Re: NFS cluestick needed
On Tue, Apr 2, 2013 at 7:05 AM, Stuart Henderson wrote: > On 2013-04-01, David Higgs wrote: >> On Mon, Apr 1, 2013 at 7:33 AM, Stuart Henderson >> wrote: >>> On 2013-03-31, David Higgs wrote: In trying to avoid multiple copies of OpenBSD source on my VMs, I am trying to use NFS; however, permissions don't seem to be working right. I would very much appreciate help in figuring out what I'm doing wrong, and am also interested in tips on how to compile from read-only source trees. >>> >>> >>> On the NFS server, is /usr/src in the same filesystem as some other >>> path which you export with different options? >>> >>> (NFS server options (-maproot etc) are per-filesystem not per export.) >>> >> >> I originally provided the entirety of my /etc/exports file, but > > The exports file isn't enough to show whether directories are in > the same filesystem (see the warning in the BUGS section of exports(5). > >> experimenting with debugging flags produced output that varied >> depending on whether /etc/exports had one or multiple lines. Using >> multiple lines fixes my permissions problem, interestingly enough. Is >> this sendbug(1) worthy? > > Looks like this is documented: > > Each line in the file (other than comment lines that begin with a ``#'') > specifies the mount point(s) and export flags within one local server > filesystem for one or more hosts. Highlighting this and the BUGS section makes more sense. While accurate, the combined terminology of mount points, filesystems, local, and remote was terse enough to confuse me. I may experiment more to definitively reproduce my permissions issue. >> Will experiment with read-only and lndir(1) in the coming week. > > iirc there's something in the source tree which doesn't work with > a read-only mount (xenocara is OK though), not sure whether lndir > gets around that or not. > I'm slowly whittling down the options required. Building the kernel creates and populates a compile directory, while userland wants to create obj symlinks and has problems with binutils/gdb when using noexec. Haven't gotten to lndir yet. Thanks again. --david
Re: NFS cluestick needed
On 2013-04-01, David Higgs wrote: > On Mon, Apr 1, 2013 at 7:33 AM, Stuart Henderson wrote: >> On 2013-03-31, David Higgs wrote: >>> In trying to avoid multiple copies of OpenBSD source on my VMs, I am >>> trying to use NFS; however, permissions don't seem to be working >>> right. I would very much appreciate help in figuring out what I'm >>> doing wrong, and am also interested in tips on how to compile from >>> read-only source trees. >> >> >> On the NFS server, is /usr/src in the same filesystem as some other >> path which you export with different options? >> >> (NFS server options (-maproot etc) are per-filesystem not per export.) >> > > I originally provided the entirety of my /etc/exports file, but The exports file isn't enough to show whether directories are in the same filesystem (see the warning in the BUGS section of exports(5). > experimenting with debugging flags produced output that varied > depending on whether /etc/exports had one or multiple lines. Using > multiple lines fixes my permissions problem, interestingly enough. Is > this sendbug(1) worthy? Looks like this is documented: Each line in the file (other than comment lines that begin with a ``#'') specifies the mount point(s) and export flags within one local server filesystem for one or more hosts. > Will experiment with read-only and lndir(1) in the coming week. iirc there's something in the source tree which doesn't work with a read-only mount (xenocara is OK though), not sure whether lndir gets around that or not.
Re: NFS cluestick needed
On Mon, Apr 1, 2013 at 7:33 AM, Stuart Henderson wrote: > On 2013-03-31, David Higgs wrote: >> In trying to avoid multiple copies of OpenBSD source on my VMs, I am >> trying to use NFS; however, permissions don't seem to be working >> right. I would very much appreciate help in figuring out what I'm >> doing wrong, and am also interested in tips on how to compile from >> read-only source trees. > > > On the NFS server, is /usr/src in the same filesystem as some other > path which you export with different options? > > (NFS server options (-maproot etc) are per-filesystem not per export.) > I originally provided the entirety of my /etc/exports file, but experimenting with debugging flags produced output that varied depending on whether /etc/exports had one or multiple lines. Using multiple lines fixes my permissions problem, interestingly enough. Is this sendbug(1) worthy? Will experiment with read-only and lndir(1) in the coming week. Thanks. --david [vm@vm ~]$ mount /dev/wd0a on / type ffs (local, softdep) /dev/wd0f on /home type ffs (local, noatime, nodev, nosuid, softdep) /dev/wd0d on /tmp type ffs (local, nodev, nosuid, softdep) /dev/wd0g on /usr type ffs (NFS exported, local, noatime, nodev, softdep) /dev/wd0e on /var type ffs (local, nodev, nosuid, softdep) # /etc/exports has one line with multiple paths exported [vm@vm ~]$ sudo /sbin/mountd -d Getting export list. Got line # $OpenBSD: exports,v 1.2 2002/05/31 08:15:44 pjanzen Exp $ Got line # Got line # NFS exports Database Got line # See exports(5) for more information. Be very careful: misconfiguration Got line # of this file can result in your filesystems being readable by the world. Got line /usr/src /usr/ports /usr/xenocara -maproot=root:wheel -network=172.16.223.0 -mask=255.255.255.0 Making new ep fs=0x6,0x602f3b81 doing opt -maproot=root:wheel -network=172.16.223.0 -mask=255.255.255.0 doing opt -network=172.16.223.0 -mask=255.255.255.0 doing opt -mask=255.255.255.0 exporting /usr/xenocara unexporting / / unexporting /home /home unexporting /tmp /tmp unexporting /usr /usr unexporting /var /var Getting mount list. Here we go. ^C ### updated /etc/exports with multiple lines [vm@vm ~]$ sudo /sbin/mountd -d Getting export list. Got line # $OpenBSD: exports,v 1.2 2002/05/31 08:15:44 pjanzen Exp $ Got line # Got line # NFS exports Database Got line # See exports(5) for more information. Be very careful: misconfiguration Got line # of this file can result in your filesystems being readable by the world. Got line /usr/src -maproot=root:wheel -network=172.16.223.0 -mask=255.255.255.0 Making new ep fs=0x6,0x602f3b81 doing opt -maproot=root:wheel -network=172.16.223.0 -mask=255.255.255.0 doing opt -network=172.16.223.0 -mask=255.255.255.0 doing opt -mask=255.255.255.0 exporting /usr/src Got line /usr/ports -maproot=root:wheel -network=172.16.223.0 -mask=255.255.255.0 Found ep fs=0x6,0x602f3b81 doing opt -maproot=root:wheel -network=172.16.223.0 -mask=255.255.255.0 doing opt -network=172.16.223.0 -mask=255.255.255.0 doing opt -mask=255.255.255.0 exporting /usr/ports Got line /usr/xenocara -maproot=root:wheel -network=172.16.223.0 -mask=255.255.255.0 Found ep fs=0x6,0x602f3b81 doing opt -maproot=root:wheel -network=172.16.223.0 -mask=255.255.255.0 doing opt -network=172.16.223.0 -mask=255.255.255.0 doing opt -mask=255.255.255.0 exporting /usr/xenocara unexporting / / unexporting /home /home unexporting /tmp /tmp unexporting /usr /usr unexporting /var /var Getting mount list. Here we go.
Re: NFS cluestick needed
On 2013-03-31, David Higgs wrote: > In trying to avoid multiple copies of OpenBSD source on my VMs, I am > trying to use NFS; however, permissions don't seem to be working > right. I would very much appreciate help in figuring out what I'm > doing wrong, and am also interested in tips on how to compile from > read-only source trees. On the NFS server, is /usr/src in the same filesystem as some other path which you export with different options? (NFS server options (-maproot etc) are per-filesystem not per export.)
Re: NFS cluestick needed
On 3/31/13 10:48 AM, David Higgs wrote: In trying to avoid multiple copies of OpenBSD source on my VMs, I am trying to use NFS; however, permissions don't seem to be working right. I would very much appreciate help in figuring out what I'm doing wrong, and am also interested in tips on how to compile from read-only source trees. I'm no expert on this, but that looks to me like it should work... what happens if you add a test export of a world-writable directory (e.g. /tmp), can you then touch a new file there as root from the client? If so, what uid does the resulting file have when viewed from the server? SERVER VM [vm@vm ~]$ dmesg | head OpenBSD 5.2 (GENERIC) #2: Mon Nov 5 10:42:07 EST 2012 root@vm.localdomain:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Core(TM)2 Duo CPU T7700 @ 2.40GHz ("GenuineIntel" 686-class) 2.45 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,NXE,LONG,SSE3,SSSE3,CX16,LAHF real mem = 267907072 (255MB) avail mem = 252665856 (240MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 09/20/12, BIOS32 rev. 0 @ 0xfd780, SMBIOS rev. 2.4 @ 0xe0010 (364 entries) bios0: vendor Phoenix Technologies LTD version "6.00" date 09/20/2012 bios0: VMware, Inc. VMware Virtual Platform [vm@vm ~]$ cat /etc/exports # $OpenBSD: exports,v 1.2 2002/05/31 08:15:44 pjanzen Exp $ # # NFS exports Database # See exports(5) for more information. Be very careful: misconfiguration # of this file can result in your filesystems being readable by the world. /usr/src /usr/ports /usr/xenocara -maproot=root:wheel -network=172.16.223.0 -mask=255.255.255.0 [vm@vm ~]$ showmount -a All mount points on localhost: 172.16.223.129:/usr/ports 172.16.223.129:/usr/src 172.16.223.129:/usr/xenocara CLIENT VM # dmesg | head OpenBSD 5.2-stable (GENERIC) #2: Wed Dec 26 12:19:49 EST 2012 root@vm.localdomain:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 267321344 (254MB) avail mem = 237985792 (226MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe0010 (364 entries) bios0: vendor Phoenix Technologies LTD version "6.00" date 09/20/2012 bios0: VMware, Inc. VMware Virtual Platform acpi0 at bios0: rev 2 acpi0: sleep states S0 S1 S4 S5 # mount /dev/wd0a on / type ffs (local, softdep) /dev/wd0f on /home type ffs (local, noatime, nodev, nosuid, softdep) /dev/wd0d on /tmp type ffs (local, nodev, nosuid, softdep) /dev/wd0g on /usr type ffs (local, noatime, nodev, softdep) /dev/wd0e on /var type ffs (local, nodev, nosuid, softdep) 172.16.223.128:/usr/src on /usr/src type nfs (noatime, nodev, noexec, nosuid, v3, udp, timeo=100, retrans=101) 172.16.223.128:/usr/ports on /usr/ports type nfs (noatime, nodev, noexec, nosuid, v3, udp, timeo=100, retrans=101) 172.16.223.128:/usr/xenocara on /usr/xenocara type nfs (noatime, nodev, noexec, nosuid, v3, udp, timeo=100, retrans=101) # id uid=0(root) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty), 5(operator), 20(staff), 31(guest) # ls -la /usr/src/sys/arch/amd64/compile/ total 16 drwxr-xr-x 3 root wheel 512 Feb 27 2009 . drwxr-xr-x 10 root wheel 512 Nov 29 2010 .. -rw-r--r-- 1 root wheel 38 Jun 25 2004 .cvsignore drwxr-xr-x 2 root wheel 512 Mar 30 16:37 CVS # mkdir /usr/src/sys/arch/amd64/compile/GENERIC mkdir: /usr/src/sys/arch/amd64/compile/GENERIC: Permission denied -- Mark Shroyer http://markshroyer.com/contact/
Re: NFS cluestick needed
Back in the day I'd abuse lndir(1) to link to the nfs mounted source directory. http://www.openbsd.org/cgi-bin/man.cgi?query=lndir&sektion=1 Sent form my iFoe. On Mar 31, 2013, at 7:48, David Higgs wrote: > In trying to avoid multiple copies of OpenBSD source on my VMs, I am > trying to use NFS; however, permissions don't seem to be working > right. I would very much appreciate help in figuring out what I'm > doing wrong, and am also interested in tips on how to compile from > read-only source trees. > > Thanks in advance, > > --david > > SERVER VM > > [vm@vm ~]$ dmesg | head > OpenBSD 5.2 (GENERIC) #2: Mon Nov 5 10:42:07 EST 2012 >root@vm.localdomain:/usr/src/sys/arch/i386/compile/GENERIC > cpu0: Intel(R) Core(TM)2 Duo CPU T7700 @ 2.40GHz ("GenuineIntel" > 686-class) 2.45 GHz > cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,NXE,LONG,SSE3,SSSE3,CX16,LAHF > real mem = 267907072 (255MB) > avail mem = 252665856 (240MB) > mainbus0 at root > bios0 at mainbus0: AT/286+ BIOS, date 09/20/12, BIOS32 rev. 0 @ > 0xfd780, SMBIOS rev. 2.4 @ 0xe0010 (364 entries) > bios0: vendor Phoenix Technologies LTD version "6.00" date 09/20/2012 > bios0: VMware, Inc. VMware Virtual Platform > > [vm@vm ~]$ cat /etc/exports > # $OpenBSD: exports,v 1.2 2002/05/31 08:15:44 pjanzen Exp $ > # > # NFS exports Database > # See exports(5) for more information. Be very careful: misconfiguration > # of this file can result in your filesystems being readable by the world. > /usr/src /usr/ports /usr/xenocara -maproot=root:wheel > -network=172.16.223.0 -mask=255.255.255.0 > > [vm@vm ~]$ showmount -a > All mount points on localhost: > 172.16.223.129:/usr/ports > 172.16.223.129:/usr/src > 172.16.223.129:/usr/xenocara > > CLIENT VM > > # dmesg | head > OpenBSD 5.2-stable (GENERIC) #2: Wed Dec 26 12:19:49 EST 2012 >root@vm.localdomain:/usr/src/sys/arch/amd64/compile/GENERIC > real mem = 267321344 (254MB) > avail mem = 237985792 (226MB) > mainbus0 at root > bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe0010 (364 entries) > bios0: vendor Phoenix Technologies LTD version "6.00" date 09/20/2012 > bios0: VMware, Inc. VMware Virtual Platform > acpi0 at bios0: rev 2 > acpi0: sleep states S0 S1 S4 S5 > > # mount > /dev/wd0a on / type ffs (local, softdep) > /dev/wd0f on /home type ffs (local, noatime, nodev, nosuid, softdep) > /dev/wd0d on /tmp type ffs (local, nodev, nosuid, softdep) > /dev/wd0g on /usr type ffs (local, noatime, nodev, softdep) > /dev/wd0e on /var type ffs (local, nodev, nosuid, softdep) > 172.16.223.128:/usr/src on /usr/src type nfs (noatime, nodev, noexec, > nosuid, v3, udp, timeo=100, retrans=101) > 172.16.223.128:/usr/ports on /usr/ports type nfs (noatime, nodev, > noexec, nosuid, v3, udp, timeo=100, retrans=101) > 172.16.223.128:/usr/xenocara on /usr/xenocara type nfs (noatime, > nodev, noexec, nosuid, v3, udp, timeo=100, retrans=101) > > # id > uid=0(root) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty), > 5(operator), 20(staff), 31(guest) > > # ls -la /usr/src/sys/arch/amd64/compile/ > total 16 > drwxr-xr-x 3 root wheel 512 Feb 27 2009 . > drwxr-xr-x 10 root wheel 512 Nov 29 2010 .. > -rw-r--r-- 1 root wheel 38 Jun 25 2004 .cvsignore > drwxr-xr-x 2 root wheel 512 Mar 30 16:37 CVS > > # mkdir /usr/src/sys/arch/amd64/compile/GENERIC > mkdir: /usr/src/sys/arch/amd64/compile/GENERIC: Permission denied
NFS cluestick needed
In trying to avoid multiple copies of OpenBSD source on my VMs, I am trying to use NFS; however, permissions don't seem to be working right. I would very much appreciate help in figuring out what I'm doing wrong, and am also interested in tips on how to compile from read-only source trees. Thanks in advance, --david SERVER VM [vm@vm ~]$ dmesg | head OpenBSD 5.2 (GENERIC) #2: Mon Nov 5 10:42:07 EST 2012 root@vm.localdomain:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Core(TM)2 Duo CPU T7700 @ 2.40GHz ("GenuineIntel" 686-class) 2.45 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,NXE,LONG,SSE3,SSSE3,CX16,LAHF real mem = 267907072 (255MB) avail mem = 252665856 (240MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 09/20/12, BIOS32 rev. 0 @ 0xfd780, SMBIOS rev. 2.4 @ 0xe0010 (364 entries) bios0: vendor Phoenix Technologies LTD version "6.00" date 09/20/2012 bios0: VMware, Inc. VMware Virtual Platform [vm@vm ~]$ cat /etc/exports # $OpenBSD: exports,v 1.2 2002/05/31 08:15:44 pjanzen Exp $ # # NFS exports Database # See exports(5) for more information. Be very careful: misconfiguration # of this file can result in your filesystems being readable by the world. /usr/src /usr/ports /usr/xenocara -maproot=root:wheel -network=172.16.223.0 -mask=255.255.255.0 [vm@vm ~]$ showmount -a All mount points on localhost: 172.16.223.129:/usr/ports 172.16.223.129:/usr/src 172.16.223.129:/usr/xenocara CLIENT VM # dmesg | head OpenBSD 5.2-stable (GENERIC) #2: Wed Dec 26 12:19:49 EST 2012 root@vm.localdomain:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 267321344 (254MB) avail mem = 237985792 (226MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe0010 (364 entries) bios0: vendor Phoenix Technologies LTD version "6.00" date 09/20/2012 bios0: VMware, Inc. VMware Virtual Platform acpi0 at bios0: rev 2 acpi0: sleep states S0 S1 S4 S5 # mount /dev/wd0a on / type ffs (local, softdep) /dev/wd0f on /home type ffs (local, noatime, nodev, nosuid, softdep) /dev/wd0d on /tmp type ffs (local, nodev, nosuid, softdep) /dev/wd0g on /usr type ffs (local, noatime, nodev, softdep) /dev/wd0e on /var type ffs (local, nodev, nosuid, softdep) 172.16.223.128:/usr/src on /usr/src type nfs (noatime, nodev, noexec, nosuid, v3, udp, timeo=100, retrans=101) 172.16.223.128:/usr/ports on /usr/ports type nfs (noatime, nodev, noexec, nosuid, v3, udp, timeo=100, retrans=101) 172.16.223.128:/usr/xenocara on /usr/xenocara type nfs (noatime, nodev, noexec, nosuid, v3, udp, timeo=100, retrans=101) # id uid=0(root) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty), 5(operator), 20(staff), 31(guest) # ls -la /usr/src/sys/arch/amd64/compile/ total 16 drwxr-xr-x 3 root wheel 512 Feb 27 2009 . drwxr-xr-x 10 root wheel 512 Nov 29 2010 .. -rw-r--r-- 1 root wheel 38 Jun 25 2004 .cvsignore drwxr-xr-x 2 root wheel 512 Mar 30 16:37 CVS # mkdir /usr/src/sys/arch/amd64/compile/GENERIC mkdir: /usr/src/sys/arch/amd64/compile/GENERIC: Permission denied