Nfs

From Cheatsheet
Jump to navigation Jump to search

NFS

First on all server involved there is some prep work.

Prep work

Deal with the firewall

This should only be done over a private network if you are using this wiki.

Figure out the nic for their private network, in most cases this will be eth1. Go into the firewalls config file and do the following.

APF 

vim /etc/apf/conf.apf
change this
IFACE_TRUSTED=""
to
IFACE_TRUSTED="eth1"

CSFETH_DEVICE_SKIP 

vim /etc/csf/csf.conf
change this
ETH_DEVICE_SKIP=""
to
ETH_DEVICE_SKIP="eth1"

Restart the firewall.

Enable services

Enable the required services 

chkconfig --add portmap
chkconfig portmap on
chkconfig nfs on
portmap
/etc/init.d/nfs restart
Making UID/GID match on all servers
Warning: READ BELOW CAREFULLY

Now comes the tricky part, the easiest method for this to work permission wise is for the user on both servers to have the same gid and uid. So we can change these to match however if you are uncertain please ask escalation for help.

Figure out a free guid and uid that we can use, generally pick one of the ids that is above 500 that is available. 

cat /etc/passwd | cut -d: -f3,4

The above will list all of the in use uid/gid's, pick one that is above 500 that is not in use for either. Now we are going to change the users gid/uid to match on the servers. 

groupmod -g (new gid) USERNAME
usermod -u (new uid) -g (new gid) USERNAME

When it is together correctly it should look like this. 

groupmod -g 520 shooltz
usermod -u 520 -g 520 shooltz

Afterwards check and make sure the changes took by running the id command. 

id username

EXAMPLE. 

[root@Shooltz.net [~]$ id shooltz
uid=520(shooltz) gid=520(shooltz) groups=520(shooltz)

Once these are done move on.

Setting up the server side

To setup the server we need to specify the share in the exports file. 

vim /etc/exports

Add a line that looks like this, but change to match your needs.


Notice: For anonuid & anongid please put in the users groupid and userid you set above.
              Path           Server-1-ip(options) server-2-ip(options) etc...
 /path/to/share/ 10.34.39.134(rw,anonuid=520,anongid=520) 10.34.39.133(rw,anonuid=520,anongid=520)

Save the file, and reload the nfs config as follows. 

exportfs -ra

You can now also check the current loaded config with the following. 

exportfs -v

Also if you want to see what random ports that portmap chose run the following command. 

rpcinfo -p

Setting up the client

This wont work if you didnt do the Prep work.

First make your mount point. 

mkdir -p /path/to/mnt/point

Next mount the NFS share as follows. 

mount 10.34.39.132:/Remote/share/ /path/to/mnt/point/

After this you should be able to cd into the mount dir and test.

Retrieved from "https://wiki.shooltz.net/w/index.php?title=Nfs&oldid=1170"