lsg33.htm

linux-unix130.linux.and.unix.ebooks130 linux and unix ebookslinuxLearning Linux - Collection of 12 E

<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
<SCRIPT>
<!--
function displayWindow(url, width, height) {
        var Win = window.open(url,"displayWindow",'width=' + width +
',height=' + height + ',resizable=1,scrollbars=yes');
}
//-->
</SCRIPT>
</HEAD>

 -->













<LINK REL="ToC" HREF="index.htm">



<LINK REL="Index" HREF="htindex.htm">



<LINK REL="Next" HREF="lsgpt05.htm">









<A NAME="I0"></A>



<H2>Linux System Administrator's Survival Guide lsg33.htm</H2>



<P ALIGN=LEFT>



















<HR ALIGN=CENTER>



<P>



<UL>



<UL>



<UL>



<LI>



<A HREF="#E68E187" >What Is NFS?</A>



<UL>



<LI>



<A HREF="#E69E215" >Installing NFS</A>



<LI>



<A HREF="#E69E216" >Mounting NFS Directories</A></UL>



<LI>



<A HREF="#E68E188" >NFS Administration</A>



<UL>



<LI>



<A HREF="#E69E217" >rpcinfo</A>



<LI>



<A HREF="#E69E218" >nfsstat</A></UL>



<LI>



<A HREF="#E68E189" >What Are NIS and YP?</A>



<LI>



<A HREF="#E68E190" >Installing NIS</A>



<LI>



<A HREF="#E68E191" >Summary</A></UL></UL></UL>



<HR ALIGN=CENTER>



<A NAME="E66E37"></A>



<H1 ALIGN=CENTER>



<CENTER>



<FONT SIZE=6 COLOR="#FF0000"><B>Chapter 33</B></FONT></CENTER></H1>



<BR>



<A NAME="E67E40"></A>



<H2 ALIGN=CENTER>



<CENTER>



<FONT SIZE=6 COLOR="#FF0000"><B>NFS and NIS</B></FONT></CENTER></H2>



<BR>



<P>Network File System (NFS) has a reputation for being difficult to set up and install. The truth is that NFS is quite easy to implement on Linux systems, and if your machine is one of a few Linux systems on a local area network (LAN), NFS can give you enormous flexibility.



<BR>



<P>This chapter explains the benefits of NFS, and how you can set up your system to act as both a client and server for other machines on your LAN. If you are running as a stand-alone Linux machine, NFS will be of no value (other than academic) to you, but if you are part of a LAN (whether composed of PC, Mac, UNIX, or Linux machines doesn't matter), you should at least find out what NFS has to offer.



<BR>



<P>The second part of this chapter looks at the Network Information Service (NIS), an early version of which was previously called Yellow Pages, and how it works over a network. Although you probably will not need NIS unless you are part of a very large network, you can see how the system works. The chapter also looks at some system administration tools for managing NFS (Network File System), NIS (Network Information Service), and RPC (Remote Procedure Call).



<BR>



<BR>



<A NAME="E68E187"></A>



<H3 ALIGN=CENTER>



<CENTER>



<FONT SIZE=5 COLOR="#FF0000"><B>What Is NFS?</B></FONT></CENTER></H3>



<BR>



<P>NFS was developed to help solve a common problem on UNIX-based networks. With the trend to distributed processing and client-server networks, many users end up with small, powerful machines that communicate with a server. The applications users need are often located in places other than on their desktop, so some method of accessing remote files is needed. Although utilities such as Telnet enable users to use remote machines, they don't take advantage of the desktop machine's CPU, transferring the load to the remote. Another important aspect of the shift to distributed computing was peripheral sharing and the need to provide access for many users to some devices. To help integrate workstations into local area networks, as well as to simplify remote file access and peripheral sharing, Sun Microsystems introduced the Network File System (NFS). NFS uses a system called RPC (Remote Procedure Calls).



<BR>



<P>Sun designed NFS to enable machines from different manufacturers to work together independent of their operating systems. By publishing the NFS specifications, Sun allowed other vendors to modify their systems to work with NFS, resulting in a completely homogeneous network. NFS is now a de facto standard among UNIX environments, with strong support in other operating systems.



<BR>



<P>NFS actually refers to two different things: a product and a protocol. The NFS product is a set of protocols for different tasks. The NFS protocol is the single protocol of the NFS product that deals with file access. NFS is now intimately tied with UNIX and TCP/IP. For other operating systems (such as Novell NetWare), NFS is an extension that is added by the system administrator. Linux (and most UNIX versions) uses the process nfsd to manage NFS access.



<BR>



<P>NFS allows an application to read and write files that reside on NFS servers. Access to the NFS server is transparent to the application and the user. Transparent access to another machine's file structure is achieved by logically mounting the NFS server to the client. You can mount the NFS server's filesystem in whole or in part. The mount is handled in the same way as any other filesystem mount (see <A HREF="lsg18.htm">Chapter 18</A>, &quot;Filesystems and Disks,&quot; for information on the mount command), although a special keyword is added to the command to show that NFS is being used. For example, to mount the directory /usr/database/data on the remote machine wizard onto your directory /usr/data, you would issue the following command:



<BR>



<BR>



<PRE>



<FONT COLOR="#000080">mount -t nfs wizard:/usr/database/data /usr/data</FONT></PRE>



<P>When the command is issued, the local machine checks with the remote machine for permission to access the directory. If all is well, the remote machine sends a file handle that is used to redirect all requests for that directory from the local machine. Whenever the user of an NFS-mounted directory issues a request, a daemon called nfsd handles the transfers.



<BR>



<P>NFS uses the term <I>client</I> to represent any machine that requests a file from another machine, which is the server. Multitasking operating systems can act as both client and server simultaneously. Usually, restrictions are imposed on the files or portions of a filesystem that can be shared, both for security and speed considerations.



<BR>



<P>A typical NFS installation uses personal computers or diskless workstations as clients accessing a powerful server system. (Since personal computer operating systems such as MS-DOS are single-tasking, PCs usually act as clients only, unless they run a multitasking operating system such as Windows NT, Windows 95, or OS/2.) For Linux-based networks, you can have several Linux systems sharing their drives with other machines on the network. It is possible to have an entire network of multitasking computers sharing their drives with each other, although in practice this works well only with small networks.



<BR>



<P>Due to the requirement transferring files quickly with NFS, network speed becomes important. When it was designed, the original goal for an NFS-mounted filesystem was to provide performance equivalent to 80 percent of the performance expected from a locally mounted hard disk. This goal puts the performance emphasis on both the NFS disk drive and the network. Typically, NFS disk drives on a dedicated server are amongst the fastest available in order to reduce bottlenecks at the drive end. In practice for most networks, the NFS systems use standard equipment, which isn't a problem for sharing a few directories among a small network.



<BR>



<P>Typically, for a small Linux network, NFS offers a few useful benefits. Primarily, it allows data and large applications to be kept on a single drive on the network that all other machines have access to (hence saving the disk space independent copies would require). For a system administrator, NFS offers the option of keeping applications in one location (or even placing all user directories on one machine) for ease of updating, backups, and management.



<BR>



<P>The Linux version of FTP differs slightly from the standard UNIX versions, in that many of the features of the NFS system are embedded in the code for the Virtual File System (VFS) kernel layer. Early versions of Linux have a problem with Linux FTP because of the maximum size of TCP datagrams, which must be reduced in size to function properly. This had the effect of slowing performance dramatically.



<BR>



<P>Because NFS is UNIX-based, the security offered is rudimentary. For this reason, Sun has introduced Secure NFS, which implements an encrypted messaging protocol for added protection against unauthorized access to NFS-mounted file systems. This version is not available in a Linux implementation yet.



<BR>



<BR>



<A NAME="E69E215"></A>



<H4 ALIGN=CENTER>



<CENTER>



<FONT SIZE=4 COLOR="#FF0000"><B>Installing NFS</B></FONT></CENTER></H4>



<BR>



<P>The first step to installing NFS on your Linux system is to ensure that the NFS support is compiled into the kernel. Most later Linux versions have this by default, but if you are running an early version you should verify the NFS code. Versions of Linux after 1.1 can confirm support for NFS by examining the /proc/filesystems file. An entry in this file should show nfs with the command nodev. An extract from the /proc/filesystems file looks like this:



<BR>



<PRE>



<FONT COLOR="#000080"> minix



 ext2



 umsdos



 msods



nodev proc



nodev nfs



 iso9660</FONT></PRE>



<P>The second line from the bottom shows that the NFS code is included in the kernel. If the NFS code is not included, you will have to rebuild the kernel including the NFS drivers.



<BR>



<P>Versions of Linux before 1.1 are more difficult to easily check for NFS code. The best way to perform the check is to try to mount an NFS directory. If it fails, it is likely the NFS code is missing (assuming the mount commands are correct, of course). As a fast check, you can mount a local directory onto your own machine (which is perfectly legal with all versions of NFS, although it can be confusing at times). To perform this check, create a new subdirectory and issue the mount command with an existing directory. For example, these commands try to mount /usr on the empty directory /tmp/nfstest:



<BR>



<PRE>



<FONT COLOR="#000080">mkdir /tmp/nfstest



mount localhost:/usr /tmp/nfstest</FONT></PRE>



<P>If the mount command is successful (you can go into the /tmp/nfstest directory and examine the same file listing as in /usr), your kernel has the NFS code embedded in it. If you get an error message similar to this:



<BR>



<BR>



<PRE>



<FONT COLOR="#000080">fs type nfs not supported</FONT></PRE>



<P>then the NFS code is missing and you should rebuild a new kernel with the NFS drivers added.



<BR>



<BLOCKQUOTE>



<BLOCKQUOTE>



<HR ALIGN=CENTER>



<BR>



<NOTE>When you perform this NFS code check you may see many error messages. The only message that matters is nfs not supported. The rest of the messages have to do with the lack of NFS configuration.</NOTE>



<BR>



<HR ALIGN=CENTER>



</BLOCKQUOTE></BLOCKQUOTE>



<P>The NFS daemons need to be set up on your system. If you are going to act as an NFS server (allow your directories to be mounted by others), you must install both the nfsd and mountd daemons. These daemons start when your machine boots, reading the rc files. Both daemons need the program rpc.portmap to function because they both register themselves with the portmapper utility.



<BR>



<P>The startup commands for the daemons usually are placed in the /etc/rc.d/rc.inet2 file (or wherever you have installed the rc files). Most newer versions of Linux will have the proper section already in the /etc/rc.d/rc.inet2 file. For example, the section dealing with NFS will look much like this:



<BR>



<PRE>



<FONT COLOR="#000080"># # Start the various SUN RPC servers.



if [ -f ${NET}/rpc.portmap ]; then



 # Start the NFS server daemons.



 if [ -f ${NET}/rpc.mountd ]; then



 echo -n &quot; mountd&quot;



 ${NET}/rpc.mountd



 fi



 if [ -f ${NET}/rpc.nfsd ]; then



 echo -n &quot; nfsd&quot;



 ${NET}/rpc.nfsd



 fi



# # Fire up the PC-NFS daemon(s).



# if [ -f ${NET}/rpc.pcnfsd ]; then



# echo -n &quot; pcnfsd&quot;



# ${NET}/rpc.pcnfsd ${LPSPOOL}



# fi



# if [ -f ${NET}/rpc.bwnfsd ]; then



# echo -n &quot; bwnfsd&quot;



# ${NET}/rpc.bwnfsd ${LPSPOOL}



# fi



fi # Done starting various SUN RPC servers.</FONT></PRE>



<P>If your inet2 file doesn't have any lines similar to these, find a location below the rpc.portmapper startup command. The portmapper startup section will look similar to this:



<BR>



<PRE>



<FONT COLOR="#000080"># Start the SUN RPC Portmapper.



if [ -f ${NET}/rpc.portmap ]; then



 echo -n &quot; portmap&quot;



 ${NET}/rpc.portmap



fi</FONT></PRE>



<P>Below these lines, enter the following commands to start the rpcd and mountd daemons:



<BR>



<PRE>



<FONT COLOR="#000080"> if [ -x /usr/sbin/rpc.mountd ]; then



 echo -n &quot; mountd&quot;



 /usr/sbin/rpc.mountd



 fi



 if [ -x /usr/sbin/rpc.nfsd ]; then



 echo -n &quot; nfsd&quot;



 /usr/sbin/rpc.nfsd



 fi</FONT></PRE>



<P>If the rpc.nfsd and rpc.mountd daemons are not in /usr/sbin, enter the proper pathnames. These lines don't make use of a prior defined path. The paths to the deamons should be explicitly specified.



<BR>



<P>The next step in configuring your system for NFS server duty is to set up a file listing all the clients who can attach to your system and mount directories. This is done through the /etc/exports file. The /etc/exports file is read every time the mountd daemon receives a request to mount a directory. The file contains a list of directories that you want to allow to be mounted, and the remote systems that can mount them followed by a permission indication.



<BR>



<P>The best way to explain the /etc/exports file is to examine a sample. The following file shows several systems allowed to mount directories on the local machine:



<BR>



<PRE>



<FONT COLOR="#000080"># /etc/exports for merlin



/usr/database/data chatton(rw) big_roy (rw) wizard (rw)



/usr/book chatton(rw) wizard (ro)



/usr/bin/bigapp big_roy(rw) wizard (ro)



/usr/ftp (ro)</FONT></PRE>



<P>This file shows that the three machines chatton, big_roy, and wizard can all mount the local directory /usr/database/data in read-write mode (meaning they can modify the contents). The directory /usr/book can be mounted read-write by remote machine chatton, and read-only (no writing allowed) by wizard. The /usr/ftp directory can be mounted read-only by any machine that wants to.



<BR>



<P>When you are specifying machine names in the /etc/exports file, you can use explicit names, or a combination of asterisk and question mark wildcards to match multiple machines. For example, the entry



<BR>



<BR>



<PRE>