03-20-2020
Mac OS X Catalina - NFS File Access Behavior in CRON or Launchd
I'm really struggling here, and I think this is a new effect of upgrade to Catalina. I have an automounted NFS directory that contains a file I want to periodically copy to my Mac's local file system. I have a script that does this, and it worked beautifully before Catalina upgrade. If I run the script manually (as root) it's all good. If I run the script as part of a scheduled job it fails. I've tried launching the script in root owned cron job, and I've tried using Launchd. Both fail the same way.
My script:
#!/bin/sh
if [ -f /System/Volumes/Data/nfs/hosts ]
then
cat /etc/hosts.base /System/Volumes/Data/nfs/hosts > /etc/hosts
fi
/System/Volumes/Data/nfs is an NFS share coming off a Synology NAS.
The [ -f ...] part works fine. It can successfully determine if the hosts file exists in the NFS directory. But the cat command fails reading the hosts file. Again, if I run the script manually it all works fine. It only fails if the script is launched from cron or launchd.
File permissions:
brians-mbp:etc root# ls -la /System/Volumes/Data/nfs/hosts
-rwxrwxrwx 1 1024 _lpoperator 2393 Feb 8 14:29 /System/Volumes/Data/nfs/hosts
I've tried fiddling with owner and group, no effect. I've tried different approaches of mounting the NFS drive (automount, fstab, etc), no effect. I've tried different directories, different filenames, etc, no effect. I've tried using different shells in the script (sh, zsh, ...), no effect.
I've tried to find whether Catalina introduced some new ACL mechanisms but can't find anything other than gripes about how Apple changed directory structure in Catalina. But the fact that the script runs just fine if run manually tells me the permissions/ACLs must be ok.
Any ideas?
Brian
7 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I have set up a samba share on my Linux server. I have a gigabit switch, gigabit NICs in each machine.
I have set up the /etc/samba/smb.conf to support no delay, 8192 send/receive buffers, etc. This helped the rate for Samba go from about 4MB/S to about 10MB/S, but I expect to see about... (1 Reply)
Discussion started by: perspectx
1 Replies
2. AIX
I create a NFS file system. I can read this system from client, however, I cannot write anything in this folder. Why? (1 Reply)
Discussion started by: rainbow_bean
1 Replies
3. Shell Programming and Scripting
Hi
A Ksh script is deployed in a server and executed through cronjob.
If one of the line in the middle of the script fails . Are the remaining lines executed ? (3 Replies)
Discussion started by: Sivaswami
3 Replies
4. Red Hat
Hi,
I am facing issue on NFS.
I have shared /data file file system on Server 192.192.192.1, added below lines in /etc/exports
/data 192.192.192.2(rw,no_root_squash,sync)
the owner of /data directory was test(uid 500)
and same I have mounted on another server 192.192.192.2 where the... (3 Replies)
Discussion started by: manoj.solaris
3 Replies
5. Shell Programming and Scripting
Hello Team,
I am trying to extract date from the following output and trying to compare with current date and if there is 10 minute difference between the two. it should logs message in the file server is started.can anyone help me to implement this in the script? (1 Reply)
Discussion started by: coolguyamy
1 Replies
6. UNIX for Advanced & Expert Users
run_xfs_fsr is a xfs filesystem maintenance script designed to run under cron. The system is a home theater personal computer running mythbuntu 10.10, and is accessed remotely for these tests. cron runs a script, (xfs_fsr.sh) at 02:30 that runs the subject script under BASH and sets the... (3 Replies)
Discussion started by: keepitsimpleeng
3 Replies
7. UNIX for Dummies Questions & Answers
Ok, so I have been struggling with this for a few days and I think I need an explanation of a few things before I go any further. I'm not sure it's possible to do what I'm trying, so before I pull my hair out, here is what I'm doing:
I have written a program in LiveCode that sits on our... (2 Replies)
Discussion started by: nextyoyoma
2 Replies
LEARN ABOUT SUSE
sm-notify
sm-notify(8) System Manager's Manual sm-notify(8)
NAME
sm-notify - Send out NSM reboot notifications
SYNOPSIS
/sbin/sm-notify [-dfq] [-m time] [-p port] [-P path] [-v my_name ]
DESCRIPTION
File locking over NFS (v2 and v3) requires a facility to notify peers in case of a reboot, so that clients can reclaim locks after a server
crash, and/or servers can release locks held by the rebooted client.
This is a two-step process: during normal operations, a mechanism is required to keep track of which hosts need to be informed of a reboot.
And of course, notifications need to be sent out during reboot. The protocol used for this is called NSM, for Network Status Monitor.
This implementation separates these into separate program. rpc.statd tracks hosts which need to be notified and this sm-notify performs
the notification. When rpc.statd is started it will typically started sm-notify but this is configurable.
Operation
For each NFS client or server machine to be monitored, rpc.statd creates a file in /var/lib/nfs/sm, and removes the file if monitoring is
no longer required.
When the machine is rebooted, sm-notify iterates through these files and notifies the peer statd server on those machines.
Each machine has an NSM state , which is basically an integer counter that is incremented each time the machine reboots. This counter is
stored in /var/lib/nfs/state, and updated by sm-notify.
Security
sm-notify has little need for root privileges and so drops them as soon as possible. It continues to need to make changes to the sm and
sm.bak directories so to be able to drop privileges, these must be writable by a non-privileged user. If these directories are owned by a
non-root user, sm-notify will drop privilege to match that user once it has created sockets for sending out request (for which it needs
privileged) but before it processes any reply (which is the most likely source of possible privilege abuse).
OPTIONS
-m failtime
When notifying hosts, sm-notify will try to contact each host for up to 15 minutes, and will give up if unable to reach it within
this time frame.
Using the -m option, you can override this. A value of 0 tells sm-notify to retry indefinitely; any other value is interpreted as
the maximum retry time in minutes.
-v ipaddr-or-hostname
This option tells sm-notify to bind to the specified ipaddr, (or the ipaddr of the given hostname) so that all notification packets
originate from this address. This is useful for NFS failover. The given name is also used as the name of this host in the NSM
request.
-p port
instructs sm-notify to bind to the indicated IP port number. If this option is not given, it will try to bind to a randomly chosen
privileged port below 1024.
-q Be quiet. This suppresses all messages except error messages while collecting the list of hosts.
-P /path/to/state/directory
If sm-notify should look in a no-standard place of state file, the path can be given here. The directories sm and sm.bak and the
file state must exist in that directory with the standard names.
-f If the state path has not been reset with -P, sm-notify will normally create a file in /var/run to indicate that it has been run.
If this file is found when sm-notify starts, it will not run again (as it is normally only needed once per reboot). If -f (for
force) is given, sm-notify will run even if the file in /var/run is present.
-n Do not update the NSM state. This is for testing only. Setting this flag implies -f.
-d Enables debugging. By default, sm-notify forks and puts itself in the background after obtaining the list of hosts from
/var/lib/nfs/sm.
FILES
/var/lib/nfs/state
/var/lib/nfs/sm/*
/var/lib/nfs/sm.bak/*
/var/run/sm-notify.pid
SEE ALSO
rpc.nfsd(8), portmap(8)
AUTHORS
Olaf Kirch <okir@suse.de>
19 Mar 2007 sm-notify(8)