Getting chroot to work over an s3 mount point

Question

Getting chroot to work over an s3 mount point

GoogleCodeExporter opened this issue 9 years ago · comments

Google Code Exporter commented 9 years ago

Detailed description of support request:

So,  my use case is that I have multiple users that I want to be able to sftp 
into a chrooted home on s3 and push files in.

The issue I'm having is that I have to mount the s3fs filesystem as root, and 
using the 'allow_others' option, the mnt point changes to 777.  Since I cant 
change the mount point permissions after its mounted,  sshd is kicking out any 
logins to the chrooted home directory because of the permission  on /mnt/s3

sshd[11128]: fatal: bad ownership or modes for chroot directory component 
"/mnt/s3/"

For it to work, I need that mount point to be 755 at a minimum,  or I need to 
be able to mount the directory and map it to another mount directory, similiar 
such as

mount --bind /srv/web/example.com /home/user/web

Has anyone run into an issue similar to this before, and is there a solution 
I'm overlooking?

Thanks!

===================================================================
The following information is very important in order to help us to help
you.  Omission of the following details may delay your support request or
receive no attention at all.
===================================================================
Version of s3fs being used (s3fs --version):  1.74

Version of fuse being used (pkg-config --modversion fuse):  2.9.3

System information (uname -a):   2.6.32-431.3.1.el6.x86_64 #1 SMP Fri Jan 3 
21:39:27 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

Distro (cat /etc/issue):  CentOS

s3fs command line used (if applicable):   s3fs <bucket> /mnt/s3 
-ouse_cache=/cache/s3 -ouse_see=1 -o allow_other

/etc/fstab entry (if applicable):

s3fs syslog messages (grep s3fs /var/log/syslog):
sshd[11128]: fatal: bad ownership or modes for chroot directory component 
"/mnt/s3/"

Original issue reported on code.google.com by dgki...@gmail.com on 24 Jan 2014 at 5:28

Google Code Exporter · Answer 1 · Wed Jul 29 2015 18:07:23 GMT+0800 (China Standard Time)

Hello, where you able to solve this issue? I am running into the same problem

Original comment by brian.ka...@gmail.com on 28 Apr 2014 at 5:35

Google Code Exporter · Answer 2 · Wed Jul 29 2015 18:07:23 GMT+0800 (China Standard Time)

Same issue here also. Was anyone able to solve this?

Original comment by manak.wa...@news.co.uk on 13 Oct 2014 at 1:49

Google Code Exporter · Answer 3 · Wed Jul 29 2015 18:07:23 GMT+0800 (China Standard Time)

Now s3fs does not have custom permission for mount point.
just idea, if you can make sub directory under bucket, is it instead of mount 
point for sftp?

Regards

Original comment by ggta...@gmail.com on 13 Oct 2014 at 2:51

Google Code Exporter · Answer 4 · Wed Jul 29 2015 18:07:23 GMT+0800 (China Standard Time)

same issue.

Original comment by thegaby on 4 Nov 2014 at 3:49

Google Code Exporter · Answer 5 · Wed Jul 29 2015 18:07:23 GMT+0800 (China Standard Time)

Hi

I merged new codes on Github(https://github.com/s3fs-fuse/s3fs-fuse).
It is that mp_umask option is added, the new option masks the mount point 
directory permission like umask.

Please try to cheek master branch on Github.

And I'm going to close this issue, if you find any problem,  please post new 
issue on Github.

Thanks in advance for your help.

Original comment by ggta...@gmail.com on 7 Feb 2015 at 5:28

Changed state: Fixed