Preparing NFS media storage
- RPM
- DEB
Install the required packages:
sudo dnf install nfs-utils
Start NFS server services:
sudo systemctl start nfs-server.service
sudo systemctl enable nfs-server.service
sudo systemctl status nfs-server.serviceCreate file systems for export or sharing on NFS server and set the owner and group:
sudo mkdir -p /mnt/data_storage/
sudo chown -R 23041:23041 /mnt/data_storage/Export filesystems to the NFS server configuration file,
/etc/exports
, to define local physical filesystems accessible to NFS clients:Path template/mnt/data_storage/ <Client IP/Network/Mask/*>(rw,sync,all_squash,anonuid=23041,anongid=23041)
Path example/mnt/data_storage/ 192.168.131.0/24(rw,sync,all_squash,anonuid=23041,anongid=23041)
Once you have made your changes, run the command to make them take effect:
sudo exportfs -arv
Bypassing built-in security utilities:
In RPM-based distros (e.g. CentOS, RHEL, Fedora), the SELinux security utility may block NFS access if it is not configured properly.
To disable SELinux temporarily for testing:
sudo setenforce 0
To configure SELinux to work with NFS:
sudo setsebool -P nfs_export_all_rw 1
sudo setsebool -P nfs_export_all_ro 1
Also make sure that your firewall is not blocking ports required for NFS to work. Open required ports:
sudo firewall-cmd --permanent --add-service=nfs
sudo firewall-cmd --permanent --add-service=rpc-bind
sudo firewall-cmd --permanent --add-service=mountd
sudo firewall-cmd --reload
Install the required packages:
sudo apt update
sudo apt install nfs-kernel-serverStart NFS server services:
sudo systemctl start nfs-kernel-server.service
sudo systemctl enable nfs-kernel-server.service
sudo systemctl status nfs-kernel-server.serviceCreate file systems for export or sharing on NFS server and set the owner and group:
sudo mkdir -p /mnt/data_storage/
sudo chown -R 23041:23041 /mnt/data_storage/Export filesystems to the NFS server configuration file,
/etc/exports
, to define local physical filesystems accessible to NFS clients:Path template/mnt/data_storage/ <Client IP/Network/Mask/*>(rw,sync,all_squash,anonuid=23041,anongid=23041)
Path example/mnt/data_storage/ 192.168.131.0/24(rw,sync,all_squash,anonuid=23041,anongid=23041)
Once you have made your changes, run the command to make them take effect:
sudo exportfs -arv
Bypassing built-in security utilities:
On DEB based distros (e.g. Ubuntu, Debian) you may also need to configure your firewall to allow NFS access.
To check the firewall status and, if necessary, open ports for NFS:
sudo ufw status
sudo ufw allow from <Client IP> to any port nfs
sudo ufw allow 2049/tcp
sudo ufw allow 111/tcp
sudo ufw allow 111/udpIf you are using AppArmor, make sure that the profiles for NFS are configured properly. In some cases, you may need to adjust or temporarily disable them.
sudo aa-status
If AppArmor interferes with NFS, you can temporarily disable it for testing:
sudo systemctl stop apparmor
sudo systemctl disable apparmor