

#passwd:    db files nisplus nis

#shadow:    db files nisplus nis

#group:     db files nisplus nis

 

passwd:     files nis

shadow:     files nis

group:      files nis

 

#hosts:     db files nisplus nis dns

hosts:      files nis dns

 

#Example - obey only what nisplus tells us...

#services:   nisplus [NOTFOUND=return] files

#networks:   nisplus [NOTFOUND=return] files

#protocols:  nisplus [NOTFOUND=return] files

#rpc:        nisplus [NOTFOUND=return] files

#ethers:     nisplus [NOTFOUND=return] files

#netmasks:   nisplus [NOTFOUND=return] files    

 

bootparams:nisplus [NOTFOUND=return] files

 

ethers:     files

netmasks:   files

networks:   files

protocols:  files

rpc:        files

services:   files

 

netgroup:   nisplus

 

publickey:  nisplus

 

automount:  files nisplus

aliases:    files nisplus

 

修改/etc/yp.conf文件

在客户端/etc/yp.conf文件中设置NIS服务器的主机名和NIS域名

[root@client~]# vim /etc/yp.conf

#/etc/yp.conf - ypbind configuration file

# Validentries are

#

# domainNISDOMAIN server HOSTNAME

#       Use server HOSTNAME for the domainNISDOMAIN.

#

# domainNISDOMAIN broadcast

#       Use broadcast  on  the local net for domain NISDOMAIN

#

# domainNISDOMAIN slp

#       Query local SLP server for ypserversupporting NISDOMAIN

#

#ypserver HOSTNAME

#       Use server HOSTNAME for the  local domain.  The

#       IP-address of server must be listed in/etc/hosts.

#

#broadcast

#       If no server for the default domain isspecified or

#       none of them is rechable, try abroadcast call to

#       find a server.

 

domain ccw server master;slave

domain ccw broadcast

如果需要使用广播查询则可以直接添加domain dmz broadcast


重新启动ypbind服务

[root@client~]# service ypbind restart

Shuttingdown NIS services:                                [  OK  ]

Bindingto the NIS domain:                                 [  OK  ]

Listeningfor an NIS domain server.

 

在主服务器创建用于登录的系统测试用户

[root@master]#useradd -d /users/ccwang -m ccwang

此命令创建了一个用户ccwang

其中-d-m选项用来为登录名ccwang产生一个主目录/users/ccwang/users为默认的用户主目录所在的父目录)

 

master机上手工更新数据信息

[root@master~]# cd /var/yp/

[root@masteryp]# make

gmake[1]:Entering directory `/var/yp/ccw'

Updatingnetid.byname...

gmake[1]:Leaving directory `/var/yp/ccw'

 

测试主从服务器是否正常切换

yptest命令测试数据库内容等所有与NIS相关的信息

 

[root@client~]# yptest

Test 1:domainname

Configureddomainname is "ccw"

 

Test 2:ypbind

Used NISserver: slave

 

Test 3:yp_match

WARNING:No such key in map (Map passwd.byname, key nobody)

 

Test 4:yp_first

sambasamba:$6$RFaqhVgHUPUBbDRM$dJKOLa3fp357FUr51ADF2fj6XJicHYiclFt/cpsBpONGM3f5nJEaLtm0ruUktIt/VMm/hOXeM.mLUFVRsZud5.:502:502::/users/samba:/bin/bash

 

Test 5:yp_next

ccwangccwang:$6$H5.0GuKd$.Ea.T7hM9eUaw4F1RYwluIRseudWe8E6y1IT2UEeivs/22kvnFCJgdHMDKjFLVAOiv/e0VInOgI32GngKWmIs/:500:500::/users/ccwang:/bin/bash

testtest:$6$wIclEATy$VtcUvoXpOoW0s2HBmRZGEyzwiCxXxbcqK7KltbZxCRAynvP08Gey4aif.y/nk6O05cOKXvkujlWUthuK3H7xU/:501:501::/users/test:/bin/bash

touchtouch:$6$P54QWiwc$OYBU4iKJeLxMcLvGBzMrTSX.f9RT8r2rXXoZvwiblDIetU2MFvYyLkU80/3pN.aMqS6NDiKOb2o9PfrrUiZq9/:503:503::/users/touch:/bin/bash

 

Test 6:yp_master

master

 

Test 7:yp_order

1487959450

 

Test 8:yp_maplist

mail.aliases

hosts.byname

passwd.byname

group.byname

netid.byname

group.bygid

rpc.byname

ypservers

services.byservicename

services.byname

protocols.bynumber

rpc.bynumber

hosts.byaddr

passwd.byuid

protocols.byname

 

Test 9:yp_all

sambasamba:$6$RFaqhVgHUPUBbDRM$dJKOLa3fp357FUr51ADF2fj6XJicHYiclFt/cpsBpONGM3f5nJEaLtm0ruUktIt/VMm/hOXeM.mLUFVRsZud5.:502:502::/users/samba:/bin/bash

ccwangccwang:$6$H5.0GuKd$.Ea.T7hM9eUaw4F1RYwluIRseudWe8E6y1IT2UEeivs/22kvnFCJgdHMDKjFLVAOiv/e0VInOgI32GngKWmIs/:500:500::/users/ccwang:/bin/bash

testtest:$6$wIclEATy$VtcUvoXpOoW0s2HBmRZGEyzwiCxXxbcqK7KltbZxCRAynvP08Gey4aif.y/nk6O05cOKXvkujlWUthuK3H7xU/:501:501::/users/test:/bin/bash

touchtouch:$6$P54QWiwc$OYBU4iKJeLxMcLvGBzMrTSX.f9RT8r2rXXoZvwiblDIetU2MFvYyLkU80/3pN.aMqS6NDiKOb2o9PfrrUiZq9/:503:503::/users/touch:/bin/bash

1 testsfailed

 

如果 Test 9: yp_all下面出现NIS服务器上的所有帐号信息则表示配置成功,否则我们就要检查上面的配置是否存在问题。

 

客户端可以使用yppasswd命令修改帐号和密码

[root@client~]# yppasswd ccwang

ChangingNIS account information for ccwang on master.

Pleaseenter root password:

ChangingNIS password for ccwang on master.

Pleaseenter new password:

Pleaseretype new password:

The NISpassword has been changed on master.

 

ypwhich命令主要测试NIS客户端与服务器之间通信使用的是哪些数据库文件

 

[root@client~]# whoami

root

[root@client~]# su ccwang

bash-3.2$whoami

ccwang

bash-3.2$ypwhich

slave

停掉从NIS服务

[root@slave~]# service ypserv stop

StoppingYP server services:                               [  OK  ]

 

[root@client~]# su ccwang

bash-3.2$whoami

ccwang

bash-3.2$ypwhich

slave

 

[root@client~]# ypwhich

master

[root@client~]# su ccwang

bash-3.2$

 

停掉主NIS服务

[root@masteryp]# service ypserv stop

StoppingYP server services:                               [  OK  ]

 

[root@client~]# ypwhich

slave

[root@client~]# su ccwang

bash-3.2$

 

可以看到Nis能够成功切换,但是用户没有家目录,下面就把远程服务器上的目录需要时自动挂载到本地。

Autofs

    Autofs (auto mount service): the user is logged in at the same time, the automatic trigger mount user home directory.

    The mount command is used to mount the file system, can be in when the system starts to mount can also mount after system start. For local fixed device such as a hard disk, you can use the mount mount. The CD, floppy disk, NFS, SMB file system is dynamic, that is only when you need it is necessary to mount. We cannot know in time NFS sharing and SMB what time can be mounted, and the autofs service can timely file system mount dynamic loading. Free us from manual trouble.

Principle: the difference between Autofs and Mount/Umount is that it is a caretaker program. If it detects that the user is trying to access a file system that has not yet been linked, it will automatically detect the file system, if it exists, then the Autofs will automatically hang up. On the other hand, if it detects that a linked file system has not been used for a period of time, Autofs will automatically uninstall it. Therefore, once the Autofs is running, the user will no longer need to manually complete the file system connection and uninstall.

1

[root@master~]# rpm -qa |grep nfs

nfs4-acl-tools-0.3.3-6.el6.x86_64

nfs-utils-1.2.3-39.el6.x86_64

nfs-utils-lib-1.1.5-6.el6.x86_64

2

[root@master~]# vim /etc/exports

/users  *(rw,sync,no_root_squash)

3

[root@master~]# service nfs restart

Shuttingdown NFS daemon:                                  [  OK  ]

Shuttingdown NFS mountd:                                  [  OK  ]

Shuttingdown NFS quotas:                                  [  OK  ]

Shuttingdown NFS services:                                [  OK  ]

Shuttingdown RPC idmapd:                                  [  OK  ]

StartingNFS services:                                     [  OK  ]

StartingNFS quotas:                                       [  OK  ]

StartingNFS mountd:                                       [  OK  ]

StartingNFS daemon:                                       [  OK  ]

StartingRPC idmapd:                                       [  OK  ]

4

[root@master~]# showmount -e master

Exportlist for master:

/users *

5

[root@master~]# setenforce 0

[root@master~]# service iptables stop

iptables:Setting chains to policy ACCEPT: filter         [  OK  ]

iptables:Flushing firewall rules:                        [  OK  ]

iptables:Unloading modules:                              [  OK  ]

6

[root@client~]# yum install autofs -y

Loadedplugins: fastestmirror

Loadingmirror speeds from cached hostfile

 * base: mirrors.btte.net

 * extras: mirrors.cqu.edu.cn

 * updates: mirrors.btte.net

Settingup Install Process

ResolvingDependencies

-->Running transaction check

--->Package autofs.x86_64 1:5.0.1-0.rc2.184.el5 set to be updated

-->Finished Dependency Resolution

 

DependenciesResolved

 

===============================================================================================

 Package           Arch              Version                             Repository       Size

===============================================================================================

Updating:

 autofs            x86_64            1:5.0.1-0.rc2.184.el5               base            921 k

 

TransactionSummary

===============================================================================================

Install       0 Package(s)

Upgrade       1 Package(s)

 

Totaldownload size: 921 k

DownloadingPackages:

autofs-5.0.1-0.rc2.184.el5.x86_64.rpm                                   | 921kB     00:00    

warning:rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID e8562897

base/gpgkey                                                            | 1.5 kB     00:00    

ImportingGPG key 0xE8562897 "CentOS-5 Key (CentOS 5 Official Signing Key)<centos-5-key@centos.org>" from/etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

Runningrpm_check_debug

RunningTransaction Test

FinishedTransaction Test

TransactionTest Succeeded

RunningTransaction

 Updating      : autofs                1/2

 Cleanup       : autofs                2/2

Updated:

  autofs.x86_64 1:5.0.1-0.rc2.184.el5                                                         

Complete!

7

[root@client~]# vim /etc/auto.master

 

#

# $Id:auto.master,v 1.4 2005/01/04 14:36:54 raven Exp $

#

# Sampleauto.master file

# Thisis an automounter map and it has the following format

# key [-mount-options-separated-by-comma ] location

# Fordetails of the format look at autofs(5).

#

/misc   /etc/auto.misc

/users  /etc/auto.users

#

# NOTE:mounts done from a hosts map will be mounted with the

#       "nosuid" and "nodev"options unless the "suid" and "dev"

#       options are explicitly given

8

[root@client~]# cp /etc/auto.misc /etc/auto.users

9

[root@client~]# vim /etc/auto.users

 

#

# $Id:auto.misc,v 1.2 2003/09/29 08:22:35 raven Exp $

#

# Thisis an automounter map and it has the following format

# key [-mount-options-separated-by-comma ] location

#Details may be found in the autofs(5) manpage

 

cd              -fstype=iso9660,ro,nosuid,nodev:/dev/cdrom

ccw          -rws,soft,intr  192.168.3.211:/users/ccw

# thefollowing entries are samples to pique your imagination

#linux          -ro,soft,intr           ftp.example.org:/pub/linux

#boot           -fstype=ext2            :/dev/hda1

#floppy         -fstype=auto            :/dev/fd0

#floppy         -fstype=ext2            :/dev/fd0

#e2floppy       -fstype=ext2            :/dev/fd0

#jaz            -fstype=ext2            :/dev/sdc1

#removable      -fstype=ext2            :/dev/hdd

10

[root@client~]# service autofs restart

Stoppingautomount:                                        [  OK  ]

Startingautomount:                                        [  OK  ]

11

[root@client~]# df

Filesystem           1K-blocks      Used Available Use% Mounted on

/dev/mapper/VolGroup00-LogVol00

                      18187836   2991572 14257464  18% /

/dev/sda1               101086     12919    82948  14% /boot

tmpfs                   511960         0   511960   0% /dev/shm

[root@client~]# cd /users/ccw

[root@clientccw]# pwd

/users/ccw

[root@clientccw]# mkdir test

 [root@client ccw]# ll

total 4

drwxr-xr-x2 root root 4096 Feb 23  2017 test

12

[root@clientccw]# df

Filesystem           1K-blocks      Used Available Use% Mounted on

/dev/mapper/VolGroup00-LogVol00

                      18187836   2991572 14257464  18% /

/dev/sda1               101086     12919    82948  14% /boot

tmpfs                   511960         0   511960   0% /dev/shm

master:/users/ccw     18134368  3834016  13379168  23% /users/ccw