Sharing Files with NFS
Sharing files through NFS is simple and involves two basic steps:
On the Linux server, export one or more directories by listing them in the /etc/exports file and by running the exportfs command. In addition, you must run the NFS server by logging in as root and typing the command service nfs start .
On each client system, use the mount command to mount the directories the NFS server has exported.
The only problem in using NFS is that each client system must support it. Most PCs do not come with NFS. That means you have to buy NFS software separately if you want to share files by using NFS. However, it makes sense to use NFS if all systems on your LAN run Linux (or other variants of UNIX with built-in NFS support).
Caution | You should also note that NFS has security vulnerabilities. Therefore, you should not set up NFS on systems directly connected to the Internet. |
The next subsections walk you through NFS setup, using an example of two Linux PCs on a LAN.
Exporting a File System with NFS
Start with the server system that exports-makes available to the client systems-the contents of a directory. On the server, you must run the NFS service and also designate one or more file systems that are to be exported-made available to the client systems. To export a file system, you have to add an appropriate entry to the /etc/exports file. For example, suppose that you want to export the /home directory and you want to enable the host named LNBP75 to mount this file system for read and write operations. You can do this by adding the following entry to the /etc/exports file:
/home LNBP75(rw, sync)
If you want to give access to all hosts on a LAN such as 192.168.0.0, you could change this line to:
/home 192.168.0.0/24(rw,sync)
Each line in the /etc/exports file has this general format:
directory host1(options) host2(options) ...
The first field is the directory being shared via NFS, followed by one or more fields that specify which hosts can mount that directory remotely and a number of options within parentheses. You can specify the hosts with names or IP addresses, including ranges of addresses.The options within parentheses denote the kind of access each host is granted and how user and group IDs from the server are mapped to IDs the client (for example, if a file is owned by root on the server, what owner should that be on the client). Within the parentheses, the options are separated by commas. For example, if a host is allowed both read and write access and all IDs are to be mapped to the anonymous user (by default this is the user named nobody ), then the options would look like this:
(rw,all_squash)
Table 19-1 shows the options you can use in the /etc/exports file. There are two types of options-general options and user ID mapping options.
Option | Description |
---|---|
General Options | |
secure | Allows connections only from ports 1024 or lower (default) |
insecure | Allows connections from 1024 or higher |
ro | Allows read-only access (default) |
rw | Allows both read and write access |
sync | Performs write operations (this means writing information to the disk) when requested (default) |
async | Performs write operations when the server is ready |
no_wdelay | Performs write operations immediately |
wdelay | Waits a bit to see if related write requests arrive and then performs then together (default) |
hide | Hides an exported directory that's a subdirectory of another exported directory (default) |
no_hide | Behaves exactly the opposite of hide |
subtree_check | Performs subtree checking, which involves checking parent directories of an exported subdirectory whenever a file is accessed (default) |
no_subtree_check | Turns off subtree checking (opposite of subtree_check ) |
insecure_locks | Allows insecure file locking |
User ID Mapping Options | |
all_squash | Maps all user IDs and group IDs to the anonymous user on the client |
no_all_squash | Maps remote user and group IDs to similar IDs on the client (default) |
root_squash | Maps remote root user to the anonymous user on the client (default) |
no_root_squash | Maps remote root user to the local root user |
anonuid=UID | Sets the user ID of anonymous user to be used for the all_squash and root_squash options |
anongid=GID | Sets the group ID of anonymous user to be used for the all_squash and root_squash options |
After adding the entry in the /etc/exports file, manually export the file system by typing the following command in a terminal window:
exportfs -a
This command exports all file systems defined in the /etc/exports file.Now, you can start the NFS server processes. To do this, log in as root and type the following command in a terminal window:
service nfs start
Insider Insight | If you want the NFS server to start when the system boots, type the following command to turn it on: chkconfig --level 35 nfs on When the NFS service is up, the server side of NFS is ready. Now you can try to mount the exported file system from a client system and access the exported file system.If you ever make any changes to the exported file systems listed in the /etc/exports file, remember to restart the NFS service. To do this, log in as root and type the following command in a terminal window: service nfs restart |
Mounting an NFS File System
To access an exported NFS file system on a client system, you have to mount that file system on a mount point. The mount point is nothing more than a local directory. For example, suppose that you want to access the /home directory exported from the server named LNBP200 at the local directory /mnt/lnbp200 on the client system. To do this, follow these steps:
Log in as root , and create the directory with the commandmkdir /mnt/lnbp200
Type the following command to mount the directory from the remote system (LNBP200) on the local directory /mnt/lnbp200 :mount lnbp200:/home /mnt/lnbp200
After these steps, you can view and access exported files from the local directory /mnt/lnbp200 .To confirm that the NFS file system is indeed mounted, log in as root on the client system and type mount in a terminal window. You should see a line similar to the following one about the NFS file system:
lnbp200:/home/public on /mnt/lnbp200 type nfs (rw,addr=192.168.1.200)
Note | NFS supports two types of mount operations-hard and soft. By default a mount is hard, which means that if the NFS server does not respond, the client will keep trying to access the server indefinitely until the server responds. You can soft mount an NFS volume by adding the -o soft option to the mount command. For a soft mount, the client returns an error if the NFS server fails to respond. |