[cla]

I've heard mounting file systems must be done keeping one's head cool: If you don't get it all right, you can seriously injure the file system being mounted.

Has anyone experience with this?

I would also like to mount the EXT3 partition 'securely', over an ssh tunnel. Creating the tunnel isn't the problem. Tunneling a file system on the other hand, is entirely new ground to me.

edit: changed the topic from "EXT3" to "NFS"

[Partisan01]

Originally posted by cla:
I've heard mounting file systems must be done keeping one's head cool: If you don't get it all right, you can seriously injure the file system being mounted.

Has anyone experience with this?

I would also like to mount the EXT3 partition 'securely', over an ssh tunnel. Creating the tunnel isn't the problem. Tunneling a file system on the other hand, is entirely new ground to me.

I'd just use NFS over a ssh tunnel. Setting up NFS is super easy, edit /etc/exports on the linux box then start up the rpcd nfsd etc daemons and you're sharing away. There are piles of man pages on how to setup NFS in linux.

A great article on this can be found here

FYI - sharing a filesystem over a network is only as fast as the network, sharing the filesystem over ssh slows it down because each packet has to be encrypted and decrypted. If you're in a trusted LAN environment I would not use ssh. If you want it secure you might be thinking of doing this over the internet, beware the speed will not be that fast. In my experience 10Mbps is tolerable, but I would recommend 100 or 1000Mbps for a much better experience. Best of luck, let us know how it goes.

[P]

What, exactly, do you wish to do? If you have a computer with files that you want to share to another machine, then read Partisan01's post above. The actual filesystem of a drive shared this way is irrelevant - it is mounted by the host computer at startup, and then shared by this computer. It is then also mounted from the second computer using a network filesystem.

If, however, you have an ext3 drive that you wish to mount locally on your Mac and then share, then it's a different issue. First you need a filesystem driver on the Mac. You can get one here:

http://www.macupdate.com/info.php/id/11657

Note that the ext3 drive will be mounted as an ext2 drive, ie without catalouging, but it will work.

Once that thing is installed, upon reboot the Mac will automount everything it sees. You can then share the drive in normal fashion, and presumably open it through a tunnel to the Mac.

[cla]

Best of luck, let us know how it goes.

More problems, but I'll report what I did so far.
Eventually I'll make sure this thread turns into a Mac OS X specific tutorial on how set things up smoothly.

My goal is to mount the apache log directory of a web server on my local Mac, so that I can display visitor information (page, referer, IP and so on) in a Growl bezel on my desktop.

According to me I did everything in the tutorial you (Partisan01) linked to. I'll write down the details (in case anyone else wants to attempt it) in a tutorialish way.
Note that these steps won't take you all the way, yet:

Setting up the NFS server
The server is a Linux running the Debian dist (Woody), with NFS support compiled into the kernel (nfs-kernel-server).
1. Necessary services - Make sure portmapper, the NFS daemon and mountd is running.
To check this, do:

Code:
# rpcinfo -p 
   program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  33053  status
    100024    1   tcp  33426  status
    100003    2   udp   2049  nfs
    100003    2   tcp   2049  nfs
    100021    1   udp  33056  nlockmgr
    100021    3   udp  33056  nlockmgr
    100021    1   tcp  33431  nlockmgr
    100021    3   tcp  33431  nlockmgr
    100005    1   udp  33057  mountd
    100005    1   tcp  33432  mountd
    100005    2   udp  33057  mountd
    100005    2   tcp  33432  mountd

rpcinfo -p probes the portmapper on the local server. The list shows what services are running on what ports and on what protocols. Make sure nfs and mountd is there.

2. Firewall - In order for a client to make RPC calls to a server, the server must be running portmapper. As rpcinfo revealed, portmapper runs on port 111. Additionally, nfs runs on port 2049 and mountd (TCP) on port 33432, but since I want the NFS export to be as secure as possible, I'm going to do the mount over an ssh tunnel. A bonus with this, apart from the security, is that I don't need to open those ports on the firewall. So this is what I do:
Open port 22 (TCP) in order for the client to connect via SSH.
Open port 111 (TCP) in order for the client to access RPC.

3. Create an NFS share - I'm using Webmin to do the NFS export. An alternative would be to do it via the command line. I'm sure the NFS-HOWTO explains how. Here's what I told webmin to do:

Code:
Export directory: /var/log/apache
Active? Yes
Export to... Network (since we're going to use an ssh tunnel, we are going to tell the server
 to export the NFS share to... itself! Enter the name/IP of the server.
Clients must be on secure port? No (Thus allowing the client to use ports above 1024.)
Access mode: Read only

Click Save and Apply Changes.

The NFS exports are represented in /etc/exports, which now should look like this:

Code:
# cat /etc/exports 
/var/log/apache <server>(ro,insecure)

Check that the Apply Changes went through by doing an exportfs .

Setting up the Mac OS X client
1. portmapper First of all, make sure portmapper is running by typing rpcinfo -p on the client. If it's not, the following error message confirms it:

Code:
rpcinfo: can't contact portmapper: RPC: Remote system error - Connection refused

Turn it on my typing sudo portmap.
Now try rpcinfo -p again. It should read something like:

Code:
# rpcinfo -p
   program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper

((Make sure Mac OS X starts portmapper every time you boot by
opening the file /etc/hostconfig
changing the line that says RPCSERVER=-AUTOMATIC- into RPCSERVER=-YES-))

2. Test configuration - Make sure the Mac OS X client "sees" portmapper on the Linux server by doing an rpcinfo -p <name or ip of server>.
The output should match that of the server (issued by rpcinfo -p).

3. SSH Tunneling -
Assuming you have an account on the Linux server with the same user name as on the Mac OS X box, do the following:

ssh -f -L 2818:<server>:2049 -L 3045:<server>:<TCP port of the server's mountd service (see above)> <server> sleep 60m

This line will
a) Open an SSH connection to <server>
b) -f puts SSH to the background, returning you to your local prompt back.
c) set up two tunnels:
tunnel 1 tells Mac OS X to take any incoming traffic on port 2818 and put it into the ssh tunnel (which leads to the server) and output in onto port 2049 in the other end. (And who on the server is listening to port 2049? NFS!)
tunnel 2 tells Mac OS X to take any incoming traffic on port 3045 and put it into the ssh tunnel (which leads to the server) and output in onto the same port as the server's mountd service is listening to.
d) Close this tunnel after 60 minutes unless someone uses it.

4. The mount - this last step is where I failed.
I created a directory in the Mac OS X root called "/mountpoint" and did thid:
mount_nfs -P -2 -o tcp,port=2818,mountport=3045 localhost:/var/log/apache /mountpoint/apache_logs

All I got was the following message (repeated every X seconds):
NFS Portmap: RPC: Program not registered

Whether its portmap in the server or the client, I don't know. I've stopped the os x firewall to no result. I've tried udp instead of tcp, no result. I've tried mount -t nfs, no result.

I suspect it has something to do with nfs not being properly installed/compiled on the Debian server.

Any suggestions?