NFS is an acronym for Network File System. It allows sharing of files and folders over a network with other systems. NFS provides a simple way for making the contents of the local file system available to multiple users (or systems) on a network.
This sharing is traditionally between UNIX/Linux like systems, but systems running Microsoft Windows operating systems can also access NFS shares if they have the proper software installed to do this.
Support for NFS must be enabled or compiled into the kernel.
As with most networking concepts, NFS has client and server sides. The server side consists of the system that exports (shares) file systems to other systems. The client side consists of the systems that need access to the file system exported by the server.
NFSv4 requires the services of the following programs (daemons):
portmap - maps RPC programs to regular network ports
mountd - handles incoming mount requests
nfsd - this is the main NFS program that handles the actual file transfers
The /etc/exports configuration file serves as an access control list for specifying file systems that may be exported via NFS to authorized clients. It provides information to mountd and to the kernel-based NFS file server daemon nfsd.
The directives in /etc/exports uses the following syntax:
In this exercise you will share (export) a local directory to be shared with your partner system, but first you will learn how to manage the NFS service.
NFS is a Remote Procedure Call (RPC) based client and server application. It is therefore useful to have RPC utilities handy that can be used for querying, debugging, and making RPC calls to RPC servers (like NFS servers). rpcinfo is one such useful utility. Its usage syntax and options are shown here:
Ensure you are logged on to your system as a user with Administrative privileges.
Start by installing the nfs-utils package. This package provides various utilities for use with NFS clients and servers. Type:
dnf-yinstallnfs-utils
Amongst things, the newly installed nfs-utils package also provides the systemd service unit (nfs-server.service) needed for managing the NFS daemon on the system. Use systemctl to view some of the ancillary services that the nfs-server unit "Wants". Type:
Some important and notable services that nfs-server needs are nfs-idmapd, nfsdcld, rpcbind, rpc-statd-notify, rpc-statd, auth-rpcgss-module.
The rpcinfo command is used for making RPC calls to an RPC server and then reports on its findings. rpcinfo lists all the RPC services registered with rpcbind. Use rpcinfo to query your local server for a list of all registered RPC services. Type:
From the sample output above, we can tell a portmapper service is registered on the RPC server running localhost.
Questions
What is portmapper?
Find out the meaning of the different fields of the rpcinfo command (column headings) (Program, Vers, proto, and service.)
Check the status of nfs-server.service. Type:
systemctlstatusnfs-server
OUTPUT
bash
● nfs-server.service - NFS server and services
Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled; vendor preset: disabled)
Active: inactive (dead)
nfs-server.service is currently not running according to the output on our demo system.
Use systemctl to start the nfs-server daemon. Type:
systemctlstartnfs-server
Check the status of the nfs-server service again.
Run the rpcinfo command again to check if anything has changed.
Question
What new services do you see listed in the rpcinfo output after starting nfs-server?
Verify that nfs-server.service is set to automatically start every time the system reboots. Type:
systemctlis-enablednfs-server
If the nfs-server is disabled on your system, run the command to configure it for automatic starts with the system.
If the firewall sub-system is running on your server, you'll need to allow/permit NFS traffic through the firewall for remote NFS clients. This can be done by running:
You will create and share a directory called /mnt/nfs. This directory will be the source file-system that exported from the NFS server.
Ensure you are logged on to your system as a user with administrative privileges.
Create a directory under /mnt called nfs and change to that directory.
mkdir/mnt/nfs&&cd/mnt/nfs
Create 5 sample files under the new directory you created. Type:
touch{1..5}nfs
Use the HEREDOC shell feature to create a new NFS export entry in /etc/exports. The single line entry you want is - /mnt/nfs foocentos2(rw) localhost(rw). Type:
You can also use any text editor you are comfortable with to create the entry.
Verify the contents of /etc/exports to ensure no mistakes.
After making any change to the /etc/exports file you should run the exportfs command. Type:
exportfs-r
Use the -s flag with the exportfs command to display the current export list suitable for /etc/exports. For example, view the list of directories, allowed hosts, and options. Type:
exportfs-s
Question
What was the output? Make a list of the output contents.
This exercise deals with the client side of NFS. You'll try accessing the NFS server as a client.
showmount is a handy utility for querying and showing mount information on NFS servers. It can also show the state of the NFS server and list the clients that are mounting from the server. Its syntax and options are shown here:
You will test the NFS server's configuration from Exercise 1 by trying to access the exported directory from your local machine, before testing it from a remote machine.
While logged in as the superuser, create a directory called /mnt/nfs-local. This directory will serve as the test mount point for the NFS share.
As a quick pre-flight check, run showmount as a client to show the available export list on the server. Type:
cd to the NFS mount point and try to delete its contents. Type:
cd/mnt/nfs-remote;rm-f
Question
Was your attempt successful?
Logout of serverPR as the superuser and log back in as the unprivileged user “ying”
While logged into serverPR as “ying” cd to the directory mounted in step 2. Type:
cd/mnt/nfs-remote/
Make a note of the contents of the directory. If can see the expected files, you have successfully completed the NFS lab!
Lab tasks:
Configure the NFS setup on your local server (serverXY), such that the superuser at the H.Q. (hq.example.org) will be able to mount your nfs share (/mnt/nfsXY) for use on the hq machine.
The superuser at HQ should be able to write (create) new files and delete the files on your NFS share.
Tip
You need to disable NFS’s special treatment of root-owned files. This is done by specifying a special option that will “un-squash” the superuser in the “/etc/exports” file. The special option is called no_root_squash. Please note that it is considered bad practise and a security risk to use the no_root_squash option. A sample entry to accomplish this for any host that matches localhost in /etc/exports will look like: