Preparing NFS media storage

RPM

1. Install the required packages:

   sudo dnf install nfs-utils

2. Start NFS server services:

   sudo systemctl start nfs-server.service
   sudo systemctl enable nfs-server.service
   sudo systemctl status nfs-server.service

3. Create file systems for export or sharing on NFS server and set the owner and group:

   sudo mkdir -p /mnt/data_storage/
   sudo chown -R 23041:23041 /mnt/data_storage/

4. Export filesystems to the NFS server configuration file, /etc/exports, to define local physical filesystems accessible to NFS clients:

   Path template

   /mnt/data_storage/ <Client IP/Network/Mask/*>(rw,sync,all_squash,anonuid=23041,anongid=23041)
   Path example

   /mnt/data_storage/ 192.168.131.0/24(rw,sync,all_squash,anonuid=23041,anongid=23041)

5. Once you have made your changes, run the command to make them take effect:

   sudo exportfs -arv

6. Bypassing built-in security utilities:

   In RPM-based distros (e.g. CentOS, RHEL, Fedora), the SELinux security utility may block NFS access if it is not configured properly.

   • To disable SELinux temporarily for testing:

     sudo setenforce 0

   • To configure SELinux to work with NFS:

     sudo setsebool -P nfs_export_all_rw 1
     sudo setsebool -P nfs_export_all_ro 1

   Also make sure that your firewall is not blocking ports required for NFS to work. Open required ports:

   sudo firewall-cmd --permanent --add-service=nfs
   sudo firewall-cmd --permanent --add-service=rpc-bind
   sudo firewall-cmd --permanent --add-service=mountd
   sudo firewall-cmd --reload

DEB

1. Install the required packages:

   sudo apt update
   sudo apt install nfs-kernel-server

2. Start NFS server services:

   sudo systemctl start nfs-kernel-server.service
   sudo systemctl enable nfs-kernel-server.service
   sudo systemctl status nfs-kernel-server.service

3. Create file systems for export or sharing on NFS server and set the owner and group:

   sudo mkdir -p /mnt/data_storage/
   sudo chown -R 23041:23041 /mnt/data_storage/

4. Export filesystems to the NFS server configuration file, /etc/exports, to define local physical filesystems accessible to NFS clients:

   Path template

   /mnt/data_storage/ <Client IP/Network/Mask/*>(rw,sync,all_squash,anonuid=23041,anongid=23041)
   Path example

   /mnt/data_storage/ 192.168.131.0/24(rw,sync,all_squash,anonuid=23041,anongid=23041)

5. Once you have made your changes, run the command to make them take effect:

   sudo exportfs -arv

6. Bypassing built-in security utilities:

   On DEB based distros (e.g. Ubuntu, Debian) you may also need to configure your firewall to allow NFS access.

   • To check the firewall status and, if necessary, open ports for NFS:

     sudo ufw status
     sudo ufw allow from <Client IP> to any port nfs
     sudo ufw allow 2049/tcp
     sudo ufw allow 111/tcp
     sudo ufw allow 111/udp

   • If you are using AppArmor, make sure that the profiles for NFS are configured properly. In some cases, you may need to adjust or temporarily disable them.

     sudo aa-status

     If AppArmor interferes with NFS, you can temporarily disable it for testing:

     sudo systemctl stop apparmor
     sudo systemctl disable apparmor