SMTP サーバに直接メールを送ってみる。

【telnetでメール送信】

# telnet 192.168.6.111 25
220 mail.yyyyyyy.ne.jp ESMTP Postfix
HELO xxxxxxx.co.jp
250 mail.yyyyyyy.ne.jp
MAIL FROM: TEST-manager@xxxxxxxxx.co.jp
250 2.1.0 Ok
RCPT TO: emergency119@xxxxxxx.co.jp
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
From: myname@mydomain.co.jp

Subjet: testHello world.

テストメールです。破棄してください。
.
250 2.0.0 Ok: queued as 26E7A3AF5B
QUIT
221 2.0.0 Bye

$ telnet 192.168.25.111 25 << __EOF__

HELO company.co.jp

MAIL FROM: <zabbix-manager@company.co.jp>

RCPT TO: <user@company.co.jp>

DATA

From zabbix-manager@company.co.jp

Subject: test subject

テストメールです。破棄してください。

.

QUIT

__EOF__

クライアント証明書を作成してみる。(openssl)

vi /etc/ssl/openssl.cnf

[ client_cert ]

basicConstraints=CA:FALSE
keyUsage = digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer

クライアント証明書作成

# openssl req -config openssl.cnf -new -keyout yone.key.pem -out yone.req.pem -days 365 -extensions client_cert

Generating a 1024 bit RSA private key

認証局が署名

# openssl ca -config openssl.cnf -policy policy_anything -out yone.cert.pem -extensions client_cert -infiles yone.req.pem

Using configuration from openssl.cnf

ユーザに配布するファイルを作成。
# openssl pkcs12 -export -in newcerts/04.pem -inkey private/04.pem -certfile cacert.pem -out yone.p12


by　http://www.webtech.co.jp/blog/optpix_labs/server/1780/

http://qiita.com/mitzi2funk/items/602d9c5377f52cb60e54

openssl 第２弾 自己署名CA局＋サーバ証明書の作成。

vi /etc/ssl/openssl.cnf

DATE=`date +%Y%m%d`
SERVER_CSR="web_portal_20150915.csr"
SERVER_CRT="web_portal_"${DATE}".crt"
SERVER_CRT_CA="web_portal_with_ca_"${DATE}".crt"
SERVER_KEY="web_portal_20150915.key"
CERTIFICATE=${SERVER_CRT_CA}
CERTIFICATE_CA="CA/ca_certificate.crt"

echo ---------------------------------CA認証局作成
if [ -d CA ]; then
echo CA認証局は作成済みです。
else
mkdir CA
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout CA/ca_privateKey.key -out CA/ca_certificate.crt -reqexts v3_req -extensions v3_ca

openssl x509 -inform pem -in CA/ca_certificate.crt -outform der -out CA/ca_certificate.der
fi

echo ---------------------------------サーバ証明書作成
echo "nsCertType = server" > openssl.conf

openssl x509 -req -days 3650 -in ${SERVER_CSR} -CA CA/ca_certificate.crt -set_serial 04 -CAkey CA/ca_privateKey.key -out ${SERVER_CRT_CA} -extfile openssl.conf

rm openssl.conf

openssl x509 -days 3650 -req -signkey ${SERVER_KEY} -in ${SERVER_CSR} -out ${SERVER_CRT};

echo ---------------------------------サーバ証明書表示
openssl x509 -in ${CERTIFICATE} -text -noout

echo ---------------------------------CA局証明書表示
openssl x509 -in ${CERTIFICATE_CA} -text -noout


ここでチェック
https://cryptoreport.websecurity.symantec.com/checker/views/certCheck.jsp

https://www.ssllabs.com/ssltest/analyze.html

【サーバ証明書作成】

$  openssl genrsa 2048 > server.key

Generating RSA private key, 2048 bit long modulus (2 primes)

...................................+++++

..........+++++

e is 65537 (0x010001)

$ openssl req -new -key server.key > server.csr

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [XX]:JP

State or Province Name (full name) []:Tokyo

Locality Name (eg, city) [Default City]:Sibuya-ku

Organization Name (eg, company) [Default Company Ltd]:Company

Organizational Unit Name (eg, section) []:

Common Name (eg, your name or your server's hostname) []:service.company.com

Email Address []:

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:

$  openssl x509 -req -days 3650 -signkey server.key < server.csr > server.crt

Signature ok

subject=C = JP, ST = Tokyo, L = Shibuya-ku, O = Company, CN = service.company.com

Getting Private key

$ ls -l

合計 12

-rw-rw-r--. 1 takahab takahab 1180  7月 26 13:33 server.crt

-rw-rw-r--. 1 takahab takahab  985  7月 26 13:32 server.csr

-rw-rw-r--. 1 takahab takahab 1679  7月 26 13:30 server.key

【中間証明書＋サーバ証明書】チェーン証明書

$ cd Certification

$ mkdir rootca

$mkdir  test.com

(1) CA局証明書

$ cd rootca

openssl genrsa -out ca.key 2048

openssl req -new -key ca.key -out ca.csr -subj "/C=JP/CN=Hogehoge CA"

cat << _EOF_ > ca.ext

[ v3_ca ]

basicConstraints = critical, CA:true

keyUsage = keyCertSign, cRLSign

extendedKeyUsage = serverAuth, clientAuth

subjectKeyIdentifier = hash

authorityKeyIdentifier = keyid,issuer

_EOF_

openssl x509 -req -signkey ca.key -extfile ca.ext -extensions "v3_ca" -in ca.csr -out ca.crt -days 36500 -sha256

(2) サーバ証明証

$ cd test.com

openssl genrsa -out server.key 2048

openssl req -new -key server.key -out server.csr -subj "/CN=www.hogehoge.com"

cat << _EOF_ > server.ext

[ v3_server ]

basicConstraints = critical, CA:false

keyUsage = digitalSignature, keyEncipherment

extendedKeyUsage = serverAuth, clientAuth

subjectKeyIdentifier = hash

authorityKeyIdentifier = keyid,issuer

subjectAltName = DNS:www.hogehoge.com

_EOF_

openssl x509 -req -CAkey ca.key -CA ca.crt -CAcreateserial -extfile server.ext -extensions "v3_server" -in server.csr -out server.crt -days 3650 -sha256

(3) 確認

$ cd test.com

$ openssl x509 -in  server.crt -text -noout

$ openssl x509 -in  ../rootca/ca.crt  -text -noout

証明書本文                 test.com/server.crt

プライベートキー    test.com/server.key

証明書チェーン        rootca/ca.crt

mysql で漢字が化ける。

/etc/mysql/my.cnf
[mysqld]
character-set-server=utf8

[mysql] 

default-character-set=utf8

/etc/init.d/mysql restart

※サーバ側は、mysql5.5以降表記が変わったらしい。

確認は、

mysql> 

show variables like 'character%';
show global variables like 'character%';

Oracle 触ってみた。

【RMANでディスクチェック】

# su - oracle

# rman target /

#  validate database check logical;

#-------------------------------------------------------

# archivelog 削除 ＆ 同期 （アーカイブログ）

#-------------------------------------------------------

# su - oracle

# rman target /

RMAN> list archivelog all;

RMAN> delete archivelog all;                    # 全削除

RMAN> crosscheck archivelog all;         ＃ 物理ディスクとの整合性（同期）

RMAN> configure channel device type disk format '/work/archivelog.backup/ar_%U';

RMAN> show all;         # 確認

RMAN configuration parameters for database with db_unique_name ARCSDBMS are:

CONFIGURE RETENTION POLICY TO REDUNDANCY 1; # default

CONFIGURE BACKUP OPTIMIZATION OFF; # default

CONFIGURE DEFAULT DEVICE TYPE TO 'SBT_TAPE';

CONFIGURE CONTROLFILE AUTOBACKUP ON;

CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE SBT_TAPE TO '%F'; # default

CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO '%F'; # default

CONFIGURE DEVICE TYPE 'SBT_TAPE' PARALLELISM 1 BACKUP TYPE TO BACKUPSET;

CONFIGURE DEVICE TYPE DISK PARALLELISM 1 BACKUP TYPE TO BACKUPSET; # default

CONFIGURE DATAFILE BACKUP COPIES FOR DEVICE TYPE SBT_TAPE TO 1; # default

CONFIGURE DATAFILE BACKUP COPIES FOR DEVICE TYPE DISK TO 1; # default

CONFIGURE ARCHIVELOG BACKUP COPIES FOR DEVICE TYPE SBT_TAPE TO 1; # default

CONFIGURE ARCHIVELOG BACKUP COPIES FOR DEVICE TYPE DISK TO 1; # default

CONFIGURE CHANNEL DEVICE TYPE DISK FORMAT   '/work/archivelog.backup/ar_%U';

CONFIGURE MAXSETSIZE TO UNLIMITED; # default

CONFIGURE ENCRYPTION FOR DATABASE OFF; # default

CONFIGURE ENCRYPTION ALGORITHM 'AES128'; # default

CONFIGURE COMPRESSION ALGORITHM 'BASIC' AS OF RELEASE 'DEFAULT' OPTIMIZE FOR LOAD TRUE ; # default

CONFIGURE ARCHIVELOG DELETION POLICY TO NONE; # default

CONFIGURE SNAPSHOT CONTROLFILE NAME TO '+DATA/ARCSDBMS/snapcf_arcsdbms1.f';

RMAN> backup archivelog until sequence XXX thread=1 delete input;

※ XXXは、Seq.

RMAB> backup archivelog all delete all input;               # 全バックアップ＆削除

RMAN> list archivelog all;

using target database control file instead of recovery catalog

List of Archived Log Copies for database with db_unique_name ARCSDBMS

=====================================================================

Key       Thrd Seq     S Low Time     Name:

--------- ------ ------- - -------------------------

161321  1      45331   A    21-11-24 +ARCT_M/arcsdbms/archivelog/2021_11_24/thread_1_seq_45331.297.1089496643

# su - oracle

ORACLE_BASE=/opt/app/oracle
ORACLE_HOME=/opt/app/oracle/product/11.2.0/db_1
ORACLE_SID=XXXXXXXXX

# sqlplus / as sysdba
SQL> select * from v$version; #バージョン表示
SQL> def #ユーザ情報等確認
SQL> select username,expiry_date,profile from dba_users; #ユーザ一覧
SQL> select * from all_users; #ユーザ一覧
SQL> select * from v$instance; #インスタンス表示
SQL> select * from sys.gv_$instance; #インスタンス一覧
SQL> host #OSコマンドを実行。
SQL> select username,osuser,machine,terminal,program from v$session; #session一覧
SQL> select * from product_component_version;
SQL> select * from v$option; #オプション製品Ver.
SQL> select * from v$pwfile_users; #DBA接続可能ユーザ
SQL> select * v$database; #DBID

# sqlplus ARCSXXXX/xxxxxxx@arcsdbms1
SQL> select owner, table_name from all_tables where owner='XXX'; #テーブル一覧
SQL> select column_name,data_type, data_length from user_tab_columns where owner='XXXXXXX' and table_name='CCMXXX'; #column一覧

SQL> select * from CCMXXX;

【python36でアクセス】
# vi oracle.py
#!/usr/bin/env python
import cx_Oracle
import os

HOST = '192.168.xx.xxx'
PORT = '1521'
SID = 'arcsdbms'
os.environ["NLS_LANG"] = "JAPANESE_JAPAN.JA16SJISTILDE"

tns = cx_Oracle.makedsn(HOST, PORT, SID)
conn = cx_Oracle.connect("ARCSxxxx", "XXXXXXX", tns)

print( conn.version)

cur = conn.cursor()
cur.execute("""select column_name,data_type,data_length from all_tab_columns where table_name='XXXnnn'""")
rows = cur.fetchall()

for r in rows:
   print("%s %s %s" % (r[0],r[1],r[2]))

cur.execute("""select * from XXXnnn""")
rows = cur.fetchall()
for r in rows:
   print("%s %s %s %s" % (r[0],r[1],r[2],r[3]))


【Oracle RMANの有効期限が切れた。】
# su - oracle
ORACLE_BASE=/opt/app/oracle
ORACLE_HOME=/opt/app/oracle/product/11.2.0/db_1
ORACLE_SID=XXXXXXXXX

# sqlplus / as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Tue Aug 4 11:58:16 2015
Copyright (c) 1982, 2013, Oracle.  All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, Real Application Clusters and Automatic Storage Management options

set linesize 200;

SQL>  select username,expiry_date,profile from dba_users;
USERNAME       EXPIRY_D PROFILE
------------------------------ -------- ------------------------------
MGMT_VIEW DEFAULT
SYS DEFAULT
SYSTEM DEFAULT
DBSNMP DEFAULT
SYSMAN DEFAULT
PERFSTAT DEFAULT
SGNGDBMC DEFAULT
NEORDS DEFAULT
ARCSDBPA DEFAULT
DRCSDBCB DEFAULT
ARCSDBSS DEFAULT

USERNAME       EXPIRY_D PROFILE
------------------------------ -------- ------------------------------
ARCSDBCO DEFAULT
ARCSDBCB DEFAULT
SGNGDBMS DEFAULT
ARCSDBCS DEFAULT
TRCSDBCB DEFAULT
XRCSDBCB DEFAULT
OUTLN       15-01-20 DEFAULT
WMSYS       15-01-20 DEFAULT
APPQOSSYS       15-01-20 DEFAULT
DIP       15-01-20 DEFAULT
GG_USER       15-04-07 DEFAULT

USERNAME       EXPIRY_D PROFILE
------------------------------ -------- ------------------------------
ORACLE_OCM       15-01-20 DEFAULT

23 rows selected.

SQL> exit
Disconnected from Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, Real Application Clusters and Automatic Storage Management options


[oracle@dbsv1 ~]$ sqlplus sys/パスワード@rmanrepo1 as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Tue Aug 4 12:01:34 2015
Copyright (c) 1982, 2013, Oracle.  All rights reserved.
Connected to:
Oracle Database 11g Release 11.2.0.4.0 - 64bit Production

SQL> select username,expiry_date,profile from dba_users;

USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
MGMT_VIEW     15-07-23
DEFAULT

SYS     15-07-23
DEFAULT

SYSTEM     15-07-23
DEFAULT


USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
RMAN     16-01-30
DEFAULT

DBSNMP     15-07-30
DEFAULT

SYSMAN     15-07-30
DEFAULT


USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
OUTLN     15-01-24
DEFAULT

ANONYMOUS     15-01-24
DEFAULT

WMSYS     15-01-24
DEFAULT


USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
XDB     15-01-24
DEFAULT

APPQOSSYS     15-01-24
DEFAULT

DIP     15-01-24
DEFAULT


USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
ORACLE_OCM     15-01-24
DEFAULT

XS$NULL     15-01-24
DEFAULT


14 rows selected.

SQL> select username,expiry_date,profile from dba_users;

USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
MGMT_VIEW     15-07-23
DEFAULT

SYS     15-07-23
DEFAULT

SYSTEM     15-07-23
DEFAULT


USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
RMAN     16-01-30
DEFAULT

DBSNMP     15-07-30
DEFAULT

SYSMAN     15-07-30
DEFAULT


USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
OUTLN     15-01-24
DEFAULT

ANONYMOUS     15-01-24
DEFAULT

WMSYS     15-01-24
DEFAULT


USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
XDB     15-01-24
DEFAULT

APPQOSSYS     15-01-24
DEFAULT

DIP     15-01-24
DEFAULT


USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
ORACLE_OCM     15-01-24
DEFAULT

XS$NULL     15-01-24
DEFAULT


14 rows selected.

SQL> select *  from dba_profiles where PROFILE = 'DEFAULT'and RESOURCE_NAME = 'PASSWORD_LIFE_TIME';

PROFILE
------------------------------------------------------------
RESOURCE_NAME
----------------------------------------------------------------
RESOURCE_TYPE
----------------
LIMIT
--------------------------------------------------------------------------------
DEFAULT
PASSWORD_LIFE_TIME
PASSWORD
180


SQL> alter profile DEFAULT limit password_life_time unlimited;

Profile altered.

SQL> select *  from dba_profiles where PROFILE = 'DEFAULT'and RESOURCE_NAME = 'PASSWORD_LIFE_TIME';

PROFILE
------------------------------------------------------------
RESOURCE_NAME
----------------------------------------------------------------
RESOURCE_TYPE
----------------
LIMIT
--------------------------------------------------------------------------------
DEFAULT
PASSWORD_LIFE_TIME
PASSWORD
UNLIMITED


SQL> select username,expiry_date,profile from dba_users;

USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
MGMT_VIEW
DEFAULT

SYS
DEFAULT

SYSTEM
DEFAULT


USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
RMAN
DEFAULT

DBSNMP     15-07-30
DEFAULT

SYSMAN     15-07-30
DEFAULT


USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
OUTLN     15-01-24
DEFAULT

ANONYMOUS     15-01-24
DEFAULT

WMSYS     15-01-24
DEFAULT


USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
XDB     15-01-24
DEFAULT

APPQOSSYS     15-01-24
DEFAULT

DIP     15-01-24
DEFAULT


USERNAME     EXPIRY_D
------------------------------------------------------------ --------
PROFILE
------------------------------------------------------------
ORACLE_OCM     15-01-24
DEFAULT

XS$NULL     15-01-24
DEFAULT


14 rows selected.

【パスワード変更】
SQL> alter USER DBSNMP IDENTIFIED BY "パスワード";

SQL> exit
Disconnected from Oracle Database 11g Release 11.2.0.4.0 - 64bit Production
[oracle@dbsv1 ~]$ logout
[root@dbsv1 ~]# logout

メモリーキャッシュをクリアーする

# free
                 total                used                  free                shared    buffers         cached
Mem:      32814980   28182252      4632728     0              7003044   13676724
-/+ buffers/cache:        7502484    25312496
Swap:     33554424      95664   33458760

# sync;sync;sync

# sysctl -w vm.drop_caches=3
vm.drop_caches = 3
# free
                  total                used               free                  shared    buffers     cached
Mem:      32814980   15127824   17687156     0              11532      8721792
-/+ buffers/cache:         6394500   26420480
Swap:     33554424           95664    33458760

[root@dbsv1 ~]# sync




【参考】
# echo 1 > /proc/sys/vm/drop_caches
              1.ページキャッシュ解放
              2.ダーティキャッシュ、inode解放
              3.ページキャッシュとダーティキャッシュ、inode解放
　　

HW シリアル番号を確認する。

# dmidecode

adb connect を有効にする。（TCP接続）

/system/build.propへ
persist.adb.tcp.port=5555

オラクルのLONG_LOCK

su - oracle
$ sqlplus / as sysdba ------ SYSでログイン

▼セグメントサイズ確認
  ========================================
  spool dba_seg.log
  set lin 600
  set pages 1000
  col name for a10
  col state for a10
  col type for a10   
  --領域の確認。
  select segment_name, sum(bytes) BYTES, tablespace_name, count(*) EXTENTS
  from dba_segments
  group by segment_name, tablespace_name
  order by 2,3,1 desc;

  --セグメント単位ので確認 
  select * from dba_segments order by 1;
  spool off
  ========================================

select BLOCKING_SESSION from v$session where username = 'ARCSDBPA';


select event,seq# from v$session where username = 'ARCSDBPA';


select sql_id from v$session where username = 'ARCSDBPA';

select sql_text from v$sql where sql_id ='fddqym00hh0vc';


select sid,wait_time from v$session where sid=1812;

SQL> select sid,serial# from v$session where sid in (select sid from v$lock where type in ('TM','TX'));


SQL> select sid,program from v$session where username = 'ARCSDBPA';
SID PROGRAM
---------- ------------------------------------------------
1236 ArccCSCS.exe
1248 Furikomi.exe
SQL>

SQL> select sid,serial#,state from v$session where sid=1775;

SQL> select s.sid, p.pid, p.spid from v$session s, v$process p where s.paddr = p.addr and s.sid = 1236;
SID PID SPID
---------- ---------- ------------
1236 94 31458

SQL> select s.sid, p.pid, p.spid from v$session s, v$process p where s.paddr = p.addr and s.sid = 1248;
SID PID SPID
---------- ---------- ------------
1248 29 23382

SQL> oradebug setospid 23382;
SQL> oradebug event 10046 trace name context forever, level 12;
SQL> oradebug event 10046 trace name context off;



SQL> quit

【11g】
/opt/app/oracle/admin/ARCSDBMS/adump　　　　　　　？


【１０ｇ】
/home/oracle/app/oracle/admin/arcsdbms/bdump
/home/oracle/app/oracle/admin/arcsdbms/udump


$ tkprof FILE1 FILE2 explain=USER/PASSWD

cisco のログを取った。

TeraTerm ログ on

# terminal length 0
# sh tech pass
# sh log
# exit

CentOSにNFSを設定してみた。

■Rocky8 linux NFS 設定（追記：2023 12/14 )

【サーバ側】
# dnf install nfs-utils

# vi /etc/idmapd.conf

Domain = stage.world

# vi /etc/exports

/data/ 10.0.11.0/24(rw,sync,wdelay,root_squash,insecure)

/data/ 10.0.12.0/24(rw,sync,wdelay,root_squash,insecure)

/data/ 10.0.13.0/24(rw,sync,wdelay,root_squash,insecure)

/data/ 10.0.14.0/24(rw,sync,wdelay,root_squash,insecure)

※ all_squash 全てのユーザ権限を下げる。(root_squash, all_squash)

# exportfs -rav

# firewall-cmd --add-service=nfs
# firewall-cmd --add-service={nfs3,mountd,rpc-bind}
# firewall-cmd --runtime-to-permanent

# systemctl start --now rpcbind nfs-server

# systemctl enable --now rpcbind nfs-server

【クライアント側】
# dnf install nfs-utils rpcbind
# showmount -e 10.0.18.201

# vi /etc/idmapd.conf

Domain = stage.world

# systemctl restart rpcbind

# systemctl enable rpcbind

※サーバ側の変更時も、クライアント側の再起動が必要

 

# vi /etc/fstab

192.168.210.101:/data/  /.data                  nfs     rw,hard            0 0

10.0.18.201:/data /.data                               nfs     rw,hard            0 0

cd /

mkdir /.data

ln -s /.data aws

※ mount できない場合、dmesgで確認。

-----------------------------------------------------------------------------------------------
# サーバ側の設定
# cat /etc/redhat-release
CentOS release 6.5(Final)

# yum -y install nfs-utils

# vi /etc/exports

/work/ 129.1.68.0/24(rw,sync,no_root_squash,no_all_squash)

# vi /etc/sysconfig/iptables

-A INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 2049 -j ACCEPT

# service iptables restart

#service rpcbind restart
#service rpcidmapd restart
#service nfs restart
#service nfslock restart
#chkconfig rpcbind on
#chkconfig rpcidmapd on
#chkconfig nfs on

# service rpcbind status
# chkconfig --list
# service nfs status
# rpcinfo -p

# exportfs -ra

# exportfs -v

# showmount -e 129.1.68.188

＃クライアント側の設定

# vi /etc/idmapd.conf

Domain = centos.casio.co.jp

# service rpcbind restart

# chkconfig rpcbind on

# vi /etc/fstab
192.1.68.188:/work /work nfs4 default 0 0

# chkconfig netfs on
or
# mount -t nfs -o rw 129.1.68.188:/work /work