Using NFS Sharing the Directory in a LAN

NFSv4 server

Install the required packages...

• # apt-get install nfs-kernel-server 

NFSv4 exports exist in a single pseudo filesystem, where the real directories are mounted with the --bind option.

• to export directories in /home/users. First create the export filesystem:

  # mkdir -p /export/users 

  and mount the /home/chamy directory with:

  # mount --bind /home/chamy /export/users

  To save retyping this after every reboot add the following
  line to /etc/fstab

  /home/users    /export/users   none    bind  0  0

There are three configuration files that relate to an NFSv4 server:

/etc/default/nfs-kernel-server

/etc/default/nfs-common

/etc/exports

• In configuration file /etc/default/nfs-kernel-server set following:

  NEED_SVCGSSD=no # no is default

  because NFSv4 security is not activated this time.
  In /etc/default/nfs-common set:

  NEED_IDMAPD=yes
  NEED_GSSD=no # no is default

  because UID/GUID to be mapped from names.

In order for the ID names to be automatically mapped, both the client and server require the /etc/idmapd.conf file to have the same contents with the correct domain names. Furthermore, this file should have the following lines in the Mapping section:

• [Mapping]
  
  Nobody-User = nobody
  Nobody-Group = nogroup

  However, the client may have different requirements for the Nobody-User and Nobody-Group. For example on RedHatvariants, it's nfsnobody for both. Cat /etc/passwd and cat /etc/group should show the "nobody" accounts.

This way, server and client do not need the users to share same UID/GUID. 

For those who use LDAP-based authentication, add the following lines to user client's idmapd.conf:

[Translation]

Method = nsswitch

This will cause idmapd to know to look at nsswitch.conf to determine where it should look for credential information (and if LDAP authentication already working, nsswitch shouldn't require further explanation).

• To export our directories to a local network 192.168.1.0/24
  add the following two lines to /etc/exports

  /export       192.168.1.0/24(rw,fsid=0,insecure,no_subtree_check,async)
  /export/users 192.168.1.0/24(rw,nohide,insecure,no_subtree_check,async)

Now restart the service

• # /etc/init.d/nfs-kernel-server restart

NFSv4 client

Install the required packages...

• # apt-get install nfs-common 

The client needs the same changes to /etc/default/nfs-common to connect to an NFSv4 server.

• In /etc/default/nfs-common set:

  NEED_IDMAPD=yes
  NEED_GSSD=no # no is default

  because UID/GUID to be mapped from names. This way, server and client do not need the users to share same UID/GUID. Remember that mount/fstab defaults to NFSv3, so "mount -t nfs4" is necessary to make this work.

On the client we can mount the complete export tree with one command:

• # mount -t nfs4 -o proto=tcp,port=2049 nfs-server:/ /mnt

  Note that nfs-server:/export is not necessary in NFSv4, as it is in NFSv3. The root export :/defaults to export withfsid=0.

It can fail sometimes with the message

mount.nfs4: No such device

To load the nfs module by giving the command

# modprobe nfs

mount an exported subtree with:

• # mount -t nfs4 -o proto=tcp,port=2049 nfs-server:/users /home/chamy07/users

To save us from retyping this after every reboot we add the following line to /etc/fstab:

• nfs-server or ipaddress:/   /mnt   nfs4    _netdev,auto  0  0

  The auto option mounts on startup and the _netdev option waits until system network devices are loaded. However this will not work withWiFi as WiFi is set up at the user level (after login) not at system startup. If user use _netdev with WiFi the boot process will pause waiting for the server to become available.

Note that _netdev only works with nfs version 3 and before. nfs4 ignores this option. Depending on how fast the network comes up on boot the mount entry may fail and the system will just keep booting. It can still be useful if user make own script to wait for the network to come up and then mount -a -O _netdev

Server doesn't come with any init.d/netfs or other scripts to do this for user.