Set up easy file sharing with NFS on Linux - Open Source - Techguide

http://www.zdnetasia.com/set-up-easy-file-sharing-with-nfs-on-linux_prin...

Set up easy file sharing with NFS on Linux

Vincent Danen, TechRepublic on November 22nd, 2010

NFS is an excellent way of sharing files between Linux and other UNIX systems. While Samba is a great choice due to the compatibility with Windows, if you're in a Windows-less environment, NFS may be a better choice. NFS allows for machines to mount without authentication, at boot, which is great if you have a cluster of systems or if you want to use a centralized home directory system (using an NFS-mounted directory for home directories to keep your configurations and files identical on multiple systems). NFS is also very easy to set up. To begin, you need to install the NFS package, so on Fedora or Red Hat Enterprise Linux and other similar systems, install the nfs-utils package: # yum install nfs-utils Next, you will need to edit /etc/exports which is where we define what filesystems can be remotely accessed. A sample /etc/exports may look like this: /srv hosta.domain.com(rw) hostb.domain.com(ro) /home 192.168.1.0/255.255.255.0(rw) What this /etc/exports does is export the /srv directory on the server to the hosta.domain.com computer as read/write and to hostb.domain.com as read-only. It also exports /home as read/write to any computer in the 192.168.1.0 network (192.168.1.0 being the network address and 255.255.255.0 being the netmask). There are other options you can supply on a per-host or per-network basis, including the no_root_squash option which will not prevent root on a client machine from writing files to the server as root; by default, NFS will map any requests from root on the client to the 'nobody' user on the server. Next, check /etc/hosts.allow and /etc/hosts.deny. NFS will check these files for access controls to the server. This is particularly necessary if you are using wildcards or broad network specifications in /etc/exports; using hosts.allow and hosts.deny you can fine-tune which clients do and don't have access. For instance, you may add in /etc/hosts.deny: portmap:ALL and then in /etc/hosts.allow: portmap: 192.168.1.1, 192.168.1.2, 192.168.1.3 This would only allow the hosts specified in /etc/hosts.allow to connect to the portmap service. You can get more fine-grained and also add entries for lockd, rquotad, mountd, and statd -- all other NFS-related services. Finally, to start NFS sharing, on the server you need to start a few services: # service portmap start # service nfs start # service nfslock start # service rpcbind start # service rpcidmapd start

1 of 3

12/13/2010 10:24 PM

Set up easy file sharing with NFS on Linux - Open Source - Techguide

http://www.zdnetasia.com/set-up-easy-file-sharing-with-nfs-on-linux_prin...

On newer systems, portmap is probably deprecated in favour of portreserve; in that case you would use service portreserve start instead. To see what filesystems are exported, use the exportfs command; if you've made changes to /etc/exports, use exportfs -ra to force NFS to re-read the configuration. To make sure that NFS is running, use the rpcinfo command; if it returns a list of services and addresses being listened to, you know it is running. Finally, if you are running iptables on the server as a firewall, you will need to change what ports the NFS services listen to. By default, these are random unused ports, with portreserve/portmap letting requesting services know what ports to connect to. This is a major difference between NFSv3, where this is true, and NFSv4 which solely uses TCP port 2049, so this largely depends on which version of NFS you plan to use or enforce. On Fedora or Red Hat Enterprise Linux, this can be done by editing /etc/sysconfig/nfs. By default, it's all commented, so the following is what we want to uncomment and define: RQUOTAD_PORT=875 LOCKD_TCPPORT=32803 LOCKD_UDPPORT=32769 MOUNTD_PORT=892 STATD_PORT=662 STATD_OUTGOING_PORT=2020 This will force static ports for the above services. The next step is to open the firewall on these ports, which can be done by editing /etc/sysconfig/iptables (again keeping in mind this is on a RHEL system): # the following are for NFS -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 111 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 111 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 2049 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 32803 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 32769 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 892 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 892 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 875 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 875 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 662 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 662 -j ACCEPT After these changes are made, restart the firewall and the NFS services: # for i in iptables portmap nfs; do service $i restart; done At this point, your NFS server is set up and ready to accept connections from remote clients, which can be tested by mounting one of the exported filesystems on the client: # mkdir -p /server/srv # mount -t nfs server.domain.com:/srv /server/srv

2 of 3

12/13/2010 10:24 PM

Set up easy file sharing with NFS on Linux - Open Source - Techguide

http://www.zdnetasia.com/set-up-easy-file-sharing-with-nfs-on-linux_prin...

If mount does in fact mount the remote filesystem, everything is working as it should. NFS is really easy to use, and it works really well. Being able to mount NFS filesystems at boot is a great boon; you can have NFS mounted filesystems without your users even being aware that they are there, and without any direct intervention by them, which is handy. Vincent Danen works on the Red Hat Security Response Team and lives in Canada. He has been writing about and developing on Linux for over 10 years.
URL:http://www.zdnetasia.com/set-up-easy-file-sharing-with-nfs-on-linux-62204555.htm

3 of 3

12/13/2010 10:24 PM

How to join Ubuntu to a Windows Workgroup - Open Source - Techguide

http://www.zdnetasia.com/how-to-join-ubuntu-to-a-windows-workgroup_...

How to join Ubuntu to a Windows Workgroup

Jack Wallen, TechRepublic on November 29th, 2010

Although many Windows networks take advantage of Active Directory and Domains, I see plenty of smaller networks out there that only use the workgroup solution to enable machines to see one another (and share folders/printers). Most people assume the Workgroup is something that only Windows machines can enjoy. Not so. Linux machines can also take advantage of this networking feature with the help of Samba. Through the magic of blogging, I am going to illustrate how you can join your Linux machine to a Windows Workgroup. For the purpose of simplicity, I am going to demonstrate this task on a Ubuntu 10.04 machine. The process will be similar on just about any distribution (with the biggest difference being the installation of Samba). So, with that said, let's get to it. Installing Samba This, of course, is the first step in this process. To install Samba open up a terminal window and issue the command: sudo apt-get install samba smbfs You will need to enter your sudo password for this to work. There might also be dependencies to install, which will be dictated by what you currently have installed on your system. Once complete, you will have the Samba system installed and ready to be configured. Configuring Samba Now it's time to open up the /etc/samba/smb.conf file and look for the line: workgroup = WORKGROUP You can always open that file with gedit if you like. I prefer using nano as my text editor (no need to start a text editor flame war here). What you need to do is to change WORKGROUP to match the actual name of the Workgroup you need to join. After you have that complete, save the file, and restart Samba with the command: sudo /etc/init.d/smbd restart You can also restart Samba with the command: sudo service samba restart Your Ubuntu machine should now show up for anyone else who happens to be in the same Workgroup. You can also begin sharing out folders to other users. This is very simple to do from within the Nautilus file manager. Just right-click a folder and click the Sharing Options entry. This will allow you to easily set up file sharing as well as specific permissions for that folder. Final thoughts I well remember the days when sharing folders out with Windows computers was a far more challenging task than what you see today. Fortunately, Linux has finally caught up to the idea that being on a homogeneous network should be a no-brainer for users. Hopefully the developers of Samba will eventually create an even simpler way for Linux machines to join a Workgroup--without having to ever open up a command line. Jack Wallen was a key player in the introduction of Linux to the original Techrepublic. Beginning with Red Hat 4.2 and a mighty soap box, Jack had found his escape from Windows. It was around Red Hat 6.0 that Jack landed in the hallowed halls of Techrepublic.

1 of 2

12/13/2010 10:26 PM

How to join Ubuntu to a Windows Workgroup - Open Source - Techguide

http://www.zdnetasia.com/how-to-join-ubuntu-to-a-windows-workgroup_...

URL:http://www.zdnetasia.com/how-to-join-ubuntu-to-a-windows-workgroup-62204782.htm

2 of 2

12/13/2010 10:26 PM