NFSv4

From ArchWiki
Revision as of 20:12, 26 February 2009 by Thelucster (Talk | contribs)

Jump to: navigation, search


Warning

This page is outdated, and these instructions do not work! More up to date instructions are available in AUR, however they have not yet been wikified!

Goals

The goal of this article is getting NFSv4 running on Arch Linux.
NFSv4 is the new version of NFS (for setting up the older NFSv3, see Nfs) with new features like strong authentication and integrity via Kerberos and SPKM-3, improved performance, safe file caching, lock migration, UTF-8, ACLs and better support for Windows file sharing semantics.

Required packages

Required packages for both clients and server (from AUR):

  1. libgssglue
  2. librpcsecgss
  3. nfs4-utils

Download the packages, makepkg and install them.
Note: currently pacman doesn't seem to handle replacing when invoked with pacman -U. Therefore, you'll need to remove nfs-utils before installing nfs4-utils (which is a complete drop-in replacement).

Configuration

Server

Exports

First we'll need to edit our exports in /etc/exports. A typical NFSv4 export would look like this:

/export    192.168.0.12(rw,fsid=0,no_subtree_check,async,no_root_squash)
/export/music 192.168.0.12(rw,no_subtree_check,async,no_root_squash)

/export is the NFS root here (due to the fsid=0 entry). Everything else that you want to be shared over NFS must be accessible under /export.
For exporting directories outside the NFS root, see below.
Note: the no_root_squash option means that root on the client is also considered root on the server. This is of course a security risk. Remove it if you don't need it.

Exporting directories outside your NFS root

To do this, you'll need to use bind mounts. For example, to bind /home/john to /export/john:

mount --bind /home/john /export/john

Then, /export/john needs to be added to /etc/exports:

/export    192.168.0.12(rw,fsid=0,no_subtree_check,async,no_root_squash)
/export/music 192.168.0.12(rw,no_subtree_check,async,no_root_squash)
/export/john 192.168.12(rw,no_subtree_check,async,no_root_squash,nohide)

The nohide option is required, because the kernel NFS server automatically hides mounted directories. To add the bind mount to /etc/fstab:

/home/john    /export/john    none    bind  0 0

ID mapping

Then, /etc/idmapd.conf needs to be edited. You'll need to at the very least specify your Domain there. Example:

[General]

Verbosity = 1
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = archlinux.org

[Mapping]

Nobody-User = nobody
Nobody-Group = nogroup

Starting the server

To start the NFS server, just

/etc/rc.d/nfs4-common start 
/etc/rc.d/nfsd start

If you want to tweak the configuration, feel free to edit /etc/conf.d/nfs to your needs.

Clients

ID mapping

/etc/idmapd.conf needs to be edited on all clients and the Domain entry should be identical to the one on the server. Example:

[General]

Verbosity = 1
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = archlinux.org

[Mapping]

Nobody-User = nobody
Nobody-Group = nogroup

[Translation]
Method = nsswitch

Mounting the partitions on the client

On the client, to mount the NFSv4 partition:

/etc/rc.d/nfs4-common start
mount -t nfs4 server:/ /mnt/server/
mount -t nfs4 server:/music /mnt/music/
mount -t nfs4 server:/john /mnt/john

Replacing 'server' with the hostname or IP address of your NFS server and of course 'server', 'music' and 'john' with the names of whatever directories you exported on the server. Note that the root of the path on the server is the NFS root specified; all paths must be specified relative to it.
If you want the NFS volumes to mount automatically on bootup, either add the mount commands to /etc/rc.local or add them to fstab and wait for closure of [http://bugs.archlinux.org/task/8509 bu