Puppet - NFS read only
132 views
Skip to first unread message
willi....@home24.de
Apr 7, 2014, 3:12:50 AM4/7/14
to puppet...@googlegroups.com
Hello,
I want to ensure that an nfs mount exists. The first puppet agent run is successfully but a second run brings the following error:
Error: Failed to set owner to '199': Read-only file system - /mnt/static/exports/media
Error: /Stage[main]/H24-nfs::Mount::Static/File[/mnt/static/exports/media]/owner: change from www-data to www-sync failed: Failed to set owner to '199': Read-only file system - /mnt/static/exports/media
Error: Failed to set group to '33': Read-only file system - /mnt/static/exports/media
Error: /Stage[main]/H24-nfs::Mount::Static/File[/mnt/static/exports/media]/group: change from nogroup to www-data failed: Failed to set group to '33': Read-only file system - /mnt/static/exports/media
The filesystem should be set to read only. When I remove owner, group it working.
file { ["/mnt/static", "/mnt/static/exports/", "/mnt/static/exports/media"]:
ensure => 'directory',
owner => "www-sync",
group => "www-data",
mode => 775,
require => Package["nfs-common"],
}
mount { "${mount}":
device => "${nfsserver}:${export}",
fstype => "nfs",
ensure => "mounted",
remounts => false,
options => "ro,sync,intr,noatime,nodiratime,rsize=8192",
atboot => "true",
require => File["/mnt/static", "/mnt/static/exports/", "/mnt/static/exports/media"],
}
Regards - Willi
Christopher Wood
Apr 7, 2014, 8:57:39 AM4/7/14
to puppet...@googlegroups.com
NFS will set the directory's user/group to the user/group of the mounted export, not the local directory's user/group. In your example below what happens is:
file resource sets the uid/gid
mount resource mounts an export with a different uid/gid as read-only
(ro in your mount options)
file resource attempts to set uid/gid back on the next run but the mounted export is read-only so it gets the permission denied
Since the uid/gid of the mounted export is what matters, your options are as follows:
a) mount the nfs export read/write (rw not ro, rw is the default) so that puppet can modify the remote volume's user/group
(this is probably not what you want, to have many servers modifying a remote resource)
b) don't have the file resource set owner/group/mode
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [1]puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> [2]https://groups.google.com/d/msgid/puppet-users/0065fe5a-c567-4482-906a-ca21ce6f0b69%40googlegroups.com.
> For more options, visit [3]https://groups.google.com/d/optout.
>
> References
>
> Visible links
> 1. mailto:puppet-users...@googlegroups.com
> 2. https://groups.google.com/d/msgid/puppet-users/0065fe5a-c567-4482-906a-ca21ce6f0b69%40googlegroups.com?utm_medium=email&utm_source=footer
> 3. https://groups.google.com/d/optout
file resource sets the uid/gid
mount resource mounts an export with a different uid/gid as read-only
(ro in your mount options)
file resource attempts to set uid/gid back on the next run but the mounted export is read-only so it gets the permission denied
Since the uid/gid of the mounted export is what matters, your options are as follows:
a) mount the nfs export read/write (rw not ro, rw is the default) so that puppet can modify the remote volume's user/group
(this is probably not what you want, to have many servers modifying a remote resource)
b) don't have the file resource set owner/group/mode
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [1]puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> [2]https://groups.google.com/d/msgid/puppet-users/0065fe5a-c567-4482-906a-ca21ce6f0b69%40googlegroups.com.
> For more options, visit [3]https://groups.google.com/d/optout.
>
> References
>
> Visible links
> 1. mailto:puppet-users...@googlegroups.com
> 2. https://groups.google.com/d/msgid/puppet-users/0065fe5a-c567-4482-906a-ca21ce6f0b69%40googlegroups.com?utm_medium=email&utm_source=footer
> 3. https://groups.google.com/d/optout
Reply all
Reply to author
Forward
0 new messages