Little Girl's Mostly Linux Blog

NFSUseCase

NFS Use Case

This page was last updated on May 04, 2019.

Introduction

  • This document is a use case example with three computers.
  • The steps in this use case coincide with the steps in my fully commented NFS guide.
  • The example is of a family with three computers.
  • Sally has a computer.
  • Dave has a computer.
  • The two children share a computer.
  • All three computers are in different rooms in the same house.
  • The computers are connected by ethernet and are behind a hardware router.
  • Each computer has a static LAN IP.
  • The computers will use NFS to share certain directories with each other.

Meet the family:

Sally Dave The children

Creating the shares

Step 01 – The family writes down its computer information:

SALLY’S COMPUTER INFORMATION
192.168.1.100 Sally’s LAN IP address.
/home/sally/photos Sally wants to share this folder with Dave.
/home/sally/stories Sally wants to share this folder with the children.
/home/sally/daveshare Sally wants to click this folder to visit Dave’s computer.
/home/sally/childrenshare Sally wants to click this folder to visit the children’s computer.
DAVE’S COMPUTER INFORMATION
192.168.1.200 Dave’s LAN IP address.
/home/dave/work Dave wants to share this folder with Sally.
/home/dave/games Dave wants to share this folder with the children.
/home/dave/sallyshare Dave wants to click this folder to visit Sally’s computer.
/home/dave/childrenshare Dave wants to click this folder to visit the children’s computer.
THE CHILDREN’S COMPUTER INFORMATION
192.168.1.123 The children’s LAN IP address.
/home/children/homework The children want to share this folder with Sally.
/home/children/homework The children want to share this folder with Dave.
/home/children/momshare The children want to click this folder to visit Sally’s computer.
/home/children/dadshare The children want to click this folder to visit Dave’s computer.

Step 02 – The family creates mount points:

SALLY creates a mount point she can use to visit Dave’s computer: 

mkdir /home/sally/daveshare

SALLY creates a mount point she can use to visit the children’s computer: 

mkdir /home/sally/childrenshare

DAVE creates a mount point he can use to visit Sally’s computer: 

mkdir /home/dave/sallyshare

DAVE creates a mount point he can use to visit the children’s computer: 

mkdir /home/dave/childrenshare

THE CHILDREN create a mount point they can use to visit Sally’s computer: 

mkdir /home/children/momshare

THE CHILDREN create a mount point they can use to visit Dave’s computer: 

mkdir /home/children/dadshare

Step 03 – The family installs some software:

SALLY installs some packages: 

sudo apt-get install nfs-kernel-server

DAVE installs some packages: 

sudo apt-get install nfs-kernel-server

THE CHILDREN install some packages: 

sudo apt-get install nfs-kernel-server

Step 04 – The family edits the hosts.deny file:

SALLY edits the hosts.deny file: 

kdesudo kate /etc/hosts.deny

SALLY adds this line to the bottom of the file: 

rpcbind mountd nfsd statd lockd rquotad : ALL

DAVE edits the hosts.deny file: 

kdesudo kate /etc/hosts.deny

DAVE adds this line to the bottom of the file: 

rpcbind mountd nfsd statd lockd rquotad : ALL

THE CHILDREN edit the hosts.deny file: 

kdesudo kate /etc/hosts.deny

THE CHILDREN add this line to the bottom of the file: 

rpcbind mountd nfsd statd lockd rquotad : ALL

Step 05 – The family edits the hosts.allow file:

SALLY edits the hosts.allow file: 

kdesudo kate /etc/hosts.allow

SALLY adds this line to the bottom of the file, with references to all of the NFS software, her own computer’s loopback IP, Dave’s IP and the children’s IP: 

rpcbind mountd nfsd statd lockd rquotad: 127.0.0.1 192.168.1.200 192.168.1.123

DAVE edits the hosts.allow file: 

kdesudo kate /etc/hosts.allow

DAVE adds this line to the bottom of the file, with references to all of the NFS software, his own computer’s loopback IP, Sally’s IP and the children’s IP : 

rpcbind mountd nfsd statd lockd rquotad: 127.0.0.1 192.168.1.100 192.168.1.123

THE CHILDREN edit the hosts.allow file: 

kdesudo kate /etc/hosts.allow

THE CHILDREN add this line to the bottom of the file, with references to all of the NFS software, their own computer’s loopback IP, Sally’s IP and Dave’s IP : 

rpcbind mountd nfsd statd lockd rquotad: 127.0.0.1 192.168.1.100 192.168.1.200

Step 06 – The family edits the exports file:

SALLY edits the exports file: 

kdesudo kate /etc/exports

SALLY adds this line to the bottom of the file to share photos with Dave: 

/home/sally/photos 192.168.1.200(rw,sync,no_subtree_check)

SALLY adds this line to the bottom of the file to share stories with the children: 

/home/sally/stories 192.168.1.123(rw,sync,no_subtree_check)

DAVE edits the exports file: 

kdesudo kate /etc/exports

DAVE adds this line to the bottom of the file to share work with Sally: 

/home/dave/work 192.168.1.100(rw,sync,no_subtree_check)

DAVE adds this line to the bottom of the file to share games with the children: 

/home/dave/games 192.168.1.123(rw,sync,no_subtree_check)

THE CHILDREN edit the exports file: 

kdesudo kate /etc/exports

THE CHILDREN add this line to the bottom of the file to share homework with Sally and Dave: 

/home/children/homework 192.168.1.100(rw,sync,no_subtree_check) 192.168.1.200(rw,sync,no_subtree_check)

Step 07 – The family edits the fstab file:

SALLY edits the fstab file: 

kdesudo kate /etc/fstab

SALLY adds this line to the bottom of the file so she can visit Dave’s share: 

192.168.1.200:/home/dave/work /home/sally/daveshare nfs users,rw,hard,intr,noauto,noexec 0 0

SALLY adds this line to the bottom of the file so she can visit the children’s share: 

192.168.1.123:/home/children/homework /home/sally/childrenshare nfs users,rw,hard,intr,noauto,noexec 0 0

DAVE edits the fstab file: 

kdesudo kate /etc/fstab

DAVE adds this line to the bottom of the file so he can visit Sally’s share: 

192.168.1.100:/home/sally/photos /home/dave/sallyshare nfs users,rw,hard,intr,noauto,noexec 0 0

DAVE adds this line to the bottom of the file so he can visit the children’s share: 

192.168.1.123:/home/children/homework /home/dave/childrenshare nfs users,rw,hard,intr,noauto,noexec 0 0

THE CHILDREN edit the fstab file: 

kdesudo kate /etc/fstab

THE CHILDREN add this line to the bottom of the file so they can visit Sally’s share: 

192.168.1.100:/home/sally/stories /home/children/momshare nfs users,rw,hard,intr,noauto,noexec 0 0

THE CHILDREN add this line to the bottom of the file so they can visit Dave’s share: 

192.168.1.200:/home/dave/games /home/children/dadshare nfs users,rw,hard,intr,noauto,noexec 0 0

Step 08 – The family edits the nfs-common file:

SALLY edits the nfs-common file:

kdesudo kate /etc/default/nfs-common

SALLY finds this line in the file:

NEED_GSSD=

SALLY replaces it with this line:

NEED_GSSD="no"
DAVE edits the nfs-common file:

kdesudo kate /etc/default/nfs-common

DAVE finds this line in the file:

NEED_GSSD=

DAVE replaces it with this line:

NEED_GSSD="no"
THE CHILDREN edit the nfs-common file:

kdesudo kate /etc/default/nfs-common

THE CHILDREN finds this line in the file:

NEED_GSSD=

THE CHILDREN replaces it with this line:

NEED_GSSD="no"

Step 09 – The family edits the nfs-kernel-server file

SALLY edits the nfs-kernel-server file:

kdesudo kate /etc/default/nfs-kernel-server

SALLY finds the NEED_SVCGSSD line in the file.

SALLY replaces it with this line:

NEED_SVCGSSD="no"
DAVE edits the nfs-kernel-server file:

kdesudo kate /etc/default/nfs-kernel-server

DAVE finds the NEED_SVCGSSD line in the file.

DAVE replaces it with this line:

NEED_SVCGSSD="no"
THE CHILDREN edit the nfs-kernel-server file:

kdesudo kate /etc/default/nfs-kernel-server

THE CHILDREN find the NEED_SVCGSSD line in the file.

THE CHILDREN replace it with this line:

NEED_SVCGSSD="no"

Step 10 – The family exports the shares:

SALLY exports her shares: 

sudo exportfs -ar

DAVE exports his shares: 

sudo exportfs -ar

THE CHILDREN export their shares: 

sudo exportfs -ar

Step 11 – The family restarts the nfs-kernel-server:

SALLY restarts the nfs-kernel-server: 

sudo service nfs-kernel-server restart

DAVE restarts the nfs-kernel-server: 

sudo service nfs-kernel-server restart

THE CHILDREN restart the nfs-kernel-server: 

sudo service nfs-kernel-server restart

Working with the shares

The family connects to the shares:

SALLY manually connects to Dave’s share: 

sudo mount /home/sally/daveshare

SALLY manually connects to the children’s share: 

sudo mount /home/sally/childrenshare

DAVE manually connects to Sally’s share: 

sudo mount /home/dave/sallyshare

DAVE manually connects to the children’s share: 

sudo mount /home/dave/childrenshare

THE CHILDREN manually connect to Sally’s share: 

sudo mount /home/children/momshare

THE CHILDREN manually connect to Dave’s share: 

sudo mount /home/children/dadshare

The family uses the shares:

SALLY visits Dave’s share by opening her /home/sally/daveshare folder.

SALLY shares photos with Dave by putting them in her /home/sally/photos folder.

SALLY visits the children’s share by opening her /home/sally/childrenshare folder.

SALLY shares stories with the children by putting them in her /home/sally/stories folder.

DAVE visits Sally’s share by opening his /home/dave/sallyshare folder.

DAVE shares his work with Sally by putting them in his /home/dave/work folder.

DAVE visits the children’s share by opening his /home/dave/childrenshare folder.

DAVE shares games with the children by putting them in his /home/dave/games folder.

THE CHILDREN visit Sally’s share by opening their /home/children/momshare folder.

THE CHILDREN share their homework with Sally by putting it in their /home/children/homework folder.

THE CHILDREN visit Dave’s share by opening their /home/children/dadshare folder.

THE CHILDREN share their homework with Dave by putting it in their /home/children/homework folder.

The family disconnects from the shares:

SALLY stops visiting Dave’s share by disconnecting from it: 

sudo umount /home/sally/daveshare

SALLY stops visiting the children’s share by disconnecting from it: 

sudo umount /home/sally/childrenshare

DAVE stops visiting Sally’s share by disconnecting from it: 

sudo umount /home/dave/sallyshare

DAVE stops visiting the children’s share by disconnecting from it: 

sudo umount /home/dave/childrenshare

THE CHILDREN stop visiting Sally’s share by disconnecting from it: 

sudo umount /home/children/momshare

THE CHILDREN stop visiting Dave’s share by disconnecting from it: 

sudo umount /home/children/dadshare

Examples

These examples show only the relevant information that pertains to NFS. Some files on your computer (like the /etc/fstab file, for instance) may contain more than what is shown here.

/etc/network/interfaces

SALLY’S /etc/network/interfaces file: 

auto lo
iface lo inet loopback
address 127.0.0.1
netmask 255.0.0.0

auto eth0
iface eth0 inet static
address 192.168.1.100
netmask 255.255.255.0
gateway 192.168.1.1

DAVE’S /etc/network/interfaces file: 

auto lo
iface lo inet loopback
address 127.0.0.1
netmask 255.0.0.0

auto eth0
iface eth0 inet static
address 192.168.1.200
netmask 255.255.255.0
gateway 192.168.1.1

THE CHILDREN’S /etc/network/interfaces file: 

auto lo
iface lo inet loopback
address 127.0.0.1
netmask 255.0.0.0

auto eth0
iface eth0 inet static
address 192.168.1.123
netmask 255.255.255.0
gateway 192.168.1.1

/etc/hosts.deny

SALLY’S /etc/hosts.deny file: 

# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
#                  See the manual pages hosts_access(5) and hosts_options(5).
#
# Example:    ALL: some.host.name, .some.domain
#             ALL EXCEPT in.fingerd: other.host.name, .other.domain
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper, as well as for
# rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8)
# for further information.
#
# The PARANOID wildcard matches any host whose name does not match its
# address.
#
# You may wish to enable this to ensure any programs that don't
# validate looked up hostnames still leave understandable logs. In past
# versions of Debian this has been the default.
# ALL: PARANOID

rpcbind mountd nfsd statd lockd rquotad: ALL

DAVE’S /etc/hosts.deny file: 

# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
#                  See the manual pages hosts_access(5) and hosts_options(5).
#
# Example:    ALL: some.host.name, .some.domain
#             ALL EXCEPT in.fingerd: other.host.name, .other.domain
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper, as well as for
# rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8)
# for further information.
#
# The PARANOID wildcard matches any host whose name does not match its
# address.
#
# You may wish to enable this to ensure any programs that don't
# validate looked up hostnames still leave understandable logs. In past
# versions of Debian this has been the default.
# ALL: PARANOID

rpcbind mountd nfsd statd lockd rquotad: ALL

THE CHILDREN’S /etc/hosts.deny file: 

# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
#                  See the manual pages hosts_access(5) and hosts_options(5).
#
# Example:    ALL: some.host.name, .some.domain
#             ALL EXCEPT in.fingerd: other.host.name, .other.domain
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper, as well as for
# rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8)
# for further information.
#
# The PARANOID wildcard matches any host whose name does not match its
# address.
#
# You may wish to enable this to ensure any programs that don't
# validate looked up hostnames still leave understandable logs. In past
# versions of Debian this has been the default.
# ALL: PARANOID

rpcbind mountd nfsd statd lockd rquotad: ALL

/etc/hosts.allow

SALLY’S /etc/hosts.allow file: 

# /etc/hosts.allow: list of hosts that are allowed to access the system.
#                   See the manual pages hosts_access(5) and hosts_options(5).
#
# Example:    ALL: LOCAL @some_netgroup
#             ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper, as well as for
# rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8)
# for further information.
#
rpcbind mountd nfsd statd lockd rquotad: 127.0.0.1 192.168.1.200 192.168.1.123

DAVE’S /etc/hosts.allow file: 

# /etc/hosts.allow: list of hosts that are allowed to access the system.
#                   See the manual pages hosts_access(5) and hosts_options(5).
#
# Example:    ALL: LOCAL @some_netgroup
#             ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper, as well as for
# rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8)
# for further information.
#
rpcbind mountd nfsd statd lockd rquotad: 127.0.0.1 192.168.1.100 192.168.1.123

THE CHILDREN’S /etc/hosts.allow file: 

# /etc/hosts.allow: list of hosts that are allowed to access the system.
#                   See the manual pages hosts_access(5) and hosts_options(5).
#
# Example:    ALL: LOCAL @some_netgroup
#             ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper, as well as for
# rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8)
# for further information.
#
rpcbind mountd nfsd statd lockd rquotad: 127.0.0.1 192.168.1.100 192.168.1.200

/etc/exports

SALLY’S /etc/exports file: 

/home/sally/photos 192.168.1.200(rw,sync,no_subtree_check)
/home/sally/stories 192.168.1.123(rw,sync,no_subtree_check)

DAVE’S /etc/exports file: 

/home/dave/work 192.168.1.100(rw,sync,no_subtree_check)
/home/dave/games 192.168.1.123(rw,sync,no_subtree_check)

THE CHILDREN’S /etc/exports file: 

/home/children/homework 192.168.1.100(rw,sync,no_subtree_check) 192.168.1.200(rw,sync,no_subtree_check)

/etc/fstab

SALLY’S /etc/fstab file: 

192.168.1.200:/home/dave/work /home/sally/daveshare nfs users,rw,hard,intr,noauto,noexec 0 0
192.168.1.123:/home/children/homework /home/sally/childrenshare nfs users,rw,hard,intr,noauto,noexec 0 0

DAVE’S /etc/fstab file: 

192.168.1.100:/home/sally/photos /home/dave/sallyshare nfs users,rw,hard,intr,noauto,noexec 0 0
192.168.1.123:/home/children/homework /home/dave/childrenshare nfs users,rw,hard,intr,noauto,noexec 0 0

THE CHILDREN’S /etc/fstab file: 

192.168.1.100:/home/sally/stories /home/children/momshare nfs users,rw,hard,intr,noauto,noexec 0 0
192.168.1.200:/home/dave/games /home/children/dadshare nfs users,rw,hard,intr,noauto,noexec 0 0

/etc/default/nfs-common

SALLY’S /etc/default/nfs-common file: 

# If you do not set values for the NEED_ options, they will be attempted
# autodetected; this should be sufficient for most people. Valid alternatives
# for the NEED_ options are "yes" and "no".

# Do you want to start the statd daemon? It is not needed for NFSv4.
NEED_STATD=

# Options for rpc.statd.
#   Should rpc.statd listen on a specific port? This is especially useful
#   when you have a port-based firewall. To use a fixed port, set this
#   this variable to a statd argument like: "--port 4000 --outgoing-port 4001".
#   For more information, see rpc.statd(8) or http://wiki.debian.org/?SecuringNFS
STATDOPTS=

# Do you want to start the idmapd daemon? It is only needed for NFSv4.
NEED_IDMAPD=yes

# Do you want to start the gssd daemon? It is required for Kerberos mounts.
NEED_GSSD="no"

DAVE’S /etc/default/nfs-common file: 

# If you do not set values for the NEED_ options, they will be attempted
# autodetected; this should be sufficient for most people. Valid alternatives
# for the NEED_ options are "yes" and "no".

# Do you want to start the statd daemon? It is not needed for NFSv4.
NEED_STATD=

# Options for rpc.statd.
#   Should rpc.statd listen on a specific port? This is especially useful
#   when you have a port-based firewall. To use a fixed port, set this
#   this variable to a statd argument like: "--port 4000 --outgoing-port 4001".
#   For more information, see rpc.statd(8) or http://wiki.debian.org/?SecuringNFS
STATDOPTS=

# Do you want to start the idmapd daemon? It is only needed for NFSv4.
NEED_IDMAPD=yes

# Do you want to start the gssd daemon? It is required for Kerberos mounts.
NEED_GSSD="no"

THE CHILDREN’S /etc/default/nfs-common file: 

# If you do not set values for the NEED_ options, they will be attempted
# autodetected; this should be sufficient for most people. Valid alternatives
# for the NEED_ options are "yes" and "no".

# Do you want to start the statd daemon? It is not needed for NFSv4.
NEED_STATD=

# Options for rpc.statd.
#   Should rpc.statd listen on a specific port? This is especially useful
#   when you have a port-based firewall. To use a fixed port, set this
#   this variable to a statd argument like: "--port 4000 --outgoing-port 4001".
#   For more information, see rpc.statd(8) or http://wiki.debian.org/?SecuringNFS
STATDOPTS=

# Do you want to start the idmapd daemon? It is only needed for NFSv4.
NEED_IDMAPD=yes

# Do you want to start the gssd daemon? It is required for Kerberos mounts.
NEED_GSSD="no"

/etc/default/nfs-kernel-server

SALLY’S /etc/default/nfs-kernel-server file:

# Number of servers to start up
# To disable nfsv4 on the server, specify '--no-nfs-version 4' here
RPCNFSDCOUNT=8

# Runtime priority of server (see nice(1))
RPCNFSDPRIORITY=0

# Options for rpc.mountd.
# If you have a port-based firewall, you might want to set up
# a fixed port here using the --port option. For more information,
# see rpc.mountd(8) or http://wiki.debian.org/SecuringNFS
# To disable NFSv4 on the server, specify '--no-nfs-version 4' here
RPCMOUNTDOPTS=--manage-gids

# Do you want to start the svcgssd daemon? It is only required for Kerberos
# exports. Valid alternatives are "yes" and "no"; the default is "no".
NEED_SVCGSSD="no"

# Options for rpc.svcgssd.
RPCSVCGSSDOPTS=

# Options for rpc.nfsd.
RPCNFSDOPTS=
DAVE’S /etc/default/nfs-kernel-server file:

# Number of servers to start up
# To disable nfsv4 on the server, specify '--no-nfs-version 4' here
RPCNFSDCOUNT=8

# Runtime priority of server (see nice(1))
RPCNFSDPRIORITY=0

# Options for rpc.mountd.
# If you have a port-based firewall, you might want to set up
# a fixed port here using the --port option. For more information,
# see rpc.mountd(8) or http://wiki.debian.org/SecuringNFS
# To disable NFSv4 on the server, specify '--no-nfs-version 4' here
RPCMOUNTDOPTS=--manage-gids

# Do you want to start the svcgssd daemon? It is only required for Kerberos
# exports. Valid alternatives are "yes" and "no"; the default is "no".
NEED_SVCGSSD="no"

# Options for rpc.svcgssd.
RPCSVCGSSDOPTS=

# Options for rpc.nfsd.
RPCNFSDOPTS=
THE CHILDREN’S /etc/default/nfs-kernel-server file:

# Number of servers to start up
# To disable nfsv4 on the server, specify '--no-nfs-version 4' here
RPCNFSDCOUNT=8

# Runtime priority of server (see nice(1))
RPCNFSDPRIORITY=0

# Options for rpc.mountd.
# If you have a port-based firewall, you might want to set up
# a fixed port here using the --port option. For more information,
# see rpc.mountd(8) or http://wiki.debian.org/SecuringNFS
# To disable NFSv4 on the server, specify '--no-nfs-version 4' here
RPCMOUNTDOPTS=--manage-gids

# Do you want to start the svcgssd daemon? It is only required for Kerberos
# exports. Valid alternatives are "yes" and "no"; the default is "no".
NEED_SVCGSSD="no"

# Options for rpc.svcgssd.
RPCSVCGSSDOPTS=

# Options for rpc.nfsd.
RPCNFSDOPTS=

/etc/idmapd.conf

SALLY’S /etc/idmapd.conf file:

[General]

Verbosity = 0
Pipefs-Directory = /run/rpc_pipefs
# set your own domain here, if id differs from FQDN minus hostname
# Domain = localdomain

[Mapping]

Nobody-User = nobody
Nobody-Group = nogroup
DAVE’S /etc/idmapd.conf file:

[General]

Verbosity = 0
Pipefs-Directory = /run/rpc_pipefs
# set your own domain here, if id differs from FQDN minus hostname
# Domain = localdomain

[Mapping]

Nobody-User = nobody
Nobody-Group = nogroup
THE CHILDREN’S /etc/idmapd.conf file:

[General]

Verbosity = 0
Pipefs-Directory = /run/rpc_pipefs
# set your own domain here, if id differs from FQDN minus hostname
# Domain = localdomain

[Mapping]

Nobody-User = nobody
Nobody-Group = nogroup

Obligatory Happy Ending

And they all lived happily ever after. The end.

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Comment:

Create a free website or blog at WordPress.com.