A Linux Home

Sharing your home directory in Linux is a great leveraging of your network as all your configuration files - like netscape's bookmarks, all your email (assuming you are using the same email program on each computer), as well as your window manager customizations will follow you from computer to computer. Linux, and unix in general, uses a program call nfs (network file system) to accomplish this. nfs has some security holes, so we strongly recommend you do this behind a properly secured firewalled computer. The NFS Howto is a great resource which should be read thoroughly after this article.

UID: One of the ways that nfs keeps track of who has access to what is the UID - the user identification. UID is the third entry in the passwd file. Mine looks like this:

jpollman:IxmI/XXxxrg/Y:501:100:JC Pollman:/home/jpollman:/bin/bash

Where 501 is my UID.  The UID for a person has to be the same for that person on all machines that will be using nfs. You can either make the UID the same in the passwd files on all machines, or you could use NIS - which is beyond the scope of this article. If you change the UID, you will also have to chown all that person's files as well. This is all a pain in the butt, but you only have to do it once.

NFS on the server side: There are several programs you have to run, and your kernel has to be compiled with certain options.  We take all this one step at a time.

Your kernel: the kernel must have nfs compiled in it. Fortunately, most distributions have nfs compiled into the kernel. If you have to roll your own kernel, make sure you say YES to the following under Network File Systems:

NFS filesystem support
NFS server support

but NO to:
Root filesystem on NFS

Then compile and install your kernel as usual.

portmap: You must have the portmap program installed and running. It is usually installed by default. Check to see if it is running by typing:

ps ax|grep port [Enter]
Once you have started it, you can verify it is working by typing:
rpcinfo -p [Enter]
The portmap program uses /etc/host.allow and /etc/host.deny, so If rpcinfo -p fails, but your portmapper is running please examine those files.

nfsd and mount: You must also have the nfsd and mount programs installed on the server. The nfs programs are called knfsd for kernel 2.2, and nfs-server2.2 for earlier kernels.

exports: the /etc/exports is the file that determines which directories can be mounted by other computer. exports is just a text file with each line listing what can be mounted, by who, and with what permissions. Mine looks like this:

/home *.kulai.org(rw)
The first entry on a line is the directory, which in our case, allows all the home directories to be mounted. The second item on the line lists which computers can mount the directories, in our case we want to allow all computers in the kulai.org network to mount these directories. The third part of the line - in parentheses - gives the permissions. For more information on the file, do a: man 5 exports. After you have changed the exports file, you must restart nfsd and mountd so they will reread the exports file.

Final check: after you have modified and restarted everything, do a

rpcinfo -p [Enter]
and you should see something like this (you may show more than this if you have other services running, and the mountd port could be different);

     program vers proto   port
      100000    2   tcp    111  portmapper
      100000    2   udp    111  portmapper
      100005    1   udp    745  mountd
      100005    1   tcp    747  mountd
      100003    2   udp   2049  nfs
      100003    2   tcp   2049  nfs

NFS on the Client side: You must install the nfs client programs: mountd and portmap, as well as a kernel that supports nfs. Most distributions come with this setup up already.  With that done, and using master.kulai.org as the nfs server, as root, type this on the client machine:

mount -t nfs master.kulai.org:/home /mnt [Enter]
If everything is correct, you should be back at the prompt. Then, cd to /mnt and ls the directory to make sure all is well. If, instead of mounting the file system, mount produces a error message like mount:  master.kulai.org:/home failed, reason given by server: Permission denied, then the exports file is wrong, or you forgot to restart nfsd and mountd after editing the exports file.  If it says mount clntudp_create: RPC:  Program not registered - it means that nfsd or mountd is not running on the server.  Or you have the hosts.{allow,deny} problem mentioned earlier. To get rid of the the filesystem, type:
umount /mnt [Enter]
To automate all this, add this line to your client's /etc/fstab file - using your server's name instead of master.kulai.org:

master.kulai.org:/home   /home    nfs   rw  0  0

Interestingly, when you nfs mount /home from another computer, the /home on your hard drive "disappears": it is still there, but you can not get at it until you umount /home.

Now, after all this is working, I would suggest you reboot both your server and client machines. Many Linux gurus will be running for their guns when they read "reboot", but here is my reason: you have just made a significant amount of changes to your systems. By rebooting now, you can verify that everything is running perfectly, and if it is not, you still remember what you were doing. Otherwise, two months down the road when the power fails and you are having all sorts of problems getting your networking working again, you will not have full confidence that nfs is 100% straight and you will start playing with it without remembering all the stuff that went into it!