|
|
|
|
|
|
Sharing, the NFS way
By Mayank Sarup <mayank@freeos.com>
Under Windows, through network neighborhood, you can browse through available shares on other machines, run applications and of course transfer data. NFS is somewhat similar, but much more flexible. We've got diskless machines on our network that access their root filesystem using NFS. You can centralize the location of user home directories which users access via NFS. Since Linux uses a unified filesystem, it is completely transparent to the user. You can run an application off another machine as though it was installed on your own machine simply by mounting that directory using NFS. NFS is also very easy to install and use. It is now part of the standard installation of most, if not all Linux distributions. So this is where we'll ask you to start. Check the CD of your Linux distribution and look for the packages nfs-utils (Red Hat) or nfsserv (SuSE). There is also a new kernel based NFS server. The advantage of this is speed. We are going to work with the stand-alone daemon in this article, the version being Installation is a simple "rpm -ivh nfsserv-2.2beta47-120.i386.rpm". NFS configuration involves "exporting" a directory, which can then be "imported" by clients and are then accessible under the mount point. NFS configuration is as simple as the installation. There is just one file to edit. /etc/exports contains a list of the directories to export as well as the permissions and clients to export to. The general format of the file is /directory/to/export hostname(options) e.g. - /mnt/test nfsclient.freeos.com(rw) This exports the directory /mnt/test to the machine nfsclient.freeos.com with read-write permissions. The hostnames/machines you will be exporting to, can be listed by their hostnames, IP addresses, address/netmask pairing or you could just choose to export to everyone who asks for that exported directory. Hostname - nfsclient.freeos.com. Here, we are directly specifying the hostname of the client that is allowed access to the exported directory. Wildcards are allowed, but they do not work for a sub-domain of the domain specifies. If you specify *.freeos.com in the access list, abc.freeos.com and def.abc.freeos.com will be able to mount the exported directory, but xyz.abc.freeos.com will not have access. /mnt/test nfs.freeos.com(rw) news.freeos.com IP addresses - Simply give the IP address of the client. Address/netmask pair - If you want to export a directory to an entire IP sub-net then use this to specify the target range. 192.168.1.0/255.255.255.0 will mean that everyone in the IP address range 192.168.1.1-192.168.1.254 has access. Finally if you want everyone to be able to access the directory, just specify the directory name but do not specify any hostname, IP address or address/netmask pairing. /mnt/test The above entry will export /mnt/test to everyone with the default permissions in place. Multiple clients may be specified on the same line, separated by spaces. This is a good idea if you want to export the same directory with different access permissions to different clients. We're now export /mnt/test to hosts nfs and foo but where nfs has write access also to directory test, foo's access is read-only. Please ensure that there are no spaces between the hostnames and the export options.
In the above, /mnt/test will be exported to nfs.freeos.com with the default access permission of read-only, but it will also be exported to everyone else with read-write access. Common options to use rw - By default, NFS will export the directory read-only. Quite often you might want to give write access too, for example when user home directories are being exported off a server. no_root_squash - NFS exports directories with root_squash turned on. This means that root on the client machine will be mapped to the anonymous UID, commonly nobody. The result is that root on the client machine will not be able to access anything in the exported entry. The no_root_squash option prevents this behavior. This options should only be used for trusted clients. We had to use this one for the root filesystems that are noaccess - Use this one to make everything under a directory inaccessible to the client. Again this is a way of narrowing down the access permissions. Possible usage is when you're exporting a directory but certain directories under that exported directory should not be accessible to some hosts. /mnt/test *.freeos.com As you can see, we are exporting the directory /mnt/test to *.freeos.com, including foo2.freeos.com. On the other hand, we don't want foo2 to access the sub-directory 'sub'. We just mark the directory as noaccess. Now foo2 will be able to mount /mnt/test from the server and the directory sub will be visible, but if a client was to enter the directory and do a 'ls' there, none of the directory entries will be visible. There are many more options available but we have given the most commonly used ones here. Also remember that each change to the contents of the file exports requires that the list of exported directories be refreshed. Mounting NFS exports NFS shares can be mounted as you would mount other filesystems - the only difference being that the source will include the address or the hostname of the server. mount 192.168.1.1:/mnt/test /mnt/nfsmount So, we are just specifying the server to mount from and the directory exported by the server, separated by a colon. The last bit is the mount point for the exported directory. This was a quick view of NFS and how to get it up and running. We have found this to be an indispensable tool and it has certainly proven to be very effective on our network.
NFS FAQ
Other articles by Mayank Sarup
Current Rating: [ 7.57 / 10 ]
Number of Times Rated: [ 47 ]
|
|
|
© 1998-2004 FreeOS Technologies (I) Pvt. Ltd. All rights reserved.
[Privacy Policy]
 |
