From Fedora Project Wiki
(added zone change for internal interface)
(updated server section with several changes (sorry))
Line 46: Line 46:
<pre>
<pre>
[General]
[General]
Domain = example.com
Domain = domain.tld


[Mapping]
[Mapping]
Line 53: Line 53:
</pre>
</pre>


* Start the <code>rpcidmapd</code> and <code>nfslock</code> services, then start the <code>nfs</code> service. Alternatively, you can use ''System->Administration->Services'' GUI. Please enter the <code>root</code> password when prompted:
* Enable <code>rpcbind</code>, <code>rpcidmapd</code>, <code>nfslock</code>, and <code>nfs</code> services to start at boot:
<pre>
<pre>
su -c "service rpcbind start"
su -c "systemctl enable rpcbind.service rpcidmapd.service nfslock.service nfs.service"
su -c "service rpcidmapd start"
su -c "service nfslock start"
su -c "service nfs start"
</pre>
</pre>


* Set <code>rpcidmapd</code>, <code>nfslock</code>, and <code>nfs</code> services to start on boot. Alternatively, you can use ''System->Administration->Services'' GUI. Please enter the <code>root</code> password when prompted:
* Start those services:
<pre>
<pre>
su -c "chkconfig --level 345 rpcbind on"
su -c "systemctl start rpcbind.service rpcidmapd.service nfslock.service nfs.service"
su -c "chkconfig --level 345 rpcidmapd on"
su -c "chkconfig --level 345 nfslock on"
su -c "chkconfig --level 345 nfs on"
</pre>
</pre>
* Create the directories of the exports inside <code>/srv/nfs</code>. Enter your <code>root</code> password when prompted:
<pre>su -c "mkdir -p /srv/nfs/{share1,share2,share3}"</pre>
* Edit <code>/etc/fstab</code>:
<pre>su -c "vim /etc/fstab"</pre>
* ''Bind'' the desired ''shares'' to the, recently created, directories; at <code>/srv/nfs</code>:
<pre>
/path/to/share1 /srv/nfs/share1 none bind 0 0
/path/to/share2 /srv/nfs/share2 none bind 0 0
/path/to/share3 /srv/nfs/share3 none bind 0 0
</pre>
* ''Remount'' everything. Enter your <code>root</code> password when prompted:
<pre>su -c "mount -a"</pre>


* Edit <code>/etc/exports</code>. Enter your <code>root</code> password when prompted:
* Edit <code>/etc/exports</code>. Enter your <code>root</code> password when prompted:
Line 90: Line 68:
* Add your shares here (available to your home network) If you want your shares to be ''read only'', change <code>rw</code> to <code>ro</code> from these statements:
* Add your shares here (available to your home network) If you want your shares to be ''read only'', change <code>rw</code> to <code>ro</code> from these statements:
<pre>
<pre>
/srv/nfs 192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide,fsid=0)
/srv/nfs/share1     192.168.1.0/255.255.255.0(rw,async)
/srv/nfs/share1 192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide)
/srv/nfs/share2     192.168.1.0/255.255.255.0(ro)
/srv/nfs/share2             192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide)
/srv/nfs/share3     192.168.1.0/255.255.255.0(rw)
/srv/nfs/share3             192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide)
</pre>
</pre>


* Reload your exports. Please enter your <code>root</code> password when prompted:
* Reload your exports:
<pre>su -c "/usr/sbin/exportfs -rv"</pre>
<pre>su -c "/usr/sbin/exportfs -rv"</pre>


* Edit your <code>/etc/hosts.allow</code> file, so your clients are allowed to access your nfs. Please enter your <code>root</code> password when prompted:
* Edit your <code>/etc/hosts.allow</code> file, so your clients are allowed to access your shares:
<pre>su -c "vim /etc/hosts.allow"</pre>
<pre>su -c "vim /etc/hosts.allow"</pre>


* Allow your LAN to access your services:
* Allow your LAN to access your shares:
<pre>rpcbind: 192.168.1.0/255.255.255.0</pre>
<pre>rpcbind: 192.168.1.0/255.255.255.0</pre>
* <code>Reboot</code>:
<pre>su -c "/sbin/shutdown -r now"</pre>


=== Configuring the clients ===
=== Configuring the clients ===

Revision as of 07:48, 8 November 2013

Sharing files with NFSv4 on Fedora (Server & Client configuration)

Description

This HowTo explains how to set up the Network File System version 4 on your LAN for multiple shares. It explains, also, how to mount the exports on your client.

Tested in Fedora Versions

  • Fedora 19

Requirements

The nfs-utils package provides what's need for both then client and the server. However, to make sure it's installed, run the following command. Enter your root password when prompted: 

su -c "yum install nfs-utils"

Server requirements (services)

  • rpcbind
  • rpcidmapd
  • nfslock
  • nfs

Client requirements ((services)

  • rpcbind
  • rpcidmapd
  • nfslock
  • nfs

Doing the Work

Configuring the server

  • Change your eth1 (internal) interface to the "internal" zone
su -c 'firewall-cmd --zone=internal --change-interface=eth1'
  • Open up the necessary port on the firewall (port: 2049 TCP).
su -c "firewall-cmd --permanent --zone=internal --permanent --add-service=nfs"
su -c "firewall-cmd --reload"
  • Edit /etc/idmapd.conf. Enter your root password when prompted:
su -c "vim /etc/idmapd.conf"
  • Configure your domain name and change the users to nfsnobody:
[General]
Domain = domain.tld

[Mapping]
Nobody-User = nfsnobody
Nobody-Group = nfsnobody
  • Enable rpcbind, rpcidmapd, nfslock, and nfs services to start at boot:
su -c "systemctl enable rpcbind.service rpcidmapd.service nfslock.service nfs.service"
  • Start those services:
su -c "systemctl start rpcbind.service rpcidmapd.service nfslock.service nfs.service"
  • Edit /etc/exports. Enter your root password when prompted:
su -c "vim /etc/exports"
  • Add your shares here (available to your home network) If you want your shares to be read only, change rw to ro from these statements:
/srv/nfs/share1     192.168.1.0/255.255.255.0(rw,async)
/srv/nfs/share2     192.168.1.0/255.255.255.0(ro)
/srv/nfs/share3     192.168.1.0/255.255.255.0(rw)
  • Reload your exports:
su -c "/usr/sbin/exportfs -rv"
  • Edit your /etc/hosts.allow file, so your clients are allowed to access your shares:
su -c "vim /etc/hosts.allow"
  • Allow your LAN to access your shares:
rpcbind: 192.168.1.0/255.255.255.0

Configuring the clients

  • Edit /etc/idmapd.conf. Enter your root password when prompted:
su -c "vim /etc/idmapd.conf"
  • Configure your domain name and change the users to nfsnobody:
[General]
Domain = example.com

[Mapping]
Nobody-User = nfsnobody
Nobody-Group = nfsnobody
  • Edit /etc/fstab. Please enter your root password when prompted:
su -c "vim /etc/fstab"
  • Create the mounting directories:
su -c "mkdir /mnt/shares /home/me/share1 /home/he/share2 /home/it/share3"
  • Add the desired shares:
<ip-address-to-server>:/	/mnt/shares	nfs4	rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share1	/home/me/share1	nfs4	rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share2	/home/he/share2	nfs4	rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share3	/home/it/share3	nfs4	rsize=8192,wsize=8192,timeo=14,soft
  • Remount everything:
su -c "mount -a"

Common problems and fixes

Exported subdirectory appears empty

If /srv/nfs/share1 appears empty on the client make sure it's exported with the nohide parameter. Because /srv/nfs/share1 was mounted under /srv/nfs, the client can't see it unless the nohide parameter is used.

More Information

RedHat recommends, on RHEL5 Docs, that one should use automount instead of /etc/fstab; which saves resources when sharing to multiple workstations. I haven't had the time to try this configuration. This document will be modified/augmented once I've got the hang of it.

Disclaimer

I haven't had the opportunity to test this HowTo since I lack of a networked PC to do it, so you may run into problems, if you do, come to #fedora on irc.freenode.net or leave me messages so I know what's up. Feel free to propose changes and stuff.

Added Reading

Retrieved from "https://fedoraproject.org/w/index.php?title=User:Renich/HowTo/NFSv4&oldid=359921"