linux_wiki:provide_network_shares_to_specific_clients [Owlbear Consulting

This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong.
====== Provide Network Shares To Specific Clients ======

**General Information**

Configuring a NFS Server/Client.

----

====== Lab Setup ======

The following virtual machines will be used:
  * server1.example.com (192.168.1.150) -> Perform all NFS client tests from here
  * server2.example.com (192.168.1.151) -> Install the NFS server here

----

====== NFS Server: Install and Configure ======

Install required package
<code bash>
yum install nfs-utils
</code>

\\
Enable and start services
<code bash>
systemctl enable nfs-server
systemctl start nfs-server
</code>

\\
Allow through the firewall
<code bash>
# nfs -> allow mounting
firewall-cmd --permanent --add-service=nfs
firewall-cmd --reload

# allow showmount -e <servername>
firewall-cmd --permanent --add-service=rpc-bind
firewall-cmd --permanent --add-service=mountd
firewall-cmd --reload
</code>

\\
Find SELinux boolean nfs export
<code bash>
getsebool -a | grep nfs_export
</code>

\\
Set SELinux booleans to on if they are not
<code bash>
setsebool -P nfs_export_all_ro=1 nfs_export_all_rw=1
</code>

\\
Create the NFS common file and require IDMAPD for file sharing.
<code bash>
vim /etc/default/nfs-common

NEED_IDMAPD=YES
</code>
  * **NOT REQUIRED on 7.4**: No longer required in RHEL 7.4 (not sure what version this changed in)

\\
Edit the domain in the idmapd.conf file
<code bash>
vim /etc/idmapd.conf

DOMAIN = server1.example.com
</code>
  * Edit domain as required for system
  * **NOT REQUIRED on 7.4**: No longer required in RHEL 7.4 (not sure what version this changed in) due to the default using the domain of the system exporting.

\\
Create directories for exports
<code bash>
mkdir /test1 /test2
</code>

\\
Give them the proper SELinux contexts
<code bash>
semanage fcontext -at nfs_t "/test1(/.*)?"
semanage fcontext -at nfs_t "/test2(/.*)?"
restorecon -Rv /test1
restorecon -Rv /test2
</code>

\\
Edit export settings
<code bash>
vim /etc/exports

/test1  192.168.1.10(rw,no_root_squash)
/test2  192.168.1.10(ro)
</code>

\\
Export directories
<code bash>
exportfs -var
</code>
  * -v  -> verbose
  * -a  -> all directories
  * -r  -> Re-export all directories. (remove no longer valid entries)

\\
Restart services
<code bash>
systemctl restart nfs-server
</code>

----

====== NFS Client: Install and Configure ======

Install required package
<code bash>
yum install nfs-utils
</code>

\\
Enable and start service
<code bash>
systemctl enable rpcbind
systemctl start rpcbind
</code>

\\
**Optional**: Display the remove NFS server's available mounts
<code bash>
showmount -e 192.168.1.200
</code>

\\
Create directories for mounting
<code bash>
mkdir /test1 /test2
</code>

\\
Test a manual mount
<code bash>
mount -t nfs -o rw 192.168.1.200:/test1 /test1
</code>

\\
Persistent mounts in fstab
<code bash>
vim /etc/fstab

192.168.1.200:/test1  /test1  nfs  rw,_netdev  0 0
192.168.1.200:/test2  /test2  nfs  ro,_netdev  0 0
</code>

----