NFS Lab issue in check

ppnehe · November 19, 2020, 11:20am

hello Sir ,

In NFS LAB Q 9 everything is fine till Q8 and it’s checks
but lab does not pass on this question even if below command is succefully given on nfs-server

bob@nfs-lab-server:~$ sudo exportfs -o 172.16.238.187:/software/repos

Can you please review and comment what is missing here ?

As taught in the lesson earlier we do not want to give sudo exports -a
As this command will not achieve the purpose of restricting access only to Bob’s laptop

I believe hint file should have included above command or correction if I am making any error here.


Q9 : 
Back on the  `nfs-lab-server`  export the directory  `/software/repos`  to Bob's laptop.

Use the export definition in the  `/etc/exports`  file.

Check

* *info_outline* Hint

* Tasks not completed!

* Task completed?

Command 'docker exec -w /questions test_infra pytest test_nfs.py' returned non-zero exit status 1.

/software/repos is not exported

===================================================

Output 

===============================================================

bob@nfs-lab-server:~$ cat /etc/exports
# /etc/exports: the access control list for filesystems which may be exported
#               to NFS clients.  See exports(5).
#
# Example for NFSv2 and NFSv3:
# /srv/homes       hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
#
# Example for NFSv4:
# /srv/nfs4        gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
# /srv/nfs4/homes  gss/krb5i(rw,sync,no_subtree_check)
#
/software/repos 172.16.238.187
bob@nfs-lab-server:~$
bob@nfs-lab-server:~$ sudo exportfs -o 172.16.238.187:/software/repos
[sudo] password for bob:
bob@nfs-lab-server:~$
bob@nfs-lab-server:~$

bob@nfs-lab-server:~$
bob@nfs-lab-server:~$ cat /etc/hosts
127.0.0.1       localhost
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.16.238.187  caleston-lp10
 172.16.238.190 centos-lab
172.16.238.101  nfs-lab-server
bob@nfs-lab-server:~$

=====================================================

Output from Bob laptop 

bob@caleston-lp10:~$ ls -al /mnt
total 16
drwxr-xr-x 4 root root 4096 May 23 03:52 .
drwxr-xr-x 1 root root 4096 Nov 19 10:54 ..
drwxr-xr-x 2 root root 4096 May 23 03:52 data
drwxr-xr-x 2 root root 4096 May 23 03:49 nfs
bob@caleston-lp10:~$
bob@caleston-lp10:~$ sudo mount 172.16.238.101:/software/repos /mnt/data
mount.nfs: access denied by server while mounting 172.16.238.101:/software/repos
bob@caleston-lp10:~$
bob@caleston-lp10:~$ mount | grep 101
bob@caleston-lp10:~$
bob@caleston-lp10:~$ mount
overlay on / type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay/3a05bbcd391c28684a98888d1112cf00f02ead505b468e5a7e62355dfc34e021/root,upperdir=/var/lib/docker/overlay/c39ac69add752af896b30f3280a3b9b53248e9e25a9e64e835931ddbe750400f/upper,workdir=/var/lib/docker/overlay/c39ac69add752af896b30f3280a3b9b53248e9e25a9e64e835931ddbe750400f/work)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
udev on /dev type devtmpfs (rw,nosuid,relatime,size=1996156k,nr_inodes=499039,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)mqueue on /dev/mqueue type mqueue (rw,relatime)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,pagesize=2M)
/dev/mapper/host01--vg-root on /lib/modules type ext4 (rw,relatime,errors=remount-ro,data=ordered)/dev/mapper/host01--vg-root on /etc/resolv.conf type ext4 (rw,relatime,errors=remount-ro,data=ordered)
/dev/mapper/host01--vg-root on /etc/hostname type ext4 (rw,relatime,errors=remount-ro,data=ordered)
/dev/mapper/host01--vg-root on /etc/hosts type ext4 (rw,relatime,errors=remount-ro,data=ordered)shm on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)
cgroup on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate)cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,name=systemd)
cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
cgroup on /sys/fs/cgroup/rdma type cgroup (rw,nosuid,nodev,noexec,relatime,rdma)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
tmpfs on /run type tmpfs (rw,nosuid,nodev,mode=755)
tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)
sunrpc on /run/rpc_pipefs type rpc_pipefs (rw,relatime)
configfs on /sys/kernel/config type configfs (rw,relatime)
fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)
bob@caleston-lp10:~$
bob@caleston-lp10:~$ findmnt
TARGET                                SOURCE    FSTYPE     OPTIONS
/                                     overlay   overlay    rw,relatime,lowerdir=/var/lib/docker/overlay/3a05bbc
|-/run                                tmpfs     tmpfs      rw,nosuid,nodev,mode=755
| |-/run/lock                         tmpfs     tmpfs      rw,nosuid,nodev,noexec,relatime,size=5120k
| `-/run/rpc_pipefs                   sunrpc    rpc_pipefs rw,relatime
|-/proc                               proc      proc       rw,nosuid,nodev,noexec,relatime
|-/sys                                sysfs     sysfs      rw,nosuid,nodev,noexec,relatime
| |-/sys/kernel/config                configfs  configfs   rw,relatime
| |-/sys/fs/fuse/connections          fusectl   fusectl    rw,relatime
| `-/sys/fs/cgroup                    tmpfs     tmpfs      ro,nosuid,nodev,noexec,mode=755
|   |-/sys/fs/cgroup/unified          cgroup    cgroup2    rw,nosuid,nodev,noexec,relatime,nsdelegate
|   |-/sys/fs/cgroup/systemd          cgroup    cgroup     rw,nosuid,nodev,noexec,relatime,xattr,name=systemd
|   |-/sys/fs/cgroup/pids             cgroup    cgroup     rw,nosuid,nodev,noexec,relatime,pids
|   |-/sys/fs/cgroup/blkio            cgroup    cgroup     rw,nosuid,nodev,noexec,relatime,blkio
|   |-/sys/fs/cgroup/memory           cgroup    cgroup     rw,nosuid,nodev,noexec,relatime,memory
|   |-/sys/fs/cgroup/hugetlb          cgroup    cgroup     rw,nosuid,nodev,noexec,relatime,hugetlb
|   |-/sys/fs/cgroup/rdma             cgroup    cgroup     rw,nosuid,nodev,noexec,relatime,rdma
|   |-/sys/fs/cgroup/cpu,cpuacct      cgroup    cgroup     rw,nosuid,nodev,noexec,relatime,cpu,cpuacct
|   |-/sys/fs/cgroup/freezer          cgroup    cgroup     rw,nosuid,nodev,noexec,relatime,freezer
|   |-/sys/fs/cgroup/net_cls,net_prio cgroup    cgroup     rw,nosuid,nodev,noexec,relatime,net_cls,net_prio
|   |-/sys/fs/cgroup/cpuset           cgroup    cgroup     rw,nosuid,nodev,noexec,relatime,cpuset
|   |-/sys/fs/cgroup/devices          cgroup    cgroup     rw,nosuid,nodev,noexec,relatime,devices
|   `-/sys/fs/cgroup/perf_event       cgroup    cgroup     rw,nosuid,nodev,noexec,relatime,perf_event
|-/dev                                udev      devtmpfs   rw,nosuid,relatime,size=1996156k,nr_inodes=499039,mo
| |-/dev/pts                          devpts    devpts     rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=00
| |-/dev/shm                          tmpfs     tmpfs      rw,nosuid,nodev
| | `-/dev/shm                        shm       tmpfs      rw,nosuid,nodev,noexec,relatime,size=65536k
| |-/dev/mqueue                       mqueue    mqueue     rw,relatime
| `-/dev/hugepages                    hugetlbfs hugetlbfs  rw,relatime,pagesize=2M
|-/lib/modules                        /dev/mapper/host01--vg-root[/var/lib/docker/volumes/0c6f81511949febe8982bd483f9ac43f842f31c69b970d6bb495cd7e020ec044/_data]
|                                               ext4       rw,relatime,errors=remount-ro,data=ordered
|-/etc/resolv.conf                    /dev/mapper/host01--vg-root[/var/lib/docker/containers/0290accd7c51b4d8f51b35826cc2512aa983f96a87b7651ba9b42fb15ea4b1b5/resolv.conf]
|                                               ext4       rw,relatime,errors=remount-ro,data=ordered
|-/etc/hostname                       /dev/mapper/host01--vg-root[/var/lib/docker/containers/0290accd7c51b4d8f51b35826cc2512aa983f96a87b7651ba9b42fb15ea4b1b5/hostname]
|                                               ext4       rw,relatime,errors=remount-ro,data=ordered
`-/etc/hosts                          /dev/mapper/host01--vg-root[/var/lib/docker/containers/0290accd7c51b4d8f51b35826cc2512aa983f96a87b7651ba9b42fb15ea4b1b5/hosts]
                                                ext4       rw,relatime,errors=remount-ro,data=ordered
bob@caleston-lp10:~$
bob@caleston-lp10:~$
bob@caleston-lp10:~$
bob@caleston-lp10:~$

ppnehe · November 19, 2020, 11:26am

Looks like the check passes with

exportfs -a command but this defies the logic of using exportfs -0 command which is taught in the course.

with best regards
Pradeep nehe

Tej-Singh-Rana · November 20, 2020, 3:07am

Hello, @ppnehe
Let me check.

Tej-Singh-Rana · November 20, 2020, 3:24am

I have seen that sudo exportfs -o command shows the content as we specified in the /etc/exportfs file. To export all specified directories in the /etc/exportfs we have to do sudo exportfs -a.

ppnehe · November 20, 2020, 1:47pm

Yes that’s correct .

But this Q9 in the lab does not pass on this question even if below command is succefully given on nfs-server

bob@nfs-lab-server:~$ sudo exportfs -o 172.16.238.187:/software/repos

Can you please review and comment what is missing here ?

with best regards
Pradeep Nehe

ppnehe · January 14, 2021, 10:53am

Can you please review and comment what is missing here ?

ppnehe · January 14, 2021, 10:54am

Yes that’s correct .

But this Q9 in the lab does not pass on this question even if below command is succefully given on nfs-server

bob@nfs-lab-server:~$ sudo exportfs -o 172.16.238.187:/software/repos

Can you please review and comment what is missing here ?

with best regards
Pradeep Nehe

Ayman · January 15, 2021, 9:40pm

Check:

check

In earlier versions the default was different and you did not have to specify it. In later versions, the default behavior has been changed, and you receive a warning if you don’t specify.

Check here: http://linux.die.net/man/5/exports whether you want to enable subtree checking or you want to stick to the default. In either case, specify the option explicitly and the warning disappears. Note the recommendation is to have it disabled.