This is a quick NFS configuration using RHEL without too much concerts about security or any fine tuning and access control. In our scenario, there are two hosts:
- NFS Server, IP 10.1.1.100
- NFS Client, IP 10.1.1.101
On the NFS server, un the below commands to begin the NFS server installation:
Next, for this procedure, we export an arbitrary directory called /opt/nfs. Create /opt/nfs directory:[nfs-server] # yum install nfs-utils rpcbind
Edit the /etc/exports file (which is the NFS exports file) to add the below line to export folder /opt/nfs to client 10.1.1.101:[nfs-server] # mkdir -p /opt/nfs
Next, make sure to open port 2049 on your firewall to allow client requests:/opt/nfs 10.1.1.101(no_root_squash,rw)
Start the rpcbind and NFS server daemons in this order:[nfs-server] # firewall-cmd --zone=public --add-port=2049/tcp --permanent [nfs-server] # firewall-cmd --reload
Check the NFS server status:[nfs-server] # service rpcbind start; service nfs start
Next, export all the file systems configured in /etc/exports:[nfs-server] # service nfs status Redirecting to /bin/systemctl status nfs.service nfs-server.service - NFS server and services Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; enabled; vendor preset: disabled) Drop-In: /run/systemd/generator/nfs-server.service.d order-with-mounts.conf Active: active (exited) since Tue 2017-11-14 09:06:21 CST; 1h 14min ago Main PID: 2883 (code=exited, status=0/SUCCESS) CGroup: /system.slice/nfs-server.service
And check the currently exported file systems:[nfs-server] # exportfs -rav
Next, continue with the NFS client:[nfs-server] # exportfs -v
Install the required packages:
Create a mount point directory on the client, for example /mnt/nfs:[nfs-client] # yum install nfs-utils rpcbind [nfs-client]# service rpcbind start
Discover the NFS exported file systems:[nfs-client] # mkdir -p /mnt/nfs
Mount the previously NFS exported /opt/nfs directory:[nfs-client] # showmount -e 10.1.1.100 Export list for 10.1.1.100: /opt/nfs 10.1.1.101
Test the correctness of the setup between the NFS server and the NFS client by creating a file in the NFS mounted directory on the client side:[nfs-client] # mount 10.1.1.100:/opt/nfs /mnt/nfs
Move to the server side and check if the testfile file exists:[nfs-client] # cd /mnt/nfs/ [nfs-client] # touch testfile [nfs-client] # ls -l total 0 -rw-r--r--. 1 root root 0 Dec 11 08:13 testfile
At this point it is working, but it is not set up to remain there permanently (as in: it will be gone when either the NFS server or NFS client is rebooted. To ensure it remains working even after a reboot, perform the following steps:[nfs-server] # cd /opt/nfs/ [nfs-server] # ls -l total 0 -rw-r--r--. 1 root root 0 Dec 11 08:13 testfile
On the NFS server side, to have the NFS server service enabled at system boot time, run:
On the NFS server client side, add an entry to the /etc/fstab file, that will ensure the NFS file system is mounted at boot time:[nfs-server] # systemctl enable nfs-server
The options for the NFS file systems are as follows:10.1.1.100:/opt/nfs /mnt/nfs nfs4 soft,intr,nosuid 0 0
- soft = No hard mounting, avoids hanging file access commands on the NFS client, if the NFS servers is unavailable.
- intr = Allow NFS requests to be interrupted if the NFS server goes down or can't be reached.
- nosuid = This prevents remote users from gaining higher privileges by running a setuid program.
This will tell you the established connections for each of the clients, for example:[nfs-server] # netstat -an | grep 10.1.1.100:2049
In the example above you can see that IP address 10.1.1.101 on port 757 (NFS client) is connected to port 2049 on IP address 10.1.1.100 (NFS server).tcp 0 0 10.1.1.100:2049 10.1.1.101:757 ESTABLISHED
If you found this useful, here's more on the same topic(s) in our blog:
- Keystrokes used in top
- Unable to remove hdiskpower devices due to a method error
- Ping tricks
- Using a proxy for wget
- Finding and removing core dumps
UNIX Health Check delivers software to scan Linux and AIX systems for potential issues. Run our software on your system, and receive a report in just a few minutes. UNIX Health Check is an automated check list. It will report on perfomance, capacity, stability and security issues. It will alert on configurations that can be improved per best practices, or items that should be improved per audit guidelines. A report will be generated in the format you wish, and the report includes the issues discovered and information on how to solve the issues as well.
Interested in learning more?
Interested in learning more?