GlusterFS Installation on VServer Guest
From GlusterDocumentation
GlusterFS Server
As of 1.4, you'd need the following VServer's Context and System capabilities. To do that, go to your VServers' configuration directory. For Debian, it's in /etc/vservers/GuestName/. Create a file call bcapabilities if it's not created, and include the following into the file.
Do the same for /etc/vservers/GuestName/bcapabilities and insert...
# Serious security implications!! With care! see VServer Wiki for more information SYS_ADMIN
Reboot your Guest to take effect.
What could have changed in 1.4 is the addition of afr_check_xattr_cbk to support extended attribute. Further investigation is needed to allow fine-grain control on CAP_SYS_ADMIN!
GlusterFS Client
Firstly, you need to install the same version of FUSE on your Host and Guest. Then, to enable FUSE on a VServer Guest, copy your Host's /dev/fuse to your Guest.
cp -a /dev/fuse /path/to/vservers/Guest/dev/
Make sure that ownership and permissions are correct.
# ls -l /dev | grep fuse crw-rw---- 1 root root 10, 229 2007-07-01 22:33 fuse
You will also need to enable mount using VServer's Context and System capabilities. To do that, go to your VServers' configuration directory. For Debian, it's in /etc/vservers/GuestName/. Create a file call ccapabilities if it's not created, and include the following into the file.
In /etc/vservers/GuestName/ccapabilities
SECURE_MOUNT SECURE_REMOUNT BINARY_MOUNT
Do the same for /etc/vservers/GuestName/bcapabilities and insert...
# Serious security implications!! With care! see VServer Wiki for more information SYS_ADMIN
Reboot your Guest to take effect.
Notes
Running as a normal user will not work, because GlusterFS requires low-level ioctl that VServer Guest will not be able to provide even with the right capabilities. This is because not all capabilities are inherited to normal users. Running as root should be safe.
It'd be better if CAP_SYS_ADMIN is split to more fine-grain! Also to find out which function GlusterFS requires in CAP_SYS_ADMIN!
