Set proper rights for sshfs mountpoint so it can be shared with samba
Solution 1
sshfs
is a FUSE-based filesystem, and the FUSE layer does not allow other users to access its mounts by default, for security purposes. You have allow_other
in options, but it will be ignored until you also edit /etc/fuse.conf
to include user_allow_other
.
Solution 2
Why don't you mount sshfs directly from Windows?
There are couple of free solution for that (see here and here for more info).
Related videos on Youtube
CS01
Updated on September 18, 2022Comments
-
CS01 almost 2 years
I have a domain hoster that provides access via SSH.
My platforms are:
- Gentoo 2.6.36-r5
- Windows (XP/Vista/7)
I work on my Windows, I use Gentoo to do all the magic Windows can't do.
Therefore I use sshfs to mount the remote public directory for my domain to /mnt/mydomain.com. Authentication is done via keys, so lazy me don't have to type in my password every now and then.
Since I do my coding on Windows, and I don't want to upload/download the changed files all the time, I want to access this /mnt/mydomain.com via a samba share.
So I shared /mnt in samba, all mounts except mydomain.com is listed on my Windows Explorer.
My theories are:
- sshfs does not set the mountpoint uid/gid to something that samba expects
- samba does not know that it has to include the uid/gid that /mnt/mydomain.com has been set.
- All above is wrong, and I don't know.
Here are configs and output from console, need anything else just let me know. Also no errors or warnings that I take notice of being relevant to this issue, but I might be wrong.
gentoo ~ # ls -lah /mnt total 20K drwxr-xr-x 9 root root 4.0K Mar 26 16:15 . drwxr-xr-x 18 root root 4.0K Mar 26 2011 .. -rw-r--r-- 1 root root 0 Feb 1 16:12 .keep drwxr-xr-x 1 root root 0 Mar 18 12:09 buffer drwxr-s--x 1 68591 68591 4.0K Feb 16 15:43 mydomain.com drwx------ 2 root root 4.0K Feb 1 16:12 cdrom drwx------ 2 root root 4.0K Feb 1 16:12 floppy drwxr-xr-x 1 root root 0 Sep 1 2009 services drwxr-xr-x 1 root root 0 Feb 10 15:08 www
/etc/samba/smb.conf
[mnt] comment = Mount points writable = yes writeable = yes browseable = yes browsable = yes path = /mnt
/etc/fstab
sshfs#[email protected]:/home/to/pub/dir/ /mnt/mydomain.com/ fuse comment=sshfs,noauto,users,exec,uid=0,gid=0,allow_other,reconnect,follow_symlinks,transform_symlinks,idmap=none,SSHOPT=HostBasedAuthentication 0 0
For an easier read:
- [email protected]
- /home/to/pub/dir/
- /mnt/mydomain.com/
options:
- comment=sshfs
- noauto
- users
- exec
- uid=0
- gid=0
- allow_other
- reconnect
- follow_symlinks
- transform_symlinks
- idmap=none
- SSHOPT=HostBasedAuthentication
Help!
-
user1686 over 13 yearsIIRC,
HostbasedAuthentication
is not recommended to use (the user-basedPubkeyAuthentication
is preferred) -
Tom Hale about 7 years
SSHFS version 2.8
fuse: unknown option 'SSHOPT=HostBasedAuthentication'
-
CS01 over 13 yearsWhen exec'ing "ps aux", left column states root for both sshfs and smbd processes. I "parse" this as both runs with the same privileges. From the ls -lah output, you see the uid is not root, this uid is set by sshfs, but I can't set it, atleast not with changing uid/gid in options. I believe samba somehow think it has to exclude that specific directory with uid/gid 68591. (Trying to clear some confusion on my part.)
-
CS01 about 12 yearsWow, this tool is great!
-
user1686 over 10 years@CS01: The "master" smbd runs as root, but that is not true for connection handlers – if you log in over SMB as "jim", your smbd process also switches to the UID of "jim".
-
sweisgerber.dev almost 9 yearsThey don't look very promising and are suspended, at least now, after 3 years :) Do you have any stability experience with them?
-
sweisgerber.dev almost 9 yearsYou also need to map the UID and/or GID to your desired user(s) via the options uid=<UID>,gid=<GID>.
-
bruin over 4 yearsThanks all for the answers. so to summarize, after tested on a recent version of Ubuntu: 1. update /etc/fuse.conf; 2. specify THREE sshfs command options (
-o allow_other -o uid=<UID> -o gid=<GID>
). It seems no need to restartsmbd
(but I am not sure since I restartedsmbd
anyway).