RHEL7: Provide NFS network shares suitable for group collaboration.

Share this link

Note: This is an RHCE 7 exam objective.

Configuration Procedure

Install the NFS packages:

# yum groupinstall -y "file-server"

Add a new service to the firewall:

# firewall-cmd --permanent --add-service=nfs
Success

Reload the firewall configuration:

# firewall-cmd --reload
Success

Activate the NFS services at boot:

# systemctl enable rpcbind
# systemctl enable nfs-server
# systemctl enable nfs-lock

Note: With the RHEL 7.3 release, the Systemd init system is able to use aliases. For example, the nfs.service is a symbolic link/alias to the nfs-server.service service file. This enables, for example, using the systemctl status nfs.service command instead of systemctl status nfs-server.service.
Previously, running the systemctl enable command using an alias instead of the real service name failed with an error.

Start the NFS services:

# systemctl start rpcbind
# systemctl start nfs-server
# systemctl start nfs-lock

Create a directory to export (here /shared):

# mkdir /shared

Create a dedicated group (here called sharedgrp):

# groupadd -g 60000 sharedgrp

Assign this group to the new directory:

# chgrp sharedgrp /shared

Define permissions:

# chmod 2770 /shared

Edit the /etc/exports file and add the following lines with the name (or IP address) of the client(s):

/shared client(rw,no_root_squash)

Export the directories:

# exportfs -avr
# systemctl restart nfs-server

Note1: The client needs to have access to the same group (via LDAP) and be a member of this group.
Note2: The last command shouldn’t be necessary in the future. But, for the time being, it avoids rebooting.
Note3: The standard way to export shares is to create a file finishing by .exports in the /etc/exports.d directory (/etc/exports.d/openshift-ansible.exports for example).

1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 4.33 out of 5)
Loading...

11
Leave a Reply

Please Login to comment
3 Comment threads
8 Thread replies
3 Followers
 
Most reacted comment
Hottest comment thread
7 Comment authors
itninjahccLisenethunter86_bgalexritm Recent comment authors
  Subscribe  
newest oldest
Notify of
Abdelrahman
Member
Abdelrahman

Thank you for your efforts.
I’ve a question here, in the exam, Will I need to make any LDAP configuration, or just the NFS server configuration?

alexritm
Member
alexritm

Note1: The client needs to have access to the same group (via LDAP) and be a member of this group. – ipa group-add… ???

hunter86_bg
Member

Shouldn’t this :
firewall-cmd –permanent –add-service=nfs
be
firewall-cmd –permanent –add-service={nfs,rpc-bind}
???

Lisenet
Member

No, it shouldn’t, unless you’re setting up NFSv3.

hunter86_bg
Member

And if you want a mixture – both should be available?

Lisenet
Member

If you want both NFSv3 and NFSv4, then you need the following:

nfs,mountd,rpc-bind

Lisenet
Member

Or just take a look here:

https://www.lisenet.com/2016/kerberised-nfs-server-on-rhel-7/

I have explained the setup.

hcc
Member
hcc

Hi, thanks for the great tutorial.

I am also not clear about “Note1: The client needs to have access to the same group (via LDAP) and be a member of this group.”.

What does “this group” mean? Does that mean the test will provide us with the user group name so we can add locally on nfs server? In this case, on LDAP server, there is a group called “sharedgrp”??

Or the LDAP clients (the nfs server and client) need to be in the same group?

Thanks

itninja
Member
itninja

Hi, since I am preparing now my RHCE, I will try to answer you question. For example, if you have IPA server in place as LDAP/Kerberos/DNS/NFS server and in LDAP you create user “Alice” and group “Ldapusers”, you add Alice to Ldapusers. Next step is to change group owner of the NFS directory(your export) on the Linux FS to Ldapusers. Imagine that your client is configured to use LDAP/Kerberos and you mapped shared folder on the client under /nfs. If you now login on the client as Alice using LDAP repository, user is member of the Ldapusers group, you then… Read more »

Upcoming Events (Local Time)

  1. Feb
    1
    Fri

    1. 8:30 am - View Details
      CentOS: Dojo, Brussels, Belgium.

RHCSA7: Task of the day

Allowed time: 10 minutes.
Create a XFS file system of 100MB. Mount it under /mnt. Then, increase its size by 50MB.

RHCE7: Task of the day

Allowed time: 8 minutes.
Set up an iScsi target based on a fileio backstore of 100MB called /opt/shareddata with CHAP authentication (username=usr/password=pwd), xfs filesystem and standard firewall configuration.

Follow me on Twitter

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...