You need to install the following packages in Debian / Ubuntu Linux server:
- nfs-kernel-server: Linux kernel NFS version 3 and 4 server.
- portmap: RPC port mapper.
- nfs-common: NFS support files common to client and server. It also includes the following libraries:
- liblockfile1 - NFS-safe locking library, includes dotlockfile program.
- libnfsidmap2 - An nfs idmapping library.
Step #1: Install NFSv4 Server
Open a command-line terminal (select Applications > Accessories > Terminal), and then type the following commands. You can also login using ssh command. Switch to the root user by typing su - and entering the root password, when prompted. Enter the command apt-get update && apt-get upgrade to tell apt to refresh its package information by querying the configured repositories and then upgrade the whole system:# apt-get update && apt-get upgradeType the following command to install NFSv4 server package, enter:
# apt-get install nfs-kernel-server portmap nfs-commonStep #2: Configure Portmap
Edit /etc/default/portmap, enter:# vi /etc/default/portmapMake sure OPTIONS are set as follows, so that it can accept network connections from your LAN:
Save and close the file. Edit /etc/hosts.allow and add list of hosts (IP address or subnet) that are allowed to access the system using portmap, enter:
OPTIONS=""
# vi /etc/hosts.allowIn this example allow 192.168.1.0/24 to access the portmap:
Save and close the file. TCP Wrapper is a host-based Networking ACL system, used to filter network access to Internet and/or LAN based systems.
portmap: 192.168.1.
Step #3: Configure idmapd
The rpc.idmapd is the NFSv4 ID <-> name mapping daemon. It provides functionality to the NFSv4 kernel client and server, to which it communicates via upcalls, by translating user and group IDs to names, and vice versa. Edit /etc/default/nfs-common, enter:# vi /etc/default/nfs-commonStart the idmapd daemon as it needed for NFSv4:
Save and close the file. The default /etc/idmapd.conf file as follows:
NEED_IDMAPD=YES
# cat /etc/idmapd.confSample outputs:
I'm going to use the defaults. But, you can configure the mapping as per your setup. See idmapd.conf(5) man page for more info.
[General]
Verbosity = 0
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = localdomain
[Mapping]
Nobody-User = nobody
Nobody-Group = nogroup
Step #4: Configure NFS
First, create a directory using the mkdir command, enter:# mkdir /exportsEdit /etc/exports file and set the the access control list for filesystems which is exported to NFS clients, enter:
# vi /etc/exportsAppend the following configuration, enter:
Save and close the file. Where,
/exports 192.168.1.0/255.255.255.0(rw,no_root_squash,no_subtree_check,crossmnt,fsid=0)
- /exports: /exports is directory and it is set as an explicit export root of yourpseudofilesystem. You can mount other volumes under
that using the mount command. See below for more information. - 192.168.1.0/255.255.255.0: You are exporting directories to all hosts on an IP sub network simultaneously called 192.168.1.0/24. Only clients in 192.168.1.0/24 are allowed to access our NFSv4 server.
- rw: Allow users to read and write requests on this NFS volume.
- no_root_squash: Turn off root squashing. This option is mainly useful for diskless clients.
- no_subtree_check: This option disables subtree checking, which has mild security implications. A home directory filesystem, which is normally exported at the root and may see lots of file renames, should be exported with subtree checking disabled.
- crossmnt: This option is similar to nohide but it makes it possible for clients to move from the filesystem marked with crossmnt to exported filesystems mounted on it. Thus when a child filesystem "B" is mounted on a parent "A", setting crossmnt on "A" has the same effect as setting "nohide" on B.
- fsid=0: NFS server needs to be able to identify each filesystem that it exports. For NFSv4 server, there is a distinguished filesystem which is the root of all exported filesystem. This is specified with fsid=root or fsid=0 both of which mean exactly the same thing.
A Note About /exports Pseudo File System
The /exports act as the root of the pseudo file system for the export. You need to mount all the required filesystems under this directory. For example, you can share /home, /sales, /usr directory under /exports as follows using the mkdir command:# cd /exports
# mkdir {home,sales,data,usr}You can now bind the directories using the mount command as follows:
# cd /exports
# mount --bind /home data
# mount --bind /usr home
# mount --bind /data data
# mount --bind /sales salesUpdate /etc/fstab to automatically bind the file system, enter:
# vi /etc/fstabUpdate file as follows:
Save and close the file. Make sure all services are running:
/home /exports/data none bind
/usr /exports/home none bind
/data /exports/data none bind
/sales /exports/sales none bind
# /etc/init.d/portmap restart
# /etc/init.d/nfs-common restart
# /etc/init.d/nfs-kernel-server restartStep #5: Client Configuration
You need to install nfs-common and portmap packages on the client computer running Debian or Ubuntu Linux desktop:# apt-get install nfs-common portmapMake sure those two services are running:
# /etc/init.d/nfs-common start
# /etc/init.d/portmap startHow Do I See Exported Directories From The Client Computer?
Type the following commands:$ showmount -e 192.168.1.10
$ showmount -e server2Where, 192.168.1.10 is NFSv4 server IP address.
How Do I Mount the Directories From The Client Computer?
Type the following command, enter:# mkdir /dataTo mount the entire /exports, enter:
# mount.nfs4 192.168.1.4:/ /dataOnly mount /exports/data, enter:
# mount.nfs4 192.168.1.4:/data /dataI suggest passing the following options to the mount command:
# mount.nfs4 192.168.1.10:/ /nfs -o soft,intr,rsize=8192,wsize=8192See mount.nfs4 man page for more information.
How Do I Mount Directories Automatically Using /etc/fstab File?
You can mount NFS file systems Using /etc/fstab, enter:# vi /etc/fstabAppend the entry, enter:
192.168.1.10:/data /data nfs4 soft,intr,rsize=8192,wsize=8192Save and close the file.
No comments:
Post a Comment