[Bug 1418279] Re: Automount NFSv4 doesn't work

Erik Lönroth 1418279 at bugs.launchpad.net
Fri Dec 4 01:22:51 UTC 2020 

I get the same issue. I've created systemd unit files for both mount and
automount:


$ cat /etc/systemd/system/share-apps.automount 
[Unit]
Description=Automount Scratch

[Automount]
Where=/share/apps/

[Install]
WantedBy=multi-user.target


$ cat /etc/systemd/system/share-apps.mount 
[Unit]
Description=Scratch

[Mount]
What=192.168.2.241:/mnt/nfs_share
Where=/share/apps
Type=nfs

[Install]
WantedBy=multi-user.target


Mounting works fine (HELLO is a file on the remote NFS server):

$ systemctl start share-apps.mount 
$ ls /share/apps/
HELLO

However, automount fails:

$ systemctl stop share-apps.mount 
$ ls /share/apps/
$ systemctl start share-apps.automount 
Operation on or unit type of share-apps.automount not supported on this system.

$ systemd-detect-virt 
lxc


The nfs client container is privilegued.

The nfs client container has these apparmor settings and is restarted
with those settings:

lxc config get iceberg:juju-ee5ee4-0 raw.apparmor
mount fstype=rpc_pipefs, mount fstype=nfsd, mount fstype=nfs, mount fstype=nfsv4, mount fstype=autofs,

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to autofs in Ubuntu.
https://bugs.launchpad.net/bugs/1418279

Title:
  Automount NFSv4 doesn't work

Status in autofs package in Ubuntu:
  Incomplete

Bug description:
  I'm trying to use NFSv4 automount within an lxc container,  however,
  it doesn't work (it works for Solaris zones, so that's not an server
  issue).

  > cd /net/pkg/<TAB>
  /net/pkg/ not found

  > cat /etc/auto.master 
  /net	-hosts
  +dir:/etc/auto.master.d
  +auto.master

  The following log message makes me suspicious (comes 3-4 times):
  [Feb 5 01:51] audit: type=1400 audit(1423099036.365:94): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxc-container-default" name="/tmp/autoHBYlmU/" pid=27748 comm="mount" srcname="/tmp/autogYuIlN/" flags="rw, bind"

  But AFAICS rw,bind is allowed:
  >cat /etc/apparmor.d/lxc/lxc-default
  profile lxc-container-default flags=(attach_disconnected,mediate_deleted) {
    deny mount fstype=devpts,
  	mount options=(rw, rbind),
  	mount fstype=nfs,
  	mount fstype=nfs4,
  	mount fstype=rpc_pipefs,
  	mount fstype=autofs,
  }
  That's the profile in the global/parent zone used by all our containers. So not sure, whether it is actually a NFSv4 or apparmor bug ...

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/autofs/+bug/1418279/+subscriptions

More information about the foundations-bugs mailing list