Disable NFSv3 on Ubuntu 22.04 and newer
As the title states, for my Ubuntu 22.04 NFS server I want to disable NFSv3 to make sure all the connected clients are using
the NFSv4 protocol. None of the instructions to edit the
/etc/default/nfs-kernel-server are working.
I just found out why:
the /etc/default/nfs-* files are ignored by the NFS server or client in Ubuntu 22.04. They were left there as a precaution because of the conversion process that converts those options into the new /etc/nfs.conf and /etc/nfs.conf.d/local.conf files.
Some more digging revealed that this config file change was added in nfs-utils version
1.3.5-rc5 and Ubuntu 20.04 still
ships with version
1.3.4. Ubuntu 22.04 and newer are using the
2.x version of nfs-utils.
So I hope this helps someone who is struggling with the same issue.
How to disable NFSv3 on Ubuntu 22.04 and newer
First check which versions are currently exposed:
# sudo cat /proc/fs/nfsd/versions -2 +3 +4 +4.1 +4.2
A plus means available, a minus means unavailable.
As seen v3 is still supported
+3 and v2
-2 is disabled by default. So let’s disable v3.
The first step is to create a
/etc/nfs.conf.d/nfsv3-disable.conf file with the following:
For more available options check the
Restart the nfs-server and check if v3 is successfully disabled:
# sudo systemctl restart nfs-server # sudo cat /proc/fs/nfsd/versions -2 -3 +4 +4.1 +4.2
As seen above the v3 version is now not available anymore
If you want to be complete, you can mask the services not needed for NFSv4 and reduce the system load and attack surface:
# sudo systemctl mask rpcbind.service Created symlink /etc/systemd/system/rpcbind.service → /dev/null. # sudo systemctl mask rpcbind.socket Created symlink /etc/systemd/system/rpcbind.socket → /dev/null.
Just for reference, here is the link to the Debian wiki how to disable NFSv4 for older nfs-utils versions: