From Fedora Project Wiki
(removed troubleshooting)
Line 1: Line 1:
= Sharing files with NFSv4 on Fedora 12 (Server & Client configuration) =
+
= Sharing files with NFSv4 on Fedora (Server & Client configuration) =
  
 
{{TOClimit|3}}
 
{{TOClimit|3}}
Line 6: Line 6:
 
This HowTo explains how to set up the <code>Network File System version 4</code> on your ''LAN'' for multiple shares. It explains, also, how to mount the <code>exports</code> on your ''client''.
 
This HowTo explains how to set up the <code>Network File System version 4</code> on your ''LAN'' for multiple shares. It explains, also, how to mount the <code>exports</code> on your ''client''.
  
== Applicable to Fedora Versions ==
+
== Tested in Fedora Versions ==
* Fedora 12
+
* Fedora 19
  
 
== Requirements ==
 
== Requirements ==
The <code>nfs-utils</code> package provides what's need for both then client and the server. Usually, it comes preinstalled on an "out-of-the-box" installation of Fedora. However, to make sure it's installed run the following command. Enter your <code>root</code> password when prompted:
+
The <code>nfs-utils</code> package provides what's need for both then client and the server. However, to make sure it's installed, run the following command. Enter your <code>root</code> password when prompted:
  
 
<pre>su -c "yum install nfs-utils"</pre>  
 
<pre>su -c "yum install nfs-utils"</pre>  
  
The following are only services.
+
=== Server requirements (services) ===
 
 
=== Server requirements ===
 
 
* <code>nfs</code>
 
* <code>nfs</code>
 
* <code>rpc2</code>
 
* <code>rpc2</code>
  
=== These are the client's requirements ===
+
=== Client requirements ((services) ===
 
* <code>nfs</code>
 
* <code>nfs</code>
 
* <code>nfslock</code>
 
* <code>nfslock</code>
 
* <code>rpc2</code>
 
* <code>rpc2</code>
  
{{admon/note|The rpc.nfsd and rpc.rquotad services that are needed are started by the nfs service. Most of them don't need user configuration. rpc.lockd, rpc.statd and rpc.mountd are not used by NFSv4.}}
 
  
 
== Doing the Work ==
 
== Doing the Work ==
Line 31: Line 28:
 
=== Configuring the server ===
 
=== Configuring the server ===
  
* Open up the necessary ''port'' on the ''firewall'' (<code>port: 2049</code>). Activate the ''Firewall'' tool. You will be asked for your <code>root</code> password. Please enter it:
+
* Open up the necessary ''port'' on the ''firewall'' (<code>port: 2049 TCP</code>).
<pre>su -c "system-config-firewall"</pre>
+
<pre>su -c "iptables -A INPUT -i eth1 -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT"</pre>
  
 
* Activate <code>NFS4</code> and click ''OK''.
 
* Activate <code>NFS4</code> and click ''OK''.
  
 
* Edit <code>/etc/idmapd.conf</code>. Enter your <code>root</code> password when prompted:
 
* Edit <code>/etc/idmapd.conf</code>. Enter your <code>root</code> password when prompted:
<pre>su -c "gedit /etc/idmapd.conf"</pre>  
+
<pre>su -c "vim /etc/idmapd.conf"</pre>  
  
 
* Configure your ''domain'' name and change the users to <code>nfsnobody</code>:
 
* Configure your ''domain'' name and change the users to <code>nfsnobody</code>:
Line 51: Line 48:
 
* Start the <code>rpcidmapd</code> and <code>nfslock</code> services, then start the <code>nfs</code> service. Alternatively, you can use ''System->Administration->Services'' GUI. Please enter the <code>root</code> password when prompted:
 
* Start the <code>rpcidmapd</code> and <code>nfslock</code> services, then start the <code>nfs</code> service. Alternatively, you can use ''System->Administration->Services'' GUI. Please enter the <code>root</code> password when prompted:
 
<pre>
 
<pre>
 +
su -c "service rpcbind start"
 
su -c "service rpcidmapd start"
 
su -c "service rpcidmapd start"
 
su -c "service nfslock start"
 
su -c "service nfslock start"
Line 58: Line 56:
 
* Set <code>rpcidmapd</code>, <code>nfslock</code>, and <code>nfs</code> services to start on boot. Alternatively, you can use ''System->Administration->Services'' GUI. Please enter the <code>root</code> password when prompted:
 
* Set <code>rpcidmapd</code>, <code>nfslock</code>, and <code>nfs</code> services to start on boot. Alternatively, you can use ''System->Administration->Services'' GUI. Please enter the <code>root</code> password when prompted:
 
<pre>
 
<pre>
 +
su -c "chkconfig --level 345 rpcbind on"
 
su -c "chkconfig --level 345 rpcidmapd on"
 
su -c "chkconfig --level 345 rpcidmapd on"
 
su -c "chkconfig --level 345 nfslock on"
 
su -c "chkconfig --level 345 nfslock on"
Line 63: Line 62:
 
</pre>
 
</pre>
  
* Create the directories of the exports inside <code>/nfs4exports</code>. Enter your <code>root</code> password when prompted:
+
* Create the directories of the exports inside <code>/srv/nfs</code>. Enter your <code>root</code> password when prompted:
<pre>su -c "mkdir -p /nfs4exports/{share1,share2,share3}"</pre>
+
<pre>su -c "mkdir -p /srv/nfs/{share1,share2,share3}"</pre>
  
 
* Edit <code>/etc/fstab</code>:
 
* Edit <code>/etc/fstab</code>:
<pre>su -c "gedit /etc/fstab"</pre>
+
<pre>su -c "vim /etc/fstab"</pre>
  
* ''Bind'' the desired ''shares'' to the, recently created, directories; at <code>/nfs4exports</code>:
+
* ''Bind'' the desired ''shares'' to the, recently created, directories; at <code>/srv/nfs</code>:
 
<pre>
 
<pre>
/path/to/share1 /nfs4exports/share1 none bind 0 0
+
/path/to/share1 /srv/nfs/share1 none bind 0 0
/path/to/share2 /nfs4exports/share2 none bind 0 0
+
/path/to/share2 /srv/nfs/share2 none bind 0 0
/path/to/share3 /nfs4exports/share3 none bind 0 0
+
/path/to/share3 /srv/nfs/share3 none bind 0 0
 
</pre>
 
</pre>
  
Line 80: Line 79:
  
 
* Edit <code>/etc/exports</code>. Enter your <code>root</code> password when prompted:
 
* Edit <code>/etc/exports</code>. Enter your <code>root</code> password when prompted:
<pre>su -c "gedit /etc/exports"</pre>
+
<pre>su -c "vim /etc/exports"</pre>
  
 
* Add your shares here (available to your home network) If you want your shares to be ''read only'', change <code>rw</code> to <code>ro</code> from these statements:
 
* Add your shares here (available to your home network) If you want your shares to be ''read only'', change <code>rw</code> to <code>ro</code> from these statements:
 
<pre>
 
<pre>
/nfs4exports 192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide,fsid=0)
+
/srv/nfs 192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide,fsid=0)
/nfs4exports/share1 192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide)
+
/srv/nfs/share1 192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide)
/nfs4exports/share2            192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide)
+
/srv/nfs/share2            192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide)
/nfs4exports/share3            192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide)
+
/srv/nfs/share3            192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide)
 
</pre>
 
</pre>
  
Line 94: Line 93:
  
 
* Edit your <code>/etc/hosts.allow</code> file, so your clients are allowed to access your nfs. Please enter your <code>root</code> password when prompted:
 
* Edit your <code>/etc/hosts.allow</code> file, so your clients are allowed to access your nfs. Please enter your <code>root</code> password when prompted:
<pre>su -c "gedit /etc/hosts.allow"</pre>
+
<pre>su -c "vim /etc/hosts.allow"</pre>
  
 
* Allow your LAN to access your services:
 
* Allow your LAN to access your services:
Line 104: Line 103:
 
=== Configuring the clients ===
 
=== Configuring the clients ===
 
* Edit <code>/etc/idmapd.conf</code>. Enter your <code>root</code> password when prompted:
 
* Edit <code>/etc/idmapd.conf</code>. Enter your <code>root</code> password when prompted:
<pre>su -c "gedit /etc/idmapd.conf"</pre>
+
<pre>su -c "vim /etc/idmapd.conf"</pre>
  
 
* Configure your domain name and change the users to <code>nfsnobody</code>:
 
* Configure your domain name and change the users to <code>nfsnobody</code>:
Line 117: Line 116:
  
 
* Edit <code>/etc/fstab</code>. Please enter your <code>root</code> password when prompted:
 
* Edit <code>/etc/fstab</code>. Please enter your <code>root</code> password when prompted:
<pre>su -c "gedit /etc/fstab"</pre>
+
<pre>su -c "vim /etc/fstab"</pre>
  
 
* Create the mounting directories:
 
* Create the mounting directories:
Line 132: Line 131:
 
* Remount everything:
 
* Remount everything:
 
<pre>su -c "mount -a"</pre>
 
<pre>su -c "mount -a"</pre>
 
== How to test ==
 
Next time...
 
  
 
== Common problems and fixes ==
 
== Common problems and fixes ==
 
 
=== Exported subdirectory appears empty ===
 
=== Exported subdirectory appears empty ===
  
If <code>/nfs4exports/share1</code> appears empty on the client make sure it's exported with the <code>nohide</code> parameter. Because <code>/nfs4exports/share1</code> was mounted under <code>/nfs4exports</code>, the client can't see it unless the <code>nohide</code> parameter is used.
+
If <code>/srv/nfs/share1</code> appears empty on the client make sure it's exported with the <code>nohide</code> parameter. Because <code>/srv/nfs/share1</code> was mounted under <code>/srv/nfs</code>, the client can't see it unless the <code>nohide</code> parameter is used.
  
 
== More Information ==
 
== More Information ==

Revision as of 01:55, 7 November 2013

Sharing files with NFSv4 on Fedora (Server & Client configuration)

Description

This HowTo explains how to set up the Network File System version 4 on your LAN for multiple shares. It explains, also, how to mount the exports on your client.

Tested in Fedora Versions

  • Fedora 19

Requirements

The nfs-utils package provides what's need for both then client and the server. However, to make sure it's installed, run the following command. Enter your root password when prompted:

su -c "yum install nfs-utils"

Server requirements (services)

  • nfs
  • rpc2

Client requirements ((services)

  • nfs
  • nfslock
  • rpc2


Doing the Work

Configuring the server

  • Open up the necessary port on the firewall (port: 2049 TCP).
su -c "iptables -A INPUT -i eth1 -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT"
  • Activate NFS4 and click OK.
  • Edit /etc/idmapd.conf. Enter your root password when prompted:
su -c "vim /etc/idmapd.conf"
  • Configure your domain name and change the users to nfsnobody:
[General]
Domain = example.com

[Mapping]
Nobody-User = nfsnobody
Nobody-Group = nfsnobody
  • Start the rpcidmapd and nfslock services, then start the nfs service. Alternatively, you can use System->Administration->Services GUI. Please enter the root password when prompted:
su -c "service rpcbind start"
su -c "service rpcidmapd start"
su -c "service nfslock start"
su -c "service nfs start"
  • Set rpcidmapd, nfslock, and nfs services to start on boot. Alternatively, you can use System->Administration->Services GUI. Please enter the root password when prompted:
su -c "chkconfig --level 345 rpcbind on"
su -c "chkconfig --level 345 rpcidmapd on"
su -c "chkconfig --level 345 nfslock on"
su -c "chkconfig --level 345 nfs on"
  • Create the directories of the exports inside /srv/nfs. Enter your root password when prompted:
su -c "mkdir -p /srv/nfs/{share1,share2,share3}"
  • Edit /etc/fstab:
su -c "vim /etc/fstab"
  • Bind the desired shares to the, recently created, directories; at /srv/nfs:
/path/to/share1		/srv/nfs/share1	none	bind	0 0
/path/to/share2		/srv/nfs/share2	none	bind	0 0
/path/to/share3		/srv/nfs/share3	none	bind	0 0
  • Remount everything. Enter your root password when prompted:
su -c "mount -a"
  • Edit /etc/exports. Enter your root password when prompted:
su -c "vim /etc/exports"
  • Add your shares here (available to your home network) If you want your shares to be read only, change rw to ro from these statements:
/srv/nfs			192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide,fsid=0)
/srv/nfs/share1		192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide)
/srv/nfs/share2             192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide)
/srv/nfs/share3             192.168.1.0/255.255.255.0(rw,insecure,no_subtree_check,nohide)
  • Reload your exports. Please enter your root password when prompted:
su -c "/usr/sbin/exportfs -rv"
  • Edit your /etc/hosts.allow file, so your clients are allowed to access your nfs. Please enter your root password when prompted:
su -c "vim /etc/hosts.allow"
  • Allow your LAN to access your services:
rpcbind: 192.168.1.0/255.255.255.0
  • Reboot:
su -c "/sbin/shutdown -r now"

Configuring the clients

  • Edit /etc/idmapd.conf. Enter your root password when prompted:
su -c "vim /etc/idmapd.conf"
  • Configure your domain name and change the users to nfsnobody:
[General]
Domain = example.com

[Mapping]
Nobody-User = nfsnobody
Nobody-Group = nfsnobody
  • Edit /etc/fstab. Please enter your root password when prompted:
su -c "vim /etc/fstab"
  • Create the mounting directories:
su -c "mkdir /mnt/shares /home/me/share1 /home/he/share2 /home/it/share3"
  • Add the desired shares:
<ip-address-to-server>:/	/mnt/shares	nfs4	rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share1	/home/me/share1	nfs4	rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share2	/home/he/share2	nfs4	rsize=8192,wsize=8192,timeo=14,soft
<ip-address-to-server>:/share3	/home/it/share3	nfs4	rsize=8192,wsize=8192,timeo=14,soft
  • Remount everything:
su -c "mount -a"

Common problems and fixes

Exported subdirectory appears empty

If /srv/nfs/share1 appears empty on the client make sure it's exported with the nohide parameter. Because /srv/nfs/share1 was mounted under /srv/nfs, the client can't see it unless the nohide parameter is used.

More Information

RedHat recommends, on RHEL5 Docs, that one should use automount instead of /etc/fstab; which saves resources when sharing to multiple workstations. I haven't had the time to try this configuration. This document will be modified/augmented once I've got the hang of it.

Disclaimer

I haven't had the opportunity to test this HowTo since I lack of a networked PC to do it, so you may run into problems, if you do, come to #fedora on irc.freenode.net or leave me messages so I know what's up. Feel free to propose changes and stuff.

Added Reading