Owl currently does not officially support NFS - it does not include the corresponding userland tools such as a Sun RPC portmapper. However, recent Owl kernels are built with the required kernel modules enabled, which you may load and use at your own risk - provided that you install the userland tools from elsewhere (such as from CentOS).
Non-Owl package: portmap-4.0-63 from CentOS 4.
chkconfig portmap on
serverhostnamehere:/export /mnt/export nfs noauto,ro,intr,rsize=8192 0 0
To mount the remote filesystem:
Note that even though the
-l option (that's lowercase letter L) tells portmapper to listen on localhost only, it may nevertheless be attacked from directly connected systems (such as from those on the same Ethernet segments with the NFS client machine) via “properly” spoofed packets. Also, the kernel listens on some UDP ports (that it uses to talk to the NFS server). Thus, you may want to apply some iptables filtering, such as by network interface and/or using a default-deny policy.
kernel-2.6.18-274.18.1.el5.028stab098.1.owl1 (from Owl-current, not 3.0-stable) or newer.
Non-Owl packages: portmap-4.0-63 and nfs-utils-1.0.6-93.EL4 from CentOS 4.
#RPCMOUNTDOPTS="-d all" #RPCNFSDCOUNT="8 -p 999" RQUOTAD=no MOUNTD_NFS_V2=no
nfsd /proc/fs/nfsd nfsd noauto 0 0
(The specified client host name should be in
modprobe nfsd mount /proc/fs/nfsd service nfs start
(The order of these
rc.local lines/actions is important!)
Don't forget to setup iptables rules to restrict access to the NFS service and RPC services ports - possibly by network interface if the machine has multiple NICs. While ports 2049 and 111 are fixed, ports of the individual RPC services may change, so you either need a default-deny policy at least on non-trusted interfaces or you need to pass additional options to force the use of fixed port numbers.