Top

A Linux User Reference

Search tips
  • search ignores words that are less than 4 characters in length
  • searches are case insensitve
  • if a search does not return anything try it in Boolean mode then Query expansion mode by checking the appropriate radio button e.g. searching for 'cron' in just the Administration category returns nothing - presumably because the 50% threshold is reached. Boolean mode ignores this threshold so a search for 'cron' returns several hits
  • in Boolean mode preceding a word with a '+' means the result must include that word, a '-' means it must not
  • in Boolean mode '+crontab -anacron' means match articles about crontab that DO NOT mention anacron
  • to match a phrase e.g. 'manage system' check the Boolean mode radio button and enclose the phrase in quotes "some phrase ..."
  • in Query expansion mode the search context is expanded beyond the keywords you entered - relevancy of hits may well be degraded

NETWORK APPLICATIONS

NFS

  • Network File System (NFS) server
    • A host may act as both NFS client and server.
    • A server makes one or more filesystems available for remote mounting.
    • A client mounts one or more remote filesystems.

    When an NFS client mounts an NFS filesystem, it contacts the following server daemons, most of which must run standalone (as opposed to being started from 'inetd' or 'xinetd').

    Daemon Description
    portmap RPC service directory, sometimes named portmapper or rpc.bind
    rpc.mountd Checks mount requests and hands out access handles, sometimes called mounted
    rpc.nfsd Handles file serving, sometimes called nfsd

    Three optional helper programs are also available:

    Helper Description
    rpc.lockd Provide global locking
    rpc.statd Accelerate the lstat family of syscalls (used by ls -l, etc.)
    rpc.quotad Provide support for quotas
    TCP, UDP server port usage

    Ports 1-1023 are reserved for use by processes running as root. This ensures that root is the user that has initiated/enabled/configured a remote NFS mount.

    The NFS server normally requires remote clients to use secure ports when mounting NFS. This is not honoured by some OSes, e.g. windows.

    The insecure mount option allows the NFS client to use any TCP/UDP port - usually required when serving Windows clients.

    NFS can be configured to use specific ports. Which files are used to achieve this are distribution specific:

    /etc/sysconfig/nfsServer       - Fedora/Red Hat
    /etc/default/nfs-common        - Debian/Ubuntu Client
    /etc/default/nfs-server        - Debian/Ubuntu Server
    

    Three main NFS server configuration files:

    File name Description
    /etc/exports What to export/share and who is allowed and how to access
    /etc/hosts.allow nfs uses tcp wrappers - who can access the service
    /etc/hosts.deny nfs uses tcp wrappers - who cannot access the service

    Neither 'nfsd' nor 'portmap' normally require any configuration beyond '/etc/hosts.allow'.

  • NFS exports, shares
    /etc/exports
    • Configuration file for 'mountd' (indirectly - under Linux, /etc/exports is not directly parsed by 'mountd').
    • Controls which filesystems can be mounted by which clients,
    • NFS clients may be specified in a number of ways:
    • After any changes to /etc/exports, NFS daemons need to be re-started.

    Example entries - /etc/exports

    # Format: 
    # <export> <options list> <client list>
    #
    # <options list>   is comma separated
    # <client list>    is space separated
    
    # UID squashing turned off for trusty
    /               master(rw) trusty(rw,no_root_squash)
    
    # Any host name starting with proj in the local.domain 
    # has read/write access to /projects
    /projects       proj*.local.domain(rw)
    
    # All users in local.domain and members of of NIS net
    # group allowed default access to /usr
    /usr            *.local.domain(ro) @trusted(rw)
    
    # Anyone from host pc001 can have read/write to /home/joe
    # all requests run under uid=150, gid=100
    /home/joe       pc001(rw,all_squash,anonuid=150,anongid=100)
    
    # Everyone in the world, all requests run under the 
    # nobody account
    /pub            (ro,insecure,all_squash)
    
    # Host server and netgroup trusted have read/write, netgroup
    # external members have read only access
    srv/www       -sync,rw server @trusted @external(ro)
    

    Export options within () and following a host part are specific to the host.

    Export options preceding host part(s) are generic for the export and can be overridden using host part (option, ...).

    /etc/exports NFS client specification

    single host          Specify a host either by an alias, the fully qualified domain name,
                         or an IP address.
    netgroups            NIS netgroups may be given as @group. Only the host part of each 
                         netgroup members is consider in checking for membership.  Empty host
                         parts or those containing a single dash (-) are ignored.
    wildcards            Machine names may contain the wildcard characters * and ?.  
                         e.g. *.cs.foo.edu matches all hosts in the domain cs.foo.edu and all
                         hosts within any subdomain of cs.foo.edu.
    IP networks          All hosts on an IP (sub-)network by an IP address//netmask 
                         e.g. 1.2.3.4/255.255.252.0 or 1.2.3.4/22
    

    Some /etc/exports export options

    secure               Requests must originate on an Internet port less than 
                         IPPORT_RESERVED (1024). Default is on.
    insecure             Switches secure off.
    rw                   Allow both read and write requests . The default is to disallow any
                         request which changes the fs.
    ro                   Read only.
    async                Violate the NFS protocol and reply to requests before any changes made
                         by that request have been committed to stable storage(improves 
                         performance but can loose data if a system crash).
    sync                 Reply to requests only after the changes have been committed to 
                         stable storage.
    intr                 Allow signals to interrupt NFS call.  Allows abort when server does 
                         not respond.
    timeo=<int>          Time value (1/10 sec.).  Amount of time client will wait for a 
                         response. Default = 7.
    hard                 Mark volume as hard mounted. Default.
    soft                 Mark volume as soft mounted.
    no_wdelay            No effect if async is also set.  NFS server normally delays committing
                         a write request if it suspects more are on the way. Can improve 
                         performance if many related requests/heavy use, the opposite if small
                         unrelated requests.
    wdelay               With write delay. Default.
    

    /etc/exports root squashing options

    'root' (uid 0) on the client is treated as nobody (uid 65534) on the server.

    no_root_squash       Disables root squashing thereby allowing the root user on trusty 
                         full access to '/'.
    all_squash           Map all uids and gids to the anonymous user. Useful for 
                         NFS-exported public FTP directories, news spool directories, etc..
    no_all_squash        The default setting, the opposite option to all_squash.
    anonuid, anongid     Explicitly set the uid and gid of the anonymous account.
    
  • Manage NFS exported file systems
    /usr/sbin/exportfs

    Parses /etc/exports and writes the result to /var/lib/nfs/xtab which 'mountd' reads.

    exportfs [options] [-o export-options] [client:/path]
    
    Options:
     -a                     Export or unexport all directories.
     -o export-options      List of export options
     -i                     Ignore /etc/exports file, uses default options and 
                            options given on the cmd line
     -r                     Reexport all directories. 
                            It synchronizes /var/lib/nfs/xtab with /etc/exports.
                            It removes entries in /var/lib/nfs/xtab which are 
                            deleted from /etc/exports and removes any entries from
                            the kernel export table which are no longer valid.
     -u                     Unexport one or more directories.
     -v                     Be verbose
    

    Export all file systems listed in /etc/exports

    # exportfs -a   
    

    Re-export directories

    # exportfs -rv
    

    Especially necessary after any changes to /etc/exports.

  • Stop, start NFS daemons

    Various ways, distribution specific.

    # /etc/init.d/portmap      [start | stop | restart | probe | reload | condrestart]
    # /etc/rc.d/init.d/rpcbind [start | stop | restart | probe | reload | condrestart]
                               (or)
    # /etc/init.d/nfs-common   [start | stop | restart | condrestart]
    
  • NFS mount types
    soft, hard

    The mount type, soft or hard, determines the recovery behaviour of the NFS client after an NFS request times out.

    soft

    If the NFS client fails an NFS request (after retrans retransmissions have been sent), the NFS client returns an error to the calling application.

    hard

    NFS requests are retried indefinitely.

    • Mounting can be done either via /etc/fstab or the command line using the 'mount' command.
    • Normally only the superuser can 'mount' filesystems, when a line in /etc/fstab contains the user option any user can mount the filesystem it relates to.

    Sample nfs mount entry - /etc/fstab

    # Format:  
    # server:<path> <mount-point> <fstype> <option list>
    
    nfssvr:/a_share  /a_share   nfs   timeo=10,intr, soft   0 0
    
  • Mount a NFS
    /bin/mount
    mount -a [-t type]
          [-o options ...]
          [-O optlist] device mount-point
    

    '-a' flag is usually given in a bootscript. It causes all file systems mentioned in '/etc/fstab' to be mounted as indicated, except for those whose line contains the 'noauto' keyword.

    Adding the '-F option' will make mount fork so that the filesystems are mounted simultaneously.

    Some mount options (used with -o <option>)

     soft                Tells the kernel to send an I/O error(EIO) to user  
                         processes in the event of network problems.
     hard                Will cause processes to hang while the NFS server
                         is unreachable. Default.
     intr                Allow hard mount to be interrupted (Ctrl-C). 
                         Default is to NOT allow.
     nolock              Disable locking on the mount.
     rsize=numread       Read num bytes at a time. 8192 recommended in most cases.
                         Default = 1024.
     wsize=numwrite      Write num bytes at a time. 8192 recommended in most cases.
                         Default = 1024.
     bg                  If a mount times out it will be put in the background
                         so as not to block the boot process. Gives command prompt
                         back to user.
    

    Mount a remote filesystem

    # mount -t nfs [-o options ...] server:/path /mount-point
    # mount -t nfs -o nolock nfs.server.com:/path/on/server /path/on/client
    
  • Display NFS related statistics
    nfsstat

    Displays a time series of NFS-related statistics (client and/or server).

    nfsstat [options]
    
    Options:
     -c                  Client side stats only
     -s                  Server side stats only
     -n                  NFS stats only, NOT RPC
     -r                  RPC stats only, NOT nfs
    

    Display server side RPC stats

    # nfsstat -rs
    Server rpc stats:
    calls      badcalls   badauth    badclnt    xdrcall
    28         0          0          0          0
    

    Display all server side stats

    # nfsstat
    Server rpc stats:
    calls      badcalls   badauth    badclnt    xdrcall
    28         0          0          0          0
    Server nfs v3:
    null         getattr      setattr      lookup       access       readlink
    9        32% 9        32% 0         0% 1         3% 3        10% 0         0%
    .....
    
  • Show clients that have mounted filesystems
    showmount
    • Queries 'mountd' and shows which clients are currently mounting filesystems.
    • As NFS is a stateless protocol and the 'mountd' daemon is queried infrequently, the output of 'showmount' can become inaccurate.
    showmount [options] [host]
    
    Some options:
     -a | --all                  List client hostname:mounted directory
     -d | --directories          List only directories mounted by a client
     -e | --exports              Show NFS server exports list
     --no-headers                Suppress descriptive headers from output
    

    Show all current mounts

    # showmount -a
    All mount points on f64local:
    192.168.0.0/29:/share
    192.168.0.0/29:/share/common
    192.168.0.1:/share
    192.168.0.1:/share/common
    

    Show nfs export list

    # showmount -e
    Export list for f64local:
    /share 192.168.0.1
    

    File systems that can be mounted by a client.

    Show current directories mounted by clients

    # showmount -d
    Directories on f64local:
    /share
    /share/common
    
  • Report RPC information
    /usr/bin/rpcinfo

    RPC - Remote Procedure Call. Defaults to localhost if no host supplied.

    rpcinfo [options]
    
    Options:
     -p [host]                                    Probe portmapper on host, list registered RPC programs
     -n [port] [-t|-u] [host] program [version]   Use port for program instead of portmapper assigned port
     -t [host] program [version]                  Make call using TCP, like an RPC ping
     -u [host] program [version]                  Make call using UDP, like an RPC ping
     -m [host]                                    Display rpcbind statistics
     -s [host]                                    Display a concise list of all registered RPC programs on host
     -b program version                           Broadcast to find which server(s) offer this service/program
     -d program version                           Delete RPC registration of this program/service
    

    Display all registered RPC programs

    # rpcinfo -s
       program version(s) netid(s)             service     owner
        100000  2,3,4     local,udp,tcp        portmapper  superuser
        100024  1         tcp,udp              status      unknown
        100011  2,1       tcp,udp              rquotad     unknown
        100021  4,3,1     tcp,udp              nlockmgr    unknown
        100003  4,3,2     tcp,udp              nfs         unknown
        100005  3,2,1     tcp,udp              mountd      unknown
    

    Probe portmapper on this host

    # rpcinfo -p
       program vers proto   port  service
        100000    4   tcp    111  portmapper
        100024    1   udp    662  status
        100011    2   tcp    875  rquotad
        100021    1   udp  32769  nlockmgr
        100003    2   udp   2049  nfs
        100005    3   tcp    892  mountd
        .....
    

    UDP ping f64local's nfs daemon

    # rpcinfo -u f64local nfs
    program 100003 version 2 ready waiting
    program 100003 version 3 ready waiting
    program 100003 version 4 ready waiting
    

    Determine which servers provide a nfs version 4 service

    # rpcinfo -b nfs 4
    192.168.0.2.8.1       f64local
    192.168.0.2.8.1       f64local
    192.168.0.2.8.1       f64local