What is NFS?
NFS (network file system) is a service developed for sharing of directory between Linux and Unix systems. NFS is currently at version 4 but version 3 is still widely implemented.
NFS is provided by the package nfs-utils and the source can be obtained from sourceforge.net.. On Centos Linux when NFS service is started, the following services are activated
- /etc/exports : Located on the NFS server, it list options of exported files and directories.
- /etc/fstab : Located at the NFS client machine to mount a NFS directory upon reboots.
- /etc/sysconfig/nfs : Located on the NFS server and client, it contains configuration file of NFS to control on which port rpc and other services are listening.
- /etc/host.allow and /etc/host.deny are the first files checked by NFS to determine remote request is granted or denied.
Setup NFS server 192.168.1.100 and client at 192.168.1.105
Step 1: Install NFS (default NFS v3)Login to NFS server as root (or with root privilege) at run
# yum install nfs-utils nfs-utils-lib
# yum install portmap
Portmap is however not needed by NFS v4.
# service nfs start
Step 2: Publish a share directoryUse an existing directory with 777 permission or create the following directory called /nfsshare
# mkdir /nfsshare
# chmod 777 /nfsshare
Add this directory to list of shares in /etc/exports. For of the file is as follows
"directory name" client_ip(NFS mount options)
The options available include
- ro : provide read only access to the share.
- rw : provide both read and write access within the share.
- sync : Sync confirms requests to the shared directory only once the changes have been committed.
- no_subtree_check : This option prevents the subtree checking. When a shared directory is the subdirectory of a larger file system, nfs performs scans of every directory above it, in order to verify its permissions and details. Disabling the subtree check may increase the reliability of NFS, but reduce security.
- no_root_squash : Allows root to connect to the designated share.
The /etc/exports can contain many lines of shared directories.
Check that the share is published
# exportfs -a
# showmount -e
Step 3: Setup at clientEnsure client have network to the NFS server. If needed, disable firewall for this exercise. Create a directory to mount the share at /mnt/nfsshare1
# mkdir /mnt/nfsshare1
# chmod 777 /mnt/nfsshare1
# showmount -e 192.168.1.100
# mount -t nfs 192.168.1.100:/nfsshare /mnt/nfsshare
Check the mount
Step 4: Setup for client to connect at rebootEdit the file /etc/fstab and add the following
192.168.1.100:/nfsshare /mnt/nfsshare nfs defaults 0 0
Unmount the existing share and remount using the fstab
# umount /mnt/share
# mount -a
On the NFS server, any changes to /etc/exports must be reloaded by restarting nfs service or with the command
# exportfs -a
Next is to manage security and perfomance of the NFS server. Use of the 777 permissions is only for completion of this exercise. Explore use of v4.