Difference between revisions of "NAD710 Lab 6"

From CDOT Wiki
Jump to: navigation, search
(Hareware Requirements)
(Using the ro and no_root_squash export option)
Line 117: Line 117:
 
* On the HOST, re-mount the exported directory.
 
* On the HOST, re-mount the exported directory.
 
* While running the root shell, run the following command:
 
* While running the root shell, run the following command:
   [root@localhost root]# cp /etc/host /nfs-mnt/host-ro.root
+
   [root@localhost root]# cp /etc/hosts /nfs-mnt/host-ro.root
 
* check and record the result for later use.
 
* check and record the result for later use.
  

Revision as of 17:07, 3 November 2008

NAD710 - Introduction to Networks - Using Linux

Objective

  • setup a network share on an NFS server using the ro, rw, root_squash, and no_root_squash export options.
  • Investigate the file ownership for files that are created on NFS server by users on NFS cleint machines

Background Information

Network file system (NFS) allows users to access files on remote hosts in exactly the same way as accessing local files. It was originally developed by Sun Microsystem and the implementation on Linux is largely by Rick Sladkey.

Procedure

Hardware Requirements

You need two Linux computers for this lab. One system as an NFS server and the other as an NFS client. We are going to refer the NFS server machine as SERVER and the NFS client machine as HOST.

NFS Server Setup

  • Boot up the server machine. If you are doing this lab in T2107, please boot to Fedora Core 8.
  • Login to the SERVER as a regular user (joker if you are working in lab T2107).
  • Open a terminal window and switch to super user with the command "su -"
  • Enter the command
    rpcinfo -p
  • Study the output, especially the first few output lines. You should see a few lines that ended with the word "portmapper". If you did not see such lines, or you got something like "rpcinfo: can't contact portmapper: ...", then "portmapper" is not running. Try the command "service portmap start" and run the "rpcinfo -p" command again.
  • Once you have portmapper running, start the NFS server with the command "service nfs start".
  • Run the "rpcinfo -p" command again, compare the output with the output of the previous command and note the difference. You should see lines ended with nfs, nlockmgr, mountd, etc.
  • Create a directory called "/nfs-pub" and set the read/write/list premission for all (chmod 777).
  • Set the sticky bit on the directory "/nfs-pub" (chmod +t /nfs-pub).
  • Modify the /etc/exports file and add the following line to it, but replace the place holder "ip-of-host" with your HOST's actual IP address.
 /nfs-pub  ip-of-host(rw,root_squash)
  • Run the command "exportfs -a" to tell your NFS server to re-read the configuration file (/etc/exports) and take appropriate actions, i.e. share the directory "/nfs-pub" to the machine specified.
  • Enter the command "showmount -e". Read the man page to learn more about the "showmount" command.
  • Create two new users with the following commands:
 [root@localhost root]# useradd -u 5001 -m joker-s
 [root@localhost root]# passwd joker-s
 Changing password for user joker-s.
 New password:
 ...
 [root@localhost root]# useradd -u 5710 -m nad710
 [root@localhost root]# passwd nad710
 Changing password for user nad710.
 New password:
 ...
  • Type "exit" to leave the super user shell and switch back to the regular user shell.
  • Logout and login as joker-s, open a terminal window.
  • Enter the command "id" to display the current user id, group id, and user name. Record this information for later use.
  • Copy the file /etc/passwd into the directory "/nfs-pub" as passwd.joker-s:
 [joker@localhost joker]$ cp /etc/passwd /nfs-pub/passwd.joker-s
  • Run the command "ls -l" and "ls -l -n" and record the outputs.

NFS Client Setup

  • Boot up another Linux machine. If you are doing this lab in T2107, please boot to Fedora Core 8.
  • Login to the HOST as a regular user (joker if you are working in lab T2107).
  • Open a terminal window and swith to super user with the command "su -"
  • Enter the command
    rpcinfo -p
  • If the portmapper is running, you can turn off with the command "service portmap stop".
  • On the NFS client machine, you need the NFS virtual file system driver in order to be able to access exported directory on the NFS server. Most Linux system compiled the NFS file system driver as a Loadable Kernel module. Try the following command to check whether the NFS file system module has been installed:
 [root@localhost root]# cat /proc/filesystems | grep nfs
  • If the command produces no output, use the following command to load the nfs module:
 [root@localhost root]# modprobe nfs
  • Try the "modinfo" command on nfs to display some information about the nfs module.
  • Create a mount point "/nfs-mnt" for attaching the NFS exported directory to the HOST's local file system.
  • Use the following mount command to attache NFS server's /nfs-pub directory (remote directory) to the mount point on the NFS Client (HOST):
 [root@localhost root]# mount -t nfs ip-of-SERVER:/nfs-pub /nfs-mnt
  • Use the command "df" and "mount" to check the NFS mounted directory. Record and compare the output of the "df" and "mount" commands.

The ownership of new files created on NFS share

  • While you are still running the root shell on the NFS client machine (HOST), execute the following file copy command:
 [root@localhost root]# cp /etc/passwd /nfs-mnt/passwd.c-root
  • Use the "ls -l /nfs-mnt" and "ls -ln /nfs-mnt" command to verify that the file was created successfully.
  • Create two new users with the following commands:
 [root@localhost root]# useradd -u 5001 -m joker-c
 [root@localhost root]# passwd joker-c
 Changing password for user joker-c.
 New password:
 ...
 [root@localhost root]# useradd -u 5710 -m nad710
 [root@localhost root]# passwd nad710
 Changing password for user nad710.
 New password:
 ...
  • Type "exit" to leave the super user shell and switch back to the regular user shell.
  • Logout and login as joker-c, open a terminal window.
  • Enter the command "id" to display the current user id, group id, and user name. Record this information for later use.
  • Copy the file /etc/passwd into the NFS directory "/nfs-mnt" as passwd.joker-c:
 [joker@localhost joker]$ cp /etc/passwd /nfs-mnt/passwd.joker-c
  • Run the command "ls -l /nfs-mnt" and "ls -l -n /nfs-mnt" to verify that the file was created successfully.
  • Logout and login as nad710, open a terminal window.
  • Enter the command "id" to display the current user id, group id, and user name. Record this information for later use.
  • Copy the file /etc/passwd into the NFS directory "/nfs-mnt" as passwd.nad710:
 [joker@localhost joker]$ cp /etc/passwd /nfs-mnt/passwd.nad710
  • Run the command "ls -l /nfs-mnt" and "ls -l -n /nfs-mnt" to verify that the file was created successfully.

Compare the directory listing of the exported (share) directory on SERVER and HOST

  • On the SERVER machine, login as a regular user, open a terminal window and run the following command to do a directory listing on /nfs-pub:
 [poker@localhost poker]# ls -l /nfs-pub
  • On the HOST machine, login as a regular user, open a terminal window and run the following command to do a directory listing on /nfs-mnt:
 [poker@localhost poker]# ls -l /nfs-mnt
  • Compare the two directory listings, we do expect them to be exactly the same. Do they? Why?

Using the no_root_squash export option

  • Make sure that no process on the HOST (NFS client) machineis accessing the directory /nfs-mnt.
  • umount (detach) the NFS exported directory (nfs-server:/nfs-pub) as root with the following command:
 [root@localhost root]# umount /nfs-mnt
  • On the SERVER (NFS SERVER) machine, change the export option "root_squash" in the /etc/exports file to "no_root_squash" (but keeping the rw option)and re-export the directory.
  • On the HOST, re-mount the exported directory.
  • While running the root shell, run the following command:
 [root@localhost root]# cp /etc/group /nfs-mnt/group-nrs.root
  • check and record the result for later use.

Using the ro and no_root_squash export option

  • Make sure that no process on the HOST (NFS client) machineis accessing the directory /nfs-mnt.
  • umount (detach) the NFS exported directory (nfs-server:/nfs-pub) as root with the following command:
 [root@localhost root]# umount /nfs-mnt
  • On the SERVER (NFS SERVER) machine, change the export option "rw" in the /etc/exports file to "ro" (but keeping the no_root_squash option) and re-export the directory.
  • On the HOST, re-mount the exported directory.
  • While running the root shell, run the following command:
 [root@localhost root]# cp /etc/hosts /nfs-mnt/host-ro.root
  • check and record the result for later use.

Questions

Based on the information collected, answer the following questions:

  1. What does the "rpcinfo -p" command do?
  2. What information is stored in the /etc/exports file?
  3. What information is provided by the "showmount -e" command?
  4. What is the location (path name) of the Loadable Kernel Module of the NFS file system driver?
  5. Who is the owner of the files /nfs-mnt/passwd.c-root and /nfs-pub/passwd.c-root? Are the same owner? If not, why not?
  6. Who is the owner of the files /nfs-mnt/passwd.joker-s and /nfs-pub/passwd.joker-s?
  7. Who is the owner of the files /nfs-mnt/passwd.joker-c and /nfs-pub/passwd.joker-c?
  8. Who is the owner of the files /nfs-mnt/passwd.nad710 and /nfs-pub/passwd.nad710?
  9. Who is the owner of the files /nfs-mnt/group-nrs.root and /nfs-pub/group.nrs.root
  10. Did the file /nfs-mnt/hosts-ro.root being created? If not, why not?

Completing this Lab

  • Email your answers to your professor by the due date.