How to Enable Network File System in Linux
February 6, 2021
February 5, 2021
This tutorial assumes you've read about how to set up Wireguard and will use examples throughout as if you had. If you haven't yet read the tutorial on Wireguard, please do so now.
Network File Systems (NFS) is a protocol which mounts the files of another computer onto the one you are using. While I did create a tutorial for Samba that covers this principle, this has more access controls and less limitations. I took longer to write this tutorial because I ran into guffaws configuring NFS, as some computers had the prerequisites installed but others did not. Here's what I found out:
• You need at least two computers, one acting as client, and one acting as server.
• You need to install nfs-common and nfs-utils. Linux Mint Ulyana had it installed already, but Debian Buster did not.
• You need to make sure that NFS has an open port on both client and server, in TCP.
You can change it by editing /etc/default/nfs-common as a privileged user.
• Know your audience. If you want to share with the world, that will require a different approach.
I will only share how to do this over a port-restricted NAT.
• Pre-created mount points on both client and server.
• If you wish to edit the files in this share, you should use an account with the same UID on all devices.
The default user is 1000, www-data is 33, and so on.
DigitalOcean's root user is 1000, so if your user is also 1000 on the client but not root, you will need to assign the UID paramter to the user occupying UID 1001 instead.
• Portmap does not exist in contemporary Debian. Please install rpcbind instead.
Assuming nfs dependencies are NOT installed, install them using the following commands - I assume you are running a privileged terminal session. Enter the following:
apt-get install nfs-common nfs-utils
Now that you've installed the dependencies, you should make sure that the port you specified in /etc/default/nfs-common is allowed on the server and clients you plan to connect to the NFS share with. To make sure the server is up and running, type systemctl status nfs-kernel-server on the server and client. If something went wrong, you will be notified in the output following this command. To exit the status view, press q. To find out what ports NFS is listening on, type rpcinfo -p | grep nfs.
We must now lay the groundwork for files to be placed on both client and server. If you use encrypted home directories, I strongly suggest you use an elevated terminal session to do the following. First, on the SERVER, create the files you want to be exported to another computer. I chose to do the following on my computer:
On the CLIENT computer, open a privileged terminal and type the following:
Before you continue, let's make sure the permissions are adjusted so that they aren't associated with any particular user on the server or client. This will allow the NFS share to assert its own permissions later. With the terminal open on the SERVER, type the following, one after the other:
chown -R nobody:nogroup /export/share1
Now we must open the terminal on the CLIENT, and type the following to ensure that NFS can access the directory and apply the permissions specified by the server. Type the following, one line at a time:
chown -R nobody:nogroup /import/HOSTNAME1/share1
chmod 777 /import/HOSTNAME1/share1
We must bind the directories we created to the ones on the computer with files we wish to share. We are going to need to install rpcbind if it isn't already on the PC. In a privileged terminal, type the following:
apt-get install rpcbind
After you have installed it, you will need to open /etc/fstab on the SERVER in a privileged text editor. Check this sample file to see what needs to be done. The syntax is tutorial parallel, but you can adjust it to your needs. If you want a bind to stop, comment it out.
Reminder: If you try to create subfolders without primary folders, you will run into issues. I mean, I'm used to it being done automatically. Now, we are going to go back to the terminal on the SERVER, to export the filesystem we created in /export/share1 by adding its entry to a file called /etc/exports. See this file for examples. I use comments to explain why I chose the settings I chose, and to offer configuration alternatives that you can enable by removing the hash sign.
Here is the fun part - we will now publish the NFS share we created using the following commands, one after the other, on the SERVER - the first command exports everything listed in /etc/exports, the other restarts the NFS server:
systemctl restart nfs-kernel-server
We must now go back to the CLIENT, and open its /etc/fstab and enter the mount details. See this file for an example. You can mount straight away with mount -a, or you can restart both ends to make sure everything is all right. During Plymouth, press [ESC] to check if your NFS share is mounting correctly. Some directives are required, otherwise your mount will not only fail, but your computer will take 90 seconds longer to boot.
© 2021 Mass Transit Honchkrow | | Last modified (none)