Sshfs permission denied even for root user

chownsshsshfs

I use sshfs to mount a remote folder from another server to the local server. Mounting the remote folder works without a problem using the following command:

sshfs -o allow_other someServerFromSSHConfig:/home/data/somefolder/ /some/local/folder

The problem is that I cannot change the owner of the files using chown (regardless of root permissions) I always get:

chown: changing ownership of ‘/somefolder/file.img’: Permission denied

The user that accesses the folder is member of the fuse group. Even if I add additional mount options in sshfs to set the owner as userx:groupx I cannot change permissions using userx and using chown -R userx:groupx [...]

I expect to be able to set user permissions for files in mounted folders but this is not the case.

Best Answer

As you said in comments, you connect as data@remote_server This means you cannot chown at all. The sshfs is just a crude abstraction, you are permitted only to the actions that you could perform inside sftp data@remote_server All abstraction are leaky, this one too.

Only root@remote_server can chown on remote_server. It doesn't matter what user you are on local_server.

Note that to sftp root@remote_server you usually need to PermitRoot yes or PermitRoot without-password in remote's /etc/ssh/sshd_config This is risky.

PS. By default, sshd doesn't allow root logins at all, because of PermitRoot no option. So normally you cannot sshfs root@remote_host. If you would like to test chown behavior via root, I would recommend to set PermitRoot without-password. This means that root can login when a public key is added to /root/.ssh/authorized_keys. With this setting, root cannot login solely by providing a root password, so it's somewhat secure.

PS2. If you need a bit more security, you can set up another instance of sshd only for this file share; with ForceCommand internal-sftp and with chroot it would have greatly increased root security, but it would need to use a new TCP port and a new firewall exception.

Related Solutions

Ubuntu – Mount SSHFS via FSTAB – Permissions Problem

After you have mounted the dir, what permissions does /home/user1/NAS-28/backup have?

Also, have you tried cutting fstab out of the equation with the sshfs command?

sshfs 192.168.120.28:/c/backup /home/user1/NAS-28/backup

That is just to make sure it isn't a problem with the mount method.

Additionally, you could try NFS-mounting to see if the problem is only when mounting over sshfs. NFS is also quite a bit faster than SSH, so if you are on a LAN and don't require the encrypted connection you are probably better off with NFS.

How to keep rsync from chown’ing transferred files

You are probably running rsync like this:

rsync -a dir/ remote:/dir/

The -a option according to the documentation is equivalent to: -rlptgoD

      -a, --archive    archive mode; equals -rlptgoD (no -H,-A,-X)

You probably want to remove the -o and -g options:

      -o, --owner                 preserve owner (super-user only)
      -g, --group                 preserve group

So instead your rsync command should look something like this:

rsync -rlptD dir/ remote:/dir/

Or as @glglgl points out:

rsync -a --no-o --no-g dir/ remote:/dir/

The remaining options in use are:

      -r, --recursive             recurse into directories
      -l, --links                 copy symlinks as symlinks
      -p, --perms                 preserve permissions
      -t, --times                 preserve modification times
      -D                          same as --devices --specials
          --devices               preserve device files (super-user only)
          --specials              preserve special files

Best Answer

Related Solutions

Ubuntu – Mount SSHFS via FSTAB – Permissions Problem

How to keep rsync from chown’ing transferred files

Related Topic