Skip to main content

LFCS Certification Course

Chapter #22: Configuring an NFS Server

Learn how to configure an NFS server on Linux, export directories, and automatically mount NFS shares using autofs.

Chapter #22: Configuring an NFS Server
Set up network file sharing on Linux with NFS and automounting using autofs.

In this chapter, we'll guide you through configuring your NFS server without authentication security, enabling you to set up network shares for Linux clients as if those file systems were part of the local system.

πŸ’‘
Note that you can use LDAP or NIS for authentication purposes, but both options are out of the scope of the LFCE certification.

Once the NFS server is operational, we'll focus on:

  1. Specifying and configuring the local directories to share over the network.
  2. Mounting those network shares on clients automatically, using either the /etc/fstab file or the automount kernel-based utility (autofs).

We'll explain when to choose one method over the other.

Exporting NFS Network Shares

The /etc/exports file contains the main configuration directives for our NFS server, defines the file systems that will be exported to remote hosts and specifies the available options.

In this file, each network share is indicated using a separate line, which has the following structure:

/filesystem/to/export client1([options]) clientN([options])

Where:

  • /filesystem/to/export is the absolute path to the exported file system.
  • client1 to clientN represent specific clients (hostname or IP address) or networks (wildcards allowed) to which the share is exported.
  • options is a comma-separated list of options considered when exporting the share.
πŸ’‘
Please note that there are no spaces between each hostname and the parentheses it precedes.

Here is a list of the most-frequent options and their respective description:

  • ro (read-only): Remote clients can mount the exported file systems with read permissions only.
  • rw (read-write): Allows remote hosts to make write changes in the exported file systems.
  • sync: The NFS server replies to requests only after changes have been committed to permanent storage.
  • async: May increase performance but at the cost of data loss or corruption after an unclean server restart.
  • root_squash: Prevents remote root users from having superuser privileges on the server, mapping them to the user ID for user nobody.
  • anonuid / anongid: Explicitly sets the UID and GID of the anonymous account (nobody).
  • subtree_check: Verifies that a requested file is located in the exported subdirectory. Disabling with no_subtree_check can speed up transfers.
πŸ’‘
Note: The default option is no_subtree_check, as subtree checking can cause more problems than it is worth.

In this chapter we will use the directories /NFS-SHARE and /NFS-SHARE/mydir on 192.168.0.10 (NFS server) as our test file systems.

We can always list the available network shares in an NFS server using the following command:

showmount -e [IP or hostname]
List Available Network Shares in an NFS Server

In the output above, we can see that the /NFS-SHARE and /NFS-SHARE/mydir shares on 192.168.0.10 have been exported to client with IP address 192.168.0.17.

Our initial configuration (refer to the /etc/exports directory on your NFS server) for the exported directory is as follows:

/NFS-SHARE          192.168.0.17(fsid=0,no_subtree_check,rw,root_squash,sync,anonuid=1000,anongid=1000)
/NFS-SHARE/mydir    192.168.0.17(ro,sync,no_subtree_check)

After editing the configuration file, restart the NFS service:

service nfs-kernel-server restart   # sysvinit / upstart-based systems
systemctl restart nfs-server        # systemd-based systems

Mounting Exported Network Shares Using Autofs