Adding a NFS Server to Nethserver
This is way out of date now
The information in this post is so out-dated that I wonder why I'm keeping it around. I guess I'm a digital hoarder...
Disclaimer
As always, use documents you find on blogs at your own risk. This worked for me. It may not work for you.
I've recently started playing with an install of Nethserver and I believe I've found the replacement for my Zentyal server.
Zentyal was great when I first discovered it, but with the latest release (4.1) there have been some features that have dropped off...but my gripes about Zentyal can be its own post for a later date.
Back to the real reason I'm writing this. I wanted an NFS server running on the nethserver due to the fact some of my applications where not playing well with the Samba ACLs. Files could be created, but if the file was needing to be modified after the original creation, this operation would fail. (Most likey due to an issue in the application writing to the share or a configuration error on my part)
Either way, I decided to stand up the NFS service rather than troubleshooting further...
Defining the NFS service
I originally started following this doc on the nethserver community pages, but have since deviated a bit from it. Big shout-out to the user 'islipfd19' on the community pages for his doc!!
Here is how I got NFS working on my nethserver.
First, we need the NFS server packages.
yum install nfs-utils nfs-utils-lib
Define your exports in /etc/exports
. This is just an example (pulled direct
from the man page for exports
) and will more than likely have to be tweaked a
bit.
/projects proj*.local.domain(rw)
Enable and start the NFS service(s)
chkconfig nfs on
service rpcbind start
service nfs start
At this point, you will most likely not have access to the services as we have not defined them nor have we poked any firewall holes, but we are getting there.
Next, create our defaults landing zone for the new service(s). This is taken directly from the doc mentioned above.
mkdir -p /etc/e-smith/db/configuration/defaults/nfs
mkdir -p /etc/e-smith/db/configuration/defaults/nfslock
mkdir -p /etc/e-smith/db/configuration/defaults/rpcbind
mkdir -p /etc/e-smith/db/configuration/defaults/rpcgssd
mkdir -p /etc/e-smith/db/configuration/defaults/rpcidmapd
mkdir -p /etc/e-smith/db/configuration/defaults/rpcsvcgssd
Now, to make firewall rules easier, lets configure some portmap static ports
for NFS to listen on. I just chose the ones already mentioned in the comments
of /etc/sysconfig/nfs
. (these ports are in addition to TCP/UDP 111 and
TCP/UDP 2049 which are the defaults for RPC 4.0 portmapper and NFSD (nfs
server) respectivly)
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
RQUOTAD_PORT=875
STATD_PORT=662
STATD_OUTGOING_PORT=2020
Next, define the service using e-smith config
(should be in your path, but if
not it is located at /sbin/e-smith/config
)
For the NFS server and to make firewalls easier
From what I can tell, using config
defines the service in the nethserver
database, and creating the files in
/etc/e-smith/db/configuration/defaults/[service_name]/
defines the default
settings.
config set nfs service status enabled
config setprop nfs TCPPorts 111,662,875,892,2020,2049,32803
config setprop nfs UDPPorts 111,662,875,892,2020,2049,32769
config setprop nfs access private
echo "enabled" > /etc/e-smith/db/configuration/defaults/nfs/status
echo "111,662,875,892,2020,2049,32803" > /etc/e-smith/db/configuration/defaults/nfs/TCPPorts
echo "111,662,875,892,2020,2049,32769" > /etc/e-smith/db/configuration/defaults/nfs/UDPPorts
echo "private" > /etc/e-smith/db/configuration/defaults/nfs/access
For the rest of the services that make up NFS
nfslock
config set nfslock service status enabled
echo "enabled" > /etc/e-smith/db/configuration/defaults/nfslock/status
rpcbind
config set rpcbind service status enabled
echo "enabled" > /etc/e-smith/db/configuration/defaults/rpcbind/status
rpcgssd
config set rpcgssd service status enabled
echo "enabled" > /etc/e-smith/db/configuration/defaults/rpcgssd/status
rpcidmapd
config set rpcidmapd service status enabled
echo "enabled" > /etc/e-smith/db/configuration/defaults/rpcidmapd/status
rpcsvcgssd
config set rpcsvcgssd service status enabled
echo "enabled" > /etc/e-smith/db/configuration/defaults/rpcsvcgssd/status
Now, signal the firewall to save and update.
signal-event nethserver-firewall-base-save
signal-event nethserver-firewall-base-update
There should now be the new services listed on the Dashboard's 'Services' tab, along with a new entry called 'nfs' in 'Network Services' under the 'Security' heading in the sidebar. You should also be able to mount your export on client machines in the 'green' network.