mirror of
https://git.FreeBSD.org/ports.git
synced 2024-11-23 00:43:28 +00:00
Update MASTER_SITES and sync the NFS HOWTO
PR: 14898 Submitted by: KATO Tsuguru <tkato@prontomail.ne.jp>
This commit is contained in:
parent
d5a1e6c207
commit
7d63b5b8d6
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=23221
@ -9,9 +9,8 @@
|
|||||||
|
|
||||||
DISTNAME= Howto-1.0
|
DISTNAME= Howto-1.0
|
||||||
CATEGORIES= misc
|
CATEGORIES= misc
|
||||||
MASTER_SITES= ftp://sunsite.unc.edu/pub/Linux/docs/HOWTO/other-formats/sgml/ \
|
MASTER_SITES= ftp://metalab.unc.edu/pub/Linux/docs/HOWTO/other-formats/sgml/ \
|
||||||
ftp://sunsite.unc.edu/pub/Linux/docs/HOWTO/mini/other-formats/sgml/ \
|
ftp://metalab.unc.edu/pub/Linux/docs/HOWTO/mini/other-formats/sgml/
|
||||||
http://sunsite.unc.edu/mdw/HOWTO/
|
|
||||||
DISTFILES= Linux+FreeBSD.sgml.gz \
|
DISTFILES= Linux+FreeBSD.sgml.gz \
|
||||||
DNS-HOWTO.sgml.gz \
|
DNS-HOWTO.sgml.gz \
|
||||||
NFS-HOWTO.sgml.gz \
|
NFS-HOWTO.sgml.gz \
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
MD5 (Howto/Linux+FreeBSD.sgml.gz) = 9199f50bba56794f8a86cce37001e99d
|
MD5 (Howto/Linux+FreeBSD.sgml.gz) = 9199f50bba56794f8a86cce37001e99d
|
||||||
MD5 (Howto/DNS-HOWTO.sgml.gz) = 67f91d102b0d4b7933a4991b3b173e1d
|
MD5 (Howto/DNS-HOWTO.sgml.gz) = 67f91d102b0d4b7933a4991b3b173e1d
|
||||||
MD5 (Howto/NFS-HOWTO.sgml.gz) = 857f74f17b4c532cdf3016aa691db457
|
MD5 (Howto/NFS-HOWTO.sgml.gz) = 909acce9e589fb4dbef9ee16eb9143f2
|
||||||
MD5 (Howto/NIS-HOWTO.sgml.gz) = 06c782815b4123f7820ba96f66f45365
|
MD5 (Howto/NIS-HOWTO.sgml.gz) = 06c782815b4123f7820ba96f66f45365
|
||||||
MD5 (Howto/Security-HOWTO.sgml.gz) = d1ed952ffb4d15cf795d0a50a7d8f528
|
MD5 (Howto/Security-HOWTO.sgml.gz) = d1ed952ffb4d15cf795d0a50a7d8f528
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
--- NFS-HOWTO.sgml.orig Sat Oct 3 01:30:40 1998
|
--- NFS-HOWTO.sgml.orig Thu Nov 18 06:51:14 1999
|
||||||
+++ NFS-HOWTO.sgml Sat Oct 3 02:20:23 1998
|
+++ NFS-HOWTO.sgml Thu Nov 18 06:52:16 1999
|
||||||
@@ -67,7 +67,7 @@
|
@@ -79,7 +79,7 @@
|
||||||
networking and the terms used. If you don't recognize the terms you
|
networking and the terms used. If you don't recognize the terms you
|
||||||
can either go back and check the networking HOWTO, wing it, or get a
|
can either go back and check the networking HOWTO, wing it, or get a
|
||||||
book about TCP/IP network administration to familiarize yourself with
|
book about TCP/IP network administration to familiarize yourself with
|
||||||
@ -9,8 +9,23 @@
|
|||||||
machines. A very good book on the subject is <em>TCP/IP Network
|
machines. A very good book on the subject is <em>TCP/IP Network
|
||||||
Administration</em> by Craig Hunt, published by O'Reilly &
|
Administration</em> by Craig Hunt, published by O'Reilly &
|
||||||
Associates, Inc. And after you've read it and understood it you'll
|
Associates, Inc. And after you've read it and understood it you'll
|
||||||
@@ -96,7 +96,7 @@
|
@@ -89,14 +89,6 @@
|
||||||
skip ahead to the section on <ref id="nfs-client" name="setting up a
|
<em/Mount Checklist/ and <em/FAQs/. Please refer to them if something
|
||||||
|
dosen't work as advertized.
|
||||||
|
|
||||||
|
-<p>The home-site for the Linux 2.0 nfsd is <htmlurl
|
||||||
|
-name="ftp.mathematik.th-darmstadt.de:/pub/linux/okir"
|
||||||
|
-url="ftp://ftp.mathematik.th-darmstadt.de/pub/linux/okir/">, in case
|
||||||
|
-you want/need to get it and compile it yourself.
|
||||||
|
-
|
||||||
|
-<p>For information about NFS under Linux 2.2 please see <ref
|
||||||
|
-id="linuxtwotwo" name="the Linux 2.2 section">.
|
||||||
|
-
|
||||||
|
<sect>Setting up a NFS server<label id="nfs-server">
|
||||||
|
|
||||||
|
<sect1>Prerequisites
|
||||||
|
@@ -116,7 +108,7 @@
|
||||||
|
skip ahead to <ref id="nfs-client" name="the section on setting up a
|
||||||
NFS client">
|
NFS client">
|
||||||
|
|
||||||
-<p>If you need to set up a non-Linux box as server you will have to
|
-<p>If you need to set up a non-Linux box as server you will have to
|
||||||
@ -18,7 +33,15 @@
|
|||||||
read the system manual(s) to discover how to enable NFS serving and
|
read the system manual(s) to discover how to enable NFS serving and
|
||||||
export of file systems through NFS. There is a separate section in
|
export of file systems through NFS. There is a separate section in
|
||||||
this HOWTO on how to do it on many different systems. After you have
|
this HOWTO on how to do it on many different systems. After you have
|
||||||
@@ -109,8 +109,8 @@
|
@@ -124,16 +116,13 @@
|
||||||
|
HOWTO. Or read more of this section since some of the things I will
|
||||||
|
say are relevant no matter what kind of machine you use as server.
|
||||||
|
|
||||||
|
-<p>If you're running please see <ref id="linuxtwotwo" name="the Linux
|
||||||
|
-2.2 section"> before you continue reading this.
|
||||||
|
-
|
||||||
|
<p>Those of you still reading will need to set up a number of
|
||||||
|
programs.
|
||||||
|
|
||||||
<sect1>The portmapper<label id="portmapper">
|
<sect1>The portmapper<label id="portmapper">
|
||||||
|
|
||||||
@ -26,10 +49,26 @@
|
|||||||
-<tt/rpc.portmap/. The man page on my system says it is a "DARPA port
|
-<tt/rpc.portmap/. The man page on my system says it is a "DARPA port
|
||||||
+<p>The portmapper on FreeBSD is called <tt/portmap/.
|
+<p>The portmapper on FreeBSD is called <tt/portmap/.
|
||||||
+The man page on my system says it is a "DARPA port
|
+The man page on my system says it is a "DARPA port
|
||||||
to RPC program number mapper". It is the first security holes you'll
|
to RPC program number mapper". It is the first security hole you'll
|
||||||
open reading this HOWTO. Description of how to close one of the holes
|
open reading this HOWTO. Description of how to close one of the holes
|
||||||
is in the <ref id="nfs-security" name="security section">. Which I,
|
is in <ref id="nfs-security" name="the security section">. Which I,
|
||||||
@@ -157,24 +157,23 @@
|
@@ -149,14 +138,7 @@
|
||||||
|
If there is a script called something like <tt/inet/ it's probably the
|
||||||
|
right script to edit. But, what to write or do is outside the scope
|
||||||
|
of this HOWTO. Start portmap, and check that it lives by running
|
||||||
|
-<tt/ps aux/ and then <tt/rpcinfo -p/. It does? Good.
|
||||||
|
-
|
||||||
|
-<p>Oh, one thing. Remote access to your portmapper is regulated by
|
||||||
|
-the contents of your <tt>/etc/hosts.allow</tt> and
|
||||||
|
-<tt>/etc/hosts.deny</tt> files. If <tt/rpcinfo -p/ fails, but your
|
||||||
|
-portmapper is running please examine these files. See <ref
|
||||||
|
-id="nfs-security" name="the security section"> for details on these
|
||||||
|
-files.
|
||||||
|
+<tt/ps aux/. It does? Good.
|
||||||
|
|
||||||
|
<sect1>Mountd and nfsd<label id="nfsd">
|
||||||
|
|
||||||
|
@@ -187,24 +169,23 @@
|
||||||
use./ There is a separate section in this HOWTO about other Unixes
|
use./ There is a separate section in this HOWTO about other Unixes
|
||||||
<tt/exports/ files.
|
<tt/exports/ files.
|
||||||
|
|
||||||
@ -44,7 +83,7 @@
|
|||||||
-to run <tt/exportfs/. Many Linux distributions lack a exportfs
|
-to run <tt/exportfs/. Many Linux distributions lack a exportfs
|
||||||
-program. If you're exportfs-less you can install this script on your
|
-program. If you're exportfs-less you can install this script on your
|
||||||
+to run <tt/exportfs/. FreeBSD lacks a exportfs
|
+to run <tt/exportfs/. FreeBSD lacks a exportfs
|
||||||
+program. Yyou can install this script on your
|
+program. You can install this script on your
|
||||||
machine:
|
machine:
|
||||||
|
|
||||||
<code>
|
<code>
|
||||||
@ -60,7 +99,22 @@
|
|||||||
<tt/chmod a+rx/ it. Now, whenever you change your exports file, you
|
<tt/chmod a+rx/ it. Now, whenever you change your exports file, you
|
||||||
run exportfs after, as root.
|
run exportfs after, as root.
|
||||||
|
|
||||||
@@ -221,12 +220,8 @@
|
@@ -225,12 +206,8 @@
|
||||||
|
mountd and nfsd.
|
||||||
|
|
||||||
|
<p>If you get <tt>rpcinfo: can't contact portmapper: RPC: Remote
|
||||||
|
-system error - Connection refused</tt>,
|
||||||
|
-<tt>RPC_PROG_NOT_REGISTERED</tt> or something similar instead then the
|
||||||
|
-portmapper isn't running. OR you might have something in
|
||||||
|
-<tt>/etc/hosts.{allow,deny}</tt> that forbids the portmapper from
|
||||||
|
-answering, please see <ref id="nfs-security" name="the security
|
||||||
|
-section"> for details on these files. If you get <tt>No remote
|
||||||
|
+system error - Connection refused</tt> or something similar instead
|
||||||
|
+then the portmapper isn't running. Fix it. If you get <tt>No remote
|
||||||
|
programs registered.</tt> then either the portmapper doesn't want to
|
||||||
|
talk to you, or something is broken. Kill nfsd, mountd, and the
|
||||||
|
portmapper and try the ignition sequence again.
|
||||||
|
@@ -255,12 +232,8 @@
|
||||||
<sect>Setting up a NFS client<label id="nfs-client">
|
<sect>Setting up a NFS client<label id="nfs-client">
|
||||||
|
|
||||||
<p>First you will need a kernel with the NFS file system either
|
<p>First you will need a kernel with the NFS file system either
|
||||||
@ -73,9 +127,19 @@
|
|||||||
+compiled in or available as a module. This is configured in the GENERIC
|
+compiled in or available as a module. This is configured in the GENERIC
|
||||||
+FreeBSD kernel for you.
|
+FreeBSD kernel for you.
|
||||||
|
|
||||||
<p>You can now, at a root prompt, enter a appropriate mount command and
|
<p>You can now, at a root prompt, enter a appropriate mount command
|
||||||
the file system will appear. Continuing the example in the previous
|
and the file system will appear. Continuing the example in the
|
||||||
@@ -259,7 +254,7 @@
|
@@ -280,8 +253,7 @@
|
||||||
|
by server: Permission denied</tt> then the exports file is wrong, or
|
||||||
|
you forgot to run exportfs after editing the exports file. If it says
|
||||||
|
<tt>mount clntudp_create: RPC: Program not registered</tt> it means
|
||||||
|
-that nfsd or mountd is not running on the server. Or you have the
|
||||||
|
-<tt/hosts.{allow,deny}/ problem mentioned earlier.
|
||||||
|
+that nfsd or mountd is not running on the server.
|
||||||
|
|
||||||
|
<p>To get rid of the file system you can say
|
||||||
|
|
||||||
|
@@ -294,7 +266,7 @@
|
||||||
as this is required:
|
as this is required:
|
||||||
|
|
||||||
<code>
|
<code>
|
||||||
@ -84,7 +148,7 @@
|
|||||||
...
|
...
|
||||||
eris:/mn/eris/local /mnt nfs rsize=1024,wsize=1024 0 0
|
eris:/mn/eris/local /mnt nfs rsize=1024,wsize=1024 0 0
|
||||||
...
|
...
|
||||||
@@ -294,7 +289,7 @@
|
@@ -332,7 +304,7 @@
|
||||||
<p>Picking up the previous example, this is now your fstab entry:
|
<p>Picking up the previous example, this is now your fstab entry:
|
||||||
|
|
||||||
<code>
|
<code>
|
||||||
@ -93,7 +157,7 @@
|
|||||||
...
|
...
|
||||||
eris:/mn/eris/local /mnt nfs rsize=1024,wsize=1024,hard,intr 0 0
|
eris:/mn/eris/local /mnt nfs rsize=1024,wsize=1024,hard,intr 0 0
|
||||||
...
|
...
|
||||||
@@ -304,8 +299,8 @@
|
@@ -342,8 +314,8 @@
|
||||||
<sect1>Optimizing NFS<label id="optimizing">
|
<sect1>Optimizing NFS<label id="optimizing">
|
||||||
|
|
||||||
<p>Normally, if no rsize and wsize options are specified NFS will read
|
<p>Normally, if no rsize and wsize options are specified NFS will read
|
||||||
@ -104,7 +168,7 @@
|
|||||||
might not be optimal, anyway. So we'll want to experiment and find a
|
might not be optimal, anyway. So we'll want to experiment and find a
|
||||||
rsize and wsize that works and is as fast as possible. You can test
|
rsize and wsize that works and is as fast as possible. You can test
|
||||||
the speed of your options with some simple commands. Given the mount
|
the speed of your options with some simple commands. Given the mount
|
||||||
@@ -341,7 +336,7 @@
|
@@ -379,7 +351,7 @@
|
||||||
have different optimal sizes. SunOS and Solaris is reputedly a lot
|
have different optimal sizes. SunOS and Solaris is reputedly a lot
|
||||||
faster with 4096 byte blocks than with anything else.
|
faster with 4096 byte blocks than with anything else.
|
||||||
|
|
||||||
@ -113,7 +177,7 @@
|
|||||||
rsizes larger or equal to the machine page size. On Intel CPUs the
|
rsizes larger or equal to the machine page size. On Intel CPUs the
|
||||||
page size is 4096 bytes. Read ahead will <em/significantly/ increase
|
page size is 4096 bytes. Read ahead will <em/significantly/ increase
|
||||||
the NFS read performance. So on a Intel machine you will want 4096
|
the NFS read performance. So on a Intel machine you will want 4096
|
||||||
@@ -355,13 +350,13 @@
|
@@ -393,13 +365,13 @@
|
||||||
requests shall not be considered finished before the data written is
|
requests shall not be considered finished before the data written is
|
||||||
on a non-volatile medium (normally the disk). This restricts the
|
on a non-volatile medium (normally the disk). This restricts the
|
||||||
write performance somewhat, asynchronous writes will speed NFS writes
|
write performance somewhat, asynchronous writes will speed NFS writes
|
||||||
@ -130,7 +194,18 @@
|
|||||||
</code>
|
</code>
|
||||||
|
|
||||||
<p>or something similar. Please refer to the exports man page on the
|
<p>or something similar. Please refer to the exports man page on the
|
||||||
@@ -587,10 +582,10 @@
|
@@ -413,7 +385,9 @@
|
||||||
|
distance connections.
|
||||||
|
|
||||||
|
<p>This section is based on knowledge about the used protocols but no
|
||||||
|
-actual experiments. Please let me hear from you if try this ;-)
|
||||||
|
+actual experiments. My home computer has been down for 6 months (bad
|
||||||
|
+HD, low on cash) and so I have had no modem connection to test this
|
||||||
|
+with. Please let me hear from you if try this :-)
|
||||||
|
|
||||||
|
<p>The first thing to remember is that NFS is a slow protocol. It has
|
||||||
|
high overhead. Using NFS is almost like using kermit to transfer
|
||||||
|
@@ -623,10 +597,10 @@
|
||||||
servers root account. In the NFSd man page there are several other
|
servers root account. In the NFSd man page there are several other
|
||||||
squash options listed so that you can decide to mistrust whomever you
|
squash options listed so that you can decide to mistrust whomever you
|
||||||
(don't) like on the clients. You also have options to squash any UID
|
(don't) like on the clients. You also have options to squash any UID
|
||||||
@ -143,7 +218,7 @@
|
|||||||
root access to a filesystem use <tt/no_root_squash/.
|
root access to a filesystem use <tt/no_root_squash/.
|
||||||
|
|
||||||
<p>Another important thing is to ensure that nfsd checks that all it's
|
<p>Another important thing is to ensure that nfsd checks that all it's
|
||||||
@@ -598,7 +593,7 @@
|
@@ -634,7 +608,7 @@
|
||||||
any old port on the client a user with no special privileges can run a
|
any old port on the client a user with no special privileges can run a
|
||||||
program that's is easy to obtain over the Internet. It talks nfs
|
program that's is easy to obtain over the Internet. It talks nfs
|
||||||
protocol and will claim that the user is anyone the user wants to be.
|
protocol and will claim that the user is anyone the user wants to be.
|
||||||
@ -152,36 +227,58 @@
|
|||||||
have to enable this check yourself. This should be described in the
|
have to enable this check yourself. This should be described in the
|
||||||
nfsd man page for the OS.
|
nfsd man page for the OS.
|
||||||
|
|
||||||
@@ -609,74 +604,9 @@
|
@@ -645,98 +619,9 @@
|
||||||
|
|
||||||
<p>The basic portmapper, in combination with nfsd has a design problem
|
<p>The basic portmapper, in combination with nfsd has a design problem
|
||||||
that makes it possible to get to files on NFS servers without any
|
that makes it possible to get to files on NFS servers without any
|
||||||
-privileges. Fortunately the portmapper Linux uses is relatively
|
-privileges. Fortunately the portmapper that most Linux distributions
|
||||||
-secure against this attack, and can be made more secure by configuring
|
-use is relatively secure against this attack, and can be made more
|
||||||
-up access lists in two files.
|
-secure by configuring up access lists in two files.
|
||||||
+privileges. Fortunately the portmapper FreeBSD uses is relatively
|
-
|
||||||
+secure against this attack.
|
-<p>Not all Linux distributions were created equal. Some seemingly
|
||||||
|
-up-to-date distributions does <em/not/ include a securable portmapper,
|
||||||
|
-even today, many years since the vulnerability became common
|
||||||
|
-knowledge. At least one distribution even contains the manpage for a
|
||||||
|
-securable portmapper but the actual portmapper is <em>not</em>
|
||||||
|
-secureable. The easy way to check if your portmapper is good
|
||||||
|
-or not is to run strings(1) and see if it reads the relevant files,
|
||||||
|
-<tt>/etc/hosts.deny</tt> and <tt>/etc/hosts.allow</tt>. Assuming your
|
||||||
|
-portmapper is <tt>/usr/sbin/portmap</tt> you can check it with this
|
||||||
|
-command: <tt>strings /usr/sbin/portmap | grep hosts</tt>. On my
|
||||||
|
-machine it comes up with this:
|
||||||
|
-
|
||||||
|
-<code>
|
||||||
|
-/etc/hosts.allow
|
||||||
|
-/etc/hosts.deny
|
||||||
|
-@(#) hosts_ctl.c 1.4 94/12/28 17:42:27
|
||||||
|
-@(#) hosts_access.c 1.20 96/02/11 17:01:27
|
||||||
|
-</code>
|
||||||
|
-
|
||||||
-<p>First we edit <tt>/etc/hosts.deny</tt>. It should contain the line
|
-<p>First we edit <tt>/etc/hosts.deny</tt>. It should contain the line
|
||||||
-
|
-
|
||||||
-<code>
|
-<code>
|
||||||
-portmap: ALL
|
-portmap: ALL
|
||||||
-</code>
|
-</code>
|
||||||
-
|
-
|
||||||
-which will deny access to <em/everyone/. That's a bit drastic
|
-which will deny access to <em/everyone/. While it is closed thus run
|
||||||
-perhaps, so we open it again by editing <tt>/etc/hosts.allow</tt>.
|
-<tt>rpcinfo -p</tt> just to check that your portmapper really reads
|
||||||
-But first we need to figure out what to put in it. It should
|
-and obeys this file. rpcinfo should give no output, or possebly a
|
||||||
-basically list all machines that should have access to your
|
-errormessage. Restarting the portmapper should <em>not</em> be
|
||||||
-portmapper. On a run of the mill Linux system there are very few
|
-necessary.
|
||||||
-machines that need any access for any reason. The portmapper
|
-
|
||||||
-administrates nfsd, mountd, ypbind/ypserv, pcnfsd, and 'r' services
|
-<p>Closing the portmapper for everyone is a bit drastic, so we open it
|
||||||
-like ruptime and rusers. Of these only nfsd, mountd, ypbind/ypserv
|
-again by editing <tt>/etc/hosts.allow</tt>. But first we need to
|
||||||
-and perhaps pcnfsd are of any consequence. All machines that needs to
|
-figure out what to put in it. It should basically list all machines
|
||||||
-access services on your machine should be allowed to do that. Let's
|
-that should have access to your portmapper. On a run of the mill
|
||||||
-say that your machines address is 129.240.223.254 and that it lives on
|
-Linux system there are very few machines that need any access for any
|
||||||
-the subnet 129.240.223.0 should have access to it (those are terms
|
-reason. The portmapper administrates nfsd, mountd, ypbind/ypserv,
|
||||||
-introduced by the networking HOWTO, go back and refresh your memory if
|
-pcnfsd, and 'r' services like ruptime and rusers. Of these only nfsd,
|
||||||
-you need to). Then we write
|
-mountd, ypbind/ypserv and perhaps pcnfsd are of any consequence. All
|
||||||
|
-machines that needs to access services on your machine should be
|
||||||
|
-allowed to do that. Let's say that your machines address is
|
||||||
|
-129.240.223.254 and that it lives on the subnet 129.240.223.0 should
|
||||||
|
-have access to it (those are terms introduced by the networking HOWTO,
|
||||||
|
-go back and refresh your memory if you need to). Then we write
|
||||||
-
|
-
|
||||||
-<code>
|
-<code>
|
||||||
-portmap: 129.240.223.0/255.255.255.0
|
-portmap: 129.240.223.0/255.255.255.0
|
||||||
@ -201,7 +298,9 @@
|
|||||||
- Interrupt:10 Base address:0x320
|
- Interrupt:10 Base address:0x320
|
||||||
-...
|
-...
|
||||||
-</code>
|
-</code>
|
||||||
-
|
+privileges. Fortunately the portmapper FreeBSD uses is relatively
|
||||||
|
+secure against this attack.
|
||||||
|
|
||||||
-and <tt/netstat -rn/ should show
|
-and <tt/netstat -rn/ should show
|
||||||
-
|
-
|
||||||
-<code>
|
-<code>
|
||||||
@ -229,7 +328,7 @@
|
|||||||
|
|
||||||
<sect1>NFS and firewalls<label id="security-firewalls">
|
<sect1>NFS and firewalls<label id="security-firewalls">
|
||||||
|
|
||||||
@@ -692,13 +622,13 @@
|
@@ -752,13 +637,13 @@
|
||||||
|
|
||||||
<sect1>Summary<label id="security-summary">
|
<sect1>Summary<label id="security-summary">
|
||||||
|
|
||||||
@ -239,13 +338,13 @@
|
|||||||
presently known bugs in nfs and can almost feel secure about <em/that/
|
presently known bugs in nfs and can almost feel secure about <em/that/
|
||||||
at least. But still, after all that: When an intruder has access to
|
at least. But still, after all that: When an intruder has access to
|
||||||
your network, s/he can make strange commands appear in your
|
your network, s/he can make strange commands appear in your
|
||||||
<tt/.forward/ or mailbox file when <tt>/home</tt> or
|
<tt/.forward/ or read your mail when <tt>/home</tt> or
|
||||||
-<tt>/var/spool/mail</tt> are mounted over NFS. For the same reason,
|
-<tt>/var/spool/mail</tt> is NFS exported. For the same reason,
|
||||||
+<tt>/var/mail</tt> are mounted over NFS. For the same reason,
|
+<tt>/var/mail</tt> is NFS exported. For the same reason,
|
||||||
you should never access your PGP private key over nfs. Or at least
|
you should never access your PGP private key over nfs. Or at least
|
||||||
you should know the risk involved. And now you know a bit of it.
|
you should know the risk involved. And now you know a bit of it.
|
||||||
|
|
||||||
@@ -706,10 +636,10 @@
|
@@ -766,10 +651,10 @@
|
||||||
it's not totally unlikely that new bugs will be discovered, either in
|
it's not totally unlikely that new bugs will be discovered, either in
|
||||||
the basic design or the implementation we use. There might even be
|
the basic design or the implementation we use. There might even be
|
||||||
holes known now, which someone is abusing. But that's life. To keep
|
holes known now, which someone is abusing. But that's life. To keep
|
||||||
@ -260,33 +359,57 @@
|
|||||||
absolute minimum.
|
absolute minimum.
|
||||||
|
|
||||||
<sect>Mount Checklist
|
<sect>Mount Checklist
|
||||||
@@ -761,10 +691,7 @@
|
@@ -780,18 +665,7 @@
|
||||||
|
refer to this list before posting your problem. Each item describes a
|
||||||
|
failure mode and the fix.
|
||||||
|
|
||||||
|
-<enum>Mount keeps saying <tt/RPC: Program not registered/
|
||||||
|
-
|
||||||
|
-<p>Is the portmapper running?
|
||||||
|
-<p><bf/Fix:/ Start it.
|
||||||
|
-<p>Is mountd running?
|
||||||
|
-<p><bf/Fix:/ Start it.
|
||||||
|
-<p>Is nfsd running?
|
||||||
|
-<p><bf/Fix:/ Start it.
|
||||||
|
-<p>Is the portmapper forbidden to answer by <tt>/etc/hosts.deny</tt>?
|
||||||
|
-<p><bf/Fix:/ Either remove the rule in <tt/hosts.deny/ or add a rule
|
||||||
|
- to <tt/hosts.allow/ such that the portmapper is allowed to talk to
|
||||||
|
- you.
|
||||||
|
+<enum>
|
||||||
|
|
||||||
|
<item>File system not exported, or not exported to the client in
|
||||||
|
question.
|
||||||
|
@@ -832,10 +706,7 @@
|
||||||
|
|
||||||
<p><bf/Fix:/ Get the date set right.
|
<p><bf/Fix:/ Get the date set right.
|
||||||
|
|
||||||
-<p>The HOWTO author recommends using NTP to synchronize clocks. Since
|
-<p>The HOWTO author recommends using NTP to synchronize clocks. Since
|
||||||
-there are export restrictions on NTP in the US you have to get NTP for
|
-there are export restrictions on NTP in the US you have to get NTP for
|
||||||
-debian, redhat or slackware from
|
-Debian, Red Hat or Slackware from
|
||||||
-ftp://ftp.hacktic.nl/pub/replay/pub/linux or a mirror.
|
-<tt>ftp://ftp.hacktic.nl/pub/replay/pub/linux</tt> or a mirror.
|
||||||
+<p>The HOWTO author recommends using NTP to synchronize clocks.
|
+<p>The HOWTO author recommends using NTP to synchronize clocks.
|
||||||
|
|
||||||
<item>The server can not accept a mount from a user that is in more
|
<item>The server can not accept a mount from a user that is in more
|
||||||
than 8 groups.
|
than 8 groups.
|
||||||
@@ -774,93 +701,10 @@
|
@@ -845,153 +716,10 @@
|
||||||
|
|
||||||
</enum>
|
</enum>
|
||||||
|
|
||||||
-<sect>FAQs
|
-<sect>FAQs
|
||||||
-
|
-
|
||||||
-<p>This is the FAQ section. Most of it was written by Alan Cox.
|
-<p>This is the FAQ section. It is partly based on a old NFS FAQ by
|
||||||
|
-Alan Cox.
|
||||||
|
-
|
||||||
|
-<p>If you have a problem mounting a filesystem please see if your
|
||||||
|
-problem is described in the ``Mount Checklist'' section.
|
||||||
-
|
-
|
||||||
-<enum>
|
-<enum>
|
||||||
-
|
-
|
||||||
- <item>I get a lot of 'stale nfs handle' errors when using Linux as
|
- <item>I get a lot of ``stale nfs handle'' errors when using Linux as
|
||||||
- a nfs server.
|
- a nfs server.
|
||||||
-
|
-
|
||||||
- <p>This is caused by a bug in some oldish nfsd versions. It is
|
- <p>This is caused by a bug in some old nfsd versions. It is fixed
|
||||||
- fixed in nfs-server2.2beta16 and later.
|
- in nfs-server2.2beta16 and later.
|
||||||
-
|
-
|
||||||
- <item>When I try to mount a file system I get
|
- <item>When I try to mount a file system I get
|
||||||
-
|
-
|
||||||
@ -300,18 +423,20 @@
|
|||||||
- <item>Why can't I execute a file after copying it to the NFS server?
|
- <item>Why can't I execute a file after copying it to the NFS server?
|
||||||
-
|
-
|
||||||
- <p>The reason is that nfsd caches open file handles for performance
|
- <p>The reason is that nfsd caches open file handles for performance
|
||||||
- reasons (remember, it runs in user space). While nfsd has a file
|
- reasons (remember, it runs in user space). While nfsd has a file
|
||||||
- open (as is the case after writing to it), the kernel won't allow
|
- open (as is the case after writing to it), the kernel won't allow
|
||||||
- you to execute it. Nfsds newer than ~spring 95 release open files
|
- you to execute it. Nfsds newer than ~spring 95 release open files
|
||||||
- after a few seconds, older ones would cling to them for days.
|
- after a few seconds, older ones would cling to them for days.
|
||||||
-
|
-
|
||||||
- <item>My NFS files are all read only
|
- <item>My NFS files are all read only
|
||||||
-
|
-
|
||||||
- <p>The Linux NFS server defaults to read only. RTFM the ``exports''
|
- <p>The Linux NFS server defaults to read only. Please read the
|
||||||
- and nfsd manual pages. You will need to alter <tt>/etc/exports</tt>.
|
- section about ``Mountd and nfsd'' and ``Exporting filesystems'' in
|
||||||
|
- this HOWTO, and refer to the ``exports'' and ``nfsd'' manual
|
||||||
|
- pages. You will need to alter <tt>/etc/exports</tt>.
|
||||||
-
|
-
|
||||||
- <item>I mount from a linux nfs server and while ls works I can't
|
- <item>I mount from a Linux NFS server and while <tt>ls</tt> works I
|
||||||
- read or write files.
|
- can't read or write files.
|
||||||
-
|
-
|
||||||
- <p>On older versions of Linux you must mount a NFS servers with
|
- <p>On older versions of Linux you must mount a NFS servers with
|
||||||
- <tt/rsize=1024,wsize=1024/.
|
- <tt/rsize=1024,wsize=1024/.
|
||||||
@ -319,7 +444,9 @@
|
|||||||
- <item>I mount from a Linux NFS server with a block size of between
|
- <item>I mount from a Linux NFS server with a block size of between
|
||||||
- 3500-4000 and it crashes the Linux box regularly
|
- 3500-4000 and it crashes the Linux box regularly
|
||||||
-
|
-
|
||||||
- <p>Basically don't do it then.
|
- <p>Basically don't do it then. This does not happen with 2.0 and
|
||||||
|
- 2.2 kernels. As far as I recall there is no problem with 1.2
|
||||||
|
- either.
|
||||||
-
|
-
|
||||||
- <item>Can Linux do NFS over TCP
|
- <item>Can Linux do NFS over TCP
|
||||||
-
|
-
|
||||||
@ -342,7 +469,7 @@
|
|||||||
- systems
|
- systems
|
||||||
-
|
-
|
||||||
- <p>NFS writes are normally synchronous (you can disable this if you
|
- <p>NFS writes are normally synchronous (you can disable this if you
|
||||||
- don't mind risking losing data). Worse still BSD derived kernels
|
- don't mind risking losing data). Worse still BSD derived kernels
|
||||||
- tend to be unable to work in small blocks. Thus when you write 4K of
|
- tend to be unable to work in small blocks. Thus when you write 4K of
|
||||||
- data from a Linux box in the 1K packets it uses BSD does this
|
- data from a Linux box in the 1K packets it uses BSD does this
|
||||||
-
|
-
|
||||||
@ -355,6 +482,58 @@
|
|||||||
- write 4K page back to physical disk
|
- write 4K page back to physical disk
|
||||||
- etc..
|
- etc..
|
||||||
- </verb></tscreen>
|
- </verb></tscreen>
|
||||||
|
-
|
||||||
|
- <item>When I connect many clients to a Linux NFS server the
|
||||||
|
- performance suddenly drops.
|
||||||
|
-
|
||||||
|
- <p>The NFS protocol uses fragmented UDP packets. The kernel has a
|
||||||
|
- limit of how many fragments of incomplete packets it can have before
|
||||||
|
- it starts throwing away packets. In 2.2 this is runtime tuneable
|
||||||
|
- via the /proc filesystem:
|
||||||
|
- <tt>/proc/sys/net/ipv4/ipfrag_high_thresh</tt> and
|
||||||
|
- <tt>ipfrag_low_thresh</tt>. In 2.0 these are compile-time constants
|
||||||
|
- defined in <tt>.../linux/net/ipv4/ip_fragment.c</tt>,
|
||||||
|
- <tt>IPFRAG_HIGH_THRESH</tt> and <tt>IPFRAG_LOW_THRESH</tt>. The
|
||||||
|
- meaning of these values is that once the memory consumption of
|
||||||
|
- unassembled UDP fragments reaches the ``ipfrag_high_thresh'' in
|
||||||
|
- bytes (256K by default in 2.2.3 and 2.0.36) it is cut down to
|
||||||
|
- ``ipfrag_low_tresh'' at once. This is done by throwing away
|
||||||
|
- fragments. This will look almost like packet loss, and if the
|
||||||
|
- high threshold is reached your server performance drops a lot.
|
||||||
|
-
|
||||||
|
- <p>256K is enough for up to 30 clients. If you have 60, double it.
|
||||||
|
- And double the low threshold also.
|
||||||
|
-
|
||||||
|
- <item>I'm using Linux 2.2 (or later) with knfsd and I can't get my
|
||||||
|
- AIX, IRIX, Solaris, DEC-Unix, ... machine to mount it.
|
||||||
|
-
|
||||||
|
- <p>Knfsd announces that it implements NFS version 3. It does not.
|
||||||
|
- There is an option to stop it from announcing it. Use it. Or you
|
||||||
|
- can put "<tt/vers=2/" in the mount option list on the clients.
|
||||||
|
-
|
||||||
|
- <item>My AIX 4 machine cannot mount my Linux NFS server. It says
|
||||||
|
-
|
||||||
|
- <tscreen><verb>
|
||||||
|
- mount: 1831-011 access denied for server:/dir
|
||||||
|
- mount: 1831-008 giving up on:
|
||||||
|
- server:/dir
|
||||||
|
- The file access permissions do not allow the specified action.
|
||||||
|
- </verb></tscreen>
|
||||||
|
-
|
||||||
|
- or something like that instead.
|
||||||
|
-
|
||||||
|
- <p>AIX 4.2 used reserved ports (<1024) for NFS. AIX 4.2.1 and 4.3
|
||||||
|
- are not constrained to reserved ports. Also, AIX 4.2.1 and 4.3 try
|
||||||
|
- to mount using NFS3, then NFS/TCP, then fiannly NFS/UDP.
|
||||||
|
-
|
||||||
|
- <p>Adding
|
||||||
|
-
|
||||||
|
-<code>
|
||||||
|
-nfso -o nfs_use_reserved_ports=1
|
||||||
|
-</code>
|
||||||
|
-
|
||||||
|
- <p>to the end of <tt/rc.tcpip/ will force it to use reserved ports
|
||||||
|
- again. (This tip was supplied by Brian Gorka)
|
||||||
-
|
-
|
||||||
-</enum>
|
-</enum>
|
||||||
-
|
-
|
||||||
@ -364,6 +543,298 @@
|
|||||||
<p>The way to export filesytems with NFS is not completely consistent
|
<p>The way to export filesytems with NFS is not completely consistent
|
||||||
-across platforms of course. In this case Linux and Solaris 2 are the
|
-across platforms of course. In this case Linux and Solaris 2 are the
|
||||||
+across platforms of course. In this case FreeBSD and Solaris 2 are the
|
+across platforms of course. In this case FreeBSD and Solaris 2 are the
|
||||||
deviants. This section lists, superficially the way to do it on most
|
deviants. This section lists, superficially, the way to do it on most
|
||||||
systems. If the kind of system you have is not covered you must check
|
systems. If the kind of system you have is not covered you must check
|
||||||
your OS man-pages. Keywords are: nfsd, system administration tool, rc
|
your OS man-pages. Keywords are: nfsd, system administration tool, rc
|
||||||
|
@@ -1040,291 +768,6 @@
|
||||||
|
</code>
|
||||||
|
|
||||||
|
After editing run the program <tt/shareall/ to export the filesystems.
|
||||||
|
-
|
||||||
|
-<sect>NFS under Linux 2.2
|
||||||
|
-<label id="linuxtwotwo">
|
||||||
|
-
|
||||||
|
-<p>As I write this Linux 2.2.12 is the current kernel version and to
|
||||||
|
-use NFS under it can be a bit of a chore. Or not.
|
||||||
|
-
|
||||||
|
-<p>What the status of NFS in Linux 2.4 will be i unknown.
|
||||||
|
-
|
||||||
|
-<p>The new big thing in Linux 2.2 is support for a in-kernel nfs
|
||||||
|
-server demon, called knfsd in 2.2. This way of implementing nfsd has
|
||||||
|
-some advantages, the main one is speed. A Linux 2.2 machine with
|
||||||
|
-knfsd is a respectable nfs server. You can still use the old nfsd
|
||||||
|
-with Linux 2.2 though, and there are some advantages to using this,
|
||||||
|
-mainly simplicity.
|
||||||
|
-
|
||||||
|
-<p>If you use a kernel source or binary package made by someone like
|
||||||
|
-RedHat (6.0 and later), SuSE (6.1 or later, I belive) or some other
|
||||||
|
-professional system integrator they have likely integrated full
|
||||||
|
-"knfsd" functionality in their kernel and you need not worry, it will
|
||||||
|
-work. Mostly. Until you want to compile a kernel yourself. If you
|
||||||
|
-use a stock Linux 2.2 kernel (up to 2.2.12 at least) knfsd will break.
|
||||||
|
-
|
||||||
|
-<p>To get this on the air yourself you need to get H.J. Lus knfsd
|
||||||
|
-package. This is a collection of patches, and the needed utilities
|
||||||
|
-for 2.2 that Lu is maintaining in his spare time. You can get it from
|
||||||
|
-your local kernel mirror, the master site is <htmlurl
|
||||||
|
-url="ftp://ftp.kernel.org/pub/linux/devel/gcc/"
|
||||||
|
-name="ftp.kernel.org:/pub/linux/devel/gcc/">. <bf/This is not meant
|
||||||
|
-for general consumption/. If you find this package confusing please
|
||||||
|
-don't try to do this yourself. Wait until a kernel package from your
|
||||||
|
-favourite system integrator (e.g., Red Hat, SuSE or ...) appears.
|
||||||
|
-
|
||||||
|
-<p>Also, please don't send me questions about this, I can't help you.
|
||||||
|
-I do not have any knfsd based servers running. If you find errors or
|
||||||
|
-omissions in this documentation, please write to me and I'll revise
|
||||||
|
-this HOWTO and release it again.
|
||||||
|
-
|
||||||
|
-<p>Still reading? Ok. H.J.Lu posts about new versions of this
|
||||||
|
-package on the linux-kernel mailing list. Other issues pertaining to
|
||||||
|
-NFS in 2.2 is also posted about there. Read it.
|
||||||
|
-
|
||||||
|
-<p>There is one interesting thing to note about the knfsd package. It
|
||||||
|
-announces that it supports NFS version 3. However it does not support
|
||||||
|
-it. There is an option you can give to stop it from announcing NFS3,
|
||||||
|
-or on the clients you can specify "<tt/vers=2/" in the mount option
|
||||||
|
-list.
|
||||||
|
-
|
||||||
|
-<sect1>The client
|
||||||
|
-
|
||||||
|
-<p>The client is almost simple. To get propper locking you need to
|
||||||
|
-get <tt/statd/ (from the knfsd package) compiled, installed and
|
||||||
|
-started from your boot-scripts. Do that. Statd needs a directory
|
||||||
|
-called <tt>/var/lib/nfs</tt> to function otherwise it will just abort
|
||||||
|
-with no error message, so that directory needs to be created before it
|
||||||
|
-will run.
|
||||||
|
-
|
||||||
|
-<p>Once statd is running you can use the <tt/testlk/ program (in
|
||||||
|
-<tt>tools/locktest</tt> to test if locking of a file on a NFS mounted
|
||||||
|
-filesystem works. It should. If it prints <em/No locks available/
|
||||||
|
-statd is not working.
|
||||||
|
-
|
||||||
|
-<p>Actually, you can also avoid locking entierly (not that I recomend
|
||||||
|
-this), by giving "<tt/nolock/" in the mount option list.
|
||||||
|
-
|
||||||
|
-<p>As far as I know this is all that's needed to get the client
|
||||||
|
-working.
|
||||||
|
-
|
||||||
|
-<p>Oh, if you have a Sparc or Alpha NFS server you will find that the
|
||||||
|
-nfs client in Linux 2.2 absolutely sucks. The transfer rates to and
|
||||||
|
-from the server is so bad that ... you can't imagine. It's far worse
|
||||||
|
-than under Linux 2.0. Far. But there is a fix for this of course.
|
||||||
|
-The Alan Cox series of 2.2 kernels (which are a bit more experimental
|
||||||
|
-than the normal 2.2 kernels from Linus) include a patch to make Linux
|
||||||
|
-2.2 perform when used with Alpha and Sparc servers. If you want to
|
||||||
|
-use the Alan Cox 2.2 kernels you should be reading the linux-kernel
|
||||||
|
-mailing list and if you do you know where the patch can be found.
|
||||||
|
-There home site of this patch is <url
|
||||||
|
-url="http://www.uio.no/~trondmy/src/">, in case you want to try to
|
||||||
|
-apply it to a stock 2.2 kernel. This patch will probably not be in
|
||||||
|
-Linux 2.4 either, because it requires too many changes in the kernel
|
||||||
|
-to be accepted in the current development cycle. Wait for Linux 2.5.
|
||||||
|
-
|
||||||
|
-<p><tt/trondmy/ also has patches to make Linux use NFS version 3, this
|
||||||
|
-will also enable you to use tcp as transport mechanism instead of UDP.
|
||||||
|
-NFSv3 is is very good for long-haul networks and other networks where
|
||||||
|
-the packet loss is non-zero or the latencies are high.
|
||||||
|
-
|
||||||
|
-<p>The reason you should read the linux-kernel mailing list to use
|
||||||
|
-these patches is that sometimes there are bad bugs discovered in them.
|
||||||
|
-Bugs that eat your files. So please <bf/beware/.
|
||||||
|
-
|
||||||
|
-<sect1>The server
|
||||||
|
-
|
||||||
|
-<p>The nfs server demon under Linux 2.2 and later is called
|
||||||
|
-"<tt/knfsd/". It is tricky to set it up. You have to figure this out
|
||||||
|
-all by yourself, or stick to what SuSE, Red Hat and others are
|
||||||
|
-releasing in the way of 2.2 kernel packages. Sorry. You can still use
|
||||||
|
-the old nfsd under Linux 2.2 though. It's slow but easy to set up.
|
||||||
|
-
|
||||||
|
-<sect>NFS server on a floppy
|
||||||
|
-
|
||||||
|
-<p>This section was written by Ron Peters, <htmlurl
|
||||||
|
-url="mailto:rpeters@hevanet.com" name="rpeters@hevanet.com"> It
|
||||||
|
-explains how to set up an NFS server when booting up from floppy. It
|
||||||
|
-was originally devised to be able to NFS share a cdrom from another
|
||||||
|
-non-Linux/UNIX machine to install Linux on a machine that does not
|
||||||
|
-have a cdrom.
|
||||||
|
-
|
||||||
|
-<!-- S e c t i o n - - - - - - - - - - - - - - - B r e a k e r -->
|
||||||
|
-<sect1> Introduction
|
||||||
|
-<p>
|
||||||
|
-This document is being created for those who will run into the same problem
|
||||||
|
-I had recently. I was building a Linux server on a machine that didn't have
|
||||||
|
-a cdrom and has no facility for adding one except for possibly an external
|
||||||
|
-SCSI or the like. Now that it is getting less and less likely that you will
|
||||||
|
-be installing on a machine like that, this document may not be that
|
||||||
|
-valuable. However, I would have appreciated it when I was trying to build
|
||||||
|
-my machine.
|
||||||
|
-<p>
|
||||||
|
-Since my machine didn't have a cdrom drive, I thought I would go find an NFS
|
||||||
|
-server for Win95 and share the cdrom for long enough to install the box and
|
||||||
|
-get it on my network. Of the two products I found, (I'm not mentioning names
|
||||||
|
-but one was freeware and the other was a 14 day limited license), one didn't
|
||||||
|
-work out of the box, and the other couldn't handle the Linux naming
|
||||||
|
-convention well enough to complete the install.
|
||||||
|
-<p>
|
||||||
|
-I then settled on trying to boot my Win95 machine with the boot/root set of
|
||||||
|
-disks and then use a suplimentary floppy to set up the NFS server.
|
||||||
|
-<p>
|
||||||
|
-This was remarkably simple, and the procedure is probably easier than reading
|
||||||
|
-this introduction but I believe that putting the whole procedure in one
|
||||||
|
-place will be value added.
|
||||||
|
-<p>
|
||||||
|
-
|
||||||
|
-<!-- S e c t i o n - - - - - - - - - - - - - - - B r e a k e r -->
|
||||||
|
-<sect1>Expectations
|
||||||
|
-<p>
|
||||||
|
-This document was derived using the boot/root disks from one of the current
|
||||||
|
-InfoMagic developer distributions of Slackware. I used kernel version
|
||||||
|
-2.0.34 for the boot/root disks, but the NFS server programs were taken from
|
||||||
|
-a 2.0.30 server. I have always used the Slakware installation method, not
|
||||||
|
-because it is any easier or better or worse, just that I am comfortable with
|
||||||
|
-it and I haven't taken the time to try another method.
|
||||||
|
-<p>
|
||||||
|
-I don't believe that there will be many problems using this document in
|
||||||
|
-relation to OS version. I would recommend using something relatively
|
||||||
|
-current. Since it is likely that this will be used for installation, a
|
||||||
|
-current boot/root set will likely be used.
|
||||||
|
-<p>
|
||||||
|
-Your mileage may vary.
|
||||||
|
-<p>
|
||||||
|
-
|
||||||
|
-<!-- S e c t i o n - - - - - - - - - - - - - - - B r e a k e r -->
|
||||||
|
-<sect1>Requirements
|
||||||
|
-<p>
|
||||||
|
-<itemize>
|
||||||
|
-<item>Network capable system and boot disk. The system that is to be the
|
||||||
|
-NFS server must have a network card and it must be recognized by the during
|
||||||
|
-the boot process. More information on this can be found in the Networking
|
||||||
|
-HOWTO.
|
||||||
|
-<item>Secondary floppy that contains rpc.portmap, rpc.mountd and rpc.nfsd.
|
||||||
|
-These files should be easily found from an ftpsearch off the web.
|
||||||
|
-<item>Slackware (or other) source media (assumed to be cd).
|
||||||
|
-</itemize>
|
||||||
|
-
|
||||||
|
-<!-- S e c t i o n - - - - - - - - - - - - - - - B r e a k e r -->
|
||||||
|
-<sect1> Server Setup
|
||||||
|
-<p>
|
||||||
|
-<sect2> Boot the temporary NFS server
|
||||||
|
-<p>
|
||||||
|
-Boot the NFS server system from boot floppy and make sure the network card
|
||||||
|
-is recognized. It is also necessary that the CDROM be recognized. I will
|
||||||
|
-use eth0 as the example network card.
|
||||||
|
-<p>
|
||||||
|
-<sect2> Mount the floppy and cdrom
|
||||||
|
-<p>
|
||||||
|
-Once the system is booted up, the boot/root floppies are not needed. The
|
||||||
|
-system is fully contained in RAM.
|
||||||
|
-<p>
|
||||||
|
-Replace the root floppy with the suplimentary disk. Mount the floppy:
|
||||||
|
-<p>
|
||||||
|
-<tt>mount /dev/fd0 /floppy</tt>
|
||||||
|
-<p>
|
||||||
|
-This assumes that the floppy is an ext2 file system type. I imaging that
|
||||||
|
-the suplimentary disk could be a DOS floppy with the files on it, but I
|
||||||
|
-haven't tried that yet. I imagine that this would be easier that a disk
|
||||||
|
-image. In this case, it would be a <tt>mount -t msdos ...etc</tt>. This
|
||||||
|
-should probably be put in the todo section.
|
||||||
|
-<p>
|
||||||
|
-Mount the cdrom:
|
||||||
|
-<p>
|
||||||
|
-<tt>mount -t iso9660 /dev/hdc /cdrom</tt>
|
||||||
|
-<p>
|
||||||
|
-The floppy and cdrom devices are the ones I used. These may be different
|
||||||
|
-depending on application. The mount points /floppy and /cdrom exist on the
|
||||||
|
-root floppy disk image so they can be used. If they don't, create them or
|
||||||
|
-you could use any mount points you like.
|
||||||
|
-<p>
|
||||||
|
-<sect2> Set up networking on the temporary server.
|
||||||
|
-<p>
|
||||||
|
-This is where the temporary NFS server is set up to talk on the network.
|
||||||
|
-There are only a few commands to run. There are a few items of information
|
||||||
|
-that you will need before running the commands (values are examples):
|
||||||
|
-<p>
|
||||||
|
-IPADDR:172.16.5.100 #This is the address of the temporary server.
|
||||||
|
-<p>
|
||||||
|
-NETMASK:255.255.255.0 #This is the netmask.
|
||||||
|
-<p>
|
||||||
|
-BROADCAST:172.16.5.255 #The last number (255) is significant from IPADDR.
|
||||||
|
-<p>
|
||||||
|
-ETHNETWORK:172.16.5.0 #Once again, slightly different from IPADDR.
|
||||||
|
-<p>
|
||||||
|
-GATEWAY:172.16.5.251 #Only needed if you have a gateway. You will probably
|
||||||
|
-know. Most home networks won't have a gateway.
|
||||||
|
-<p>
|
||||||
|
-The commands to get on the network. Insert values from above:
|
||||||
|
-<p>
|
||||||
|
-<tt>ifconfig eth0 inet IPADDR arp netmask NETMASK broadcast BROADCAST</tt>
|
||||||
|
-<p>
|
||||||
|
-<tt>route add -net ETHNETWORK netmask NETMASK eth0</tt>
|
||||||
|
-<p>
|
||||||
|
-Only use next command if you have a gateway and need to go through it:
|
||||||
|
-<p>
|
||||||
|
-<tt>route add default gw GATEWAY netmask 0.0.0.0 eth0</tt>
|
||||||
|
-<p>
|
||||||
|
-If all goes well, you are now on the network and should be able to ping other
|
||||||
|
-nodes.
|
||||||
|
-<p>
|
||||||
|
-<sect2> Set up the NFS share.
|
||||||
|
-<p>
|
||||||
|
-Determine the directory that you want to NFS share. In the case of the my
|
||||||
|
-example, I used the /cdrom/slakware directory. Put this directory in the
|
||||||
|
-/etc/exports file:
|
||||||
|
-<p>
|
||||||
|
-<tt>echo "/cdrom/slakware" > /etc/exports</tt>
|
||||||
|
-<p>
|
||||||
|
-<sect1> Run the NFS server
|
||||||
|
-<p>
|
||||||
|
-Go to /floppy/usr/sbin and run:
|
||||||
|
-<p>
|
||||||
|
-<tt>./rpc.portmap</tt>
|
||||||
|
-<p>
|
||||||
|
-<tt>./rpc.mountd</tt>
|
||||||
|
-<p>
|
||||||
|
-<tt>./rpc.nfsd</tt>
|
||||||
|
-<p>
|
||||||
|
-<sect2> Complete, start the install.
|
||||||
|
-<p>
|
||||||
|
-This should share the "/cdrom/slakware" directory in the /etc/exports file.
|
||||||
|
-Once this is done, you can now boot up the machine to be installed from
|
||||||
|
-boot/root floppies (I used same ones that I booted NFS server with) and start
|
||||||
|
-the installation.
|
||||||
|
-<p>
|
||||||
|
-Once you are ready to choose the media source location, choose the NFS
|
||||||
|
-server option. It will ask about the ip address of the server. Give it the
|
||||||
|
-IP address that you used as IPADDR for the server. It will also ask for the
|
||||||
|
-directory to be mounted. This is the directory you put in the /etc/exports
|
||||||
|
-on the NFS server.
|
||||||
|
-<p>
|
||||||
|
-The system will then NFS mount the server. Watch for any error messages.
|
||||||
|
-All should be complete and you can continue the installation.
|
||||||
|
-<p>
|
||||||
|
-<!-- S e c t i o n - - - - - - - - - - - - - - - B r e a k e r -->
|
||||||
|
-<sect1>Troubleshooting
|
||||||
|
-<p>
|
||||||
|
-<sect2> Nothing Here Yet.
|
||||||
|
-<p>
|
||||||
|
-I don't have any troubleshooting info yet. Perhaps as people use this
|
||||||
|
-procedure, there will be more tips and hints available.
|
||||||
|
-<p>
|
||||||
|
-<!-- S e c t i o n - - - - - - - - - - - - - - - B r e a k e r -->
|
||||||
|
-<sect1>To Do
|
||||||
|
-<p>
|
||||||
|
-<sect2>DOS Disk.
|
||||||
|
-<p>
|
||||||
|
-Check out a DOS disk for the suplimentary disk.
|
||||||
|
-<p>
|
||||||
|
-<sect2> rpc commands.
|
||||||
|
-<p>
|
||||||
|
-Check out specific order of running rpc.* commands and if all or just some
|
||||||
|
-of the command needs to be run.
|
||||||
|
-<p>
|
||||||
|
-
|
||||||
|
-<!-- S e c t i o n - - - - - - - - - - - - - - - B r e a k e r -->
|
||||||
|
|
||||||
|
<sect>PC-NFS
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user