Inhaltsverzeichnis

autofs AutoFS (mit NFS)

NFS Network File System

UPDATE TO NFS4

Tree services for NFS: nfs, nsflock and portmap


Client:

Newer Ubuntu: you have to install:

sudo apt-get install nfs-common

Only Portmap has to run. (kernel support must be given!)

Testing:

mount -t nfs 192.168.123.95:/home/files/ /mnt/files (-w)

The first step is to edit the /etc/fstabfile as the root user.

The /etc/fstab file is the central file for all mounted or mountable filesystems on your Linux machine.

It specifies quotas and determines whether or not the filesystem is user mountable.

If you want the NFS volume to be mounted automatically on boot, or if you want to allow your users to mount the filesystem, you will want to edit this file. The /etc/fstab entry to mount the above exported filesystem would look something like this:

 dev:/home/jd	/mnt/floppy	nfs	exec,suid,rw,rsize=8192,wsize=8192 1 1

Sicherheitshinweise unten beachten!

Server side:

important that this file is config. correct:

/etc/exports

The /etc/exports file is the standard for controlling which filesystems are exported to which hosts, as well as specifying particular options that control everything.

Blank lines are ignored, comments can be made using #, and long lines can be wrapped with a backslash (\). Each exported filesystem should be on its own line.

Lists of authorized hosts placed after an exported filesystem must be separated by space characters. Options for each of the hosts must be placed in parentheses directly after the host identifier, without any spaces separating the host and the first parenthesis.

In its simplest form, /etc/exports only needs to know the directory to be exported and the hosts permitted to utilize it:

/some/directory bob.domain.com
/another/exported/directory 192.168.0.3

After re-exporting /etc/exports with the /sbin/service nfs reload command, the bob.domain.com host will be able to mount /some/directory and 192.168.0.3 can mount /another/exported/directory. Because no options are specified in this example, several default NFS preferences take effect:

ro Read-only. Hosts mounting this filesystem will not be able to change it. To allow hosts to make changes to the filesystem, you must specify rw (read-write).

async Allows the server to write data to the disk when it sees fit. While this is not important if the host is accessing data as read-only, if a host is making changes to a read-write filesystem and the server crashes, data could be lost. By specifying the sync option, all file writes must be committed to the disk before the write request by the client is actually completed. This may lower performance.

wdelay Causes the NFS server to delay writing to the disk if it suspects another write request is imminent.

This can improve performance by reducing the number of times the disk must be accessed by separate write commands, reducing write overhead. Use no_wdelay to turn this feature off, which only works if you are using the sync option.

root_squash Makes any client accesses to the exported filesystem, made as the root user on the client machine, take place as the nobody user ID. This effectively „squashes“ the power of the remote root user to the lowest local user, preventing remote root users from acting as though they were the root user on the local system.

Alternatively, the no_root_squash option turns off root squashing. To squash every remote user, including root, use the all_squash option.

To specify the user and group IDs to use with remote users from a particular host, use the anonuid and anongid options, respectively. In this way, you can create a special user account for remote NFS users to share and specify (anonuid=<uid-value>,anongid=<gid-value>), where <uid-value> is the user ID number and <gid-value> is the group ID number.

In order to override these defaults, you must specify an option that takes its place. For example, if you do not specify rw, then that export will only be shared read-only. Each default for every exported filesystem must be explicitly overridden.

Additionally, other options are available where no default value is in place. These include the ability to disable sub-tree checking, allow access from insecure ports, and allow insecure file locks (necessary for certain early NFS client implementations).

See the exports man page for details on these lesser used options.

When specifying hosts to be allowed to use a particular exported filesystem, a variety of methods can be used, including:

single host - Where one particular host is specified with a fully qualified domain name, hostname, or IP address.

wildcards - Where a * or ? character is used to take into account a grouping of fully qualified domain names or IP addresses or those that match a particular string of letters.

However, be careful when using wildcards with fully qualified domain names, as they tend to be more exact than you would expect. For example, the use of *.domain.com as wildcard will allow sales.domain.com to access the exported filesystem, but not bob.sales.domain.com. To match both possibilities, as well as sam.corp.domain.com, you would have to provide

*.domain.com *.*.domain.com.

IP networks - Allows the matching of hosts based on their IP addresses within a larger network. For example, 192.168.0.0/28 will allow the first 16 IP addresses, from 192.168.0.0 to 192.168.0.15, to access the exported filesystem but not 192.168.0.16 and higher.

netgroups - Permits an NIS netgroup name, written as @<group-name>, to be used. This effectively puts the NIS server in charge of access control for this exported filesystem, where users can be added and removed from an NIS group without affecting /etc/exports.

Warning

The way in which the /etc/exports file is formatted is very important, particularly concerning the use of space characters. Remember to always separate exported filesystems from hosts and hosts from one another with a space character. However, there should be no other space characters in the file unless they are used in comment lines.

For example, the following two lines do not mean the same thing:

/home bob.domain.com(rw)
/home bob.domain.com (rw)

The first line allows only users from bob.domain.com read-write access to the /home directory.

The second line allows users from bob.domain.com to mount the directory read-only (the default), but the rest of the world can mount it read-write. Be careful where space characters are used in /etc/exports </code> /dir/to/export host1.mydomain.com(ro,root_squash) /dir/to/export host2.mydomain.com(ro,root_squash) </code>

           Where: 

/dir/to/export is the directory you want to export.

host#.mydomain.com is the machine allowed to log in this directory.

The ro option mean mounting read-only.

The root_squash option for not allowing root write access in this directory. For this change to take effect you will need to run the following command on your terminal:

[root@deep]# /usr/sbin/exportfs -a
exportfs -r
 writes new /var/lib/nfs/xtab

SUSE: NFS mounted beim boot nicht automatisch. Lösung:

insserv nfs

reboot

Jetzt gehts!


Clientseitig

nfs-common muss installiert sein:

apt-get install nfs-common

etc/fstab:

192.168.123.95:/var/files      /home/gerald/Server/files     nfs     exec,nosuid,rw,rsize=8192,wsize=8192    0 0
192.168.123.95:/var/pictures /home/gerald/Server/pictures      nfs     exec,nosuid,rw,rsize=8192,wsize=8192    0 0