#3213 PR closed: mount /tmp with tmpfs option for Veeam V12.1 and later¶
Labels: enhancement
idna38 opened issue at 2024-04-30 21:15:¶
Relax-and-Recover (ReaR) Pull Request Template¶
Please fill in the following items before submitting a new pull request:
Pull Request Details:¶
-
Type: Enhancement
-
Impact: Normal
-
How was this pull request tested?
On every Veeam supported Linux distribution
RHEL 9.x
RHEL 8.x
Debian 10.13
Debian 11.9
Debian 12.5
Ubuntu 18.04
Ubuntu 20.04
Ubuntu 22.04
SLES 12 SP5
SLES 15 SP5 -
Description of the changes in this pull request:
mount the /tmp directory with tmpfs option, otherwise veeammount command will fail with versions 12.1 and above
schlomo commented at 2024-05-01 10:08:¶
@idna38 is there any requirement for the tmpfs on /tmp? Like a
certain minimum size or something else?
jsmeix commented at 2024-05-02 07:17:¶
I have a general understanding question
i.e. the next level WHY behind the first level WHY
(that is "needed because otherwise some command fails"):
I like to understand WHY some commands fail
when '/tmp/' has no mount source or is not a 'tmpfs'
but most other commands seem to "just work"
when '/tmp/' is "just a normal directory" regardless
if it has a mount source or is a 'tmpfs'.
In the ReaR recovery system '/tmp/' is a normal directory
RESCUE localhost:~ # ls -ld /tmp
drwxr-xr-x 2 root root 0 May 2 08:41 /tmp
versus e.g. on my openSUSE Leap 15.5 system
# ls -ld /tmp
drwxrwxrwt 19 root root 4096 May 2 08:52 /tmp
So non-root users cannot use '/tmp/'
in the ReaR recovery system
RESCUE nobody@localhost:/> echo hello >/tmp/hello
-bash: /tmp/hello: Permission denied
but normally that should not matter because
normally only 'root' is used in the ReaR recovery system.
In the ReaR recovery system '/' has no mount source:
RESCUE localhost:~ # findmnt -a
TARGET SOURCE FSTYPE OPTIONS
/ none rootfs rw
|-/proc proc proc rw,nosuid,nodev,noexec,relatime
| `-/proc none proc rw,relatime
|-/sys sysfs sysfs rw,nosuid,nodev,noexec,relatime
| |-/sys/kernel/security securityfs securityfs rw,nosuid,nodev,noexec,relatime
| |-/sys/fs/cgroup tmpfs tmpfs ro,nosuid,nodev,noexec,size=4096k,nr_inodes=1024,mode=755,inode64
| | |-/sys/fs/cgroup/unified cgroup2 cgroup2 rw,nosuid,nodev,noexec,relatime,nsdelegate
| | |-/sys/fs/cgroup/systemd cgroup cgroup rw,nosuid,nodev,noexec,relatime,xattr,name=systemd
| | |-/sys/fs/cgroup/freezer cgroup cgroup rw,nosuid,nodev,noexec,relatime,freezer
| | |-/sys/fs/cgroup/cpuset cgroup cgroup rw,nosuid,nodev,noexec,relatime,cpuset
| | |-/sys/fs/cgroup/net_cls,net_prio cgroup cgroup rw,nosuid,nodev,noexec,relatime,net_cls,net_prio
| | |-/sys/fs/cgroup/blkio cgroup cgroup rw,nosuid,nodev,noexec,relatime,blkio
| | |-/sys/fs/cgroup/perf_event cgroup cgroup rw,nosuid,nodev,noexec,relatime,perf_event
| | |-/sys/fs/cgroup/hugetlb cgroup cgroup rw,nosuid,nodev,noexec,relatime,hugetlb
| | |-/sys/fs/cgroup/misc cgroup cgroup rw,nosuid,nodev,noexec,relatime,misc
| | |-/sys/fs/cgroup/cpu,cpuacct cgroup cgroup rw,nosuid,nodev,noexec,relatime,cpu,cpuacct
| | |-/sys/fs/cgroup/pids cgroup cgroup rw,nosuid,nodev,noexec,relatime,pids
| | |-/sys/fs/cgroup/rdma cgroup cgroup rw,nosuid,nodev,noexec,relatime,rdma
| | |-/sys/fs/cgroup/memory cgroup cgroup rw,nosuid,nodev,noexec,relatime,memory
| | `-/sys/fs/cgroup/devices cgroup cgroup rw,nosuid,nodev,noexec,relatime,devices
| |-/sys/fs/pstore pstore pstore rw,nosuid,nodev,noexec,relatime
| `-/sys/fs/bpf bpf bpf rw,nosuid,nodev,noexec,relatime,mode=700
|-/dev devtmpfs devtmpfs rw,nosuid,size=4096k,nr_inodes=1048576,mode=755,inode64
| |-/dev/shm tmpfs tmpfs rw,nosuid,nodev,inode64
| `-/dev/pts devpts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000
| `-/dev/pts none devpts rw,relatime,gid=5,mode=620,ptmxmode=000
|-/run tmpfs tmpfs rw,nosuid,nodev,size=402436k,nr_inodes=819200,mode=755,inode64
`-/etc/machine-id tmpfs[/machine-id] tmpfs ro,size=402436k,nr_inodes=819200,mode=755,inode64
The mount source is none for '/', cf.
https://github.com/rear/rear/blob/master/usr/share/rear/finalize/default/110_bind_mount_proc_sys_dev_run.sh#L47
# It seems the root cause is that within the recovery system / is no mountpoint
# like in a normal running system where e.g. /dev/sda2 is mounted on /
# but within the recovery system / is the plain content of ReaR's initrd
# so /dev does not belong to any mountpoint and that lets bind-mount fail.
So perhaps the reason behind WHY some commands fail
when '/tmp/' has no mount source or is not a 'tmpfs'
is or is related to something of that?
In this case we should fix that generically in ReaR,
for example by always mounting '/tmp/' as 'tmpfs'
plus usual permissions and sticky bit to make '/tmp/'
as same as possible in the ReaR recovery system
as '/tmp/' usually is on the original system?
schlomo commented at 2024-05-02 07:23:¶
I'm actually also wondering if we couldn't solve this problem via the
USE_RAMDISK setting which creates a fixed-size ramdisk for / which
should also provide a mount source. see
jsmeix commented at 2024-05-02 09:07:¶
With USE_RAMDISK="yes"
I get in the ReaR recovery system
RESCUE localhost:~ # dmesg | grep -i ramdisk
[ 0.000000] Command line: initrd=initrd.cgz root=/dev/ram0 vga=normal rw selinux=0 rdinit=/etc/scripts/ramdisk-rootfs debug BOOT_IMAGE=kernel
[ 0.002958] RAMDISK: [mem 0x7bf91000-0x7fffefff]
[ 0.017727] Kernel command line: initrd=initrd.cgz root=/dev/ram0 vga=normal rw selinux=0 rdinit=/etc/scripts/ramdisk-rootfs debug BOOT_IMAGE=kernel
[ 1.593357] Run /etc/scripts/ramdisk-rootfs as init process
[ 1.596084] /etc/scripts/ramdisk-rootfs
RESCUE localhost:~ # findmnt -a
TARGET SOURCE FSTYPE OPTIONS
/ none tmpfs rw,relatime,inode64
|-/proc proc proc rw,nosuid,nodev,noexec,relatime
|-/sys sysfs sysfs rw,nosuid,nodev,noexec,relatime
| |-/sys/kernel/security securityfs securityfs rw,nosuid,nodev,noexec,relatime
| |-/sys/fs/cgroup tmpfs tmpfs ro,nosuid,nodev,noexec,size=4096k,nr_inodes=1024,mode=755,inode64
| | |-/sys/fs/cgroup/unified cgroup2 cgroup2 rw,nosuid,nodev,noexec,relatime,nsdelegate
| | |-/sys/fs/cgroup/systemd cgroup cgroup rw,nosuid,nodev,noexec,relatime,xattr,name=systemd
| | |-/sys/fs/cgroup/net_cls,net_prio cgroup cgroup rw,nosuid,nodev,noexec,relatime,net_cls,net_prio
| | |-/sys/fs/cgroup/freezer cgroup cgroup rw,nosuid,nodev,noexec,relatime,freezer
| | |-/sys/fs/cgroup/cpu,cpuacct cgroup cgroup rw,nosuid,nodev,noexec,relatime,cpu,cpuacct
| | |-/sys/fs/cgroup/cpuset cgroup cgroup rw,nosuid,nodev,noexec,relatime,cpuset
| | |-/sys/fs/cgroup/memory cgroup cgroup rw,nosuid,nodev,noexec,relatime,memory
| | |-/sys/fs/cgroup/misc cgroup cgroup rw,nosuid,nodev,noexec,relatime,misc
| | |-/sys/fs/cgroup/perf_event cgroup cgroup rw,nosuid,nodev,noexec,relatime,perf_event
| | |-/sys/fs/cgroup/devices cgroup cgroup rw,nosuid,nodev,noexec,relatime,devices
| | |-/sys/fs/cgroup/blkio cgroup cgroup rw,nosuid,nodev,noexec,relatime,blkio
| | |-/sys/fs/cgroup/rdma cgroup cgroup rw,nosuid,nodev,noexec,relatime,rdma
| | |-/sys/fs/cgroup/hugetlb cgroup cgroup rw,nosuid,nodev,noexec,relatime,hugetlb
| | `-/sys/fs/cgroup/pids cgroup cgroup rw,nosuid,nodev,noexec,relatime,pids
| |-/sys/fs/pstore pstore pstore rw,nosuid,nodev,noexec,relatime
| `-/sys/fs/bpf bpf bpf rw,nosuid,nodev,noexec,relatime,mode=700
|-/dev devtmpfs devtmpfs rw,nosuid,size=4096k,nr_inodes=1048576,mode=755,inode64
| |-/dev/shm tmpfs tmpfs rw,nosuid,nodev,inode64
| `-/dev/pts devpts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000
|-/run tmpfs tmpfs rw,nosuid,nodev,size=801436k,nr_inodes=819200,mode=755,inode64
`-/etc/machine-id tmpfs[/machine-id] tmpfs ro,size=801436k,nr_inodes=819200,mode=755,inode64
RESCUE localhost:~ # df -h /
Filesystem Size Used Avail Use% Mounted on
none 2.0G 177M 1.8G 10% /
In contrast without USE_RAMDISK="yes"
I get in the ReaR recovery system
RESCUE localhost:~ # dmesg | grep -i ramdisk
[ 0.003241] RAMDISK: [mem 0x7bf71000-0x7ffbefff]
RESCUE localhost:~ # findmnt -a
TARGET SOURCE FSTYPE OPTIONS
/ none rootfs rw
|-/proc proc proc rw,nosuid,nodev,noexec,relatime
| `-/proc none proc rw,relatime
|-/sys sysfs sysfs rw,nosuid,nodev,noexec,relatime
...
|-/dev devtmpfs devtmpfs rw,nosuid,size=4096k,nr_inodes=1048576,mode=755,inode64
| |-/dev/shm tmpfs tmpfs rw,nosuid,nodev,inode64
| `-/dev/pts devpts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000
| `-/dev/pts none devpts rw,relatime,gid=5,mode=620,ptmxmode=000
|-/run tmpfs tmpfs rw,nosuid,nodev,size=402436k,nr_inodes=819200,mode=755,inode64
`-/etc/machine-id tmpfs[/machine-id] tmpfs ro,size=402436k,nr_inodes=819200,mode=755,inode64
RESCUE localhost:~ # df -h /
Filesystem Size Used Avail Use% Mounted on
none 0 0 0 - /
Note the "duplicated" mounted /proc and /dev/pts
in the findmnt output without USE_RAMDISK="yes".
For comparison on my original system I have
TARGET SOURCE FSTYPE OPTIONS
...
|-/proc proc proc rw,nosuid,nodev,noexec,relatime
...
| |-/dev/pts devpts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000
So with USE_RAMDISK="yes" the 'findmnt' output
looks more as it is on the original system.
[Export of Github issue for rear/rear.]