1. Forum
  2. Usenet
  3. COMP.UNIX.PROGRAMMER

  • Re: Need advice about fixing PROC mount failures in a DIY Linux contain

    From Lew Pitcher@21:1/5 to All on Tue Jan 10 15:37:57 2023
    On Mon, 09 Jan 2023 19:27:13 +000, Rainer Weikusat wrote:

    +AD4 Lew Pitcher +ADw-lew.pitcher+AEA-digitalfreehold.ca+AD4 writes:
    +AD4
    +AD4 +AFs...+AF0
    +AD4
    +AD4APg Well, I can answer my own question, now. But the answer
    +AD4APg leads to more questions.
    +AD4APg
    +AD4APg The reason I get +ACI-Operation not permitted+ACI on the
    +AD4APg container /proc mount on my +ACI-production+ACI system is that
    +AD4APg I also run an nfs server on my +ACI-production+ACI system (and
    +AD4APg do not run one on my development system), and is nfs
    +AD4APg server maintains two mountpoints within the /proc
    +AD4APg filesystem.
    +AD4APg
    +AD4APg Apparently, the attempt to mount /proc within my container
    +AD4APg was blocked by the existance of these two mount points
    +AD4APg (/proc/fs/nfs and /proc/fs/nfsd), as when I shut down my
    +AD4APg rpc and nfs servers, and umounted these two mounts, I could
    +AD4APg successfully run my demo container.
    +AD4APg
    +AD4APg /Now/ the question is: how do I get my container /proc mount
    +AD4APg to ignore or bypass these two nfsd mounts?
    +AD4
    +AD4 Instead of doing a bind mount of a proc filesystem already mounted
    +AD4 somewhere, you could mount a new instance of it. The command for this
    +AD4 would be
    +AD4
    +AD4 mount -t proc proc +ADw-mount point+AD4

    Thanks, Rainer, but that didn't work.

    First off, at the point in this toy container that we mount the proc
    filesystem to the (now +ACI-contained+ACI) /proc directory, I can't guarantee any of the external environment. Specifically, I can't use system(3)
    to invoke the mount(8) command because I have no guarantee that either
    /bin/sh or /bin/mount even exist in the contained root filesystem. So,
    that leaves using the mount(2) syscall.

    When I invoke the mount(2) syscall, as
    mount(+ACI-none+ACI,+ACI-/proc+ACI,+ACI-proc+ACI,0,NULL):
    (which should be equivalent to your mount command) I get success on my development system. However, I get +ACI-Operation not permitted+ACI on the system that supports my NFS server. And, this is the problem I'm trying
    to solve.

    I've tried variations of the basic mount with no success.

    From +ACI-internet research+ACI (as reliable as that can be), I've seen this problem talked about wrt both NFS and XEN, where the host OS mounts
    some NFS or XEN filesystem to /proc before the containers start. The
    cure talked about is purely operational: the host has to start the
    container /before/ mounting the NFS or XEN filesystems to the host
    /proc filesystem. I'm still hoping for a software solution rather than
    an operations solution.

    +AD4 You'll generally also want to mount sysfs, BTW.

    Yup. Already done.

    Thanks for the help
    --
    Lew Pitcher
    +ACI-In Skills We Trust+ACI

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Spiros Bousbouras@21:1/5 to Spiros Bousbouras on Tue Jan 10 17:51:18 2023
    On Tue, 10 Jan 2023 17:46:37 -0000 (UTC)
    Spiros Bousbouras <spibou@gmail.com> wrote:
    On Tue, 10 Jan 2023 15:37:57 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Mon, 09 Jan 2023 19:27:13 +000, Rainer Weikusat wrote:

    +AD4 Lew Pitcher +ADw-lew.pitcher+AEA-digitalfreehold.ca+AD4 writes:
    +AD4
    +AD4 +AFs...+AF0
    +AD4
    +AD4APg Well, I can answer my own question, now. But the answer
    [...]

    Your header has
    Content-Type: text/plain; charset=UTF-7
    [...]
    Cancel-Lock: sha1:drgwkHQQNs2fonV/DG5gKqae+5A=

    iconv -f UTF7 -t UTF8 <your post>
    complains that
    iconv: illegal input sequence at position 1026

    which I think corresponds to the +5A part. Is there some reason you
    are posting using an obscure obsolete encoding ? The Cancel-Lock
    part I assume was added by eternal-september but still , the UTF-7
    encoding unnecessarily complicates things.

    Ok , I should have used iconv only on the body of your message rather
    than the header too but still , why UTF-7 ?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Spiros Bousbouras@21:1/5 to Lew Pitcher on Tue Jan 10 17:46:37 2023
    On Tue, 10 Jan 2023 15:37:57 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Mon, 09 Jan 2023 19:27:13 +000, Rainer Weikusat wrote:

    +AD4 Lew Pitcher +ADw-lew.pitcher+AEA-digitalfreehold.ca+AD4 writes:
    +AD4
    +AD4 +AFs...+AF0
    +AD4
    +AD4APg Well, I can answer my own question, now. But the answer
    [...]

    Your header has
    Content-Type: text/plain; charset=UTF-7
    [...]
    Cancel-Lock: sha1:drgwkHQQNs2fonV/DG5gKqae+5A=

    iconv -f UTF7 -t UTF8 <your post>
    complains that
    iconv: illegal input sequence at position 1026

    which I think corresponds to the +5A part. Is there some reason you
    are posting using an obscure obsolete encoding ? The Cancel-Lock
    part I assume was added by eternal-september but still , the UTF-7
    encoding unnecessarily complicates things.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Lew Pitcher@21:1/5 to Spiros Bousbouras on Wed Jan 11 01:31:03 2023
    On Tue, 10 Jan 2023 17:46:37 +0000, Spiros Bousbouras wrote:

    On Tue, 10 Jan 2023 15:37:57 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Mon, 09 Jan 2023 19:27:13 +000, Rainer Weikusat wrote:

    +AD4 Lew Pitcher +ADw-lew.pitcher+AEA-digitalfreehold.ca+AD4 writes:
    +AD4
    +AD4 +AFs...+AF0
    +AD4
    +AD4APg Well, I can answer my own question, now. But the answer
    [...]

    Your header has
    Content-Type: text/plain; charset=UTF-7

    Somehow, my pan config for a few newsgroups changed from UTF8 to UTF7,
    I don't know how.

    Anyways, I've corrected that now.

    Thanks for the heads-up
    --
    Lew Pitcher
    "In Skills We Trust"

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Spiros Bousbouras on Wed Jan 11 09:20:14 2023
    On Tue, 10 Jan 2023 17:46:37 -0000 (UTC)
    Spiros Bousbouras <spibou@gmail.com> wrote:
    On Tue, 10 Jan 2023 15:37:57 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Mon, 09 Jan 2023 19:27:13 +000, Rainer Weikusat wrote:

    +AD4 Lew Pitcher +ADw-lew.pitcher+AEA-digitalfreehold.ca+AD4 writes:
    +AD4
    +AD4 +AFs...+AF0
    +AD4
    +AD4APg Well, I can answer my own question, now. But the answer
    [...]

    Your header has
    Content-Type: text/plain; charset=UTF-7
    [...]
    Cancel-Lock: sha1:drgwkHQQNs2fonV/DG5gKqae+5A=

    iconv -f UTF7 -t UTF8 <your post>
    complains that
    iconv: illegal input sequence at position 1026

    which I think corresponds to the +5A part. Is there some reason you
    are posting using an obscure obsolete encoding ? The Cancel-Lock
    part I assume was added by eternal-september but still , the UTF-7
    encoding unnecessarily complicates things.

    Am I alone in never having heard of UTF7 until now?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)