Computer Engineering Department

Faculty of Engineering and Informatics

Universitas Multimedia Nusantara

CE542-System Administration
Remote mount

Dareen K. Halim
Hargyo Tri Nugroho (slides originator)
Target competencies
Code Description
SUB-CPMK 21 Mahasiswa mampu melakukan konfigurasi server NFS – C3
SUB-CPMK 22 Mahasiswa mampu melakukan konfigurasi server SMB – C3
SUB-CPMK 23 Mahasiswa dapat melakukan konfigurasi fstab dan automount – C3

2
Contents
• Intro to file sharing
• NFS
• SMB (supplementary)
• Automount
• SCP (in class demo)

3
Remote mount

4
File sharing
• Purpose:
• Collaboration
• Backup / remote storage
• Part of a service (e.g., web files)
• Methods available
• NFS (*nix-to-*nix)
• SMB (*nix-to-windows) (explore this yourself)
• FTP (no longer part of RHCSA / RHCE exam)
• SSH / SCP (short in class demo)

5
NFS
• NFS (which stands for Network File System) is the classic network file system.
• Its purpose is to make it possible to mount remote file systems into the local
file system hierarchy.
• An NFS share is exported by the NFS server. The format of the share is
servername:/sharename
• Eg: example.com:/sharing
• RHEL 7 onwards uses NFS 4 which provides a feature  pseudo-root mount
• E.g., server.com export three folders  folderA/ folderB/ folderC/
• Have a ‘root’ NFS directory, on which all three folders are mounted on

8
NFS security options
• NFS security is limited :
• Allow-deny based on the hostname that wants to access the share
• When a client accesses an NFS share, the NFS server by default maps the UID of
the client user to the same UID on the NFS server. This can lead to unexpected
result!
• i.e., user A on client (UID 100) and user X on server (UID 100)
• A has X access on the server
• Recommended option:
• maps all incoming UID to nobody’s UID
• using central auth mechanism such as LDAP

9
NFS security options

10
Configuring NFS Server (VM1)
1. Type yum –y install nfs-utils .

This will install NFS service and create user and group nfsnobody

In RHEL 8, NFS service use the more common user & group nobody

2. We want to share /var/nfsshare. Now create the directory that will be shared by NFS by typing mkdir
/var/nfsshare

3. Change the ownership of /var/nfsshare to nfsnobody by typing chown nobody:nobody

/var/nfsshare

4. Enable rpcbind, nfs-server, nfs-lock, and nfs-idmap by typing

systemctl enable rpcbind

systemctl enable nfs-server

Systemctl enable nfs-lock (not found in RHEL8)

systemctl enable nfs-idmap (not found in RHEL8)

11
Configuring NFS Server (VM1)
5. Start the services: rpcbind, nfs-server, nfs-lock, and nfs-idmap by typing
systemctl start rpcbind
• converts RPC program numbers into universal addresses. It must be running on the
host to be able to make RPC calls on a server on that machine
systemctl start nfs-server
systemctl start nfs-lock (not found in RHEL8)
• kernel thread to allow NFSv2 and NFSv3 clients to lock files on the server
systemctl start nfs-idmap (not found in RHEL8)
• translate user and group ids into names, and to translate user and group names into
ids, in the form of user@domain

12
Configuring NFS Server (VM1)
6. Now we will share the NFS directory over the network a follows:
vim /etc/exports
7. We will make two sharing points  /var/nfsshare2 and /var/nfsshare.
Edit the exports file as follows:

/var/nfsshare2

13
Configuring NFS Server (VM1)
6. Type systemctl restart nfs-server to restart the NFS service
7. Add nfs service to the trusted zone on firewalld
firewall-cmd --add-service=nfs --zone=trusted --permanent
8. Add your interface to trusted zone
firewall-cmd --add-interface=enp0s8 --zone=trusted --permanent
9. Reload firewalld
firewall-cmd --reload

14
Configuring NFS Server (VM1)
Ensure it is
running NFS
version 4

15
Mounting an NFS Share (client / VM2)
1. Install nfs-utils by typing yum install –y nfs-utils
2. Type showmount –e [server_addr] to see NFS shared folders on
[server_addr] (you might get error “port mapper failure .. “)
If you get that error, on VM1, stop the firewalld then repeat step 2, then
start the firewalld back.
3. Now, create our mountpoint /mnt/nfs by typing mkdir /mnt/nfs
4. Type mount [server_addr]:/ /mnt/nfs . This performs pseudo root mount
of all NFS shares.

16
Mounting Remote File Systems Through
fstab

Column Description
1 The server and share name
2 The mount location
3 NFS file system
4 Mount options
Soft  so that the client doesn’t insist on mounting the NFS share (useful for
when the NFS server fails)
5 No backup support through the dump utility
6 No fsck (integrity check) has to be performed on this file system while booting

23
Using Automount to Mount Remote File
Systems
• As an alternative to /etc/fstab, you can configure automount to mount the share
automatically.
• Automount can be used for SMB as well as NFS mounts
• Mounts through fstab are by default, where through automount are on demand
• Automounts is implemented by autofs service that takes care of mounting a share when it is
attempted to be accessed
• Automount can be direct or indirect
• Indirect mount: shared directory (and its subdirectories) will be automatically created by
automount at the moment that the indicated file system is mounted
• Direct mount: the mount point (directory) should already exist before the automount can be
done
http://osr507doc.xinuos.com/en/NetAdminG/aut
oC.direct.html#auto.indirect_mount_fg
24
Configuring Direct and Indirect Maps to
Mount NFS Shares
Assume you have an NFS server exporting two folders as in slide 13
--------
1. Type yum install –y autofs to install the autofs package
2. Create the master map file that contain further instruction that tell the autofs service
how to automount the remote file systems. Type to open and create the file. The name
can be arbitrary (*.autofs)
vim /etc/auto.master.d/demo.autofs
3. Add the master map entry for indirect-mapped mounts by adding the followong line:
/mnt/nfsindirect /etc/auto.demo --ghost

25
Configuring Direct and Indirect Maps to
Mount NFS Shares
4. In the same file, include the following line for directly mapped mounts points:
/- /etc/auto.direct
5. Direct mounts always have /- as the starting point for the direct mounts in the
master map file. Further instructions on how to perform the mount are in the
auto.direct file.
6. In the indirect mount file auto.demo, include the following line to mount
[server_addr]:/var/nfsshare on the directory
/mnt/nfsindirect/nfsshare using the rw and sync NFS mount options:
nfsshare -rw,sync [server_addr]:/var/nfsshare

26
Configuring Direct and Indirect Maps to
Mount NFS Shares
7. Now create the direct mounts configuration in the file /etc/auto.direct .
Give this file the following contents:
/mnt/nfsdirect –rw,sync [server_addr]:/var/nfsshare2

8. Notice that /mnt/nfsdirect must be exist befoure automount

9. Type systemctl enable autofs; systemctl start autofs to start the
autofs service
10. At this point you can check you automount configuration . Go to the
mount directories and check

27
Configuring Direct and Indirect Maps to
Mount NFS Shares

28
Summary
• Intro to file sharing
• NFS
• SMB (supplementary)
• Automount
• SCP (in class demo)

29