Hello,
I was able to add a secondary drive using @stgraber here. Now, I’ve a rights issue with this secondary disk. On reboot, the rights change:
ct@nuka:~$ sudo chmod -R a+r /mnt/data/
ct@nuka:~$ stat -c %A /mnt/data
drwxr-xr-x
ct@nuka:~$ sudo reboot
ct@nuka:~$ stat -c %A /mnt/data
drwx--x--x
Thank you for your time.
stgraber@castiana:~$ lxc storage volume create default foo
Storage volume foo created
stgraber@castiana:~$ lxc storage volume attach default foo npm foo /mnt/foo
stgraber@castiana:~$ lxc start npm
stgraber@castiana:~$ lxc exec npm bash
root@npm:~# grep foo /proc/mounts
castiana/lxd/custom/default_foo /mnt/foo zfs rw,relatime,xattr,posixacl 0 0
root@npm:~# stat /mnt/foo/
File: /mnt/foo/
Size: 2 Blocks: 1 IO Block: 512 directory
Device: 52h/82d Inode: 34 Links: 2
Access: (0711/drwx--x--x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-05-05 13:43:24.607720375 +0000
Modify: 2020-05-05 13:43:11.595646135 +0000
Change: 2020-05-05 13:43:24.607720375 +0000
Birth: -
root@npm:~# chmod 700 /mnt/foo/
root@npm:~# stat /mnt/foo/
File: /mnt/foo/
Size: 2 Blocks: 1 IO Block: 512 directory
Device: 52h/82d Inode: 34 Links: 2
Access: (0700/drwx------) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-05-05 13:43:24.607720375 +0000
Modify: 2020-05-05 13:43:11.595646135 +0000
Change: 2020-05-05 13:43:45.867841668 +0000
Birth: -
root@npm:~# reboot
root@npm:~#
stgraber@castiana:~$ lxc exec npm bash
root@npm:~# stat /mnt/foo/
File: /mnt/foo/
Size: 2 Blocks: 1 IO Block: 512 directory
Device: 52h/82d Inode: 34 Links: 2
Access: (0700/drwx------) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-05-05 13:43:24.607720375 +0000
Modify: 2020-05-05 13:43:11.595646135 +0000
Change: 2020-05-05 13:43:45.867841668 +0000
Birth: -
root@npm:~#
What LXD version and storage backend are you using?
Thank you for your answer:
pulsar@zira:~$ snap list
Name Version Rev Tracking Publisher Notes
core 16-2.44.3 9066 latest/stable canonical✓ core
core18 20200311 1705 latest/stable canonical✓ base
lxd 4.0.1 14804 latest/stable canonical✓ -
pulsar@zira:~$ lxc storage list
+---------+-------------+--------+------------------------------------------------+---------+
| NAME | DESCRIPTION | DRIVER | SOURCE | USED BY |
+---------+-------------+--------+------------------------------------------------+---------+
| default | | btrfs | /var/snap/lxd/common/lxd/storage-pools/default | 17 |
+---------+-------------+--------+------------------------------------------------+---------+
pulsar@zira:~$ lxc storage volume show default vitani_data
config:
volatile.idmap.last: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
description: ""
name: vitani_data
type: custom
used_by:
- /1.0/containers/vitani
location: none
On container:
ct@vitani:~$ grep data /proc/mounts
/dev/sda4 /mnt/data btrfs rw,relatime,space_cache,user_subvol_rm_allowed,autodefrag,subvolid=267,subvol=/var/snap/lxd/common/lxd/storage-pools/default/custom/default_vitani_data 0 0
Reproduced here:
Storage pool btrfs created
stgraber@castiana:~$ lxc storage volume create btrfs foo
Storage volume foo created
stgraber@castiana:~$ lxc storage volume attach btrfs foo npm foo /mnt/foo
stgraber@castiana:~$ lxc start npm
stgraber@castiana:~$ lxc exec npm bash
root@npm:~# grep foo /proc/mounts
/dev/loop8 /mnt/foo btrfs rw,relatime,ssd,space_cache,user_subvol_rm_allowed,subvolid=257,subvol=/custom/default_foo 0 0
root@npm:~# stat /mnt/foo/
File: /mnt/foo/
Size: 0 Blocks: 0 IO Block: 4096 directory
Device: 52h/82d Inode: 256 Links: 1
Access: (0711/drwx--x--x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-05-06 02:29:56.808521097 +0000
Modify: 2020-05-06 02:29:48.104468918 +0000
Change: 2020-05-06 02:29:56.808521097 +0000
Birth: -
root@npm:~# chmod 700 /mnt/foo/
root@npm:~# stat /mnt/foo/
File: /mnt/foo/
Size: 0 Blocks: 0 IO Block: 4096 directory
Device: 52h/82d Inode: 256 Links: 1
Access: (0700/drwx------) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-05-06 02:29:56.808521097 +0000
Modify: 2020-05-06 02:29:48.104468918 +0000
Change: 2020-05-06 02:30:20.368662340 +0000
Birth: -
root@npm:~# reboot
root@npm:~# stgraber@castiana:~$ lxc exec npm bash
root@npm:~# stat /mnt/foo/
File: /mnt/foo/
Size: 0 Blocks: 0 IO Block: 4096 directory
Device: 52h/82d Inode: 256 Links: 1
Access: (0711/drwx--x--x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-05-06 02:29:56.808521097 +0000
Modify: 2020-05-06 02:29:48.104468918 +0000
Change: 2020-05-06 02:30:31.908731521 +0000
Birth: -
@tomp can you look into this one?
Kinda odd that zfs isn’t affected, potentially related to drivers that need mounting vs those that don’t? In any case, permissions sure shouldn’t change like this for custom volumes 
Yep will take a look. This is almost certainly related to the mount time chmod we apply to ensure that the permission of the mount path is correct at mount time.
And introduced here: https://github.com/lxc/lxd/commit/49cb03b846b6756c54577b27a2052615f14b3548
The reason ZFS, and likely LVM, are not affected is because this is called before the mount occurs, whereas as you suspected BTRFS (and DIR) do not actually need to mount.
Should I back that patch out?
It only affects custom volumes as normal root volumes do not have the instance-visible path chmodded.
Custom volumes on the other hand are directly mounted into the instance.
I could modify the BTRFS and DIR driver’s so that EnsureMountPath is not called during MountVolume() for custom volume types?
I’ve added a PR to fix this issue (including a test) here:
This has now been merged.
Thank you very much! How can I recover the change in my snap package?
This will be included in the next LXD release which is happening in the next few days.
It’s ok with the fix, thanks!