19

I have a domain hoster that provides access via SSH.

My platforms are:

  • Gentoo 2.6.36-r5
  • Windows (XP/Vista/7)

I work on my Windows, I use Gentoo to do all the magic Windows can't do.

Therefore I use sshfs to mount the remote public directory for my domain to /mnt/mydomain.com. Authentication is done via keys, so lazy me don't have to type in my password every now and then.

Since I do my coding on Windows, and I don't want to upload/download the changed files all the time, I want to access this /mnt/mydomain.com via a samba share.

So I shared /mnt in samba, all mounts except mydomain.com is listed on my Windows Explorer.

My theories are:

  1. sshfs does not set the mountpoint uid/gid to something that samba expects
  2. samba does not know that it has to include the uid/gid that /mnt/mydomain.com has been set.
  3. All above is wrong, and I don't know.

Here are configs and output from console, need anything else just let me know. Also no errors or warnings that I take notice of being relevant to this issue, but I might be wrong.

gentoo ~ # ls -lah /mnt
total 20K
drwxr-xr-x  9 root  root  4.0K Mar 26 16:15 .
drwxr-xr-x 18 root  root  4.0K Mar 26  2011 ..
-rw-r--r--  1 root  root     0 Feb  1 16:12 .keep
drwxr-xr-x  1 root  root     0 Mar 18 12:09 buffer
drwxr-s--x  1 68591 68591 4.0K Feb 16 15:43 mydomain.com
drwx------  2 root  root  4.0K Feb  1 16:12 cdrom
drwx------  2 root  root  4.0K Feb  1 16:12 floppy
drwxr-xr-x  1 root  root     0 Sep  1  2009 services
drwxr-xr-x  1 root  root     0 Feb 10 15:08 www

/etc/samba/smb.conf

[mnt]
comment = Mount points
writable = yes
writeable = yes
browseable = yes
browsable = yes
path = /mnt

/etc/fstab

sshfs#[email protected]:/home/to/pub/dir/ /mnt/mydomain.com/ fuse comment=sshfs,noauto,users,exec,uid=0,gid=0,allow_other,reconnect,follow_symlinks,transform_symlinks,idmap=none,SSHOPT=HostBasedAuthentication 0 0

For an easier read:

options:

  • comment=sshfs
  • noauto
  • users
  • exec
  • uid=0
  • gid=0
  • allow_other
  • reconnect
  • follow_symlinks
  • transform_symlinks
  • idmap=none
  • SSHOPT=HostBasedAuthentication

Help!

Improve this question
2
  • IIRC, HostbasedAuthentication is not recommended to use (the user-based PubkeyAuthentication is preferred)
    – grawity_u1686
    Commented Mar 26, 2011 at 17:24
  • SSHFS version 2.8 fuse: unknown option 'SSHOPT=HostBasedAuthentication'
    – Tom Hale
    Commented Apr 3, 2017 at 5:25

3 Answers 3

Reset to default
18

sshfs is a FUSE-based filesystem, and the FUSE layer does not allow other users to access its mounts by default, for security purposes. You have allow_other in options, but it will be ignored until you also edit /etc/fuse.conf to include user_allow_other.

Improve this answer
4
  • 1
    When exec'ing "ps aux", left column states root for both sshfs and smbd processes. I "parse" this as both runs with the same privileges. From the ls -lah output, you see the uid is not root, this uid is set by sshfs, but I can't set it, atleast not with changing uid/gid in options. I believe samba somehow think it has to exclude that specific directory with uid/gid 68591. (Trying to clear some confusion on my part.)
    – CS01
    Commented Mar 28, 2011 at 8:08
  • @CS01: The "master" smbd runs as root, but that is not true for connection handlers – if you log in over SMB as "jim", your smbd process also switches to the UID of "jim".
    – grawity_u1686
    Commented Jan 11, 2014 at 18:21
  • 2
    You also need to map the UID and/or GID to your desired user(s) via the options uid=<UID>,gid=<GID>.
    – sweisgerber.dev
    Commented Jul 9, 2015 at 8:17
  • 1
    Thanks all for the answers. so to summarize, after tested on a recent version of Ubuntu: 1. update /etc/fuse.conf; 2. specify THREE sshfs command options (-o allow_other -o uid=<UID> -o gid=<GID>). It seems no need to restart smbd (but I am not sure since I restarted smbd anyway).
    – bruin
    Commented Mar 16, 2020 at 1:37
2

Why don't you mount sshfs directly from Windows?
There are couple of free solution for that (see here and here for more info).

Improve this answer
2
  • 1
    Wow, this tool is great!
    – CS01
    Commented Apr 28, 2012 at 12:08
  • They don't look very promising and are suspended, at least now, after 3 years :) Do you have any stability experience with them?
    – sweisgerber.dev
    Commented Jul 9, 2015 at 7:51
-1

As your normal smb shares are working, i don't loose a word regarding the Samba config, because you can sahre sshfs mounts exactly like you share normal folders. But mounting the SSH share via sshfs is special in comparison to local machine access only.

For mounting your share via fstab, you can put this line into /etc/fstab and mount the share ON REQUEST. It's more convenient than c&p the commandline command.

Generic etc/fstab line:

**<USERNAME>**@<SERVER>:<REMOTE_PATH> /MOUNT/POINT fuse.sshfs noauto,users,idmap=user,IdentityFile=/path/to/.ssh/id_rsa,allow_other,reconnect,port=22,uid=<UID>,gid=<GID> 0 0

noauto: you need to mount it via mount /MOUNT/POINT all other informations gets pulled from this line in /etc/fstab

users: allows normal users to mount this mount entry

reconnect: reconnects/remounts the ahre after standby, etc

uid=/gid=: Maps the remote uid/gid to this local uid/gid

Example:

[email protected]:/home/foo/music ~/foos_music fuse.sshfs noauto,users,idmap=user,IdentityFile=/home/foo/.ssh/id_rsa,allow_other,reconnect,port=22,uid=foo,gid=users 0 0

All you need to know about sshfs mounting [https://wiki.archlinux.org/index.php/Sshfs]

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .