Skip to content

Feature: NFS Server

Dominik Perpeet edited this page Jan 9, 2017 · 33 revisions



Phillip J Fry is a junior sysadmin. He's been tasked with setting up file shares on one of his employers server, so the people working at the office can share files between each other. They have three departments. Engineering, Sales and Support. Each of those needs a separate share to write to, but everyone in the company needs to be able to read all files from all shares. They will also need a company-wide share that everyone has read access to. They are running a domain server where all accounts are stored centrally.

Every once i a while they have customers and consultants visiting the company office, and connecting to their network, so Phillip wants to make sure only the employees have access to the file shares.

Some months later, as part of a big project, a cross-disipline group consisting of employees from both engineering, sales and support is formed. They will need their own file share, so they ask Phillip to create this for them.

The project runs for a couple of months, but is eventually cancelled. The share is no longer needed, so Phillip wants to reclaim that disk space.


Phillip logs in to the domain server and sets up groups for the different departments and the individual users in those groups. He adds the server he wants to use for the NFS storage to Services. Same with all the affected clients.

After that, he logs in to Cockpit and creates the folders "/storage/engineering", "/storage/sales" and "/storage/support". He sets the engineering group to be able to read and write the share Engineering and the two other groups to read only. He then does the same with the other two groups. He also creates a folder called "/storage/everyone" and sets read and write access to all three groups.

For the big project, he adds the individual members, and sets read and write for those. When the project is done, he removes the individual share and deletes the folder.


Prior art


Stephen Gallagher

  • I think we might consider (in the first pass) prompting the user to join a FreeIPA or Active Directory domain using realmd before offering the sharing dialog.
  • Down the road, Cockpit should also offer another tool to help set up and manage a FreeIPA domain (and replicas).
Clone this wiki locally
You can’t perform that action at this time.