****Re: [CentOS] Using CentOS 5 as server; best way to setup NFSv4?
Craig White
craigwhite at azapple.com
Sun Aug 3 03:08:25 UTC 2008
On Sat, 2008-08-02 at 20:25 -0400, Ryan Dunn wrote:
> On Sat, Aug 2, 2008 at 12:44 AM, MJT <centos at mjt1.com> wrote:
> If you are running your lan as a lab to learn, I would suggest
> one thing. From
> what I have read, it seems you just want to have everything
> work together in
> a simple manor.
>
> Since you have windows involved, you might consider having
> everything run with
> samba. With samba, every system would be able to share and use
> shares on
> every other computer.
>
> You could set up a samba server as a domain controller and use
> something like
> pam_smb, pam_ntdom or libpam-smbpass (i've used libpam-smbpass
> on other
> systems, but do know if centos makes it available anywhere, it
> is the only
> one that I know of that allows for update of the password from
> Linux) to
> allow the Linux boxes to authenticate against the samba
> server.
>
> http://www.freebooks.by.ru/view/SambaIn24h/ch16-03.htm
>
> In this case, you would not need to set up LDAP which I think
> is a bit much
> for what it sounds like you are trying to do. Because you
> would be mounting
> Linux to Linux using Samba, you would not need to worry about
> NFS at all.
>
> If it were just a Linux home network, I would do NFS3 with
> (probably a bad
> word here) NIS. Yes, NIS is insecure, but so is NFS3. If you
> use a firewall
> that would block outgoing NIS packets, it should do good
> enough for a home
> network.
>
> How this simplifies everything:
>
> 1: Only one network file system for both windows and Linux,
> not NFS for Linux,
> samba for windows.
>
> 2: Allows Linux access to windows shares and printers.
>
> 3: If you are using libpam-smbpass you do not need to use a
> something like
> LDAP, but rather passdb backend = tdbsam .
>
> Your needs may be more complex than what I assumed, but I
> wanted to put
> forward one way to consider...
>
>
> Thanks MJT. I kinda thought in the back of my head that I would end
> up with a solution similar to what you describe (I know I'll need to
> learn all about samba anyways).
>
> In the meantime, I still want to play around with the ldap to see what
> all it can do. So the nscd is what will copy the account info to the
> local drive so in the absence of the server, the laptop is still
> usable? In my setup, I would want the $HOME drives to all be local,
> with a folder inside that would be the network share.
>
> One thing that I've been somewhat confused on is how to tell the NFS
> server to only use v4 or v3? Right now I've only got tcp 2049 open in
> the centos firewall, so I'm assuming that it is NFSv4, but other than
> that, I don't know how to tell the difference. I've look around for
> this and haven't found anything.
----
I am of the opinion that nscd causes far more problems than it solves
and wouldn't recommend usage.
For laptop purposes, you create the same user, same uid, same home
directory both as a local account and as an LDAP account so the laptop
will function either connected to LAN or not...it's tacky but it will
work.
This is a good clean recommendation for NFS/Firewall...
https://www.redhat.com/archives/fedora-list/2008-January/msg00076.html
Craig
More information about the CentOS
mailing list