From the course: Red Hat Enterprise Linux 8 Essential Training

Provide network shares to specific clients

From the course: Red Hat Enterprise Linux 8 Essential Training

Start my 1-month free trial

Provide network shares to specific clients

- [Instructor] Before starting the following exercises, make sure you've watched the previous videos which installed and started the relevant services. Also make sure your name resolution for both hosts is working. Double check the etc host file on both VMs to make sure the names match the relevant IP addresses before proceeding. Lastly, make sure you're logged into your rhhost1 VM and have a terminal open. Let's start this exercise by creating a new directory to export, in a terminal type in sudo space mkdir space /home/usershare. Type in your password if prompted. Let's verify this using LS type in ls space -lZ space /home and hit Enter. We can see that our directory exists and the SElinux security context is home_root_T. This is because the root user created it in the /home directory. We will need to set a couple of SElinux booleans for the shares we want to create. Type in clear and then type in sudo space setsebool space - P space nfs_export_all_ro space on and hit Enter. Now bring your line back and change ro to rw and hit Enter again, now verify by typing in getsebool space -a space pipe space grep space nfs_export and hit Enter. We can see that both booleans are on now. Now let's add the NFS service to the firewall. Type in clear and then type in sudo space firewall -cmd space --permanent space --add-service space nfs and hit Enter. And now reload the firewall rules by typing sudo space firewall-cmd space --reload and hit Enter. Now we need to run the nfs service and set it to start on boot. If you did this earlier in the chapter it won't hurt to do it again now. Type in clear and then type in sudo space systemctl space start space nfs-server and hit Enter. Now make it persistent by bringing a line back and changing start to enable. And hit Enter again. If you're using nfs version three you will also want to start the rpcbind service we will only be using nfs version four in this course so we don't need to do this now. Now let's create our export, edit the etc exports file using VI. Type in clear and then type in sudo space vi space /etc/exports and hit Enter. Go into insert mode by pressing I and then add /home/usershare space rhhost2(rw) save this and exit by pressing Escape colon x exclamation mark and hitting Enter. Now export the entry by typing in sudo space exportfs space - avr and hit Enter. If it worked we should see the results in the output. Now let's verify by looking at the etab file. Type in cat space /var/li/nfs/etab and hit Enter. Here we can see the export with all the options in the defaults. In the case of /home/usershare we see that it's read write and it is squashing root by not of the users. We can see it's squashing the root user to the user ID of 65,534. We can see what (mumbles) is by grabbing the etc password file. Type in grep space 65534 space /etc/passwd and hit Enter. We can see that it's the nfsnobody account. The last thing we need to be aware of is the ownership of the exported directory. Nfs passes standard units permissions to the client. So if the user doesn't have right permissions on the nfs server, then they won't on the client either. Let's change the ownership of this /home/usershare directory to be owned by user one. Type in sudo space chown space user1:user1 space /home/usershare and hit Enter. And verify with ls type in ls space -ld /home/usershare and hit Enter.

Contents