Professional Documents
Culture Documents
System Specification:
We are using two Red Hat Enterprise Linux (RHEL) 7 servers. One as the NFS Server as
well as Identity Management Server and the other as the NFS Client.
Identity Management Server ipaserver.example.com
Kerberized NFS Server ipaserver.example.com
Kerberized NFS Client client2.example.com
Note: we are configuring our same FreeIPA server as the Kerberized NFS Server.
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
nfs-utils x86_64 1:1.3.0-0.el7 localyum 357 k
Installing for dependencies:
keyutils x86_64 1.5.8-3.el7 localyum 54 k
libevent x86_64 2.0.21-4.el7 localyum 214 k
libnfsidmap x86_64 0.25-9.el7 localyum 45 k
libtirpc x86_64 0.2.4-0.3.el7 localyum 85 k
rpcbind x86_64 0.2.0-23.el7 localyum 55 k
Transaction Summary
================================================================================
Install 1 Package (+5 Dependent packages)
Installed:
nfs-utils.x86_64 1:1.3.0-0.el7
Dependency Installed:
keyutils.x86_64 0:1.5.8-3.el7 libevent.x86_64 0:2.0.21-4.el7
libnfsidmap.x86_64 0:0.25-9.el7 libtirpc.x86_64 0:0.2.4-0.3.el7
rpcbind.x86_64 0:0.2.0-23.el7
Complete!
[root@client2 ~]#
Create a directory, to mount the shared directory from ipaserver.example.com .
[root@client2 ~]# mkdir /mnt/nfsshare
Check the shared directories from ipaserver.example.com .
[root@client2 ~]# showmount -e ipaserver.example.com
Export list for ipaserver.example.com:
/nfsshare client2.example.com
[root@client2 ~]#
Start and enable the nfs-secure service.
[root@client2 ~]# systemctl start nfs-secure ; systemctl enable nfs-secure
ln -s '/usr/lib/systemd/system/nfs-secure.service'
'/etc/systemd/system/nfs.target.wants/nfs-secure.service'
Persistently mount this shared directory by adding following entry in /etc/fstab .
[root@client2 ~]# echo 'ipaserver.example.com:/nfsshare /mnt/nfsshare nfs
sec=krb5p,_netdev 0 0' >> /etc/fstab
[root@client2 ~]# mount -a
[root@client2 ~]#
Check the status of mounted directory.
[root@client2 ~]# mount | grep nfs
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
ipaserver.example.com:/nfsshare on /mnt/nfsshare type nfs4
(rw,relatime,vers=4.0,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=60
0,retrans=2,sec=krb5p,clientaddr=192.168.116.202,local_lock=none,addr=192.168.116.200,_ne
tdev)
Create a file in this shared directory, to verify the file permissions.
[root@client2 ~]# cd /mnt/nfsshare/
[root@client2 nfsshare]# touch test1
[root@client2 nfsshare]# ls -al
total 0
drwxrwxr-x. 2 root nfsnobody 18 Jul 31 07:32 .
drwxr-xr-x. 4 root root 31 Jul 31 07:23 ..
-rw-r--r--. 1 nfsnobody nfsnobody 0 Jul 31 07:32 test1
[root@client2 nfsshare]#
We have successfully configured our Kerberized NFS Server.