Here, you’re using the same configuration options for both directories with the exception of no_root_squash. home client_ip(rw,sync,no_root_squash,no_subtree_check) etc/exports /var/nfs/general client_ip(rw,sync,no_subtree_check) Since you’re creating it with sudo, the directory is owned by the host’s root user: You might use something like this to store files which were uploaded using a content management system or to create space for users to easily share project files. In the first example, you’ll create a general-purpose NFS mount that uses default NFS behavior to make it difficult for a user with root privileges on the client machine to interact with the host using those client superuser privileges. Example 1: Exporting a General Purpose Mount You can configure the NFS server to allow this, although it introduces an element of risk, as such a user could gain root access to the entire host system. Sometimes, however, there are trusted users on the client system who need to perform these actions on the mounted file system but who have no need for superuser access on the host. This default restriction means that superusers on the client cannot write files as root, reassign ownership, or perform any other superuser tasks on the NFS mount. However, NFS-mounted directories are not part of the system on which they are mounted, so by default, the NFS server refuses to perform operations that require superuser privileges. Superusers can do anything anywhere on their system. You’re going to share two separate directories, with different configuration settings, in order to illustrate two key ways that NFS mounts can be configured with respect to superuser access. Step 2 - Creating the Share Directories on the Host Now that both servers have the necessary packages, you can start configuring them. Again, refresh the local package index prior to installation to ensure that you have up-to-date information: On the client server, you need to install a package called nfs-common, which provides NFS functionality without including any server components. Once these packages are installed, switch to the client server. Since this is the first operation that you’re performing with apt in this session, refresh your local package index before the installation: On the host server, install the nfs-kernel-server package, which will allow you to share your directories. You’ll begin by installing the necessary components on each server. Step 1 - Downloading and Installing the Components Throughout this tutorial these IP addresses will be referred to by the placeholders host_ip and client_ip. Be sure to use the private network address, if available. You will need to know the IP address for both. Throughout this tutorial, the server that shares its directories will be referred to as the host and the server that mounts these directories as the client. If you’re using DigitalOcean Droplets for your server and client, you can read more about setting up a private network in our documentation on How to Create a VPC. Each of these should have a non- root user with sudo privileges, a firewall set up with UFW, and private networking, if it’s available to you.įor assistance setting up a non- root user with sudo privileges and a firewall, follow our Initial Server Setup with Ubuntu 22.04 guide. You will use two servers in this tutorial, with one sharing part of its filesystem with the other. In this guide, you’ll go over how to install the software needed for NFS functionality on Ubuntu 22.04, configure two NFS mounts on a server and client, and mount and unmount the remote shares. NFS provides a relatively standard and performant way to access remote systems over a network and works well in situations where the shared resources must be accessed regularly. This allows you to manage storage space in a different location and write to that space from multiple clients. NFS, or Network File System, is a distributed file system protocol that allows you to mount remote directories on your server.
0 Comments
Leave a Reply. |