Offering Network File System Service

Previous page
Table of content
Next page

The Network File System (NFS) is the de facto standard for file system sharing among Linux and Unix computers. Although other Unix standards for file system sharing offer more security-oriented features or provide better network performance, NFS remains the most widely supported file system sharing service in the Unix world.

The NFS Server Configuration tool is not installed by default in Fedora Core 4 unless you chose the Server installation option when you were installing Fedora Core 4 on your computer. Activating your NFS therefore involves the following steps:

1.

Install the NFS Server Configuration tool.

2.

Configure the list of filesystems that you want to share via NFS using the configuration tool.

3.

Configure your firewall to allow NFS traffic through your network interface.

Installing the NFS Server Configuration tool

To install the NFS Server Configuration tool so that you can configure NFS on your system, follow these steps:

1.

Open the Package Management tool by choosing Desktop, System Settings, Add/Remove software from the desktop menubar.

2.

Click the Details button next to the Server Configuration Tools package group. In the details view, check the box next to system-config-nfs, as shown in Figure 33.1. Then click the Close button to close the details view and, in the Package Management tool, click the Update button to update your system.

Figure 33.1. In the Package Management tool's details view for Server Configuration Tools, check the box next to system-config-nfs.


3.

When the list of changes is displayed in a confirmation dialog box, click Continue to install the NFS Server Configuration tool on your Fedora Core 4.

4.

Log out of your desktop and then log back in again to update the list of applications in your menus.

The NFS Server Configuration tool is now installed on your Fedora Core 4 system and is ready to be used.

Adding and Configuring NFS Shares

Before you can enable the NFS service, you must configure it so that only the parts of your file system you choose to share are available on the network. You can configure your NFS service in two ways: by using the NFS Server Configuration tool on your desktop or by editing the NFS server configuration files directory with a text editor.

You can start the NFS Server Configuration tool, shown in Figure 33.2, by choosing Desktop, System Settings, Server Settings, NFS from the desktop menubar.

Figure 33.2. The NFS Server Configuration tool is used to configure your Fedora Core 4 system for the Network File System.


To add an NFS share (a directory tree in your file system that other Linux or Unix users can access), choose File, Add Share or click the Add button near the top of the application window. The Add NFS Share dialog box is displayed, as shown in Figure 33.3.

Figure 33.3. Using the Add NFS Share dialog box, you can add to the list of file system trees that are available to network users.


Enter the name of the directory tree you want to share with other users into the Directory entry box. All the directory tree's contents are available to other users via NFS after you share it.

In the Host(s) entry box, you must enter a host or set of hosts on your network that are allowed to use this shared file system. Hosts can be specified in several ways:

  • To share this directory tree with a single host, enter the host's IP address or name into the box. For example, enter the following:

     10.2.4.24

    or

     workstation10.mycompany.com

  • To share this directory tree with an entire subnetwork, enter the host's IP address, a slash, and then the network mask (you can obtain the network mask from your system administrator). For example, the following entry shares with every machine on the 10.2.4 subnetwork:

     10.2.4.0/255.255.255.0

  • To share this directory tree with an entire domain or subdomain, use an asterisk (*) as a wildcard (pattern matching) character to indicate the range of hosts you want to share with. For example, the following entry shares with every host on the mycompany.com domain:

 *.mycompany.com

Set the Basic Permissions option to suit your needs. If you want users to be able to read or write to files, select Read/Write; otherwise, select Read-only. Note that Linux file system permissions still apply, even when a directory tree is shared as read/write; users still are prevented from accessing files they don't have permission to access.

After you fill out the Basic tab, click the OK button to dismiss the Add NFS Share dialog box and add the directory tree to the list of shared file systems. The new shared directory tree appears in the list of shared directories in the NFS Server Configuration tool, as shown in Figure 33.4.

Figure 33.4. After you enter share details into the Add NFS Share dialog box, the directory tree appears in the NFS Server Configuration tool.


Repeat the process as many times as necessary to add other directory trees you want to share on your network. After your list of shared directory trees is complete, you can close the configuration tool window by clicking on the Close Window button or by choosing File, Quit from the application menu.

Starting NFS Automatically via the Desktop

To cause the NFS service to start automatically each time your computer is started using the list of shares you created, you must enable NFS in the list of services that are associated with your default runlevel.

To enable NFS, choose Desktop, System Settings, Server Settings, Services to launch the Service Configuration tool. In the Service Configuration tool, ensure that the nfs service is checked, as shown in Figure 33.5.

Figure 33.5. Using the Service Configuration tool, you can specify that the NFS service should start automatically.


If the nfs service is not checked, check it now to indicate that NFS should be started when your computer starts. After you enable the service, click Save to save your changes. Then choose File, Quit to exit the tool.

Configuring NFS at the Command Line

The NFS service can also be configured from the command line, if you are more comfortable editing configuration files directly. The NFS service is controlled by the /etc/exports file, which is a text file listing the directory trees to be shared, one per line. To configure your NFS service, simply load the /etc/exports file into your favorite text editor and edit it. The format of each line in the /etc/exports file is as follows:

 /directorytree host(access)

Replace /directorytree with the directory tree that should be shared, host with the host or set of hosts to share using the same format given in the "Adding and Configuring NFS Shares" section earlier this chapter, and access with either ro for read-only access or rw for read/write access.

For example, to share /home/you with all the hosts directly in the mycompany.com domain, giving read-only access to the file system, enter the following line into the /etc/exports file:

 /home/you *.mycompany.com(ro)

To also share /publicfiles/august with read/write access to all the machines on the 10.2.4 subnetwork and /tmp with read/write access to a host called barney, enter the following lines into the /etc/exports file:

 /publicfiles/august 10.2.4.0/255.255.255.0(rw) /tmp barney.mycompany.com(rw)

Enter a line for each directory tree you want to share into the /etc/exports file. When you finish editing the file, save it and exit the text editor.

If you are not already running the NFS service and want to start it immediately based on your new settings, call the service command with the nfs and start arguments:

 [root@workstation20 you]# /sbin/service nfs start Starting NFS services:                     [ OK ] Starting NFS quotas:                       [ OK ] Starting NFS daemon:                       [ OK ] Starting NFS mountd:                       [ OK ] [root@workstation20 you]#

Use restart Instead of start for Running Services

If you are already running the NFS service and want the changes you've made to /etc/exports to take effect, use the restart argument instead of the start argument when calling the nfs script.


As the service command starts the NFS server, you should see four progress messages, each followed by the word OK in brackets. If instead at some point you see FAILED, check your /etc/exports file to make sure that you have formatted it correctly and check your system log for diagnostic information the NFS service is returning. For further help with the format of /etc/exports, see the exports manual page. Consider also consulting your Linux system logs. For details on how to do this, refer to Chapter 29.

Starting NFS Automatically via the Command Line

You can use the chkconfig command at the command line to cause the NFS service to start automatically each time you start your computer.

To cause NFS to automatically start for a specific runlevel, supply the --level option and the runlevel you want to use with NFS:

 [root@workstation20 you]# /sbin/chkconfig --level 5 nfs on [root@workstation20 you]#

After you use the chkconfig command to enable NFS, NFS automatically starts each time you boot.

Allowing NFS Through Your Firewall

Even if you have correctly configured NFS and started the NFS service, you cannot share files with other Linux or Unix users unless you instruct the Linux firewall to allow NFS traffic to be processed.

The mechanism NFS uses to mount shared directory trees is actually quite complex and thus requires both tcp and udp access to ports 111, 369, and 2049. These numbers correspond to the sunrpc, rpc2portmap, and nfs services in the /etc/services file, respectively.

What Is All This Network Jargon?

RPC stands for Remote Procedure Call, UDP for User Datagram Protocol, and TCP for Transmission Control Protocol. These standards are all used extensively in Internet networking and Unix operating systems. All three types of communication are essential for the proper functioning of NFS.

For more information on RPC, UDP, TCP, and other networking terms, consult a comprehensive guide to TCP/IP networking.


To allow NFS requests to reach your Linux system, you must lower your firewalling security level to Medium and then create special filtering exceptions for these ports. To do this, start the Security Level Configuration tool by choosing Desktop, System Settings, Security Level. Check the Customize option, and enter the following list of ports into the Other Ports entry box:

 111:tcp,111:udp,369:tcp,369:udp,2049:tcp,2049:udp

If you previously allowed traffic on other ports or for other services using the Security Level Configuration tool, don't forget to enter them again, too: The settings you're entering now replace the previous security level settings, not augment them.

After you finish with the Security Level Configuration tool, click the OK button to accept, save, and activate your changes. Remote users should now be able to mount your shared NFS directory trees without problems.


    Previous page
    Table of content
    Next page
    SAMS Teach Yourself Red Hat(r) Fedora(tm) 4 Linux(r) All in One
    Cisco ASA and PIX Firewall Handbook
    ISBN: N/A
    EAN: 2147483647
    Year: 2006
    Pages: 311
    Authors: David Hucaby
    BUY ON AMAZON
    Crystal Reports 9 on Oracle (Database Professionals)
    Adobe After Effects 7.0 Studio Techniques
    The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
    The Oracle Hackers Handbook: Hacking and Defending Oracle
    MPLS Configuration on Cisco IOS Software
    Python Standard Library (Nutshell Handbooks) with
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy