1NFS.SYSTEMD(7) Miscellaneous Information Manual NFS.SYSTEMD(7)
2
3
4
6 nfs.systemd - managing NFS services through systemd.
7
9 nfs-utils.service
10 nfs-server.service
11 nfs-client.target
12 etc
13
15 The nfs-utils package provides a suite of systemd unit files which
16 allow the various services to be started and managed. These unit files
17 ensure that the services are started in the correct order, and the pre‐
18 requisites are active before dependant services start. As there are
19 quite few unit files, it is not immediately obvious how best to
20 achieve certain results. The following subsections attempt to cover
21 the issues that are most likely to come up.
22
23 Configuration
24 The standard systemd unit files do not provide any easy way to pass any
25 command line arguments to daemons so as to configure their behavior.
26 In many case such configuration can be performed by making changes to
27 /etc/nfs.conf or other configuration files. When that is not conve‐
28 nient, a distribution might provide systemd "drop-in" files which
29 replace the ExecStart= setting to start the program with different
30 arguments. For example a drop-in file systemd/system/nfs-mountd.ser‐
31 vice.d/local.conf containing
32 [Service]
33 EnvironmentFile=/etc/sysconfig/nfs
34 ExecStart=
35 ExecStart= /usr/sbin/rpc.mountd $RPCMOUNTDOPTS
36 would cause the nfs-mountd.service unit to run the rpc.mountd program
37 using, for arguments, the value given for RPCMOUNTDOPTS in /etc/syscon‐
38 fig/nfs. This allows for seamless integration with existing configura‐
39 tion tools.
40
41 Enabling unit files
42 There are three unit files which are designed to be manually enabled.
43 All others are automatically run as required. The three are:
44
45 nfs-client.target
46 This should be enabled on any host which ever serves as an NFS
47 client. There is little cost in transparently enabling it when‐
48 ever NFS client software is installed.
49
50 nfs-server.service
51 This must be enabled to provide NFS service to clients. It
52 starts and configures the required daemons in the required
53 order.
54
55 nfs-blkmap.service
56 The blkmapd daemon is only required on NFS clients which are
57 using pNFS (parallel NFS), and particularly using the blocklay‐
58 out layout protocol. If you might use this particular extension
59 to NFS, the nfs-blkmap.service unit should be enabled.
60
61 Several other units which might be considered to be optional, such as
62 rpc-gssd.service are careful to only start if the required configura‐
63 tion file exists. rpc-gssd.service will not start if the krb5.keytab
64 file does not exist (typically in /etc).
65
66 Restarting NFS services
67 Most NFS daemons can be restarted at any time. They will reload any
68 state that they need, and continue servicing requests. This is rarely
69 necessary though.
70
71 When configuration changesare make, it can be hard to know exactly
72 which services need to be restarted to ensure that the configuration
73 takes effect. The simplest approach, which is often the best, is to
74 restart everything. To help with this, the nfs-utils.service unit is
75 provided. It declares appropriate dependencies with other unit files
76 so that
77 systemctl restart nfs-utils
78 will restart all NFS daemons that are running. This will cause all
79 configuration changes to take effect except for changes to mount
80 options lists in /etc/fstab or /etc/nfsmount.conf. Mount options can
81 only be changed by unmounting and remounting filesystem. This can be a
82 disruptive operation so it should only be done when the value justifies
83 the cost. The command
84 umount -a -t nfs; mount -a -t nfs
85 should unmount and remount all NFS filesystems.
86
87 Masking unwanted services
88 Rarely there may be a desire to prohibit some services from running
89 even though there are normally part of a working NFS system. This may
90 be needed to reduce system load to an absolute minimum, or to reduce
91 attack surface by not running daemons that are not absolutely required.
92
93 Three particular services which this can apply to are rpcbind, idmapd,
94 and rpc-gssd. rpcbind is not part of the nfs-utils package, but it
95 used by several NFS services. However it is not needed when only NFSv4
96 is in use. If a site will never use NFSv3 (or NFSv2) and does not want
97 rpcbind to be running, the correct approach is to run
98 systemctl mask rpcbind
99 This will disable rpcbind, and the various NFS services which depend on
100 it (and are only needed for NFSv3) will refuse to start, without inter‐
101 fering with the operation of NFSv4 services. In particular, rpc.statd
102 will not run when rpcbind is masked.
103
104 idmapd is only needed for NFSv4, and even then is not needed when the
105 client and server agree to use user-ids rather than user-names to iden‐
106 tify the owners of files. If idmapd is not needed and not wanted, it
107 can be masked with
108 systemctl mask idmapd
109 rpc-gssd is assumed to be needed if the krb5.keytab file is present.
110 If a site needs this file present but does not want rpc-gssd running,
111 it can be masked with
112 systemctl mask rpc-gssd
113
115 /etc/nfs.conf
116 /etc/nfsmount.conf
117 /etc/idmapd.conf
118
120 systemd.unit(5), nfs.conf(5), nfsmount.conf(5).
121
122
123
124 NFS.SYSTEMD(7)