Ok I have NFS working as following. Any comments/concerns doing it this way?
#I mount this filesystem manually without a vserver restart from the root/host sudo vnamespace -e 100 mount -t nfs calnfs01.corporate.net:/nfs_unix_data /vservers/unixdev1/unix_data #I can unmount this filesystem manually without a vserver restart from the root/host sudo vnamespace -e 100 umount /vservers/unixdev1/unix_data #the outstanding issue is that you can only see the mount on the host/root (df -k). The disk values are incorrect. It seems to mimic the preceding df entry df -h Filesystem Size Used Avail Use% Mounted on /dev/ide/host1/bus0/target0/lun0/part9 58G 22G 34G 39% /vservers calnfs01.corporate.net:/nfs_unix_data 58G 22G 34G 39% /vservers/unixdev1/unix_data #the nfs disk is actually 100G in size with 64M used #it seems useable so far -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Magnuson, Sig Sent: Wednesday, October 19, 2005 12:05 PM To: vserver@list.linux-vserver.org Subject: RE: [Vserver] unmount nfs with vserver Ok my plan is to be able to mount/umount nfs disk from inside the guest/vserver. I'm still getting a permission denied. #Now that I have the ccaps in place properly (i hope) cat /usr/local/etc/vservers/unixdev1/ccapabilities SECURE_MOUNT SECURE_REMOUNT BINARY_MOUNT #I have my nfs disk exported to both host and guest (/etc/exports) #On the guest I have portmap and rpc.statd running #This command takes a couple of minutes to return mount -v -t nfs calnfs01.corporate.net:/nfs_unix_data /unix_data mount: failed with nfs mount version 4, trying 3.. mount: permission denied #Our nfs server reports this Oct 19 11:44:31 calnfs01 rpc.mountd: authenticated mount request from unixdev1.corporate.net:965 for /nfs_unix_data (/nfs_unix_data) Oct 19 11:44:31 calnfs01 rpc.mountd: authenticated mount request from unixdev1.corporate.net:969 for /nfs_unix_data (/nfs_unix_data) #I am able to contact the NFS server from the vserver rpcinfo -p calnfs01 program vers proto port 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100024 1 udp 32768 status 100024 1 tcp 32768 status 100003 2 udp 2049 nfs 100003 3 udp 2049 nfs 100003 2 tcp 2049 nfs 100003 3 tcp 2049 nfs 100021 1 udp 32771 nlockmgr 100021 3 udp 32771 nlockmgr 100021 4 udp 32771 nlockmgr 100021 1 tcp 32769 nlockmgr 100021 3 tcp 32769 nlockmgr 100021 4 tcp 32769 nlockmgr 100005 1 udp 926 mountd 100005 1 tcp 929 mountd 100005 2 udp 926 mountd 100005 2 tcp 929 mountd 100005 3 udp 926 mountd 100005 3 tcp 929 mountd 390113 1 tcp 7937 #Here is a strace of the mount strace mount -v -t nfs calnfs01.corporate.net:/nfs_unix_data /unix_data execve("/bin/mount", ["mount", "-v", "-t", "nfs", "calnfs01.corporate.net:/nfs_u"..., "/unix_data"], [/* 30 vars */]) = 0 uname({sys="Linux", node="unixdev1", ...}) = 0 brk(0) = 0x8057000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("tls/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("tls/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/home/sig/lib/tls/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/home/sig/lib/tls/i686", 0xbf9db988) = -1 ENOENT (No such file or directory) open("/home/sig/lib/tls/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/home/sig/lib/tls", 0xbf9db988) = -1 ENOENT (No such file or directory) open("/home/sig/lib/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/home/sig/lib/i686", 0xbf9db988) = -1 ENOENT (No such file or directory) open("/home/sig/lib/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/home/sig/lib", 0xbf9db988) = -1 ENOENT (No such file or directory) open("/usr/lib/tls/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/tls/i686", 0xbf9db988) = -1 ENOENT (No such file or directory) open("/usr/lib/tls/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/tls", 0xbf9db988) = -1 ENOENT (No such file or directory) open("/usr/lib/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/i686", 0xbf9db988) = -1 ENOENT (No such file or directory) open("/usr/lib/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib", {st_mode=S_IFDIR|0755, st_size=8192, ...}) = 0 open("/lib/tls/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/tls/i686", 0xbf9db988) = -1 ENOENT (No such file or directory) open("/lib/tls/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/tls", 0xbf9db988) = -1 ENOENT (No such file or directory) open("/lib/i686/libblkid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/i686", 0xbf9db988) = -1 ENOENT (No such file or directory) open("/lib/libblkid.so.1", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\34"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=28172, ...}) = 0 mmap2(NULL, 30740, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7fc2000 mmap2(0xb7fc9000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6) = 0xb7fc9000 close(3) = 0 open("tls/i686/libuuid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("tls/libuuid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("i686/libuuid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("libuuid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/libuuid.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib/libuuid.so.1", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\240\n\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=9056, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fc1000 mmap2(NULL, 11592, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7fbe000 mmap2(0xb7fc0000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0xb7fc0000 close(3) = 0 open("tls/i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) open("tls/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) open("i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) open("libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360N\1"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1170840, ...}) = 0 mmap2(NULL, 1150108, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7ea5000 mmap2(0xb7fb8000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x113) = 0xb7fb8000 mmap2(0xb7fbc000, 7324, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7fbc000 close(3) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7ea4000 mprotect(0xb7fb8000, 4096, PROT_READ) = 0 mprotect(0xb7fdf000, 4096, PROT_READ) = 0 set_thread_area({entry_number:-1 -> 6, base_addr:0xb7ea46b0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0 umask(022) = 027 open("/dev/null", O_RDWR|O_LARGEFILE) = 3 close(3) = 0 brk(0) = 0x8057000 brk(0x8078000) = 0x8078000 getuid32() = 0 geteuid32() = 0 getgid32() = 0 getegid32() = 0 prctl(0x3, 0x20, 0x6, 0x6, 0) = 1 open("/etc/blkid.tab", O_RDONLY) = -1 ENOENT (No such file or directory) getuid32() = 0 geteuid32() = 0 lstat64("/etc/mtab", {st_mode=S_IFREG|0644, st_size=137, ...}) = 0 stat64("/sbin/mount.nfs", 0xbf9dbf20) = -1 ENOENT (No such file or directory) uname({sys="Linux", node="unixdev1", ...}) = 0 gettimeofday({1129744076, 878463}, NULL) = 0 getpid() = 3020 open("/etc/resolv.conf", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=232, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7ea3000 read(3, "#\n# /etc/resolv.conf: resolver c"..., 4096) = 232 read(3, "", 4096) = 0 close(3) = 0 munmap(0xb7ea3000, 4096) = 0 socket(PF_FILE, SOCK_STREAM, 0) = 3 fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) close(3) = 0 socket(PF_FILE, SOCK_STREAM, 0) = 3 fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) close(3) = 0 open("/etc/nsswitch.conf", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=373, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7ea3000 read(3, "#\n# /etc/nsswitch.conf: name ser"..., 4096) = 373 read(3, "", 4096) = 0 close(3) = 0 munmap(0xb7ea3000, 4096) = 0 open("tls/i686/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("tls/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("i686/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib/libnss_files.so.2", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\33\0\000"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=34660, ...}) = 0 mmap2(NULL, 37516, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7e9a000 mmap2(0xb7ea2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7) = 0xb7ea2000 close(3) = 0 open("/etc/host.conf", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=92, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7e99000 read(3, "#\n# /etc/host.conf: resolver con"..., 4096) = 92 read(3, "", 4096) = 0 close(3) = 0 munmap(0xb7e99000, 4096) = 0 open("/etc/hosts", O_RDONLY) = 3 fcntl64(3, F_GETFD) = 0 fcntl64(3, F_SETFD, FD_CLOEXEC) = 0 fstat64(3, {st_mode=S_IFREG|0644, st_size=360, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7e99000 read(3, "#\n# /etc/hosts: static lookup ta"..., 4096) = 360 read(3, "", 4096) = 0 close(3) = 0 munmap(0xb7e99000, 4096) = 0 open("tls/i686/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("tls/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("i686/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib/libnss_dns.so.2", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\r\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=18012, ...}) = 0 mmap2(NULL, 20616, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7e94000 mmap2(0xb7e98000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3) = 0xb7e98000 close(3) = 0 open("tls/i686/libresolv.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("tls/libresolv.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("i686/libresolv.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("libresolv.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/libresolv.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib/libresolv.so.2", O_RDONLY) = 3 read(3, "[EMAIL PROTECTED]"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=63788, ...}) = 0 mmap2(NULL, 71848, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7e82000 mmap2(0xb7e90000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe) = 0xb7e90000 mmap2(0xb7e92000, 6312, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7e92000 close(3) = 0 socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3 connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.27.8.42")}, 28) = 0 fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 gettimeofday({1129744076, 888001}, NULL) = 0 poll([{fd=3, events=POLLOUT, revents=POLLOUT}], 1, 0) = 1 send(3, "\352\177\1\0\0\1\0\0\0\0\0\0\10calnfs01\fcorpora"..., 43, 0) = 43 poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 5000) = 1 ioctl(3, FIONREAD, [59]) = 0 recvfrom(3, "\352\177\205\200\0\1\0\1\0\0\0\0\10calnfs01\fcorpor"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.27.8.42")}, [16]) = 59 close(3) = 0 time(NULL) = 1129744076 socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3 bind(3, {sa_family=AF_INET, sin_port=htons(652), sin_addr=inet_addr("0.0.0.0")}, 16) = 0 connect(3, {sa_family=AF_INET, sin_port=htons(111), sin_addr=inet_addr("172.27.8.157")}, 16) = 0 gettimeofday({1129744076, 890524}, NULL) = 0 write(3, "\200\0\0(\10\364\232v\0\0\0\0\0\0\0\2\0\1\206\240\0\0\0"..., 44) = 44 poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 60000) = 1 read(3, "\0\0\1\214\10\364\232v\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0"..., 500) = 400 poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 60000) = 1 read(3, "\200\0\0004\0\0\0\21\0\0\3\236\0\0\0\1\0\1\206\245\0\0"..., 500) = 56 close(3) = 0 socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 3 bind(3, {sa_family=AF_INET, sin_port=htons(653), sin_addr=inet_addr("0.0.0.0")}, 16) = 0 ioctl(3, FIONBIO, [1]) = 0 setsockopt(3, SOL_IP, IP_RECVERR, [1], 4) = 0 uname({sys="Linux", node="unixdev1", ...}) = 0 geteuid32() = 0 getegid32() = 0 getgroups32(0, NULL) = 7 getgroups32(7, [0, 1, 2, 3, 4, 6, 10]) = 7 gettimeofday({1129744076, 892739}, NULL) = 0 sendto(3, "\'{2(\0\0\0\0\0\0\0\2\0\1\206\245\0\0\0\3\0\0\0\1\0\0\0"..., 116, 0, {sa_family=AF_INET, sin_port=htons(926), sin_addr=inet_addr("172.27.8.157")}, 16) = 116 poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 3000) = 1 recvfrom(3, "\'{2(\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 8800, 0, {sa_family=AF_INET, sin_port=htons(926), sin_addr=inet_addr("172.27.8.157")}, [16]) = 56 socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 4 bind(4, {sa_family=AF_INET, sin_port=htons(654), sin_addr=inet_addr("0.0.0.0")}, 16) = 0 socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 5 bind(5, {sa_family=AF_INET, sin_port=htons(655), sin_addr=inet_addr("0.0.0.0")}, 16) = 0 ioctl(5, FIONBIO, [1]) = 0 setsockopt(5, SOL_IP, IP_RECVERR, [1], 4) = 0 sendto(5, "\22\325\314R\0\0\0\0\0\0\0\2\0\1\206\240\0\0\0\2\0\0\0"..., 56, 0, {sa_family=AF_INET, sin_port=htons(111), sin_addr=inet_addr("172.27.8.157")}, 16) = 56 poll([{fd=5, events=POLLIN, revents=POLLIN}], 1, 5000) = 1 recvfrom(5, "\22\325\314R\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 400, 0, {sa_family=AF_INET, sin_port=htons(111), sin_addr=inet_addr("172.27.8.157")}, [16]) = 28 close(5) = 0 uname({sys="Linux", node="unixdev1", ...}) = 0 close(3) = 0 close(3) = -1 EBADF (Bad file descriptor) rt_sigprocmask(SIG_BLOCK, ~[TRAP SEGV RTMIN RT_1], NULL, 8) = 0 mount("calnfs01.corporate.net:/nfs_unix_data", "/unix_data", "nfs", MS_POSIXACL|MS_ACTIVE|MS_NOUSER|0xec0000, 0x8056820) = -1 EPERM (Operation not permitted) rt_sigprocmask(SIG_UNBLOCK, ~[TRAP SEGV RTMIN RT_1], NULL, 8) = 0 fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7e81000 write(1, "mount: failed with nfs mount ver"..., 51mount: failed with nfs mount version 4, trying 3.. ) = 51 open("/etc/hosts", O_RDONLY) = 3 fcntl64(3, F_GETFD) = 0 fcntl64(3, F_SETFD, FD_CLOEXEC) = 0 fstat64(3, {st_mode=S_IFREG|0644, st_size=360, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7e80000 read(3, "#\n# /etc/hosts: static lookup ta"..., 4096) = 360 read(3, "", 4096) = 0 close(3) = 0 munmap(0xb7e80000, 4096) = 0 socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3 connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.27.8.42")}, 28) = 0 fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 gettimeofday({1129744076, 928136}, NULL) = 0 poll([{fd=3, events=POLLOUT, revents=POLLOUT}], 1, 0) = 1 send(3, "1\351\1\0\0\1\0\0\0\0\0\0\10calnfs01\fcorpora"..., 43, 0) = 43 poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 5000) = 1 ioctl(3, FIONREAD, [59]) = 0 recvfrom(3, "1\351\205\200\0\1\0\1\0\0\0\0\10calnfs01\fcorpora"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.27.8.42")}, [16]) = 59 close(3) = 0 time(NULL) = 1129744076 socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3 bind(3, {sa_family=AF_INET, sin_port=htons(656), sin_addr=inet_addr("0.0.0.0")}, 16) = 0 connect(3, {sa_family=AF_INET, sin_port=htons(111), sin_addr=inet_addr("172.27.8.157")}, 16) = 0 write(3, "\200\0\0(\17XJ9\0\0\0\0\0\0\0\2\0\1\206\240\0\0\0\2\0\0"..., 44) = 44 poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 60000) = 1 read(3, "\0\0\1\214\17XJ9\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 500) = 400 poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 60000) = 1 read(3, "\200\0\0004\0\0\0\21\0\0\3\236\0\0\0\1\0\1\206\245\0\0"..., 500) = 56 close(3) = 0 socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 3 bind(3, {sa_family=AF_INET, sin_port=htons(657), sin_addr=inet_addr("0.0.0.0")}, 16) = 0 ioctl(3, FIONBIO, [1]) = 0 setsockopt(3, SOL_IP, IP_RECVERR, [1], 4) = 0 uname({sys="Linux", node="unixdev1", ...}) = 0 geteuid32() = 0 getegid32() = 0 getgroups32(0, NULL) = 7 getgroups32(7, [0, 1, 2, 3, 4, 6, 10]) = 7 gettimeofday({1129744076, 933098}, NULL) = 0 sendto(3, "FD\206X\0\0\0\0\0\0\0\2\0\1\206\245\0\0\0\2\0\0\0\1\0\0"..., 116, 0, {sa_family=AF_INET, sin_port=htons(926), sin_addr=inet_addr("172.27.8.157")}, 16) = 116 poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 3000) = 1 recvfrom(3, "FD\206X\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 8800, 0, {sa_family=AF_INET, sin_port=htons(926), sin_addr=inet_addr("172.27.8.157")}, [16]) = 60 socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 5 bind(5, {sa_family=AF_INET, sin_port=htons(658), sin_addr=inet_addr("0.0.0.0")}, 16) = 0 socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 6 bind(6, {sa_family=AF_INET, sin_port=htons(659), sin_addr=inet_addr("0.0.0.0")}, 16) = 0 ioctl(6, FIONBIO, [1]) = 0 setsockopt(6, SOL_IP, IP_RECVERR, [1], 4) = 0 sendto(6, "F\230\230\332\0\0\0\0\0\0\0\2\0\1\206\240\0\0\0\2\0\0\0"..., 56, 0, {sa_family=AF_INET, sin_port=htons(111), sin_addr=inet_addr("172.27.8.157")}, 16) = 56 poll([{fd=6, events=POLLIN, revents=POLLIN}], 1, 5000) = 1 recvfrom(6, "F\230\230\332\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 400, 0, {sa_family=AF_INET, sin_port=htons(111), sin_addr=inet_addr("172.27.8.157")}, [16]) = 28 close(6) = 0 uname({sys="Linux", node="unixdev1", ...}) = 0 close(3) = 0 close(3) = -1 EBADF (Bad file descriptor) rt_sigprocmask(SIG_BLOCK, ~[TRAP SEGV RTMIN RT_1], NULL, 8) = 0 mount("calnfs01.corporate.net:/nfs_unix_data", "/unix_data", "nfs", MS_POSIXACL|MS_ACTIVE|MS_NOUSER|0xec0000, 0x8056820) = -1 EPERM (Operation not permitted) rt_sigprocmask(SIG_UNBLOCK, ~[TRAP SEGV RTMIN RT_1], NULL, 8) = 0 geteuid32() = 0 stat64("/unix_data", {st_mode=S_IFDIR|0777, st_size=4096, ...}) = 0 write(2, "mount: permission denied\n", 25mount: permission denied ) = 25 munmap(0xb7e81000, 4096) = 0 exit_group(32) -----Original Message----- From: Herbert Poetzl [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 18, 2005 4:58 PM To: Magnuson, Sig Cc: vserver@list.linux-vserver.org Subject: Re: [Vserver] unmount nfs with vserver On Tue, Oct 18, 2005 at 03:35:30PM -0600, [EMAIL PROTECTED] wrote: > > I can mount it from the host using /usr/local/etc/vservers/unixdev1/fstab but > have not figured out how to umount (if possible) > > I was able to use the bcapabilities numeric values with out getting errors on > vserver startup. > cat /usr/local/etc/vservers/unixdev1/bcapabilities > 0x00010000 > 0x00020000 > 0x00040000 > > even with this I am unable to unmount the nfs filesystem when mounted > from the host into the vserver. not unexpected, again bcaps != ccaps and if you want to use numeric values, it's probably easier to use ^16 ^17 ^18 which means bits 16,17, and 18 ... > when trying from inside the vserver I can not even mount the nfs filesystem > sudo mount -v -t nfs calnfs01.corporate.net:/nfs_unix_data /unix_data > mount: failed with nfs mount version 4, trying 3.. > mount: permission denied > the nfs server shows > Oct 18 15:31:57 calnfs01 rpc.mountd: authenticated mount request from > unixdev1.corporate.net:783 for /nfs_unix_data (/nfs_unix_data) > Oct 18 15:31:57 calnfs01 rpc.mountd: authenticated mount request from > unixdev1.corporate.net:787 for /nfs_unix_data (/nfs_unix_data) > > > I have been working on this from several angles to no avail. Is anyone > else mounting nfs into a vserver? How are you doing it? Are you able > to umount it afterwards? you need SECURE_MOUNT and BINARY_MOUNT to mount and unmount NFS inside a guest, but you can also unmount it from the host (as you mounted it from the host :) HTH, Herbert > thanks > sig > > > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Magnuson, > Sig > Sent: Tuesday, October 18, 2005 11:50 AM > To: vserver@list.linux-vserver.org > Subject: RE: [Vserver] unmount nfs with vserver > > > I have done the following but am getting a error > sudo vi /usr/local/etc/vservers/caloratst01/bcapabilities > VXC_SECURE_MOUNT > VXC_SECURE_REMOUNT > VXC_BINARY_MOUNT > > I also tried: > SECURE_MOUNT > SECURE_REMOUNT > BINARY_MOUNT > > I am getting the following error on vserver startup > sudo vserver caloratst01 start > Unknown bcap 'VXC_SECURE_MOUNT' > > An error occured while executing the vserver startup sequence; when > there are no other messages, it is very likely that the init-script > (/sbin/init) failed. > > Common causes are: > * /etc/rc.d/rc on Fedora Core 1 and RH9 fails always; the 'apt-rpm' build > method knows how to deal with this, but on existing installations, > appending 'true' to this file will help. > > Failed to start vserver 'caloratst01' > > Have I got the syntax of the file wrong? > > > -----Original Message----- > From: Herbert Poetzl [mailto:[EMAIL PROTECTED] > Sent: Friday, October 14, 2005 11:18 AM > To: Magnuson, Sig > Cc: vserver@list.linux-vserver.org > Subject: Re: [Vserver] unmount nfs with vserver > > > On Fri, Oct 14, 2005 at 10:42:49AM -0600, [EMAIL PROTECTED] wrote: > > A while back I posted to the list about mounting nfs filesystem into a > > vserver. The only suggestion that I could get to work was adding the > > mount to fstab on host system. > > > IE: > > cat /usr/local/etc/vservers/unixdev1/fstab > > none /proc proc defaults 0 0 > > none /tmp tmpfs size=64m,mode=1777 0 0 > > none /dev/pts devpts gid=5,mode=620 0 0 > > # added Sept 14, 2005 - common unix NFS filesystem -sig > > calnfs01.corporate.net:/nfs_unix_data /unix_data nfs hard,intr,nolock 0 > > 0 > > > > The one issue I came across was that I could not find a way to umount > > the NFS filesystem > > ssh unixdev1 > > sudo umount /unix_data > > umount: /unix_data: must be superuser to umount > > umount: /unix_data: must be superuser to umount > > >>hmm, looks like you are missing one of the > >>context capabilities for secure mount ... > > >>#define VXC_SECURE_MOUNT 0x00010000 > >>#define VXC_SECURE_REMOUNT 0x00020000 > >>#define VXC_BINARY_MOUNT 0x00040000 > > > I thought I would be fine with it that way but it turns out it is a > > bigger issue than I thought. Any suggestions on how to umount the NFS > > filesystem? > > >>unmounting on the host should work quite fine ... > > >>best, > >>Herbert > > > I have access to host and vserver. > > thanks > > sig > > > > > > > > sudo ./vserver-testme.sh > > Linux-VServer Test [V0.13] Copyright (C) 2003-2005 H.Poetzl > > chcontext is working. > > chbind is working. > > Linux 2.6.12.4-vs2.0 i686/0.30.208/0.30.208 [Ea] (0) > > VCI: 0002:0001 273 03000016 > > --- > > [000]# succeeded. > > [001]# succeeded. > > [011]# succeeded. > > [031]# succeeded. > > [101]# succeeded. > > [102]# succeeded. > > [201]# succeeded. > > [202]# succeeded. > > > > sudo vserver-info > > Versions: > > Kernel: 2.6.12.4-vs2.0 > > VS-API: 0x00020001 > > util-vserver: 0.30.208; Aug 24 2005, 21:26:20 > > > > Features: > > CC: gcc, gcc (GCC) 3.4.3 (CRUX) > > CXX: g++, g++ (GCC) 3.4.3 (CRUX) > > CPPFLAGS: '' > > CFLAGS: '-g -O2 -std=c99 -Wall -pedantic -W > > -funit-at-a-time' > > CXXFLAGS: '-g -O2 -ansi -Wall -pedantic -W > > -fmessage-length=0 - > > funit-at-a-time' > > build/host: i686-pc-linux-gnu/i686-pc-linux-gnu > > Use dietlibc: yes > > Build C++ programs: yes > > Build C99 programs: yes > > Available APIs: compat,v11,v13,fscompat,net,oldproc,olduts > > ext2fs Source: e2fsprogs > > syscall(2) invocation: alternative > > vserver(2) syscall#: 273/glibc > > > > Paths: > > prefix: /usr/local > > sysconf-Directory: ${prefix}/etc > > cfg-Directory: ${prefix}/etc/vservers > > initrd-Directory: $(sysconfdir)/init.d > > pkgstate-Directory: ${prefix}/var/run/vservers > > Kernelheaders: /lib/modules/2.6.12.4-vs2.0/build/include > > vserver-Rootdir: /vservers > > > > > > Assumed 'SYSINFO' as no other option given; try '--help' for more > > information. > > > > > > _______________________________________________ > > Vserver mailing list > > Vserver@list.linux-vserver.org > > http://list.linux-vserver.org/mailman/listinfo/vserver > _______________________________________________ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver > _______________________________________________ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver