Skip to content

Instantly share code, notes, and snippets.

@nu11secur1ty

nu11secur1ty/Setting up an NFS Server.md

Last active April 21, 2023 15:18
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save nu11secur1ty/b7e41210e274c98f39b7c397d44f1f6f to your computer and use it in GitHub Desktop.
Save nu11secur1ty/b7e41210e274c98f39b7c397d44f1f6f to your computer and use it in GitHub Desktop.
Download ZIP
Setting up an NFS Server and Client on Debian Wheezy
Raw
Setting up an NFS Server.md

#Intro This guide explains how to set up an NFS server and an NFS client on Debian Wheezy. NFS stands for Network File System; through NFS, a client can access (read, write) a remote share on an NFS server as if it was on the local hard disk. In this Tutorial I will show you two different NFS exports, the export of a client directory that stores files as user nobody / nogroup without preserving filesystem permissions and a export of the /var/www directory which preserves permissions and ownerships of files, as required on a hosting server setup. #server:

NFS Server: server.example.com, IP address: 192.168.0.100
NFS Client: client.example.com, IP address: 192.168.0.101

Installing NFS

apt-get install nfs-kernel-server nfs-common

Then we create the system startup links for the NFS server and start it:

chkconfig --levels 235 nfs on
/etc/init.d/nfs start

#client: On the client we can install NFS as follows (this is actually the same as on the server):

apt-get install nfs-common

#Exporting Directories on the Server #server: I will make, the directories /home/client1 and /var/www accessible to the client to show the two different access modes of the nfs server. The directory /home/client1 is shared in standard mode, so all files written to this directory are stored as user nobody and group nogroup. For the directory /var/www I use the no_root_squash option which instructs the nfs server to preserve permissions and ownerships of the files. This is e.g. required when you like to export the /var/www directory of a webserver managed with ISPConfig 3

First, I'll create the /home/client1 directory

mkdir /home/client1
chown nobody:nogroup /home/client1
chmod 755 /home/client1

The /var/www directory exists most likely on your server. If not, then create it:

mkdir /var/www
chown root:root /var/www
chmod 755 /var/www

Now we must modify /etc/exports where we "export" our NFS shares. We specify /home/client1 and /var/www as NFS shares and tell NFS to make accesses to /home/client1 as user nobody (to learn more about /etc/exports, its format and available options, take a look at

man 5 exports

vi /etc/exports

/home/client1           192.168.0.101(rw,sync,no_subtree_check)
/var/www        192.168.0.101(rw,sync,fsid=0,crossmnt,no_subtree_check,no_root_squash)

(The no_root_squash option makes that /var/www will be accessed as root.)

To apply the changes in /etc/exports, we restart the kernel nfs server

/etc/init.d/nfs-kernel-server restart

#Mounting the NFS shares on the Client #client: First we create the directories where we want to mount the NFS shares, e.g.:

mkdir -p /mnt/nfs/home/client1
mkdir -p /var/www

If the direcory /var/www exists already on your server, then stop apache, rename the directory and create a new empty directory as mountpoint

/etc/init.d/apache2 stop
mv /var/www /var/www_bak
mkdir -p /var/www

Afterwards, we can mount them as follows:

mount 192.168.0.100:/home/client1 /mnt/nfs/home/client1
mount 192.168.0.100:/var/www /var/www

You should now see the two NFS shares in the outputs of

df -h

[root@client ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/vg_server2-LogVol00
                      9.7G  1.7G  7.5G  18% /
tmpfs                 499M     0  499M   0% /dev/shm
/dev/sda1             504M   39M  440M   9% /boot
192.168.0.100:/home/client1   9.7G  1.7G  7.5G  19% /mnt/nfs/home/client1
192.168.0.100:/var/www
                      9.7G  1.7G  7.5G  19% /var/www
[root@client ~]#

and

mount

[root@client ~]# mount
/dev/mapper/vg_server2-LogVol00 on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw)
/dev/sda1 on /boot type ext4 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
192.168.0.100:/home/client1 on /mnt/nfs/home/client1 type nfs (rw,vers=4,addr=192.168.0.100,clientaddr=192.168.0.101)
192.168.0.100:/var/www on /var/www type nfs (rw,vers=4,addr=192.168.0.100,clientaddr=192.168.0.101)
[root@client ~]#

Testing

On the client, you can now try to create test files on the NFS shares: #client:

touch /mnt/nfs/home/client1/test.txt
touch /var/www/test.txt

Now go to the server and check if you can see both test files: #server:

ls -l /home/client1/

[root@server ~]# ls -l /home/client1
total 0
-rw-r--r-- 1 nobody nogroup 0 Feb 02 16:58 test.txt
[root@server ~]#

ls -l /var/nfs

[root@server ~]# ls -l /var/www
total 0
-rw-r--r-- 1 root root 0 Feb 02 16:58 test.txt
[root@server ~]#

(Please note the different ownerships of the test files: the /home/client1 NFS share gets accessed as nobody / nogroup and is owned by nobody / nogroup; the /var/www share gets accessed as root, therefore /var/www/test.txt is owned by user and group root.) #Mounting NFS Shares At Boot Time Instead of mounting the NFS shares manually on the client, you could modify /etc/fstab so that the NFS shares get mounted automatically when the client boots. #client: Open /etc/fstab and append the following lines:

vi /etc/fstab

[...]
192.168.0.100:/home/client1  /mnt/nfs/home/client1   nfs      rw,sync,hard,intr  0     0
192.168.0.100:/var/www  /var/www   nfs      rw,sync,hard,intr  0     0

Instead of rw,sync,hard,intr you can use different mount options. To learn more about available options, take a look at

man nfs

To test if your modified /etc/fstab is working, unmount the shares and run mount -a:

umount /mnt/nfs/home/client1
umount /var/www
mount -a

You should now see the two NFS shares in the outputs of

df -h

[root@client ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/vg_server2-LogVol00
                      9.7G  1.7G  7.5G  18% /
tmpfs                 499M     0  499M   0% /dev/shm
/dev/sda1             504M   39M  440M   9% /boot
192.168.0.100:/home/client1   9.7G  1.7G  7.5G  19% /mnt/nfs/home/client1
192.168.0.100:/var/www
                      9.7G  1.7G  7.5G  19% /var/www
[root@client ~]#

and

mount

[root@client ~]# mount
/dev/mapper/vg_server2-LogVol00 on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw)
/dev/sda1 on /boot type ext4 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
192.168.0.100:/home/client1 on /mnt/nfs/home/client1 type nfs (rw,vers=4,addr=192.168.0.100,clientaddr=192.168.0.101)
192.168.0.100:/var/www on /var/www type nfs (rw,vers=4,addr=192.168.0.100,clientaddr=192.168.0.101)
[root@client ~]#
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment