OpenVZ Forum


Home » General » Support » Container on encfs (fuse) dosn't work (I've got a problem with running a container from encrypted directory using encfs)
Container on encfs (fuse) dosn't work [message #41129] Thu, 25 November 2010 10:16 Go to previous message
keypress is currently offline  keypress
Messages: 4
Registered: November 2010
Junior Member
I want my CT 103 to be on encrypted filesystem. I decided to use encfs. I mount encrypted directory using this command:
encfs --public /vz/private/.enc_raw /vz/private/enc

I've tried also FUSE options like: allow_root and allow_other. And I have symbolic link "/vz/private/103" -> /vz/private/enc/103.
[-]# ls -l /vz/private/
total 36
lrwxrwxrwx  1 root root    8 Nov 10 14:52 103 -> enc/103/


I start the container and I can enter it using "vzctl enter". It appears, that as root I can manipulate files. But when I do "su -l user" I can read and delete existing files, but can't create new files. And this causes that e.g. postgres can't work properly. The same problems occur when I do "chroot" to the encrypted file system. When I do "chroot /vz/private/enc/103" I receive:
bash: /dev/null: Permission denied
bash: /dev/null: Permission denied
bash: /dev/null: Permission denied
bash: /dev/null: Permission denied
bash: /dev/null: Permission denied
bash: /dev/null: Permission denied

And the same messages appear on every "su -l" or "su -l user". And the "user" also cannot create new files, but can read and delete existing ones.

What shall I do?

System Info:
[~]# lsb_release -a
LSB Version:    :core-3.1-amd64:core-3.1-ia32:core-3.1-noarch:graphics-3.1-amd64:graphics-3.1-ia32:graphics-3.1-noarch
Distributor ID: CentOS
Description:    CentOS release 5.5 (Final)
Release:        5.5
Codename:       Final
[~]# uname -a
Linux devmap.naviexpert.com 2.6.18-194.8.1.el5.028stab070.2 #1 SMP Tue Jul 6 14:55:39 MSD 2010 x86_64 x86_64 x86_64 GNU/Linux
[~]# ...
Installed Packages
ovzkernel.x86_64           2.6.18-194.8.1.el5.028stab070.2   installed          
vzctl.x86_64               3.0.24.2-1                        installed          
vzctl-lib.x86_64           3.0.24.2-1                        installed          
vzpkg.noarch               2.7.0-18                          installed          
vzquota.x86_64             3.0.12-1                          installed          
vzrpm43.i386               4.3.3-7_nonptl.6                  installed          
vzrpm43-python.i386        4.3.3-7_nonptl.6                  installed          
vzrpm44.i386               4.4.1-22.5                        installed          
vzrpm44-python.i386        4.4.1-22.5                        installed          
vztmpl-centos-4.i386       2.0-2                             installed          
vztmpl-centos-5.i386       2.0-3                             installed          
vztmpl-fedora-7.i386       1.1-1                             installed          
vztmpl-fedora-9.i386       1.1-1                             installed          
vztmpl-fedora-core-3.i386  2.0-2                             installed          
vztmpl-fedora-core-4.i386  2.0-2                             installed          
vztmpl-fedora-core-5.i386  2.0-2                             installed          
vztmpl-fedora-core-6.i386  1.2-1                             installed          
vzyum.noarch               2.4.0-11                          installed
...
Installed Packages
fuse-encfs.x86_64          1.4.1-1.el5.rf                    installed


A piece of my 103.conf file:
OSTEMPLATE="centos-5-x86_64-default"
ORIGIN_SAMPLE="basic"
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Debian lenny to 2.6.32-5 kernel network
Next Topic: Why is SELinux incompatible with OpenVZ?
Goto Forum:
  


Current Time: Sat Oct 25 18:44:21 GMT 2025

Total time taken to generate the page: 0.08142 seconds