NSA CatDV VM1 Linux VM
The following are Frequently Asked Questions about the NSA VM1 CatDV Server Linux Virtual Machines.
Q: How do I mount a CIFS (SMB) share to a linux computer or VM?
Manual Mount Syntax:
sudo mount -t cifs -o username=authorized_user //server-address/share /media/mount
Edit fstab to add the CIFS mount
sudo vi /etc/fstab
Example for /etc/fstab to mount a CIFS share
//10.113.101.100/sf_akomi-data /media/sf_akomi-data cifs username=storage-user,password=storage-password,file_mode=0775,dir_mode=0775,uid=apache,gid=northshore,nofail 0 0
There have been issues with SMB version. Updated syntax specifies newer version:
//10.113.101.100/sf_akomi-data /media/sf_akomi-data cifs credentials=/root/.smbcredentials,file_mode=0775,dir_mode=0775,uid=apache,gid=northshore,vers=2.1,nofail 0 0
Mounting Storage from FSTAB
Mounts all entries in fstab with verbose output
sudo mount -av
sudo umount /path/to/folder
Example: sudo umount /Volumes/MEDIA01
General SMB mount notes:
Always put "nofail" in the fstab entry. This tells the server to not halt the boot process if a desired/configured mount is not available to the client at boot time.
Quantum StorNext SMB notes:
Tech Source, Thank You: Rowie Nameri from IMT
Always put "noperm" in the fstab entry. This tells the server that the client is not overriding the server's understanding of who should be accessing the data, which it determines based on:
1- Share level - Access to the share is set on the Quantum SMB server. You wont be able to mount the share if the user youre mounting with isnt allowed. By default everyone is allowed, but we usually set "valid users=" there to restrict access to a particular set of users. There are also other options that can be set globally per share, like umask etc. This is standard Samba stuff.
2- File level - Stornext specific behavior: Access and permissions to the data in the share by default are based on file level ACLs only. POSIX permissions are completely disregarded.
If there is no ACL on the file/dir, the Quantum SMB server assumes an "Everyone Allow" ACL should be there and the file/dir is wide open.
It is possible to change the default behavior so that with no ACL present, the server will translate the POSIX permissions of the file/dir to the closest approximation as an ACL, and that will be the access granted.
In the Quantum smb.conf. "snfs:enable default acl" is the default behavior, and changing that to "disable" would switch the behavior to translating POSIX when no ACL present.
Always add "vers=3.0" (or 2.1 or whatever the max SMB version capability of your Linux client) into the fstab entry. It is standard Linux client behavior to mount any SMB share using SMB1 by default, which is slow and problematic.
//stornext.local/MediaStor/Akomi/sf_akomi-data /media/sf_akomi-data cifs credentials=/root/.smbcredentials,vers=3.0,noperm,nofail 0 0
Q: How do I run Worker 9 or newer on a previous generation CentOS Linux VM?
Worker 9 Requires Java 11 or newer. To install, follow these steps
Shut down the Worker Service and quit the Worker Node application
Uninstall Java 8:
sudo yum remove java-1.8.0-openjdk java-1.8.0-openjdk-devel.x86_64 java-1.8.0-openjdk-headless.x86_64
Install Java 11:
sudo yum install java-11-openjdk java-11-openjdk-headless
Install the new Worker Node using the provided install scripts
Launch Worker Node using the Desktop icon and verify your settings
Q: How do I convert the VM to run on a different hypervisor?
If you move the VM disk image from one platform to another there will be changes in the virtual hardware. These changes can prevent the system from booting normally. It will hang at boot for a long time then you’ll see messages something like this:
dracut-initqueue: Warning: Could not boot.
dracut-initqueue: Warning: /dev/centos/root does not exist.
dracut-initqueue: Warning: /dev/centos/swap does not exist.
dracut-initqueue: Warning: /dev/mapper/centos-root does not exist.
Starting Dracut Emergency Shell...
Warning: /dev/centos/root does not exist
Warning: /dev/centos/swap does not exist
Warning: /dev/mapper/centos-root does not exist
To remedy this, boot to the rescue kernel then login to the desktop.
Open terminal and login as root
# sudo -i
Scan for logical volumes to find the one you need
ACTIVE '/dev/centos/swap' [<3.88 GiB] inherit
ACTIVE '/dev/centos/root' [<35.59 GiB] inherit
Make a folder to mount your volume
# mkdir /mnt/sysimage/
Then mount your root partition there
# mount /dev/centos-7/root /mnt/sysimage/
Next, mount the proc, dev, sys, and boot partitions
# mount --bind /sys /mnt/sysimage/sys
# mount --bind /dev /mnt/sysimage/dev
# mount --bind /proc /mnt/sysimage/proc
# mount /dev/sda1 /mnt/sysimage/boot/
Set the chroot to the mounted fs
# chroot /mnt/sysimage/
Run the dracut tool to rebuild the initramfs for the selected kernel version, exit, reboot
# dracut -f --regenerate-all
# reboot now
That should get you rebooted and up & running