<---- template headericclude ----->
How to setup NFS shares in FC5
FedoraForum.org - Fedora Support Forums and Community
Page 1 of 9 123 ... LastLast
Results 1 to 15 of 126
  1. #1
    Join Date
    Jul 2005
    Location
    Coventry, UK
    Posts
    583
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    How to setup NFS shares in FC5

    If you shares files between Linux boxes one of the easiest ways to do this is by using NFS. I thought this quick guide for setting up an NFS network might be useful. This might not be the best or only way of doing it but this works for me.

    Server Settings

    First off you need to configure the machine that's going to act as the server by doing the following (you need to be root for this):

    1. Install the NFS packages using yum:

    Code:
    yum install nfs-utils nfs-utils-lib portmap system-config-nfs
    2. You now need to set up your /etc/exports file with details of the directory you want to share, who is allowed to share it, and permissions. So:

    Code:
    gedit /etc/exports
    Then add an entry similar to the one below, and save and close:
    Code:
    /home/admin 192.168.2.30(rw,no_root_squash,sync)
    The first part is the directory I want to share, the second the IP address of the client who is allowed to access the directory, and the part in brackets allows read/write access and root access on the server (the no_root_squash entry is optional)

    Note: if you prefer a gui and you're using Fedora as a server you can configure the exports file from the Desktop>Administration>Server Settings>NFS menu.

    3. Now edit your hosts.allow file:

    Code:
    gedit /etc/hosts.allow
    Paste in the following but change the IP address to the IP address of the client who will be allowed to access the server, in my case 192.168.2.30

    Code:
    portmap: 192.168.2.30
    lockd: 192.168.2.30
    mountd: 192.168.2.30
    rquotad: 192.168.2.30
    statd: 192.168.2.30
    Save and close.

    If multiple clients can access the server separate IP addresses with commas.

    4. Now edit your hosts.deny file:

    Code:
    gedit /etc/hosts.deny
    Paste in the following:

    Code:
    portmap: ALL
    lockd: ALL
    mountd: ALL
    rquotad: ALL
    statd: ALL
    This prevents all hosts not listed in hosts.allow from accessing the server.

    5. Open the Desktop>Administration>Security Level and Firewall menu. Select the Firewall Options tab and open the "Other Ports" dialogue. Use the "add" button to add the following:

    2049 UDP
    2049 TCP
    111 UDP
    111 TCP

    Click OK.

    Note: if you run FC4 there's a blank line called other ports. Just enter 2049:tcp,2049:udp,111:tcp,111:udp and hit OK.

    6. The next step is exporting the directories you want to share and starting the NFS services. To start the nfs services type the following command into a terminal (as root):

    Code:
    chkconfig nfs on
    Then export the directories from /etc/exports:

    Code:
    exportfs -ra
    Reboot and the services will start automatically.

    Client Settings

    Setting up the client side of NFS is fairly straightforward. I'm not sure whether it's absolutely necessary to install all the NFS packages for the client but I always do, as I might want the client to act as a server if I'm working on another machine. So the steps I follow are:

    1. Install NFS packages:
    Code:
    yum install nfs-utils nfs-utils-lib portmap system-config-nfs
    2. Open the folowing ports in the firewall:

    2049 UDP
    2049 TCP
    111 UDP
    111 TCP

    3. Create a mountpoint for the NFS share (as root):

    Code:
    mkdir /media/admin
    and set permissions so that you can access this mount point as a user:

    Code:
    chmod 777 /media/admin
    4. Add an entry to fstab:
    Code:
    gedit /etc/fstab
    Paste an entry at the bottom of the file that looks something like this:
    Code:
    192.168.2.5:/home/admin         /media/admin    nfs     noauto,rw,user 0 0
    The first part is the IP address of the server and the directory that will be accessed. Dont forget to adapt the entry for your settings.

    Save and close gedit.

    5. As root type:

    Code:
    mount -a
    7. Make sure you can see the running services on the server by typing:

    Code:
    rpcinfo -p 192.168.2.5 (the IP address of the server).
    If you can, move on to the next step.

    6. To mount the share type:

    Code:
    mount /media/admin
    The share should appear on your desktop and you can access it like any ordinary directory.

    I think that's it but apologise in advance if I've missed any key steps. Enjoy!

    Update: a quick note on IP addresses. In theory you can use host names but I've never managed to get this to work. I have a Belkin router that automatically assigns IP addresses by DHCP but I found that it was relatively straightforward to change this so that all my boxes had static IP addresses. You will need to do this otherwise your settings will have to be changed every time an IP address changes.
    Last edited by steve1961; 3rd April 2006 at 06:13 PM.

  2. #2
    jim's Avatar
    jim is offline Retired Community Manager & Avid Drinker Of Suds
    Join Date
    Feb 2005
    Location
    Rochester NY
    Age
    49
    Posts
    4,175
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok works good so far but 1 error

    [root@localhost ~]# mount /media/server-files
    mount: 192.168.1.50:/mnt/files failed, reason given by server: Permission denied
    [root@localhost ~]#
    and from my server
    Apr 2 18:50:54 lawrendsktp1 rpc.mountd: mount request from unknown host 192.168.1.51 for /mnt/files (/mnt/files)
    Last edited by jim; 2nd April 2006 at 11:51 PM.
    Registered Linux User: #376813
    Western NY
    My linux site
    Smolt Profile

    please remember to say if you problem was solved

    Did you get your id10t award today?

  3. #3
    jim's Avatar
    jim is offline Retired Community Manager & Avid Drinker Of Suds
    Join Date
    Feb 2005
    Location
    Rochester NY
    Age
    49
    Posts
    4,175
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Here is what I did to at least get connected

    commented out the host.deny

    So how can I fix this to improve the security ?
    Registered Linux User: #376813
    Western NY
    My linux site
    Smolt Profile

    please remember to say if you problem was solved

    Did you get your id10t award today?

  4. #4
    Join Date
    Dec 2004
    Location
    Canada
    Age
    32
    Posts
    9,221
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Why not just use system-config-nfs as the same way as system-config-samba as shown in my server setup howto? (see sig. link)
    Firewing1
    [+] My open source software and blog
    [+] Some of my howtos: (for full list, click here)

  5. #5
    jim's Avatar
    jim is offline Retired Community Manager & Avid Drinker Of Suds
    Join Date
    Feb 2005
    Location
    Rochester NY
    Age
    49
    Posts
    4,175
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I can connect either way, but if I have the following in my host.deny
    portmap: ALL
    lockd: ALL
    mountd: ALL
    rquotad: ALL
    statd: ALL
    i get the access denied
    Registered Linux User: #376813
    Western NY
    My linux site
    Smolt Profile

    please remember to say if you problem was solved

    Did you get your id10t award today?

  6. #6
    Join Date
    May 2005
    Location
    Greensboro, NC
    Age
    63
    Posts
    149
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    on the nfs server edit /etc/hosts and add the names and ip addresses of the client boxes
    also add the client boxes names in /etc/host.allow

    nels
    AMD64 2800+, nForce3 250, 768M, FC6
    AMD XP2000+,Via K400, 512M, FC6
    Pegasos II, G4 1.0Ghz, 512M, 7x boot Morphos1.4.5/Debian 5.1/YD 4.01/FC6/FC10/Ubuntu9.4/Freevo
    AMD Athlon 1.0Ghz, GA 7ZM, 512M, FC6
    PowerMac QuickSilver, G4 733Mhz, 768M, OSX 10.4, FC6

  7. #7
    Join Date
    Jul 2005
    Location
    Coventry, UK
    Posts
    583
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by jim
    Here is what I did to at least get connected

    commented out the host.deny

    So how can I fix this to improve the security ?
    Hi Jim, sorry for the delay, it's been the middle of the night over here whilst you've been posting. To be honest I'm not sure why you're having to comment the hosts.deny file. When I originally set this up in FC4 my FC4 box acted as a server for a slackware box and it worked fine with these settings. I no longer use the Fedora box as a server but now that I've upgraded to FC5 I do use it as an NFS client. Could it be something to do with SELinux? I have this set to permissive only.

    I'm at work at the moment but I'll play around with the settings when I get home and post back.

    Edit: You really shouldn't need to add any extra entries to your hosts file. Try running exportfs -ra from the server to force it to read the /etc/exports file. You might also find the following link useful:

    http://nfs.sourceforge.net/nfs-howto/server.html
    Last edited by steve1961; 3rd April 2006 at 08:41 AM.

  8. #8
    jim's Avatar
    jim is offline Retired Community Manager & Avid Drinker Of Suds
    Join Date
    Feb 2005
    Location
    Rochester NY
    Age
    49
    Posts
    4,175
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Server
    --------
    >>> fc4

    set up to the how to

    Client
    ---------
    >>> fc5 notebook

    set up to the how to

    Selinux disabled in both machines
    Registered Linux User: #376813
    Western NY
    My linux site
    Smolt Profile

    please remember to say if you problem was solved

    Did you get your id10t award today?

  9. #9
    Join Date
    Jul 2005
    Location
    Coventry, UK
    Posts
    583
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi Jim

    OK, to test these settings I setup my son's mepis box as an NFS server with the above entries in exports, hosts.allow and hosts.deny to see if I could replicate the problem. Once everything was set up I typed rpcinfo -p <his ip address> from the FC5 client and got the following output:

    program vers proto port
    100000 2 tcp 111 portmapper
    100000 2 udp 111 portmapper
    100011 1 udp 792 rquotad
    100011 2 udp 792 rquotad
    100011 1 tcp 795 rquotad
    100011 2 tcp 795 rquotad
    100003 2 udp 2049 nfs
    100003 3 udp 2049 nfs
    100021 1 udp 1026 nlockmgr
    100021 3 udp 1026 nlockmgr
    100021 4 udp 1026 nlockmgr
    100005 1 udp 804 mountd
    100005 1 tcp 807 mountd
    100005 2 udp 804 mountd
    100005 2 tcp 807 mountd
    100005 3 udp 804 mountd
    100005 3 tcp 807 mountd
    100024 1 udp 810 status
    100024 1 tcp 813 status


    I then tried to mount the share as a user but got a permission denied message, and the same when I tried to do this as root. I then remembered that I needed to set permissions on the mount point, in this case /media/harry. So I did chmod 777 /media/harry and tried to mount again. This time everything worked fine and I was able to mount and unmount as an ordinary user. I'll add this to the how to.

    I then tried messing around with the hosts.deny, hosts.allow and exports file. After searching for some answers on the web today it seems that you have to be careful with the spacing between entries. In the exports file the two entries below give different results:

    /home/admin 192.168.2.30(rw,no_root_squash,sync)
    /home/admin 192.168.2.30 (rw,no_root_squash,sync)

    The first does what we want it to do, but the second (with the extra space) defaults to ro for the named IP address and rw acccess for anyone else.

    In the hosts.deny and hosts.allow files there needs to be a single space on each line between the colon and the ALL or the IP address. I found that a double space in hosts.deny between the colon and the ALL on each line, or no space, could bring up the permission denied message - but for some reason this was intermittent.

    But other than the above everything seemed to work.

  10. #10
    axelseap Guest
    i think there's a flaw that went unnoticed, not all the parts of nfs use the same port, check this guide on how to change them http://fritz.potsdam.edu/man/nfs/nfs_firewall.html.
    i used that and opened those ports on firestarter to my other box and it works great

  11. #11
    Join Date
    Jul 2005
    Location
    Coventry, UK
    Posts
    583
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by axelseap
    i think there's a flaw that went unnoticed, not all the parts of nfs use the same port, check this guide on how to change them http://fritz.potsdam.edu/man/nfs/nfs_firewall.html.
    i used that and opened those ports on firestarter to my other box and it works great

    Looks like a useful article for specifying all the ports that nfs uses rather than letting nfs choose random ports for some services. I've spent the last few hours reading lots of nfs documents and I didn't come across anything else that mentioned anything other than 2049 and 111. That said, that's all I have open and it seems to work well, but I'll try this method to see what happens.

    Update: seems to work well, but can't say I notice a difference.
    Last edited by steve1961; 9th April 2006 at 07:30 PM.

  12. #12
    TimBenny Guest

    Question

    Dear author,

    I am sincerely grateful if you could provide me some information on how to share files between my linux box(192.1.1.10) and windows(192.1.1.11).

    I would like to not always create data CDs whenever I want to transfer files from one to the other.

    Thank you

    Tim Benny

  13. #13
    Join Date
    Jul 2005
    Location
    Coventry, UK
    Posts
    583
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by TimBenny
    Dear author,

    I am sincerely grateful if you could provide me some information on how to share files between my linux box(192.1.1.10) and windows(192.1.1.11).

    I would like to not always create data CDs whenever I want to transfer files from one to the other.

    Thank you

    Tim Benny

    Samba is probably your best bet between linux and windows. See this how to for more information:

    http://forums.fedoraforum.org/showth...ighlight=samba

  14. #14
    TimBenny Guest

    Question Hi steve,

    I don't see anything in there. where is it to share file without server, simple like C2C (computer to computer)
    Steve, please do it again please..

    Tim1955

  15. #15
    Join Date
    Jul 2005
    Location
    Coventry, UK
    Posts
    583
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by TimBenny
    I don't see anything in there. where is it to share file without server, simple like C2C (computer to computer)
    Steve, please do it again please..

    Tim1955

    Look at post 2 in the link. If you want to share files between windows and linux it's my understanding that you need to use samba. NFS is only for linux to linux shares.

Page 1 of 9 123 ... LastLast

Similar Threads

  1. Dvico Fusion HDTV initial setup and Mythtv Setup
    By holden-nut in forum Using Fedora
    Replies: 3
    Last Post: 18th November 2006, 06:33 AM
  2. Can't see shares in win xp box
    By newusermike in forum Servers & Networking
    Replies: 5
    Last Post: 12th June 2006, 09:57 PM
  3. Replies: 4
    Last Post: 24th May 2005, 09:18 PM
  4. Setup scripts to map the Windows shares to Linux
    By mvelasco2 in forum Servers & Networking
    Replies: 1
    Last Post: 21st April 2005, 08:16 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
[[template footer(Guest)]]