NFS Server Setup and Configuration Guide
Uploaded by
lokeshreddy0213NFS Server Setup and Configuration Guide
Uploaded by
lokeshreddy0213Common questions
Powered by AITo allow write access on an NFS client, change the permissions of the NFS share directory. If the error indicates read-only access due to 755 permissions, you can either set the shared folder permissions to 777 or change its ownership. Use `chown nobody.nobody /mnt/nfs_vol1/share1` to change the owner and group owner to 'nobody', which RHEL 9 uses as the default NFS anonymous user. After this change, clients will be able to write to the shared directory .
To mount an NFS share permanently on a client system, first ensure the share is visible using `showmount -e serverb`. Create a mount directory on the client system, e.g., `mkdir /mnt/vol1`. Add the NFS share to the `/etc/fstab` file with `serverb.lab.example.com:/myshare /mnt/vol1 nfs defaults 0 0`. Apply the configuration with `mount -a` and reload the system daemon using `systemctl daemon-reload`. Finally, check the mount point using `df -hT` to ensure it's correctly mounted .
To automate the mounting of an NFS share on an NFS client system, install the `autofs` package with `yum install autofs -y`. Edit the `/etc/auto.master` file to include the line `/mnt/nfs_vol1 /etc/auto.misc --timeout=1`. Modify the `/etc/auto.misc` file to add the NFS share with options `linux -rw,sync,fstype=nfs4 serverb.lab.example.com:/mnt/nfs_vol1/share1`. Enable and start the `autofs` service with `systemctl enable --now autofs`. The NFS share will mount automatically when accessed and unmount on inactivity .
Changing the ownership and group ownership of an NFS share folder to `nobody` aligns with the default anonymous user for NFS, facilitating write permissions for client systems that otherwise face restrictions due to directory permissions, such as 755. This adjustment ensures that files created by clients align with an ownership that doesn't conflict with server-side settings, effectively granting clients write capabilities without globally opening permissions through 777 settings .
To share a specific partition across different systems using NFS, connect to `serverb` and create a partition on `/dev/vdb`, changing its type to LVM. Create a volume group and physical volume with `vgcreate nfs_vg /dev/vdb3`. Make a logical volume with `lvcreate -n vol1 -L 1GB nfs_vg` and format it using `mkfs.ext4 /dev/nfs_vg/vol1`. Mount it to a directory, e.g., `mkdir /mnt/nfs_vol1`, then get the UUID using `blkid` and add it to `/etc/fstab`. Create a directory in the logical volume, specify it in the exports file for sharing, and export it with `exportfs -rv`. Ensure the changes are reflected on the client by updating `/etc/fstab` for permanent mounting .
Setting directory permissions to 777 on NFS shares allows all users read, write, and execute access. The immediate benefit is ease of access, avoiding permission-related errors for any user trying to write to or execute files in the directory. However, this also presents significant security risks, as any user with network access can modify or delete files, potentially leading to data loss or corruption and making the system susceptible to malicious activities. A more secure approach would be to adjust ownership and limit access to specific users or groups as needed .
To extend an existing logical volume used for NFS sharing, run `lvextend -r -L 1.5G /dev/nfs_vg/vol1` on `serverb`. This command extends the logical volume size to 1.5 GB, automatically resizing the filesystem as well. On the NFS client system, the new size will be apparent when checking the NFS share with `df -hT`. The client system does not require any additional steps to recognize the increased space as the extension is handled transparently .
To configure an NFS server on Linux, install the `nfs-utils` package with `yum install nfs-utils -y`. Start the NFS service using `systemctl enable --now nfs-server`. Then, add NFS services to the firewall using `firewall-cmd --add-service={nfs,rpc-bind,mountd}` and make it permanent with `firewall-cmd --add-service={nfs,rpc-bind,mountd} --permanent`. Create a directory (`mkdir /myshare`), edit the `/etc/exports` file to share it (`/myshare *.lab.example.com(ro,sync)`), and export the directory with `exportfs -rv`. Check the shared directory using `showmount -e serverb` .
To configure a shared folder on a new logical volume for NFS, begin by creating the volume group that includes the new partition, and make a logical volume with `lvcreate`. Format the logical volume, mount it to a directory like `/mnt/nfs_vol1`, and add it to `/etc/fstab` using its UUID for automatic mounting. Create a share folder in the logical volume, e.g., `mkdir /mnt/nfs_vol1/share1`, and define it in `/etc/exports` for NFS sharing. Export the directory with `exportfs -rv`. These steps ensure the folder is both available and advertised for client systems to access .
An NFS client may encounter a 'Read-Only filesystem' error when the `etc/exports` file on the NFS server is configured with 'ro' (read-only) permissions. If a client attempts to write to such a file system, it will be denied due to these export settings. To resolve this, you need to change the relevant line in the `/etc/exports` file on the NFS server to 'rw' (read-write), for example, `/mnt/nfs_vol1/share1 *.*(rw,sync)`. Re-export the directories with `exportfs -rv` to apply the changes and allow write access .