Network Your Files in a Snap with NFS
Part One: With NFS, you can provide your Unix users with a centralized file server for everything from simple storage to networked home directories. Here's what you need to get started.
NFS, Network File System, is the original file-sharing method among UNIX-based computers. Originally developed by Sun, NFS is still widely used, since it is a (relatively) simple and effective means to provide a centralized file server.
We will be implementing an NFS server step by step in this article, exploring methods for simply sharing a directory, and also briefly talking about making users' home directories live on the server. A second installation will deal with the intricacies of NFS options, auto-mounting, and the differences between operating systems' NFS implementations.
Older NFS versions, which most people use for the sake of interoperability, have practically zero security. The server will believe what it's told about the UID/GID of files, so it should be protected from the Internet. Additionally, it should be limited to only serving files for clients that you designate. The easiest way to limit NFS mounts is with tcpwrappers, configurable via /etc/hosts.allow. Portmap, lockd, rquotad, statd, and mountd should all be limited to networks or specific IP addresses of trusted NFS clients.
Since Linux' NFS configuration options are quite similar to other Unix variants, we will be assuming a Linux client and server for this article.
First things first: We should begin by starting the necessary NFS services. On the server side, most distributions have a startup script designed to accomplish this. Running something like /etc/init.d/nfs start will fire up the NFS server properly on most distributions.
Using rpcinfo -p should return a bit of information about which RPC (define) services are running. At a minimum, for NFS to function, you should see: portmap, status, mountd, nfs, and nlockmgr. Any missing items will require that you figure out why they are missing before proceeding. Note that these names are based on the most current nfs-utils package, currently nfs-utils-1.0.6-22. Your specific Linux distribution's documentation should provide more information about how to make sure everything is started at boot time.
Now on to the fun part: sharing directories. The file /etc/exports is used to specify which file systems should be exported to which clients. This is basically a listing of:
"directory machine1(options) machine2(options)…"
Examples should make it clear:
To share /usr read-only to two IP addresses:
/usr 192.168.0.1(ro) 192.168.0.2(ro)
To share /usr/local read-write to one machine, and read-only to everyone else:
/usr/local 192.168.0.5(rw) *(ro)
There are many ways to share directories, and many configurable options. Client lists can be netgroups, IP addresses, a single host, wildcards, or IP networks. Refer to "man exports" for more exhaustive details. The server also needs to be told to reread the configuration when it changes. This can be accomplished by sending -HUP to the nfs daemon, or by running exportfs -ra.
If everything was done properly, this server should be ready to serve NFS. The command showmount -e will list the exported file systems. If an RPC error was returned, that generally means a necessary service is not running.