Talk:HOWTO Share Directories via NFS
From Gentoo Linux Wiki
Contents |
[edit] Netmount and Portmap
Isn't it better to use /etc/init.d/netmount start instead of /etc/init.d/portmap start? Tro 02:14, 7 Jan 2005 (GMT)
- From my understanding portmap is a service required by the nfs client, while netmount is simply a script to mount remote filesystems. --Bsdvodsky 17:07, 20 Jan 2005 (GMT)
- From the Linux NFS HOWTO:
The first daemon to restrict access to is the portmapper. This daemon essentialy just tells requesting clients how to find all the NFS services on the system. Restricting access to the portmapper is the best defense against someone breaking into your system through NFS because completely unauthorized clients won't know where to find the NFS daemons.
[edit] How to speed up NFS?
Hallo and sorry for my english. I have transfer problems on my NFS shares. How can I do to speed up the connections, maybe for a terminal server or diskless machines? That is a intresting point I think to explain how to do that.
[edit] How to monitor mounting?
Is it possible to monitor who has mounted what from your system? I have tried searching a lot but got no answer :(
[edit] Using search to find this page
This page is NOT found by the Wiki's search feature when using the search term 'NFS'!
- Nothing with less than 4 chars are found. Try with KDE... --AnMaster 12:02, 9 December 2005 (GMT)
[edit] Security question
From the wiki: IP addresses are not always static, so when using numeric addresses (as opposed to DHCP names), anyone who gains that IP has access to what you've exported. Keep this in mind with confidential information. It is my understanding that, if the client is addressed by its hostname, another insecure situation may arise, that is, if the DNS information is somehow compromised. Is that correct? I suppose the most secure situation would be a static address with DHCP turned off.
[edit] NFS - List Directories On Other Partitions
I share my home folder with my laptop (which is /home/freddie). However my home folder has a Movies directory which is on a different drive to that of my Home directory (/home/freddie = /dev/sda3 ext3, /home/freddie/Movies = /dev/sdb1 xfx) and a Music directory which is a SMB mount. The problem is that nfs only seems to export files and folders on the same partition as the directory that it is sharing is on, so on my laptop if I cd into Movies and do an ls I get nothing, but if I do the same on the the computer I get all of my movies. Is there any way to get nfs to share everything below the directory I am sharing, even if it is on a different partition/drive or even share.
Thanks for all of your help - EvilGuru ~ 15/4/06
[edit] anongid & anonuid
Lets face it, keeping /etc/passwd files synched between computers is just not practical, as many different operating systems have very different starting UID and GIDs. A good way to solve this problem (and some of the associated security issues with NFS) is to uses anonuid and anongid in conjunction with all_squash.
all_squash will set the UID and GID of all users accessing the share to the anonymous UID and GID (which by default is nobody and nogroup, IIRC). We can then use anongid and anonuid to set that to be whatever user and group we like. E.g: /dir computer(all_squash,anonuid=1000,anongid=1000,...) would set the anonuid and anaongid to 1000.
[edit] Note on "Hint Additions"
I just added a couple of sections to the "Hints" portion of the main article. I wasn't logged in, so I thought I should add a note here to associate my name with them. They are the sections on:
- Checking that the portmapper isn't just listening to localhost. (It could use some additional work on where the relevant config file is on other distros)
- The need for addtional explicit exports and mounting of filesystems on different partitions, even if they are "children" of an already exported parent. (BTW, I think this answers the question EvilGuru was asking above.)
Gooserider 10/25/06
[edit] Note on module compiling
If you encounter problems loading the nfsd module with the following errors, you probably use the XFS filesystem compiled in the kernel. You need to temporarly compile XFS as a module and nfs also. This way CONFIG_EXPORTFS get set to module instead of build in (nfs can't use the built in support if itself is compiled as a module. I think ;).
nfsd: Unknown symbol find_exported_dentry nfsd: Unknown symbol export_op_default
