Centos 7 – NFS server and client installation on CentOS 7

Last updated on August 15th, 2019 at 06:18 am

Important!!!

Do Not Use the no_root_squash Option
By default, NFS shares change the root user to the nfsnobody user, an unprivileged user account. 
In this way, all root-created files are owned by nfsnobody, which prevents uploading of programs with the setuid bit set.
If no_root_squash is used, remote root users are able to change any file on the shared 
file system and leave trojaned applications for other users to inadvertently execute.

 

 NFS Server

Edit the nano /etc/idmapd.conf file as follow.

Uncomment line number 5 as shown in the screenshot below. Enter the appropriate domain name.

4 # The default is the host's DNS domain name.
5 Domain = Your_Server_Name

 

2 At NFS server
Now we will install these packages at the CentOS 7.0 server end as:

yum install nfs-utils -y

Now the configuration part will include as:

mkdir /var/nfsshare

Change the permissions of the folder as follows:

chmod -R 777 /var/nfsshare/

We have used /var/nfsshare as, if we uses any other drive such as any /home directory then it will cause a massive permissions problem and ruin the whole hierarchy. If in case we want to share the /home directory then permissions must not be changed.
Next we need to start the services and add them to the boot menu.

systemctl enable rpcbind
systemctl enable nfs-server
systemctl enable nfs-lock
systemctl enable nfs-idmap
systemctl start rpcbind
systemctl start nfs-server
systemctl start nfs-lock
systemctl start nfs-idmap

Now we will share the NFS directory over the network a follows:

nano /etc/exports

We will make two sharing points  /home and /var/nfs. Edit it as follows:

On Centos 6 and Centos 7 without last security updates this work good

/var/nfsshare    192.168.0.101(rw,sync,no_root_squash,no_all_squash)

/home            192.168.0.101(rw,sync,no_root_squash,no_all_squash)

After Security updates remove no_all_squash

/var/nfsshare    192.168.0.101(rw,sync,no_root_squash)

/home            192.168.0.101(rw,sync,no_root_squash)

Note 192.168.0.101 is the IP of client machine, if you wish that any other client should access it you need to add the it IP wise other wise you can add “*” instead of IP for all IP access.
Condition is that it must be pingable at both ends.
Finally start the NFS service as follows:

systemctl restart nfs-server

Now check your setings

exportfs -rav
exportfs -r

Again we need to add the NFS service override in CentOS 7.0 firewall-cmd public zone service as:

firewall-cmd --permanent --zone=public --add-service=nfs
firewall-cmd --permanent --zone=public --add-service=mountd
firewall-cmd --permanent --zone=public --add-service=rpc-bind
firewall-cmd --reload

Note: If it will be not done, then it will give error for Connection Time Out at client side.
Now we are ready with the NFS server part.
 

NFS client

yum install nfs-utils

Now create the NFS directory mount point as follows:

mkdir -p /mnt/nfs/home
mkdir -p /mnt/nfs/var/nfsshare

Start the services and add them to boot menu.

systemctl enable rpcbind
systemctl enable nfs-server
systemctl enable nfs-lock
systemctl enable nfs-idmap
systemctl start rpcbind
systemctl start nfs-server
systemctl start nfs-lock
systemctl start nfs-idmap

Next we will mount the NFS shared content in the client machine as shown below:

mount -t nfs 192.168.0.100:/home /mnt/nfs/home/

It will mount /home of NFS server. Next we will /var/nfsshare mount as follows:

 mount -t nfs 192.168.0.100:/var/nfsshare /mnt/nfs/var/nfsshare

Now we are connected with the NFS share, we will crosscheck it as follows:

df -kh
[[email protected] ~]# df -kh
Filesystem                    Size  Used Avail Use% Mounted on
/dev/mapper/centos-root        39G  1.1G   38G   3% /
devtmpfs                      488M     0  488M   0% /dev
tmpfs                         494M     0  494M   0% /dev/shm
tmpfs                         494M  6.7M  487M   2% /run
tmpfs                         494M     0  494M   0% /sys/fs/cgroup
/dev/mapper/centos-home        19G   33M   19G   1% /home
/dev/sda1                     497M  126M  372M  26% /boot
192.168.0.100:/var/nfsshare   39G  980M   38G   3% /mnt/nfs/var/nfsshare
192.168.0.100:/home           19G   33M   19G   1% /mnt/nfs/home
[[email protected] ~]#

So we are connected with NFS share.
Now we will check the read/write permissions in the shared path. At client enter the command:

touch /mnt/nfs/var/nfsshare/test_nfs

So successfull NFS-share done.
4 Permanent NFS mounting
We need to mount the NFS share at client end permanent that it must be mounted even after reboot. So we need to add the NFS-share in /etc/fstabfile of client machine as follows:

nano /etc/fstab

Add the entries like this:
[…]

192.168.0.100:/home    /mnt/nfs/home   nfs defaults 0 0
192.168.0.100:/var/nfsshare    /mnt/nfs/var/nfsshare   nfs defaults 0 0

Note 192.168.0.100 is the server NFS-share  IP address, it will vary in your case.
This will make the permanent mount of the NFS-share. Now you can reboot the machine and mount points will be permanent even after the reboot.
Cheers now we have a successfully configured NFS-server over CentOS 7.0 🙂

Monitor NFS

On Server

exportfs -rav

On client

mount -vv 192.168.60.180:/nfs/devnl01  /BCKP+REPL/

Leave a comment

Your email address will not be published. Required fields are marked *