NSA CatDV VM1 Linux VM

The following are Frequently Asked Questions about the NSA VM1 CatDV Server Linux Virtual Machines.

Q: How do I mount a CIFS (SMB) share to a linux computer or VM?

Mounting Instructions

Manual Mount Syntax:

sudo mount -t cifs -o username=authorized_user //server-address/share /media/mount

Edit fstab to add the CIFS mount

sudo vi /etc/fstab

Example for /etc/fstab to mount a CIFS share

//10.113.101.100/sf_akomi-data /media/sf_akomi-data cifs username=storage-user,password=storage-password,file_mode=0775,dir_mode=0775,uid=apache,gid=northshore,nofail 0 0

There have been issues with SMB version. Updated syntax specifies newer version:

//10.113.101.100/sf_akomi-data /media/sf_akomi-data cifs credentials=/root/.smbcredentials,file_mode=0775,dir_mode=0775,uid=apache,gid=northshore,vers=2.1,nofail 0 0

.smbcredentials contents:

username=MyUsername

password=MyPassword

Mounting Storage from FSTAB

Mounts all entries in fstab with verbose output

sudo mount -av

Unmounting storage

sudo umount /path/to/folder

Example:
sudo umount /Volumes/MEDIA01

General SMB mount notes:

Always put "nofail" in the fstab entry. This tells the server to not halt the boot process if a desired/configured mount is not available to the client at boot time.

Quantum StorNext SMB notes:

Tech Source, Thank You: Rowie Nameri from IMT

Always put "noperm" in the fstab entry. This tells the server that the client is not overriding the server's understanding of who should be accessing the data, which it determines based on:

- 1- Share level - Access to the share is set on the Quantum SMB server. You wont be able to mount the share if the user youre mounting with isnt allowed. By default everyone is allowed, but we usually set "valid users=" there to restrict access to a particular set of users. There are also other options that can be set globally per share, like umask etc. This is standard Samba stuff.
- 2- File level - Stornext specific behavior: Access and permissions to the data in the share by default are based on file level ACLs only. POSIX permissions are completely disregarded.
  - If there is no ACL on the file/dir, the Quantum SMB server assumes an "Everyone Allow" ACL should be there and the file/dir is wide open.
  - It is possible to change the default behavior so that with no ACL present, the server will translate the POSIX permissions of the file/dir to the closest approximation as an ACL, and that will be the access granted.
  - In the Quantum smb.conf. "snfs:enable default acl" is the default behavior, and changing that to "disable" would switch the behavior to translating POSIX when no ACL present.

Always add "vers=3.0" (or 2.1 or whatever the max SMB version capability of your Linux client) into the fstab entry. It is standard Linux client behavior to mount any SMB share using SMB1 by default, which is slow and problematic.

//stornext.local/MediaStor/Akomi/sf_akomi-data /media/sf_akomi-data cifs credentials=/root/.smbcredentials,vers=3.0,noperm,nofail 0 0

Q: How do I run Worker 9 or newer on a previous generation CentOS Linux VM?

Update Instructions

Worker 9 Requires Java 11 or newer. To install, follow these steps

1. Shut down the Worker Service and quit the Worker Node application
2. Uninstall Java 8:
3. sudo yum remove java-1.8.0-openjdk java-1.8.0-openjdk-devel.x86_64 java-1.8.0-openjdk-headless.x86_64
4. Install Java 11:
5. sudo yum install java-11-openjdk java-11-openjdk-headless

Install the new Worker Node using the provided install scripts
Launch Worker Node using the Desktop icon and verify your settings

Q: How do I convert the VM to run on a different hypervisor?

Conversion instructions

If you move the VM disk image from one platform to another there will be changes in the virtual hardware. These changes can prevent the system from booting normally. It will hang at boot for a long time then you’ll see messages something like this:

dracut-initqueue[372]: Warning: Could not boot.

dracut-initqueue[372]: Warning: /dev/centos/root does not exist.

dracut-initqueue[372]: Warning: /dev/centos/swap does not exist.

dracut-initqueue[372]: Warning: /dev/mapper/centos-root does not exist.

Starting Dracut Emergency Shell...

Warning: /dev/centos/root does not exist

Warning: /dev/centos/swap does not exist

Warning: /dev/mapper/centos-root does not exist

Generating "/run/initramfs/rdsosreport.txt"

To remedy this, boot to the rescue kernel then login to the desktop.

Open terminal and login as root

# sudo -i

Scan for logical volumes to find the one you need

# lvscan

ACTIVE '/dev/centos/swap' [<3.88 GiB] inherit

ACTIVE '/dev/centos/root' [<35.59 GiB] inherit

Make a folder to mount your volume

# mkdir /mnt/sysimage/

Then mount your root partition there

# mount /dev/centos-7/root /mnt/sysimage/

Next, mount the proc, dev, sys, and boot partitions

# mount --bind /sys /mnt/sysimage/sys

# mount --bind /dev /mnt/sysimage/dev

# mount --bind /proc /mnt/sysimage/proc

# mount /dev/sda1 /mnt/sysimage/boot/

Set the chroot to the mounted fs

# chroot /mnt/sysimage/

Run the dracut tool to rebuild the initramfs for the selected kernel version, exit, reboot

# dracut -f --regenerate-all

# exit

# reboot now

That should get you rebooted and up & running