From owner-svn-doc-head@FreeBSD.ORG Thu Apr 3 19:05:06 2014 Return-Path: Delivered-To: svn-doc-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2DBA6D55; Thu, 3 Apr 2014 19:05:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 198441DE; Thu, 3 Apr 2014 19:05:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s33J56cJ035093; Thu, 3 Apr 2014 19:05:06 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s33J56cF035092; Thu, 3 Apr 2014 19:05:06 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404031905.s33J56cF035092@svn.freebsd.org> From: Dru Lavigne Date: Thu, 3 Apr 2014 19:05:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44430 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2014 19:05:06 -0000 Author: dru Date: Thu Apr 3 19:05:05 2014 New Revision: 44430 URL: http://svnweb.freebsd.org/changeset/doc/44430 Log: Editorial review of NFS chapter. Divide config section into server stuff and client stuff. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Apr 3 14:36:36 2014 (r44429) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Apr 3 19:05:05 2014 (r44430) @@ -472,25 +472,28 @@ server-program-arguments - - Network File System (NFS) + NFS &os; supports the Network File System @@ -499,8 +502,8 @@ server-program-argumentsNFS, users and programs can access files on remote systems as if they were stored locally. - The most notable benefits that - NFS provides are: + NFS has many practical uses. Some of + the more common uses include: @@ -510,13 +513,24 @@ server-program-arguments - User home directories can be stored in one location - and accessed by their owners over the network. + Several clients may need access to the + /usr/ports/distfiles directory. + Sharing that directory allows for quick access to the + source files without having to download them to each + client. + + + + On large networks, it is often more convenient to + configure a central NFS server on which + all user home directories are stored. Users can log into + a client anywhere on the network and have access to their + home directories. Administration of NFS exports is - also simplified. For example, there is only one file + simplified. For example, there is only one file system where security or backup policies must be set. @@ -525,14 +539,16 @@ server-program-argumentsRemovable media storage devices can be used by other machines on the network. This reduces the number of devices throughout the network and provides a centralized location - to manage their security. + to manage their security. It is often more convenient to + install software on multiple machines from a centralized + installation media. - NFS consists of at least two main - parts: a server and one or more clients. The client + NFS consists of + a server and one or more clients. The client remotely accesses the data that is stored on the server - machine. In order for this to function properly a few + machine. In order for this to function properly, a few processes have to be configured and running. These daemons must be running on the server: @@ -571,15 +587,14 @@ server-program-arguments nfsd The NFS daemon which services - requests from the NFS + requests from NFS clients. mountd The NFS mount daemon which - carries out the requests that &man.nfsd.8; passes on - to it. + carries out requests received from nfsd. @@ -592,120 +607,98 @@ server-program-arguments - Running &man.nfsiod.8; can improve performance on the - client, but is not required. + Running &man.nfsiod.8; on the + client can improve performance, but is not required. - Configuring <acronym>NFS</acronym> + Configuring the Server NFS configuration - Enabling the NFS server - is straightforward. The required processes - can be set to start at boot time by adding - these options to - /etc/rc.conf: - - rpcbind_enable="YES" -nfs_server_enable="YES" -mountd_flags="-r" - - mountd runs automatically - whenever the NFS server is enabled. - - To enable the client, set this option in - /etc/rc.conf: - - nfs_client_enable="YES" - - /etc/exports specifies which file - systems the NFS server will export. Each - line in /etc/exports specifies a file - system to be exported and which clients have access to that - file system, as well as any access options. There are many - such options that can be used in this file, but only a few - will be mentioned here. See &man.exports.5; for the full list - of options. + The file systems which the NFS server will + share are specified in /etc/exports. Each + line in this file specifies a file + system to be exported, which clients have access to that + file system, and any access options. When adding entries to this file, + each exported file system, its properties, and allowed + hosts must occur on a single line. If no clients are listed in the entry, + then any client on the network can mount that file + system. NFS export examples - These examples give an idea of how to export file systems. - Minor modifications may be required for the examples to work - on the reader's network. - - This example shows how to export the - /cdrom directory to - three clients called alpha, + The following /etc/exports entries + demonstrate how to export file systems. + The examples can be modified to match the file systems + and client names on the reader's network. There are many + options that can be used in this file, but only a few + will be mentioned here. See &man.exports.5; for the full list + of options. + + This example shows how to export + /cdrom to + three hosts named alpha, bravo, and charlie: /cdrom -ro alpha bravo charlie - The -ro flag makes the file systems + The -ro flag makes the file system read-only, preventing clients from making any changes to - those exported file systems. + the exported file system. This example assumes that the host + names are either in DNS or in + /etc/hosts. Refer to &man.hosts.5; if + the network does not have a DNS + server. The next example exports /home to three clients by IP address. This can be - useful for networks without DNS. - Optionally, /etc/hosts could be - configured for internal hostnames; please review &man.hosts.5; - for more information. The -alldirs flag + useful for networks without DNS or + /etc/hosts entries. + The -alldirs flag allows subdirectories to be mount points. In other words, it - will not mount the subdirectories but permit the client to - mount only the directories that are required or needed. + will not automaticaly mount the subdirectories, but will permit the client to + mount the directories that are required as needed. /home -alldirs 10.0.0.2 10.0.0.3 10.0.0.4 - This next line exports /a so that two - clients from different domains may access the file system. - The flag allows the - root user on the + This next example exports /a so that two + clients from different domains may access that file system. + The allows + root on the remote system to write data on the exported file system as - root. If the - -maproot=root flag is not specified, the + root. If + -maproot=root is not specified, the client's root user will be mapped to the server's nobody account and will be - subject to the access limitations defined for user, + subject to the access limitations defined for nobody. /a -maproot=root host.example.com box.example.org - For a client to have access to an exported file system, - the client must be listed in - /etc/exports. - - In /etc/exports, each line defines - the export information for one file system to one or more - clients. A remote host can only be specified once per file - system. For example, assume that - /usr is a single file system. This - entry, in /etc/exports, would be - invalid: + A client can only be specified once per file + system. For example, if + /usr is a single file system, these + entries would be + invalid as both entries + specify the same host: # Invalid when /usr is one file system /usr/src client /usr/ports client - The /usr file system has two lines - specifying exports to the same host, - client. The correct format for this - situation is: + The correct format for this + situation is to use one entry: /usr/src /usr/ports client - The exported file system, its properties, and allowed - hosts must occur on a single line. If no clients are listed, - then any client on the network may mount the exported file - system. - The following is an example of a valid export list, where /usr and /exports are local file systems: @@ -719,35 +712,50 @@ mountd_flags="-r" /exports -alldirs -maproot=root client01 client02 /exports/obj -ro - The mountd daemon reads - /etc/exports when started. To make - NFS server changes take effect immediately, - force mountd to reread - /etc/exports: + To enable the processes required by the NFS server + at boot time, add + these options to + /etc/rc.conf: + + rpcbind_enable="YES" +nfs_server_enable="YES" +mountd_flags="-r" + + The server can be started now by + running this command: + + &prompt.root; service nfsd start + + Whenever the NFS server is started, + mountd also starts automatically. + However, mountd only reads + /etc/exports when it is started. To make subsequent + /etc/exports edits take effect immediately, + force mountd to reread it: &prompt.root; service mountd reload + - Please refer to for - more information about using rc scripts. + + Configuring the Client - On a new server being configured with - NFS services, the server can be started by - running this command as root: + To enable NFS clients, set this option in each client's + /etc/rc.conf: - &prompt.root; service nfsd start + nfs_client_enable="YES" - On the NFS client: + Then, run this command on each NFS + client: - &prompt.root; service nfsclient restart + &prompt.root; service nfsclient start The client now has everything it needs to mount a remote file system. In these examples, the server's name is server and the client's name is - client. For testing or to - temporarily mount a remote file system, execute - mount as root on + client. To + mount the /home file system on + server to the + /mnt mount point on client: @@ -756,12 +764,9 @@ mountd_flags="-r" &prompt.root; mount server:/home /mnt - This mounts the server: - /home file system to the - client: - /mnt mount point. The files and - directories in the server - /home file system will now be available + The files and + directories in + /home will now be available on client, in the /mnt directory. @@ -777,117 +782,75 @@ mountd_flags="-r" Locking - Some applications (e.g., mutt) - require file locking to operate correctly. In the case of - NFS, rpc.lockd - can be used for file locking. To enable it, add this line to - /etc/rc.conf on both client and + Some applications + require file locking to operate correctly. To enable locking, add these lines to + /etc/rc.conf on both the client and server: rpc_lockd_enable="YES" rpc_statd_enable="YES" - Please note that this assumes that both - NFS client and server are already - configured. - - Start the application, as root, with: + Then start the applications: &prompt.root; service lockd start &prompt.root; service statd start If locking is not required on the server, the NFS client can be configured to lock - locally by passing to &man.mount.nfs.8;. + locally by including when running mount. Refer to &man.mount.nfs.8; for further details. - - Practical Uses - - NFS has many practical uses. Some of - the more common uses: - - - NFS - uses - - - - Share a CD-ROM or other media with - any number of clients. It is often more convenient to - install software on multiple machines from a single - location. - - - - On large networks, it is often more convenient to - configure a central NFS server on which - all user home directories are stored. Users can log into - a client anywhere on the network and have access to their - home directories. - - - - Several clients may need access to the - /usr/ports/distfiles directory. - Sharing that directory allows for quick access to the - source files without having to download them to each - client. - - - - - - Automatic Mounts with - <application>amd</application> + amd automatic mounter daemon - &man.amd.8; (the automatic mounter daemon) automatically + The automatic mounter daemon, + amd, automatically mounts a remote file system whenever a file or directory - within that file system is accessed. Filesystems that are - inactive for a period of time will also be automatically - unmounted by amd. - amd provides an alternative to - modifying /etc/fstab to list every - client. + within that file system is accessed. File systems that are + inactive for a period of time will be automatically + unmounted by amd. + - amd operates by attaching - itself as an NFS server to the + This daemon provides an alternative to + modifying /etc/fstab to list every + client. It operates by attaching + itself as an NFS server to the /host and /net directories. When a file is accessed within one of these directories, amd looks up the corresponding remote mount and automatically mounts it. /net is used to mount an exported file - system from an IP address, while + system from an IP address while /host is used to mount an export from a - remote hostname. - - For instance, an attempt to access a file within + remote hostname. For instance, an attempt to access a file within /host/foobar/usr would tell amd to mount the /usr export on the host @@ -897,7 +860,7 @@ rpc_statd_enable="YES" Mounting an Export with <application>amd</application> - showmount -e shows the exported file + In this example, showmount -e shows the exported file systems that can be mounted from the NFS server, foobar: @@ -917,14 +880,15 @@ Exports list on foobar: amd automatically mounts the desired export. - amd is enabled by placing - this line in /etc/rc.conf: + To enable amd at boot time, add + this line to /etc/rc.conf: amd_enable="YES" - It can then be started using the &os; &man.rc.8; scripts - or by using the &man.service.8; command. + To start amd now: + &prompt.root; service amd start + Custom flags can be passed to amd from the amd_flags environment variable. By @@ -932,10 +896,11 @@ Exports list on foobar: amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map" - /etc/amd.map defines the default - options with which exports are mounted. - /etc/amd.conf defines some of the more - advanced features of amd. + The default options with which exports are mounted are + defined in /etc/amd.map. + Some of the more + advanced features of amd are + defined in /etc/amd.conf. Consult &man.amd.8; and &man.amd.conf.5; for more information.