First: install server software and start it
yum install nfs-utils nfs-utils-lib system-config-nfs
yum install nfs-utils nfs4-acl-tools portmap
chkconfig nfs on
chkconfig portmap on
service nfs start
echo 'portmap:ALL' >> /etc/hosts.deny
echo 'portmap:192.168.1.0/24' >> /etc/hosts.allow
service portmap start
run the firewall gui and turn on NFS4 (2049)
Second: export the directories to be shared
system-config-nfs #will launch the gui
- can use 192.168.4.0/24 for all of subtree
- General options
☒ Disable subtree checking
☒ Sync on request
☒ Hide filesytems beneath
Set FSID to 0 (1,2,3 etc for each share) for NFS4
- User Access:
☒ Treat remote root user as local root (reduces security, but needed if home directories are mounted)
- or alternatively you can edit the files by hand:
- note that the second line is for a filesystem that is mounted under the first and must be ‘unhidden’
vi /etc/exports
/home 192.168.1.0/24(rw,sync,no_subtree_check,fsid=0)
/home/submount 192.168.1.0/24(rw,sync,no_subtree_check,nohide)
exportfs -a #or service nfs reload ?
Install Client
apt-get install -y nfs-common
echo '192.168.4.120 sv sv.isnew.org' >> /etc/hosts
//sudo apt-get install sysv-rc-conf //netfs not needed on Ubuntu
//sysv-rc-conf
mount -t nfs4 sv:/ /mnt
sv:/ /home nfs4 soft,intr,rsize=8192,wsize=8192,nosuid
Make sure users on client have same uid/gid as on server
- make sure to Change UMASK to 002 in
/etc/login.defs
(.bashrc will have no effect)
cat /etc/group # see what they are on the server
groupadd -g 504 office
groupadd -g 505 supervisor
#now add users
useradd -g 504 -u 503 -G 505 doug
passwd doug
#for exisiting users
usermod -g 504 -u 501 andrewf
usermod -G 505 andrewf
Troubleshooting permissions
- Make sure a FQDN is set up on the server
- Check /etc/idmapd.conf is configured with proper
domain = cfaw.info
- This must be the same on clients and servers
- As per serverfault.com/…nd-gids-match edit the file
/etc/default/nfs-common
and set
NEED_IDMAPD= yes
- restart CentOS server with:
service portmap restart; service nfs restart
Here are some useful links: