m (→NFS: adding 'rpcinfo -p' to view ports/RPC programs) |
m (Docs/Drafts/AdministrationGuide/Servers/NetworkFileSystem moved to Archive:Docs/Drafts/AdministrationGuide/Servers/NetworkFileSystem: This page references a newer draft version. Archiving old page tree then I'll go back and redirect to the new.) |
||
(2 intermediate revisions by one other user not shown) | |||
Line 113: | Line 113: | ||
== Firewall Configuration == | == Firewall Configuration == | ||
Ports for NFS are assigned dynamically by rpcbind, which causes problems for firewalls. To make firewall configuration easy, use the <code>/etc/sysconfig/nfs</code> file to control which ports are used: | |||
* <code>MOUNTD_PORT</code> TCP and UDP port for mountd (rpc.mountd). | * <code>MOUNTD_PORT</code> TCP and UDP port for mountd (rpc.mountd). | ||
Line 122: | Line 122: | ||
Port numbers specified must not be used by any other service. Configure your firewall to allow the port numbers specified in <code>/etc/sysconfig/nfs</code>, as well as TCP and UDP port 2049 (NFS). | Port numbers specified must not be used by any other service. Configure your firewall to allow the port numbers specified in <code>/etc/sysconfig/nfs</code>, as well as TCP and UDP port 2049 (NFS). | ||
Run the <code>rpcinfo -p</code> command to see which ports and RPC programs are being used. | Run the <code>rpcinfo -p</code> command on the NFS server to see which ports and RPC programs are being used. | ||
== NFS Clients == | == NFS Clients == |
Latest revision as of 17:51, 4 March 2009
NFS
Summary
Purpose: This document covers many of the aspects of configuring and customizing NFS
.
Audience: This document is designed for anyone wanting to setup NFS
as an File server.
Assumptions: The Fedora OS is installed, TCP/IP and DNS is configured. User accounts have been added and the reader has access to the root password. Firewall rules are configured to allow for the proper port access, and the user has a basic understanding of vi and bash commands.
Related Documents: The InstallGuide documents the basic install of Fedora. The GettingStarted documents the basic use of Fedora and gaining access to the CLI. The DNS assists with configuring DNS for name resolution. UserAccounts documents the steps for creating users and groups. The ConfiguringServices covers configuring Services.
Lead Writer: MikeDittmeier
Introduction
The Network File System, or NFS
, is a daemon that allows other computers to 'mount' a disk partition on another remote computer, and access the files the same as local files and folders. Other services and daemons such as automount can be used to mount remote NFS
shares without user intervention.
Package Requirements
This article makes use of the following packages found in the Fedora Repository:
nfs-utils
The nfs-utils package provides a daemon for the kernel NFS server and related tools, which provides a much higher level of performance than the traditional Linux NFS server used by most users.nfs-utils-libs
Support libraries that are needed by the commands and daemons the nfs-utils RPMrpcbind
Converts RPC numbers to universal addresses. NFS requires therpcbind
daemonsystem-config-nfs
system-config-nfs
is a graphical user interface for creating, modifying, and deletingNFS
shares.
Installation
By default NFS
is already included in most fedora installations. To verify NFS
is installed, type the following command:
rpm -q nfs-utils
this should output the follow results:
nfs-utils-1.1.0-6.fc8
If not, then install the NFS
packages by typing:
su -c 'yum install -y nfs-utils system-config-nfs nfs-utils-lib'
For graphical installs, use Main Menu > Add/Remove Software. This requires the root user password to run. In the Browse tab, click on the Base System group on the left, then select the Base option on the right. Click Apply to have the software and all dependencies installed. You can customize what is installed in the Base grouping by clicking on Optional packages.
Configuring NFS
There are three main configuration files you will need to edit to set up an NFS server: /etc/exports
, /etc/hosts.allow
, and /etc/hosts.deny
. The only file used in this section of the chapter is /etc/exports
to get NFS up and running.
/etc/exports
, Main configuration file/etc/hosts.allow
, Hosts to allow access/etc/hosts.deny
, Hosts to deny access
By default NFS
does not share out any folders or drive volumes. To create the first share, open a shell prompt, and enter the following command to begin editing the /etc/exports
file:
su -c 'vim /etc/exports'
The vi
editor window will open to what looks like a new file. This is because the /etc/exports
file has no existing configuration settings at install. The format that will be used to share folders and drive volumes is straightforward:
directory hosts(options)
Here is a break down of the 2 lines listed:
- directory, This is the directory or volume to be shared
- hosts, This is a client computer that will have access to the share. The preferred way to list the host is by IP Address, but DNS names can be used. A group of hosts can be configured by entering an IP range such as:
/var/ftp/pub 192.168.1.0/255.255.255.0(ro) /home/public 192.168.1.0/255.255.255.0(rw)
- options - The options specify the kind of access mentioned hosts will have to the shared directory. Here are some of the most common options:
ro
, read only access is granted to the Directoryrw
, read and write access is granted to the Directoryno_root_squash
, by default, access by a remote root users is treated as the user 'nobody'. To allow the same access to a remote 'root' account as the local root user, add this option.
no_subtree_check
, subtree checking verifies the a file being accessed is in a sub folder on the same volume. When sharing an entire drive volume, this option will speed up access to the sub-folders and files.sync
, By defaultNFS
uses 'sync' transfers, so theNFS
server must send an acknowledgment that the file has been written. Using theasync
option will speed up file transfers by disabling the acknowledgment.
To share the /var/ftp/pub
folder with read only access, and with sync/no_subtree_check allowed, edit the /etc/exports
file as below:
/var/ftp/pub 192.168.54.0/255.255.255.0(ro,sync,no_subtree_check)
For graphical configurations, use System Menu > Administration > Server Settings > NFS. This requires the root user password to run. Click the [Add] button. on the Basic Tab Enter the directory to share or click the [Browse] button and select the directory you want to share. Enter the host or hosts you want to have access to the share.
Select the Basic Permisions
by clicking the [Read-only] or [Read/Write] radio buttons.
On the General Tab, select the [Disable subtree checking] and the [Sync write operations on request] radio buttons.
Click the [OK] button to save your changes.
In a shell prompt, enter the following command to edit the /etc/exports
file and verify the changes just made:
su -c 'vim /etc/exports'
The following example should be displayed in the vi
editor window:
/var/ftp/pub 192.168.54.0/255.255.255.0(ro,sync,no_wdelay,no_subtree_check,nohide)
Exit the vi
editor, and restart the NFS
service to apply the changes by typing:
su -c 'service nfs restart'
The following should be returned:
Shutting down NFS mountd: [ OK ] Shutting down NFS daemon: [ OK ] Shutting down NFS quotas: [ OK ] Shutting down NFS services: [ OK ] Starting NFS services: [ OK ] Starting NFS quotas: [ OK ] Starting NFS daemon: [ OK ] Starting NFS mountd: [ OK ]
To add additional shares, just add an additional line in the /etc/exports
file for each directory or volume that needs to be shared.
Firewall Configuration
Ports for NFS are assigned dynamically by rpcbind, which causes problems for firewalls. To make firewall configuration easy, use the /etc/sysconfig/nfs
file to control which ports are used:
MOUNTD_PORT
TCP and UDP port for mountd (rpc.mountd).STATD_PORT
TCP and UDP port for status (rpc.statd).LOCKD_TCPPORT
TCP port for nlockmgr (rpc.lockd).LOCKD_UDPPORT
UDP port nlockmgr (rpc.lockd).
Port numbers specified must not be used by any other service. Configure your firewall to allow the port numbers specified in /etc/sysconfig/nfs
, as well as TCP and UDP port 2049 (NFS).
Run the rpcinfo -p
command on the NFS server to see which ports and RPC programs are being used.
NFS Clients
There is little to do to connect a linux system to a remote NFS
share. Open a shell prompt, and create the folder on which you want to mount the remote NFS
share:
su -c 'mkdir /media/nfs'
Now, enter the following command to mount the remote NFS
share:
su -c 'mount server:/var/ftp/pub /media/nfs'
To verify the remote NFS
share is mounted enter the following command at a shell prompt:
mount
The following line should be included in the output:
server:/var/ftp/pub on /media/nfs type nfs (rw,addr=192.168.1.10)
Now enter the following to get a directory listing of the NFS
mounted directory:
ls /media/nfs
There is a distribution folder in the /var/ftp/pub
folder for Fedora that is displayed:
f8
To mount a NFS
share permanently during system start up, edit the /etc/fstab
file the same way as you would for a local file system. The file system type should be set to nfs
. Specify the dump and fsck order (the last two entries), in our case set to zero for demonstration purposes. Our example /etc/fstab
should look like below:
... server:/var/ftp/pub /media/nfs nfs rw 0 0
Using Automount
Another way to access remote NFS
shares is to use autofs
. The difference between using the autofs
daemon and the /etc/fstab
file is autofs
will only mount the NFS
share when a file or directory is requested on the NFS
mount point. This will also speed up boot time by not waiting for a responce from the remote NFS
server.
The master configuration for autofs
is the /etc/auto.master
file. Here is an example file:
# # /misc /etc/auto.misc /net -hosts # # # +auto.master
The /misc
mount is defined in a seperate file /etc/auto.misc
. The /misc
directory is reserver for autofs
mounts. New NFS
mounts should be added to the /etc/auto.misc
file. Here is an example of the /etc/auto.misc
file:
# cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom
To add the NFS
share to the /etc/auto.misc
, add the following line:
nfs -ro,soft,intr server:/var/ftp/pub
Save the changes made to the /etc/auto.misc
file and start the autofs
deamon using the following command at a shell prompt:
su -c 'service autofs start'
Test the changes just made by entering the following command at a shell prompt:
ls /misc/nfs
the result should be:
f8
At this Point NFS
should be up and running, and client systems should have access to the designated directories and volumes on the NFS
server. To enable the NFS
service during system startup, enter the following command at a shell prompt:
su -c 'chkconfig --levels 345 nfs on'
This starts the nfs
service on run levels 3, 4 and 5 during start up.