Network File System (NFS)

Reorganized and enhanced by Tom Rhodes.

Written by Bill Swingle.

FreeBSD supports the Network File System (NFS), which allows a server to
share directories and files with clients over a network. With NFS, users and
programs can access files on remote systems as if they were stored locally.
NFS has many practical uses. Some of the more common uses include:

Data that would otherwise be duplicated on each client can be kept in a

single location and accessed by clients on the network.

Several clients may need access to the /usr/ports/distfiles directory.

Sharing that directory allows for quick access to the source files without
having to download them to each client.

On large networks, it is often more convenient to configure a

central NFS server on which all user home directories are stored. Users can
log into a client anywhere on the network and have access to their home
directories.

Administration of NFS exports is simplified. For example, there is only

one file system where security or backup policies must be set.

Removable media storage devices can be used by other machines on

the network. This reduces the number of devices throughout the network
and provides a centralized location to manage their security. It is often more
convenient to install software on multiple machines from a centralized
installation media.

NFS consists of a server and one or more clients. The client remotely
accesses the data that is stored on the server machine. In order for this to
function properly, a few processes have to be configured and running.
These daemons must be running on the server:
Daemon
nfsd
mountd
rpcbind

Description
The NFS daemon which services requests from NFS clients.
The NFS mount daemon which carries out requests received from nfsd.
This daemon allows NFS clients to discover which port the NFS server is using.

Running nfsiod(8) on the client can improve performance, but is not required.
28.3.1. Configuring the Server
The file systems which the NFS server will share are specified in /etc/exports.
Each line in this file specifies a file system to be exported, which clients have
access to that file system, and any access options. When adding entries to
this file, each exported file system, its properties, and allowed hosts must
occur on a single line. If no clients are listed in the entry, then any client on the
network can mount that file system.
The following /etc/exports entries demonstrate how to export file systems. The
examples can be modified to match the file systems and client names on the
reader's network. There are many options that can be used in this file, but only
a few will be mentioned here. See exports(5) for the full list of options.
This example shows how to export /cdrom to three hosts named alpha, bravo,
and charlie:
/cdrom -ro alpha bravo charlie

The -ro flag makes the file system read-only, preventing clients from making
any changes to the exported file system. This example assumes that the host
names are either in DNS or in /etc/hosts. Refer to hosts(5) if the network does
not have a DNS server.
The next example exports /home to three clients by IP address. This can be
useful for networks without DNS or /etc/hosts entries. The -alldirs flag allows
subdirectories to be mount points. In other words, it will not automatically
mount the subdirectories, but will permit the client to mount the directories that
are required as needed.
/usr/home

-alldirs

10.0.0.2 10.0.0.3 10.0.0.4

This next example exports /a so that two clients from different domains may
access that file system. The -maproot=root allows root on the remote system to
write data on the exported file system as root. If -maproot=root is not specified,
the client's root user will be mapped to the server's nobody account and will be
subject to the access limitations defined for nobody.

/a

-maproot=root

host.example.com box.example.org

A client can only be specified once per file system. For example, if /usr is a
single file system, these entries would be invalid as both entries specify the
same host:
# Invalid when /usr is one file system
/usr/src

client

/usr/ports client

The correct format for this situation is to use one entry:

/usr/src /usr/ports

client

The following is an example of a valid export list, where

local file systems:

/usr

and /exports are

# Export src and ports to client01 and client02, but only

# client01 has root privileges on it
/usr/src /usr/ports -maproot=root
/usr/src /usr/ports

client01
client02

# The client machines have root and can mount anywhere

# on /exports. Anyone in the world can mount /exports/obj read-only
/exports -alldirs -maproot=root

client01 client02

/exports/obj -ro

To enable the processes required by the NFS server at boot time, add these
options to /etc/rc.conf:
rpcbind_enable="YES"
nfs_server_enable="YES"
mountd_flags="-r"

The server can be started now by running this command:

# service nfsd start

Whenever the NFS server is started, mountd also starts automatically.

However, mountd only reads /etc/exports when it is started. To make
subsequent/etc/exports edits take effect immediately, force mountd to reread
it:
# service mountd reload

28.3.2. Configuring the Client

To enable NFS clients, set this option in each client's /etc/rc.conf:
nfs_client_enable="YES"

Then, run this command on each NFS client:

# service nfsclient start

The client now has everything it needs to mount a remote file system. In these
examples, the server's name is server and the client's name is client. To
mount /home on server to the /mnt mount point on client:
# mount server:/home /mnt

The files and directories in /home will now be available on client, in

the /mnt directory.
To mount a remote file system each time the client boots, add it to /etc/fstab:
server:/home

/mnt

nfs

rw

Refer to fstab(5) for a description of all available options.

A domain is defined as a logical group of network objects (computers, users, devices) that
share the same active directory database