[Lxc-users] [lxc] [autofs nfs V4/V3] umount_autofs_indirect:279: ioctl failed: Permission denied
LACROIX Jean Marc
jeanmarc.lacroix at free.fr
Fri Oct 14 06:05:18 UTC 2011
hi mailing list,
I am running Debian Squeeze (V6.02) container with lxc 0.7.2-1
I have a problem with autofs daemon on lxc container
------------------------test -------------------------------------
My kernel is the 2.6.39 backport from Debian testing on Debian squeeze
runing
on one P4 X86/IA32 server.
In one container (srv-nis-1), i have installed NIS client, nfs-common
and autofs package
in order to mount a remote file system on one external server on the LAN.
According autofs4 kernel module for user to kernel communication char
device,....
local at vador:~$ sudo modinfo autofs4
filename:
/lib/modules/2.6.39-bpo.2-686-pae/kernel/fs/autofs4/autofs4.ko
license: GPL
alias: devname:autofs
alias: char-major-10-235
depends:
intree: Y
vermagic: 2.6.39-bpo.2-686-pae SMP mod_unload modversions 686
I have setup the correct permission in the config file
grep 235 /etc/lxc/lxc_vm_0*
/etc/lxc/lxc_vm_01-srv-nis-1.conf:lxc.cgroup.devices.allow = c 10:235 rwm
and ...on the host on which lxc cointainer runs..
When booting the VM on the real host , is seems there is no problems.....
sudo lxc-start -n srv-nis-1 -f /etc/lxc/lxc_vm_01-srv-nis-1.conf
INIT: version 2.88 booting
Using makefile-style concurrent boot in runlevel S.
Activating swap...done.
Cleaning up ifupdown....
Loading kernel modules...done.
Setting up networking....
Activating lvm and md swap...done.
Checking file systems...fsck from util-linux-ng 2.17.2
done.
Mounting local filesystems...done.
Activating swapfile swap...done.
Cleaning up temporary files....
Setting kernel variables ...done.
Configuring network interfaces...Internet Systems Consortium DHCP Client
4.1.1-P1
Copyright 2004-2010 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/eth0/02:00:00:01:01:00
Sending on LPF/eth0/02:00:00:01:01:00
Sending on Socket/fallback
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 5
DHCPOFFER from 192.168.9.8
DHCPREQUEST on eth0 to 255.255.255.255 port 67
DHCPACK from 192.168.9.8
bound to 192.168.9.239 -- renewal in 31 seconds.
Internet Systems Consortium DHCP Client 4.1.1-P1
Copyright 2004-2010 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/eth1/02:00:00:01:01:01
Sending on LPF/eth1/02:00:00:01:01:01
Sending on Socket/fallback
DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 8
DHCPOFFER from 192.168.6.2
DHCPREQUEST on eth1 to 255.255.255.255 port 67
DHCPACK from 192.168.6.2
bound to 192.168.6.226 -- renewal in 27 seconds.
Internet Systems Consortium DHCP Client 4.1.1-P1
Copyright 2004-2010 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/eth2/02:00:00:01:01:02
Sending on LPF/eth2/02:00:00:01:01:02
Sending on Socket/fallback
DHCPDISCOVER on eth2 to 255.255.255.255 port 67 interval 7
DHCPOFFER from 192.168.8.11
DHCPREQUEST on eth2 to 255.255.255.255 port 67
DHCPACK from 192.168.8.11
bound to 192.168.8.249 -- renewal in 29 seconds.
done.
Starting portmap daemon....
Starting NFS common utilities: statd.
Cleaning up temporary files....
INIT: Entering runlevel: 3
Using makefile-style concurrent boot in runlevel 3.
Starting portmap daemon...Already running..
Starting NFS common utilities: statd.
Starting system logging: syslog-ng.
Starting system message bus: dbus.
Starting OpenBSD Secure Shell server: sshd.
Starting NIS services: ypserv yppasswdd ypxfrd ypbind.
Starting automount: done.
Starting periodic command scheduler: cron.
Debian GNU/Linux 6.0 srv-nis-1 console
srv-nis-1 login:
After booting, .....
root at srv-nis-1:~# ps auxww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 2076 680 ? Ss 06:30 0:00 init [3]
root 198 0.0 0.0 2508 800 ? Ss 06:30 0:00
dhclient -v -pf /var/run/dhclient.eth0.pid -lf
/var/lib/dhcp/dhclient.eth0.leases eth
root 217 0.0 0.0 2508 800 ? Ss 06:30 0:00
dhclient -v -pf /var/run/dhclient.eth1.pid -lf
/var/lib/dhcp/dhclient.eth1.leases eth
root 241 0.0 0.0 2508 812 ? Ss 06:30 0:00
dhclient -v -pf /var/run/dhclient.eth2.pid -lf
/var/lib/dhcp/dhclient.eth2.leases eth
daemon 251 0.0 0.0 1852 536 ? Ss 06:30 0:00
/sbin/portmap
statd 263 0.0 0.0 2020 856 ? Ss 06:30 0:00
/sbin/rpc.statd
root 329 0.0 0.0 5416 508 ? S 06:30 0:00
supervising syslog-ng
root 332 0.0 0.1 5700 2208 ? Ss 06:30 0:00
/usr/sbin/syslog-ng -p /var/run/syslog-ng.pid
root 360 0.0 0.0 2148 792 ? S 06:30 0:00
/usr/sbin/ypserv --port 32770
root 362 0.0 0.0 2044 452 ? S 06:30 0:00
/usr/sbin/rpc.yppasswdd -D /var/yp/sources -e chsh -e chfn --port 32772
root 373 0.0 0.0 1920 504 ? S 06:30 0:00
/usr/sbin/rpc.ypxfrd -p 32773
103 384 0.0 0.0 2592 384 ? Ss 06:30 0:00
/usr/bin/dbus-daemon --system
root 388 0.0 0.0 20212 608 ? Sl 06:30 0:00
/usr/sbin/ypbind -p 32771 -broken-server -f /etc/yp.conf -ping-interval
10 -no-dbus
root 391 0.0 0.0 5464 916 ? Ss 06:30 0:00
/usr/sbin/sshd
root 419 0.0 0.0 21780 1260 ? Ssl 06:30 0:00
/usr/sbin/automount
root 448 0.0 0.0 2172 652 ? Ss 06:30 0:00
/usr/sbin/cron
root 465 0.0 0.0 2604 1388 console Ss 06:30 0:00
/bin/login --
root 538 0.0 0.1 2884 1576 console S 06:31 0:00 -bash
root 567 0.0 0.0 1748 624 ? Ss 06:31 0:00
/sbin/getty 38400 tty1 linux
root 568 0.0 0.0 1748 628 ? Ss 06:31 0:00
/sbin/getty 38400 tty2 linux
root 569 0.0 0.0 1748 624 ? Ss 06:31 0:00
/sbin/getty 38400 tty3 linux
root 570 0.0 0.0 1748 624 ? Ss 06:31 0:00
/sbin/getty 38400 tty4 linux
root 581 0.0 0.0 2232 820 console R+ 06:31 0:00 ps auxww
and after booting the VM, the /dev/autofs is correctly setup for autofs4
kernel module
root at srv-nis-1:~# ls -altrn /dev/autofs
crw------- 1 0 0 10, 235 Oct 4 06:53 /dev/autofs
All nfs daemons are ok (?), it is possible to get all NIS data base, and
i can mount
manually external mount in r/w as shown...
With NIS protocol, i can extract my auto.master and auto.home map
root at srv-nis-1:~# ypcat auto.master
yp:auto.private --timeout=20
yp:auto.home --timeout=20
root at srv-nis-1:~# ypcat auto.home
-fstype=nfs,rw,tcp,exec srv-nfs-2-services.dns2:/exports/data/lv_home/&
The server srv-nfs-2-services is available...
root at srv-nis-1:~# rpcinfo -p srv-nfs-2-services.dns2
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 32766 status
100024 1 tcp 32766 status
100007 2 udp 32771 ypbind
100007 1 udp 32771 ypbind
100007 2 tcp 32771 ypbind
100007 1 tcp 32771 ypbind
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100227 2 tcp 2049
100227 3 tcp 2049
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100227 2 udp 2049
100227 3 udp 2049
100021 1 udp 47047 nlockmgr
100021 3 udp 47047 nlockmgr
100021 4 udp 47047 nlockmgr
100021 1 tcp 46114 nlockmgr
100021 3 tcp 46114 nlockmgr
100021 4 tcp 46114 nlockmgr
100005 1 udp 32767 mountd
100005 1 tcp 32767 mountd
100005 2 udp 32767 mountd
100005 2 tcp 32767 mountd
100005 3 udp 32767 mountd
100005 3 tcp 32767 mountd
and....
root at srv-nis-1:~# mkdir /tmp/test-nfs
srv-nis-1:~# mount srv-nfs-2-services.dns2:/exports/data/lv_home/
/tmp/test-nfs
root at srv-nis-1:~# mount
tmpfs on /lib/init/rw type tmpfs (rw,nosuid,mode=0755)
proc on /proc type proc (rw,noexec,nosuid,nodev)
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=620)
rootfs on / type rootfs (rw)
/dev/mapper/vg_lxc_01-lv_tmp on /tmp type ext3
(rw,relatime,errors=continue,barrier=0,data=ordered)
/dev/mapper/vg_lxc_01-lv_usr on /usr type ext3
(rw,relatime,errors=continue,barrier=0,data=ordered)
/dev/mapper/vg_lxc_01-lv_var on /var type ext3
(rw,relatime,errors=continue,barrier=0,data=ordered)
srv-nfs-2-services.dns2:/exports/data/lv_home/ on /tmp/test-nfs type nfs
(rw,vers=4,addr=192.168.6.233,clientaddr=192.168.6.226)
and the mount point is correctly mounted without any errors in the console.
all access in read/write mode are ok on the /tmp/test-nfs device
At this point, for me, the nfs protocol is OK on both side of the
connection
(server and VM lxc client).
As autofs seems started .....
root at srv-nis-1:~# fuser -muv /home
USER PID ACCESS COMMAND
/home: root kernel mount (root)/home
root 419 f.... (root)automount
i try now to mount the /home/lacroix mount point via autofs and via NIS
with the ls command in order to force autromount access.
root at srv-nis-1:~# ls /home/lacroix
and the command is definitively suspended...
the same with strace ls /home/lacroix
root at srv-nis-1:~# strace ls /home/lacroix..........
execve("/bin/ls", ["ls", "/home/lacroix"], [/* 12 vars */]) = 0
brk(0) = 0x8944000
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
directory)
mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0xb7734000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or
directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=8381, ...}) = 0
mmap2(NULL, 8381, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7731000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
directory)
open("/lib/libselinux.so.1", O_RDONLY) = 3
read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0J\0\0004\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=104276, ...}) = 0
mmap2(NULL, 109564, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0) = 0xb7716000
mmap2(0xb772f000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x18) = 0xb772f000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
directory)
open("/lib/librt.so.1", O_RDONLY) = 3
read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\30\0\0004\0\0\0"..., 512)
= 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=30684, ...}) = 0
mmap2(NULL, 33364, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
= 0xb770d000
mmap2(0xb7714000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6) = 0xb7714000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
directory)
open("/lib/libacl.so.1", O_RDONLY) = 3
read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\27\0\0004\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=26492, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0xb770c000
mmap2(NULL, 25220, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
= 0xb7705000
mmap2(0xb770b000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6) = 0xb770b000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
directory)
open("/lib/libc.so.6", O_RDONLY) = 3
read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320m\1\0004\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1319176, ...}) = 0
mmap2(NULL, 1329480, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0) = 0xb75c0000
mprotect(0xb76fe000, 4096, PROT_NONE) = 0
mmap2(0xb76ff000, 12288, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x13e) = 0xb76ff000
mmap2(0xb7702000, 10568, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7702000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
directory)
open("/lib/libdl.so.2", O_RDONLY) = 3
read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@\n\0\0004\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=9736, ...}) = 0
mmap2(NULL, 12408, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
= 0xb75bc000
mmap2(0xb75be000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0xb75be000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
directory)
open("/lib/libpthread.so.0", O_RDONLY) = 3
read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`I\0\0004\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=117105, ...}) = 0
mmap2(NULL, 98784, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
= 0xb75a3000
mprotect(0xb75b7000, 4096, PROT_NONE) = 0
mmap2(0xb75b8000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14) = 0xb75b8000
mmap2(0xb75ba000, 4576, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb75ba000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
directory)
open("/lib/libattr.so.1", O_RDONLY) = 3
read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@\17\0\0004\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=14888, ...}) = 0
mmap2(NULL, 17696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
= 0xb759e000
mmap2(0xb75a2000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3) = 0xb75a2000
close(3) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0xb759d000
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0xb759c000
set_thread_area({entry_number:-1 -> 6, base_addr:0xb759c720,
limit:1048575, seg_32bit:1, contents:0, read_exec_only:0,
limit_in_pages:1, seg_not_present:0, useable:1}) = 0
mprotect(0xb75b8000, 4096, PROT_READ) = 0
mprotect(0xb75be000, 4096, PROT_READ) = 0
mprotect(0xb76ff000, 8192, PROT_READ) = 0
mprotect(0xb7714000, 4096, PROT_READ) = 0
mprotect(0xb772f000, 4096, PROT_READ) = 0
mprotect(0xb7752000, 4096, PROT_READ) = 0
munmap(0xb7731000, 8381) = 0
set_tid_address(0xb759c788) = 1631
set_robust_list(0xb759c790, 0xc) = 0
futex(0xbf976cc0, FUTEX_WAKE_PRIVATE, 1) = 0
futex(0xbf976cc0, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 1,
NULL, bf976cd0) = -1 EAGAIN (Resource temporarily unavailable)
rt_sigaction(SIGRTMIN, {0xb75a73b0, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0xb75a7840, [], SA_RESTART|SA_SIGINFO}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
uname({sys="Linux", node="srv-nis-1", ...}) = 0
statfs64("/selinux", 84, {f_type="EXT2_SUPER_MAGIC", f_bsize=1024,
f_blocks=99150, f_bfree=68458, f_bavail=63338, f_files=25688,
f_ffree=23209, f_fsid={634740073, -854635489}, f_namelen=255,
f_frsize=1024}) = 0
brk(0) = 0x8944000
brk(0x8965000) = 0x8965000
open("/proc/filesystems", O_RDONLY|O_LARGEFILE) = 3
fstat64(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0xb7733000
read(3, "nodev\tsysfs\nnodev\trootfs\nnodev\tb"..., 1024) = 323
read(3, "", 1024) = 0
close(3) = 0
munmap(0xb7733000, 4096) = 0
ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo
...}) = 0
ioctl(1, TIOCGWINSZ, {ws_row=24, ws_col=80, ws_xpixel=0, ws_ypixel=0}) = 0
stat64("/home/lacroix",
I suspect a problem in autofs module kernel when started a thread or
equivalent ...
probably a mismatch in cgroup implementation (??)
Furthermore, when trying to stop the automounter, i have ...
root at srv-nis-1:~# /etc/init.d/autofs stop
Stopping automount: 2011 Oct 14 07:06:00 s_src at srv-nis-1
umount_autofs_indirect:279: ioctl failed: Permission denied
2011 Oct 14 07:06:00 s_src at srv-nis-1 umount_autofs_indirect:279: ioctl
failed: Permission denied
2011 Oct 14 07:06:03 s_src at srv-nis-1 umount_autofs_indirect:279: ioctl
failed: Permission denied
2011 Oct 14 07:06:03 s_src at srv-nis-1 umount_autofs_indirect:279: ioctl
failed: Permission denied
I have change nfs version in order to force release 3 in NIS auto map,
but , the result is the same...
ypcat auto.home
root at srv-nis-1:~# ypcat auto.home
-fstype=nfs,rw,tcp,exec,nfsvers=3
srv-nfs-2-services.dns2:/exports/data/lv_home/&
any idea ?????
--
--------------------------------------
-- Jean-Marc LACROIX --
-- mailto : jeanmarc.lacroix at free.fr --
---------------------------------------
More information about the lxc-users
mailing list