Nfs (Français)

From ArchWiki

Jump to: navigation, search
i18n
English
Français
Italiano
Русский
Česky
简体中文
Image:Tango-preferences-desktop-locale.png This page was marked to be translated.
If you understand both "original" and "target" languages of this page, please help complete the translation.
Note: nfs-utils a été mis à jout le 23-06-2009, et le support d'NFS4 est maintenant implémenté. Il est conseillé de se référer à la news.
Note: portmap a été remplacé par rpcbind.

Contents

Objectif

L'objectif de cet article est de mettre en place un serveur nfs pour partager des fichiers à travers un réseau.

Note: pout NFSv4, voir NFSv4

Paquets requis

Les paquets requis à la fois pour le serveur et le client sont minimes.
Vous aurez seulement besoin d'installer:

  • core/rpcbind (ou core/portmap qui a été remplacé)
  • core/nfs-utils

Comme les paquets se trouvent dans le dépôt [core], ils seront inclus par défaut dans les nouvelles installations d'Arch.

Configurer le serveur

Vous pouvez maintenant modifier votre configuration et démarrer les démons. Vous devez être root pour exécuter les commandes suivantes.

Fichiers

/etc/exports

Ce fichier (/etc/exports) définit les différents partages sur le serveur NFS, et leurs droits d'accès.
Quelques exemples:

/files *(ro,sync) ; Accès en lecture seul pour tout le monde
/files 192.168.0.100(rw,sync) ; Accès en lecture-écriture pour le client dont l'ip est 192.168.0.100
/files 192.168.1.1/24(rw,sync) ;  Accès en lecture-écriture pour tout les clients du réseau 192.168.1.0

Si vous effectuez des changement dans le fichier /etc/exports après le démarrage du démon, vous pouvez les faire prendre en compte par la commande suivante:

exportfs -r

Si vous décidez de rendre votre partage NFS public et accéssible en écriture, vous pouvez utiliser l'option all_squash en combinaison avec les options anonuid et anongid. For example, to set the privileges for the user nobody in the group nobody, you can do the following: Par exemple, pour définir les privilèges pour l'utilisateur nobody du groupe nobody, vous pouvez effectuer les opérations suivantes:

; Read-write access to a client on 192.168.0.100, with rw access for the user 99 with gid 99
/files 192.168.0.100(rw,sync,all_squash,anonuid=99,anongid=99))


Cela signifie aussi que si vous voulez un accès en écriture à ce répertoire, l'utilisateur nobody.nobody doit être le propriétaire du répertoire partagé:

chown -R nobody.nobody /files

Full details on the exports file are provided by the exports man page.

/etc/conf.d/nfs-common.conf

Note: This used to be in /etc/conf.d/nfs which is replaced by "/etc/conf.d/nfs-common.conf" and "/etc/conf.d/nfs-server.conf".

Edit this file to pass appropriate run-time options to nfsd, mountd, statd, and sm-notify. The default Arch NFS init scripts require the --no-notify option for statd, as follows:

STATD_OPTS="--no-notify"

Others may be left at the provided defaults, or changed according to your requirements. Please refer to the relevant man pages for full details.

/etc/hosts.allow

To allow network access to the nfs server you should edit /etc/hosts.allow.
The following example opens these services to anyone:

 nfsd: ALL
 rpcbind: ALL
 mountd:ALL

This is a very insecure way of allowing host access. To get better control over who is allowed to access the daemons hosts.deny should be everyone, and hosts.allow should specifically allow certain people. In this example, 192.168.0.101 should be the IP address of the person(s) allowed to access it. The numbers after the '/' is not a netmask!

 nfsd: 192.168.0.101/255.255.255.255
 rpcbind: 192.168.0.101/255.255.255.255
 mountd: 192.168.0.101/255.255.255.255

This examples enables access for anyone on that network

 nfsd: 192.168.0.0/255.255.255.0
 rpcbind: 192.168.0.0/255.255.255.0
 mountd: 192.168.0.0/255.255.255.0

For finer control, read the hosts_access(5) man page.

Daemons

You can now start the server with the following commands:

/etc/rc.d/rpcbind start (or: /etc/rc.d/portmap start)
/etc/rc.d/nfs-common start (or: /etc/rc.d/nfslock start)
/etc/rc.d/nfs-server start (or: /etc/rc.d/nfsd start)

Please note that they must be started in that order.
To start the server at boot time, add these daemons to the DAEMONS array in /etc/rc.conf.

Setting up the client

Files

/etc/conf.d/nfs

Edit this file to pass appropriate run-time options to statd - the remaining options are for server use only. Do NOT use the --no-notify option on the client side, unless you are fully aware of the consequences of doing so.

Please refer to the statd man page for full details.

/etc/hosts.allow

You'll need to allow rpcbind for the server's ip

 rpcbind: 192.168.0.100/255.255.255.255

Daemons

Start the portmap and nfslock daemons:

/etc/rc.d/rpcbind start (or: /etc/rc.d/portmap start)
/etc/rc.d/nfs-common start (or: /etc/rc.d/nfslock start)

Please note that they must be started in that order OR start only nfs-common, as rpcbind will be started as a dependency.
To start the daemons at boot time, add them to the DAEMONS array in /etc/rc.conf.

Then just mount as normal:

mount server:/files /files

NOTE: Unlike CIFS shares or rsync, NFS exports must be called by the full path on the server. Example: if /home/fred/music is defined in /etc/exports on server ELROND, you must call

mount ELROND:/home/fred/music /mnt/point

instead of just using

mount ELROND:music /mnt/point

or you will get mount.nfs: access denied by server while mounting

Auto-mount on boot

If you want to mount on boot, make sure network, rpcbind (portmap), nfs-common (nfslock) and netfs are in the DAEMONS array in /etc/rc.conf. Make sure the order is this one. It's better not to put any '@' in front of them (although you could safely use @netfs). For instance :

DAEMONS=(... network rpcbind nfs-common @netfs ...)

or

DAEMONS=(... network portmap nfslock @netfs ...)

Add an appropriate line in /etc/fstab, for example:

server:/files /files nfs defaults 0 0

If you wish to specify a packet size for read and write packets, specify them in your fstab entry. The values listed below are the defaults if none are specified:

server:/files /files nfs rsize=32768,wsize=32768 0 0

Read the nfs man page for further information, including all available mount options.

Troubleshooting

Unreliable performance, slow data transfer, and/or high load when using NFS and gigabit

This is a result of the default packetsize used by NFS, which causes significant fragmentation on gigabit networks. You can modify this behavior by the rsize and wsize mount parameters. Using rsize=32768,wsize=32768 should suffice. Please note that this problem does not occur on 100Mb networks, due to the lower packet transfer speed.

Note: Default value for NFS4 is 32768. Maximum is 65536. Increase from default in increments of 1024 until maximum transfer rate is achieved.

Portmap daemon fails to start at boot

Make sure you place portmap BEFORE netfs in the daemons array in /etc/rc.conf .

Nfsd fails to start with "nfssvc: No such device"

Make sure the nfs and nfsd modules are loaded in the kernel.

Nfsd seems to work, but I can't connect from MacOS X clients

When trying to connect from a MacOS X client, you'll see that everything is ok at logs, but MacOS X refuses to mount your NFS share. You have to add insecure option to your share and re-run exportfs -r.

Links & References

Personal tools