waldek
/
linux_course_doc
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity
linux_course_doc/modules/qualifying/learning_centralized_accoun...

3.4 KiB
Raw Blame History

Centralized account management

Up until now most of the services and servers we installed did not need a lot of user accounts to be shared acrossed devices. Once we venture into NFS it will become quite essential to have some sort of shared database to manage users and permissions. We'll dive into this from the bottom up so let's create a problem first!

The problem

To create the problem you'll need at least three virtual machines. They can be as minimal as you want but I would advise to install one with the tools you like, such as vim-nox, htop, zsh etc and make clones from that one. We don't need a graphical environment for this exercise. Put the hostnames as follows:

  • nas for the NFS server
  • client1 for the first client
  • client2 for the second client

The server

Let's install an NFS server on the VM. This is very easy to do on Debian. The command below is enough have an NFS server up and running.

➜  ~ sudo apt install nfs-kernel-server
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
nfs-kernel-server is already the newest version (1:1.3.4-6).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
➜  ~

But we need to define which folders are shared on the network. I created a folder /home/shared for all shared files and folders and chown it to my main user.

➜  ~ ls -l /home 
total 8
drwxr-xr-x 2 waldek waldek 4096 Sep 15 16:21 shared
drwxr-xr-x 4 waldek waldek 4096 Sep 15 16:33 waldek
➜  ~ touch /home/shared/hello
➜  ~ cat /etc/exports                     
# /etc/exports: the access control list for filesystems which may be exported
#		to NFS clients.  See exports(5).
#
# Example for NFSv2 and NFSv3:
# /srv/homes       hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
#
# Example for NFSv4:
# /srv/nfs4        gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
# /srv/nfs4/homes  gss/krb5i(rw,sync,no_subtree_check)
#
/home/shared       192.168.122.0/24(rw,sync,no_subtree_check)
➜  ~ sudo exportfs -ar                    
➜  ~

The first client

On the client we need to mount the network share. This is done with mount -t nfs and a source and destination. Let's observe the out of the box behavior.

➜  ~ mkdir -p media/nfs                                      
➜  ~ sudo mount -t nfs 192.168.122.100:/home/shared media/nfs
mount: /home/waldek/media/nfs: bad option; for several filesystems (e.g. nfs, cifs) you might need a /sbin/mount.<type> helper program.
➜  ~

The command is correct but we're missing the helper program to mount NFS shares. This can be installed with the nfs-common package.

➜  ~ sudo apt install nfs-common                             
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
nfs-common is already the newest version (1:1.3.4-6).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
➜  ~ sudo mount -t nfs 192.168.122.100:/home/shared media/nfs
➜  ~ ls -l media/nfs 
total 0
-rw-r--r-- 1 waldek waldek 0 Sep 15 16:21 hello

Wonderful! We can now copy files to this network share from all connected clients. Now do the same for the second client. It should all work as expected, nothing weird here. But what happens when we add more users?

Creating the conflict