Solved Unexpected behavior mounting NFS share to jail data

jbodenmann

Well-Known Member

Reaction score: 151
Messages: 311

The following scenario is happening on two freshly installed FreeBSD 13.0-RELEASE hosts.
Host A acts as an NFSv4 server. It provides the following share: 192.168.250.61:/myshare

Host B can successfully mount and browse the share using mount -t nfs -o nfsv4,rw 192.168.250.61:/mysare /mnt.
Host B also hosts a jail named myjail. My goal is to make the NFS share available to the jail.

My jail's data directory is located under /ssd/cbsd/jails-data/myjail-data.
Inside the jail I created the directory /usr/local/storage. This directory was created with the jail's root user.
After unmounting the NFS share from Host A's /mnt I attempt to do this: mount -t nfs -o nfsv4,rw 192.168.250.61:/mysare /ssd/cbsd/jails-data/myjail-data/usr/local/storage.

Now the funny part: On host A, I can do ls /ssd/cbsd/jails-data/myjail-data/usr/local/storage and I can see the files present at the NFS share. However, if I log into the jail and do ls /usr/local/storage the directory appears empty (using the jail's root user again).

What exactly causes this behavior? What am I missing?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 12,324
Messages: 38,841

Not entirely sure how cbsd works but it's possible it's overlaying directories and myjail-data only contains the root filesystem and /usr/local is mounted from somewhere else.
 
OP
jbodenmann

jbodenmann

Well-Known Member

Reaction score: 151
Messages: 311

Do you have any recommendations of how to handle this situation?
Prior to posting here I also created a "storage" user in the jail and tried to mount under /usr/home/storage/nfs with the same result.

Is there a "known good mounting point" in jails?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 12,324
Messages: 38,841

Do you have any recommendations of how to handle this situation?
On the host look at the output from mount. Then you will have a better idea how cbsd runs jails. As I said, some jail tools do all sorts of mounting tricks to overlay various parts of the filestructure. I just don't know enough of cbsd to tell you how it works. It's usually just a case of finding the right "overlayed" directory to mount things on. Alternatively, as this is NFS after all, you can do the actual mounting of the NFS share inside the jail itself. You probably do need the allow.mount and enforce_statfs settings for that jail.

Code:
             allow.mount
                     privileged users inside the jail will be able to mount
                     and unmount file system types marked as jail-friendly.
                     The lsvfs(1) command can be used to find file system
                     types available for mount from within a jail.  This
                     permission is effective only if enforce_statfs is set to
                     a value lower than 2.
 
OP
jbodenmann

jbodenmann

Well-Known Member

Reaction score: 151
Messages: 311

I attempted mounting the NFS share directly in the jail (by using the jail's fstab.local before posting here. This unfortunately did not work as expected either.

This turned out to be a small bug in cbsd. It has been fixed by the author: https://github.com/cbsd/cbsd/issues/594

Thank you for your help!
 
Top