NFS is a client/server protocol: the server provides file system resources for all or part of the network (clients).
The communication between clients and server takes place by way of Remote Procedure Call (RPC) services.
Remote files are mounted in a directory and appear as a local file system. Client users seamlessly access files shared by the server, browsing directories as if they were local.
If no right is specified, then the right applied will be read-only.
By default, the NFS server preserves the client user UIDs and GIDs (except for root).
To force the use of a UID or GID other than that of the user writing the resource, specify the anonuid=UID and anongid=GID options, or give anonymous access to the data with the all_squash option.
warning
A parameter, no_root_squash, identifies the client root user as the server root user. This parameter can be dangerous from a system security point of view.
Activation of the root_squash parameter is a default (even if not specified), identifying root as an anonymous user.
/share client(ro,all_squash)
Client users have read-only access to resources and are identified as anonymous on the server.
/share client(rw)
Client users can modify resources and keep their UID on the server. Only root is identified as anonymous.
/share client1(rw) client2(ro)
Users on client workstation 1 can modify resources, while those on client workstation 2 have read-only access.
UIDs are kept on the server, and only root is identified as anonymous.
/share client(rw,all_squash,anonuid=1001,anongid=100)
Client1 users can modify resources. Their UID is changed to 1001 and their GID to 100 on the server.
This command also determines whether the client workstation has authorization to mount shared resources.
note
showmount sorts and hides duplicates in the results, so it's impossible to determine whether a client has made multiple mounts of the same directory or not.