From Fedora Project Wiki
(updated server section with several changes (sorry))
(major update to client section (sorry, once again))
Line 89: Line 89:
<pre>
<pre>
[General]
[General]
Domain = example.com
Domain = domain.tld


[Mapping]
[Mapping]
Line 104: Line 104:
* Add the desired shares:
* Add the desired shares:
<pre>
<pre>
<ip-address-to-server>:/ /mnt/shares nfs4 rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share1  /mnt/share1                                        nfs4   rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share1 /home/me/share1 nfs4 rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share2  /srv/www/somewebsite.tld/default/public/share2     nfs4   rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share2 /home/he/share2 nfs4 rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share3 /home/user/share3                                   nfs4   rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share3 /home/it/share3 nfs4 rsize=8192,wsize=8192,timeo=14,soft
</pre>
</pre>
{{admon/note|SELinux Booleans|You need to remember to activate a relevant boolean. There a few '''SELinux''' booleans for '''nfs''' in general. Make sure to check them by using <code><nowiki>getsebool -a | grep -i nfs</nowiki></code> and enable them permanently with <code><nowiki>setsebook -P <someboolean>=1 <someotherbool>=1 ...</nowiki></code>}}


* Remount everything:
* Remount everything:

Revision as of 08:02, 8 November 2013

Sharing files with NFSv4 on Fedora (Server & Client configuration)

Description

This HowTo explains how to set up the Network File System version 4 on your LAN for multiple shares. It explains, also, how to mount the exports on your client.

Tested in Fedora Versions

  • Fedora 19

Requirements

The nfs-utils package provides what's need for both then client and the server. However, to make sure it's installed, run the following command. Enter your root password when prompted:

su -c "yum install nfs-utils"

Server requirements (services)

  • rpcbind
  • rpcidmapd
  • nfslock
  • nfs

Client requirements ((services)

  • rpcbind
  • rpcidmapd
  • nfslock
  • nfs

Doing the Work

Configuring the server

  • Change your eth1 (internal) interface to the "internal" zone
su -c 'firewall-cmd --zone=internal --change-interface=eth1'
  • Open up the necessary port on the firewall (port: 2049 TCP).
su -c "firewall-cmd --permanent --zone=internal --permanent --add-service=nfs"
su -c "firewall-cmd --reload"
  • Edit /etc/idmapd.conf. Enter your root password when prompted:
su -c "vim /etc/idmapd.conf"
  • Configure your domain name and change the users to nfsnobody:
[General]
Domain = domain.tld

[Mapping]
Nobody-User = nfsnobody
Nobody-Group = nfsnobody
  • Enable rpcbind, rpcidmapd, nfslock, and nfs services to start at boot:
su -c "systemctl enable rpcbind.service rpcidmapd.service nfslock.service nfs.service"
  • Start those services:
su -c "systemctl start rpcbind.service rpcidmapd.service nfslock.service nfs.service"
  • Edit /etc/exports. Enter your root password when prompted:
su -c "vim /etc/exports"
  • Add your shares here (available to your home network) If you want your shares to be read only, change rw to ro from these statements:
/srv/nfs/share1     192.168.1.0/255.255.255.0(rw,async)
/srv/nfs/share2     192.168.1.0/255.255.255.0(ro)
/srv/nfs/share3     192.168.1.0/255.255.255.0(rw)
  • Reload your exports:
su -c "/usr/sbin/exportfs -rv"
  • Edit your /etc/hosts.allow file, so your clients are allowed to access your shares:
su -c "vim /etc/hosts.allow"
  • Allow your LAN to access your shares:
rpcbind: 192.168.1.0/255.255.255.0

Configuring the clients

  • Edit /etc/idmapd.conf. Enter your root password when prompted:
su -c "vim /etc/idmapd.conf"
  • Configure your domain name and change the users to nfsnobody:
[General]
Domain = domain.tld

[Mapping]
Nobody-User = nfsnobody
Nobody-Group = nfsnobody
  • Edit /etc/fstab. Please enter your root password when prompted:
su -c "vim /etc/fstab"
  • Create the mounting directories:
su -c "mkdir /mnt/shares /home/me/share1 /home/he/share2 /home/it/share3"
  • Add the desired shares:
<ip-address-to-server>:/share1  /mnt/share1                                         nfs4    rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share2  /srv/www/somewebsite.tld/default/public/share2      nfs4    rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share3  /home/user/share3                                   nfs4    rsize=8192,wsize=8192,timeo=14,soft
SELinux Booleans
You need to remember to activate a relevant boolean. There a few SELinux booleans for nfs in general. Make sure to check them by using getsebool -a | grep -i nfs and enable them permanently with setsebook -P <someboolean>=1 <someotherbool>=1 ...
  • Remount everything:
su -c "mount -a"

Common problems and fixes

Exported subdirectory appears empty

If /srv/nfs/share1 appears empty on the client make sure it's exported with the nohide parameter. Because /srv/nfs/share1 was mounted under /srv/nfs, the client can't see it unless the nohide parameter is used.

More Information

RedHat recommends, on RHEL5 Docs, that one should use automount instead of /etc/fstab; which saves resources when sharing to multiple workstations. I haven't had the time to try this configuration. This document will be modified/augmented once I've got the hang of it.

Disclaimer

I haven't had the opportunity to test this HowTo since I lack of a networked PC to do it, so you may run into problems, if you do, come to #fedora on irc.freenode.net or leave me messages so I know what's up. Feel free to propose changes and stuff.

Added Reading