Title: nfs setup Subject: notes on nfs Secure-NFS (SNFS): Paper: http://www.math.ualberta.ca/imaging/snfs/README.NFS Sample config: http://www.math.ualberta.ca/imaging/snfs/remotehost Sample fstab: http://www.math.ualberta.ca/imaging/snfs/fstab Another Paper: http://www.samag.com/documents/s=4072/sam0203d/sam0203d.htm NFS Notes: ---------- -invented in 1980, by Sun -updated to version 2 in 1990's -updated to version 3 in the late 1990's -Runs on top of Sun's RPC (Remote Procedure Call) sun rpc portmapper must be running. port 111 UDP/TCP -Originally used UDP, but now TCP is used, but not all do (nfs version3 on hpux) -WebNFS came out in 1996, mainly used for web based applications (www.sun.com/webnfs ------------------------------ Startup daemons in this order: 1. rpc.portmap 2. rpc.mountd 3. rpc.nfsd 4. rpc.statd 5. rpc.lockd (if necessary) 6. rpc.rquotad ------------------------------ Test to see if if is running: rpcinfo -p ------------------------------ Updates to /etc/exports will not take effect until you run: exportfs -ra ================================ NFS daemons: rpc.portmapper It mapps calls made from other machines to the correct NFS daemons. rpc.mountd mounts and unmounts filesystems rpc.nfsd translates NFS requests into local file system commands. rpc.statd rpc.lockd network lock manager, to lock open files rpc.rquotad ================================ 1. Config NFS Server and Client: /etc/exports on Linux, FreeBSD, HPUX /etc/dfs/dfstab on Solaris -->share lines look like this /directory/to/export \ host1(permissions) \ host2(permissions) \ host3(permissions) -->Format for hosts1, 2, and 3 1. FQDN workstation.stilen.com 2. @group for a specific netgroup 3. * wildcard *.stilen.com 4. IP subnets address/netmask combination 192.168.42.0/24 -->Permissions: rw read/write ro read noaccess denies access to subdirectories below directory no_root_squash Acknowledge and trust the client's root account. root_squash remote 'root' user does not have root link_relative convert absolute links to relative (/ to ../) link_absolute Symbolic links remain untouched map_identity User-ID's are exactly the same on both client and server map-daemon Cllient and server don't have maching user-ID's ugidd is required ================================ 2. Publish the config file: exportfs -a Sends signal to rpc.nfsd adn rpc.mountd to read /etc/exports ================================ 3. Test if they are running: rpcinfo -p hostname nfsstat -s nfsstat -c ================================ 4. Start and stop NFS /etc/rc.d/init.d/nfs ================================ 5. Mounting a share: mount -t nfs \ -o rw,bg,intr,soft,retrans=6,wsize=2048,rsize=2048 \ servername:/exported/directory \ /dir/to/mount options: rw read/write ro read bg background mount, if server is down intr interruptible mount soft will report errors retrans max retries for "soft" wsize number of bites to send at once rsize number of bites to reat at once ================================ 6. Unmounting a share: umount /dir/to/unmount umount -f /dir/to/unmount Force the umount, regardless of who is using it. ================================ 7. Automounting when system boots: /etc/ /etc/vfstab /etc/fstab example: server:/exported/directory /dir/to/mount nfs rsize=8192,wsize=8192,timeo=14,intr ================================ Bibl: ------------ RedHat Linux 6 Unleashed, chap13, pg 377-388 Suse 7.1 Hanbook, chap 5.6, pg 615-166 Mastering Linux, pg 594-616 Lunux Network Admin Guide, Chap 11, pg 149-165 Unix System Admin Handbook, 3rd ed, pg 488-512