Mounting Samba share from jail | mount_smbfs: kldload(smbfs): Operation not permitted

bigart

Member

Reaction score: 1
Messages: 50

Hi,
I need your help.
I'm starting with jails and can't find solution.

smbclient -U user -I 192.168.1.2 -L //Skaner
Showing list of shares - looks fine

Trying to mount:
Code:
# mount -t smbfs -o username=user //192.168.1.2/Wspolny /mnt/Wspolny
mount_smbfs: kldload(smbfs): Operation not permitted

/etc/jail.conf (host)
Code:
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;
path = "/jails/$name";

domena {
        jid = 1;
        host.hostname = domena;
        ip4.addr = 192.168.1.13;
        interface = em0;
}
domena2 {
        jid = 2;
        host.hostname = domena2;
        ip4.addr = 192.168.1.14;
        interface = em0;
}
allow.raw_sockets;
allow.mount;
allow.mount.zfs;
#allow.mount.devfs;
What I'm missing ?
 

im

Member

Reaction score: 35
Messages: 83

jail(8)
Code:
allow.mount:  privileged users inside the jail will be able to mount and unmount file system types marked as jail-friendly.
The lsvfs(1) command can be used to find file system types available for mount from within a jail.

Code:
root@a3.com:/root# lsvfs
Filesystem                              Num  Refs  Flags
-------------------------------- ---------- -----  ---------------
msdosfs                          0x00000032     0
nfs                              0x0000003a     0  network
procfs                           0x00000002     0  synthetic, jail
cd9660                           0x000000bd     0  read-only
devfs                            0x00000071     1  synthetic, jail
ufs                              0x00000035     2
nullfs                           0x00000029     3  loopback, jail

root@a3.com:/root# kldload /boot/kernel/smbfs.ko

root@a3.com:/root# lsvfs
Filesystem                              Num  Refs  Flags
-------------------------------- ---------- -----  ---------------
msdosfs                          0x00000032     0
nfs                              0x0000003a     0  network
procfs                           0x00000002     0  synthetic, jail
cd9660                           0x000000bd     0  read-only
devfs                            0x00000071     1  synthetic, jail
ufs                              0x00000035     2
nullfs                           0x00000029     3  loopback, jail
smbfs                            0x00000086     0  network
Ability to mount smbfs appears after loading the module. Sad but smbfs seems as unsupported inside jail.

mount_smbfs: kldload(smbfs): Operation not permitted
This looks like a fail to load kernel module 'smbfs' from jail. This behaviour is correct.

Try to load it at host (not it the jail) using command kldload /boot/kernel/smbfs.ko
After that try to mount smbfs inside the jail. In case of success - you may require to load module smbfs at boot.

If you need to load this module at boot - add next line to /boot/loader.conf
Code:
smbfs_load="YES"

Workaround: try to mount smbfs from host system direct to jail.
 
OP
B

bigart

Member

Reaction score: 1
Messages: 50

Thank you for your help.

Try to load it at host (not it the jail) using command kldload /boot/kernel/smbfs.ko
I did it, and now I have next problem. After:

mount_smbfs -I 192.168.1.2 -U user //192.168.1.2/Wspolny /mnt/Wspolny

I get:
mount_smbfs: can not setup kernel iconv table (ISO8859-1:tolower): syserr = Operation not permitted

I have question for you, did you try setup Samba AD DC (include dns, time server, dhcp etc.) in jail - it's possible ?
My goal is to quickly and easy recover all services after hardware failure. FreeBSD, jails and snapshots looks perfect for it.

I found this thread:

There SirDice suggest to not doing it inside the jail.

What is the best practice to backup all system settings and recover it on completely different machine ?

Now I'm working with Debian (host) where I have VirtualBox VMs (one vm with Samba AD DC and other with Radius). It's working but I'm thinking to migrate everything to FreeBSD.
 

im

Member

Reaction score: 35
Messages: 83

mount_smbfs: can not setup kernel iconv table (ISO8859-1:tolower): syserr = Operation not permitted
Run kldstat, check loaded modules like 'iconv'. They may be loaded with smbfs module.
Try to set character sets for mount_smbfs. Read mount_smbfs() about option '-E cs1:cs2'.
Code:
root@a3.com:/root# kldstat
Id Refs Address    Size     Name
1   18 0xc0400000 140b888  kernel
10    1 0xd0bfd000 20000    smbfs.ko
11    2 0xc8f28000 5000     libiconv.ko
12    2 0xd0bf5000 3000     libmchain.ko

dhcp in jail - it's possible ?
DHCP require network broadcast. It is impossible or very dificult with jail.

I have never been used samba as AD. I have no experience in this case
I am expect that samba AD in a jail may work.

Linked thread "samba in jail" seems as true.
SirDice talk about 'problems with broadcasts', but AD may work without broadcasts.
Services like DNS, TIME definitely runs in a jail.

What is the best practice to backup all system settings and recover it on completely different machine ?
gmirror, pax, pax over ssh, rsync, rsync over ssh.
 

rootbert

Well-Known Member

Reaction score: 133
Messages: 371

just to check: you are aware that mount_smbfs only supports SMB version 1 and not version 2 or the recommended version 3
 
Top