On Tue, 23 May 2017 02:49:21 AM Michael Biebl wrote:
> > Sorry for the delay in responding. I've attached those files.
>
> The configuration you attached doesn't seem to match up.
> E.g. the original fstab didn't have x-systemd.automount.
I've set the system to not use automount, rebooted it, and run those commands
again.
> The ExecMount shows that mount has apparently been called as
> /bin/mount 10.10.10.1:/mailstore /mail -t nfs -o
> context=system_u:object_r:mail_spool_t:s0,x-systemd.automount
>
> I.e. "context=system_u:object_r:mail_spool_t:s0" has been passed along
> correctly.
>
> Are you absolutely sure it was actually systemd which has mounted
> /mailstore?
In the case of x-automount absolutely. In the case of not using automount,
how else would it be happening?
On Tue, 23 May 2017 03:05:59 AM Michael Biebl wrote:
> What happens, if you run
>
> umount /mail
> mount 10.10.10.1:/mailstore /mail -t nfs -o
> context=system_u:object_r:mail_spool_t:s0,x-systemd.automount
>
> Are the options correctly applied then?
# ls -ldZ /mail
drwxr-xr-x. 1 vmail vmail system_u:object_r:nfsd_rw_t:s0 754 May 10 12:41
/mail
# umount /mail ; mount /mail
# ls -ldZ /mail
drwxr-xr-x. 1 vmail vmail system_u:object_r:mail_spool_t:s0 754 May 10 12:41
/mail
Yes, it works fine.
I've also attached the latest version of /etc/fstab.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
Where=/mail
What=10.10.10.1:/mailstore
Options=rw,relatime,seclabel,vers=4.2,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=10.10.10.24,local_lock=none,addr=10.10.10.1
Type=nfs4
TimeoutUSec=1min 30s
ControlPID=0
DirectoryMode=0755
SloppyOptions=no
LazyUnmount=no
ForceUnmount=no
Result=success
UID=4294967295
GID=4294967295
ExecMount={ path=/bin/mount ; argv[]=/bin/mount 10.10.10.1:/mailstore /mail -t
nfs -o context=system_u:object_r:mail_spool_t:s0 ; ignore_errors=no ;
start_time=[Tue 2017-05-23 15:06:30 AEST] ; stop_time=[Tue 2017-05-23 15:06:30
AEST] ; pid=496 ; code=exited ; status=0 }
Slice=system.slice
ControlGroup=/system.slice/mail.mount
MemoryCurrent=18446744073709551615
CPUUsageNSec=18446744073709551615
TasksCurrent=0
Delegate=no
CPUAccounting=no
CPUWeight=18446744073709551615
StartupCPUWeight=18446744073709551615
CPUShares=18446744073709551615
StartupCPUShares=18446744073709551615
CPUQuotaPerSecUSec=infinity
IOAccounting=no
IOWeight=18446744073709551615
StartupIOWeight=18446744073709551615
BlockIOAccounting=no
BlockIOWeight=18446744073709551615
StartupBlockIOWeight=18446744073709551615
MemoryAccounting=no
MemoryLow=0
MemoryHigh=18446744073709551615
MemoryMax=18446744073709551615
MemorySwapMax=18446744073709551615
MemoryLimit=18446744073709551615
DevicePolicy=auto
TasksAccounting=yes
TasksMax=4915
UMask=0022
LimitCPU=18446744073709551615
LimitCPUSoft=18446744073709551615
LimitFSIZE=18446744073709551615
LimitFSIZESoft=18446744073709551615
LimitDATA=18446744073709551615
LimitDATASoft=18446744073709551615
LimitSTACK=18446744073709551615
LimitSTACKSoft=8388608
LimitCORE=18446744073709551615
LimitCORESoft=0
LimitRSS=18446744073709551615
LimitRSSSoft=18446744073709551615
LimitNOFILE=4096
LimitNOFILESoft=1024
LimitAS=18446744073709551615
LimitASSoft=18446744073709551615
LimitNPROC=7977
LimitNPROCSoft=7977
LimitMEMLOCK=65536
LimitMEMLOCKSoft=65536
LimitLOCKS=18446744073709551615
LimitLOCKSSoft=18446744073709551615
LimitSIGPENDING=7977
LimitSIGPENDINGSoft=7977
LimitMSGQUEUE=819200
LimitMSGQUEUESoft=819200
LimitNICE=0
LimitNICESoft=0
LimitRTPRIO=0
LimitRTPRIOSoft=0
LimitRTTIME=18446744073709551615
LimitRTTIMESoft=18446744073709551615
OOMScoreAdjust=0
Nice=0
IOScheduling=0
CPUSchedulingPolicy=0
CPUSchedulingPriority=0
TimerSlackNSec=50000
CPUSchedulingResetOnFork=no
NonBlocking=no
StandardInput=null
StandardOutput=inherit
StandardError=inherit
TTYReset=no
TTYVHangup=no
TTYVTDisallocate=no
SyslogPriority=30
SyslogLevelPrefix=yes
SyslogLevel=6
SyslogFacility=3
SecureBits=0
CapabilityBoundingSet=18446744073709551615
AmbientCapabilities=0
DynamicUser=no
RemoveIPC=no
MountFlags=0
PrivateTmp=no
PrivateDevices=no
ProtectKernelTunables=no
ProtectKernelModules=no
ProtectControlGroups=no
PrivateNetwork=no
PrivateUsers=no
ProtectHome=no
ProtectSystem=no
SameProcessGroup=yes
UtmpMode=init
IgnoreSIGPIPE=yes
NoNewPrivileges=no
SystemCallErrorNumber=0
RuntimeDirectoryMode=0755
MemoryDenyWriteExecute=no
RestrictRealtime=no
RestrictNamespace=2114060288
KillMode=control-group
KillSignal=15
SendSIGKILL=yes
SendSIGHUP=no
Id=mail.mount
Names=mail.mount
Requires=-.mount system.slice
Wants=network-online.target
RequiredBy=remote-fs.target
Conflicts=umount.target
Before=remote-fs.target umount.target
After=remote-fs-pre.target -.mount network.target network-online.target
system.slice
RequiresMountsFor=/
Documentation=man:fstab(5) man:systemd-fstab-generator(8)
Description=/mail
LoadState=loaded
ActiveState=active
SubState=mounted
FragmentPath=/run/systemd/generator/mail.mount
SourcePath=/etc/fstab
UnitFileState=generated
UnitFilePreset=enabled
StateChangeTimestamp=Tue 2017-05-23 15:06:30 AEST
StateChangeTimestampMonotonic=9539774
InactiveExitTimestamp=Tue 2017-05-23 15:06:30 AEST
InactiveExitTimestampMonotonic=9219265
ActiveEnterTimestamp=Tue 2017-05-23 15:06:30 AEST
ActiveEnterTimestampMonotonic=9461320
ActiveExitTimestampMonotonic=0
InactiveEnterTimestampMonotonic=0
CanStart=yes
CanStop=yes
CanReload=yes
CanIsolate=no
StopWhenUnneeded=no
RefuseManualStart=no
RefuseManualStop=no
AllowIsolate=no
DefaultDependencies=yes
OnFailureJobMode=replace
IgnoreOnIsolate=yes
NeedDaemonReload=no
JobTimeoutUSec=infinity
JobTimeoutAction=none
ConditionResult=yes
AssertResult=yes
ConditionTimestamp=Tue 2017-05-23 15:06:30 AEST
ConditionTimestampMonotonic=9216537
AssertTimestamp=Tue 2017-05-23 15:06:30 AEST
AssertTimestampMonotonic=9216538
Transient=no
Perpetual=no
StartLimitIntervalSec=10000000
StartLimitBurst=5
StartLimitAction=none
InvocationID=d78fd689101d421eae7c14ce35a581b3
â mail.mount - /mail
Loaded: loaded (/etc/fstab; generated; vendor preset: enabled)
Active: active (mounted) since Tue 2017-05-23 15:06:30 AEST; 37s ago
Where: /mail
What: 10.10.10.1:/mailstore
Docs: man:fstab(5)
man:systemd-fstab-generator(8)
Process: 496 ExecMount=/bin/mount 10.10.10.1:/mailstore /mail -t nfs -o
context=system_u:object_r:mail_spool_t:s0 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 4915)
CGroup: /system.slice/mail.mount
May 23 15:06:30 swssmtp systemd[1]: Mounting /mail...
May 23 15:06:30 swssmtp systemd[1]: Mounted /mail.
/dev/vda / ext4 noatime 0 1
/dev/vdb swap swap defaults 0 0
10.10.10.1:/mailstore /mail nfs
context=system_u:object_r:mail_spool_t:s0 0 0
#10.10.10.1:/mailstore /mail nfs
context=system_u:object_r:mail_spool_t:s0,x-systemd.automount 0 0
