Adding an NFS audit client to an audit share

NFS audit clients are granted access to an audit share based on their IP address. Grant access to the audit share to a new NFS audit client by adding its IP address to the audit share.

Before you begin

Steps

  1. From the service laptop, log in to the primary Admin Node:
    1. Enter the following command: ssh admin@primary_Admin_Node_IP
    2. Enter the password listed in the Passwords.txt file.
    3. Enter the following command to switch to root: su -
    4. Enter the password listed in the Passwords.txt file.
      When you are logged in as root, the prompt changes from $ to #.
  2. Start the NFS configuration utility: config_nfs.rb
    -----------------------------------------------------------------
    | Shares               | Clients              | Config          |
    -----------------------------------------------------------------
    | add-audit-share      | add-ip-to-share      | validate-config |
    | enable-disable-share | remove-ip-from-share | refresh-config  |
    |                      |                      | help            |
    |                      |                      | exit            |
    -----------------------------------------------------------------
  3. Enter: add-ip-to-share
    A list of NFS audit shares enabled on the Admin Node is displayed. The audit share is listed as: /var/local/audit/export
  4. Enter the number of the audit share: audit_share_number
  5. When prompted, enter the audit client’s IP address or IP address range for the audit share: client_IP_address
    The audit client is added to the audit share.
  6. When prompted, press Enter.
    The NFS configuration utility is displayed.
  7. Repeat from step 3 for each audit client that should be added to the audit share.
  8. Optionally, verify your configuration: validate-config
    The services are checked and displayed.
    1. When prompted, press Enter.

      The NFS configuration utility is displayed.

  9. Close the NFS configuration utility: exit
  10. If the StorageGRID Webscale deployment is a single site, go to step 11.

    — or —

    Optionally, if the StorageGRID Webscale deployment includes Admin Nodes at other sites, enable these audit shares as required:
    1. Remotely log in to a site’s Admin Node:
      1. Enter the following command: ssh admin@grid_node_IP
      2. Enter the password listed in the Passwords.txt file.
      3. Enter the following command to switch to root: su -
      4. Enter the password listed in the Passwords.txt file.
    2. Repeat steps 2 through 9 to configure the audit shares for each Admin Node.
    3. Close the remote secure shell login to the remote Admin Node: exit
  11. Log out of the command shell: exit