OpenVZ Forum


Home » General » Support » Samba cifs client in VE's
icon9.gif  Samba cifs client in VE's [message #26828] Sat, 02 February 2008 05:09 Go to next message
kierse is currently offline  kierse
Messages: 5
Registered: February 2008
Location: Canada
Junior Member
Hi everyone,

My Hardware Node and all VE's are running Gentoo. I'm attempting to share the HN's portage directory among the running VE's in a safe and secure manner. Here's the plan:

1. HN will not have access to internet (restricted by firewall).
2. I'd like to expose the HN's portage directory to the running VE's using Samba.
3. There would be two access levels, read only and write access. The plan is to have one VE (having write access) which would be run periodically in order to update portage. The remaining VE's would all have read only access.

Unfortunately, neither smbfs nor cifs ever appear in the VE's list of supported filesystems (/proc/filesystems) and therefore I haven't been able to mount them. I've searched the net and the OpenVZ forums but haven't come up with anything of use. Several posts indicate that SMB is not supported yet the OpenVZ documentation seems to indicate otherwise (http://wiki.openvz.org/Differences_between_venet_and_veth).

Is running a Samaba client inside a VE possible? Am I missing something here?

Note: I'm running OpenVZ kernel version 2.6.18.028.051
Note: Both smbfs and cifs were build as kernel modules on the HN. Both were loaded before the VE's were started.

Thanks in advance,
Kierse

Report message to a moderator

Re: Samba cifs client in VE's [message #26842 is a reply to message #26828] Sun, 03 February 2008 08:26 Go to previous messageGo to next message
piavlo is currently offline  piavlo
Messages: 159
Registered: January 2007
Senior Member
You can share the portage with bind mounts.
If you are worried about security put the shared portage tree on a separate file system, and use vps.mount & vps.umount scripts
to auto mount the portage tree inside VE then it is started.
There are also read only bind mounts implementation which would
solve your problem perfectly but i not shure if this was ever inserted into linux mainline kernel (i tried with kernels up to 2.6.23 and it never worked for me)
But you can make the shared portage filesystem mounted readonly
in the HN, and make it r/w only for a short period of time then you're updating portage.

[Updated on: Sun, 03 February 2008 08:27]

Report message to a moderator

Re: Samba cifs client in VE's [message #26843 is a reply to message #26842] Sun, 03 February 2008 09:25 Go to previous message
piavlo is currently offline  piavlo
Messages: 159
Registered: January 2007
Senior Member
piavlo wrote on Sun, 03 February 2008 10:26

You can share the portage with bind mounts.
If you are worried about security put the shared portage tree on a separate file system, and use vps.mount & vps.umount scripts
to auto mount the portage tree inside VE then it is started.
There are also read only bind mounts implementation which would
solve your problem perfectly but i not shure if this was ever inserted into linux mainline kernel (i tried with kernels up to 2.6.23 and it never worked for me)
But you can make the shared portage filesystem mounted readonly
in the HN, and make it r/w only for a short period of time then you're updating portage.


Looks like read only bind mounts were added only recently to 2.6.24, see
http://kernelnewbies.org/LinuxChanges#head-0da4f463de7038980 b699b6a2c91e5f16eac361b

Report message to a moderator

Previous Topic: nscd on VE
Next Topic: Hardwares stop in Create VM (image from other hardware)
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Tue Sep 03 18:17:47 GMT 2024

Total time taken to generate the page: 0.05062 seconds
Powered by FUDforum Powered by Virtuozzo Containers