Gluster users - Sep 2008 - Installing linux-vserver on a two node gluster AFR

I am attempting to install linux vserver to a glusterfs volume across
two nodes. Everything is working well for normal files. I can bind
mount a gluster volume as /opt for example. I am unable to make the /
filesystem on a glusterfs brick.

I notice that even though I can configure the system like this:
vi /etc/fstab
/opt/jtg/conf/jtg-client.vol    /opt/jtg/mnt/shared     glusterfs
 setuid,dev,rw,nouser,exec       0       0

After a mount the permissions are always the same.
vi /etc/mtab
glusterfs /opt/jtg/mnt/shared fuse
rw,nosuid,nodev,allow_other,default_permissions,max_read=1048576 0 0

It seems that the nosuid argument is always ignored as i can run
setuid scripts. ./ping 127.0.0.1
More importantly I believe the 'dev' option is required linux-vserver,
but it does not seem like I can activate this mount option.

bash-3.2# cat null
cat: null: Permission denied

If anyone has any hints let me know.

Have you enabled SETUID for VServer?

http://linux-vserver.org/Capabilities_and_Flags#System_capabilities_.28bcaps.29


KwangErn

On Thu, Sep 11, 2008 at 5:11 AM, Edward Capriolo <edlinuxguru at
gmail.com>wrote:
> I am attempting to install linux vserver to a glusterfs volume across
> two nodes. Everything is working well for normal files. I can bind
> mount a gluster volume as /opt for example. I am unable to make the /
> filesystem on a glusterfs brick.
>
> I notice that even though I can configure the system like this:
> vi /etc/fstab
> /opt/jtg/conf/jtg-client.vol    /opt/jtg/mnt/shared     glusterfs
>  setuid,dev,rw,nouser,exec       0       0
>
> After a mount the permissions are always the same.
> vi /etc/mtab
> glusterfs /opt/jtg/mnt/shared fuse
> rw,nosuid,nodev,allow_other,default_permissions,max_read=1048576 0 0
>
> It seems that the nosuid argument is always ignored as i can run
> setuid scripts. ./ping 127.0.0.1
> More importantly I believe the 'dev' option is required
linux-vserver,
> but it does not seem like I can activate this mount option.
>
> bash-3.2# cat null
> cat: null: Permission denied
>
> If anyone has any hints let me know.
>
> _______________________________________________
> Gluster-users mailing list
> Gluster-users at gluster.org
> http://zresearch.com/cgi-bin/mailman/listinfo/gluster-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://supercolony.gluster.org/pipermail/gluster-users/attachments/20080911/bd8c4f7e/attachment.html>

Hi Edward,
 The problem here is libfuse takes the liberty to add the nodev, nosuid
option (if dev,suid is not specified) in later versions.

Currently I have committed a patch to solve this issue, as glusterfs
explicitly specifies, 'dev, suid' options. But with whatever release you
are
trying, you may have to edit the sourecode a bit and compile to get it
working

open xlators/mount/fuse/src/fuse-bridge.c,
goto function 'init()'
add
   "-o", "dev", "-o", "suid",
to fuse_argv, and increment fuse_argc by 4 (from whatever value it has
there).

compile glusterfs, install, and you should be good to solve this problem.

Regards,
Amar

2008/9/10 Edward Capriolo <edlinuxguru at gmail.com>
> I am attempting to install linux vserver to a glusterfs volume across
> two nodes. Everything is working well for normal files. I can bind
> mount a gluster volume as /opt for example. I am unable to make the /
> filesystem on a glusterfs brick.
>
> I notice that even though I can configure the system like this:
> vi /etc/fstab
> /opt/jtg/conf/jtg-client.vol    /opt/jtg/mnt/shared     glusterfs
>  setuid,dev,rw,nouser,exec       0       0
>
> After a mount the permissions are always the same.
> vi /etc/mtab
> glusterfs /opt/jtg/mnt/shared fuse
> rw,nosuid,nodev,allow_other,default_permissions,max_read=1048576 0 0
>
> It seems that the nosuid argument is always ignored as i can run
> setuid scripts. ./ping 127.0.0.1
> More importantly I believe the 'dev' option is required
linux-vserver,
> but it does not seem like I can activate this mount option.
>
> bash-3.2# cat null
> cat: null: Permission denied
>
> If anyone has any hints let me know.
>
> _______________________________________________
> Gluster-users mailing list
> Gluster-users at gluster.org
> http://zresearch.com/cgi-bin/mailman/listinfo/gluster-users
>
>

-- 
Amar Tumballi
Gluster/GlusterFS Hacker
[bulde on #gluster/irc.gnu.org]
http://www.zresearch.com - Commoditizing Super Storage!
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://supercolony.gluster.org/pipermail/gluster-users/attachments/20080911/60177e00/attachment.html>