NFS NFS is a file sharing mechanism that allows file and directories to be shared on different machines. It is typically used with Linux/Unix based machines. BrickStor SP supports versions NFSv3 and NFSv4.0/4.1/4.2 of NFS. The NFS Home Page can be divided into two sections: Toolbar - Provides options to filter the list of current NFS shares. It features a Create button to create a new NFS enabled Dataset. A Custom button to customize visible grid fields. And Export button to export grid data to CSV, Excel, PDF or print. NFS Share List - Shows a vertically organized list of current Datasets with NFS sharing feature enabled. This list is managed through the toolbar, and updates in real-time dependent on filters selected. Clicking the Cog wheel allows for the option to Edit the NFS Export. Clicking this option opens the NFS Export Configuration window. Further options to Open Dataset, Open Snapshots, and Add Child are present when clicking the Cog wheel. Create NFS Export The option to create a new NFS Export is available by clicking the Create button in the Toolbar on the NFS home page: The NFS Export creation dialog will open. Add a Path in the provided field. Name the NFS Export in the provided path. Optionally, add a description to the NFS Export. Click the Next button. Configure the [dataset-permissions]. Click the Next button. The NFS Export Configuration window will present. Click the Next button. If further Dataset options are not required, click the Skip to Confirmation button. To view comprehensive instruction of Dataset configuration options, visit [creating-a-dataset]. NFS Export Configuration The NFS Export Configuration window will present. This dialog allows you to specify which hosts, IPv4 addresses, and subnets can access the NFS share, and how it can be accessed. This is known as "host based access control". In addition, individual users on the hosts/subnets can be specified (see the example below). The following choices can be made: No choice - Anyone with network access can mount the file system. File names are visible but no content or metadata. This is the default setting, and one of the least secure choices. Read-Only - Hosts, subnets, and users that may mount the share as read-only, i.e., the share may only be read, not modified. Whether you can actually read individual file shares depends on permissions for the shared files themselves. If Everyone (i.e., '*') is specified, anyone can mount the share read-only. Read/Write - This allows the same choices as Read-Only. Here, the file share is mounted readable and writable, depending on the permissions on the underlying file. If "Everyone" is chosen for Read-Only, setting a host(s) and/or subnet(s) here will override the read-only setting for the hosts(s)/subnet(s) specified. Full Control (Root) - This allows you to run as root on the shares. Note that this does not imply that you can access the files for read/write or read-only, but you can read-only or read/write access the files if the host(s)/subnet(s) is specified in the read-only or read/write access list. Normally, the root user on the nfs client is mapped to an anon user on the server. The Full Control (Root) access list does not map the root user on the client to an anon user on the server. Instead, the root user on the client runs as the root user on the server. Deny - Hosts/subnets in this list may not mount shares from the server for read-only or for read-write. If Everyone ('*') is in this list, no one can use the nfs share. Read-Only: Everyone Read/Write: @10.2.22.77; @10.2.22.102 Full Control (Root): @10.2.22.77 Deny: @20.2.22.75; maxb@10.1.29.0/23 Everyone not listed as read-only access. Host 10.2.22.77 and 10.2.22.102 has read-write access. 10.2.22.77 has root access. Any access from 20.2.22.75 is not allowed. Any access from user maxb on 20.1.29.0/23 subnet is not allowed. The security mode (defaulted to sys) can be configured by clicking the downward arrow and selecting the available options by clicking any displayed option. The option to enable/disable Hide descendant datasets, and Data security labels is configurable by clicking the provided Sliders.