I'd like to mount a remote directory through sshfs on my Debian machine, say at /work. So I added my user to fuse group and I run:
sshfs user#remote.machine.net:/remote/dir /work
and everything works fine. However it would be very nice to have the directory mounted on boot. So I tried the /etc/fstab entry given below:
sshfs#user#remote.machine.net:/remote/dir /work fuse user,_netdev,reconnect,uid=1000,gid=1000,idmap=user 0 0
sshfs asks for password and mounts almost correctly. Almost because my regular user has no access to the mounted directory and when I run ls -la /, I get:
d????????? ? ? ? ? ? work
How can I get it with right permissions trough fstab?
Using option allow_other in /etc/fstab allows other users than the one doing the actual mounting to access the mounted filesystem. When you booting your system and mounting your sshfs, it's done by user root instead of your regular user. When you add allow_other other users than root can access to mount point. File permissions under the mount point still stay the same as they used to be, so if you have a directory with 0700 mask there, it's not accessible by anyone else but root and the owner.
So, instead of
sshfs#user#remote.machine.net:/remote/dir /work fuse user,_netdev,reconnect,uid=1000,gid=1000,idmap=user 0 0
use
sshfs#user#remote.machine.net:/remote/dir /work fuse user,_netdev,reconnect,uid=1000,gid=1000,idmap=user,allow_other 0 0
This did the trick for me at least. I did not test this by booting the system, but instead just issued the mount command as root, then tried to access the mounted sshfs as a regular user.
Also to complement previous answer:
You should prefer the [user]#[host] syntax over the sshfs#[user]#[host] one.
Make sure you allow non-root users to specify the allow_other mount option in /etc/fuse.conf
Make sure you use each sshfs mount at least once manually while root so the host's signature is added to the .ssh/known_hosts file.
$ sudo sshfs [user]#[host]:[remote_path] [local_path] -o allow_other,IdentityFile=[path_to_id_rsa]
REF: https://wiki.archlinux.org/index.php/SSHFS
Also, complementing the accepted answer: there is a need that the user on the target has a right to shell, on target machine: sudo chsh username -> /bin/bash.
I had a user who had /bin/false, and this caused problems.
Related
I have a program called HelloWorld belonging to user test
HelloWorld will create a file HelloWorld.pid in /var/run to keep single instance.
I using following command to try to make test can access /var/run
usermod -a -G root test
However, when I run it, falied
could someone help me?
What are the permissions on /var/run? On my system, /var/run is rwxr-xr-x, which means only the user root can write to it. The permissions do not allow write access by members of the root group.
The normal way of handling this is by creating a subdirectory of /var/run that is owned by the user under which you'll be running your service. E.g.,
sudo mkdir /var/run/helloworld
sudo chown myusername /var/run/helloworld
Note that /var/run is often an ephemeral filesystem that disappears when your system reboots. If you would like your target directory to be created automatically when the system boots you can do that using the systemd tmpfiles service.
Some linux systems store per-user runtime files in /var/run/user/UID/.
In this case you can create your pid file in /var/run/user/$(id -u test)/HelloWorld.pid.
Alternatively just use /tmp.
You may want to use the user's name as a prefix to the pid filename to avoid collision with other users, for instance /tmp/test-HelloWorld.pid.
I've been using this line in /etc/fstab for mounting a storage device to my host:
//url.to-my-storage.com/mystorage /mnt/backup cifs
iocharset=utf8,rw,credentials=/etc/backup-credentials.txt,uid=1000,gid=1000,file_mode=0660,dir_mode=0770
0 0
I was mounting it to another host, and I ran this to protect the files from change through the new host:
chmod -R 444 /mnt/backup
(I tried to protect the storage from writing from this host, which turned out to change the mode of all the storage files)
I assume the missing executable permissions what causing me this:
$ sudo mount -a
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
I tried unmounting and mounting again, that didn't help, got the same permission error when using the mount command.
ls the dir shows this:
$ ls -la /mnt/backup
?????????? ? ? ? ? ? backup
HELP !
Dismounting a "Locked Out" Network Drive
To dismount a "locked out" network drive, you can try to force the unmount:
umount -f -t cifs /mnt/backup
If you are having trouble dismounting a drive, make sure that you don't have a console open somewhere where the current working directory (CWD) on the drive which you are trying to dismount, or have a file open in an editor or player somewhere or such.
Properly Mounting a Network Drive
You should add your permissions in your mount options rather than trying to apply them afterwards. You would want to replace these mount options:
rw,file_mode=0660,dir_mode=0770
with
ro
Currently you are mounting your CIFS drive as read-write (rw), giving files read-write permission (file_mode=0660) and directories read-write-execute (dir_mode=0770). Simply mounting the drive as read-only (ro) should suffice. (If you do need to fine tune the file and dir modes, rather use umask.)
I would also advise you to double check whether you are using uid and gid correctly: if the user ID or group ID used gets deleted, that could also lead to problems.
References
https://linux.die.net/man/8/mount
https://en.wikipedia.org/wiki/File_system_permissions
https://oracletechdba.blogspot.com/2017/06/umount-lsof-warning-cant-stat-cifs-file.html
https://stackoverflow.com/a/40527234/171993
I've updated my openwrt firmware using the web interface. Now the web interface is unreachable.
I lost my root password so i started my router (wr1043nd) in failsafe mode, but the mount_root command is not working:
$mount_root
""/bin/ash: mount_root: not found""
Any clue? I can't find any solution in the docs/ online
You can mount jffs2 partition manually. This partition contains your configuration, so when you mount it, you will be able to edit root password.
Use this command: mount -t jffs2 /dev/mtdblock3 /mnt/. Please note that mtd number may vary in different routers. If there is nothing in /mnt dir after issuing this command, try another mtdblock number.
Then go to /mnt dir and remove /etc/shadow and /etc/passwd files from there to reset root password.
I am trying to write a script that would ssh into a host, perform mount operation there, run some other commands and exit.
other commands (cd, cp) do not require sudo privelages but mount option requries sudo permission. I want to write a script that would do:
ssh user#server "mount -t nfs xx.xx.xx.xx:/ /nfs -o rsize=4096,wsize=4096 ; cp pqr rst ; umount /nfs ;"
and some other non-sudo commands. How can I do this without a sudo option and without entering any passwords when the script is running.
Desktop linux distributions use udisks to grant non-root users limited mounting priviliges.
udisks version 2
udisksctl mount -b [device]
udisks version 1
udisks --mount [device]
Of course, if we are talking about a server VM, then these tools might not be installed.
Installing them would require root access (once)
You must add /nfs entry to /etc/fstab on the server host.
In the list of options of the entry must be option user or users (depends on that if you want that user could unmount the filesystem or not).
Example:
xx.xx.xx.xx:/ /nfs nfs rsize=4096,wsize=4096,user 0 0
You can allow that user to mount without needing sudo power.
Use NOPASSWD directory
Follow this Link.
Or you may prefer to write expect script which will have password written and password will be entered when it prompts for it.
I've written a small FUSE-based filesystem and now the only part's missing is that I want to register it with fstab(5) to auto-mount it on system startup and/or manually mount it with just mount /srv/virtual-db. How can I achieve this?
I know, I can just run /usr/bin/vdbfs.py /srv/virtual-db from some init script, but that's not exactly pretty.
I'm sorry because this may be not exactly a programming question, but it's highly related, as the packaging and deployment is still the programmer's job.
In general, one "registers" a new mount filesystem type by creating an executable mount.fstype.
$ ln -s /usr/bin/vdbfs.py /usr/sbin/mount.vdbfs
If vdbfs.py takes mount-ish arguments (i.e. dev path [-o opts]), then mount -t vdbfs and using vdbfs as the 3rd field in fstab will work. If it doesn't, you can create a wrapper which does take arguments of that form and maps them to whatever your vdbfs.py takes.
FUSE should also install a mount.fuse executable; mount.fuse 'vdbfs.py#dev' path -o opts will go on and call vdbfs.py dev path -o opts. In that case, you can use fuse as your filesystem type and prefix your device with vdbfs.py#.
So to clarify ephemient's answer, there are two options:
Edit /etc/fstab like this:
# <file system> <mount point> <type> <options> <dump> <pass>
# ...
vdbfs.py#<dev> /srv/virtual-db fuse user,<other-opts> 0 0
Or,
Create an executable prefixed with "mount." (ensuring it can be used
with mount-like options):
$ ln -s /usr/bin/vdbfs.py /usr/sbin/mount.vdbfs
And edit /etc/fstab like this:
# <file system> <mount point> <type> <options> <dump> <pass>
# ...
<dev> /srv/virtual-db vdbfs.py user,<other-opts> 0 0
With regards to auto-mounting at start up and manually mounting with mount, the user and noauto options are relevant and fully supported by fuse itself so you don't have to implement them yourself. The user option lets a non-priveleged user who is a member of the "fuse" group mount your filesystem with the mount command, and noauto directs your filesystem not to automatically mount at startup. If you don't specify noauto, it will automatically mount.
To clarify #patryk.beza comment on the accepted answer, the correct way to mount a FUSE file system is by setting the file system type to fuse.<subtype>.
For example, to mount an s3fs-fuse implementation, which does not provide a specific /sbin/mount.* wrapper and uses normally the s3fs user command to mount S3 buckets, one can use this command as root:
mount -t fuse.s3fs bucket-name /path/to/dir -o <some,options>
or this line in /etc/fstab:
bucket-name /path/to/dir fuse.s3fs <some,options> 0 0
or this SystemD mount unit (for example, /etc/systemd/system/path-to-dir.mount):
[Unit]
Description=S3 Storage
After=network.target
[Mount]
What=bucket-name
Where=/path/to/dir
Type=fuse.s3fs
Options=<some,options>
[Install]
WantedBy=multi-user.target
How this works: mount recognizes the concept of "filesystem subtypes" when the type is formatted with a period (i.e. <type>.<subtype>), so that a type with the format fuse.someimpl is recognized to be the responsibility of the FUSE mount helper /sbin/mount.fuse. The FUSE mount helper then resolves the someimpl part to the FUSE implementation, in the same way as the # format is used in the original answer (I think this is just a path search for a program named <subtype>, but I'm not 100% sure about it).
You could just use fuse filesystem type. The following works on my system:
smbnetfs /media/netbios fuse defaults,allow_other 0 0
Another example:
sshfs#user#example.com:/ /mnt fuse user,noauto 0 0
After researching a lot found this solution to mount fuse filesystem suing fstab entry. I was using fuse for s3bucket to mount on local linux machine.
.passwd-s3fs : Is containing credentials to access your aws account 1] Secret key and 2] Access Key .
uid : User Id. You can type linux command id and you can get uid
Syntax:
s3fs#<Bucket_Name> <Mounted_Direcotry_Path> fuse _netdev,allow_other,passwd_file=/home/ubuntu/.passwd-s3fs,use_cache=/tmp,umask=002,uid=<User_Id> 0 0
Example:
s3fs#myawsbucket /home/ubuntu/s3bucket/mys3bucket fuse _netdev,allow_other,passwd_file=/home/ubuntu/.passwd-s3fs,use_cache=/tmp,umask=002,uid=1000 0 0
To mount you need run following command.
mount -a
To check your bucket is mounted properly or not use following command to check which shows all mounted points.
df -h