Just to the NFS server, run
$ chown -R root:root ./*
You don't want to change the ownership on the NFS client side.
Thursday, January 30, 2014
Bug: OpenVZ migration with NFS version 4
There is bug for OpenVZ migration with NFS version 4
I mount the /vz and /etc/vz/conf directories to a NFS server to reduce the migration time.
I am able to suspend the container, but it give me error message when resuming it. If I unmount the two directories, problem would be resolved.
Here is the error message when I am using NFS
I mount the /vz and /etc/vz/conf directories to a NFS server to reduce the migration time.
I am able to suspend the container, but it give me error message when resuming it. If I unmount the two directories, problem would be resolved.
Here is the error message when I am using NFS
[root@sr2s1 /]# vzctl suspend 106
Setting up checkpoint...
suspend...
dump...
kill...
Checkpointing completed successfully
Container is unmounted
[root@sr2s1 /]# vzctl resume 106
Restoring container ...
Container is mounted
undump...
Setting CPU units: 1000
Restore error, undump failed: Not a directory
Error: can't open file /lib64/libnss_files-2.12.so
Error: do_rst_vma: rst_file: 107776
Error: do_rst_mm: failed to restore vma: -20
Error: do_rst_mm 183376
Error: rst_mm: -20
Container restore failed
Container is unmounted
The error message complains that the /vz/private/106/lib64/libnss_files-2.12.so file is not accessible, although I set up the correct access and ownership for that file.
I solved this problem by downgrading the NFS version from 4 to 3. I think the NFS v4 does some security checks that prevents the vzctl resume to access the library files.
How to downgrade NFS:
http://fengweizhang.blogspot.com/2014/01/downgrade-nfs-from-version-4-to-3.html
Wednesday, January 29, 2014
Downgrade NFS from version 4 to 3
1. Change the default client configuration to 3
$ vim /etc/nfsmount.conf
# Protocol Version [2,3,4]
# This defines the default protocol version which will
# be used to start the negotiation with the server.
Defaultvers=3
2. change the mount file type as nfs instead of nfs4
$ vim /etc/fstab
192.168.0.21:/nfs_meerkats /vz nfs defaults,acl 1 1
192.168.0.21:/nfs_meerkats/conf /etc/vz/conf nfs defaults,acl 1 1
3. remount all the mount point
$ umount /vz
$ umount /etc/vz/conf
$ mount -a
$ mount
192.168.0.21:/nfs_meerkats on /vz type nfs (rw,acl,addr=192.168.0.21)
192.168.0.21:/nfs_meerkats/conf on /etc/sysconfig/vz-scripts type nfs (rw,acl,addr=192.168.0.21)
if it is using version 4:
$ mount
192.168.0.21:/nfs_meerkats on /vz type nfs (rw,acl,vers=4,addr=192.168.0.21,clientaddr=192.168.0.27)
192.168.0.21:/nfs_meerkats/conf on /etc/sysconfig/vz-scripts type nfs (rw,acl,vers=4,addr=192.168.0.21,clientaddr=192.168.0.27)
Friday, January 24, 2014
Forget root password on ubuntu
Use a Ubuntu disk, and boot into the rescue mode. Choose to run a shell. Then you can gain the root privilege.
Network Configuration on Ubuntu
Sample configuration file:
@sr2s17:~$ cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet dhcp
auto eth2
iface eth2 inet static
address 192.168.0.37
netmask 255.255.255.0
I use interface eth0 as the external network and eth2 as the internal network.
After you install Ubuntu, the interfaces may not be up. Although you can use ethtool to detect if the interfaces are physically connected by cables, This approach is not accurate on Ubuntu (works on CentOS).
For example, I know there are six interfaces on my server
eth0 and eth1 are on a broadcom network card, and eth2, 3, 4, 5 are on a Intel network card.
I plugged the Ethernet cable to the eth2 interface, so I just need to write the script into /etc/network/interfaces, which help me to enable the eth2. Next, I run a $ /etc/init.d/networking restart
Thursday, January 23, 2014
NFS on ubuntu
root@sr2s17:/home/fengwei# mount -a
mount: unknown filesystem type 'nfs4'
root@sr2s17:/home/fengwei# apt-get install nfs-common
https://help.ubuntu.com/community/SettingUpNFSHowTo
Fix: sudo: setresuid(ROOT_UID, ROOT_UID, ROOT_UID): Operation not permitted
This is a known bug for Ubuntu 12.04 with LDAP
It is caused by libgcrypt in GnuTLS that used by LDAP for SSL connections.
Solution:
Use libnettle instead of libgcrypt, and recompile gnutls26
Since you don't have sudo, you can use Ubuntu disk boot into rescue mode.
1) create the root user
or
2) gain sudo by disabling the ldap $ mv /etc/ldap.conf /etc/ldap.conf.backup; $ reboot
After you have the root privilege, boot your machine into normal disk. The following commands disabled ldap when fixing this bug.
Step 1. Install necessary packages
It is caused by libgcrypt in GnuTLS that used by LDAP for SSL connections.
Solution:
Use libnettle instead of libgcrypt, and recompile gnutls26
Since you don't have sudo, you can use Ubuntu disk boot into rescue mode.
1) create the root user
or
2) gain sudo by disabling the ldap $ mv /etc/ldap.conf /etc/ldap.conf.backup; $ reboot
After you have the root privilege, boot your machine into normal disk. The following commands disabled ldap when fixing this bug.
Step 1. Install necessary packages
sudo apt-get install libgmp-dev devscripts
sudo apt-get build-dep libgnutls26
Step 2. Download and install nettle
$ wget http://www.lysator.liu.se/~nisse/archive/nettle-2.1.tar.gz
$ tar zxvf nettle-2.1.tar.gz
$ cd nettle-2.1
$./configure --with-gmp
$ make
$ sudo make install
$ sudo reboot ( I have a compiling issue with gnutls26 if don't reboot here)
Step 3. Compile and build gnutls26
$ sudo apt-get source gnutls26
$ cd gnutls26-2.12.14
$ sudo vim debian/rules
remove --with-libgcrypt
$ sudo debuild -i -uc -us -b
$ cd ..
$ dpkg -i libgnutls26_2.12.14*.deb
Source:
https://jeroenvda.eu/2012/05/03/cannot-setuid-after-ubuntu-12-04lts-upgrade-when-using-ldap-accounts/
http://askubuntu.com/questions/106642/how-to-fix-sudo-setreuidroot-uid-user-uid-operation-not-permitted-error
Create a local root user on Ubuntu
$ sudo passwd root
enter the password. if you want to become a root, then you can just type $ su
It aways good idea to create one, because the sudo may not be functional, such as this bug:
http://askubuntu.com/questions/106642/how-to-fix-sudo-setreuidroot-uid-user-uid-operation-not-permitted-error
enter the password. if you want to become a root, then you can just type $ su
It aways good idea to create one, because the sudo may not be functional, such as this bug:
http://askubuntu.com/questions/106642/how-to-fix-sudo-setreuidroot-uid-user-uid-operation-not-permitted-error
Monday, January 13, 2014
Configure the hostname in CentOS
Test a hostname if working:
nfslookup HOSTNAME
or
nfslookup IP_ADDRESS
to see if there is an entry in the DNS server
First, you need to have a correct network script in /etc/sysconfig/network-script/ifcfg-eth4
Then, configure the hostname:
http://www.rackspace.com/knowledge_center/article/centos-hostname-change
1. set /etc/sysconfig/network
2. configre /etc/hosts
3. restart network
$ service network restart
nfslookup HOSTNAME
or
nfslookup IP_ADDRESS
to see if there is an entry in the DNS server
First, you need to have a correct network script in /etc/sysconfig/network-script/ifcfg-eth4
[root@sr2s18 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth4
DEVICE=eth4 //device name
HWADDR=00:26:B9:38:4C:23 // mac address
TYPE=Ethernet
ONBOOT=yes // automatically connected after bootup
NM_CONTROLLED=no // does not use Network Manager, use ifcfg-eth4 script
BOOTPROTO=dhcp // use DHCP
DHCP_HOSTNAME=sr2s18 // configure DHCP hostname
PEERDNS=yes //Modify /etc/resolv.conf if the DNS directive is set. If using DHCP, then yes is the default
Then, configure the hostname:
http://www.rackspace.com/knowledge_center/article/centos-hostname-change
1. set /etc/sysconfig/network
[root@sr2s16 ~]# cat /etc/sysconfig/network
NETWORKING_IPV6=no
HOSTNAME=sr2s16.example.com
NETWORKING=yes
2. configre /etc/hosts
[root@sr2s16 ~]# cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
129.174.114.142 sr2s16.example.com sr2s16
::1 sr2s16.example.com sr2s16
192.168.0.36 sr2s16.example.com sr2s16
3. restart network
$ service network restart
Friday, January 10, 2014
network configuration sample on Cent OS
External network interface using dhcp: /etc/sysconfig/network-script/ifcfg-eth4
[root@sr2s18 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth4
DEVICE=eth4
HWADDR=00:26:B9:38:4C:23
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
Internal network interface using static IP: /etc/sysconfig/network-script/ifcfg-eth0
[root@sr2s18 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:1B:21:44:96:10
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.0.38
BROADCAST=192.158.0.25
NETMASK=255.255.255.0
NAME=eth0
Run dhcp when system starts up on Cent OS
configure /etc/sysconfig/network-script/ifcfg-eth4
DEVICE=eth4
HWADDR=00:26:B9:38:4C:23
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
if you set the onboot=yes, the system will run dhcp when system boots
Fix nobody issue on CentOS/Ubunut using LDAP and NFS
CentOS
vim /etc/idmapd.conf
add Domain=example.com
restart the services
http://lfhck.com/question/100876/centos-6--ldap--nfs-file-ownership-is-stuck-on-nobody
Ubuntu
vim /etc/idmapd.conf
add Domain=example.com
vim /etc/idmapd.conf
add Domain=example.com
restart the services
/etc/init.d/rpcidmapd restart and /etc/init.d/nfs restarthttp://lfhck.com/question/100876/centos-6--ldap--nfs-file-ownership-is-stuck-on-nobody
Solved!
I happened to notice this line in
/var/log/messages on my NFS server when I was attempting to mount an export from the remote client:Feb 28 15:54:02 storage1 rpc.idmapd[1651]: nss_getpwnam: name 'nobody' does not map into domain 'localdomain'
This caused me to look at the first few lines of
/etc/idmapd.conf:[General]
#Verbosity = 0
# The following should be set to the local NFSv4 domain name
# The default is the host's DNS domain name.
#Domain = local.domain.edu
I then added
Domain=subdomain.mycompany.com under the commented out "Domain" line. Saved, exited and then ran/etc/init.d/rpcidmapd restart and /etc/init.d/nfs restart.Ubuntu
vim /etc/idmapd.conf
add Domain=example.com
reboot
Subscribe to:
Posts (Atom)