How to Set Up Nfs Server and Client on Debian 12

NFS(Network File System) is a distributed file system protocol that allows a user on a client computer to access files over a computer network much like local storage is accessed. It is a popular, cross-platform and distributed file system protocol used to export local file systems over the network so that clients can share directories and files with others over a network and interact with them as though they are mounted locally. This distributed file system protocol allows a user on a client computer to access files over a network in the same way they would access a local storage file. Because it is an open standard, anyone can implement the protocol.

Debian 12 supports NFS version 3(NFSv3) and 4(NFSv4). The default NFS version is 4.2 which features support for Access Control Lists (ACLs), server-side copy, sparse files, space reservation, labeled NFS, layout enhancements, and much more.

In this guide, we will learn how to install and configure the NFS Server and NFS client on Debian 12.

Related posts:

Prerequisites:

  • Updated Debian 12 Server to be used as the server and another one for the client
  • Connectivity from the servers
  • Sudo access from the servers

Ensuring that the server is up to date

Before proceeding, let us ensure that the server is up to date. Use this command to achieve this:

1
2
sudo apt update
sudo apt upgrade -y

Install the NFS packages

The package nfs-kernel-server provides NFS services for Debian. The NFS server package provides user-space support needed to run the NFS kernel server. To install the package, run:

1
sudo apt install -y nfs-kernel-server

On Debian 12, NFS version 2 is disabled. Versions 3 and 4 are enabled. Verify the installed version using this command:

1
2
3
$ sudo cat /proc/fs/nfsd/versions

-2 +3 +4 +4.1 +4.2

Starting and enabling the NFS server

Once the NFS packages is installed successfully, the NFS server will be started. Confirm the status of the service with this command:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
$ sudo systemctl status nfs-server

● nfs-server.service - NFS server and services
     Loaded: loaded (/lib/systemd/system/nfs-server.service; enabled; preset: enabled)
     Active: active (exited) since Tue 2023-08-15 20:15:51 UTC; 1min 17s ago
   Main PID: 107154 (code=exited, status=0/SUCCESS)
        CPU: 21ms

Aug 15 20:15:50 fidle-etest0.c.upvest-fiddle.internal systemd[1]: Starting nfs-server.service - NFS server and services...
Aug 15 20:15:50 fidle-etest0.c.upvest-fiddle.internal exportfs[107153]: exportfs: can't open /etc/exports for reading
Aug 15 20:15:51 fidle-etest0.c.upvest-fiddle.internal systemd[1]: Finished nfs-server.service - NFS server and services.

The above output shows that the service was started successfully. To enable the service to start at system boot, use this command:

1
sudo systemctl enable nfs-server

Please note that the other services that are required for running an NFS server or mounting NFS shares such as nfsd, nfs-idmapd, rpcbind, rpc.mountd, lockd, rpc.statd, rpc.rquotad and rpc.idmapd will be started automatically.

Enabling the NFS Service in Firewall

If you are installing NFS Server on a remote Debian server that is protected by a firewall , you will need to enable traffic on the NFS port:

1
sudo ufw allow nfs

Verify the change:

1
sudo ufw status

Configuring exports on NFS server

NFS server configuration is defined in /etc/default/nfs-kernel-server and /etc/default/nfs-common files. The default settings are sufficient for most situations.

Let us create file systems to export or share on the NFS server. We will create two file systems to stare, /mnt/nfs_shares/files for shared files and /mnt/nfs_shares/backup for backups.

Let us create the directories in the server

1
2
sudo mkdir -p /mnt/nfs_shares/files
sudo mkdir -p /mnt/nfs_shares/backup

Since you’re creating it with sudo, the directory is owned by the host’s root user:

1
2
3
4
$ ls -dl /mnt/nfs_shares

drwxr-xr-x 3 root root 4096 Aug 22 09:07 /mnt/nfs_shares/files
drwxr-xr-x 3 root root 4096 Aug 22 09:07 /mnt/nfs_shares/backup

NFS will translate any root operations on the client to the nobody:nogroup credentials as a security measure. Therefore, you need to change the directory ownership to match those credentials.

1
sudo chown -R nobody:nogroup /mnt/nfs_shares

Then add the above filesystems in the exports file /etc/exports in the NFS server to determine the local file systems that are exported to the NFS clients.

The file has comments showing the general structure of each configuration line. The syntax is as follows:

1
directory_to_share    client(share_option1,...,share_optionN)

Open the exports file with your text editor

1
sudo vim /etc/exports

Then add this content:

1
2
/mnt/nfs_shares/files  	10.70.5.170(rw,sync)
/mnt/nfs_shares/backup  10.70.5.0/24(rw,sync,no_all_squash,root_squash)

You’ll need to create a line for each of the directories that you plan to share. Be sure to change the client_ip placeholder shown here to your actual IP address:

1
/mnt/nfs_shares/backup      client_ip(rw,sync,no_subtree_check)

These are the export options that can be used:

  • rw allows both read and write access on the file system.
  • sync tells the NFS server to write operations (writing information to the disk) when requested (applies by default).
  • all_squash maps all UIDs and GIDs from client requests to the anonymous user.
  • no_all_squash used to map all UIDs and GIDs from client requests to identical UIDs and GIDs on the NFS server.
  • root_squash maps requests from root user or UID/GID 0 from the client to the anonymous UID/GID.

Once the file systems are defined in the exports file, we need to run the exportfs command for them to be exported. The exportfs can be run with the -a flag meaning export or unexport all directories, -r meaning reexport all directories, synchronizing /var/lib/nfs/etab with /etc/exports and files under /etc/exports.d, and -v enables verbose output.

1
sudo exportfs -arv

This is the output on my server

1
2
3
$ sudo exportfs -arv
exporting 10.70.5.170:/mnt/nfs_shares/files
exporting 10.70.5.0/24:/mnt/nfs_shares/backup

To display the current export list, run the following command. Please note that the exportfs table also applies some default options that are not explicitly defined:

1
2
3
$ sudo exportfs -s
/mnt/nfs_shares/files  10.70.5.170(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,root_squash,no_all_squash)
/mnt/nfs_shares/backup  10.70.5.0/24(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,root_squash,no_all_squash)

Setting up NFS Client systems

Now that we have configured the exports on the server, we can access them from the client system. Login to the client system and install the necessary packages to allow NFS shares to be accessed.

On RHEL based systems:

1
sudo dnf install -y nfs-utils nfs4-acl-tools

On Debian/Ubuntu based distros:

1
sudo apt install nfs-common nfs4-acl-tools

We can then run the showmount command to show mount information for the NFS Server. The command outputs exported filesystems on the server

1
showmount -e 10.70.5.221

Output

1
2
3
4
$ showmount -e 10.70.5.221
Export list for 10.70.5.221:
/mnt/nfs_shares/backup 10.70.5.0/24
/mnt/nfs_shares/files  10.70.5.170

Create a local file system directory for mounting the remote NFS file systems and mount it as an nfs file system

1
2
3
4
mkdir -p ~/backups
mkdir -p ~/nfs_files
sudo mount -t nfs 10.70.5.221:/mnt/nfs_shares/backup ~/backups
sudo mount -t nfs 10.70.5.221:/mnt/nfs_shares/files ~/nfs_files

We can then confirm that the remote file system has been mounted by running the mount command and filter nfs mounts.

1
sudo mount | grep nfs

Output on my machine

1
2
3
4
$ sudo mount | grep nfs
rpc_pipefs on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
10.70.5.221:/mnt/nfs_shares/backup on /home/ubuntu/backups type nfs4 (rw,relatime,vers=4.2,rsize=524288,wsize=524288,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=10.70.5.170,local_lock=none,addr=10.70.5.221)
10.70.5.221:/mnt/nfs_shares/files on /home/ubuntu/nfs_files type nfs4 (rw,relatime,vers=4.2,rsize=524288,wsize=524288,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=10.70.5.170,local_lock=none,addr=10.70.5.221)>

To enable the mount to persistent even after a system reboot, add the entries to the /etc/fstab file. Use these commands(as root) to achieve that:

1
2
echo "10.70.5.221:/mnt/nfs_shares/backup    /home/ubuntu/backups  nfs       defaults 0 0" >> /etc/fstab
echo "10.70.5.221:/mnt/nfs_shares/files     /home/ubuntu/nfs_files  nfs     defaults 0 0" >> /etc/fstab

Lastly, test if NFS setup is working fine by creating a file on the server and check if the file can be seen in the client.

On the server:

1
sudo touch /mnt/nfs_shares/files/file_on_server.txt

Then on the client machine confirm

1
2
$ ls ~/nfs_files/
file_on_server.txt

You can also do the reverse. On the client:

1
touch ~/nfs_files/file_on_client.txt

Then on the server confirm:

1
2
$ ls /mnt/nfs_shares/files/
file_on_client.txt  file_on_server.txt

To unmount the remote file system on the client-side.

1
2
sudo umount /mnt/nfs_shares/files
sudo umount /mnt/nfs_shares/backup

Please note that you can not unmount the remote file system if you are operating within it.

Conclusion

In this guide we managed to install and configure an NFS server and client on Debian 12.

comments powered by Disqus
Built with Hugo
Theme Stack designed by Jimmy