NFS and SAMBA

Network File system (NFS)

The Network File System (NFS) was developed to allow machines to mount a disk partition on a remote machine as if it were on a local hard drive

/etc/exports - The configuration file

  • Exported directories are defined in /etc/exports
  • Each entry specifies the hosts to which the filesystem is exported plus associated permissions and options

An entry in /etc/exports will typically look like this:

directory machine1(option11,option12) machine2(option21,option22)
/export/vmware 192.168.123.0/255.255.255.0(rw,sync,insecure,no_root_squash,no_subtree_check)

The latest nfs-utils introduced /etc/exports.d; the files under the directory are loaded as if they are part of /etc/exports. Added/removing a new export point to the system becomes easier; just put or remove a file under the directory.

The following options can be used:

  • ro: The directory is shared read only; the client machine will not be able to write to it. This is the default
  • rw: The client machine will have read and write access to the directory
  • no_root_squash: By default, any file request made by user root on the client machine is treated as if it is made by user nobody on the server. If no_root_squash is selected, then root on the client machine will have the same level of access to the files on the system as root on the server. This can have serious security implications, although it may be necessary if you want to perform any administrative work on the client machine that involves the exported directories.
  • no_subtree_check: If only part of a volume is exported, a routine called subtree checking verifies that a file that is requested from the client is in the appropriate part of the volume. If the entire volume is exported, disabling this check will speed up transfers.
  • sync: By default, all but the most recent version (version 1.11) of the exportfs command will use async behavior, telling a client machine that a file write is complete - that is, has been written to stable storage - when NFS has finished handing the write over to the filesysytem. This behavior may cause data corruption if the server reboots, and the sync option prevents this.

Examples:

To give read write or read only permissions to systems: 

  /home        192.168.0.1(rw) 192.168.0.2(ro)

To give read/write all the systems in network 192.168.0 

 /home      192.168.0.0/255.255.255.0(rw)

To give read/write permission to all systems in test.com 

 /home      *.test.com(rw)

To export to all the systems 

 /home     *(rw)

NFS Daemons

  • portmap maps calls made from other machines to the correct RPC service
  • rpc.nfsd, which does most of the work
  • rpc.lockd and rpc.statd, which handle file locking;
  • rpc.mountd, which handles the initial mount requests,
  • rpc.rquotad, which andles user file quotas on exported volumes.

Note: In recent linux releases, lockd is called by nfsd upon demand, so you do not need to worry about starting it yourself.

To unexport all the exported directories 

 # exportfs -ua

To re-read /etc/exports file 

 # exportfs -ra

To un-export a share (/data) which is exported to all the hosts 

 # exportfs -u *:/data

syntax: exportfs -u hostname:/<dir_name>

Problem: df: `/dir1': Stale NFS file handle
Solution: Umount using umount -f option 

 umount -f /dir1

Problem:
Could not mount the NFS share exported from linux to aix server.
Sol: export the filesystem on linux with inseure option 

 /stage 10.253.1.0/24(sync,insecure)