Panel: Mounts not working on panel v.1.0.3 - wings 1.0.1 PHP 7.4.12 - help required

Created on 9 Nov 2020  路  10Comments  路  Source: pterodactyl/panel
  • Panel or Daemon:
  • Version of Panel/Daemon: wings 1.0.1 / panel 1.0.3 PHP 7.4.12
  • Server's OS: Debian 9
  • Your Computer's OS & Browser: Windows 10, Linux Mint, Chrome, Firefox

Describe the bug

  • I have a location on the debian 9 server, /mnt/file_server/backups i am trying to mount in the panel.
    skipping custom server mount, not in list of allowed mount points read_only=false server=d454bf7d-87a6-4f64-887b-fc72a633b4e7 source_path=/mnt/file_server/backups/unitedfactions target_path=backups
    I have tried different locations, but it won't work.

my config.yml file contains this, and is actual.

allowed_mounts:

  • /mnt/file_server/backups/unitedfactions/
    allowed_origins: []

Steps to reproduce the behavior:

  1. make a folder on mount system
  2. add it as a mount as server admin in panel
  3. does not work
  4. load new config.yml generated by panel,
  5. still not working / same error, not in allowed mount points.

Expected behavior
I was expecting to see the contents of my mounth in the container ;)

picture SupaYoshi

All 10 comments

I've tested this feature multiple times and I can ensure it works. That error you are seeing is due to your source path in allowed_mounts (or on the panel) having a trailing slash which will not work as we do strings.HasPrefix to check if the path is allowed. When I get time I will see about writing some documentation and common issues with the mounts feature.

matthewpi picture matthewpi on 9 Nov 2020

I removed the trailing slash in the config.yml and I restarted the wings daemon, however the folder backups is still not appearing in the file browser.

I have tried source,
/mnt/file_server/backups/unitedfactions
target
backups
/backups
/home/container/backups
what is the correct way of setting the target? I am so confused, also restarted the wings daemon and unmounted and remounted the mount, not success....

SupaYoshi picture SupaYoshi on 9 Nov 2020

Appears when the server start, but in my case an empty folder or an empty file (0 KB) is mounted.
I also need help with this.

Sinaloense picture Sinaloense on 9 Nov 2020

folder is not empty, anyway
@matthewpi what is the correct target path?

SupaYoshi picture SupaYoshi on 9 Nov 2020

In my case, the source foulder or source file isn麓t empty, but when is mounted, the target folder or file in file manager is empty.
pd: Sorry my bad english.

Sinaloense picture Sinaloense on 9 Nov 2020
👀1

in my case the source folder is filled with another folder, clearly not showing.

SupaYoshi picture SupaYoshi on 9 Nov 2020
👀1

I also see the mounted folder containing nothing but the applications can still access the data. Eg: Cmod can mount cstrike folder and load a cstrike map but the cstrike folder is empty in the file manager.

wraith1200 picture wraith1200 on 9 Nov 2020
👀1

Again, I need to write documentation on this, but the basic requirements/caveats are as follows.

  • You must add the path to allowed_mounts, the check if a source path is allowed uses a prefix check, so you can put / in allowed_mounts to allow every mount to work but that would be a security risk if your panel is compromised. For example, if your source is /var/lib/pterodactyl/mounts/test you would add /var/lib/pterodactyl/mounts/test to the allowed_mounts array in the config.yml and reboot wings. (You may also allow any directory above the source directory so /var/lib/pterodactyl/mounts in the config would also allow the /var/lib/pterodactyl/mounts/test mount to be mounted)
  • You may not cross-mount server directories (what this basically means is you cannot mount any of Server A's files into Server B and vise-versa)
  • You may not set the target to or inside of /home/container, this is a limitation with the way Docker mounts work and nor would I recommend doing it anyways.
  • The mount's contents are not accessible through SFTP or the web file manager, this is 100% intentional and I doubt you will ever see it on the web file manager.
  • Actually add the mount to a server, creating a mount and assigning it to Nodes and Eggs is not enough, you must make sure to actually mount it on a server. The mount will be applied when you reboot a server (as long as it is allowed in the config).

The whole point of allowed_mounts is to prevent someone with panel access just mounting / (or any sensitive directory) to a server and using it to gain access or destroy the system.

Also, allowed_origins is for CORS and the WebSocket, it has nothing to do with the mounts feature what so ever.

matthewpi picture matthewpi on 10 Nov 2020
1

Dear Matthew, thank you so much for your detailed answer! This really helps!

You may not set the target to or inside of /home/container, this is a limitation with the way Docker mounts work and nor would I recommend doing it anyways.

Scenario:
I want to mount the folder, /mnt/file_server/ inside the server so that a plugin can create a backup to that folder (as if it was actually inside the container) (easybackup for minecraft needs a path to backup to, so i follow your directions and i set this:

source
/mnt/file_server
target
/backups

You will not see this folder in your file manager, or in your sftp! but it's there, make sure you STOP and START your server if it is currently running for the mount point to work!

WARNING: Experienced users!
If you are familiar with docker, you can troubleshoot your way in by using the commands:
docker exec -it [container id here] /bin/bash
and then using the command cd /[target] to see if the mount point is there.

SupaYoshi picture SupaYoshi on 10 Nov 2020
1

As it appears this is not a bug (and has been resolved anyway), I'll close this.

schrej picture schrej on 10 Nov 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

TylerBurr picture TylerBurr  路  4Comments
TRYTIG picture TRYTIG  路  3Comments
ghost picture ghost  路  4Comments
Derkades picture Derkades  路  4Comments
vipesz picture vipesz  路  4Comments