Commit 1c4a8edb authored by Lars Beckers's avatar Lars Beckers

nfs-client: configure nfs-common service

parent 3e299b1d
# If you do not set values for the NEED_ options, they will be attempted
# autodetected; this should be sufficient for most people. Valid alternatives
# for the NEED_ options are "yes" and "no".
# Do you want to start the statd daemon? It is not needed for NFSv4.
NEED_STATD=no
# Options for rpc.statd.
# Should rpc.statd listen on a specific port? This is especially useful
# when you have a port-based firewall. To use a fixed port, set this
# this variable to a statd argument like: "--port 4000 --outgoing-port 4001".
# For more information, see rpc.statd(8) or http://wiki.debian.org/SecuringNFS
STATDOPTS=
# Do you want to start the idmapd daemon? It is only needed for NFSv4.
NEED_IDMAPD=yes
# Do you want to start the gssd daemon? It is required for Kerberos mounts.
NEED_GSSD=yes
......@@ -12,20 +12,29 @@
- nfs-client
- packages
#- name: ensure we use the idmapper
# copy: content="N" dest=/sys/module/nfs/parameters/nfs4_disable_idmapping
# notify:
# - restart nfs-common
# - restart autofs
# tags:
# - nfs-client
# - config
#
#- name: ensure we use the idmapper after a reboot
# copy: src=modprobe-nfs.conf dest=/etc/modprobe.d/nfs.conf owner=root group=root mode=0644
# tags:
# - nfs-client
# - config
- name: ensure the nfs-common service is configured for nfs4
copy: src=nfs-common dest=/etc/default/nfs-common owner=root group=root mode=0644
notify:
- restart nfs-common
- restart autofs
tags:
- nfs-client
- config
- name: ensure we use the idmapper
copy: content="N" dest=/sys/module/nfs/parameters/nfs4_disable_idmapping
notify:
- restart nfs-common
- restart autofs
tags:
- nfs-client
- config
- name: ensure we use the idmapper after a reboot
copy: src=modprobe-nfs.conf dest=/etc/modprobe.d/nfs.conf owner=root group=root mode=0644
tags:
- nfs-client
- config
- name: ensure the kernel key storage quote used for idmapping is sufficiently high
sysctl: name=kernel.keys.root_maxkeys state=present value=1000 # default is 200, this quote was reached
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment