Warning: Outdated, see AUR / nfs4-utils for uptodate information
The goal of this article is getting
NFSv4 is the new version of NFS (for setting up the older NFSv3, see Nfs) with new features like strong authentication and integrity via Kerberos and SPKM-3, improved performance, safe file caching, lock migration, UTF-8, ACLs and better support for Windows file sharing semantics.
Required packages for both clients and server (from AUR):
Download the packages, makepkg and install them.
Note: currently pacman doesn't seem to handle replacing when invoked with pacman -U. Therefore, you'll need to remove nfs-utils before installing nfs4-utils (which is a complete drop-in replacement).
First we'll need to edit our exports in /etc/exports. A typical NFSv4 export would look like this:
/export 192.168.0.12(rw,fsid=0,no_subtree_check,async,no_root_squash) /export/music 192.168.0.12(rw,no_subtree_check,async,no_root_squash)
/export is the NFS root here (due to the fsid=0 entry). Everything else that you want to be shared over NFS must be accessible under /export.
For exporting directories outside the NFS root, see below.
Note: the no_root_squash option means that root on the client is also considered root on the server. This is of course a security risk. Remove it if you don't need it.
Exporting directories outside your NFS root
To do this, you'll need to use bind mounts. For example, to bind /home/john to /export/john:
mount --bind /home/john /export/john
Then, /export/john needs to be added to /etc/exports:
/export 192.168.0.12(rw,fsid=0,no_subtree_check,async,no_root_squash) /export/music 192.168.0.12(rw,no_subtree_check,async,no_root_squash) /export/john 192.168.12(rw,no_subtree_check,async,no_root_squash,nohide)
The nohide option is required, because the kernel NFS server automatically hides mounted directories. To add the bind mount to /etc/fstab:
/home/john /export/john none bind 0 0
Then, /etc/idmapd.conf needs to be edited. You'll need to at the very least specify your Domain there. Example:
[General] Verbosity = 1 Pipefs-Directory = /var/lib/nfs/rpc_pipefs Domain = archlinux.org [Mapping] Nobody-User = nobody Nobody-Group = nogroup
Starting the server
To start the NFS server, just
/etc/rc.d/nfs4-common start /etc/rc.d/nfsd start
If you want to tweak the configuration, feel free to edit /etc/conf.d/nfs to your needs.
/etc/idmapd.conf needs to be edited on all clients and the Domain entry should be identical to the one on the server. Example:
[General] Verbosity = 1 Pipefs-Directory = /var/lib/nfs/rpc_pipefs Domain = archlinux.org [Mapping] Nobody-User = nobody Nobody-Group = nogroup [Translation] Method = nsswitch
Mounting the partitions on the client
On the client, to mount the NFSv4 partition:
/etc/rc.d/nfs4-common start mount -t nfs4 server:/ /mnt/server/ mount -t nfs4 server:/music /mnt/music/ mount -t nfs4 server:/john /mnt/john
Replacing 'server' with the hostname or IP address of your NFS server and of course 'server', 'music' and 'john' with the names of whatever directories you exported on the server.
Note that the root of the path on the server is the NFS root specified; all paths must be specified relative to it.
If you want the NFS volumes to mount automatically on bootup, either add the mount commands to /etc/rc.local or add them to fstab and wait for closure of bug 8509. /etc/fstab example:
192.168.0.5:/ /mnt/deepthought nfs4 rw,noatime,async 0 0 192.168.0.5:/music /mnt/music nfs4 rw,noatime,async 0 0 192.168.0.5:/john /mnt/john nfs4 rw,noatime,async 0 0
- Some general instructions: http://wiki.linux-nfs.org/wiki/index.php/Nfsv4_configuration
- On migrating from NFSv3 to NFSv4: http://nfsv4.bullopensource.org/tools/tests/page40.php
- For NFSv4 with Kerberos authentication: http://www.itp.uzh.ch/~dpotter/howto/kerberos
- For a comparison of several networked file systems, see http://wiki.linux-nfs.org/index.php/Comparison_of_NFS_vs._others