My-Tiny.Net :: Networking with Virtual Machines
Shared Folders
To access files on a VM from another machine, you have several options. Choosing between them is a matter of figuring out how often you need to move files, and what the source and destination will be.
|
Copying files between systems may change the owner
of the file on the destination, so be sure to doublecheck. A good command to know for this is chown -R owner:group /path
to fix a whole directory of files.
|
Use a SSH Client on the Host
This is easy and reliable. First, get a ssh client like WinSCP from a place like PortableApps.com and install it on your host machine.Next check the network configuration. This method requires a Host-Only Interface on the host and the guest that are on the same subnet, and that the SSH server is runninng on the VM you want to access (see Getting started :: First Things First on the menu)
Start your SSH client on your host, and connect to the IP address of the VM. The first time you connect it is normal to get a message asking if you trust this host - just say yes, and the client will recognise the server next time.
VM to VM with mc and SSH
A combination of a shared folder or SSH client on the host connecting to a VM on the same subnet and SSH running on all of the VMs on different subnets works really well - you can use one VM to get files from the host, then move them to or between the others.In mc use [F9]and under Left or Right select Shell Link. Type in the IP address of the other machine, and it will automatically connect. Again, the first time you connect it is normal to get a message asking if you trust this host - just type yes, and the client will recognise the server next time. You will also be asked for the password every time you connect.
There is a lot you can do with SSH: Smoother SSH under Host Management on the menu shows you how to set up automatic SSH login, and has links to other configuration tips.
Mount a USB drive to the virtual machine
First, the USB device has to be plugged in and recognised by the Host operating system. You need to create a unique "USB filter" for the guest for every device. Be aware that your host OS will not be able to see the USB device while it is being used by VirtualBox.Then, in the VirtualBox manager, with all VMs closed, right-click the VM that you want to use the USB device with to open the Settings window. Within settings, browse to the USB tab and click the Add button on the very right of the window. Select the USB device that you want to use from the list. You can also select "Enable USB 2.0 (EHCI) Controller" if the device will use it.
With that done, click OK to save changes and exit. Start the virtual machine and log in. You should be able to access the USB device as /mnt/sda1. You only need to set up the filter once, but you must do it individually for every VM.
Mount a Windows Shared Folder
We can mount shared folders on Windows hosts using the Common Internet File System (CIFS). This method also requires a Virtualbox Bridged Interface or Host-Only Interface that is configured in the guest to be on the same subnet as the Virtualbox setting. (see the ssh instructions above).You also need to share the folder in Windows first. It is best to use C:\Users\Public\Public Documents because Windows is all prepared for this to be shared. To verify, right-click on it and select Properties, then click the Sharing tab.
Be sure to use the IP address and full network path in the script (it helps to have the Properties window for the folder open). After you do this successfully the first time, you can just go back and pick it off the list.
Mount a Linux Shared Folder
The classic method of sharing directories between Linux hosts is NFS. Network File System (originally by SUN) uses Remote Procedure Calls (RPC) to allow remote filesystems to be mounted locally. All TinyNet hosts have the proper software installed, but there is one special requirement we need to consider first.NFS needs to identify each filesystem that it exports, and normally uses a UUID or the device number of the device where the filesystem is located. Our mytyVM distro has a special architecture (see TinyNet Notes on the menu for details) that creates one simple requirement for us: on the server side, create the directories to be exported under /mnt/sda1/ so they will have a genuine block device number that NFS is happy with.
Server Export: Once the directories exist, edit /etc/exports and add an entry to export the filesystem to any host in our domain:
/mnt/sda1/exported *.tinynet.edu(rw,sync,subtree_check,no_root_squash)
Start /etc/rc.d/rc.nfsd and /etc/rc.d/rc.rpc, and export the share with
exportfs -av(do this once and after that /etc/rc.d/rc.inet2 will take care of this at boot time)
Client Mount: First, create a mount point for the shared folder. There are no special considerations, it can be anywhere in the filesystem. Make sure that /etc/rc.d/rc.rpc is executable and running.
Run this command to mount the share at the existing directory /media/nfs_share
mount -t nfs nfsserver.domain.name:/mnt/sda1/exported /media/nfs_share
Or, to have /etc/rc.d/rc.inet2 prepare to mount it at boot time, add an entry like this to /etc/fstab
# device mountpoint fs-type options dump fsckord nfsserver.domain.name:/mnt/sda1/exported /media/nfs_share nfs noauto,rw,hard,intr 0 0Then when you want to mount it, run (as root):
mount /media/nfs_share
Just to note, the noauto option means the share will not be mounted at bootup. If you remove this option and the server machine is unavailable, the NFS client will make multiple attempts to connect and you will have to wait for it to time-out with each attempt. The hard,intr options ensure the NFS client will handle a server crash or network outage gracefully.
NFS Tips
To see shares exported by a remote host:showmount -e hostnameTo see shares exported by the local host:
exportfs -s To unexport all:
exportfs -auTo have the NFS daemon reload /etc/exports:
exportfs -ravTo see all the gnarly details of shares exported by the local host:
cat /var/lib/nfs/etabThis is the file that rpc.mountd reads when a client sends a mount -t nfs request.
To see what exportfs understands:
man exportsTo see /etc/fstab mount options:
man nfsFor security, the root user of a client machine should not be treated as root when accessing files on the server. The default is to "squash" root access by mapping uid 0 gid 0 to uid and gid 65534. This should be left alone unless there is a a good reason to turn it off with the no_root_squash option. There are several other "squash" options listed in the exports man page so you can decide to mistrust whomever you (don't) like on the clients.
The exports man page recommends using no_subtree_check under normal circumstances, and subtree_check if no_root_squash is enabled. NFS will complain if one of these is not specified, because the default changed between versions.
The HowTo notes that /etc/exports is very sensitive to whitespace, so these two statements are not the same:
The first will grant hostname rw access to the exported directory without squashing root privileges. The second will grant hostname rw access with root squash (the default) and it will grant everyone else read/write access without squashing root privileges. Nice huh?/mnt/hda1/exported hostname(rw,no_root_squash)
/mnt/hda1/exported hostname (rw,no_root_squash)
The old Slackware NFS HowTo says "Running NFS in an uncontrolled environment is rather like leaving your front door open, painting 'On holiday' on your house and posting maps to every known criminal... In a fairly secure environment or when you can recover data from stupid misuse its pretty much OK. The worst someone can easily do is alter all the files on an NFS mounted disk and/or crash the machine. ... Why do we use NFS at all then? Because it's the only uniformly supported file sharing protocol for Unix. And because it works, mostly."
To get a better understanding of the options and how to secure NFS see:
http://www.tldp.org/HOWTO/NFS-HOWTO/server.html
http://www.tldp.org/HOWTO/NFS-HOWTO/client.html
http://www.tldp.org/HOWTO/NFS-HOWTO/security.html
http://www.tldp.org/HOWTO/NFS-HOWTO/troubleshooting.html