Chapter 12. NFS server

NFS is short for Networked File System, and is used to share directories on the network. A client mounts the NFS shared directory, and then uses it as part of it's own filesystem.

At the moment I mount the home directory from a server, so that I avoid the hassle of synchronizing user homes on different machines. At a later time I will enable automounting on the clients.

12.1. Installing NFS

Again we install packages.


apt-get install nfs-kernel-server
apt-get install webmin-exports

And that should be it...

12.2. Configuring NFS

In WebMin, go the System->NFS Exports. At first, we want to change the restart command, which is just wrong...

Go to "Module Config" and in the "Command to restart..." change /etc/init.d/nfs-server start to /etc/init.d/nfs-kernel-server start, which is what the command is.

After doing that, You should be ready to add exports to Your server.

12.3. Stop listening (sort of)

As with most of our services, we want the server to not expose itself to the outside world.

Unfortunately, in this case, it is not really our choice, since it's the portmapper that controls these features. Accordingly, we now mak portmap respond exclusively to internal addresses.

In my search for knowledge, I have yet to encounter a document that describes how to limit portmap (RPC) to a single interface, so we use the access control mechanism to limit what is allowed.

We start by disabling all portmap access by editing the file /etc/hosts.deny and adding the following line:


portmap:	ALL

Next we add a line to /etc/hosts.allow:


portmap:	192.168.228.0/255.255.255.0

As portmap always accepts connections on localhost (127.0.0.1) this should be all that is required.