Bug 1294809 - mount options no longer valid: noexec, nosuid, noatime
Summary: mount options no longer valid: noexec, nosuid, noatime
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: GlusterFS
Classification: Community
Component: fuse
Version: mainline
Hardware: x86_64
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Niels de Vos
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 1162910 1294811 1297182
TreeView+ depends on / blocked
 
Reported: 2015-12-30 12:30 UTC by Niels de Vos
Modified: 2016-06-16 13:53 UTC (History)
1 user (show)

Fixed In Version: glusterfs-3.8rc2
Doc Type: Bug Fix
Doc Text:
Clone Of: 1162910
: 1294811 (view as bug list)
Environment:
Last Closed: 2016-06-16 13:53:22 UTC
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Embargoed:

Attachments (Terms of Use)

Description Niels de Vos 2015-12-30 12:30:55 UTC 
+++ This bug was initially created as a clone of Bug #1162910 +++
+++                                                           +++
+++ Use this bug to provide a fix in the master branch.       +++

Description of problem:
After upgrading to 3.6.1 from upstream repo, Gluster clients no longer support the following mount options:
* noatime
* noexec
* nosuid


Version-Release number of selected component (if applicable): 3.6.1


How reproducible: Always


Steps to Reproduce:
1. upgrade to Gluster 3.6.1
2. mount -t glusterfs -o noexec,nosuid,noatime gluster-t1:/epa /mnt


Actual results:
root@gluster-t1:TESTING:~> mount -t glusterfs -o noatime,noexec,nosuid gluster-t1:/epa /mnt
Invalid option noatime
root@gluster-t1:TESTING:~> mount -t glusterfs -o noexec,nosuid gluster-t1:/epa /mnt
Invalid option noexec
root@gluster-t1:TESTING:~> mount -t glusterfs -o nosuid gluster-t1:/epa /mntInvalid option nosuid
root@gluster-t1:TESTING:~> mount -t glusterfs gluster-t1:/epa /mnt
root@gluster-t1:TESTING:~>

Expected results:
With Gluster 3.5.2, all three mount options worked (or, at least, did not prevent a mount).

--- Additional comment from David E. Smith on 2015-03-04 23:38:27 CET ---

I can confirm that this bug also affects GlusterFS (upstream) 3.6.2.

The bug also affects the context mount option (for applying SELinux security context info on the mounted file system).

--- Additional comment from David E. Smith on 2015-08-28 16:58:33 CEST ---

This issue still exists, and appears to affect RHNSC (not-upstream) 3.7.

On a fully-updated RHEL 6.7 system, I subscribed to the rhel-6-server-rhs-client-1-rpms channel, ran 'yum install glusterfs-fuse', then tried to mount a remote Gluster file system with the 'context' and 'noatime' options. In both cases, I'm told that the options are invalid. I can remove noatime and context and then mount the file system, but obviously I lose some functionality.

--- Additional comment from Khoi Mai on 2015-11-16 18:31:07 CET ---

Description of problem:  mount option 'noexec' in /etc/fstab  for gluster filesystems are no longer honored.  Currently running glusterfs-fuse-3.6.0.54-1.el6.x86_64 on Linux 2.6.32-573.7.1.el6.x86_64 CentOS


Version-Release number of selected component (if applicable):
 glusterfs --version
glusterfs 3.6.0.54 built on Jul 24 2015 08:29:03


How reproducible:
yes, happens every time when I try to mount the gluster filesystem with noexec option.  My client recently upgraded from 3.5.3 to 3.6.0.
man 8 /sbin/mount.glusterfs
also does not show that option being available.
The same result if i try to mount it manually or through /etc/fstab.  /content is a gluster filesystem with these options in /etc/fstab

omhq1439:/teststatic   /content        glusterfs     _netdev,ro,noatime,defaults,backupvolfile-server=omhq1444,fetch-attempts=5        1 2

[root@vx1ac9 ~]# mount /content
Invalid option noexec


on a server that is running glusterfs-fuse-3.5.3. i am able to mount a gluster filesystem with the 'noexec' option.  The same result if i try to mount it manually or through /etc/fstab.

omhq1826:/khoi on /mnt type fuse.glusterfs (rw,noexec,nosuid,nodev,default_permissions,allow_other,max_read=131072)

Steps to Reproduce:
1.  leave noexec as a mount option in /etc/fstab
2. mount the gluster filesystem that has that flag
3. mount via command line has the same results.

Actual results:
Invalid option noexec


Expected results:
i expect to be able to mount 'noexec' on any filesystem using the mount commmand

--- Additional comment from James Oguya on 2015-12-30 12:30:55 CET ---

This bug is still present on 3.7.6. After upgrading from 3.5.5 to 3.7.6, I can no longer use noatime option when mounting volumes.
# glusterfs --version
glusterfs 3.7.6 built on Nov  9 2015 15:19:41
Repository revision: git://git.gluster.com/glusterfs.git
Copyright (c) 2006-2013 Red Hat, Inc. <http://www.redhat.com/>
GlusterFS comes with ABSOLUTELY NO WARRANTY.
It is licensed to you under your choice of the GNU Lesser
General Public License, version 3 or any later version (LGPLv3
or later), or the GNU General Public License, version 2 (GPLv2),
in all cases as published by the Free Software Foundation.

# cat /etc/fstab
wingu3:homes /home glusterfs defaults,noatime,acl,_netdev,backupvolfile-server=wingu4 0 0
# mount -o=remount /home
Invalid option noatime

My quick fix involved removing the noatime mount option on the client and using it to mount bricks on the backend servers.
I still have to do some tests to confirm how this affects performance.

--- Additional comment from Niels de Vos on 2015-12-30 13:29:22 CET ---

Some of the default mount options were made invalid with glusterfs-3.6. The /sbin/mount.glusterfs script changed heavily and now requires all valid mount options to be listed. Earlier versions (glusterfs-3.5 and before) passed all unknown mount options on to fuse.

noatime, nodev, noexec and probably more will need to be added in a similar fashion as was done for SElinux options in http://review.gluster.org/12858
Comment 1 Vijay Bellur 2016-01-04 10:15:21 UTC 
REVIEW: http://review.gluster.org/13166 (fuse: pass standard mount options to the kernel) posted (#1) for review on master by Niels de Vos (ndevos)
Comment 2 Vijay Bellur 2016-01-08 11:59:19 UTC 
REVIEW: http://review.gluster.org/13166 (fuse: pass standard mount options to the kernel) posted (#2) for review on master by Niels de Vos (ndevos)
Comment 3 Vijay Bellur 2016-01-24 11:43:18 UTC 
COMMIT: http://review.gluster.org/13166 committed in master by Niels de Vos (ndevos) 
------
commit a5b352a703574b894e0b7cdbf16bea637dab75e8
Author: Niels de Vos <ndevos>
Date:   Sun Jan 3 12:57:29 2016 +0100

    fuse: pass standard mount options to the kernel
    
    Some of the default mount options were made invalid with glusterfs-3.6.
    The /sbin/mount.glusterfs script changed heavily and now requires all
    valid mount options to be listed. Earlier versions (glusterfs-3.5 and
    before) passed all unknown mount options on to fuse.
    
    With this change, all mount options from 'man 8 mount' are explicitly
    included in the /sbin/mount.glusterfs script. Some of the options are
    marked with TODO, these are not commonly used and may require some
    additional support in Gluster/FUSE too.
    
    BUG: 1294809
    Change-Id: Ic312140d7318b54523996bb08772ff065af7eb27
    Signed-off-by: Niels de Vos <ndevos>
    Reviewed-on: http://review.gluster.org/13166
    Reviewed-by: Kaleb KEITHLEY <kkeithle>
    Smoke: Gluster Build System <jenkins.com>
    CentOS-regression: Gluster Build System <jenkins.com>
    NetBSD-regression: NetBSD Build System <jenkins.org>
Comment 4 Niels de Vos 2016-06-16 13:53:22 UTC 
This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.8.0, please open a new bug report.

glusterfs-3.8.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution.

[1] http://blog.gluster.org/2016/06/glusterfs-3-8-released/
[2] http://thread.gmane.org/gmane.comp.file-systems.gluster.user
Note You need to log in before you can comment on or make changes to this bug.