ubuntu20.04 bind mount 总是设置noexec

tag-icon tag-icon mount
ubuntu20.04 bind mount 总是设置noexec

我有一个通过 /etc/fstab 安装的文件夹,其中包含如下条目:

/m/svr/usrlocal/bin     /usr/local/bin2     none exec,bind 0 0

当我挂载该文件夹时,syslog 不会产生任何错误消息或注释,并且该文件夹已挂载,如 findmnt --real 所示:

> findmnt --real|grep usr.local.bin2
├─/usr/local/bin2              /dev/sda2[/svr/usrlocal/bin]     fuseblk  rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096

我遇到的问题是,如上所示,尽管我在 fstab 行中指定了 exec,但文件夹仍以“noexec”权限挂载。我尝试使用“exec,defaults”和 defaults(不指定 exec)以及其他几种组合,但无济于事。没有错误消息,但我也没有得到我想要的东西。(/usr/local/bin2/scriptname总是返回访问被拒绝错误。)

有没有办法在 ubuntu 20.04 上使用绑定挂载来挂载具有执行权限的文件夹?

附加信息

我要挂载的目录位于服务器的根文件系统中。其权限已设置为 drwxrwxr-x

当我将 remount 添加到选项中时(如下所示),尝试挂载时出现此错误:“mount:/usr/local/bin2:挂载点未挂载或选项错误。”

/m/svr/usrlocal/bin     /usr/local/bin2    none remount,exec,bind 0 0

以下是不带选项的“mount”的完整输出:

sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
udev on /dev type devtmpfs (rw,nosuid,noexec,relatime,size=32827460k,nr_inodes=8206865,mode=755,inode64)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,noexec,relatime,size=6572748k,mode=755,inode64)
/dev/sdc2 on / type ext4 (rw,relatime,errors=remount-ro)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,inode64)
tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k,inode64)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755,inode64)
cgroup2 on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
efivarfs on /sys/firmware/efi/efivars type efivarfs (rw,nosuid,nodev,noexec,relatime)
bpf on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/misc type cgroup (rw,nosuid,nodev,noexec,relatime,misc)
cgroup on /sys/fs/cgroup/rdma type cgroup (rw,nosuid,nodev,noexec,relatime,rdma)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=28,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=13971)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,pagesize=2M)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
debugfs on /sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime)
tracefs on /sys/kernel/tracing type tracefs (rw,nosuid,nodev,noexec,relatime)
fusectl on /sys/fs/fuse/connections type fusectl (rw,nosuid,nodev,noexec,relatime)
configfs on /sys/kernel/config type configfs (rw,nosuid,nodev,noexec,relatime)
/var/lib/snapd/snaps/bare_5.snap on /snap/bare/5 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/gnome-3-38-2004_115.snap on /snap/gnome-3-38-2004/115 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/vlc_3078.snap on /snap/vlc/3078 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/core18_2679.snap on /snap/core18/2679 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/core18_2697.snap on /snap/core18/2697 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/gnome-3-38-2004_119.snap on /snap/gnome-3-38-2004/119 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/gnome-3-34-1804_77.snap on /snap/gnome-3-34-1804/77 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/core20_1778.snap on /snap/core20/1778 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/gtk-common-themes_1534.snap on /snap/gtk-common-themes/1534 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/core20_1822.snap on /snap/core20/1822 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/vlc_2344.snap on /snap/vlc/2344 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/snap-store_638.snap on /snap/snap-store/638 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/snapd_17950.snap on /snap/snapd/17950 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/snap-store_599.snap on /snap/snap-store/599 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/snapd_18357.snap on /snap/snapd/18357 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/gtk-common-themes_1535.snap on /snap/gtk-common-themes/1535 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
/var/lib/snapd/snaps/gnome-3-34-1804_72.snap on /snap/gnome-3-34-1804/72 type squashfs (ro,nodev,relatime,errors=continue,x-gdu.hide)
binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,nosuid,nodev,noexec,relatime)
/dev/sdb1 on /v type fuseblk (rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096,user)
/dev/sdc1 on /boot/efi type vfat (rw,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro)
/dev/sda2 on /m type fuseblk (rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096,user)
/dev/sda2 on /usr/local/backups type fuseblk (rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096)
/dev/sda2 on /usr/local/etc type fuseblk (rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096)
/dev/sda2 on /usr/local/log type fuseblk (rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096)
/dev/sda2 on /usr/local/src type fuseblk (rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096)
/dev/sdd2 on /5TBU type fuseblk (rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096,user)
//nas-1/NAS1-Plex on /m/svr/Media/Plex_NAS1 type cifs (rw,nosuid,nodev,noexec,relatime,vers=3.0,sec=ntlmssp,cache=strict,username=dennis,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.7,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,noperm,rsize=4194304,wsize=4194304,bsize=1048576,echo_interval=60,actimeo=1,user)
tmpfs on /run/user/125 type tmpfs (rw,nosuid,nodev,relatime,size=6572744k,mode=700,uid=125,gid=130,inode64)
gvfsd-fuse on /run/user/125/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=125,group_id=130)
tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=6572744k,mode=700,uid=1000,gid=1000,inode64)
gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=1000)
//hpmicro1/share on /o type cifs (rw,nosuid,nodev,noexec,relatime,vers=3.0,sec=ntlmssp,cache=strict,username=dennis,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.5,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,noperm,rsize=4194304,wsize=4194304,bsize=1048576,echo_interval=60,actimeo=1,user)
/dev/sda2 on /usr/local/bin2 type fuseblk (rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096)

以下是 findmnt --real 的输出

> findmnt --real
TARGET                         SOURCE            FSTYPE   OPTIONS
/                              /dev/sdc2         ext4     rw,relatime,errors=remount-ro
├─/sys/kernel/tracing          tracefs           tracefs  rw,nosuid,nodev,noexec,relatime
├─/snap/bare/5                 /dev/loop0        squashfs ro,nodev,relatime,errors=continue
├─/snap/gnome-3-38-2004/115    /dev/loop2        squashfs ro,nodev,relatime,errors=continue
├─/snap/vlc/3078               /dev/loop3        squashfs ro,nodev,relatime,errors=continue
├─/snap/core18/2679            /dev/loop1        squashfs ro,nodev,relatime,errors=continue
├─/snap/core18/2697            /dev/loop4        squashfs ro,nodev,relatime,errors=continue
├─/snap/gnome-3-38-2004/119    /dev/loop5        squashfs ro,nodev,relatime,errors=continue
├─/snap/gnome-3-34-1804/77     /dev/loop6        squashfs ro,nodev,relatime,errors=continue
├─/snap/core20/1778            /dev/loop10       squashfs ro,nodev,relatime,errors=continue
├─/snap/gtk-common-themes/1534 /dev/loop8        squashfs ro,nodev,relatime,errors=continue
├─/snap/core20/1822            /dev/loop11       squashfs ro,nodev,relatime,errors=continue
├─/snap/vlc/2344               /dev/loop9        squashfs ro,nodev,relatime,errors=continue
├─/snap/snap-store/638         /dev/loop7        squashfs ro,nodev,relatime,errors=continue
├─/snap/snapd/17950            /dev/loop12       squashfs ro,nodev,relatime,errors=continue
├─/snap/snap-store/599         /dev/loop14       squashfs ro,nodev,relatime,errors=continue
├─/snap/snapd/18357            /dev/loop15       squashfs ro,nodev,relatime,errors=continue
├─/snap/gtk-common-themes/1535 /dev/loop13       squashfs ro,nodev,relatime,errors=continue
├─/snap/gnome-3-34-1804/72     /dev/loop16       squashfs ro,nodev,relatime,errors=continue
├─/v                           /dev/sdb1         fuseblk  rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096
├─/boot/efi                    /dev/sdc1         vfat     rw,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro
├─/m                           /dev/sda2         fuseblk  rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096
│ └─/m/svr/Media/Plex_NAS1     //nas-1/NAS1-Plex cifs     rw,nosuid,nodev,noexec,relatime,vers=3.0,sec=ntlmssp,cache=strict,username=dennis,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.7,file_mode=0755,dir
├─/usr/local/backups           /dev/sda2[/svr/usrlocal/backups]
│                                                fuseblk  rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096
├─/o                           //hpmicro1/share  cifs     rw,nosuid,nodev,noexec,relatime,vers=3.0,sec=ntlmssp,cache=strict,username=dennis,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.5,file_mode=0755,dir                                             
├─/usr/local/etc               /dev/sda2[/svr/usrlocal/etc]
│                                                fuseblk  rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096
├─/usr/local/log               /dev/sda2[/svr/usrlocal/log]
│                                                fuseblk  rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096
├─/usr/local/src               /dev/sda2[/svr/usrlocal/src]
│                                                fuseblk  rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096
├─/usr/local/bin2              /dev/sda2[/svr/usrlocal/bin]
│                                                fuseblk  rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096
└─/5TBU                        /dev/sdd2         fuseblk  rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,allow_other,blksize=4096

~

答案1

本文深入讨论了这一主题 只读绑定挂载

简而言之,部分属于父级的挂载点不能覆盖父级的属性,因此将从父级继承这些属性,实际上忽略与父级冲突的挂载点的所有指定选项。

链接的文章展示了使用该命令的解决方法bind,但不适用于/etc/fstab

相关内容