OpenVZ Forum: Support » Container on encfs (fuse) dosn't work

Home » General » Support » Container on encfs (fuse) dosn't work (I've got a problem with running a container from encrypted directory using encfs)

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Container on encfs (fuse) dosn't work [message #41129]

Thu, 25 November 2010 10:16

keypress
Messages: 4
Registered: November 2010

Junior Member

I want my CT 103 to be on encrypted filesystem. I decided to use encfs. I mount encrypted directory using this command:

encfs --public /vz/private/.enc_raw /vz/private/enc

I've tried also FUSE options like: allow_root and allow_other. And I have symbolic link "/vz/private/103" -> /vz/private/enc/103.

[-]# ls -l /vz/private/
total 36
lrwxrwxrwx  1 root root    8 Nov 10 14:52 103 -> enc/103/

I start the container and I can enter it using "vzctl enter". It appears, that as root I can manipulate files. But when I do "su -l user" I can read and delete existing files, but can't create new files. And this causes that e.g. postgres can't work properly. The same problems occur when I do "chroot" to the encrypted file system. When I do "chroot /vz/private/enc/103" I receive:

bash: /dev/null: Permission denied
bash: /dev/null: Permission denied
bash: /dev/null: Permission denied
bash: /dev/null: Permission denied
bash: /dev/null: Permission denied
bash: /dev/null: Permission denied

And the same messages appear on every "su -l" or "su -l user". And the "user" also cannot create new files, but can read and delete existing ones.

What shall I do?

System Info:

[~]# lsb_release -a
LSB Version:    :core-3.1-amd64:core-3.1-ia32:core-3.1-noarch:graphics-3.1-amd64:graphics-3.1-ia32:graphics-3.1-noarch
Distributor ID: CentOS
Description:    CentOS release 5.5 (Final)
Release:        5.5
Codename:       Final
[~]# uname -a
Linux devmap.naviexpert.com 2.6.18-194.8.1.el5.028stab070.2 #1 SMP Tue Jul 6 14:55:39 MSD 2010 x86_64 x86_64 x86_64 GNU/Linux
[~]# ...
Installed Packages
ovzkernel.x86_64           2.6.18-194.8.1.el5.028stab070.2   installed          
vzctl.x86_64               3.0.24.2-1                        installed          
vzctl-lib.x86_64           3.0.24.2-1                        installed          
vzpkg.noarch               2.7.0-18                          installed          
vzquota.x86_64             3.0.12-1                          installed          
vzrpm43.i386               4.3.3-7_nonptl.6                  installed          
vzrpm43-python.i386        4.3.3-7_nonptl.6                  installed          
vzrpm44.i386               4.4.1-22.5                        installed          
vzrpm44-python.i386        4.4.1-22.5                        installed          
vztmpl-centos-4.i386       2.0-2                             installed          
vztmpl-centos-5.i386       2.0-3                             installed          
vztmpl-fedora-7.i386       1.1-1                             installed          
vztmpl-fedora-9.i386       1.1-1                             installed          
vztmpl-fedora-core-3.i386  2.0-2                             installed          
vztmpl-fedora-core-4.i386  2.0-2                             installed          
vztmpl-fedora-core-5.i386  2.0-2                             installed          
vztmpl-fedora-core-6.i386  1.2-1                             installed          
vzyum.noarch               2.4.0-11                          installed
...
Installed Packages
fuse-encfs.x86_64          1.4.1-1.el5.rf                    installed

A piece of my 103.conf file:

OSTEMPLATE="centos-5-x86_64-default"
ORIGIN_SAMPLE="basic"

Report message to a moderator

Re: Container on encfs (fuse) dosn't work [message #41166 is a reply to message #41129]

Tue, 07 December 2010 18:48

boysentot
Messages: 4
Registered: December 2010

Junior Member

Were you ever able to resolve this problem?

Report message to a moderator

Re: Container on encfs (fuse) dosn't work [message #41182 is a reply to message #41166]

Wed, 08 December 2010 08:48

keypress
Messages: 4
Registered: November 2010

Junior Member

No, I weren't and I still cannot solve it.

Report message to a moderator

Re: Container on encfs (fuse) dosn't work [message #41186 is a reply to message #41182]

Wed, 08 December 2010 17:38

boysentot
Messages: 4
Registered: December 2010

Junior Member

Try this page. It has a section on "/dev/null" which looks promising.

I haven't tried it myself.

wiki.openvz.org/Physical_to_container

Report message to a moderator

Re: Container on encfs (fuse) dosn't work [message #41187 is a reply to message #41182]

Wed, 08 December 2010 17:39

boysentot
Messages: 4
Registered: December 2010

Junior Member

Try this. It has a section towards the bottom on "/dev/null" which looks promising.

I haven't tried it myself.

wiki.openvz.org/Physical_to_container

Report message to a moderator

Re: Container on encfs (fuse) dosn't work [message #41188 is a reply to message #41166]

Thu, 09 December 2010 10:04

keypress
Messages: 4
Registered: November 2010

Junior Member

No, I weren't and I still cannot solve it.

Report message to a moderator

Re: Container on encfs (fuse) dosn't work [message #41190 is a reply to message #41188]

Thu, 09 December 2010 17:23

boysentot
Messages: 4
Registered: December 2010

Junior Member

There is a section within the OpenVZ wiki, Physical_to_container, which describes how to turn a physical box into a container. There is a section that deals directly with how to handle "/dev/null" that I believe would be of use to you. Go to wiki . openvz . org / Physical_to_container (sorry, I'm too new to post links) to take a look.

Report message to a moderator

Re: Container on encfs (fuse) dosn't work [message #41374 is a reply to message #41190]

Wed, 12 January 2011 13:56

keypress
Messages: 4
Registered: November 2010

Junior Member

Unfortunately it didn't help. Any ideas?

Report message to a moderator

Previous Topic:	Debian lenny to 2.6.32-5 kernel network
Next Topic:	Why is SELinux incompatible with OpenVZ?

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Sat Aug 10 13:16:01 GMT 2024

Total time taken to generate the page: 0.03823 seconds