Introduction
Before windows existed, there was the need to share files between
computers on a network, and so the specification for a Network File
System (NFS) was created. This allows you to remotely mount a directory
to a local system and have it behave as if the files were stored
locally. The goal of this lab is to provide you with practical
experience and instruction on configure a FreeBSD host to share file
systems across different networks. We will also cover granting
appropriate read and write access, and controlling remote root access
over an nfs mounted disk.
Pre Lab Requirements
In order to successfully complete this lab, you are responsible for
reading and understanding the NFS section of the BSD Handbook. This is
a very definitive resource on the subject, and is not specific to only
BSD.
Three File Sharing Scenarios:
- Unix accessing files on Unix (NFS)
- Unix accessing files on Windows (SMBFS)
- Windows accessing files on Unix (SAMBA)
Over the course of the next few labs we will cover each of these
scenarios in detail. It is possible to use an NFS client for windows,
using the "Microsoft Windows Services for UNIX", however this tends not
to work as well as running SAMBA on the Unix machine.
Step 1 – Configuring FreeBSD as an NFS client
- Boot the FreeBSD image stored under D:\COURSES\comp10020\FreeBSD
- login with the fbuser account
- su - root
- use ifconfig to check your network and confirm connectivity
- apply a unique hostname to your machine
- Configure your /etc/hosts file with the hostnames of
your neighbours.
- Create a mountpoint to receive the remote file system (mkdir
/mnt/remote-hostname)
- Note: the NFS client is built into FreeBSD, and does not require
any configuration. There is however an additional service that you can
run that offers caching to speed up network access to files. To enable
this, add the line: nfs_client_enable="YES" to your /etc/rc.conf
- mount a file system from the instructor server (10.100.1.50)
-
- The command for this is: mount <IPAddress or
Hostname>:</shared/path>
- To mount the instructors /usr/ports directory: mount
10.100.1.50:/usr/ports
- Now add this entry to the /etc/fstab file, but use the
noauto option
- Test your entry in /etc/fstab file by unmounting and remounting
(using only the mountpoint as a specification) or by rebooting.
Step 2 – Configure FreeBSD as an NFS server
NFS server
Unix to unix file sharing using NFS (Network File System) is the
standard way to share files over networked unix machines. Once the NFS
server software is enabled through sysinstall (or by making entries
directly to the /etc/rc.conf file) there are a number of processes or
daemons (services) that are used to provide NFS server functionality.
The following are system daemons and files that are used by NFS:
nfsd (the NFS daemon, add: nfs_server_enable="YES" to the rc.conf file)
rpcbind (the Remote Procedure Call daemon, add: rpcbind_enable="YES" to
the rc.conf file)
mountd (Controls access to the mount points that are shared. add:
mountd_enable="YES" to the rc.conf file)
- We will be using sysinstall to enable the nfs server. Start
sysinstall
- Note: You can change the default editor in the options menu, on
the first screen in sysinstall
- Choose post installation tasks (the configure menu)
- Now select the network submenu, and enable the NFS Server
- sysinstall will prompt you to edit the /etc/exports file
Notes
By default directories or whole partitions (file systems) cannot
be mounted from a remote location. You must explicitly export (share)
directories by configuring the /etc/exports file. Different levels of
access can be granted through the /etc/exports file. Based both on
network (IP Address), and username. It is important to consider your
level of trust in the remote machine, should root on someone elses
machine be equivalent to root on your own? Are all of the machines
controlled by you?
Security Options:
root read or write
user read or write
access from certain networks or certain hosts
exporting directory hierarchies (whole directory tree)
- Make an entry in the /etc/exports file to export the
/home directory to everyone in our network (10.100.1.0/24)
- Before exporting /home take a look at the directory listing ls
-l /home
- Work in pairs and have your neighbour mount /home from the nfs
server running on your host
- On the server: Entries in the rc.conf file will only be read at
boot, so none of the services have been started yet
- On the server: Restart the RPC Bind Service: /etc/rc.d/rpcbind
restart
- On the server: Restart the NFS Service: /etc/rc.d/nfsd restart
- On the server: Restart the Mount Service: /etc/rc.d/mountd restart
- On the server: Run: showmount -e (this will list your active
shared, if none check /var/log/messages for errors)
- On the client: mkdir /db_server_over_nfs/home
- On the client: mount <hostname of server>:/home
/db_server_over_nfs/home
- On the client: do a directory listing on the mount point and
confirm you can see the remote files
Step 3 - Expanding The concepts and Tuning NFSd
- Once everything tests out on the client and server side have
someone else in the group become the server and the other will be the
client. This time export /tmp and change the access mode from read only
to read write and also allow root access. Try controlling access from
individual hosts as well as whole networks.
- Configure your client for auto mounting of the nfs shares.
- Tune the NFS Daemon (nfsd) - check the FreeBSD manual - configure
for more nfsd processes - and check the mountd options (-l , -n and -r )
- edit your /etc/fstab file so that the nfs mounts happen
on boot. Why would you want to set the nfs mountable files to the
noauto option in the fstab file? What do the 'bg' and 'soft' switches
do in the options field of the /etc/fstab file?