Difference between revisions of "NFSv4"

From ArchWiki
Jump to navigation Jump to search
Line 6: Line 6:
 
=Goals=
 
=Goals=
 
The goal of this article is getting <span title="Network File System version 4" style="border-bottom:1px dotted">NFSv4</span> running on ArchLinux.
 
The goal of this article is getting <span title="Network File System version 4" style="border-bottom:1px dotted">NFSv4</span> running on ArchLinux.
<br>NFSv4 is the new version of [[NFS]] with new features like strong authentication and integrity via Kerberos and SPKM-3, improved performance,  safe file caching, lock migration, UTF-8, ACLs and better support for Windows file sharing semantics.
+
<br>NFSv4 is the new version of [[Nfs] NFS] with new features like strong authentication and integrity via Kerberos and SPKM-3, improved performance,  safe file caching, lock migration, UTF-8, ACLs and better support for Windows file sharing semantics.
  
 
=Required packages=
 
=Required packages=

Revision as of 18:18, 13 November 2007



Goals

The goal of this article is getting NFSv4 running on ArchLinux.
NFSv4 is the new version of [[Nfs] NFS] with new features like strong authentication and integrity via Kerberos and SPKM-3, improved performance, safe file caching, lock migration, UTF-8, ACLs and better support for Windows file sharing semantics.

Required packages

Required packages for both clients and server (from AUR):

  1. libgssglue
  2. librpcsecgss
  3. nfs4-utils

Download the packages, makepkg and install them.
Note: currently pacman doesn't seem to handle replacing when invoked with pacman -U. Therefore, you'll need to remove nfs-utils before installing nfs4-utils (which is a complete drop-in replacement).

Configuration

Server

Exports

First we'll need to edit our exports in /etc/exports. A typical NFSv4 export would look like this:

/export    192.168.0.12(rw,fsid=0,no_subtree_check,async,no_root_squash)
/export/music 192.168.0.12(rw,no_subtree_check,async,no_root_squash)

/export is the NFS root here (due to the fsid=0 entry). Everything else that you want to be shared over NFS must be accessible under /export.
For exporting directories outside the NFS root, see below.
Note: the no_root_squash option means that root on the client is also considered root on the server. This is of course a security risk. Remove it if you don't need it.

Exporting directories outside your NFS root

To do this, you'll need to use bind mounts. For example, to bind /home/john to /export/john:

mount --bind /home/john /export/john

Then, /export/john needs to be added to /etc/exports:

/export    192.168.0.12(rw,fsid=0,no_subtree_check,async,no_root_squash)
/export/music 192.168.0.12(rw,no_subtree_check,async,no_root_squash)
/export/john 192.168.12(rw,no_subtree_check,async,no_root_squash,nohide)

The nohide option is necessary, because the kernel NFS server automatically hides mounted directories. To add the bind mount to /etc/fstab:

/home/john    /export/john    none    bind  0 0

ID mapping

Then, /etc/idmapd.conf needs to be edited. You'll need to at the very least specify your Domain there. Example:

[General]

Verbosity = 1
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = archlinux.org

[Mapping]

Nobody-User = nobody
Nobody-Group = nogroup

Starting the server

To start the NFS server, just

/etc/rc.d/nfs4-common start 
/etc/rc.d/nfsd start

If you want to tweak the configuration, feel free to edit /etc/conf.d/nfs to your needs.

Clients

ID mapping

/etc/idmapd.conf needs to be edited on all clients and the Domain entry should be identical to the one on the server. Example:

[General]

Verbosity = 1
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = archlinux.org

[Mapping]

Nobody-User = nobody
Nobody-Group = nogroup

Mounting the partitions on the client

On the client, to mount the NFSv4 partition:

/etc/rc.d/nfs4-common start
mount -t nfs4 server:/ /mnt/server/
mount -t nfs4 server:/music /mnt/music/
mount -t nfs4 server:/john /mnt/john

Note that the root of the path on the server is the NFS root specified; all paths must be specified relative to that.

See also

Take a look at the gentoo wiki for further instructions on configuring the exports.
Some general instructions: http://wiki.linux-nfs.org/wiki/index.php/Nfsv4_configuration
On migrating from NFSv3 to NFSv4: http://nfsv4.bullopensource.org/tools/tests/page40.php
For NFSv4 with Kerberos authentication: http://www.itp.uzh.ch/~dpotter/howto/kerberos
For a comparison of several networked file systems, see http://wiki.linux-nfs.org/index.php/Comparison_of_NFS_vs._others