NFS HOWTO Nicolai Langfeldt janl@linpro.no v1.0, 1 Oktwbrioy 1999 Pws na sthnoyme NFS servers kai clients. ______________________________________________________________________ Table of Contents 1. Prolegomena 1.1 Nomika 8emata 1.2 Apokhryjh 1.3 Anadrash 1.4 Alla 8emata 1.5 Afierwsh 2. README.first 3. Sthnontas enan NFS server 3.1 Proapaitoumena 3.2 Prwto bhma 3.3 O portmapper 3.4 Oi mountd kai nfsd 4. Ry8mizontas ton NFS client 4.1 Epiloges sto mount 4.2 Beltistopoiwntas to NFS 5. To NFS mesw argwn grammwn 6. Asfaleia kai NFS 6.1 H asfaleia toy client 6.2 H asfaleia toy server : O nfsd 6.3 H asfaleia toy server : O portmapper 6.4 To NFS kai ta firewalls 6.5 Perilhch 7. H lista pi8anwn problhmatwn sto mounting toy NFS 8. FAQs 9. Kanontas export se filesystems 9.1 IRIX, HP-UX, Digital-UNIX, Ultrix, SunOS 4 (Solaris 1), AIX 9.2 Solaris 2 10. To NFS sto Linux 2.2 10.1 O client 10.2 O server 11. NFS server se mia disketa 11.1 Eisagwgh 11.2 Prosdokies 11.3 Apaithseis 11.4 Sthsimo toy server 11.4.1 Ekkinhsh toy proswrinou NFS server 11.4.2 Kanoyme mount sth disketa kai sto cd-rom 11.4.3 Sthnoyme th diktuwsh ston proswrino server 11.4.4 Ry8mizoyme thn koinh xrhsh toy NFS 11.5 Trexoyme ton NFS server 11.5.1 Entajei, jekiname thn egkatastash 11.6 Epilysh problhmatwn 11.6.1 Tipote edw akomh 11.7 Pros energeia 11.7.1 Disketa DOS 11.7.2 Entoles rpc 12. PC-NFS ______________________________________________________________________ 1. Prolegomena 1.1. Nomika 8emata (C)opyright 1997-1999 Nicolai Langfeldt kai Ron Peters. Mhn tropopoieite to copyright. Dianeimete eleu8era to keimeno, alla diathrhste aythn edw thn paragrafo. H enothta me tis FAQ (syxnes erwthseis) basizetai se NFS FAQs, poy sygkentrwse o Alan Cox. H enothta me th lista elegxoy basizetai se mia lista problhmatwn sto mount, poy epimelh8hke h IBM Corporation. H enothta nfs-server-on-a- floppy grafhke apo ton by Ron Peters. 1.2. Apokhryjh Oute oi Nicolai Langfeldt kai Ron Peters, oute oi ergodotes toys, h opoiosdhpote allos, mporoun n' analaboyn opoiadhpote ey8unh gia to ti 8a mporouse na symbei, ean akoloy8hsete tis odhgies aytou toy keimenoy. Ean se opoiadhpote periptwsh protimhsete n' akoloy8hsete tis odhgies, kalh tuxh! 1.3. Anadrash Epeidh ayto pote den 8a einai ena oristiko keimeno, parakalw steilte moy e-mail sxetika me ta problhmata sas kai tis epityxeis luseis sas, dioti mporoun na kanoyn ayto to keimeno ena kalutero HOWTO. Parakalw, steilte xrhmata, sxolia, kai/h erwthseis sto janl@math.uio.no, h to rpeters@hevanet.com , sxetika me ton NFS server epanw se mia disketa. An steilete e-mail kai epi8ymeite apanthsh, parakalw deijte eygenika katanohsh sto oti h dieu8ynsh sas prepei na einai swsth kai na doyleuei. Den exete idea poses apanthseis mas epistrafhkan apo ton e- mail server. 1.4. Alla 8emata An 8elete na metafrasete ayto to HOWTO, parakalw eidopoihste me, wste na krathsw shmeiwsh se poses glwsses me diabazoyn! :-) Katares kai eyxaristies ston Olaf Kirch, poy prwta m' ebale na gracw touto edw, kai meta edwse kales symboyles gia to keimeno! :-) 1.5. Afierwsh Ayto to HOWTO afierwnetai sthn Anne Line Norheim Langfeldt. An kai mallon den prokeitai na to diabasei pote, dioti den einai tetoios tupos gynaikas. - Nicolai 2. README.first To NFS, dhl. to Network File System, exei tria shmantika xarakthristika : · Ka8ista dynath thn koinh xrhsh (sharing) twn arxeiwn s' ena diktyo. · Ton perissotero xrono doyleuei arketa kala. · Anoigei mia konserba kindunwn gia thn asfaleia toy systhmatos, toys opoioys gnwrizoyn polu kala oi crackers, kai toys ekmetalleuontai eukola gia na kerdisoyn prosbash (anagnwshs, eggrafhs, sbhsimatos) se ola ta arxeia sas. 8a pw kati epanw kai sta duo 8emata, s' ayto to HOWTO. Parakalw, bebaiw8eite oti diabasate thn enothta aytou toy keimenoy poy milaei gia thn asfaleia, kai 8a eisaste trwtoi se ligoteroys anohtoys kindunoys gia thn asfaleia toy systhmatos. To keimeno gia thn asfaleia merikes fores 8a einai arketa gemato me texnikous oroys, kai 8' apaitei kapoies gnwseis gia IP's, diktuwsh, kai th sxetikh orologia. An den anagnwrizete toys oroys, eite rijte mia matia sto Networking HOWTO, h breite kapoio biblio gia administration diktuoy me TCP/IP, wste na ejoikeiw8eite me to TCP/IP. Outws h allws, ayto einai mia kalh idea, an eisaste SysAdmin se H/Y me UNIX/Linux. Ena polu kalo biblio gia to 8ema einai to TCP/IP Network Administration toy Craig Hunt, ekdosh O'Reilly & Associates, Inc. Kai afou to diabasete kai to katanohsete, h ajia sas sthn agora ergasias 8a einai ychloterh - 8a deite oti den 8a xasete! ;-) Yparxoyn duo enothtes toy keimenoy, poy 8a sas boh8hsoyn na lusete problhmata toy NFS, poy titloforountai Mount Checklist kai FAQs. Parakalw, janadiabaste ta, an kati den doyleuei opws perimenete. To site toy nfsd gia to Linux 2.0 einai to : ftp.mathematik.th- darmstadt.de:/pub/linux/okir, se periptwsh poy 8elete na to parete kai na to kanete compile eseis. Gia plhrofories sxetika me to NFS se Linux 2.2, parakaloume diabaste to : ``To NFS sto Linux 2.2''. 3. Sthnontas enan NFS server 3.1. Proapaitoumena Prin synexisete thn anagnwsh aytou edw toy HOWTO, 8a xreiastei na gnwrizete pws na kanete telnet metaju server kai client, kai pros tis duo katey8unseis. An to telnet den doyleuei, janakoitajte to Networking/NET-3 HOWTO, kai sthste th diktuwsh swsta. 3.2. Prwto bhma Prin mporesoyme na kanoyme o,tidhpote, xreiazomaste ena sthsimo gia ton NFS server. An eisaste melos enos etairikou h panepisthmiakou diktuoy, pi8anotata 8a breite kamposoys NFS servers hdh sthmenoys. An oi SysAdmins sas afhsoyn na exete prosbash s' aytous toys H/Y, h an diabazete ayto to HOWTO gia n' apokthsete prosbash s' enan tetoio H/Y, profanws den xreiazetai na diabasete ayto to kommati, kai mporeite apla na pate pio katw, sto ``Ry8mizontas ton NFS client'' . An 8elete na sthsete enan H/Y poy den basizetai sto Linux san server, prepei na diabasete ta egxeiridia toy, gia n' anakalucete pws energopoieitai to NFS serving kai to export twn filesystems mesw toy NFS. Yparxei mia xwristh enothta s' ayto edw to HowTo, gia to pws ginetai ayth h doyleia se diaforetika LS. Afou, loipon, exete jeka8arisei ola ta parapanw, mporeite na synexisete me thn anagnwsh ths epomenhs enothtas toy parontos HowTo. 'H na diabasete perissotera s' ayto to kommati, afou kapoia apo ta pragmata poy 8a pw einai sxetika me to 8ema, adiaforo ti H/Y xrhsimopoieite gia server. An biazeste, parakalw diabaste to ``To NFS sto Linux 2.2'' , prin synexisete na diabazete edw. Osoi synexizete to diabasma, 8a xreiastei na ry8misete merika programmata. 3.3. O portmapper O portmapper sto Linux onomazetai eite portmap , h rpc.portmap. H sxetikh selida ths entolhs man ston H/Y moy leei oti prokeitai gia enan "xarth 8yrwn DARPA pros ari8mous programmatwn RPC". Einai h prwth trupa asfaleias poy 8' anoijete m' ayto edw to HowTo. H perigrafh gia to pws 8a thn kleisete, brisketai sto ``Asfaleia kai NFS''. To opoio kai sas parotrunw jana na diabasete. 3ekinhste ton portmapper. Onomazetai eite portmap , h rpc.portmap , kai prepei na brisketai mesa sto directory /usr/sbin (poy se merikous H/Y legetai rpcbind). Mporeite na ton jekinhsete me to xeri twra, alla prepei na ton jekinate kai ka8e fora poy bootarete ton H/Y sas, ara prepei na ftiajete h na dior8wsete ta rc scripts. Ayta ta scripts ejhgountai leptomerestera sth selida man gia thn entolh init, kai synh8ws briskontai sta dirs /etc/rc.d, /etc/init.d , h /etc/rc.d/init.d. Ean yparxei ena script me onoma kati san inet , einai pi8anotata to script poy zhtate gia dior8wsh. Alla, osa 8a gracete h 8a kanete, briskontai ejw apo ta oria toy parontos HowTo. 3ekinhste ton portmap, kai elegjte oti doyleuei, trexontas : ps aux kai meta rpcinfo -p. Doyleuei; Kalws. A, kati akomh : H apo makria prosbash ston portmapper sas ry8mizetai apo ta periexomena twn arxeiwn /etc/hosts.allow kai /etc/hosts.deny . An apotuxei to rpcinfo -p , alla o portmapper sas trexei, parakalw ejetaste ta sygkekrimena arxeia. Des to ``Asfaleia kai NFS'' , gia leptomereies epanw s' ayta ta arxeia. 3.4. Oi mountd kai nfsd Ta epomena programmata poy prepei na baloyme na trexoyn einai oi mountd kai nfsd. Alla prwta, 8a dior8wsoyme ena allo arxeio, ayth h fora to /etc/exports . As poume oti 8elw to filesystem /mn/eris/local , to opoio yparxei epanw ston H/Y eris , na einai dia8esimo ston H/Y apollon. Tote, 8a ebaza thn ejhs grammh sto arxeio /etc/exports ths eris : ______________________________________________________________________ /mn/eris/local apollon(rw) ______________________________________________________________________ H parapanw grammh dinei ston apollon prosbash read/write sto /mn/eris/local. Anti gia rw , 8a mporouse kai na leei ro, poy shmainei "mono gia diabasma" (read only - an den gracete tipote, to default einai read only). Yparxoyn ki alles epiloges poy mporeite na dwsete, kai parakatw 8a syzhthsw merikes sxetizomenes me thn asfaleia. Pantws, oles apari8mountai sth selida man gia to exports , thn opoia prepei na diabasete toylaxiston mia fora sth zwh sas. Epishs, yparxoyn kaluteroi tropoi, apo to na gracete sto arxeio exports oloklhrh th lista twn hosts. Px mporeite na xrhsimopoihsete omades (groups) sto diktyo, an trexete to NIS (h NYS - to NIS htane gnwsto ws "Kitrines Selides", Yellow Pages, YP), kai panta na balete wildcards gia ta domains kai ta ypodiktya (subnets) twn IP's, perigrafontas toys hosts poy epitrepetai na fortwsoyn kati. Alla prepei kai na skef8eite poios einai pi8ano na apokthsei mh ejoysiodothmenh prosbash ston server, se periptwsh poy xrhsimopoieite omadikes ejoysiodothseis. Shmeiwsh : To arxeio exports den syntassetai me ton idio tropo, opws se alla *nix's. Yparxei jexwristh enothta sto paron HOWTO sxetika me ta arxeia exports twn allwn *nix's. Twra, prepei na jekinhsoyme ton mountd (poy isws legetai kai rpc.mountd), kai meta ton nfsd (isws legetai kai rpc.nfsd). Kai oi duo 8a diabasoyn to arxeio exports. An dior8wsete to /etc/exports , 8a prepei na bebaiw8eite oti oi nfsd kai mountd gnwrizoyn oti to arxeio allaje. O paradosiakos tropos einai na trejete to exportfs, omws polles dianomes toy Linux den dia8etoyn programma exportfs. An oute h dikh sas dianomh dia8etei, mporeite na egkatasthsete to ejhs script ston H/Y sas : ______________________________________________________________________ #!/bin/sh killall -HUP /usr/sbin/rpc.mountd killall -HUP /usr/sbin/rpc.nfsd echo re-exported file systems ______________________________________________________________________ Swste to px sto /usr/sbin/exportfs, kai mhn jexasete na dwsete chmod a+rx . Twra, ka8e fora poy allazete to exports arxeio sas, meta trejte to exportfs ws root. Twra, elegjte oti oi mountd kai nfsd trexoyn swsta. Prwta me to rpcinfo -p. Ayto prepei na deijei kati, opws to parakatw : ______________________________________________________________________ program vers proto port 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100005 1 udp 745 mountd 100005 1 tcp 747 mountd 100003 2 udp 2049 nfs 100003 2 tcp 2049 nfs ______________________________________________________________________ Opws blepete, o portmapper exei anaggeilei tis yphresies (services) toy, opws kai oi mountd kai nfsd. An labete mhnyma rpcinfo: can't contact portmapper: RPC: Remote system error - Connection refused, RPC_PROG_NOT_REGISTERED, h kati paromoio, tote o portmapper den trexei. 'H, exete kapoies grammes sta arxeia /etc/hosts.{allow,deny} , poy apagoreuoyn ston portmapper n' apanthsei. Parakalw diabaste to ``Asfaleia kai NFS'' gia leptomereies epanw s' ayta ta arxeia. An labete to mhnyma No remote programs registered. , tote eite o portmapper den 8elei koybenta me sas, h kapoia sundesh espase. Kante kill stoys nfsd kai mountd, ka8ws kai ston portmapper, kai janaprospa8hste ap' thn arxh. Afou elegjete to oti o portmapper anaferei tis yphresies (services) toy, mporeite na dokimasete kai me to ps. O portmapper 8a synexisei n' anaferei yphresies, akomh kai afou exoyn krasarei ta programmata poy tis epekteinoyn. Ara, enas elegxos sto ps einai kati aparaithto, an fanei oti kapoia sundesh den doyleuei. Fysika, prepei na tropopoihsete ta arxeia rc toy H/Y sas, gia na jekinhsoyn me to bootarisma oi mountd kai nfsd, ka8ws kai o portmapper. Einai polu pi8ano oti ta sxetika scripts hdh yparxoyn ston H/Y sas, apla prepei na bgalete ta sxolia apo tis shmantikes grammes, h na energopoihsete ton H/Y sta swsta epipeda init run. Oi selides man, me tis opoies prepei na eisaste ejoikeiwmenoi s' ayto to shmeio : portmap, mountd, nfsd, kai exports. Loipon, an ta kanate ola akribws opws sas ta eipa, eisaste etoimoi na jekinhsete ton NFS client. 4. Ry8mizontas ton NFS client Prwta 8a xreiasteite enan pyrhna me to NFS filesystem eite compiled mesa toy, h dia8esimo san module. Ayto kanonizetai prin kanete compile ston pyrhna. Ean pote den exete kanei compile enan pyrhna, pi8anon na xreiastei na diabasete kai na katanohsete to Kernel HOWTO. An xrhsimopoieite kapoia cool distribution (san thn RedHat) kai pote den anakateythkate me ton pyrhna, h me ta modules (kai ara den thn katastrecate ;-) ), to nfs polu pi8anon na einai aytomata dia8esimo. Mporeite twra, sto root prompt, na dwsete mia katallhlh entolh mount, kai 8a emfanistei to filesystem. Synexizontas to paradeigma ths prohgoumenhs enothtas, 8eloyme na kanoyme mount to directory /mn/eris/local apo ton H/Y eris. Ayto ginetai me thn ejhs entolh : ______________________________________________________________________ mount -o rsize=1024,wsize=1024 eris:/mn/eris/local /mnt ______________________________________________________________________ (8a epistrecoyme stis parametroys rsize kai wsize.) To filesystem einai twra dia8esimo sto dir /mnt , kai mporeite na kanete cd s' ayto, kai meta ls , kai na deite ta arxeia ena-ena. 8a parathrhsete oti to nfs den einai toso grhgoro, oso ena topiko file system, alla einai polu bolikotero apo to ftp. Ean, anti na kanete epityxes mount sto filesystem, to mount dinei ena mhnyma la8oys, san ayto : mount: eris:/mn/eris/local failed, reason given by server: Permission denied , tote h to arxeio exports exei la8h, h jexasate na trejete to exportfs afou dior8wsate to arxeio exports. An to mhnyma leei : mount clntudp_create: RPC: Program not registered , ayto shmainei oti o nfsd h o mountd den trexoyne ston server. 'H, oti exete to problhma poy anaferame parapanw, me ta arxeia hosts.{allow,deny} . Gia n' apallageite apo to filesystem, mporeite na dwsete : ______________________________________________________________________ umount /mnt ______________________________________________________________________ Gia na kanei o H/Y mount ena nfs filesystem me to bootarisma, dior8wste to /etc/fstab me ton synh8ismeno tropo. Sto paradeigma mas, apaiteitai mia grammh opws h parakatw : ______________________________________________________________________ # device mountpoint fs-type options dump fsckorder ... eris:/mn/eris/local /mnt nfs rsize=1024,wsize=1024 0 0 ... ______________________________________________________________________ Sxedon teleiwsame. Omws, 8a parakalousa na synexisete to diabasma. 4.1. Epiloges sto mount Yparxoyn merikes epiloges, poy prepei na skef8eite an 8a tis pros8esete. Aytes ry8mizoyn ton tropo, me ton opoio enas NFS client xeirizetai ena krasarisma toy server, h mia jafnikh ptwsh toy diktuoy. Ena apo ta omorfa pragmata sxetika me to NFS, einai oti mporei aneta na xeiristei tetoies katastaseis, an ry8misete swsta toys clients. Yparxoyn duo diaforetikoi tropoi xeirismou sfalmatos : soft O NFS client 8a dwsei mhnyma la8oys sth diergasia (process) poy paei na diabasei ena arxeio s' ena NFS filesystem. Merika programmata to xeirizontai ayto me cyxraimia, merika oxi. Den mporw na sas systhsw na xrhsimopoihsete th sygkekrimenh ru8mish, dioti einai syntagh gia na parete xalasmena arxeia kai xamena dedomena. Ayth th ru8mish prepei na thn apofeugete eidika se diskoys e-mail servers - ennow, an ektimate ta e-mails sas. hard To programma poy paei na diabasei ena arxeio se NFS filesystem, 8a kremasei, otan krasarei o server. H diergasia ayth den mporei na diakopei, h na ths kanete kill, ektos ki an epishs prosdiorisete to intr. Th stigmh poy o NFS server epanel8ei on- line, to programma 8a synexisei aperispasto apo ekei, opoy htan, kai pi8anotata ayto einai o,ti akribws epi8ymeite. Synistw na xrhsimopoieite hard,intr se ola ta NFS filesystems. Synexizontas me to prohgoumeno paradeigma, h nea grammh sto fstab sas einai kapws etsi : ______________________________________________________________________ # device mountpoint fs-type options dump fsckorder ... eris:/mn/eris/local /mnt nfs rsize=1024,wsize=1024,hard,intr 0 0 ... ______________________________________________________________________ 4.2. Beltistopoiwntas to NFS Synh8ws, an den ka8orizontai oi parametroi rsize kai wsize, to NFS diabazei kai grafei se kommatia twn 4096 h 8192 bytes. Merikoi syndyasmoi pyrhnwn Linux kai kartwn diktuoy den mporoun na xeiristoun toso megala kommatia, kai se kapoies periptwseis ayth mporei apla na mhn einai h beltisth ru8mish. Etsi, prepei na peiramatistoume, gia na broume ta rsize kai wsize poy doyleuoyne, kai einai ta taxutera dynata. Mporeite na dokimasete thn taxuthta twn ry8misewn sas me merikes aples entoles. Me dedomena thn parapanw entolh mount, kai to oti mporeite na gracete ston disko, mporeite na kanete to ejhs gia dokimh ths apodoshs seiriakhs eggrafhs : ______________________________________________________________________ time dd if=/dev/zero of=/mnt/testfile bs=16k count=4096 ______________________________________________________________________ Ayto paragei ena arxeio 64MB me mhdenika bytes (arketa megalo, wste to krasarisma na mh syneisferei shmantika sthn apodosh poy metrame - xrhsimopoieiste megalutero arxeio, an exete pollh mnhmh). Epanalabete mia-dyo (5-10;) fores, kai bgalte ton meso oro twn xronwn. Edw mas endiaferei perissotero o "wrologiakos" xronos poy perase. Amesws meta, mporeite na dokimasete thn apodosh anagnwshs, diabazontas to idio arxeio : ______________________________________________________________________ time dd if=/mnt/testfile of=/dev/null bs=16k ______________________________________________________________________ Epanalabete kanadyo fores, kai bgalte meso oro. Meta kante umount, kai mount jana me megalutera rsize kai wsize. Pi8anotata prepei na einai pollaplasia toy 1024 kai oxi megalutera twn 16384 bytes, afou ayto einai to megisto mege8os sth version 2 toy NFS. Amesws meta to mount me megaluteres times, kante cd sto mounted filesystem, kai kante px ls. Ejereynhste ligaki to filesystem, gia na bebaiw8eite oti ola einai opws prepei. An ta rsize/wsize einai polu megala, ta symptwmata einai polu parajena, kai oxi 100% emfanh. Ena typiko sumptwma einai oi mh plhreis listes arxeiwn otan kanoyme ls, kai taytoxrona kanena mhnyma la8oys. 'H, na apotygxanei mysthriwdws h anagnwsh arxeiwn, pali xwris mhnyma la8oys. Afou bebaiw8eite oti ta sygkekrimena rsize/wsize doyleuoyn aproblhmatista, mporeite na janakanete tis dokimes taxuthtas. Oi diaforetikes platformes server einai pi8ano na exoyn diaforetikes beltistes times. To SunOS kai to Solaris fhmizontai oti einai polu taxutera me kommatia twn 4096 bytes, para me o,tidhpote allo. Oi newteroi pyrhnes toy Linux (apo ton 1.3 kai meta) kanoyn proanagnwsh gia rsizes megalutera h isa me th "selida" mnhmhs toy H/Y. (Se CPUs ths Intel, to mege8os selidas mnhmhs einai 4096 bytes.) H proanagnwsh ayjanei shmantika thn apodosh anagnwshs toy NFS. Ara, se H/Y me CPU Intel, 8a xreiasteite - ean ayto, bebaia, einai dynaton - rsize twn 4096 bytes. 8ymh8eite na dior8wsete to /etc/fstab , wste na perasete mesa ta beltista rsize/wsize poy brhkate. Ena kolpaki gia n' ayjhsete thn apodosh eggrafhs toy NFS, einai na apenergopoihsete tis sugxrones (synchronous) eggrafes ston server. Oi prodiagrafes toy NFS lene oti oi apaithseis gia kata NFS eggrafes den 8ewrountai teleiwmenes, prin ta eggrafomena dedomena bre8oun se meso poy ta krataei diarkws (synh8ws ton disko). Ayto periorizei kapws thn apodosh eggrafhs, ara oi asugxrones (asynchronous) eggrafes 8a epitaxunoyn ligaki th diadikasia ths kata NFS eggrafhs. O nfsd toy Linux den kanei sugxrones eggrafes, epeidh den toy to epitrepei to filesystem toy Linux. Omws, se servers poy den sthrizontai sto Linux, mporeite n' ayjhsete thn apodosh m' ayton ton tropo, eisagontas sto exports arxeio sas th grammh : ______________________________________________________________________ /dir -async,access=linuxbox ______________________________________________________________________ h kapoia paromoia. Parakalw, diabaste thn tekmhriwsh (isws sth selida man;) toy H/Y sas gia to exports. Mono shmeiwste oti etsi ayjanetai kai o kindynos apwleias dedomenwn. 5. To NFS mesw argwn grammwn Oi arges grammes perilambanoyn ta modems, to ISDN, kai pi8anotata alles syndeseis makrwn apostasewn. Ayto to tmhma basizetai se gnwseis sxetika me ta xrhsimopoioumena prwtokolla, alla oxi se pragmatikes peiramatikes dokimes. Parakalw, enhmerwste me, an dokimasete ta parakatw! ;-) To prwto pragma poy prepei na 8ymaste, einai pws to NFS einai argo prwtokollo. Exei megalh eisagwgh. To na xrhsimopoieis to NFS gia na metafereis arxeia, einai sxedon sa na xrhsimopoieis to prwtokollo kermit. Einai argo. Sxedon opoiodhpote allo einai taxutero toy NFS. To FTP einai taxutero. To HTTP einai taxutero. Ta rcp kai ssh einai taxutera. Akomh apofasismenoi na dokimasete; Ok. Oi default parametroi toy NFS einai gia sxetika grhgores grammes, me mikro xrono anamonhs. An xrhsimopoihsete aytes tis default parametroys se arges grammes ychlhs anamonhs, 8a kanoyn to NFS na bgazei mhnumata la8wn sxetika me tis ergasies toy, na sas leei oti ta arxeia einai mikrotera ap' oso pragmatika einai, kai na kanei diafora alla mysthria pragmata. To prwto pragma poy prepei na kanete, einai na mhn xrhsimopoihsete thn epilogh soft mount. Ayth 8a kanei ta timeouts na epistrefoyn kwdikes la8wn sto software, pragma poy pi8anotata den 8a einai ka8oloy kalos xeirismos ths katastashs. Aytos einai wraios tropos gia na kerdisete mysthriwdh kollhmata. anti8eta, xrhsimopoieiste thn hard mount option. Otan h hard einai energopoihmenh, ta timeouts prokaloun apeires prospa8eies epanaleitoyrgias, anti na parathsoyn o,ti prospa8ouse to software na kanei. Kai pragmatika, ayto einai ayto akribws poy 8elete. To epomeno pragma poy prepei na kanete, einai na skalisete tis epiloges toy mount timeo kai retrans . Aytes perigrafontai sth man selida nfs(5), alla parte ki ena antigrafo edw : ______________________________________________________________________ timeo=n H timh se dekata toy deyteroleptoy, prin stalei h prwth epanekpomph meta apo ena RPC timeout. H default timh einai 7 dekata toy deyteroleptoy. Meta to prwto timeout, to timeout diplasiazetai diadoxika, mexris otoy ftasoyme s' ena megisto timeout twn 60 deyteroleptwn, h exoyn symbei arketes epanekpompes, wste na prokalesoyn ena meizon time- out. Tote, an to filesystem einai hard mounted, ka8e nea diadoxh timeouts janarxizei me diplasia arxikh timh ths prohgoumenhs seiras, kai jana diplasiazetai me ka8e epanekpomph. To megisto timeout einai panta 60 deyterolepta. Mporoume na epituxoyme kaluterh synolikh apodosh, ayjanontas to timeout s' ena diktyo me forto ergasias, s' enan argo server, h mesw pollwn routers h gateways. retrans=n O ari8mos twn mikrwn timeouts kai epanekpompwn poy prepei na symboun, prin emfanistei ena meizon timeout. H default timh einai 3 timeouts. Otan emfanistei ena meizon timeout, eite egkataleipetai h ergasia poy ginetai panw sto arxeio, h emfanizetai sthn konsola ena mhnyma "server not responding" (o server den apokrinetai). ______________________________________________________________________ M' alla logia : An mia apanthsh den er8ei mesa ston xrono toy timeout twn 0.7 deyteroleptwn (700ms), o NFS client 8a epanalabei thn aithsh, kai 8a diplasiasei to timeout se 1.4 deyterolepta. Ean h apanthsh den fanei mesa se 1.4 deyterolepta, h aithsh 8a epanalhf8ei, kai to timeout 8a epanadiplasiastei sta 2.8 deyterolepta. H taxuthta mias grammhs mporei na metrh8ei me ping enos paketoy me to idio mege8os me ta rsize/wsize. ______________________________________________________________________ $ ping -s 8192 lugulbanda PING lugulbanda.uio.no (129.240.222.99): 8192 data bytes 8200 bytes from 129.240.222.99: icmp_seq=0 ttl=64 time=15.2 ms 8200 bytes from 129.240.222.99: icmp_seq=1 ttl=64 time=15.9 ms 8200 bytes from 129.240.222.99: icmp_seq=2 ttl=64 time=14.9 ms 8200 bytes from 129.240.222.99: icmp_seq=3 ttl=64 time=14.9 ms 8200 bytes from 129.240.222.99: icmp_seq=4 ttl=64 time=15.0 ms --- lugulbanda.uio.no ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max = 14.9/15.1/15.9 ms ______________________________________________________________________ Edw, o xronos anaferetai sto poso ekane to paketo toy ping, gia na paei mpros-pisw sto lugulbanda. (Ta 15ms einai arketa grhgora.) Se mia grammh 28 kbps mporeite na perimenete kati san 4000-5000ms, kai an h grammh einai fortwmenh, aytos o xronos 8a einai akomh megaluteros - polu eukola ftanei sth diplasia timh. Otan aytos o xronos einai megalos, tote leme oti yparxei "ychlh anamonh". Genika, gia megalutera paketa kai gia perissotero fortwmenes grammes, h anamonh ayjanetai. Ayjhste katallhla to timeo gia th grammh kai to fortio sas. Kai, mia poy h anamonh ayjanetai, otan xrhsimopoieite th grammh kai gia alles doyleies : An pote 8elhsete na xrhsimopoihsete ta FTP kai NFS taytoxrona, prepei na dokimasete na metrhsete toys xronoys ping enw xrhsimopoieite to FTP gia metafora arxeiwn, kai n' ayjhsete to timeo wste na tairiazei me thn anamonh ths grammhs sas. 6. Asfaleia kai NFS Den eimai ka8oloy eidikos sthn asfaleia twn H/Y. Alla mporw na dwsw merikes mikres symboyles se osoys endiaferontai gia thn asfaleia. Omws, me mia epifulajh : H parakatw den einai ka8oloy mia plhrhs lista twn problhmatwn poy sxetizontai me to NFS, kai an nomizete oti eisaste asfaleis, afou diabasate kai ylopoihsate ola touta edw, exw mia gefyra na sas poylhsw. (S.t.m. : Ennoei "bridge" diktuwn.) Ayth h enothta profanws den sas endiaferei, an exete ena kleisto diktyo, opoy empisteueste oloys toys xrhstes, kai kanena mh empisto atomo den mporei na brei prosbash stoys H/Y toy diktuoy. Dhladh, den yparxei kanenas tropos na synde8oun mesw thlefwnoy sto diktyo sas, kai den yparxei sundesh me alla diktya, opoy den einai o ka8e xrhsths atomo empistosunhs, oute h asfaleia toy diktuoy. Nomizete oti eimai paranoikos; Den eimai ka8oloy. Ta parapanw einai apla oi basikes symboyles asfaleias. Kai 8ymh8eite, ta pragmata poy grafw edw einai apla h arxh twn symboylwn. Ena asfales diktyo xreiazetai enan epimelh kai eidhmona SysAdmin, poy gnwrizei pou na brei plhrofories antimetwpishs twn twrinwn kai twn pi8anwn problhmatwn. To NFS exei ena basiko problhma, dhladh o client (an den toy poume na kanei diaforetika) empisteuetai ton NFS server, kai antistrofa. Ayto mporei n' apobei kako : Shmainei pws, an o root account toy server hackeytei, einai arketa eukolo na hackeytei kai o root account toy client, kai antistrofa. Yparxoyn kanadyo tropoi antimetwpishs, stoys opoioys 8a epanel8oyme. Kati poy prepei na diabasete, einai ta symboyleytika keimena toy CERT (s.t.m. : site gia thn asfaleia sto Internet, www.cert.org) gia to NFS. To megalutero kommati toy keimenoy parakatw, asxoleitai me 8emata, gia ta opoia to CERT exei gracei symboyles. Des to ftp.cert.org:/01-README gia mia enhmerwmenh lista twn symboylwn toy CERT. Edw sas dinw merikes tetoies symboyles, sxetikes me to NFS : ______________________________________________________________________ CA-91:21.SunOS.NFS.Jumbo.and.fsirand 12/06/91 Vulnerabilities concerning Sun Microsystems, Inc. (Sun) Network File System (NFS) and the fsirand program. These vulnerabilities affect SunOS versions 4.1.1, 4.1, and 4.0.3 on all architectures. Patches are available for SunOS 4.1.1. An initial patch for SunOS 4.1 NFS is also available. Sun will be providing complete patches for SunOS 4.1 and SunOS 4.0.3 at a later date. CA-94:15.NFS.Vulnerabilities 12/19/94 This advisory describes security measures to guard against several vulnerabilities in the Network File System (NFS). The advisory was prompted by an increase in root compromises by intruders using tools to exploit the vulnerabilities. CA-96.08.pcnfsd 04/18/96 This advisory describes a vulnerability in the pcnfsd program (also known as rpc.pcnfsd). A patch is included. ______________________________________________________________________ 6.1. H asfaleia toy client Gia ton client, mporoume n' apofasisoyme me kanadyo tropoys (kai me tis antistoixes epiloges sto mount) oti den empisteyomaste kai polu ton server. Px, mporoume n' apagoreusoyme se programmata suid na doyleuoyn ektos NFS filesystem, me thn epilogh nosuid. (Ayth einai mia kalh idea, kai 8a' prepe na kanete to idio me oloys toys diskoys epanw sto NFS.) Shmainei pws o root user toy server den mporei na trejei ena suid-root programma epanw sto filesystem, na kanei login ston client ws kanonikos xrhsths, kai meta na xrhsimopoihsei to suid-root programma ayto, gia na ginei kai root ston client. 8a mporousame epishs na apagoreusoyme teleiws to trejimo arxeiwn epanw sto mounted filesystem, me thn epilogh noexec. Alla ayto mallon den einai praktiko, epeidh ena filesystem pi8anotata periexei toylaxiston merika scripts h programmata, poy prepei na trejoyn. Aytes tis epiloges tis bazoyme stis sthles epilogwn twn rsize kai wsize, kai tis xwrizoyme me komma. 6.2. H asfaleia toy server : O nfsd Ston server, mporoume n' apofasisoyme oti den empisteyomaste ton root account toy client. Synepws, mporoume na xrhsimopoihsoyme thn epilogh the root_squash sta exports : ______________________________________________________________________ /mn/eris/local apollon(rw,root_squash) ______________________________________________________________________ Twra, an enas xrhsths me userID 0 ston client prospa8hsei na brei prosbash (anagnwshs, eggrafhs, sbhsimatos) sto filesystem, o server ypoka8ista thn UID toy xrhsth me thn antistoixh toy "nobody account" toy server. Poy shmainei oti o root xrhsths toy client den mporei na dei h n' allajei arxeia, poy mono o root toy server mporei. Ayto einai kalo, kai pi8anotata prepei na bazete root_squash se ola ta filesystems poy kanete export. "- Alla o root user toy client ejakoloy8ei na mporei na xrhsimopoiei thn entolh su, gia na ginei opoiosdhpote allos xrhsths, ara na mporei na blepei kai n' allazei ta arxeia!", lete. Sto opoio, h apanthsh einai : Nai, etsi akribws einai, kai prepei na einai me ta *nix's kai me to NFS. Ayto, omws, exei mia shmantikh synepeia : Ola ta shmantika binaries kai genikotera arxeia prepei na ta exei own o root, oxi to bin, h opoiosdhpote allos mh-root account, mia poy o monos account, ston opoio den mporei na brei prosbash o root user toy client, einai o root account toy server. Sth selida man toy NFSd yparxoyn kataxwrhmenes polles alles epiloges gia squash, wste n' apofasisete monoi sas poia (den) 8a empistey8eite gia toys clients. Epishs, sas dinontai epiloges na kanete squash s' opoiodhpote sunolo UID kai GID 8elete. Ayta ola perigrafontai sth man selida toy Linux NFSd. Sthn pragmatikothta, h epilogh root_squash einai h default me ton Linux NFSd. Gia na dwsete prosbash root s' ena filesystem, balte no_root_squash. Akomh kati shmantiko, einai na bebaiw8oume oti o nfsd elegxei pws oles oi aithseis toy erxontai mono apo mia pronomiouxo 8ura (privileged port). An dex8ei aithseis apo opoiodhpote port, enas opoiosdhpote xrhsths xwris idiaitera pronomia mporei na trejei ena programma, poy 8a brei kapoy sto Internet, poy "milaei" sto prwtokollo toy nfs, kai poy isxyrizetai oti o xrhsths einai aytos poy o idios 8elei na einai. Tromaktiko! O nfsd toy Linux kanei ej orismou tetoion elegxo, omws se alla LS prepei na energopoihsete ayton ton elegxo eseis. To pws, prepei na grafetai sth selida boh8eias gia ton nfsd to sygkekrimenoy LS. Akomh kati : Pote mhn kanete export ena filesystem ston localhost, h sto 127.0.0.1 . Empistey8eite me! 6.3. H asfaleia toy server : O portmapper O basikos portmapper, se syndyasmo me ton nfsd, exoyne ena sxediastiko problhma, poy ka8ista dynato to na paijoyme me ta arxeia se NFS servers, xwris na exoyme pronomia (privileges). Eytyxws, o portmapper ton opoio xrhsimopoioun oi perissoteres Linux distributions, einai sxetika asfalhs enantion tetoiwn epi8esewn, kai mporei na ginei asfalesteros, an ry8misoyme se duo sygkekrimena arxeia tis listes prosbashs. Den plas8hkan ises oles oi Linux distributions! Merikes fainomenika sugxrones den perilambanoyn asfalh portmapper, akomh kai shmera, polla xronia af' otoy ayth h trupa asfaleias egine koinh gnwsh. Toylaxiston mia akomh dianomh periexei th selida man gia asfalh portmapper, alla o idios o portmapper den einai asfalhs. O eukolos tropos na elegjete an o portmapper sas einai asfalhs h oxi, einai na trejete thn entolh strings(1) kai na deite an diabazei ta sxetika arxeia /etc/hosts.deny kai /etc/hosts.allow. Ypo8etontas oti o portmapper sas einai o /usr/sbin/portmap, mporeite na ton elegjete me thn entolh : strings /usr/sbin/portmap | grep hosts. Ston diko moy H/Y, apantaei kapws etsi : ______________________________________________________________________ /etc/hosts.allow /etc/hosts.deny @(#) hosts_ctl.c 1.4 94/12/28 17:42:27 @(#) hosts_access.c 1.20 96/02/11 17:01:27 ______________________________________________________________________ Prwta dior8wnoyme to arxeio /etc/hosts.deny. Prepei na periexei th grammh : ______________________________________________________________________ portmap: ALL ______________________________________________________________________ poy 8a arnh8ei thn prosbash se oloys. Enw exoyme kleisei thn prosbash m' ayton ton tropo, trexoyme thn entolh rpcinfo -p gia na elegjoyme oti o portmapper pragmatika diabazei kai kanei o,ti toy leei to arxeio ayto. (H rpcinfo den prepei na dinei ejodo, h, pi8ana, ena mhnyma la8oys.) Den 8a eprepe na einai aparaithto na epanekkinhsoyme ton portmapper. To na kleisoyme ton portmapper gia oloys einai polu drastiko metro. Synepws ton jananoigoyme, dior8wnontas to arxeio /etc/hosts.allow. Alla prwta, prepei na jeka8arisoyme ti 8eloyme na gracoyme mesa toy. Basika, 8a eprepe na periexei oloys toys H/Y poy prepei na exoyn prosbash ston portmapper mas. Ston typiko H/Y me Linux, elaxistoi alloi H/Y 8a h8elan prosbash root gia opoiondhpote logo. O portmapper diey8unei ta : nfsd, mountd, ypbind/ypserv, pcnfsd, kai tis "r" services, opws h ruptime kai h rusers. Apo ta parapanw, mono ta nfsd, mountd, ypbind/ypserv, kai isws kai o pcnfsd, exoyn kapoia shmasia. Oloi oi H/Y poy xreiazontai prosbash ston diko sas, 8a eprepe na mporoun. As poume oti h dieu8ynsh toy H/Y sas einai 129.240.223.254 , kai oti einai syndedemenos sto ypodiktyo 129.240.223.0 , an kapoios allos H/Y 8elei prosbash s' ayton. (Aytous toys oroys toy eishgage to Networking HOWTO. An xreiastei, epistrecte s' ayto gia na freskarete th mnhmh sas.) Tote, eisagoyme th grammh : ______________________________________________________________________ portmap: 129.240.223.0/255.255.255.0 ______________________________________________________________________ sto arxeio hosts.allow. Einai to idio me thn dieu8ynsh diktuoy poy dinoyme sto arxeio route, kai th maska ypodiktuoy (subnet mask) poy dinoyme sto ifconfig. Gia th syskeyh eth0 ston H/Y mas, to ifconfig prepei na deixnei : ______________________________________________________________________ ... eth0 Link encap:10Mbps Ethernet HWaddr 00:60:8C:96:D5:56 inet addr:129.240.223.254 Bcast:129.240.223.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:360315 errors:0 dropped:0 overruns:0 TX packets:179274 errors:0 dropped:0 overruns:0 Interrupt:10 Base address:0x320 ... ______________________________________________________________________ kai h entolh netstat -rn prepei na bgazei : ______________________________________________________________________ Kernel routing table Destination Gateway Genmask Flags Metric Ref Use Iface ... 129.240.223.0 0.0.0.0 255.255.255.0 U 0 0 174412 eth0 ... ______________________________________________________________________ (H dieu8ynsh diktuoy brisketai sthn prwth sthlh.) Ta arxeia hosts.deny kai hosts.allow perigrafontai stis antistoixes man selides me ta idia onomata. SHMANTIKO : Mhn bazete o,tidhpote, ektos apo ari8mous IP stis sxetikes me ton portmapper grammes aytwn twn arxeiwn. Tyxon pinakes antistoixiwn me onomata H/Y, mporoun emmesa na prokalesoyn drasthriothta toy portmapper, poy 8a jekinhsei cajimo stoys pinakes antistoixiwn, poy emmesa mporoun na prokalesoyn drasthriothta toy portmapper, poy... Ta parapanw logika prepei na kanoyn asfalestero ton server sas. To mono (nai, siga!) problhma poy paramenei, einai kapoios poy mpainei ws root se "empisto" mhxanhma (h kanei ekkinhsh me MS-DOS), kai xrhsimopoiei ayto to pronomio gia na steilei aithseis apo ena asfalismeno (secure) port, ws opoiosdhpote xrhsths 8a h8ele na paroysiazetai o idios. 6.4. To NFS kai ta firewalls Einai polu kalh idea na balete firewall sto nfs, kai na katey8unete me portmap ta ports ston router h sto firewall sas. O nfsd dra sto port 2049, kai me to udp kai me to tcp prwtokollo. O portmapper dra sto port 111 (kai me tcp kai me udp), kai o mountd sta ports 745 kai 747 (tcp kai udp). Synh8ws. Fysika, prepei na elegjete ta ports me thn entolh rpcinfo -p. An, apo thn allh pleyra, 8elete to NFS na pernaei apo firewall, yparxoyn epiloges stoys newteroys NFSds kai mountds, poy toys kanoyn na xrhsimopoioun mia eidikh (oxi, omws, protyph) 8ura, poy mporei na menei anoixth se firewall. 6.5. Perilhch An xrhsimopoieite ta : hosts.allow/deny, root_squash, nosuid, kai diafora pronomiouxa (privileged) xarakthristika twn ports sto software twn portmapper/nfs, 8' apofugete polla apo ta shmera gnwsta bugs toy nfs, kai 8a mporesete na ais8an8eite sxedon sigoyroi toylaxiston gi' ayta. Alla, akomh kai meta ap' ol' ayta : Otan enas eisboleas exei prosbash sto diktyo sas, mporei na emfanisei perierges entoles sto .forward sas, h na diabasei to taxydromeio sas, otan ginei export kata NFS sto /home, h to /var/spool/mail. Gia ton idio logo, pote den 8a 'prepe na dinete prosbash sto idiwtiko sas kleidi toy PGP me to nfs. 'H, toylaxiston, prepei na gnwrizete ton kindyno poy synepagetai mia tetoia energeia. Kai twra gnwrizete hdh mia pleyra aytou toy kindunoy! To NFS kai o portmapper synapoteloun ena sun8eto yposusthma, kai ara den einai entelws api8ano n' anakalyf8oun nea bugs, eite sth basikh sxediash, eite sthn ylopoihsh toy systhmatos poy xrhsimopoioume emeis. Akomh kai trupes asfaleias mporei na einai hdh gnwstes shmera, tis opoies kapoios xrhsimopoiei me kako skopo. Omws, etsi einai h zwh! Gia na briskeste, loipon, se apostash asfaleias apo tetoia pragmata, prepei toylaxiston na diabazete ta newsgroups comp.os.linux.announce kai comp.security.announce, ws to elaxisto dynaton poy mporeite na kanete. 7. H lista pi8anwn problhmatwn sto mounting toy NFS Ayth h enothta basizetai sthn : "Lista elegxoy gia problhmata sto mounting toy NFS", ths IBM Corporation. Polles eyxaristies sthn IBM, poy mas edwse th lista na thn xrhsimopoihsoyme s' ayto edw to HOWTO. An sas tuxei kapoio problhma, otan pate na kanete mount s' ena NFS filesystem, parakalw rijte mia matia s' ayth th lista, prin gracete kapoy gia to problhma sas. Ka8e seira sth lista perigrafei enan tropo dysleitoyrgias, kai th dior8wsh toy. 1. To mount synexeia bgazei : RPC: Program not registered (to programma den exei katagrafei / katoxyrw8ei). Trexei o portmapper; Dior8wsh : 3ekinhste ton. Trexei o mountd; Dior8wsh : 3ekinhste ton. Trexei o nfsd; Dior8wsh : 3ekinhste ton. Mhpws to arxeio /etc/hosts.deny apagoreuei ston portmapper n' apanthsei; Dior8wsh : Eite sbhste thn apagoreysh sto arxeio hosts.deny, h pros8este mia grammh sto hosts.allow, wste o portmapper na mporei na epikoinwnhsei mazi sas. 2. Den egine export sto filesystem, h den egine export pros ton sygkekrimeno client. Dior8wsh : Kante export. 3. Ta onomata twn H/Y den tairiazoyn me thn antistoixh lista gia ta exports. Px : H lista gia ta exports grafei na ginei export pros ton H/Y johnmad, alla to onoma toy H/Y johnmad antistoixei sto johnmad.austin.ibm.com. Fysika, den dinetai adeia gia mount. Dior8wsh : Kante export kai pros tis duo morfes toy onomatos. Ayto mporei epishs na symbei, an o client exei duo diasyndeseis (interfaces) me diaforetika onomata, kai to arxeio export anaferetai mono sth mia. Dior8wsh : Kante export kai pros tis duo diasyndeseis. Ayto epishs mporei na symbei, an o server den mporei na kanei lookuphostbyname h lookuphostbyaddr (aytes einai library functions) ston client. Bebaiw8eite oti o client mporei na kanei host ;, host ;, kai oti kai ta duo deixnoyn ton idio H/Y. Dior8wsh : Taktopoieiste ta onomata twn H/Y. 4. To filesystem egine mount meta to jekinhma toy NFS (ston sygkekrimeno server). S' ayth thn periptwsh, o server kanei export sto antistoixo mount point, oxi sto mounted filesystem. Dior8wsh : Stamathste ton NFSd, kai meta epanekkinhste ton. Shmeiwsh : Oi clients poy eixan mounted to antistoixo mount point, 8a exoyn problhma sto na doyn ton server meta thn epanekkinhsh toy. 5. H hmeromhnia einai polu diaforetikh se server kai client (ayto mporei na kanei 8alassa to make). Dior8wsh : Dior8wste thn hmeromhnia. O syggrafeas toy HOWTO synista th xrhsh toy NTP gia sygxronismo twn rologiwn. Mia poy stis HPA yparxoyn periorismoi sthn ejagwgh toy NTP apo th xwra, mporeite na breite to NTP gia tis dianomes Debian, RedHat, Slackware, apo to ftp://ftp.hacktic.nl/pub/replay/pub/linux, h ena mirror toy. 6. O server den mporei na dex8ei mount apo xrhsth, poy metexei se perissoteres apo 8 omades (groups). Dior8wsh : Elatwste ton ari8mo twn omadwn, stis opoies symmetexei o xrhsths, h kante mount mesw enos diaforetikou xrhsth. 8. FAQs Edw briskomaste sthn enothta twn syxnwn erwthsewn (FAQs). H enothta ayth basizetai kata ena meros se ena palio keimeno toy Alan Cox, me FAQs gia to NFS. An exete kapoio problhma sto na kanete mount ena filesystem, parakalw koitajte mhpws to problhma sas periexetai sthn prohgoumenh enothta, th "lista pi8anwn problhmatwn sto mounting toy NFS". 1. Pairnw polla mhnumata la8oys, toy tupoy : "stale nfs handle" ( = palio programma xeirismou toy nfs), otan xrhsimopoiw to Linux se nfs server. Ayta ta projenei kapoio bug merikwn paliwn ekdosewn toy nfsd. To problhma dior8w8hke apo ton nfs-server2.2beta16 kai meta. 2. Otan prospa8w na kanw mount ena filesystem, pairnw : can't register with portmap: system error on send (Dhl. "Den symfwnei h katagrafh ston portmapper, sfalma kata thn apostolh") Pi8anotata xrhsimopoieite th dianomh Caldera. Yparxei ena bug sta rc scripts. Parakalw, epikoinwnhste me thn Caldera, gia na sas dwsei ta dior8wmena arxeia. 3. Giati den mporw na ektelesw ena arxeio, afou to antegraca ston NFS server; H aitia einai oti o nfsd bazei sth mnhmh cache ta "anoixta" xrhsimopoioumena arxeia (open file handles), gia na epituxei kaluterh apodosh (kai 8ymh8eite, trexei ston xwro toy xrhsth). Oso o nfsd krataei ena arxeio anoixto (opws px sthn periptwsh poy molis exei gracei kati s' ayto), o pyrhnas den 8a sas afhsei na to ektelesete. Oi nfsds poy einai newteroi apo ekdoseis (peripoy) anoijhs toy 1995, eley8erwnoyn ta anoixta arxeia meta apo liga deyterolepta. Oi palioteroi kollane s' ayta gia meres. 4. Ta arxeia moy sto NFS einai ola mono gia anagnwsh (read only) O NFS server me Linux paei ej orismou se katastash monon anagnwshs. Parakalw, diabaste tis enothtes "Oi mountd kai nfsd", kai "Kanontas export se filesystems", s' ayto edw to HOWTO, kai deite tis selides man gia ta exports kai ton nfsd. 8a xreiastei n' allajete to arxeio /etc/exports. 5. Kanw mount apo enan NFS server me Linux, kai enw h entolh ls doyleuei, den mporw na diabasw h na gracw arxeia. Se palioteres ekdoseis toy Linux, prepei na fortwsete ton NFS server me : rsize=1024,wsize=1024. 6. Kanw mount apo enan NFS server me Linux, me mege8os block metaju 3500 kai 4000, kai o H/Y krasarei syxna. Epomenws, mhn to kanete. Ayto den symbainei me toys pyrhnes 2.0 kai 2.2 . Kai, an den me apata h mnhmh moy, den yparxei problhma oute me ton pyrhna 1.2 . 7. Mporei to Linux na kanei NFS epanw se TCP; Oxi pros to paron. 8. Pairnw polla perierga mhnumata la8oys, otan prospa8w na kanw mount apo enan H/Y me Linux. Bebaiw8eite oti oi xrhstes sas metexoyn se 8 h ligoteres omades. Oi palioteroi servers to zhtane ayto opwsdhpote. 9. Otan epanekkinw ton H/Y moy, merikes fores kremaei, otan prospa8ei na kanei unmount ena kollhmeno NFS (ws server). MHN kanete unmount se NFS servers meta thn epanekkinhsh h ton termatismo leitoyrgias toy H/Y, apla agnohste toys. Den 8a peirajei tipote, an den toys kanete unmount. H sxetikh entolh einai : umount -avt nonfs. 10. Oi NFS clients me Linux argoun polu, otan epikoinwnoun me H/Y Sun kai BSD. Oi eggrafes sto NFS synh8ws einai sugxrones. (Ayto, bebaia, mporeite na to apenergopoihsete, an den sas peirazei na kindynecete na xasete dedomena.) Akomh xeirotera, oi pyrhnes poy basizontai sto BSD mallon adynatoun na doyleuoyn se mikra blocks. Etsi, otan grafete 4 kB dedomenwn (apo enan H/Y me Linux) se paketa toy 1 kB poy xrhsimopoiei to BSD, to teleytaio kanei to ejhs : diabase th selida twn 4 kB allaje to 1 kB janagrace ta 4 kB ston disko diabase th selida twn 4 kB allaje to 1 kB janagrace ta 4 kB ston disko k. o. k. 11. Otan syndew pollous clients se NFS server me Linux, h apodosh peftei jafnika. To prwtokollo NFS xrhsimopoiei tmhmatika (fragmented) paketa UDP. O pyrhnas exei ena orio sto posa tmhmata anoloklhrwtwn paketwn mporei na shkwsei, prin arxisei na ta agnoei. Ston pyrhna 2.2, ayto ry8mizetai se xrono runtime mesw toy /proc filesystem : /proc/sys/net/ipv4/ipfrag_high_thresh kai ipfrag_low_thresh. Ston 2.0 , aytes oi parametroi einai sta8eres kata thn compilation toy pyrhna, kai orizontai sta : .../linux/net/ipv4/ip_fragment.c, IPFRAG_HIGH_THRESH, kai IPFRAG_LOW_THRESH. H shmasia aytwn twn timwn, einai oti apaj kai h apaitoumenh mnhmh twn anoloklhrwtwn kommatiwn UDP ftasei to anw orio ths ("ipfrag_high_thresh") se bytes (256 kB ej orismou stoys pyrhnes 2.2.3 kai 2.0.36), aytomata peftei sto katw ths orio ("ipfrag_low_tresh"). Ayto ginetai me sbhsimo kommatiwn. Ayth h katastash isodynamei sxedon me apwleia kommatiwn, kai th stigmh poy h mnhmh ftanei to anw ths orio, h apodosh toy server sas peftei polu. Ta 256 kB einai arketa gia peripoy 30 clients. An exete 60, diplasiaste ta. Kai diplasiaste epishs to katw orio. 12. Xrhsimopoiw to Linux 2.2 (h metagenestero) me ton knfsd, kai den mporw na kanw mount ston H/Y moy, tupoy AIX, IRIX, Solaris, DEC- Unix... O knfsd anakoinwnei oti ylopoiei thn ekdosh 3 toy NFS, alla den to kanei. Yparxei mia epilogh, na ton stamathsete na bgazei ayto to mhnyma. Xrhsimopoieiste thn. 'H, mporeite na 8esete "vers=2" sth lista me tis parametroys toy mount stoys clients. 13. O tupoy AIX 4 H/Y moy den mporei na kanei mount ton NFS server moy me Linux. Moy leei : mount: 1831-011 access denied for server:/dir mount: 1831-008 giving up on: server:/dir The file access permissions do not allow the specified action. (Dhl. : "Den didetai adeia gia ton server", "egkataleipw to server:/dir", "Oi adeies prosbashs sta arxeia den epitrepoyn th drasthriothta poy zhtate.") h kati paromoio. To AIX 4.2 xrhsimopoiouse rezerbe ports (katw apo to 1024) gia to NFS. Ta AIX 4.2.1 kai 4.3 den periorizontai sta rezerbe ports. Epishs, ta AIX AIX 4.2.1 kai 4.3 prospa8oun na kanoyn mount me xrhsh toy NFS3, meta toy NFS/TCP, kai telika toy NFS/UDP. Pros8etontas ______________________________________________________________________ nfso -o nfs_use_reserved_ports=1 ______________________________________________________________________ sto telos toy rc.tcpip, 8a to anagkasei na janaxrhsimopoihsei ta rezerbe ports. (Ayto to kolpo moy to edwse o Brian Gorka.) 9. Kanontas export se filesystems Fysika, o tropos toy na kanoyme export se filesytems me to NFS, den einai plhrws symbatos stis diafores platformes ergasias. S' ayth thn periptwsh, ayta poy jefeugoyn ap' ton kanona, einai ta Linux kai Solaris 2. Ayth edw h enothta 8etei proxeira se seira toys tropoys toy export gia ta perissotera LS. An to diko sas den kaluptetai, prepei na cajete thn tekmhriwsh toy. Lejeis-kleidia mporoun na einai : nfsd, system administration tool ( = ergaleio dieu8ynshs systhmatos), rc scripts, boot scripts, boot sequence ( = diadikasia ekkinhshs), /etc/exports, exportfs. 8a dwsw ena paradeigma s' aythn thn enothta : Pws na kanoyme export to /mn/eris/local ston H/Y apollon, me epilogh read/write. 9.1. IRIX, HP-UX, Digital-UNIX, Ultrix, SunOS 4 (Solaris 1), AIX Ayta ta LS xrhsimopoioun to paradosiako format ths Sun gia export. Sto /etc/exports, gracte : ______________________________________________________________________ /mn/eris/local -rw=apollon ______________________________________________________________________ H plhrhs tekmhriwsh brisketai sth selida man gia to arxeio exports. Afou dior8wsete to arxeio, trejte exportfs -av, gia na ginei export sta filesystems. To poso aysthrh einai h suntajh ths entolhs exportfs, syzhtietai. Se merika LS 8a breite oti h prohgoumenh grammh diatypwnetai ws : ______________________________________________________________________ /mn/eris/local apollon ______________________________________________________________________ h kati entelws ekfylismeno, san ayto edw : ______________________________________________________________________ /mn/eris/local rw=apollon ______________________________________________________________________ Synistw na eisaste typikoi. Me to na kobete dromo, riskarete to na deite thn epomenh ekdosh toy exportfs na ginetai polu aysthroterh sth diatupwsh, kai jafnika o,ti jerate na mh doyleuei pleon. 9.2. Solaris 2 H Sun janaefeure ap' thn arxh ton troxo, otan eftiaje to Solaris 2. Epomenws, ayto diaferei entelws ap' ola ta alla LS. Ayto poy kanete edw, einai na dior8wsete to arxeio /etc/dfs/dfstab. Mesa s' ayto, topo8ethste entoles koinhs xrhshs (share), opws aytes anagrafontai sth selida man toy share(1M). Opws parakatw : ______________________________________________________________________ share -o rw=apollon -d "Eris Local" /mn/eris/local ______________________________________________________________________ Meta tis dior8wseis, trejte to programma shareall, gia na kanete export sta filesystems. 10. To NFS sto Linux 2.2 Ka8ws grafw to HowTo, h parousa ekdosh toy pyrhna toy Linux einai h 2.2.12 , kai h xrhsh NFS s' aythn mporei na ginei ligo aggareia. Mporei kai oxi. Den jerw ti 8a ginei me to NFS sto Linux 2.4 . To neo spoydaio pragma me to Linux 2.2 einai h yposthrijh enos nfs server demon poy brisketai mesa ston pyrhna, kai onomazetai knfsd. Aytos o tropos ylopoihshs toy nfsd exei merika pleonekthmata, to kyriotero twn opoiwn einai h taxuthta. Enas H/Y me Linux 2.2 me ton knfsd einai enas ajiosebastos nfs server. Wstoso, panta mporeite na xrhsimopoihsete ton palio nfsd me to Linux 2.2, kai yparxoyn epishs merika pleonekthmata s' ayth th xrhsh, to kyriotero twn opoiwn einai h aplothta. An xrhsimopoieite source pyrhna h binary paketo, ftiagmena apo kapoia etairia san px thn RedHat (ekdosh 6.0 kai meta), thn SuSE (ekdosh 6.1 kai meta, nomizw), h kapoion allon epaggelmatia kataskeyasth dianomwn, pi8anotata exoyn symperilabei plhrh leitoyrgikothta "knfsd" ston pyrhna toys. Kai den xreiazetai na problhmatizeste, stis perissoteres periptwseis 8a doylecei. Mexris otoy na sas er8ei na kanete compile enan pyrhna monoi sas. An xrhsimopoieite kapoion apo toys dia8esimoys pyrhnes 2.2 toy Linux (toylaxiston mexri kai ton 2.2.12), o knfsd 8a stamathsei na doyleuei. Gia na ta kataferete monoi sas na jeperasete to empodio, xreiazeste na breite to paketo knfsd toy H. J. Lu. Ayto einai mia syllogh patches kai aparaithtwn utilities gia ton pyrhna 2.2, poy o Lu epimeleitai ston eleu8ero xrono toy. Mporeite na th breite apo ton plhsiestero mirror gia toys pyrhnes toy Linux, me to kyriws site na einai to : ftp.kernel.org:/pub/linux/devel/gcc/. Ta parapanw den ta grafw gia "laikh katanalwsh". An ayto to paketo sas mperdecei, mhn prospa8eite na kanete compile ton pyrhna monoi sas. Perimenete mexri na bgei ena sxetiko paketo apo ton agaphmeno sas dianomea toy Linux (px RedHat, SuSE, klp). Epishs, mh moy stelnete e-mails me erwthseis gi' ayto to 8ema. Den mporw na sas boh8hsw. Den exw dia8esimoys servers na trexoyne knfsd. An breite sfalmata h paraleiceis sthn parousa tekmhriwsh, parakalw gracte moy, kai 8a dior8wsw ayto to HOWTO kai 8a to janadwsw sto anagnwstiko koino. Ejakoloy8eite na diabazete; Ok. O H. J. Lu stelnei tis nees ekdoseis toy paketoy toy sth mailing list gia ton pyrhna toy Linux. Epishs, ekei stelnontai kai alla 8emata sxetika me to NFS se pyrhnes 2.2 . Diabaste ta. Yparxei ena ajioshmeiwto xarakthristiko toy paketoy toy knfsd : Anakoinwnei oti yposthrizei thn ekdosh 3 toy NFS. Wstoso, den thn yposthrizei. Mporeite na dwsete mia parametro, gia na stamathsete aythn thn anakoinwsh, h na dwsete "vers=2" sth lista epilogwn mount twn clients. 10.1. O client O client einai sxetika aplos. Gia kalo locking, prepei na kanoyme compile ton statd (apo to paketo toy knfsd), na ton egkatasthsoyme, kai na ton ekkinhsoyme apo ta scripts ekkinhshs. Kante akribws etsi. Gia na doylecei o statd, xreiazetai ena directory me onoma /var/lib/nfs, diaforetika stamataei xwris kanena mhnyma la8oys, ara prin ton trejoyme, prepei na ftiajoyme to sygkekrimeno dir. Otan jekinhsei o statd na trexei, mporeite na xrhsimopoihsete to programma testlk (sto tools/locktest), gia na dokimasete an doyleuei to locking enos arxeioy s' ena NFS filesystem. Logika, doyleuei. An deite mhnyma No locks available, o statd den doyleuei. Sthn pragmatikothta, mporeite n' apofugete teleiws to locking (oxi pws synistw kati tetoio), dinontas "nolock" sth lista epilogwn toy mount. Sumfwna me osa gnwrizw, ayta einai ola osa xreiazontai, gia na doylecei enas client. Ean exete Sparc h Alpha NFS server, 8a diapistwsete oti o nfs client toy Linux 2.2 einai teleiws xalia. O ry8mos metadoshs dedomenwn apo kai pros ton server einai toso eleeinos, poy den mporeite na fantasteite. Einai polu xeiroteros ap' o,ti sto Linux 2.0 . Polu. Alla, fysika, yparxei kai h 8erapeia ths katastashs ayths : H seira pyrhnwn 2.2 toy Alan Cox (poy einai ligaki pio peiramatikoi apo toys normal pyrhnes 2.2 toy Linus) exei ena patch gia anebasma ths apodoshs toy Linux 2.2 me toys Alpha kai Sparc servers. An 8elete na xrhsimopoihsete toys pyrhnes 2.2 toy Alan Cox, prepei na parakoloy8eite th mailing list gia toys pyrhnes toy Linux. Kai an to kanete ayto, hdh 8a jerete pou mporei na bre8ei to sygkekrimeno patch : To home site toy einai to , se periptwsh poy 8elete na dokimasete na to balete se dia8esimo pyrhna 2.2 . Ayto to patch pi8anotata den 8a perilambanetai oute sto Linux 2.4, epeidh apaitei para polles allages ston pyrhna, gia na ginei apodekto ston paronta kuklo anaptyjhs. Na perimenete to Linux 2.5 . To trondmy epishs dia8etei patches poy kanoyn to Linux na xrhsimopoiei thn ekdosh 3 toy NFS, ki epishs 8a sas dwsei th dynatothta na xrhsimopoieite to tcp gia metafora arxeiwn, anti toy UDP. O NFS v. 3 einai polu kalos gia megala diktya, h diktya opoy h apwleia paketwn den einai mhdenikh, h oi xronoi anamonhs einai megaloi. O logos poy prepei na parakoloy8eite th mailing list gia toys pyrhnes toy Linux, prokeimenoy na xrhsimopoihsete ayta ta patches, einai oti merikes fores yparxoyn asxhma bugs mesa toys. Bugs poy dialuoyn ta arxeia sas. Synepws, parakalw na prosexete. 10.2. O server O nfs server demon toy Linux 2.2 kai twn metagenesterwn onomazetai "knfsd", kai 8elei ponhres ry8miseis. Lypamai, alla aytes prepei h na tis breite monoi sas, h na meinete proskollhmenoi se o,ti bgazoyn h SuSE, h RedHat, kai oi ypoloipoi, san paketa toy pyrhna 2.2 . Wstoso, kai me to Linux 2.2 mporeite panta na xrhsimopoihsete ton palio nfsd. Einai argos, alla eukolos na ton ry8miseis. 11. NFS server se mia disketa Ayth h enothta grafhke apo ton Ron Peters, rpeters@hevanet.com. Ejhgei pws na sthsoyme enan NFS server, otan bootaroyme apo disketa. Arxika h enothta sxediasthke me skopo na deijei pws mporoume na exoyme (mesw NFS) koinh xrhsh toy cd-rom enos alloy H/Y (poy den sthrizetai se Linux/UNIX), wste na egkatasthsoyme to Linux ston prwto H/Y, poy den dia8etei cd-rom. 11.1. Eisagwgh Ayto to keimeno grafthke gia osoys synanthsoyn to idio problhma, poy eixa ki egw prosfata : Esthna enan Linux server s' enan H/Y poy den die8ete cd-rom, kai den mporousa na toy pros8esw ena, ektos isws ejwteriko SCSI, h kati paromoio. Twra, poy einai olo kai pio api8ano na egkatasthsete to Linux s' ena tetoio mhxanhma, ayto to keimeno mporei na mhn einai pleon toso polutimo. Wstoso, proswpika 8a to ektimousa, an to die8eta otan prospa8ousa na ftiajw ton H/Y moy. Mia poy o H/Y moy den die8ete cd-rom, skefthka na brw enan NFS server gia ta Win95, kai na krathsw koinh xrhsh toy cd-rom gia oso xreiastei na ftiajw ton H/Y me to Linux, kai na ton balw sto diktyo. Apo ta duo proionta poy brhka (den anaferw onomata, alla to ena htane freeware kai to allo me periorismenh adeia xrhshs 14 hmerwn), to ena den doulece ka8oloy, kai to allo den mporese na xeiristei arketa kala ta sumfwna me to Linux onomata twn H/Y, wste na oloklhrwsei thn egkatastash. Meta ap' ayta, prospa8hsa na jekinhsw ton H/Y moy twn Win95 me tis duo disketes boot/root, kai meta na balw mia boh8htikh disketa, wste na sthsw ton NFS server. Ayto apodeixthke polu aplo, kai h olh diadikasia einai pi8anotata eykoloterh apo to na diabasete aythn thn eisagwgh, alla pisteuw oti 8a boh8hsei to na ta gracw ola mazi kapoy. 11.2. Prosdokies Ayto to keimeno bghke apo th xrhsh twn disketwn boot/root mias apo tis twrines dianomes toy Slackware Linux apo thn InfoMagic. Xrhsimopoihsa thn ekdosh 2.0.34 toy pyrhna stis disketes boot/root, alla ta programmata toy NFS server par8hkan apo enan server ekdoshs 2.0.30 . Panta xrhsimopoiousa th me8odo egkatastashs toy Slackware, oxi epeidh einai eykoloterh, h kaluterh, h xeiroterh, alla apla epeidh ais8anomai aneta mazi ths, kai den exw brei ton xrono na dokimasw kapoia allh. Den pisteuw na yparjoyn polla problhmata kata th xrhsh aytou toy keimenoy, se sxesh me thn ekdosh toy Linux. Pantws, 8a synistousa na xrhsimopoihsete kapoia sxetika sugxronh. Mia poy einai pi8ano oti 8a xrhsimopoih8ei gia egkatastash, einai ej isoy pi8ano na xrhsimopoih8ei ena sugxrono set boot/root disketwn. Oloi oi syndyasmoi syzhtiontai. 11.3. Apaithseis · Enas H/Y me dynatothtes diktuwshs kai me disketa ekkinhshs. O H/Y poy 8a ginei NFS server, prepei na exei karta diktuoy, poy n' anagnwrizetai kata th diarkeia ths diadikasias ekkinhshs. Perissotera apanw s' ayto mporeite na diabasete sto Networking HOWTO. · Mia akomh disketa, poy periexei ta : rpc.portmap, rpc.mountd, kai rpc.nfsd . (Ayta ta arxeia briskontai eukola me cajimo mesw ftp sto Internet.) · Dianomh Slackware, h kapoia allh. (Ypo8etoyme epanw se cd's). 11.4. Sthsimo toy server 11.4.1. Ekkinhsh toy proswrinou NFS server 3ekiname me thn disketa ekkinhshs ton H/Y poy einai NFS server, kai bebaiwnomaste oti anagnwrizetai h karta diktuoy. Epishs, prepei n' anagnwristei kai to cd-rom. 8a xrhsimopoihsw to eth0 gia thn perigrafh ths kartas diktuoy. 11.4.2. Kanoyme mount sth disketa kai sto cd-rom Afou jekinhsei o H/Y, den xreiazomaste tis disketes boot/root. To LS brisketai sth RAM. Antika8istoume th disketa ekkinhshs me th boh8htikh disketa. Kanoyme mount sth disketa : mount /dev/fd0 /floppy Ayto proupo8etei oti h disketa einai tupoy ext2 filesystem. Fantazomai oti mporei kai na einai kai tupoy DOS, me ta aparaithta arxeia epanw ths, alla den to exw dokimasei ayto akomh. Pisteuw oti kati tetoio einai eykolotero apo to na asxoleisai me disk image. S' ayth thn periptwsh, 8a htan : mount -t msdos ...etc. Pi8anon na prepei na ta gracw ayta sthn enothta "pros energeia". Kanoyme mount sto cd-rom : mount -t iso9660 /dev/hdc /cdrom Ta devices disketas kai cd-rom einai ayta poy xrhsimopoihsa ki egw. Mporei na diaferoyn, analoga thn efarmogh. Ta mount points /floppy kai /cdrom yparxoyn hdh sto image ths root disketas, ara mporoume na ta xrhsimopoihsoyme. An den yparxoyn, ftiajte ta, h xrhsimopoieiste opoia mount points sas aresoyn. 11.4.3. Sthnoyme th diktuwsh ston proswrino server S' ayto to shmeio, sthnoyme ton proswrino NFS server, gia na milhsei sto diktyo. 8a dwsoyme elaxistes entoles. Yparxoyn, omws, kamposa pragmata, poy prepei na gnwrizete, prin dwsete tis entoles aytes (oi times mpainoyn apla ws paradeigmata) : IPADDR:172.16.5.100 #Ayth einai h dieu8ynsh diktuoy toy proswrinou server. NETMASK:255.255.255.0 #Ayth einai h maska diktuoy. BROADCAST:172.16.5.255 #O teleytaios ari8mos (255) einai shmantikos gia thn IPADDR. ETHNETWORK:172.16.5.0 #Akomh mia fora, enas ari8mos elaxista diaforetikos apo thn IPADDR. GATEWAY:172.16.5.251 #Xreiazetai monon an dia8etete gateway. Ta perissotera spitika diktya den dia8etoyn. Oi entoles gia na synde8oume me to diktyo. Bazoyme tis times, opws tis blepoyme parapanw : ifconfig eth0 inet IPADDR arp netmask NETMASK broadcast BROADCAST route add -net ETHNETWORK netmask NETMASK eth0 Xrhsimopoieiste thn epomenh entolh, mono an dia8etete gateway kai prepei na perasete apo mesa ths : route add default gw GATEWAY netmask 0.0.0.0 eth0 An ola pane kala, twra briskeste sto diktyo, kai 8a prepei na mporeite na kanete ping s' alloys H/Y. 11.4.4. Ry8mizoyme thn koinh xrhsh toy NFS Ka8orizoyme to directory poy 8eloyme na exoyme koino mesw toy NFS. (Sthn periptwsh toy paradeigmatos moy, xrhsimopoihsa to /cdrom/slakware.) Bazoyme ayto to directory sto arxeio /etc/exports : echo "/cdrom/slakware" > /etc/exports 11.5. Trexoyme ton NFS server Pame sto /floppy/usr/sbin kai trexoyme : Ton ./rpc.portmap Ton ./rpc.mountd Ton ./rpc.nfsd 11.5.1. Entajei, jekiname thn egkatastash Twra, logika prepei na exoyme koinh xrhsh toy directory "/cdrom/slakware", poy gracame sto arxeio /etc/exports. Afou ginei ayto, mporoume na ekkinhsoyme ton H/Y, opoy 8a kanoyme thn egkatastash, me tis disketes boot/root (proswpika, xrhsimopoihsa tis idies, me tis opoies jekinhsa kai ton NFS server), kai n' arxisoyme thn egkatastash. Otan 8a eisaste etoimoi na dialejete thn phgh twn arxeiwn egkatastashs, dialejte ton NFS server. 8a erwth8eite gia thn dieu8ynsh ip toy server. Dwste th dieu8ynsh poy balate ws IPADDR toy server. Epishs, 8a erwth8eite kai gia to directory to opoio 8a ginei mount. Ayto einai to directory poy gracate sto arxeio /etc/exports toy NFS server. Meta ap' ayta, o H/Y 8a kanei mount ton NFS server. Dwste prosoxh gia tyxon mhnumata la8oys. Mexris edw, logika einai ola swsta, kai mporeite na synexisete thn egkatastash. 11.6. Epilysh problhmatwn 11.6.1. Tipote edw akomh Den exw akomh yliko gia epilysh problhmatwn. Isws, oso oi anagnwstes xrhsimopoioun th diadikasia poy perigrafetai, na bre8oun perissotera boh8hmata kai ypodeijeis. 11.7. Pros energeia 11.7.1. Disketa DOS Dokimaste mia disketa DOS gia boh8htikh disketa. 11.7.2. Entoles rpc Dokimaste n' allajete seira sthn ektelesh twn entolwn rpc.* , kai ean xreiazetai na trejoyn merikes, h oles toys. 12. PC-NFS Den 8elete na trejete to PC-NFS. 8elete na trejete to samba. To samba einai polu kalutero apo to PC-NFS, kai doyleuei me ta Windows 3.xx for Workgroups, ka8ws kai me metagenesteres ekdoseis twn Windows. Einai epishs taxutero kai asfalestero. Xrhsimopoieiste to. Pragmatika!