Network File System (NFS), is an open standard network file sharing protocol.
- 1 Installing
- 2 Configuring
- 3 Mounting NFS shares on the client
- 4 Mounting from Windows
- 5 Mounting from OS X
- 6 Troubleshooting
Both client and server only require official repositories.from the
In order for NFS to function properly, both server and client must have closely matching time values. If the clocks on the clients differ from the server too much, then basic functions like file copy operations may hang for a very long time leaving the system unusable until they resume. The clocks do not have to match to micro/nano second accuracies, but ideally they should be within 1 second of each other.
The NTP system is recommended to sync both the server and the clients to the highly accurate NTP servers available on the Internet. For a small system like a home network, the ntpdate utility may be used to sync both servers and clients to the same time. For a larger installation, it may be desirable to install an OpenNTP server (see NTP) onto the same machine acting as the NFS server, and then all clients on the network would sync time values from the server. This has the advantage of lowering the stress on the external NTP servers, and in assuring that the NFS clients will use the exact time that the NFS server has, even if the NFS server experiences some drift.
The server configuration involves the
/etc/idmapd.conf file and the
/etc/exports file to export shares. Further tweaking can be done by editing
Server ID mapping
/etc/idmapd.conf file needs to be edited. You'll need to at the very least specify your Domain there. Example:
[General] Verbosity = 1 Pipefs-Directory = /var/lib/nfs/rpc_pipefs Domain = archlinux.org [Mapping] Nobody-User = nobody Nobody-Group = nobody
All the NFS shares are defined in
/etc/exports. Add directories which you want to share and ip addresses or hostnames of client machines that will be allowed to mount them:
You can also share it to a whole subnet:
A typical NFSv4 export would look like this:
/mnt 192.168.0.12(rw,fsid=0,no_subtree_check) /mnt/music 192.168.0.12(rw,no_subtree_check)
For more information about all available options see
man 5 exports.
Exporting directories outside your NFS root
To do this, you will need to use bind mounts. For example, to bind
# mount --bind /home/john /mnt/john
To make it stick across server reboots add the bind mount to
/home/john /mnt/john none bind 0 0
/mnt/john needs to be added to
/mnt 192.168.0.12(rw,fsid=0,no_subtree_check) /mnt/music 192.168.0.12(rw,no_subtree_check) /mnt/john 192.168.0.12(rw,no_subtree_check,nohide)
nohide option is required, because the kernel NFS server automatically hides mounted directories.
Starting the server
To start the NFS server, use:
# systemctl start nfsd.service rpc-idmapd.service rpc-mountd.service rpcbind.service
The client configuration only involves the
/etc/idmapd.conf file. If your client also acts as a server for other machines on the network, then you will still have to configure the files covered in the server section.
Client ID mapping
/etc/idmapd.conf file needs to be edited on all clients. The Domain entry should be identical to the one on the server (see the Server ID mapping section). Example:
[General] Verbosity = 1 Pipefs-Directory = /var/lib/nfs/rpc_pipefs Domain = archlinux.org [Mapping] Nobody-User = nobody Nobody-Group = nobody [Translation] Method = nsswitch
Starting the client
To start the NFS client:
# rc.d start rpcbind nfs-common
Or add them to your
DAEMONS=(... rpcbind nfs-common ...)
Show the server's exported filesystems:
showmount -e server
Then just mount as normal:
# rc.d start rpcbind nfs-common # mount -t nfs4 server:/ /mnt/server/ # mount -t nfs4 server:/music /mnt/music/ # mount -t nfs4 server:/john /mnt/john
Replacing 'server' with the hostname or IP address of your NFS server and of course 'server', 'music' and 'john' with the names of whatever directories you exported on the server.
- With Initscripts: If you want to auto mount the NFS shares on boot, you will have to make sure that the network(or any other networking daemon that you use), rpcbind, nfs-common daemons are started up and also in that order. Do NOT background the daemons since the order in which they start up is important. Additionally you will also want to start netfs daemon which handles the clean unmount of NFS shares while shutting down the client machine. The netfs daemon can be backgrounded without any issues.
DAEMONS=(... network rpcbind nfs-common @netfs ...)
- With Systemd: Systemd/RemoteFilesystem page and make sure to enable rpc-idmapd.service for user id mapping.
After you have added the daemons, auto mounting of NFS shares can be handled in one of two ways:
Using fstab is useful when you have a server which is always on, and the NFS shares are available whenever your client boots up. Edit your
/etc/fstab file, and add an appropriate line in there reflecting your setup.
server:/ /mnt/nfsshare nfs4 defaults 0 0
If you wish to specify a packet size for read and write packets, specify them in your
/etc/fstab entry. Read the NFS man page for further information, including all available mount options.
Using autofs is useful when you have multiple machines that you want to connect via NFS and they could both be clients as well as servers. The reason this method is preferable over the earlier one is that if one of the machine(server) is switched off, the client will not throw errors about being unable to find NFS shares. Please see the relevant section on the autofs#NFS_Network_mounts page for setting up NFS shares.
Mounting from Windows
NFS shares can be mounted from windows if the "Client for NFS" service is actived (which it is not by default). To install the service go to "Programs and features" either through the control panel or by typing it in the search box from the start menu and click on "Turn Windows features on or off". Locate the "Services for NFS" and activate it as well as both subservices ("Administrative tools" and "Client for NFS").
Some global options can be set by opening the "Services for Network File System" (locate it with the search box) and right clicking on the client->properties.
Mounting from OS X
Either export the share with the
insecure flag, and mount using Finder:
- Go > Connect to Server >
Or, mount the share using a secure port using the terminal:
# sudo mount -t nfs -o resvport server:/ /Volumes/server/
exportfs: /etc/exports:2: syntax error: bad option list
Delete all space from the option list in
mount.nfs4: No such device
Check that you have loaded the
lsmod | grep nfs
and if previous returns empty or only nfsd-stuff, do
mount.nfs4: access denied by server while mounting
Check that the permissions on your client's folder are correct. Try using 755.
If you find that you cannot set the permissions on files properly, make sure the user/group you are chowning are on both the client and server.
If that does not help, try modifying these lines in
# /etc/conf.d/nfs-common.conf # Do you want to start the statd daemon? It is not needed for NFSv4. NEED_STATD="no" # Do you want to start the idmapd daemon? It is only needed for NFSv4. NEED_IDMAPD="yes"
Restart the nfs-common daemon for the changes to take effect. I restarted all the other daemons as well, just to be sure.
group/gid permissions issues
If NFS shares mount fine, and are fully accessible to the owner, but not to group members; check the number of groups that user belongs to. NFS has a limit of 16 on the number of groups a user can belong to. If you have users with more then this, you need to enable the
--manage-gids start-up flag for
rpc.mountd on the NFS server.
/etc/conf.d/nfs-server.conf # Options for rpc.mountd. # If you have a port-based firewall, you might want to set up # a fixed port here using the --port option. # See rpc.mountd(8) for more details. MOUNTD_OPTS="--manage-gids"
If you got error such as this:
mount.nfs: rpc.statd is not running but is required for remote locking. mount.nfs: Either use '-o nolock' to keep locks local, or start statd. mount.nfs: an incorrect mount option was specified
To fix this, you need to change the "NEED_STATD" value in:
Remember to start all the services - nfsd.service rpc-idmapd.service rpc-mountd.service rpcbind.service, not just the nfsd.