Contact us
ArticlesRocky Linux

Configuring NFSv3 File Locking on Rocky Linux

NFSNFSv3file lockingrpc-statdNLMfirewall

Stephen Simpson
Sr. Customer Support Engineer

Jun 27, 2025

Introduction

NFSv3 file locking requires additional configuration compared to NFSv4. This article covers the proper setup of NFSv3 file locking on Rocky Linux.

Problem

NFSv3 file locking operations are failing or timing out. Applications report issues obtaining file locks, and flock commands timeout on NFSv3 mounts.

Resolution

Verify rpc-statd service status

NFSv3 requires the rpc-statd service to be running on both the server and all clients for file locking to work properly.

Check the status of rpc-statd:

systemctl status rpc-statd

If the service isn't running, enable, and start it:

systemctl enable rpc-statd
systemctl start rpc-statd

Configure fixed ports for NFS services

By default, NFSv3 RPC services use random ports, which can cause firewall issues. To configure fixed port numbers in /etc/nfs.conf, edit the /etc/nfs.conf file and add or modify the following sections:

[lockd]
port=5555

[statd]
port=6666

Configure firewall rules

If firewalld is enabled, whitelist the NFS services and the fixed ports:

firewall-cmd --permanent --add-service=rpc-bind
firewall-cmd --permanent --add-service=nfs
firewall-cmd --permanent --add-port={5555/tcp,5555/udp,6666/tcp,6666/udp}
firewall-cmd --reload

Restart services

Restart the necessary services to apply the configuration changes:

systemctl restart rpc-statd nfs-server

Verify configuration

To test file locking is working correctly, perform a simple test showing that one client waits for another to release the lock.

Test from Client 1

flock -x /path/to/nfs/mount/file.txt -c 'echo "Client 1 holding the lock"; sleep 30'

Test from Client 2 (run this while Client 1 is still holding the lock)

flock -x /path/to/nfs/mount/file.txt -c 'echo "Client 2 holding the lock"; sleep 10'

Expected behavior

Client 1 should immediately display "Client 1 holding the lock" and hold the lock for 30 seconds. Client 2 should wait until Client 1's 30-second timer finishes before displaying "Client 2 holding the lock".

If file locking is working correctly

Client 2 should wait approximately 30 seconds before executing.

If file locking isn't working

Client 2 executes immediately without waiting for Client 1 to release the lock. Both clients may display their messages simultaneously.

Root cause

NFSv3 uses the Network Lock Manager (NLM) sidecar protocol for file locking, which requires the rpc-statd service. Unlike NFSv4, which has file locking built into the protocol, NFSv3 relies on separate RPC services that must be properly configured and accessible through firewall rules.

Notes

  • If using a different NFS server implementation (like Dell OneFS), verify that the server also supports and has NLM properly configured.

  • The flock testing only tests accurately between 2 NFS clients and not necessarily between a client and the server itself.

  • To avoid potential data corruption, always access NFSv3 shares via NFS rather than locally on the server, since local and remote file locks don't interact.

References & related articles

Rocky Linux NFS Documentation
Using flock