Author Photo

Ahmer's SysAdmin Recipes is a blog for Linux System Administrators. This blog provides recipes for Installation & Configuration of Linux, Ubuntu, Oracle Database, MySQL, Apache, Nginx, Oracle Cloud Control, FreeIPA, Kerberos & OpenLDAP, Subversion, PXE, DevOps, etc. over Red Hat Enterprise Linux (RHEL), CentOS, Ubuntu and Windows.

Please give me your feedback and help me improve this blog. Please let me know If you want me to write on a specific topic.

Saturday, 1 December 2018

Configure NFS Server and Client in CentOS/RHEL 7

Configure NFS Server and Client in CentOS/RHEL 7NFS (Network File System) is a distributed file system to share the files among network clients. NFS is developed by Sun Microsystem in 1984. NFS is de facto standard for sharing files in various distros of Linux. It has many features to securely share files among specific clients. It also supports Kerberos based authentication.

In this article, we will configure a NFS Server and Client in CentOS/RHEL 7 to share a directory.

 

System Specification:

We are using two Red Hat Enterprise Linux (RHEL) 7 servers. We will use one as the NFS Server and the other as the NFS Client.

NFS Server: nfsserver.example.com
NFS Client: nfsclient.example.com
Operating System: RHEL 7.0

 

Configure NFS Server on CentOS/RHEL 7:

Connect to nfsserver.example.com using ssh as root user.

To configure NFS Server, we have to install nfs-utils package. Usually, this package is automatically installed during installation of Red Hat Enterprise Linux (RHEL) or CentOS 7. However, you can install it anytime using yum command.

[root@nfsserver ~]# yum install -y nfs-utils Loaded plugins: langpacks, product-id, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Package 1:nfs-utils-1.3.0-0.el7.x86_64 already installed and latest version Nothing to do

nfs-utils is already installed on our system.

Create a directory to share with other clients.

[root@nfsserver ~]# mkdir /nfsshare [root@nfsserver ~]# chgrp nfsnobody /nfsshare/ [root@nfsserver ~]# chmod g+w /nfsshare/

We have created a directory /nfsshare, changed its group to nfsnobody and w rights has been given to group. So, the anonymous users can create files on this shared directory.

Adjust SELinux type of the /nfsshare directory.

[root@nfsserver ~]# semanage fcontext -a -t nfs_t "/nfsshare(/.*)?" [root@nfsserver ~]# restorecon -Rv /nfsshare/ restorecon reset /nfsshare context unconfined_u:object_r:default_t:s0->unconfined_u:object_r:nfs_t:s0

If semanage command does not available on your system then install policycoreutils-python package.

Now export/share this directory to specific clients via NFS.

[root@nfsserver ~]# echo '/nfsshare nfsclient.example.com(rw,sync)' >> /etc/exports [root@nfsserver ~]# exportfs -r

Enable and start the nfs-server service.

[root@nfsserver ~]# systemctl start nfs-server ; systemctl enable nfs-server ln -s '/usr/lib/systemd/system/nfs-server.service' '/etc/systemd/system/nfs.target.wants/nfs-server.service'

Allow nfs and other supplementary services through Linux firewall.

[root@nfsserver ~]# firewall-cmd --permanent --add-service={mountd,nfs,rpc-bind} success [root@nfsserver ~]# firewall-cmd --reload success

NFS Server has been configured.

 

Configure NFS Client on CentOS/RHEL 7:

Connect to the nfsclient.example.com and install nfs-utils package.

[root@nfsclient ~]# yum install -y nfs-utils Loaded plugins: langpacks, product-id, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. localyum | 4.1 kB 00:00 Resolving Dependencies --> Running transaction check ---> Package nfs-utils.x86_64 1:1.3.0-0.el7 will be installed --> Processing Dependency: libtirpc >= 0.2.3-1 for package: 1:nfs-utils-1.3.0-0.el7.x86_64 --> Processing Dependency: keyutils for package: 1:nfs-utils-1.3.0-0.el7.x86_64 --> Processing Dependency: libevent for package: 1:nfs-utils-1.3.0-0.el7.x86_64 --> Processing Dependency: libnfsidmap for package: 1:nfs-utils-1.3.0-0.el7.x86_64 --> Processing Dependency: rpcbind for package: 1:nfs-utils-1.3.0-0.el7.x86_64 --> Processing Dependency: libevent-2.0.so.5()(64bit) for package: 1:nfs-utils-1.3.0-0.el7.x86_64 --> Processing Dependency: libnfsidmap.so.0()(64bit) for package: 1:nfs-utils-1.3.0-0.el7.x86_64 --> Processing Dependency: libtirpc.so.1()(64bit) for package: 1:nfs-utils-1.3.0-0.el7.x86_64 --> Running transaction check ---> Package keyutils.x86_64 0:1.5.8-3.el7 will be installed ---> Package libevent.x86_64 0:2.0.21-4.el7 will be installed ---> Package libnfsidmap.x86_64 0:0.25-9.el7 will be installed ---> Package libtirpc.x86_64 0:0.2.4-0.3.el7 will be installed ---> Package rpcbind.x86_64 0:0.2.0-23.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: nfs-utils x86_64 1:1.3.0-0.el7 localyum 357 k Installing for dependencies: keyutils x86_64 1.5.8-3.el7 localyum 54 k libevent x86_64 2.0.21-4.el7 localyum 214 k libnfsidmap x86_64 0.25-9.el7 localyum 45 k libtirpc x86_64 0.2.4-0.3.el7 localyum 85 k rpcbind x86_64 0.2.0-23.el7 localyum 55 k Transaction Summary ================================================================================ Install 1 Package (+5 Dependent packages) Total download size: 810 k Installed size: 2.2 M Downloading packages: -------------------------------------------------------------------------------- Total 1.0 MB/s | 810 kB 00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : libtirpc-0.2.4-0.3.el7.x86_64 1/6 Installing : rpcbind-0.2.0-23.el7.x86_64 2/6 Installing : keyutils-1.5.8-3.el7.x86_64 3/6 Installing : libevent-2.0.21-4.el7.x86_64 4/6 Installing : libnfsidmap-0.25-9.el7.x86_64 5/6 Installing : 1:nfs-utils-1.3.0-0.el7.x86_64 6/6 Verifying : 1:nfs-utils-1.3.0-0.el7.x86_64 1/6 Verifying : libtirpc-0.2.4-0.3.el7.x86_64 2/6 Verifying : libnfsidmap-0.25-9.el7.x86_64 3/6 Verifying : libevent-2.0.21-4.el7.x86_64 4/6 Verifying : keyutils-1.5.8-3.el7.x86_64 5/6 Verifying : rpcbind-0.2.0-23.el7.x86_64 6/6 Installed: nfs-utils.x86_64 1:1.3.0-0.el7 Dependency Installed: keyutils.x86_64 0:1.5.8-3.el7 libevent.x86_64 0:2.0.21-4.el7 libnfsidmap.x86_64 0:0.25-9.el7 libtirpc.x86_64 0:0.2.4-0.3.el7 rpcbind.x86_64 0:0.2.0-23.el7 Complete!

Create a directory, to mount the shared directory from nfsserver.example.com.

[root@nfsclient ~]# mkdir /mnt/nfsshare

Check the shared directories from nfsserver.example.com.

[root@nfsclient ~]# showmount -e nfsserver.example.com Export list for nfsserver.example.com: /nfsshare nfsclient.example.com [root@nfsclient ~]#

Persistently mount this shared directory by adding following entry in /etc/fstab.

[root@nfsclient ~]# echo 'nfsserver.example.com:/nfsshare /mnt/nfsshare nfs defaults,_netdev 0 0' >> /etc/fstab [root@nfsclient ~]# mount -a [root@nfsclient ~]#

Check the status of mounted directory.

[root@nfsclient ~]# mount | grep nfs nfsserver.example.com:/nfsshare on /mnt/nfsshare type nfs4 (rw,relatime,vers=4.0,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.116.202,local_lock=none,addr=192.168.116.200,_netdev)

Create a file in this shared directory, to verify the file permissions.

[root@nfsclient ~]# cd /mnt/nfsshare/ [root@nfsclient nfsshare]# touch test1 [root@nfsclient nfsshare]# ls -al total 0 drwxrwxr-x. 2 root nfsnobody 18 Jul 31 07:32 . drwxr-xr-x. 4 root root 31 Jul 31 07:23 .. -rw-r--r--. 1 nfsnobody nfsnobody 0 Jul 31 07:32 test1 [root@nfsclient nfsshare]#

We have successfully configure NFS server and client on CentOS/RHEL 7 and persistently mount the NFS share on that client.

However, this NFS share is not secured and anyone can write on this directory. For configuring a secure NFS share, you should read our article Configure a Kerberized NFS Server in RHEL 7.

Configure NFS Server and Client in CentOS/RHEL 7


YOU MIGHT ALSO LIKE:

No comments:

Post a Comment