Contents
Abstract
Distributing and sharing file systems over a network is a common task in corporate environments. The well-proven network file system (NFS) works together with NIS, the yellow pages protocol. For a more secure protocol that works together with LDAP and may also use Kerberos, check NFSv4.
NFS with NIS makes a network transparent to the user. With NFS, it is possible to distribute arbitrary file systems over the network. With an appropriate setup, users always find themselves in the same environment regardless of the terminal they currently use.
The following are terms used in the YaST module.
A directory exported by an NFS server, which clients can integrate it into their system.
The NFS client is a system that uses NFS services from an NFS server over the Network File System protocol. The TCP/IP protocol is already integrated into the Linux kernel; there is no need to install any additional software.
The NFS server provides NFS services to clients. A running server
depends on the following daemons:
nfsd (worker),
idmapd (user and group name
mappings to IDs and vice versa),
statd (file locking), and
mountd (mount requests).
The NFS server software is not part of the default installation. To
install the NFS server software, start YaST and select +. Now choose + and select or use the option and search
for NFS Server. Confirm the installation of the
packages to finish the installation process.
Like NIS, NFS is a client/server system. However, a machine can be both—it can supply file systems over the network (export) and mount file systems from other hosts (import).
Configuring an NFS server can be done either through YaST or manually. For authentication, NFS can also be combined with Kerberos.
To use Kerberos authentication for NFS, GSS security must be enabled. Select in the initial YaST NFS Server dialog. You must have a working Kerberos server to use this feature. YaST does not set up the server but just uses the provided functionality. If you want to use Kerberos authentication in addition to the YaST configuration, complete at least the following steps before running the NFS configuration:
Make sure that both the server and the client are in the same Kerberos
domain. They must access the same KDC (Key Distribution Center) server
and share their krb5.keytab file (the default
location on any machine is /etc/krb5.keytab). For
more information about Kerberos, see
Chapter 6, Network Authentication with Kerberos (↑Security Guide).
Start the gssd service on the client with rcgssd start.
For more information about configuring kerberized NFS, refer to the links in Section 26.5, “For More Information”.
To configure your host as an NFS client, you do not need to install additional software. All needed packages are installed by default.
Authorized users can mount NFS directories from an NFS server into the local file tree using the YaST NFS client module. Click on and enter the hostname of the NFS server, the directory to import, and the mount point at which to mount this directory locally. The changes will take effect after clicking in the first dialog.
In the tab, enable to allow access to the service from remote computers.
The firewall status is displayed next to the check box. When using
NFSv4, make sure that the checkbox is
selected and that the contains the
same value as used by the NFSv4 server. The default domain is
localdomain.
Click to save your changes. See Figure 26.1, “NFS Client Configuration with YaST”.
The configuration is written to /etc/fstab and the
specified file systems are mounted. When you start the YaST
configuration client at a later time, it also reads the existing
configuration from this file.
The prerequisite for importing file systems manually from an NFS server
is a running RPC port mapper. Start it by entering rcrpcbind
start as
root. Then remote file systems
can be mounted in the file system like local partitions using
mount:
mounthost:remote-pathlocal-path
To import user directories from the nfs.example.com
machine, for example, use:
mount nfs.example.com:/home /home
The autofs daemon can be used to mount remote file systems
automatically. Add the following entry in the your
/etc/auto.master file:
/nfsmounts /etc/auto.nfs
Now the /nfsmounts directory acts as the root for
all the NFS mounts on the client if the auto.nfs
file is filled appropriately. The name auto.nfs is
chosen for the sake of convenience—you can choose any name. In
auto.nfs add entries for all the NFS mounts as
follows:
localdata -fstype=nfs server1:/data nfs4mount -fstype=nfs4 server2:/
Activate the settings with rcautofs start as
root. In this example, /nfsmounts/localdata,
the /data directory of
server1, is mounted with NFS and
/nfsmounts/nfs4mount from
server2 is mounted with NFSv4.
If the /etc/auto.master file is edited while the
service autofs is running, the automounter must be restarted for the
changes to take effect with rcautofs restart.
/etc/fstab¶
A typical NFSv3 mount entry in /etc/fstab looks
like this:
nfs.example.com:/data /local/path nfs rw,noauto 0 0
NFSv4 mounts may also be added to the /etc/fstab
file. For these mounts, use nfs4 instead of
nfs in the third column and make sure that the
remote file system is given as / after the
nfs.example.com: in the first column. A sample
line for an NFSv4 mount in /etc/fstab looks like
this:
nfs.example.com:/ /local/pathv4 nfs4 rw,noauto 0 0
The noauto option prevents the file system from
being mounted automatically at start up. If you want to mount the
respective file system manually, it is possible to shorten the mount
command specifying the mount point only:
mount /local/path
Note, that if you do not enter the noauto option,
the initialization scripts of the system will handle the mount of those
file systems at start up.
In addition to the man pages of exports,
nfs, and mount, information about
configuring an NFS server and client is available in
/usr/share/doc/packages/nfsidmap/README. For further
documentation online refer to the following Web sites:
Find the detailed technical documentation online at SourceForge.
For instructions for setting up kerberized NFS, refer to NFS Version 4 Open Source Reference Implementation.
If you have questions on NFSv4, refer to the Linux NFSv4 FAQ.