Difference between revisions of "NFS"
| (One intermediate revision by the same user not shown) | |||
| Line 62: | Line 62: | ||
[General] | [General] | ||
| − | Domain = | + | Domain = "unh.edu" |
[Translation] | [Translation] | ||
| Line 70: | Line 70: | ||
NEED_IDMAPD= yes | NEED_IDMAPD= yes | ||
| − | start idmapd service | + | start idmapd service: |
| + | service rpcidmapd restart | ||
| − | ''' | + | '''If you are not able to make this work, i.e. limited patience, instead, force NFS3:''' |
In auto.net add vers=3 to the list of options. | In auto.net add vers=3 to the list of options. | ||
Latest revision as of 20:17, 9 June 2015
NFS Configuration
/etc/exports
The /etc/exports file tells what should be exported. The syntax of this file is fairly straightforward. Each entry should contain the path to the directory you want to export followed by a list of hosts or IP address ranges that are allowed to access that export. Options are set per host or IP range in parentheses. You can use a backslash as a line continuation indicator to break up long lines. Here is an example from Taro:
/data @servers(rw,sync) @npg_clients(rw,sync) \
10.0.0.0/24(rw,no_root_squash,sync)
Entries that start with an ampersand (@) refer to NetGroups that are defined in LDAP. You can see which hosts are members of a netgroup with this command:
getent netgroup group_name
Here are some details on the more common export options:
- rw
- Mounts the directory as read/write
- ro
- Mounts the directory as read only
- sync
- Reply to requests only after the changes have been committed to stable storage (it is a good idea to always use this to protect against lost or corrupted data due to a server crash.
- no_root_squash
- Does not allow root on the local machine to have root access to files on the network share. Probably a good idea for security reasons. Set this unless you have a significantly good reason not to.
/etc/sysconfig/nfs
The /etc/sysconfig/nfs file is used to pin down the the ports used by NFS. This is necessary because we have to know which ports to open in the firewall to allow machines to make NFS connections. For more information see iptables.
These are the port numbers that need to be set in this file:
LOCKD_TCPPORT=32050 LOCKD_UDPPORT=32050 MOUNTD_PORT=32051 STATD_PORT=32052 RQUOTAD_PORT=32053
Set NFS to start on boot
In order to configure a successful nfs server the "nfs" and "nfslock" services need to be configured to start automatically for runlevels 3 and 5. On Red Hat and Fedora machines this can be achieved easily with these commands (as root):
chkconfig --level 35 nfs on chkconfig --level 35 nfslock on
Useful commands
To check what ports NFS is using issue an
rpcinfo -p localhost
A full restart of the nfs related system
service portmap restart service nfs restart service rpcsvcgssd restart
Issues
Occasionally, issues crop up due to network-mounted home directories. Some applications, like firefox, don't behave properly. It seems to strike everyone at once when it does, and the solution so far has been to restart the nfs service. CIS has related issues with their CIFS-based home directories.
RedHat/Centos 6 Issues
On RedHat 6 it is now default to use NFS version 4, which has a problem with mapping the UID of the user between server and client. This seems to ONLY happen between 2 RH/Centos 6 systems, since if either is a 5 system, the default is to use NFS version 3.
Workaround: Mapping of IDs from [1] and [2] edit /etc/idmapd.conf and set Domain on server and client to the "localdomain"
[General] Domain = "unh.edu"
[Translation] Method = nsswitch
change the /etc/default/nfs-common file (on both your server and client): set NEED_IDMAPD= yes
start idmapd service: service rpcidmapd restart
If you are not able to make this work, i.e. limited patience, instead, force NFS3:
In auto.net add vers=3 to the list of options.
