Difference between revisions of "Talk:NFS"

From ArchWiki
Jump to: navigation, search
(Restarting rpc-idmapd and rpc-mountd: close.)
(Make iptables.rules syntax more clear)
(8 intermediate revisions by 3 users not shown)
Line 1: Line 1:
== Update and streamlined ==
+
I think that {{ic|/etc/systemd/system/auto_share.service}} should contain the following line after {{ic|Description}}:
Took a stab at making the article lean and mean.  Cleaned-up, trimmed away fat, initscripts, etc. Someone please edit the autofs section and make it systemd relevant. I do not use this or I would do it myself.
+
After=NetworkManager-wait-online.service
 +
Before=systemd-user-sessions.service
 +
The rationale for this is that you need to wait for the network to be up and running before attempting an NFS connect from client-side. You also need to perform the NFS mountings before making user sessions available, because the latter may be dependent on the former. For example, my bash profile is stored on a remote server, so I need NFS drives mounted before I even attempt a login. On some systems, maybe the whole {{ic|home}} directory is on a different computer (as would be the case for thin clients), meaning that they should definitely be mounted before users can log in.
  
[[User:Graysky|Graysky]] ([[User talk:Graysky|talk]]) 21:00, 16 October 2012 (UTC)
+
You need to enable {{ic|NetworkManager-wait-online.service}} like so:
 +
# systemctl enable NetworkManager-wait-online
 +
I can't help thinking that this is a bit of a kludge in any event, and is a scenario that should be handled automatically by {{ic|systemd}}.
  
== <s> Restarting rpc-idmapd and rpc-mountd </s> ==
 
  
When making changes to /etc/exports, I use systemctl to restart rpc-idmapd and rpc-mountd, but the changes do not take effect. I noticed that rpc-idmapd and rpc-mountd start other units. Its a pain going through and stopping each one individually. How do you shutdown or restart everything at once to reload exports? [[User:Axanon|Axanon]] ([[User talk:Axanon|talk]]) 19:09, 28 December 2012 (UTC)
+
{{ic|/etc/systemd/system/auto_share.service}} is a bad place to create the file. Instead, do it in the standard way by creating it as {{ic|/lib/systemd/system/auto_share.service}} and re-enabling it using the command
: I've learned a full server restart is ''not'' required to apply changes to a modified {{ic|/etc/exports}}. {{ic|# exportfs -ra}} will do this.[[User:Axanon|Axanon]] ([[User talk:Axanon|talk]]) 19:49, 30 December 2012 (UTC)
+
# systemctl reenable auto_share.service
:: Thanks for updating the page. -- [[User:Fengchao|Fengchao]] ([[User talk:Fengchao|talk]]) 01:45, 1 January 2013 (UTC)
+
 
 +
--[[User:Blippy|Blippy]] ([[User talk:Blippy|talk]]) 20:24, 8 September 2013 (UTC)
 +
 
 +
== Make iptables.rules syntax more clear ==
 +
For me the file /etc/iptables/iptables.rules didn't exist so I created it with the lines in Firewall configuration section. After that iptables failed to start, giving syntax errors. After some searching, I added "*nat" at top and "COMMIT" at bottom of the file, and it worked.
 +
Will adding this info make it more clear or should we leave it way it is?
 +
[[User:Axper|axper]] ([[User talk:Axper|talk]]) 18:48, 28 September 2013 (UTC)
 +
 
 +
If /etc/iptables/iptables.rules didn't exist then you didn't use a firewall and there was no need to do any configuration to enable NFS access through a firewall. I don't think we should add too much information about how to configure a firewall in general on the NFS page.
 +
I checked the [[ssh#Troubleshooting|ssh]] page to see how they address firewalls (ssh was the first thing I could think of that probably needs some firewall configuration) and they use command like
 +
# iptables -I INPUT 1 -p tcp --dport 22 -j ACCEPT
 +
instead of editing iptables.rules.
 +
Should we change the article to show commands similar to above rather than talking about /etc/iptables/iptables.rules or should we just keep the one sentence mentioning the port numbers and protocols?
 +
[[User:Crawlman|Crawlman]] ([[User talk:Crawlman|talk]]) 07:24, 18 December 2013 (UTC)

Revision as of 07:24, 18 December 2013

I think that /etc/systemd/system/auto_share.service should contain the following line after Description:

After=NetworkManager-wait-online.service
Before=systemd-user-sessions.service

The rationale for this is that you need to wait for the network to be up and running before attempting an NFS connect from client-side. You also need to perform the NFS mountings before making user sessions available, because the latter may be dependent on the former. For example, my bash profile is stored on a remote server, so I need NFS drives mounted before I even attempt a login. On some systems, maybe the whole home directory is on a different computer (as would be the case for thin clients), meaning that they should definitely be mounted before users can log in.

You need to enable NetworkManager-wait-online.service like so:

# systemctl enable NetworkManager-wait-online

I can't help thinking that this is a bit of a kludge in any event, and is a scenario that should be handled automatically by systemd.


/etc/systemd/system/auto_share.service is a bad place to create the file. Instead, do it in the standard way by creating it as /lib/systemd/system/auto_share.service and re-enabling it using the command

# systemctl reenable auto_share.service

--Blippy (talk) 20:24, 8 September 2013 (UTC)

Make iptables.rules syntax more clear

For me the file /etc/iptables/iptables.rules didn't exist so I created it with the lines in Firewall configuration section. After that iptables failed to start, giving syntax errors. After some searching, I added "*nat" at top and "COMMIT" at bottom of the file, and it worked. Will adding this info make it more clear or should we leave it way it is? axper (talk) 18:48, 28 September 2013 (UTC)

If /etc/iptables/iptables.rules didn't exist then you didn't use a firewall and there was no need to do any configuration to enable NFS access through a firewall. I don't think we should add too much information about how to configure a firewall in general on the NFS page. I checked the ssh page to see how they address firewalls (ssh was the first thing I could think of that probably needs some firewall configuration) and they use command like

# iptables -I INPUT 1 -p tcp --dport 22 -j ACCEPT

instead of editing iptables.rules. Should we change the article to show commands similar to above rather than talking about /etc/iptables/iptables.rules or should we just keep the one sentence mentioning the port numbers and protocols? Crawlman (talk) 07:24, 18 December 2013 (UTC)