jailed NFS server
Beeblebrox
zaphod at berentweb.com
Wed Mar 28 20:20:38 UTC 2012
Is it possible to get an NFS server working from inside a Jail, where host
storage is on ZFS? I get errors from mountd and nfsd when started inside
jail (exports file has no V4 line and simple one-line test export). mountd
& nfsd errors are:
mountd[2580]: Can't delete exports for V4:
mountd[2580]: can't delete exports for /: Operation not permitted
mountd[2580]: can't change attributes for /home
mountd[2580]: bad exports list line /home -network 192.168.2.0/24
nfsd[2583]: Can't read stable storage file
I have a modified host /etc/sysctl.conf as below, per post by PJD:
http://www.mailinglistarchive.com/html/freebsd-current@freebsd.org/2007-07/msg01185.html
Not that I really know whether these settings are valid, but at least I got
rid of rpcbind errors.
> > > security.jail.jailed: 1
> > > security.jail.mount_allowed: 1
> > > security.jail.chflags_allowed: 1
> > > security.jail.allow_raw_sockets: 0
> > > security.jail.enforce_statfs: 2
> > > security.jail.sysvipc_allowed: 1
> > > security.jail.socket_unixiproute_only: 1
> > > security.jail.set_hostname_allowed: 1
> > > ## security.jail.enforce_statfs=0
> > > vfs.nfsd.nfs_privport=1
> > > vfs.nfsd.server_max_nfsvers=4
Then I start NFS manually form inside jail to observe any faults (Jail IP
is 192.168.2.1):
#> service rpcbind onestart -h 192.168.2.1
#> service mountd onestart -r -n -p 59 -l -h 192.168.2.1
#> service nfsd onestart -u -t -n 4 -l -h 192.168.2.1
Thanks & Regards.
More information about the freebsd-fs
mailing list