Configuring NFS
Setting up NFS share points is similar to setting up AFP and SMB share points.
1 On your Mac OS X computer in Server Admin, click the File Sharing button in the
toolbar, and then click the Volumes button, followed by the Browse button. Navigate
to and select the Shared Items folder.
2 Click the New Folder button in the upper-right corner of Server Admin to create a
folder inside Shared Items called NFS Services. Click Save.
You can create share points using Server Admin without actually going to your server
computer.
3 Click the Refresh button if necessary, and then select the NFS Services folder from the
list. Click the Share button, and then click Save.
276 Using File Services
4 In the Share Point pane at the bottom of the window, click the Protocol Options
button, and disable AFP, SMB, and FTP services for this folder.
5 In the Protocol Options dialog, click NFS.
6 Select “Export this item and its contents to and leave World chosen from the
pop-up menu.
This setting allows any computer (unless blocked by a firewall) access to this NFS
share, regardless of its IP address.
Configuring NFS 277
7 Set the Mapping pop-up menu to “Root to Nobody.
This setting blocks users from using the root user account (UID=0) to get unlimited
access to the file on the share point. Anyone using a root user account will be treated
the same as the nobody, or guest, user on the server.
8 Select the “Read only” option.
Because of the security deficiencies with NFS, many people choose to only offer file
services via NFS in a read-only manner.
9 Click OK to dismiss the Protocol Options dialog.
10 Click Save.
Starting the NFS Service
In Mac OS X Server v10.4 and earlier, the NFS service would start automatically, but only
after share points were configured to use NFS. Starting in Mac OS X Server v10.5, you
start the NFS service in the same manner as other services.
1 In Server Admin, select the NFS service in the left column.
278 Using File Services
2 Click the Start NFS button at the bottom.
The NFS service Settings pane contains only a few options, which can safely be left at their
defaults for basic NFS file servers.
Connecting to an NFS Share
NFS has one major difference over other file-sharing protocols that comes up when you
mount an NFS share from your client computer. With most sharing protocols, you connect
to the share point without knowing where it is on the file server’s file system. With NFS, you
must specify the full path of the share point as it exists on the server. Also unlike other pro-
tocols, you won’t be given a list of share points to choose from. If you need to know what
shares exist on a server, you can type
showmount -e nfs.server.name in a Terminal window.
1 In the Finder on your Mac OS X computer, choose Go > Connect to Server.
Configuring NFS 279
2 Type in this URL: nfs://server17.pretendco.com:/Shared Items/NFS Services.
3 Click Connect.
A new Finder window will appear. Note that you were not prompted for any user name or
password. Also note the no-writing icon in the corner of the Finder window; it is shown
because the volume is read-only, as you configured it to be earlier. Depending on your use
of NFS, you may have a read-write NFS share, or you may limit NFS to read-only but also
share the same folder using another protocol for any write actions.
Setting Other NFS Share Options
Usually for NFS you don’t want to export (share) the folder to the entire world, but rather
restrict it to a certain subnet or list of IP addresses.
1 In Server Admin, click the name of your server on the left, followed by the File
Sharing button in the toolbar.
2 Click the Share Points button just below the toolbar.
3 Click the NFS Services share point.
4 Click the Protocol Options button.
5 Click the NFS tab.
6 Change the pop-up menu from World to Subnet.
7 Enter a Subnet address of 10.1.0.0.
280 Using File Services

Get Apple Training Series Mac OS X Server Essentials, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.