NFS (Now F**king Sorted)

victory_dance_2

I finally managed to get the NFS mount working, and this is how I did it…

NOTE: This is the initial setup before I’ve secured it up a bit, just for a POC, so don’t do this yourself without doing some extra work to secure it later…

Server Side

Installation

$ sudo apt-get update
$ sudo apt-get install nfs-kernel-server

Configuration

1. Create folder for sharing

$ cd /var
$ sudo mkdir nfs
$ sudo chmod -R 777 nfs

2. Add file

$ cd nfs
$ sudo vi test.txt

(add any old text in, and save)

3. Configure exports

$ sudo vi /etc/exports

Add the following line

/var/nfs  *(rw,sync,subtree_check,insecure)

4. Export and start service

$ sudo exportfs -a
$ sudo service nfs-kernel-server start

5. Confirm installed and running

$ ps aux | grep nfs
$ showmount -e

Client Side

1. Confirm we can see NFS mounts

$ showmount -e {server IP address}

ERROR

At this point, things weren’t going well. I could not connect to NFS, even just to list mounts. In order to diagnose this, I looked at outgoing traffic from my Mac, using:

$ sudo tcpdump host {server IP address}

This showed me that connections were certainly being attempted from the Mac, but the Ubuntu server was giving nothing back. The next step was to determine if the server firewall was rejecting requests.

Running this on the server, whilst attempting showmount -e {server IP address} again on the client confirmed that connections were being dropped:

$ sudo tail -F /var/log/kern.log

I had some over-eager rules in ufw that were blocking the NFS requests (even though an NMAP port scan showed all the required ports being open, etc.) and once I’d stopped the firewall from blocking connections I could confirm that the folder was now ready to mount.

2. Mount

$ sudo mount -o rw -t nfs {server IP address}:/var/nfs /path/to/local/folder

3. Confirm that mount was successful

$ cd /path/to/local/folder
$ ls
$ cat test.txt

4. Unmount

$ sudo umount -f /path/to/local/folder

And that is about it. Obviously, there are some places where security can immediately be tightened (eg. Don’t just have 777 permissions on the folder, and use specific IP ranges in /etc/exports instead of just *) but this should help in getting NFS up and running initially.

I may revisit this again once my knowledge has improved a bit.

 

TRP

Advertisements

NFS(FW)

dwight_rage

AAAAAAAaaaaaargh! Fuck’s sake! I’m having a lot of sport trying to set up an NFS mount between my Mac and work’s Linux server.

It seems to be running okay on the server side, I can see that NFS is running as a service via:

$ ps aux | grep nfs

And also see that the mount is “ready” via:

$ showmount -e

But I can’t get any kind of client connection to the server, despite ping and nmap working okay. I hate networking stuff!

I have thrown myself on the mercy of the StackExchange/ServerFault community, and await with baited breath the solution to this particular pain in my arse. Will update this post if/when I get it sorted…

TRP