[CentOS] NFS V4?

MJT centos at mjt1.com
Tue Jul 22 23:39:17 UTC 2008


Ok, I don't have the origional post in my email so I am replying via a reply 
cutting and pasting from the archives list web page.

> Looks like just starting the nfs service turns on V2, 3, and 4 (based on
reading the script, reading the man pages, and looking at the ports using
netstat -l).

That behavior is set in the /etc/sysconfig/nfs file 

> I don't believe this is a firewall issue, internal IPs are fully open to
each other according to an early rule in iptables.

It may not be a firewall issue, but NFS does use a different port. port "2049"

You got yourself a configuration issue! So, this is what I did:

On the server, in /etc/sysconfig/nfs be sure you set: SECURE_NFS="no" until 
you are ready to take on kerveros authentication. While you are there you can 
change which versions of NFS get mounted. I haven't had to change anything 
else in that file. 

Next, on both the sever and client, go into the /etc/idmap.conf and be sure to 
set your "Domain =" to your domain name.  and also set:

Nobody-User = nobody
Nobody-Group = nobody

Now for the /etc/exports file 

Lets say you keep everything in a /export directory. In there you have a home/ 
and a data directory... Well, the export file should look something like:

/export 192.168.0.*(rw,fsid=0,no_subtree_check,insecure,sync)
/export/home 192.168.0.*(rw,no_subtree_check,insecure,sync)
/export/home 192.168.0.*(ro,no_subtree_check,insecure,sync)

Notice that the flags are different. Not the fsid=0 flag? Well that defines 
the /export as the "root" NFS directory so you do not need to 
included "/export" in the fstab or the mount string when mounting. There can 
be more than one fsid flag as long as the numbers are unique but only fsid=0 
sets the root directory. Other numbers allow different kerberos setups, or so 
I understand.

Remember to restart NFS on the server!

Now to finish with the client, be sure you did the /etc/idmap.conf on the 
client or you will get all sorts of strange results!

Edit the fstab file

If you want to mount just /export on the server to /mnt/nfs on the client the 
fstab entry would look like:

server.dom:/    /mnt/nfs     nfs4    rw,soft,intr,proto=tcp,port=2049     0 0

Notice there is NO /export . That is because of the fsid=0 flag. If you 
included the /export it would deny the mount.

To mount the two directories:

server.dom:/home    /home     nfs4    rw,soft,intr,proto=tcp,port=2049     0 0
server.dom:/data   /mnt/data     nfs4    rw,soft,intr,proto=tcp,port=2049  0 0

again no /export



More information about the CentOS mailing list