NFS tutorial - Get the Network File System running

From NAS-Central Buffalo - The Linkstation Wiki
Revision as of 02:55, 24 January 2007 by 70.49.20.31 (Talk)

Jump to: navigation, search

Contents

Introduction

Network File System (NFS) is a protocol originally developed by Sun Microsystems in 1984 and defined in RFC 1094, RFC 1813 and RFC 3530, as a distributed file system which allows a computer to access files over a network as easily as if they were on its local disks. NFS is one of many protocols built on the Open Network Computing Remote Procedure Call system. NFS is commonly used in the Unix/Linux It is rather unheard of in the Windows world, where SMB is the standard (and Samba is used on Unix/Linux to provide SMB service).

NFS is a good choice when remotely accessing files with another Linux/Unix system[1]. Also, particular for the LinkStation NFS overcomes some limitations Apple OS X users have with the LinkStation Samba (not surprising, since OS X is a Unix at heart). Further, NFS on LinkStations is very popular among the DBox2 users[2] (the DBox2 is a set-top box for pay-TV in Germany which can be hacked to record received media streams to e.g. a LinkStaion via NFS).

Currently Kernel-NFS is possible on the LS1, LS HG with 2.6-kernel and on the LS2 with OpenLink and the kernel-modules of the stock kernel.

LS1,HG,HS (ppc)

Requirements: [3] Upgrade to the 2.6-kernel (ppc only) over andre's webinstaller (kernel modules are included)

OpenLink

Download and untar the package

 cd /tmp 
 wget http://downloads.linkstationwiki.net/packages/ppc/ppc-openlink-2.6-kernel-NFS-V3.tar.gz 
 tar -C / -xvzf ppc-openlink-2.6-kernel-NFS-V3.tar.gz
 chmod 1777 /tmp
  • modify /etc/exports to your needs
  • start the NFS-kernel server by:
 /etc/init.d/start_nfsd.sh 

(this is a custom startscript...it is not that good developed...it can just start at the moment...but it works)

  • to check if the server is really running execute:
 rpcinfo -p 127.0.0.1

if this is working then try rpcinfo -p from a remote workstation (running linux or windows with the "services for unix" installed....only then rpcinfo will b available). there is an entry in /etc/hosts.deny ( portmap: ALL ) that prevents this....

so as long as you do not delete the portmap: ALL entry in /etc/hosts.deny, you have to explicit allow some hosts.

add to hosts.allow

 portmap: <host>

if it also works from a different machine then your NFS-Server is running. the only problem should be configuration now.

  • to make this start after reboot
 ln -s /etc/init.d/start_nfsd.sh /etc/rc.d/rc2.d/S60start_nfsd.sh

FreeLink

Add Kernel Network File System (NFS) and the Webmin Exports module

  apt-get install nfs-kernel-server webmin-exports
  • Modify /etc/exports to your needs or use webmin-exports[4] to do this

TIPS

If you edit /etc/exports while the NFS-Server is running, update the nfs-shares by:

 exportfs -a 

(exportfs only shows the current exports..)

if you need to stop NFS:

 /etc/init.d/nfs-kernel-server stop 
 /etc/init.d/portmap stop 

and restart them again by

 /etc/init.d/portmap start 
 /etc/init.d/nfs-kernel-server start 

If we get the 2.6-Kernel running on the Terastation then we have Kernel-NFS there as well Mindbender 20:17, 10 July 2006 (EDT)

NFS Write Performance Tweak

Most Default /etc/exports files will give good read performance, but poor write-performance. You'll know when you hear the heads of your NAS disk thrashing wildly. Change the write mode from sync to async, here is an example from an exports file...

  /mnt/disk1/share   *(rw,wdelay,async,all_squash,no_subtree_check,insecure,anonuid=0,anongid=0)

This provided a performance boost from 1.5Mbyte/sec write speeds to around 8-9.5+ MByte/sec (on 100Meg ENet), and it will preserve the lifetime of my hard disk! ;)

Portmapper Access Rights

You may have to configure /etc/hosts.allow to allow your client machines to connect to portmap, to make their NFS connections. I had to do this with my FreeLink 1.02 install on my LS-Pro with my Mac OS X 10.4 client machine(s).

For instance, in /etc/hosts.allow I added the class C range of my local network to allow any RPC client access Ie..

 # Following suitable for nfs4 only 
 portmap : 127. : ALLOW
 portmap : 192.168.1. : ALLOW
 portmap : ALL : DENY

Then restart the portmap and nfs services!

LS-GL (arm9)

LS2 (mips)

The nfs-kernel module which was compiled for the stock kernel works. so we do not need to use a custom kernel if we want to use kernel-nfs on the LS2.

OpenLink

Install OpenLink 0.5x for MIPS if you haven't already done so.

Log in to the LS as root. Download the binaries and modules to /tmp

cd /tmp 
wget http://www.voicenet.com/~jceklosk/nfs-1.0.0-link2-jfc-1.0.2-alpha.tar.gz

Unpack the tarball:

tar xvfz nfs-1.0.0-link2-jfc-1.0.2-alpha.tar.gz

Forget about the README.1ST and do_install script that comes with the package. Instead: Copy the kernel modules:

cp /tmp/nfs-1.0.0-link2-jfc-1.0.2-alpha/modules/* /lib/modules/

Copy the programs:

cp /tmp/nfs-1.0.0-link2-jfc-1.0.2-alpha/nfs-utils/* /usr/sbin/
cp /tmp/nfs-1.0.0-link2-jfc-1.0.2-alpha/portmap/portmap /sbin/

Create a new group rpc and a new user rpc.

 groupadd -g 18 rpc
 useradd -u 18 -g rpc -d / -s /bin/false -c "portmaper etc" rpc

Note: Just chose another uid and/or gid if the uid 18 and/or the gid 18 are/is already in use.

Create a file /etc/init.d/nfs with the following contents[5]:

#!/bin/sh 
# 
# description: Starts the nfs server \ 
# Script by JM, based on script from \
# http://wiki.tuxbox.org/NAS:Buffalo_Linkstation_II plus \
# further hacks and fixes from linkstationwiki.net
#

PATH=/sbin:/bin:/usr/sbin:/usr/bin 

# Set the number of servers to be started. 
# For industrial strength nfs use 8 (if the LS2 can handle it) 
RPCNFSDCOUNT=3 
 
tag=linkstation 
facility=user.info 
 
# Avoid using root's TMPDIR 
unset TMPDIR 
 
# check for modules 
sunrpcok=`lsmod | grep ^sunrpc` 
lockdok=`lsmod | grep ^lockd` 
nfsdok=`lsmod | grep ^nfsd` 
nfsok=`lsmod | grep -w ^nfs` 
 
start() 
{ 
        if [ ! -r /etc/exports ] ; then 
                echo "nfs not started, nothing exported" 
                logger -t ${tag} -p ${facility} -i 'nfs not started, nothing exported' 
                exit 0 
        fi 
        # TODO: List individual services 
        echo "Start services: nfs" 
        cd /root 
 
        # 
        # nfs needs a few important status files and directories in /var/lib/nfs.
        # However, /var is on the ram disk of the LS2, so these are lost after a 
        # reboot. We create empty substitutes for a start in case there 
        # are non. Some files/directories are set to user rpc, group rpc, which
        # triggers portmap to run as rpc instead of bin, and rpc.statd to run as rpc
        # instead of root.
        # 
        mkdir -p /var/lib/nfs 
        mkdir /var/lib/nfs/sm 
        mkdir /var/lib/nfs/sm.bak 
        touch /var/lib/nfs/state 
        chown rpc:rpc /var/lib/nfs/* # set uid:gid for sm* and state 
        # rmtab needs to be a file, but someone sometimes creates it as a directory ... 
        [ -d /var/lib/nfs/rmtab ] && rm -rf /var/lib/nfs/rmtab 
        touch /var/lib/nfs/rmtab 
        touch /var/lib/nfs/etab  
 
        # Now insert the modules if they're not running 
        if [ "$sunrpcok" = "" ]; then 
                /sbin/insmod /lib/modules/sunrpc.o 
        else 
                echo "nfs: sunrpc module already loaded" 
        fi 
 
        if [ "$lockdok" = "" ]; then 
                /sbin/insmod /lib/modules/lockd.o 
        else 
                echo "nfs: lockd module already loaded" 
        fi 
 
        if [ "nfsok" = "" ]; then 
                /sbin/insmod /lib/modules/nfs.o 
        else 
                echo "nfs: nfs module already loaded" 
        fi 
        if [ "$nfsdok" = "" ]; then 
                /sbin/insmod /lib/modules/nfsd.o 
        else 
                echo "nfs: nfsd module is already loaded" 
        fi 
        # 
        # Now run the daemons 
        # rpc.statd creates its own pidfile 
        # 
        /sbin/portmap 
        exportfs -r 
        start-stop-daemon --start --quiet --exec /usr/sbin/rpc.mountd 
        start-stop-daemon --start --quiet --exec /usr/sbin/rpc.statd 
        start-stop-daemon --start --quiet --exec /usr/sbin/rpc.nfsd $RPCNFSDCOUNT 
 
        touch /var/lock/subsys/nfs 
        showmount -e 
        logger -t ${tag} -p ${facility} -i 'Started nfs' 
} 

stop() 
{ 
        # TODO: List individual services 
        echo "Stopping services: nfs" 
 
        exportfs -au 
        start-stop-daemon --stop --quiet --exec /usr/sbin/rpc.mountd 
        start-stop-daemon --stop --quiet --pidfile /var/run/rpc.statd.pid 
        # nfsd needs KILL 
        start-stop-daemon --stop -s KILL -n nfsd 
        rm -f /var/lock/subsys/nfs 
        logger -t ${tag} -p ${facility} -i 'Stopped nfs' 
} 
 
case "$1" in 
start) 
        start 
;; 
stop) 
        stop 
;; 
restart) 
        echo "restarting nfs" 
        stop 
        sleep 10 
        start 
#       echo "starting rpc.mountd" 
#       start-stop-daemon --start --quiet --exec /usr/sbin/rpc.mountd 
#       echo "starting rpc.statd" 
#       start-stop-daemon --start --quiet  --exec /usr/sbin/rpc.statd 
#       echo "starting rpc.nfsd" 
#       start-stop-daemon --start --quiet  --exec /usr/sbin/rpc.nfsd $RPCNFSDCOUNT 
#       exportfs -r 
#       touch /var/lock/subsys/nfs 
#       showmount -e 
        ;; 
*) 
        echo "Usage: /etc/init.d/nfs {start|stop|restart}" >&2 
        exit 1 
        ;; 
esac 
exit 0 

Or just do

cd /etc/init.d/
wget http://downloads.linkstationwiki.net/packages/mips/startscripts/nfs

Set up access right and create start/stop links:

chmod 755 /etc/init.d/nfs 
chown root:root /etc/init.d/nfs 
 
cd /etc/rc.d/rc0.d 
ln -s /etc/init.d/nfs K25nfs 
cd /etc/rc.d/rc2.d 
ln -s /etc/init.d/nfs S70nfs 
cd /etc/rc.d/rc6.d 
ln -s /etc/init.d/nfs K25nfs 

Read [6] or any other exports(5) man page you can get your hands on. Create an /etc/exports file similar to the following

/mnt/hda/share <client ip>(rw,async,secure,root_squash)

Where <client ip> should be the IP address of the client you want to grant access, e.g.

/mnt/hda/share 192.168.0.2(rw,async,secure,root_squash)

if the host 192.168.0.2 should be granted access. Or, for example:

/mnt/hda/share 192.168.0.0/24(rw,async,secure,root_squash)

if the whole 192.168.0.0/24 private subnet should be granted access to the share.

See the exports(5) man page for details. Make absolutely sure that there is no space between <client ip> and (rw,async,secure,root_squash), because this gives you a different, unsecure behavior (not that nfs is very secure, but ...).

NFS isn't the most secure protocol on the planet. It should better not be exposed on the Internet. And it is good custom to lock the portmapper and other daemons down as far as possible. Therefore, create a file /etc/hosts.deny with the following contents:

portmap:ALL
lockd:ALL
mountd:ALL
rquotad:ALL
statd:ALL

So by default no host has access to these daemons (ALL hosts denied). This of course also means our own clients can no longer access these services, and NFS wont work for them. So we have to grant access for the. This is done with the /etc/hosts.allow file. E.g. if the host 192.168.0.2 should have access, write

portmap: 192.168.0.2
lockd: 192.168.0.2
mountd: 192.168.0.2
rquotad: 192.168.0.2
statd: 192.168.0.2

to the '/etc/hosts.allow file.

Finally, reboot the LS or start the /etc/init.d/nfs script manually

/etc/init.d/nfs start

Alternative: Kernel NFS in OpenLink using a Debian Package

An alternative NFS installation description, using a Debian package for a start can be found here: LinkStation II (en) - Kernel NFS in OpenLink using a Debian Package

FreeLink

  • Install the kernel modules

Log in to the LS as root. Download the binaries and modules to /tmp

cd /tmp 
wget http://www.voicenet.com/~jceklosk/nfs-1.0.0-link2-jfc-1.0.2-alpha.tar.gz

Unpack the tarball:

tar xvfz nfs-1.0.0-link2-jfc-1.0.2-alpha.tar.gz

Forget about the README.1ST and do_install script that comes with the package. We only need the kernel modules:

cp /tmp/nfs-1.0.0-link2-jfc-1.0.2-alpha/modules/* /lib/modules
  • Add Kernel Network File System (NFS) and the Webmin Exports module
  apt-get install nfs-kernel-server webmin-exports
  • Modify /etc/exports to your needs or use webmin-exports[7] to do this

References

  1. Extensive Linux NFS Documentation: http://nfs.sourceforge.net
  2. How to configure NFS for dbox & dreambox (German)
  3. The Linkstation Community Forum / General Development / (ppc) openlink & kernel 2.6.x Kernel-NFS-package
  4. Webmin and the exports module
  5. Tuxbox.org NAS:Buffalo Linkstation II
  6. exports - Online Manual Page Of Unix/Linux
  7. Webmin and the exports module