Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-23 Thread hom...@163.com
OK, thanks a lot. BR. __ Michael Mao From: [1]J. R. Okajima Date: 2020-03-23 23:36 To: [2]hom...@163.com CC: [3]aufs-users Subject: Re: LXC unpreviliged problem with aufs mounted on nfs "hom...@1

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-23 Thread hom...@163.com
Hi Okajima San, Does aufs has the interface that I can use to write a hook to replace some functions, like "chown" in aufs' VFS interface? Cause my nfs server can't give me the same permission to access the files, as the client does. (Because client is using the linux

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-22 Thread hom...@163.com
Hi, Okajima San, Really appreciate for you help. Let me try to find out what's going on in the nfs server side. I will let you know when I find any clue. __ Michael Mao From: [1]J. R. Okajima Date:

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
on05g CC: [3]aufs-users Subject: Re: Re: LXC unpreviliged problem with aufs mounted on nfs ps: last packetdump1 is the tcp data of command running: useradd newuser, and got the warnning: useradd: failure while writing changes to /etc/shadow this attachment packet

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Subject: Re: Re: LXC unpreviliged problem with aufs mounted on nfs Hi, Okajima San, Thanks. That will be easier for me to manage the aufs mount with the xino option. Yes, Problem is still there after I reboot the system. About the LSM, I just stop the AppArmor se

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Subject: Re: Re: LXC unpreviliged problem with aufs mounted on nfs Hi, Okajima San, Thanks. That will be easier for me to manage the aufs mount with the xino option. Yes, Problem is still there after I reboot the system. About the LSM, I just stop the AppArmor service, and

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Hi, Okajima San, Thanks. That will be easier for me to manage the aufs mount with the xino option. Yes, Problem is still there after I reboot the system. About the LSM, I just stop the AppArmor service, and setenforce 0 to close the Selinux. It seems not work.

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Hi, Okajima San, I saw some info about aufs from web, like : [1]http://gdr.geekhood.net/gdrwpl/aufs-nfs.php, It says: Also, when exporting via NFS, the AUFS mount should have xino=/tmp/somefile option attached, with the file different for different share. And

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Hi, Okajima San, OK, I try to gather them to you. About the xino, I gave the xino option first time , but after some kind of operations, I found aufs can't mount success if I still give the same xino path, even if I umount the path. So I remove the xino option to mount the

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Hi, Okajima San, Sorry, please refer to below: root@zss-node1:~# cat /var/log/kern.log Mar 22 10:22:44 zss-node1 kernel: [62451.849348] aufs au_xino_create:819:mount[30959]: open /tmp/aaa(-17) Mar 22 10:22:44 zss-node1 kernel: [62451.876232] audit: type=1400 audit(1584843

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Hi,Okajima San, Please refer to the attachment. __ Michael Mao From: [1]J. R. Okajima Date: 2020-03-22 09:17 To: [2]hom...@163.com CC: [3]aufs-users Subject: Re: LXC unpreviliged problem with aufs

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Hi, Okajima San, I never open the kernel debug. Is there any quick way to open CONFIG_AUFS_DEBUG? I am downloading the [1]https://github.com/sfjro/aufs4-linux.git, but the network is so slow that may take me a long time to finish it. _

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
: Re: LXC unpreviliged problem with aufs mounted on nfs Hi, Okajima San, OK. Since I am using LXD to drive the LXC, and AppArmor is default profile for LXD driver. I need to study how to close this function in LXD

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Hi, Okajima San, OK. Since I am using LXD to drive the LXC, and AppArmor is default profile for LXD driver. I need to study how to close this function in LXD. __ Michael Mao From: [1]J. R. Okajima Date:

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Hi, Okajima San, Please find the attachments which are the outputs of comannds execution in the unpreviliged container. I run the command : useradd 1234, and got the warning: useradd: failure while writing changes to /etc/shadow and run: chown _apt:root ./aaae (aa

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Hi, Okajima San, Attachments is the output in the unpreviliged container and parent server. It seems the kernel log doesn't change when touch newfile. Please let me know if any question. BR. __

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
an use "--options" option Looking forward to you reply. Thanks. BR. __ Michael Mao From: [2]hom...@163.com Date: 2020-03-21 17:29 To: [3]hooanon05g CC: [4]aufs-users Subject: Re: Re:

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Hi,Mr. Okajima, Below attached is the /var/log/kern.log and /var/log/syslog, which logs the info from nfs client side ubuntu-v18.04 reboot to the LXC rootfs mount by aufs and LXC startup . I didn't find any info about XATTR. Did I miss any thing? or Should I show you th