* bug#39670: Cannot mount NFS share as user or root
[not found] <CAEEhgEsz+aka+h8P8RN56ochGf_fBeSegj6LOPVkxdwoSHB6oQ@mail.gmail.com>
@ 2020-02-18 21:33 ` Maxim Cournoyer
2020-02-18 21:43 ` Nathan Dehnel
2020-02-20 16:25 ` maxim.cournoyer
0 siblings, 2 replies; 9+ messages in thread
From: Maxim Cournoyer @ 2020-02-18 21:33 UTC (permalink / raw)
To: Nathan Dehnel; +Cc: 39670
Hello Nathan,
Nathan Dehnel <ncdehnel@gmail.com> writes:
> bash-5.0$ mount /media/store
> mount: /media/store: bad option; for several filesystems (e.g. nfs,
> cifs) you might need a /sbin/mount.<type> helper program
>
> /etc/config.scm:
>
> (file-system
> (mount-point "/media/store")
> (device "gentooserver:/")
> (type "nfs4")
> (mount? #f)
> (create-mount-point? #t)
> (options "rw,_netdev,noauto,user,lazytime,exec,tcp"))
>
> /etc/fstab:
>
> gentooserver:/ /media/store nfs4 rw,_netdev,noauto,user,lazytime,exec,tcp
>
> nfs-utils is installed:
>
> bash-5.0$ guix package -i nfs-utils
> The following package will be upgraded:
> nfs-utils 2.4.2 → 2.4.2
> /gnu/store/chmbpkh0gvvmdhgwjw7rpl63f99mv7i6-nfs-utils-2.4.2
>
> nothing to be done
I encountered this too. Perhaps we should patch some references to
mount.nfs (from nfs-utils) in the util-linux package which provides
'mount'.
In the meantime, you should use "mount.nfs" directly.
I'm opening an issue to track progress on this.
Thank you,
Maxim
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#39670: Cannot mount NFS share as user or root
2020-02-18 21:33 ` bug#39670: Cannot mount NFS share as user or root Maxim Cournoyer
@ 2020-02-18 21:43 ` Nathan Dehnel
2020-02-18 22:43 ` Maxim Cournoyer
2020-02-20 16:25 ` maxim.cournoyer
1 sibling, 1 reply; 9+ messages in thread
From: Nathan Dehnel @ 2020-02-18 21:43 UTC (permalink / raw)
To: Maxim Cournoyer; +Cc: 39670
bash-5.0$ mount.nfs gentooserver:/ /media/store
mount.nfs: permission denied: no match for /media/store found in /etc/fstab
bash-5.0$ cat /etc/fstab | grep /media/store
gentooserver:/ /media/store nfs4 rw,_netdev,noauto,user,lazytime,exec,tcp
?
On Tue, Feb 18, 2020 at 3:33 PM Maxim Cournoyer
<maxim.cournoyer@gmail.com> wrote:
>
> Hello Nathan,
>
> Nathan Dehnel <ncdehnel@gmail.com> writes:
>
> > bash-5.0$ mount /media/store
> > mount: /media/store: bad option; for several filesystems (e.g. nfs,
> > cifs) you might need a /sbin/mount.<type> helper program
> >
> > /etc/config.scm:
> >
> > (file-system
> > (mount-point "/media/store")
> > (device "gentooserver:/")
> > (type "nfs4")
> > (mount? #f)
> > (create-mount-point? #t)
> > (options "rw,_netdev,noauto,user,lazytime,exec,tcp"))
> >
> > /etc/fstab:
> >
> > gentooserver:/ /media/store nfs4 rw,_netdev,noauto,user,lazytime,exec,tcp
> >
> > nfs-utils is installed:
> >
> > bash-5.0$ guix package -i nfs-utils
> > The following package will be upgraded:
> > nfs-utils 2.4.2 → 2.4.2
> > /gnu/store/chmbpkh0gvvmdhgwjw7rpl63f99mv7i6-nfs-utils-2.4.2
> >
> > nothing to be done
>
> I encountered this too. Perhaps we should patch some references to
> mount.nfs (from nfs-utils) in the util-linux package which provides
> 'mount'.
>
> In the meantime, you should use "mount.nfs" directly.
>
> I'm opening an issue to track progress on this.
>
> Thank you,
>
> Maxim
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#39670: Cannot mount NFS share as user or root
2020-02-18 21:43 ` Nathan Dehnel
@ 2020-02-18 22:43 ` Maxim Cournoyer
0 siblings, 0 replies; 9+ messages in thread
From: Maxim Cournoyer @ 2020-02-18 22:43 UTC (permalink / raw)
To: 39670, ncdehnel
Hello,
On February 18, 2020 9:43:29 PM UTC, Nathan Dehnel <ncdehnel@gmail.com> wrote:
>bash-5.0$ mount.nfs gentooserver:/ /media/store
>mount.nfs: permission denied: no match for /media/store found in
>/etc/fstab
>
>bash-5.0$ cat /etc/fstab | grep /media/store
>gentooserver:/ /media/store nfs4
>rw,_netdev,noauto,user,lazytime,exec,tcp
>
>?
Did you try as root?
Maxim
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#39670: Cannot mount NFS share as user or root
2020-02-18 21:33 ` bug#39670: Cannot mount NFS share as user or root Maxim Cournoyer
2020-02-18 21:43 ` Nathan Dehnel
@ 2020-02-20 16:25 ` maxim.cournoyer
2020-05-28 3:11 ` Maxim Cournoyer
1 sibling, 1 reply; 9+ messages in thread
From: maxim.cournoyer @ 2020-02-20 16:25 UTC (permalink / raw)
To: Maxim Cournoyer; +Cc: Nathan Dehnel, 39670
Hello,
Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:
>
> I encountered this too. Perhaps we should patch some references to
> mount.nfs (from nfs-utils) in the util-linux package which provides
> 'mount'.
>
> In the meantime, you should use "mount.nfs" directly.
I've looked into patching util-linux to reference explicitly the
mount.nfs helper, and I think this should do it:
--8<---------------cut here---------------start------------->8---
modified libmount/src/context.c
@@ -1939,8 +1939,13 @@ int mnt_context_prepare_helper(struct libmnt_context *cxt, const char *name,
struct stat st;
int rc;
- rc = snprintf(helper, sizeof(helper), "%s/%s.%s",
- path, name, type);
+ if (startswith(type, "nfs")) {
+ rc = snprintf(helper, sizeof(helper), "/gnu/store/c7kpr1jh5z3mrkz0yw9am86851y57cq7-nfs-utils-2.4.2/sbin/mount.nfs");
+ } else {
+ rc = snprintf(helper, sizeof(helper), "%s/%s.%s",
+ path, name, type);
+ }
+
path = strtok_r(NULL, ":", &p);
if (rc < 0 || (size_t) rc >= sizeof(helper))
--8<---------------cut here---------------end--------------->8---
But, adding nfs-utils to util-linux creates a dependency cycle which is
bothersome to resolve (nfs-utils requires eudev through lvm2, as well as
util-linux itself).
I've also realised that when I was using 'sudo mount.nfs ...' it
wouldn't work because it'd look up the root user's PATH for the helper.
'sudo -E mount.nfs ...' should work.
We should document that the 'nfs-utils' package needs to be added to the
operating system declaration packages field when NFS file systems are
used.
Maxim
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#39670: Cannot mount NFS share as user or root
2020-02-20 16:25 ` maxim.cournoyer
@ 2020-05-28 3:11 ` Maxim Cournoyer
[not found] ` <CAEEhgEt109hcO1STeYv8rWT1hcn+K+JK-AO_1jvP6hJv8etf5w@mail.gmail.com>
0 siblings, 1 reply; 9+ messages in thread
From: Maxim Cournoyer @ 2020-05-28 3:11 UTC (permalink / raw)
To: Nathan Dehnel; +Cc: 39670-done
I thought documenting this, but we don't really have a section to cover
this, and it isn't really Guix specific...
So, closing.
Thank you.
Maxim
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#39670: Cannot mount NFS share as user or root
[not found] ` <CAEEhgEtAeoxDcNQdR4BHx+9BCZq=9w5-A+Y0-J1L6Jf8rfFKkA@mail.gmail.com>
@ 2020-09-25 1:53 ` Maxim Cournoyer
2020-10-01 19:49 ` Maxim Cournoyer
0 siblings, 1 reply; 9+ messages in thread
From: Maxim Cournoyer @ 2020-09-25 1:53 UTC (permalink / raw)
To: Nathan Dehnel; +Cc: 39670
Hi,
Nathan Dehnel <ncdehnel@gmail.com> writes:
> Right, but it's more inconvenient than just clicking the share in thunar
> and it mounting. Actually, I can't mount it without doing "sudo" first,
> despite having the "user" fstab flag set. This actually might be a separate
> issue, but I'm not sure.
That's a good point. We should try to make this simpler. The mount.nfs
binary needs to be setuid root to allow unprivileged users to mount NFS
file systems. Unfortunately, the mount command (which we already define
as setuid-root) only looked for helpers under /run/current/profile/sbin.
This is now fixed in commit def6e2ae4619587114383b3f8fd9f3cf8310b4b9
(which had to be made on core-updates).
> Why doesn't the regular "mount" command work, again? Some sort of
> dependency loop because of the functional package manager? And this is
> deemed "not guix-specific"?
For some file systems, 'mount' requires helper to be found in its PATH
(see: "man mount"). That is true on any systems (not Guix-specific).
These helpers are not installed out-of-the-box on Guix System, so you
need to add them yourself to the 'packages' operating system field.
If you also want to be able to use mount as an unprivileged user, the
mount command as well as its helpers must all be setuid-root. Again,
this is something (for the helpers) that must currently done manually by
adding, for example:
--8<---------------cut here---------------start------------->8---
(setuid-programs (cons*
(file-append nfs-utils "/sbin/mount.nfs")
(file-append ntfs-3g "/sbin/mount.ntfs-3g")
%setuid-programs))
--8<---------------cut here---------------end--------------->8---
I've sent a patch for review which proposes to add these setuid-root binaries for
desktop users out-of-the-box on Guix System, which only adds about 4 MiB
to the almost 3 GiB closure of the lightweight-desktop.tmpl system [0].
As mentioned before, it depends on a change to util-linux that had to be
made on the core-updates branch, so it won't be usable until the next
core-updates merge.
Maxim
[0] https://debbugs.gnu.org/cgi/bugreport.cgi?bug=43604
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#39670: Cannot mount NFS share as user or root
2020-09-25 1:53 ` Maxim Cournoyer
@ 2020-10-01 19:49 ` Maxim Cournoyer
2020-10-02 23:08 ` Nathan Dehnel
0 siblings, 1 reply; 9+ messages in thread
From: Maxim Cournoyer @ 2020-10-01 19:49 UTC (permalink / raw)
To: Nathan Dehnel; +Cc: 39670-done
Hi!
> Nathan Dehnel <ncdehnel@gmail.com> writes:
>
>> Right, but it's more inconvenient than just clicking the share in thunar
>> and it mounting. Actually, I can't mount it without doing "sudo" first,
>> despite having the "user" fstab flag set. This actually might be a separate
>> issue, but I'm not sure.
>
> That's a good point. We should try to make this simpler. The mount.nfs
> binary needs to be setuid root to allow unprivileged users to mount NFS
> file systems. Unfortunately, the mount command (which we already define
> as setuid-root) only looked for helpers under /run/current/profile/sbin.
> This is now fixed in commit def6e2ae4619587114383b3f8fd9f3cf8310b4b9
> (which had to be made on core-updates).
>
[...]
> I've sent a patch for review which proposes to add these setuid-root binaries for
> desktop users out-of-the-box on Guix System, which only adds about 4 MiB
> to the almost 3 GiB closure of the lightweight-desktop.tmpl system [0].
>
> As mentioned before, it depends on a change to util-linux that had to be
> made on the core-updates branch, so it won't be usable until the next
> core-updates merge.
This patch has now been merged with commit d40c9f6c85.
Closing!
Thank you,
Maxim
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#39670: Cannot mount NFS share as user or root
2020-10-01 19:49 ` Maxim Cournoyer
@ 2020-10-02 23:08 ` Nathan Dehnel
2020-10-13 3:22 ` Maxim Cournoyer
0 siblings, 1 reply; 9+ messages in thread
From: Nathan Dehnel @ 2020-10-02 23:08 UTC (permalink / raw)
To: Maxim Cournoyer; +Cc: 39670-done
[-- Attachment #1: Type: text/plain, Size: 1469 bytes --]
You should also setuid mount.nfs4 because the mount command calls that if
you are using NFSv4.
On Thu, Oct 1, 2020 at 2:47 PM Maxim Cournoyer <maxim.cournoyer@gmail.com>
wrote:
> Hi!
>
> > Nathan Dehnel <ncdehnel@gmail.com> writes:
> >
> >> Right, but it's more inconvenient than just clicking the share in thunar
> >> and it mounting. Actually, I can't mount it without doing "sudo" first,
> >> despite having the "user" fstab flag set. This actually might be a
> separate
> >> issue, but I'm not sure.
> >
> > That's a good point. We should try to make this simpler. The mount.nfs
> > binary needs to be setuid root to allow unprivileged users to mount NFS
> > file systems. Unfortunately, the mount command (which we already define
> > as setuid-root) only looked for helpers under /run/current/profile/sbin.
> > This is now fixed in commit def6e2ae4619587114383b3f8fd9f3cf8310b4b9
> > (which had to be made on core-updates).
> >
>
> [...]
>
> > I've sent a patch for review which proposes to add these setuid-root
> binaries for
> > desktop users out-of-the-box on Guix System, which only adds about 4 MiB
> > to the almost 3 GiB closure of the lightweight-desktop.tmpl system [0].
> >
> > As mentioned before, it depends on a change to util-linux that had to be
> > made on the core-updates branch, so it won't be usable until the next
> > core-updates merge.
>
> This patch has now been merged with commit d40c9f6c85.
>
> Closing!
>
> Thank you,
>
> Maxim
>
[-- Attachment #2: Type: text/html, Size: 2045 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#39670: Cannot mount NFS share as user or root
2020-10-02 23:08 ` Nathan Dehnel
@ 2020-10-13 3:22 ` Maxim Cournoyer
0 siblings, 0 replies; 9+ messages in thread
From: Maxim Cournoyer @ 2020-10-13 3:22 UTC (permalink / raw)
To: Nathan Dehnel; +Cc: 39670
Hello Nathan,
Nathan Dehnel <ncdehnel@gmail.com> writes:
> You should also setuid mount.nfs4 because the mount command calls that if
> you are using NFSv4.
[...]
I don't think that's necessary, if your program simply calls to the
'mount' command:
sudo strace -f -s200 mount localhost:/pub /tmp/pub
--8<---------------cut here---------------start------------->8---
[...]
[pid 19019] execve("/run/current-system/profile/sbin/mount.nfs", ["/run/current-system/profile/sbin/mount.nfs", "localhost:/pub", "/tmp/pub", "-o", "rw"], 0x7fff431b5038 /* 21 vars */) = 0
[...]
--8<---------------cut here---------------end--------------->8---
You see that mount ends up calling the mount.nfs binary, not mount.nfs4
(even though 'mount' reports this is using NFS v4.2).
If you have some software using mount.nfs4, that could be patched to
mount.nfs, as mount.nfs4 is just a symlink to mount.nfs.
Thanks,
Maxim
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2020-10-13 3:23 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <CAEEhgEsz+aka+h8P8RN56ochGf_fBeSegj6LOPVkxdwoSHB6oQ@mail.gmail.com>
2020-02-18 21:33 ` bug#39670: Cannot mount NFS share as user or root Maxim Cournoyer
2020-02-18 21:43 ` Nathan Dehnel
2020-02-18 22:43 ` Maxim Cournoyer
2020-02-20 16:25 ` maxim.cournoyer
2020-05-28 3:11 ` Maxim Cournoyer
[not found] ` <CAEEhgEt109hcO1STeYv8rWT1hcn+K+JK-AO_1jvP6hJv8etf5w@mail.gmail.com>
[not found] ` <87y2kzvmc2.fsf@gmail.com>
[not found] ` <CAEEhgEtAeoxDcNQdR4BHx+9BCZq=9w5-A+Y0-J1L6Jf8rfFKkA@mail.gmail.com>
2020-09-25 1:53 ` Maxim Cournoyer
2020-10-01 19:49 ` Maxim Cournoyer
2020-10-02 23:08 ` Nathan Dehnel
2020-10-13 3:22 ` Maxim Cournoyer
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).