Problems using NFS

[Adrian Albin-Clark]

Version: 1.6

OS: CentOS 7

I have created a space for the local filesystem (default) which works fine. 

However, to accommodate very large transfers and storage, a second space, using NFS, has been created which is proving to be problematic.

I have used two symlinking strategies for the NFS mount (/datasets):

1) In /var

archivematica -> /datasets/lib-archive/var/archivematica/

 

2) In /var/archivematica (currently using)

ingest -> /datasets/lib-archive/var/archivematica/ingest/

sharedDirectory -> /datasets/lib-archive/var/archivematica/sharedDirectory/

storage_service -> /datasets/lib-archive/var/archivematica/storage_service/

storage-service

Test transfer:

ingest/

└── aac

    └── foo.txt

The transfer fails almost immediately within the Micro-service: Verify transfer compliance, on Job: Set file permissions.

The detail for the failed job:

Command: setDirectoryPermissionsForAppraisal_v0.0 

"/var/archivematica/sharedDirectory/watchedDirectories/activeTransfers/standardTransfer/aac/"

STDERR

chown: changing ownership of ‘/var/archivematica/sharedDirectory/watchedDirectories/activeTransfers/standardTransfer/aac/foo.txt’: Operation not permitted

chown: changing ownership of ‘/var/archivematica/sharedDirectory/watchedDirectories/activeTransfers/standardTransfer/aac/’: Operation not permitted

This is the same error obtained in a shell when trying to chown anything on the NFS volume.

I edited setDirectoryPermissionsForAppraisal.sh to make it exit early before it does anything, just to see how essential it is. Everything in the preservation process is reported as being successful but Storing the AIP fails (nothing in logs):

Command: storeAIP_v0.0 "/api/v2/location/80c5e725-f785-442b-a03d-40bbd7f3fb09/" "/var/archivematica/sharedDirectory/currentlyProcessing/aac-a1dcbc4d-bc73-42ad-9174-fc4a37062967/aac-a1dcbc4d-bc73-42ad-9174-fc4a37062967.7z" "a1dcbc4d-bc73-42ad-9174-fc4a37062967" "aac" "SIP"

STDERR

SIP creation failed.  See Storage Service logs for more details

Server Error 500: http://localhost:8001/api/v2/file/

Tinkering like this though feels very much like trial-and-error and in this case, it doesn't actually fix the problem.

Am I missing something?

Best wishes

Adrian

--

Dr Adrian Albin-Clark

Digital Developer

Lancaster University Library

@aalbinclark

[Mike Winter]

Hi Adrian, all of the Archivematica services run as user 'archivematica' and need read and write permissions on any file system you are using. This can be complicated to get right sometimes on NFS mounts as they use uids and gids from the host machine. We have a similar setup with the processing and storage directories on a NFS mount and we add the archivematica user to the group that owns the mount. You can check if your permissions are correct by enabling a shell temporarily in /etc/passwd for the archivematica user (change /bin/false to /bin/bash) and then create and modify files as that user until you are satisfied that the 'archivematica' user is properly credentialed. 

If your problems go deeper than than, then you should check the storage service logs at /var/log/archivematica/storage_service/ to get more in-depth error logs.

Mike

[benn...@appstate.edu]

Don't know if this will help or if you  are at a point where changes may be made.  I am having issues similar but what I have done is before installation, using a mapped nfs lets call nfsvol, I map /usr/lib/archivematica to /nfsvol/usr/lib/archivematica and /var/archivematica to /nfsvol/var/archivematica and then do the install.  I set my storage location to /nfsvol/default_locations.

So far there is one place still wanting to use relative paths which is causing a problem, working on that now.

Thomas

[Adrian Albin-Clark]

Hi Mike

Am I right in thinking that you are in control of the NFS server and that you are able to add a UID for the Archivematica user on the NFS server with the same (or mapped) UID as on the NFS client?

We mount NFS shares provided and configured by a central computing service. The UID is 33251 and GID is 225 for all directories and files once they are on the share. No sudo operations are possible such as chown.

Adrian

[Adrian Albin-Clark]

Solution

Edit /usr/lib/archivematica/MCPClient/clientScripts/setDirectoryPermissionsForAppraisal.sh. Comment out the chown code. Change any permissions starting with 6 to 770.