{"id":3429,"date":"2013-09-05T18:40:22","date_gmt":"2013-09-05T16:40:22","guid":{"rendered":"https:\/\/thebc.ch\/blog\/?p=3429"},"modified":"2015-01-30T13:12:47","modified_gmt":"2015-01-30T12:12:47","slug":"setting-up-an-nfs-4-server-with-clients","status":"publish","type":"post","link":"https:\/\/thebc.ch\/blog\/?p=3429","title":{"rendered":"Setting up an NFS 4 Server with Clients"},"content":{"rendered":"<p><em>There are many good HOWTOs out there how to setting up NFS-Servers. I will try to seize together how to set up those with Clients, also Windows-Clients and Firewall-Rules. My\u00c2\u00a0testing environment is: As Server, Fedora 18 (without SELinux). Clients are Fedora 19 and Windows 7.<div class='toc toc'>\n<h2>Contents<\/h2>\n<ul class='toc-odd level-1'>\n\t<li>\n\t\t<a href=\"#Server_side\"><strong>Server side<\/strong><\/a>\n\t\t<ul class='toc-even level-2'>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Installation\"><strong>Installation<\/strong><\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Configuring_NFS__Creating_Shares\"><strong>Configuring NFS \/ Creating Shares<\/strong><\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Starting_the_Server\"><strong>Starting the Server<\/strong><\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Firewall\"><strong>Firewall<\/strong><\/a>\n\t\t\t<\/li>\n\t\t<\/ul>\n\t<li>\n\t\t<a href=\"#Client_side\"><strong>Client side<\/strong><\/a>\n\t\t<ul class='toc-even level-2'>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Installation_1\"><strong>Installation<\/strong><\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Mounting\"><strong>Mounting<\/strong><\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Mounting_with_fstab\"><strong><strong>Mounting with fstab<\/strong><\/strong><\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Windows_Installation\"><strong>Windows Installation<\/strong><\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Mounting_1\"><strong>Mounting<\/strong><\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Mac_OSX\"><strong>Mac OSX<\/strong><\/a>\n\t\t\t<\/li>\n\t\t<\/ul>\n\t<li>\n\t\t<a href=\"#Troubleshooting\"><strong>Troubleshooting<\/strong><\/a>\n\t\t<ul class='toc-even level-2'>\n\t\t\t<li>\n\t\t\t\t<a href=\"#kernel:_nfs:_server_not_responding_still_trying_\"><strong>kernel: nfs: server not responding, still trying <\/strong><\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#It_is_possible_to_force_user_permissions_like_samba_create_maskforce_directory_mode_\"><strong>It is possible to force user permissions like samba (create mask\/force directory mode) ?<\/strong><\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#I_see_files_in_my_Trash_who_arent_from_me\"><strong>I see files in my Trash who aren't from me<\/strong><\/a>\n\t\t\t<\/li>\n<\/ul>\n<\/ul>\n<\/ul>\n<\/div>\n<div class='toc-end'>&nbsp;<\/div><br \/>\n<\/em><\/p>\n<span id=\"Server_side\"><h2><strong>Server side<\/strong><\/h2><\/span>\n<span id=\"Installation\"><h3><strong>Installation<\/strong><\/h3><\/span>\n<p>Install the NFS packages by typing:<\/p>\n<pre># yum install nfs-utils<\/pre>\n<p>&nbsp;<\/p>\n<span id=\"Configuring_NFS__Creating_Shares\"><h3><strong>Configuring NFS \/ Creating Shares<\/strong><\/h3><\/span>\n<p>To create the first share:<\/p>\n<pre># vi \/etc\/exports<\/pre>\n<p>Your share should look like this:<\/p>\n<pre>\/mnt\/nfs  192.168.1.*(rw,all_squash)<\/pre>\n<p>I use here <em>rw<\/em> (read\/write) and <em>all_squash<\/em> (direct all users to nfsnobody) because I want that all users (in this net) can write, read and delete files in that directory.<\/p>\n<p>Or this:<\/p>\n<pre>\/mnt\/nfs  192.168.1.53(rw) 192.168.1.*(ro)<\/pre>\n<p>Here I use <em>rw<\/em> (read\/write) for one specified user an <em>ro<\/em> (read only) for all other users on this network.<\/p>\n<p>Note: If you make changes in \/etc\/exports, you have to re-export them. With this command you don&#8217;t have to restart the nfs-server.service.<\/p>\n<pre># exportfs -ra<\/pre>\n<p>&nbsp;<\/p>\n<span id=\"Starting_the_Server\"><h3><strong>Starting the Server<\/strong><\/h3><\/span>\n<p>Start the and enable the Server:<\/p>\n<pre># systemctl start nfs<\/pre>\n<pre># systemctl enable nfs-server.service<\/pre>\n<p>Note: You don&#8217;t have to enable the Server just for testing, but it will not be started after a reboot.<\/p>\n<p>&nbsp;<\/p>\n<span id=\"Firewall\"><h3><strong>Firewall<\/strong><\/h3><\/span>\n<p>Basically, <strong>without<\/strong> nfs-over-udp and <strong>without<\/strong> backward compatibility, you only need to add this two rules in your \/etc\/sysconfic\/iptables (for RPC 4 portmapper and NFSD (nfs server)):<\/p>\n<pre>-A INPUT -m conntrack --ctstate NEW -p tcp --dport 111 -j ACCEPT\r\n-A INPUT -m conntrack --ctstate NEW -p tcp --dport 2049 -j ACCEPT<\/pre>\n<div>\n<p>&nbsp;<\/p>\n<h3><strong>Bind a Client-User to a Server-User<br \/>\n<\/strong><\/h3>\n<p>For that you must have the same UID and\/or GID.<\/p>\n<\/div>\n<p>&nbsp;<\/p>\n<span id=\"Client_side\"><h2><strong>Client side<\/strong><\/h2><\/span>\n<span id=\"Installation_1\"><h3><strong>Installation<\/strong><\/h3><\/span>\n<p>Install the NFS packages by typing:<\/p>\n<pre># yum install nfs-utils<\/pre>\n<p>&nbsp;<\/p>\n<span id=\"Mounting\"><h3><strong>Mounting<\/strong><\/h3><\/span>\n<p>Make a directory for mounting to:<\/p>\n<pre># mkdir \/mnt\/nfs<\/pre>\n<p>Finally mount the nfs-share:<\/p>\n<pre># mount -t nfs SERVER:\/mnt\/nfs \/mnt\/nfs<\/pre>\n<p>&nbsp;<\/p>\n<span id=\"Mounting_with_fstab\"><h3><strong><strong>Mounting with fstab<\/strong><\/strong><\/h3><\/span>\n<p>Simple as that:<\/p>\n<pre>SERVER:\/mnt\/nfs    \/mnt\/nfs        nfs     defaults        0 0<\/pre>\n<p>&nbsp;<\/p>\n<span id=\"Windows_Installation\"><h3><strong>Windows Installation<\/strong><\/h3><\/span>\n<p>Go to <strong>Control Panel &gt; Programs<\/strong> and choose <strong>Turn Windows features on or off<\/strong>. Check <strong>Services for NFS<\/strong> and both, <strong>Administrative Tools <\/strong>and<strong> Client for NFS<\/strong>, and install it. <strong>Reboot.<br \/>\n<\/strong><\/p>\n<p>&nbsp;<\/p>\n<span id=\"Mounting_1\"><h3><strong>Mounting<\/strong><\/h3><\/span>\n<p>Open a <strong>cmd<\/strong> and mount the nfs-share with:<\/p>\n<pre>C: mount SERVER:\/mnt\/nfs *<\/pre>\n<p><em>Hint: Make a cmd-file (e.g: nfs.cmd) with something like &#8220;mount SERVER:\/mnt\/nfs *&#8221; inside and place it on your desktop.<\/em><\/p>\n<p>&nbsp;<\/p>\n<span id=\"Mac_OSX\"><h3><strong>Mac OSX<\/strong><\/h3><\/span>\n<p>Go here: <a href=\"http:\/\/www.cyberciti.biz\/faq\/apple-mac-osx-nfs-mount-command-tutorial\/\">http:\/\/www.cyberciti.biz\/faq\/apple-mac-osx-nfs-mount-command-tutorial\/<\/a><\/p>\n<span id=\"Troubleshooting\"><h2><strong>Troubleshooting<\/strong><\/h2><\/span>\n<span id=\"kernel:_nfs:_server_not_responding_still_trying_\"><h3><strong>kernel: nfs: server not responding, still trying <\/strong><\/h3><\/span>\n<p>If you transfer large files, this can be a problem of a 3ware Controller because of too much IO-Operations on the drive (or raid) and <em>StoreSave<\/em> is set to <em>Protection<\/em>. Setting this to <em>Performance<\/em> solves the problem. Although this is not a good choice because of data loss in the event of power failure.<\/p>\n<p>&nbsp;<\/p>\n<span id=\"It_is_possible_to_force_user_permissions_like_samba_create_maskforce_directory_mode_\"><h3><strong>It is possible to force user permissions like samba (create mask\/force directory mode) ?<\/strong><\/h3><\/span>\n<p>Nope. Even with Access Control Lists it is not possible. Maybe you want to do a cronjob which runs periodically like (crontab -e):<\/p>\n<pre>0 0 * * 0 find \/mnt\/nfs\/ -type f -exec chmod -v 644 {} \\; &amp;&amp; find \/mnt\/nfs\/ -type d -exec \r\nchmod -v 755 {} \\; &amp;&amp; echo '...done!' | mail -s 'CHMOD cronjob' someuser@thebc.ch 2&gt;&amp;1<\/pre>\n<p>This will change the permission once per week (Sunday 00:00) and finally send you an E-Mail.<\/p>\n<p>&nbsp;<\/p>\n<span id=\"I_see_files_in_my_Trash_who_aren8217t_from_me\"><h3><strong>I see files in my Trash who aren&#8217;t from me<\/strong><\/h3><\/span>\n<p>This is because You have the same UID and\/or GID as the User who own the NFS-Share. Chance it.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>There are many good HOWTOs out there how to setting up NFS-Servers. I will try to seize together how to set up those with Clients, also Windows-Clients and Firewall-Rules. My\u00c2\u00a0testing environment is: As Server, Fedora 18 (without SELinux). Clients are &hellip; <a href=\"https:\/\/thebc.ch\/blog\/?p=3429\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10,5,19,398,31],"tags":[415,408,413,417,405,418,411,400,416,414,448,406,403,402,401,407,412,409,410],"class_list":["post-3429","post","type-post","status-publish","format-standard","hentry","category-fedora","category-linux","category-mac-os-x","category-nfs","category-windows","tag-3ware","tag-all_squash","tag-client-for-nfs","tag-create-mask","tag-firewall","tag-force-directory-mode","tag-gid","tag-howto-nfs","tag-iptables","tag-kernel-nfs-server-not-responding-still-trying","tag-nfs","tag-nfs-4","tag-nfs-client","tag-nfs-server","tag-nfs-windows-client","tag-nfs-utils","tag-services-for-nfs","tag-sync","tag-uid"],"_links":{"self":[{"href":"https:\/\/thebc.ch\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3429","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/thebc.ch\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/thebc.ch\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/thebc.ch\/blog\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/thebc.ch\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3429"}],"version-history":[{"count":155,"href":"https:\/\/thebc.ch\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3429\/revisions"}],"predecessor-version":[{"id":6253,"href":"https:\/\/thebc.ch\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3429\/revisions\/6253"}],"wp:attachment":[{"href":"https:\/\/thebc.ch\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3429"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/thebc.ch\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3429"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/thebc.ch\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3429"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}