Objective
The objective is to configure basic client/server NFS configuration on Debian 9 Stretch Linux
Operating System and Software Versions
- Operating System: – Debian 9 Stretch
Requirements
Privileged access to your Debian Linux installation.
Difficulty
EASY
Conventions
- # – requires given linux commands to be executed with root privileges either directly as a root user or by use of
sudocommand - $ – requires given linux commands to be executed as a regular non-privileged user
NFS Server Setup
NFS Server Installation
The first step is to install NFS server binaries. To do that use apt command to install nfs-kernel-server package:
# apt-get install nfs-kernel-server
Confirm that NFS server is up and runing:
# systemctl status nfs-kernel-server ● nfs-server.service - NFS server and services Loaded: loaded (/lib/systemd/system/nfs-server.service; enabled; vendor preset: enabled) Active: active (exited) since Mon 2017-06-05 14:20:17 AEST; 1min 8s ago Main PID: 1752 (code=exited, status=0/SUCCESS) linuxconfig systemd[1]: Starting NFS server and services... linuxconfig systemd[1]: Started NFS server and services.
Export NFS directory
Next, we need to export NFS directory. This directory will be eventual mounted remotely, hence accessible via NFS client host. For the purpose of this tutorial we create and export directory called /var/nfs-export. First, create a new nfs-export directory:
# mkdir /var/nfs-export
For testing purposes also create an arbitrary text file:
# cd /var/nfs-export/ # echo LinuxConfig.org > file.txt # cat file.txt LinuxConfig.org
Once ready, used your favorite text editor and create a new NFS export entry within /etc/exports configuration file. For example :
/var/nfs-export *(rw,sync,no_subtree_check,no_root_squash)
The above export will export /var/nfs-export directory to any host with any IP address with read-write access. This is a highly unsecure export. For more NFS export examples enter $ man exports.
To apply changes within /etc/exports configuration file, reload all NFS exports with:
# exportfs -a
If you wish to start your NFS server after reboot, you need enable it with systemctl systemd command:
# systemctl enable nfs-kernel-server Synchronizing state of nfs-kernel-server.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable nfs-kernel-server
NFS Client
Now that the NFS export directory is available to a remote mount. Let’s install NFS client on our client system:
# apt-get install nfs-common
Create a new directory which will be used as a NFS mount point to remotely mount previously exported /var/nfs-export directory:
# mkdir /mnt/nfs
Mount remote NFS export directory:
# mount -t nfs YOUR-NFS-SERVER-IP:/var/nfs-export /mnt/nfs/
Check the content of the NFS export directory and test write access by creating a new empty test file:
# cat /mnt/nfs/file.txt LinuxConfig.org # touch /mnt/nfs/test # ls /mnt/nfs/ file.txt test
To permanently mount NFS export directory on your NFS client, insert a following line into your /etc/fstab config file:
YOUR-NFS-SERVER-IP:/var/nfs-export /mnt/nfs/ nfs
At the moment regular users do not have a write access to the /mnt/nfs/. Any write attempt to this directory will be denied with the following error message:
$ touch /mnt/nfs/file touch: cannot touch 'file': Permission denied
While there are multiple and more secure solutions to this issue, the fastest solution could be to give a write access to the /mnt/nfs/ on the client host to a specific user who needs a write access or to give it to everybody. Example:
# chmod o+w /mnt/nfs/