NFS vs NFSv4

Look! there's a flower!·2024년 10월 22일

nfs nfsv4 ubuntu

NFS vs NFS v4

NFS does not support ACL but NFSv4 does.

NFS install

install

$ sudo apt update
$ sudo apt install nfs-kernel-server

$ sudo mkdir -p /home/nfs // sample director
$ sudo chown nobody::nogroup /home/nfs
$ sudo chmod 777 /home/nfs

configure /etc/exports

// add the directory line into /etc/exports
/home/nfs *(rc,sync,no_subtree_check)

here, instead of *, you can specify ip address or subnet
for example, /home/nfs 192.168.1.0/24(rw,sync,no_subtree_check)
this will allow only clients from subnet 192.168.1.0
instead of "rw", you can specify "ro" for read only access

apply changes of /etc/exports

$ sudo exportfs -a

restart NFS server

$ sudo systemctl restart nfs-kernel-server

install nfs client at client and mount

$ sudo apt update
$ sudo apt install nfs-common
$ sudo mkdir -p /mnt/nfs/shared
$ sudo mount nfs_server_ip:/home/nfs /mnt/nfs/shared
** for permanent mouting, add it to /etc/fstab
nfs_server_ip:/home/nfs /mnt/nfs/shared nfs defaults 0 0

NFS v4

installation

nfs-krenel-server latest version is nfsv4.
if you install using sudo apt install nfs-kernel-server, it will install nfsv4

configuration

in /etc/exports, fsid=0 will designates the directory NFSv4 root
sample /etc/exports
/export 192.168.1.0/24(rw,fsid=0,no_subtree_check)

client

$ sudo mount -t nfs4 server:/share /mnt/nfs4

ACL

Chek ACL support :
$ sudo tune2fs -l /dev/sdXY | grep "Default mount options"

you should see "acl" listed

Enable ACL
$ sudo tune2fs -o acl /dev/sdXY

Install ACL
$ sudo apt install acl

add ACL using nfs4_setfacl and nfs4_getfacl
$ sudo nfs4_setfacl -a A:fd:user@domain:rws /export/your_shared_directory

check acl
$ sudo nfs4_getfacl /export/your_shared_directory

type:flags:principal:permissions will show
type: A(Allow), D(Deny)
flags: f(file_inherit), d(directory_inherit)
principal: /usr/group (your group)
permissions: r(read), w(write), x(execute)
ex) $sudo nfs4_setfacl -a A::user1@:r /export/your_shared_directory
ex) $sudo nfs4_setfacl -a A::group1@:rw /export/your_shared_directory
ex) $sudo nfs4_setfacl -a D::userw@:w /export/your_shared_directory

export configuration /etc/exports
/export 192.168.1.0/24(rw,fsid=0,no_subtree_check,sec=sys)
/export/share 192.168.1.0/24(rw,no_subtree_check,nohid)

client mount
$ sudo mount -f nfs4 server:/share /mnt/nfs4

client nfs settings: /etc/idmapd.conf
[General]
Domain=yourdomain.com

[Mapping]
Nobody-user = nobody
Nobody-Group = nogroup

Look! there's a flower!

Why don't you take a look around for a moment?

이전 포스트

CI/CD

다음 포스트

NFS vs NFSv4

NFS vs NFS v4

NFS install

install

configure /etc/exports

apply changes of /etc/exports

restart NFS server

install nfs client at client and mount

NFS v4

installation

configuration

client

ACL

CI/CD

Star map on FOV

0개의 댓글

NFS vs NFSv4

NFS vs NFS v4

NFS install

install

create the director to share

configure /etc/exports

apply changes of /etc/exports

restart NFS server

install nfs client at client and mount

NFS v4

installation

configuration

client

ACL

CI/CD

Star map on FOV

0개의 댓글