Setting up NFS4:
Zusätzlich musste ich unter Ubuntu folgendes Paket installieren:
sudo apt-get install nfs4-acl-tools
Dann die /etc/fstab :
192.168.123.95:/var/nfs4exports /home/gerald/Server/files nfs4 soft,intr,rsize=8192,wsize=8192 0 0 # old version: 192.168.123.95:/var/files /home/gerald/Server/files nfs soft,intr,rsize=8192,wsize=8192 0 0 exec,nosuid,ro,rsize=8192,wsize=8192 0 0 192.168.123.95:/nfs4exports/pictures /home/gerald/Server/pictures nfs4 soft,intr,rsize=8192,wsize=8192 0 0
Ausserdem musste ich beim Server noch ein 'nohide' beim nfs4-root-Export einfügen. Meine (funktionierende) /etc/exports sieht so aus:
/nfs4exports 192.168.123.2/255.255.255.0(ro,nohide,sync,insecure,root_squash,no_subtree_check,fsid=0) /nfs4exports/files 192.168.123.2/255.255.255.0(rw,nohide,sync,insecure,root_squash,no_subtree_check) /nfs4exports/pictures 192.168.123.2/255.255.255.0(rw,nohide,sync,insecure,root_squash,no_subtree_check)
Quelle1)
I have been running in to numerous problems with locking over NFS lately and in desperation I have decided to set up NFSv4 and mount my shares using that. The reason for the upgrade is simply because NFSv3 doesn't handle locking very well. Im not convicend that NFSv4 handles locking well enough to make it work for what I want but it looks like the set up isn't that hard so I'm going to give it a spin.
There are numerous advantages to using NFSv3 over previous versions to name but a few they are:
Kernels from 2.6 onwards come with NFSv4 built in so if you are still running a 2.4 kernel it's time to upgrade. Setting up the server is really very siliar to setting up NFSv3 and so I refer you to the setting up NFS guide that I have already put together suffice to say you need to install nfs-kernel-server and portmap. The big difference with NFSv4 over previous versions is in the way exports are handled. Rather than have several (easy to understand) exports you now have to build a virtual export tree. There are upsides and downsides to the new export syntax. Personally I think I preferred the old style but it did have the disadvantage of being a bit fragile and inflexible. The upside was that you didn't need to put bind mounts all over the place.
First off create a directory under / called nfs4exports as root:
mkdir -m 1777 /nfs4exports
This will be the root of the pseudo file system for the export. In effect this is / to the machines that can see the NFS exports. We give the directory full permissions so that clients can access the items under it. In most situations I expect there will be a number of bid mounted directories under this directory that clients will actually mount.
In this example I'm aiming to provide two main resources to the clients. The first is their home directories the second is a data directory. Thus the NFS pseudo file system will have the points /, /home and /data (as well as any directories under these of course). I have chosen to make the / directory read only. The idea behind this is that I don't want people mounting / and writting files to it when what I really want them to do is mount /home or /data. It also means that in the future I can easily add a directory under / that contains read only content. To get started add the following to /etc/exports
/nfs4exports 192.168.0.0/24(ro,sync,insecure,root_squash,no_subtree_check,fsid=0)
This line expors the /nfs4exports directory as the root of the NFS pseudo file system to the whole of the local network. We know that this specifies the root of the pseudo file system beause of the fsid=0 option. Once you have made changes to /etc/exports run
exportfs -rv
To re-export all the filesystems. We now want to include /home and /data under this root export which is done as follows. Create bind mount points under /nfs4exports called, wait for it, home and data:
cd /nfs4exports
mkdir -m 1777 data
mkdir -m 1777 home
Then bind mount /data and /home to /nfs4exports/data and /nfs4exports/home respectivly.
mount --bind /data data mount --bind /home home
To make these bindings permanent they need to be added to /etc/fstab which I will do later after I have tested they work. For now export the home and data directories so that they are read-writable.
/nfs4exports/data 192.168.0.0/24(rw,nohide,sync,insecure,root_squash,no_subtree_check) /nfs4exports/home 192.168.0.0/24(rw,nohide,sync,insecure,root_squash,no_subtree_check)
I found that I needed to restart the nfs server to make these exports visible to the world but I suspect that was because I screwed something up the first time round. The nohide option is necessary even though the exports man page indicates that bad things can happen when it is used. The home and data directories are bind mounted into the nfs4exports directory so when they themselves are exported a little bit of security kicks in that only lets the client see an empty directory. The nohide argument presents them with the files.
On the client mount the directories with a command similar to this:
mount -t nfs4 server:/data /data
Or if you are mounting at boot time an entry in /etc/fstab like this:
server:/data /data nfs4 rw 0 0
The bind mounts on the server can be specified in the /etc/fstab like this:
/data /nfs4exports/data none rw,bind 0 0 /home /nfs4exports/home none rw,bind 0 0
I think that should just about be all you need to do to get NFSv4 working. Like previous versions of NFS it really is a simple to set up but still very powerful. On a positive note the appliications (digiKam and Open Office) that wouldn't run under NFSv3 work fine under NFSv4.