# NFS??

## joshdr77

how do u work nfs....i tryed to follow a howto but i get permission denied? i think everything is set up correctly, not sure?

thanks

----------

## Sven Vermeulen

First, make sure nfs-client-support is enabled in the kernel of the client that wants to mount a nfs-share.

Second, make sure the nfs-server support is enabled in the kernel of the server that wants to export nfs-shares.

Third, emerge nfs-utils on the server.

Fourth, edit /etc/hosts.allow and /etc/hosts.deny on the server so that only the appropriate systems can mount nfs-shares.

```

~$ cat /etc/hosts.deny

portmap: ALL

lockd:   ALL

mountd:  ALL

rquotad: ALL

statd:   ALL

~$ cat /etc/hosts.allow

portmap: 192.168.0.20

lockd:   192.168.0.20

rquotad: 192.168.0.20

mountd:  192.168.0.20

statd:   192.168.0.20

```

In the above case, only the host with ip 192.168.0.20 is allowed access.

Fifth, startup the nfs daemon on the server

```

~# /etc/init.d/nfs start

```

If everything works, don't forget to add it to the default runlevel

```

~# rc-update add nfs default

```

Sixth, edit /etc/exports so that it mentions the shares. In my example, this would be:

```

~$ cat /etc/exports

# /etc/exports: NFS file systems being exported.  See exports(5).

/usr/portage            192.168.0.20(ro,sync)

/usr/portage/distfiles  192.168.0.20(ro,sync)

```

Since (in my case) 192.168.0.20 only needs the portage-tree for read-only access (it will not dl sourcecode nor alter ebuilds) it can only be accessed readonly.

Have nfs reread the /etc/exports-file

```

~# exportfs -a

```

At last, you can now mount the shares on the client:

```

~# mount -t nfs -o nolock 192.168.0.10:/usr/portage /usr/portage

~# mount -t nfs -o nolock 192.168.0.10:/usr/portage/distfiles /usr/portage/distfiles

```

I use nolock here since the mounting is only needed occasionally (when the server - 192.168.0.20 is a testing server - needs access to portage, which only happens twice a week)  and I don't want to have any more daemons running on the server than necessary (if you want to have it without nolock, you need to emerge nfs-utils on that client too so that portmap and rpc.* can communicate to eachother).

Note that this is *not* a TCP-NFS connection.

You might want to use a firewall to disable any communication to portmap/rpc.* to the server from hosts that aren't allowed access (I know, /etc/hosts.allow/deny takes care of that, but better be double-teamed than sorry).

----------

## rizzo

Why do you export /usr/portage and /usr/portage/distfiles separately?  Wouldn't you get the distfiles dir from /usr/portage?

I'm trying to do something similar, only I want my clients to be able write to the distfiles dir if they need to download the source.  I'm exporting /usr/portage with auto,rw,hard,intr parameters which I got from this thread.  However my client machine hangs and the mount process shows up as "D" in the "ps auwwwx" list when I try it.

I noticed that my client machine didn't have nfs-utils installed, nor does it have portmap installed.  I'm installing nfs-utils now, do I need portmap installed?

----------

## rac

 *rizzo wrote:*   

> do I need portmap installed?

 Yes - I think I mentioned this in your other thread.

----------

## Sven Vermeulen

 *rizzo wrote:*   

> Why do you export /usr/portage and /usr/portage/distfiles separately?  Wouldn't you get the distfiles dir from /usr/portage?
> 
> 

 

Here /usr/portage/distfiles is a seperate partition, and NFS won't export seperate partitions (or not default).

----------

## Sven Vermeulen

 *rac wrote:*   

> Yes - I think I mentioned this in your other thread.

 

And if this still doesn't work, try the "-o nolock" switch...

----------

## rizzo

I was just thinking you might have them on separate partitions.

Anyway yes it was a (lack of) portmap problem.

Thanks to all for helping.

----------

## anxt

I am wondering if nolock causes problems with portage. With unmerges I keep getting directory not empty error 39.

I just moved /var/tmp onto a sperate partition and am playing with mount options.

----------

## nephros

Woah!

Nice gravedigging there.

I also must say I'm absolutely stunned that considering the quality of the question in the OP it received the responses that it did. Those were the days I guess...

As for nolock, I am using an NFS-exported portage tree on my laptop, mounted with no fancy options except for rsize/wsize, soft and timeo and I am not seeing any problems. Also judging from man nfs it seems nolock is more of a compatibility option for old NFS clients, it's probably not intended to be used in the real world anymore.

I don't think exporting /var/tmp is a good idea though. Some programs try to put things like sockets or fifos there and those don't work over NFS.

----------

## anxt

well it is a diskless box. so i am kinda stuck using everything over nfs

geez i just noticed the date on that thread.

tee-hee

----------

## nephros

Okay, my bad I just checked the fifos-on-nfs thing.

Correction:

FIFOs and sockets work normally on an NFS-mounted filesystem, but only locally.

You can't 

```

root@foobox# mount -tnfs barbox:/var/tmp /mnt/nfs

root@foobox# mkfifo /mnt/nfs/myfifo

root@foobox# echo hello world > /mnt/nfs/myfifo

root@barbox# cat /var/tmp/myfifo

```

The fifo will work fine though on foobox AND barbox if used locally.

----------

## anxt

yeah i guess that makes sense otherwise how could each box keep track of who owns what fifo or socket.

----------

## richardash1981

Note that the nfs server needs to be able to do a reverse DNS lookup on each client IP that tries to connect to it,(even with IP addresses or masks in /etc/exports).  If it can't, mount will often time out on the clients, and exportfs will take much longer.

Either add the nfs clients to the DNS or the server's hosts file.

----------

## m4chine

If I'm reading this correctly, you'd like to share a folder via nfs on a server, and use it for your temp portage dir? If so I've found a working solution.

On the nfs server, modify your exports like so:

```
/home/m4chine/share 192.168.100.0/255.255.255.0(async,no_subtree_check,no_root_squash,rw)
```

And then I changed ownership on the server so permissions match up on client/server

```
chmod -R 777 /home/m4chine/share 

chown -R portage:portage /home/m4chine/share
```

On my client machine i created /var/tmp-nfs, chown it to portage:portage and mounted the nfs share:

```
mount server:/home/m4chine/share /var/tmp-nfs
```

changed my /etc/make.conf to:

```
PORAGE_TMPDIR=/var/tmp-nfs
```

And now I'm able to use server space for building package on my small HD client machine.

Cheers,

----------

