Sunday, March 17, 2013

Solaris 10: zfs and nfs shares

By default, the root user on a client machine has restricted access to an NFS-mounted share.




Here's how to grant full access to local root users to NFS mounts:



zfs set sharenfs=rw=@192.168.1.0/24,root=@192.168.1.0/24 space



This gives full access for root users on any machine in the 192.168.1.0/24 subnet to the zfs dataset "space".





serverB# zfs list

NAME USED AVAIL REFER MOUNTPOINT

app 284G 157G 18K none

app/iwstoreAPAC 51.8G 48.2G 51.8G /opt/app/data/iw-store/APAC

app/iwstoreAmericas 27.6G 22.4G 27.6G /opt/app/data/iw-store/Americas

app/iwstoreEMEA 192G 57.6G 192G /opt/app/data/iw-store/EMEA

app/optapp 12.3G 87.7G 12.3G /opt/app



for set of network

zfs set sharenfs=rw=@153.88.177.0/24,root=@153.88.177.0/24 app/iwstoreAPAC

zfs set sharenfs=rw=@153.88.177.0/24,root=@153.88.177.0/24 app/iwstoreAmericas

zfs set sharenfs=rw=@153.88.177.0/24,root=@153.88.177.0/24 app/iwstoreEMEA





or for specific ips

zfs set sharenfs=rw=153.88.177.59,root=153.88.177.59 app/iwstoreAPAC

zfs set sharenfs=rw=153.88.177.59,root=153.88.177.59 app/iwstoreAmericas

zfs set sharenfs=rw=153.88.177.59,root=153.88.177.59 app/iwstoreEMEA





On serverA

mkdir /serverB_APAC

mkdir /serverB_Americas

mkdir /serverB_EMEA





serverA# dfshares serverB

RESOURCE SERVER ACCESS TRANSPORT

serverB:/opt/app/data/iw-store/Americas serverB - -

serverB:/iwserver serverB - -

serverB:/opt/app/data/iw-store/EMEA serverB - -

serverB:/opt/app/data/iw-store/APAC serverB - -

serverA# mount serverB:/opt/app/data/iw-store/Americas /serverB_Americas

serverA# mount serverB:/opt/app/data/iw-store/EMEA /serverB_EMEA

serverA# df -k