# Mounting Samba share from jail | mount_smbfs: kldload(smbfs): Operation not permitted



## bigart (Jan 4, 2021)

Hi,
I need your help.
I'm starting with jails and can't find solution.

`smbclient -U user -I 192.168.1.2 -L //Skaner`
Showing list of shares - looks fine

Trying to mount:

```
# mount -t smbfs -o username=user //192.168.1.2/Wspolny /mnt/Wspolny
mount_smbfs: kldload(smbfs): Operation not permitted
```

/etc/jail.conf  (host)

```
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;
path = "/jails/$name";

domena {
        jid = 1;
        host.hostname = domena;
        ip4.addr = 192.168.1.13;
        interface = em0;
}
domena2 {
        jid = 2;
        host.hostname = domena2;
        ip4.addr = 192.168.1.14;
        interface = em0;
}
allow.raw_sockets;
allow.mount;
allow.mount.zfs;
#allow.mount.devfs;
```
What I'm missing ?


----------



## im (Jan 4, 2021)

jail(8)

```
allow.mount:  privileged users inside the jail will be able to mount and unmount file system types marked as jail-friendly.
The lsvfs(1) command can be used to find file system types available for mount from within a jail.
```


```
root@a3.com:/root# lsvfs
Filesystem                              Num  Refs  Flags
-------------------------------- ---------- -----  ---------------
msdosfs                          0x00000032     0
nfs                              0x0000003a     0  network
procfs                           0x00000002     0  synthetic, jail
cd9660                           0x000000bd     0  read-only
devfs                            0x00000071     1  synthetic, jail
ufs                              0x00000035     2
nullfs                           0x00000029     3  loopback, jail

root@a3.com:/root# kldload /boot/kernel/smbfs.ko

root@a3.com:/root# lsvfs
Filesystem                              Num  Refs  Flags
-------------------------------- ---------- -----  ---------------
msdosfs                          0x00000032     0
nfs                              0x0000003a     0  network
procfs                           0x00000002     0  synthetic, jail
cd9660                           0x000000bd     0  read-only
devfs                            0x00000071     1  synthetic, jail
ufs                              0x00000035     2
nullfs                           0x00000029     3  loopback, jail
smbfs                            0x00000086     0  network
```
Ability to mount smbfs appears after loading the module. Sad but smbfs seems as unsupported inside jail.



bigart said:


> mount_smbfs: kldload(smbfs): Operation not permitted


This looks like a fail to load kernel module 'smbfs' from jail. This behaviour is correct.

Try to load it at host (not it the jail) using command `kldload /boot/kernel/smbfs.ko`
After that try to mount smbfs inside the jail. In case of success - you may require to load module smbfs at boot.

If you need to load this module at boot - add next line to /boot/loader.conf

```
smbfs_load="YES"
```

Workaround: try to mount smbfs from host system direct to jail.


----------



## bigart (Jan 5, 2021)

Thank you for your help.



> Try to load it at host (not it the jail) using command  kldload /boot/kernel/smbfs.ko


I did it, and now I have next problem. After:

`mount_smbfs -I 192.168.1.2 -U user //192.168.1.2/Wspolny /mnt/Wspolny`

I get:
`mount_smbfs: can not setup kernel iconv table (ISO8859-1:tolower): syserr = Operation not permitted`

I have question for you, did you try setup Samba AD DC (include dns, time server, dhcp etc.) in jail   - it's possible ?
My goal is to quickly and easy recover all services after hardware failure. FreeBSD, jails and snapshots looks perfect for it.

I found this thread:








						Solved - SAMBA IN JAIL
					

Hello everyone, First off all I'm a newbie in FreeBSD and jail.  I'm trying to implement a jail server in the company that I work, but I'm facing with a problem and I didn't find the solution on the internet.  I installed a fresh FreeBSD server with Samba 4.3 and FreeBSD 10.1 to test and works...




					forums.freebsd.org
				




There SirDice suggest to not doing it inside the jail.

What is the best practice to backup all system settings and recover it on completely different machine ?

Now I'm working with Debian (host) where I have VirtualBox VMs (one vm with Samba AD DC and other with Radius). It's working but I'm thinking to migrate everything to FreeBSD.


----------



## im (Jan 5, 2021)

bigart said:


> mount_smbfs: can not setup kernel iconv table (ISO8859-1:tolower): syserr = Operation not permitted


Run *kldstat*, check loaded modules like 'iconv'. They may be loaded with smbfs module.
Try to set character sets for mount_smbfs. Read mount_smbfs() about option '-E cs1:cs2'.

```
root@a3.com:/root# kldstat
Id Refs Address    Size     Name
1   18 0xc0400000 140b888  kernel
10    1 0xd0bfd000 20000    smbfs.ko
11    2 0xc8f28000 5000     libiconv.ko
12    2 0xd0bf5000 3000     libmchain.ko
```



bigart said:


> dhcp in jail - it's possible ?


DHCP require network broadcast. It is impossible or very dificult with jail.

I have never been used samba as AD. I have no experience in this case
I am expect that samba AD in a jail may work.

Linked thread "samba in jail" seems as true.
SirDice talk about 'problems with broadcasts', but AD may work without broadcasts.
Services like DNS, TIME definitely runs in a jail.



bigart said:


> What is the best practice to backup all system settings and recover it on completely different machine ?


gmirror, pax, pax over ssh, rsync, rsync over ssh.


----------



## rootbert (Jan 6, 2021)

just to check: you are aware that mount_smbfs only supports SMB version 1 and not version 2 or the recommended version 3


----------



## bigart (Jan 7, 2021)

thank you, I'll try


----------

