Ok I have NFS working as following. Any comments/concerns doing it this way?
#I mount this filesystem manually without a vserver restart from the root/host
sudo vnamespace -e 100 mount -t nfs calnfs01.corporate.net:/nfs_unix_data
/vservers/unixdev1/unix_data
#I can unmount this filesystem manually without a vserver restart from the
root/host
sudo vnamespace -e 100 umount /vservers/unixdev1/unix_data
#the outstanding issue is that you can only see the mount on the host/root (df
-k). The disk values are incorrect. It seems to mimic the preceding df entry
df -h
Filesystem Size Used Avail Use% Mounted on
/dev/ide/host1/bus0/target0/lun0/part9
58G 22G 34G 39% /vservers
calnfs01.corporate.net:/nfs_unix_data
58G 22G 34G 39% /vservers/unixdev1/unix_data
#the nfs disk is actually 100G in size with 64M used
#it seems useable so far
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Magnuson,
Sig
Sent: Wednesday, October 19, 2005 12:05 PM
To: vserver@list.linux-vserver.org
Subject: RE: [Vserver] unmount nfs with vserver
Ok my plan is to be able to mount/umount nfs disk from inside the
guest/vserver. I'm still getting a permission denied.
#Now that I have the ccaps in place properly (i hope)
cat /usr/local/etc/vservers/unixdev1/ccapabilities
SECURE_MOUNT
SECURE_REMOUNT
BINARY_MOUNT
#I have my nfs disk exported to both host and guest (/etc/exports)
#On the guest I have portmap and rpc.statd running
#This command takes a couple of minutes to return
mount -v -t nfs calnfs01.corporate.net:/nfs_unix_data /unix_data
mount: failed with nfs mount version 4, trying 3..
mount: permission denied
#Our nfs server reports this
Oct 19 11:44:31 calnfs01 rpc.mountd: authenticated mount request from
unixdev1.corporate.net:965 for /nfs_unix_data (/nfs_unix_data)
Oct 19 11:44:31 calnfs01 rpc.mountd: authenticated mount request from
unixdev1.corporate.net:969 for /nfs_unix_data (/nfs_unix_data)
#I am able to contact the NFS server from the vserver
rpcinfo -p calnfs01
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 32768 status
100024 1 tcp 32768 status
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100021 1 udp 32771 nlockmgr
100021 3 udp 32771 nlockmgr
100021 4 udp 32771 nlockmgr
100021 1 tcp 32769 nlockmgr
100021 3 tcp 32769 nlockmgr
100021 4 tcp 32769 nlockmgr
100005 1 udp 926 mountd
100005 1 tcp 929 mountd
100005 2 udp 926 mountd
100005 2 tcp 929 mountd
100005 3 udp 926 mountd
100005 3 tcp 929 mountd
390113 1 tcp 7937
#Here is a strace of the mount
strace mount -v -t nfs calnfs01.corporate.net:/nfs_unix_data /unix_data
execve("/bin/mount", ["mount", "-v", "-t", "nfs",
"calnfs01.corporate.net:/nfs_u"..., "/unix_data"], [/* 30 vars */]) = 0
uname({sys="Linux", node="unixdev1", ...}) = 0
brk(0) = 0x8057000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("tls/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("tls/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/home/sig/lib/tls/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such
file or directory)
stat64("/home/sig/lib/tls/i686", 0xbf9db988) = -1 ENOENT (No such file or
directory)
open("/home/sig/lib/tls/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or
directory)
stat64("/home/sig/lib/tls", 0xbf9db988) = -1 ENOENT (No such file or directory)
open("/home/sig/lib/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or
directory)
stat64("/home/sig/lib/i686", 0xbf9db988) = -1 ENOENT (No such file or directory)
open("/home/sig/lib/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or
directory)
stat64("/home/sig/lib", 0xbf9db988) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or
directory)
stat64("/usr/lib/tls/i686", 0xbf9db988) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or
directory)
stat64("/usr/lib/tls", 0xbf9db988) = -1 ENOENT (No such file or directory)
open("/usr/lib/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or
directory)
stat64("/usr/lib/i686", 0xbf9db988) = -1 ENOENT (No such file or directory)
open("/usr/lib/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib", {st_mode=S_IFDIR|0755, st_size=8192, ...}) = 0
open("/lib/tls/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or
directory)
stat64("/lib/tls/i686", 0xbf9db988) = -1 ENOENT (No such file or directory)
open("/lib/tls/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/lib/tls", 0xbf9db988) = -1 ENOENT (No such file or directory)
open("/lib/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or
directory)
stat64("/lib/i686", 0xbf9db988) = -1 ENOENT (No such file or directory)
open("/lib/libblkid.so.1", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\34"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=28172, ...}) = 0
mmap2(NULL, 30740, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) =
0xb7fc2000
mmap2(0xb7fc9000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6) = 0xb7fc9000
close(3) = 0
open("tls/i686/libuuid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("tls/libuuid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("i686/libuuid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("libuuid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib/libuuid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libuuid.so.1", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\240\n\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=9056, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7fc1000
mmap2(NULL, 11592, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) =
0xb7fbe000
mmap2(0xb7fc0000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0xb7fc0000
close(3) = 0
open("tls/i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("tls/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360N\1"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1170840, ...}) = 0
mmap2(NULL, 1150108, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) =
0xb7ea5000
mmap2(0xb7fb8000, 16384, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x113) = 0xb7fb8000
mmap2(0xb7fbc000, 7324, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7fbc000
close(3) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7ea4000
mprotect(0xb7fb8000, 4096, PROT_READ) = 0
mprotect(0xb7fdf000, 4096, PROT_READ) = 0
set_thread_area({entry_number:-1 -> 6, base_addr:0xb7ea46b0, limit:1048575,
seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0,
useable:1}) = 0
umask(022) = 027
open("/dev/null", O_RDWR|O_LARGEFILE) = 3
close(3) = 0
brk(0) = 0x8057000
brk(0x8078000) = 0x8078000
getuid32() = 0
geteuid32() = 0
getgid32() = 0
getegid32() = 0
prctl(0x3, 0x20, 0x6, 0x6, 0) = 1
open("/etc/blkid.tab", O_RDONLY) = -1 ENOENT (No such file or directory)
getuid32() = 0
geteuid32() = 0
lstat64("/etc/mtab", {st_mode=S_IFREG|0644, st_size=137, ...}) = 0
stat64("/sbin/mount.nfs", 0xbf9dbf20) = -1 ENOENT (No such file or directory)
uname({sys="Linux", node="unixdev1", ...}) = 0
gettimeofday({1129744076, 878463}, NULL) = 0
getpid() = 3020
open("/etc/resolv.conf", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=232, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7ea3000
read(3, "#\n# /etc/resolv.conf: resolver c"..., 4096) = 232
read(3, "", 4096) = 0
close(3) = 0
munmap(0xb7ea3000, 4096) = 0
socket(PF_FILE, SOCK_STREAM, 0) = 3
fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR)
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT
(No such file or directory)
close(3) = 0
socket(PF_FILE, SOCK_STREAM, 0) = 3
fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR)
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT
(No such file or directory)
close(3) = 0
open("/etc/nsswitch.conf", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=373, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7ea3000
read(3, "#\n# /etc/nsswitch.conf: name ser"..., 4096) = 373
read(3, "", 4096) = 0
close(3) = 0
munmap(0xb7ea3000, 4096) = 0
open("tls/i686/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or
directory)
open("tls/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("i686/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or
directory)
open("/lib/libnss_files.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\33\0\000"..., 512) =
512
fstat64(3, {st_mode=S_IFREG|0755, st_size=34660, ...}) = 0
mmap2(NULL, 37516, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) =
0xb7e9a000
mmap2(0xb7ea2000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7) = 0xb7ea2000
close(3) = 0
open("/etc/host.conf", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=92, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7e99000
read(3, "#\n# /etc/host.conf: resolver con"..., 4096) = 92
read(3, "", 4096) = 0
close(3) = 0
munmap(0xb7e99000, 4096) = 0
open("/etc/hosts", O_RDONLY) = 3
fcntl64(3, F_GETFD) = 0
fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
fstat64(3, {st_mode=S_IFREG|0644, st_size=360, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7e99000
read(3, "#\n# /etc/hosts: static lookup ta"..., 4096) = 360
read(3, "", 4096) = 0
close(3) = 0
munmap(0xb7e99000, 4096) = 0
open("tls/i686/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or
directory)
open("tls/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("i686/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or
directory)
open("/lib/libnss_dns.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\r\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=18012, ...}) = 0
mmap2(NULL, 20616, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) =
0xb7e94000
mmap2(0xb7e98000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3) = 0xb7e98000
close(3) = 0
open("tls/i686/libresolv.so.2", O_RDONLY) = -1 ENOENT (No such file or
directory)
open("tls/libresolv.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("i686/libresolv.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("libresolv.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib/libresolv.so.2", O_RDONLY) = -1 ENOENT (No such file or
directory)
open("/lib/libresolv.so.2", O_RDONLY) = 3
read(3, "[EMAIL PROTECTED]"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=63788, ...}) = 0
mmap2(NULL, 71848, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) =
0xb7e82000
mmap2(0xb7e90000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe) = 0xb7e90000
mmap2(0xb7e92000, 6312, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7e92000
close(3) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53),
sin_addr=inet_addr("172.27.8.42")}, 28) = 0
fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR)
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
gettimeofday({1129744076, 888001}, NULL) = 0
poll([{fd=3, events=POLLOUT, revents=POLLOUT}], 1, 0) = 1
send(3, "\352\177\1\0\0\1\0\0\0\0\0\0\10calnfs01\fcorpora"..., 43, 0) = 43
poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
ioctl(3, FIONREAD, [59]) = 0
recvfrom(3, "\352\177\205\200\0\1\0\1\0\0\0\0\10calnfs01\fcorpor"..., 1024, 0,
{sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.27.8.42")},
[16]) = 59
close(3) = 0
time(NULL) = 1129744076
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
bind(3, {sa_family=AF_INET, sin_port=htons(652),
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
connect(3, {sa_family=AF_INET, sin_port=htons(111),
sin_addr=inet_addr("172.27.8.157")}, 16) = 0
gettimeofday({1129744076, 890524}, NULL) = 0
write(3, "\200\0\0(\10\364\232v\0\0\0\0\0\0\0\2\0\1\206\240\0\0\0"..., 44) = 44
poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 60000) = 1
read(3, "\0\0\1\214\10\364\232v\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0"..., 500) = 400
poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 60000) = 1
read(3, "\200\0\0004\0\0\0\21\0\0\3\236\0\0\0\1\0\1\206\245\0\0"..., 500) = 56
close(3) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 3
bind(3, {sa_family=AF_INET, sin_port=htons(653),
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
ioctl(3, FIONBIO, [1]) = 0
setsockopt(3, SOL_IP, IP_RECVERR, [1], 4) = 0
uname({sys="Linux", node="unixdev1", ...}) = 0
geteuid32() = 0
getegid32() = 0
getgroups32(0, NULL) = 7
getgroups32(7, [0, 1, 2, 3, 4, 6, 10]) = 7
gettimeofday({1129744076, 892739}, NULL) = 0
sendto(3, "\'{2(\0\0\0\0\0\0\0\2\0\1\206\245\0\0\0\3\0\0\0\1\0\0\0"..., 116, 0,
{sa_family=AF_INET, sin_port=htons(926), sin_addr=inet_addr("172.27.8.157")},
16) = 116
poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 3000) = 1
recvfrom(3, "\'{2(\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 8800,
0, {sa_family=AF_INET, sin_port=htons(926),
sin_addr=inet_addr("172.27.8.157")}, [16]) = 56
socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 4
bind(4, {sa_family=AF_INET, sin_port=htons(654),
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 5
bind(5, {sa_family=AF_INET, sin_port=htons(655),
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
ioctl(5, FIONBIO, [1]) = 0
setsockopt(5, SOL_IP, IP_RECVERR, [1], 4) = 0
sendto(5, "\22\325\314R\0\0\0\0\0\0\0\2\0\1\206\240\0\0\0\2\0\0\0"..., 56, 0,
{sa_family=AF_INET, sin_port=htons(111), sin_addr=inet_addr("172.27.8.157")},
16) = 56
poll([{fd=5, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
recvfrom(5, "\22\325\314R\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 400,
0, {sa_family=AF_INET, sin_port=htons(111),
sin_addr=inet_addr("172.27.8.157")}, [16]) = 28
close(5) = 0
uname({sys="Linux", node="unixdev1", ...}) = 0
close(3) = 0
close(3) = -1 EBADF (Bad file descriptor)
rt_sigprocmask(SIG_BLOCK, ~[TRAP SEGV RTMIN RT_1], NULL, 8) = 0
mount("calnfs01.corporate.net:/nfs_unix_data", "/unix_data", "nfs",
MS_POSIXACL|MS_ACTIVE|MS_NOUSER|0xec0000, 0x8056820) = -1 EPERM (Operation not
permitted)
rt_sigprocmask(SIG_UNBLOCK, ~[TRAP SEGV RTMIN RT_1], NULL, 8) = 0
fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7e81000
write(1, "mount: failed with nfs mount ver"..., 51mount: failed with nfs mount
version 4, trying 3..
) = 51
open("/etc/hosts", O_RDONLY) = 3
fcntl64(3, F_GETFD) = 0
fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
fstat64(3, {st_mode=S_IFREG|0644, st_size=360, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7e80000
read(3, "#\n# /etc/hosts: static lookup ta"..., 4096) = 360
read(3, "", 4096) = 0
close(3) = 0
munmap(0xb7e80000, 4096) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53),
sin_addr=inet_addr("172.27.8.42")}, 28) = 0
fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR)
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
gettimeofday({1129744076, 928136}, NULL) = 0
poll([{fd=3, events=POLLOUT, revents=POLLOUT}], 1, 0) = 1
send(3, "1\351\1\0\0\1\0\0\0\0\0\0\10calnfs01\fcorpora"..., 43, 0) = 43
poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
ioctl(3, FIONREAD, [59]) = 0
recvfrom(3, "1\351\205\200\0\1\0\1\0\0\0\0\10calnfs01\fcorpora"..., 1024, 0,
{sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.27.8.42")},
[16]) = 59
close(3) = 0
time(NULL) = 1129744076
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
bind(3, {sa_family=AF_INET, sin_port=htons(656),
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
connect(3, {sa_family=AF_INET, sin_port=htons(111),
sin_addr=inet_addr("172.27.8.157")}, 16) = 0
write(3, "\200\0\0(\17XJ9\0\0\0\0\0\0\0\2\0\1\206\240\0\0\0\2\0\0"..., 44) = 44
poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 60000) = 1
read(3, "\0\0\1\214\17XJ9\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 500) = 400
poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 60000) = 1
read(3, "\200\0\0004\0\0\0\21\0\0\3\236\0\0\0\1\0\1\206\245\0\0"..., 500) = 56
close(3) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 3
bind(3, {sa_family=AF_INET, sin_port=htons(657),
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
ioctl(3, FIONBIO, [1]) = 0
setsockopt(3, SOL_IP, IP_RECVERR, [1], 4) = 0
uname({sys="Linux", node="unixdev1", ...}) = 0
geteuid32() = 0
getegid32() = 0
getgroups32(0, NULL) = 7
getgroups32(7, [0, 1, 2, 3, 4, 6, 10]) = 7
gettimeofday({1129744076, 933098}, NULL) = 0
sendto(3, "FD\206X\0\0\0\0\0\0\0\2\0\1\206\245\0\0\0\2\0\0\0\1\0\0"..., 116, 0,
{sa_family=AF_INET, sin_port=htons(926), sin_addr=inet_addr("172.27.8.157")},
16) = 116
poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 3000) = 1
recvfrom(3, "FD\206X\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 8800,
0, {sa_family=AF_INET, sin_port=htons(926),
sin_addr=inet_addr("172.27.8.157")}, [16]) = 60
socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 5
bind(5, {sa_family=AF_INET, sin_port=htons(658),
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 6
bind(6, {sa_family=AF_INET, sin_port=htons(659),
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
ioctl(6, FIONBIO, [1]) = 0
setsockopt(6, SOL_IP, IP_RECVERR, [1], 4) = 0
sendto(6, "F\230\230\332\0\0\0\0\0\0\0\2\0\1\206\240\0\0\0\2\0\0\0"..., 56, 0,
{sa_family=AF_INET, sin_port=htons(111), sin_addr=inet_addr("172.27.8.157")},
16) = 56
poll([{fd=6, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
recvfrom(6, "F\230\230\332\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 400,
0, {sa_family=AF_INET, sin_port=htons(111),
sin_addr=inet_addr("172.27.8.157")}, [16]) = 28
close(6) = 0
uname({sys="Linux", node="unixdev1", ...}) = 0
close(3) = 0
close(3) = -1 EBADF (Bad file descriptor)
rt_sigprocmask(SIG_BLOCK, ~[TRAP SEGV RTMIN RT_1], NULL, 8) = 0
mount("calnfs01.corporate.net:/nfs_unix_data", "/unix_data", "nfs",
MS_POSIXACL|MS_ACTIVE|MS_NOUSER|0xec0000, 0x8056820) = -1 EPERM (Operation not
permitted)
rt_sigprocmask(SIG_UNBLOCK, ~[TRAP SEGV RTMIN RT_1], NULL, 8) = 0
geteuid32() = 0
stat64("/unix_data", {st_mode=S_IFDIR|0777, st_size=4096, ...}) = 0
write(2, "mount: permission denied\n", 25mount: permission denied
) = 25
munmap(0xb7e81000, 4096) = 0
exit_group(32)
-----Original Message-----
From: Herbert Poetzl [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 18, 2005 4:58 PM
To: Magnuson, Sig
Cc: vserver@list.linux-vserver.org
Subject: Re: [Vserver] unmount nfs with vserver
On Tue, Oct 18, 2005 at 03:35:30PM -0600, [EMAIL PROTECTED] wrote:
>
> I can mount it from the host using /usr/local/etc/vservers/unixdev1/fstab but
> have not figured out how to umount (if possible)
>
> I was able to use the bcapabilities numeric values with out getting errors on
> vserver startup.
> cat /usr/local/etc/vservers/unixdev1/bcapabilities
> 0x00010000
> 0x00020000
> 0x00040000
>
> even with this I am unable to unmount the nfs filesystem when mounted
> from the host into the vserver.
not unexpected, again bcaps != ccaps and if you want
to use numeric values, it's probably easier to use
^16
^17
^18
which means bits 16,17, and 18 ...
> when trying from inside the vserver I can not even mount the nfs filesystem
> sudo mount -v -t nfs calnfs01.corporate.net:/nfs_unix_data /unix_data
> mount: failed with nfs mount version 4, trying 3..
> mount: permission denied
> the nfs server shows
> Oct 18 15:31:57 calnfs01 rpc.mountd: authenticated mount request from
> unixdev1.corporate.net:783 for /nfs_unix_data (/nfs_unix_data)
> Oct 18 15:31:57 calnfs01 rpc.mountd: authenticated mount request from
> unixdev1.corporate.net:787 for /nfs_unix_data (/nfs_unix_data)
>
>
> I have been working on this from several angles to no avail. Is anyone
> else mounting nfs into a vserver? How are you doing it? Are you able
> to umount it afterwards?
you need SECURE_MOUNT and BINARY_MOUNT to mount and
unmount NFS inside a guest, but you can also unmount
it from the host (as you mounted it from the host :)
HTH,
Herbert
> thanks
> sig
>
>
>
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Magnuson,
> Sig
> Sent: Tuesday, October 18, 2005 11:50 AM
> To: vserver@list.linux-vserver.org
> Subject: RE: [Vserver] unmount nfs with vserver
>
>
> I have done the following but am getting a error
> sudo vi /usr/local/etc/vservers/caloratst01/bcapabilities
> VXC_SECURE_MOUNT
> VXC_SECURE_REMOUNT
> VXC_BINARY_MOUNT
>
> I also tried:
> SECURE_MOUNT
> SECURE_REMOUNT
> BINARY_MOUNT
>
> I am getting the following error on vserver startup
> sudo vserver caloratst01 start
> Unknown bcap 'VXC_SECURE_MOUNT'
>
> An error occured while executing the vserver startup sequence; when
> there are no other messages, it is very likely that the init-script
> (/sbin/init) failed.
>
> Common causes are:
> * /etc/rc.d/rc on Fedora Core 1 and RH9 fails always; the 'apt-rpm' build
> method knows how to deal with this, but on existing installations,
> appending 'true' to this file will help.
>
> Failed to start vserver 'caloratst01'
>
> Have I got the syntax of the file wrong?
>
>
> -----Original Message-----
> From: Herbert Poetzl [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 14, 2005 11:18 AM
> To: Magnuson, Sig
> Cc: vserver@list.linux-vserver.org
> Subject: Re: [Vserver] unmount nfs with vserver
>
>
> On Fri, Oct 14, 2005 at 10:42:49AM -0600, [EMAIL PROTECTED] wrote:
> > A while back I posted to the list about mounting nfs filesystem into a
> > vserver. The only suggestion that I could get to work was adding the
> > mount to fstab on host system.
>
> > IE:
> > cat /usr/local/etc/vservers/unixdev1/fstab
> > none /proc proc defaults 0 0
> > none /tmp tmpfs size=64m,mode=1777 0 0
> > none /dev/pts devpts gid=5,mode=620 0 0
> > # added Sept 14, 2005 - common unix NFS filesystem -sig
> > calnfs01.corporate.net:/nfs_unix_data /unix_data nfs hard,intr,nolock 0 > > 0
> >
> > The one issue I came across was that I could not find a way to umount
> > the NFS filesystem
> > ssh unixdev1
> > sudo umount /unix_data
> > umount: /unix_data: must be superuser to umount
> > umount: /unix_data: must be superuser to umount
>
> >>hmm, looks like you are missing one of the
> >>context capabilities for secure mount ...
>
> >>#define VXC_SECURE_MOUNT 0x00010000
> >>#define VXC_SECURE_REMOUNT 0x00020000
> >>#define VXC_BINARY_MOUNT 0x00040000
>
> > I thought I would be fine with it that way but it turns out it is a
> > bigger issue than I thought. Any suggestions on how to umount the NFS
> > filesystem?
>
> >>unmounting on the host should work quite fine ...
>
> >>best,
> >>Herbert
>
> > I have access to host and vserver.
> > thanks
> > sig
> >
> >
> >
> > sudo ./vserver-testme.sh
> > Linux-VServer Test [V0.13] Copyright (C) 2003-2005 H.Poetzl
> > chcontext is working.
> > chbind is working.
> > Linux 2.6.12.4-vs2.0 i686/0.30.208/0.30.208 [Ea] (0)
> > VCI: 0002:0001 273 03000016
> > ---
> > [000]# succeeded.
> > [001]# succeeded.
> > [011]# succeeded.
> > [031]# succeeded.
> > [101]# succeeded.
> > [102]# succeeded.
> > [201]# succeeded.
> > [202]# succeeded.
> >
> > sudo vserver-info
> > Versions:
> > Kernel: 2.6.12.4-vs2.0
> > VS-API: 0x00020001
> > util-vserver: 0.30.208; Aug 24 2005, 21:26:20
> >
> > Features:
> > CC: gcc, gcc (GCC) 3.4.3 (CRUX)
> > CXX: g++, g++ (GCC) 3.4.3 (CRUX)
> > CPPFLAGS: ''
> > CFLAGS: '-g -O2 -std=c99 -Wall -pedantic -W
> > -funit-at-a-time'
> > CXXFLAGS: '-g -O2 -ansi -Wall -pedantic -W
> > -fmessage-length=0 -
> > funit-at-a-time'
> > build/host: i686-pc-linux-gnu/i686-pc-linux-gnu
> > Use dietlibc: yes
> > Build C++ programs: yes
> > Build C99 programs: yes
> > Available APIs: compat,v11,v13,fscompat,net,oldproc,olduts
> > ext2fs Source: e2fsprogs
> > syscall(2) invocation: alternative
> > vserver(2) syscall#: 273/glibc
> >
> > Paths:
> > prefix: /usr/local
> > sysconf-Directory: ${prefix}/etc
> > cfg-Directory: ${prefix}/etc/vservers
> > initrd-Directory: $(sysconfdir)/init.d
> > pkgstate-Directory: ${prefix}/var/run/vservers
> > Kernelheaders: /lib/modules/2.6.12.4-vs2.0/build/include
> > vserver-Rootdir: /vservers
> >
> >
> > Assumed 'SYSINFO' as no other option given; try '--help' for more
> > information.
> >
> >
> > _______________________________________________
> > Vserver mailing list
> > Vserver@list.linux-vserver.org
> > http://list.linux-vserver.org/mailman/listinfo/vserver
> _______________________________________________
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
> _______________________________________________
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
