Issue #18982 has been updated by Andrew Anderson. File puppet-mount.patch added
mount.nfs expects the remote server as well as the local mount point to be specified: usage: mount.nfs remotetarget dir [-rvVwfnsih] [-o nfsoptions] If you look closely at what Puppet executes, you see: debug: Puppet::Type::Mount::ProviderParsed: Executing '/bin/mount -o rw,intr,soft,context=system_u:object_r:var_log_t:s0 /mnt/foo' Here, only the local directory is specified. If you apply the attached patch, it will execute the following instead: debug: Puppet::Type::Mount::ProviderParsed: Executing '/bin/mount -o rw,intr,soft,context=system_u:object_r:var_log_t:s0 bar:/nfs/export /mnt/foo' This now executes without error and mounts the directory as expected. ---------------------------------------- Bug #18982: Mount type doesnt handle SELinux context for NFS https://projects.puppetlabs.com/issues/18982#change-82424 Author: Rene Cunningham Status: Unreviewed Priority: Normal Assignee: Category: mount Target version: Affected Puppet version: 2.6.17 Keywords: mount nfs selinux Branch: Howdy, Running RHEL6 with puppet 2.6.17. mount resources with fstype set to 'nfs' and SELinux contexts passed as options fail to mount during a puppet run. When I have this <pre> mount { '/mnt/foo': device => 'bar:/nfs/export', fstype => 'nfs', ensure => 'mounted', options => 'rw,intr,soft,context=system_u:object_r:var_log_t:s0', atboot => true, ensure => mounted, } </pre> puppet agent errors with this <pre> err: /Stage[main]/MyModule::SubClass/Mount[/mnt/mountpoint]: Could not evaluate: Execution of '/bin/mount -o rw,intr,soft,context=system_u:object_r:var_log_t:s0 /mnt/mountpoint' returned 32: mount.nfs: an incorrect mount option was specified </pre> yet /etc/fstab is populated correctly <pre> nfsserver:/nfs/export /mnt/mountpoint nfs rw,intr,soft,context=system_u:object_r:var_log_t:s0 0 0 </pre> I can manually mount the NFS export with 'mount -a' once puppet is run though would obviously like puppet to do this for me. When manually running the 'mount' command above without context=, the mount is successful. >From my initial investigations, mount.nfs that ships with RHEL6 doesnt support >the SELinux context option. I've got around this by calling an exec after the mount and reconfiguring the mount resource with 'ensure => present' <pre> exec { 'mount-mountpoint': command => 'mount /mnt/mountpoint', require => Mount['/mnt/mountpount'], unless => "mount -t nfs | grep -q '/mnt/mountpoint'", path => ['/bin', '/usr/bin', '/usr/sbin', '/sbin'] } </pre> -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
