Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

cannot mount - wrong permissions set

2009-01-16
2013-04-16
  • Blasco Bonito
    Blasco Bonito
    2009-01-16

    I installed the davfs2 package on my Ubuntu 8.10.

    I have the following line in /etc/fstab:
    http://myserv/Shares /media/webdav/wnlab     davfs   user,noauto 0 0

    But I cannot mount it:
    $ mount /media/webdav/myserv/
    Please enter the username to authenticate with server
    http://myserv/Shares or hit enter for none.
    Username: blasco
    Please enter the password to authenticate user blasco with server
    http://myserv/Shares or hit enter for none.
    Password:
    /sbin/mount.davfs: wrong permissions set for cache directory /home/blasco/.davfs2/cache/myserv-Shares+media-webdav-myserv+blasco

    Any hints?

     
    • Werner Baumann
      Werner Baumann
      2009-01-16

      Would you mind to check the permissions of /home/blasco/.davfs2/cache/myserv-Shares+media-webdav-myserv+blasco (using ls -l) and tell me the result? Permissions must be 0700.

      BTW:
      The mount point in fstab is different from the one in the mount command.

      Cheers
      Werner

       
      • Blasco Bonito
        Blasco Bonito
        2009-01-19

        Permissions are 2700
        Note that they are automatically set while the directory three starting at /home/blasco/.davfs2 is created.

        BTW:
        I only forgot to masquerade real mount point in fstab entry

         
      • Blasco Bonito
        Blasco Bonito
        2009-01-19

        Permissions are 2700
        Note that they are automatically set while the directory three starting at /home/blasco/.davfs2 is created.

        BTW:
        I only forgot to masquerade real mount point in fstab entry

         
    • Werner Baumann
      Werner Baumann
      2009-01-19

      davfs2 creates these cache directories and it sets permissions to 0700.
      So when your directory has the sgid-Bit set, some possible reasons:

      - somebody changed it
      - your version of davfs2 has been changed by someone
      - you use a binary version of davfs2 that does not match your system
      - there is something wrong with the file system /home/blasco/.davfs2 lives on.

      Tell me:
      - version of davfs2 ('/sbin/mount.davfs --version')
      - where did you get it from
      - did you compile it from the sources or is it a binary package
      - on what kind of file system is /home/blasco/.davfs2

      Additionally try this:
      - manually change the file mode of the directory to 0700. What happens?
        Does davfs2 work now? Does mode stay with 0700 or does it change again into 2700?
      - remove the directory and mount the davfs2 file system. Is the mode 2700 again?

      Cheers
      Werner

       
      • Blasco Bonito
        Blasco Bonito
        2009-01-20

        - manually change the file mode of the directory to 0700. What happens?
        - Does davfs2 work now? Does mode stay with 0700 or does it change again into 2700?

        Nothing.
        No.
        It stays.
        It looks like I cannot change it.

        - remove the directory and mount the davfs2 file system. Is the mode 2700 again?
        Yes

        $ /sbin/mount.davfs --version
        davfs2 1.3.3  <http://dav.sourceforge.net>

        I installed the binary package davfs2_1.3.3-1ubuntu1_i386.deb
        as described here below

        The filesystem type is ext3:

        $ sudo tune2fs -l /dev/mapper/md2vg-home
        tune2fs 1.41.3 (12-Oct-2008)
        Filesystem volume name:   /home
        Last mounted on:          <not available>
        Filesystem UUID:          37150cdc-3645-4d55-b0f9-cf2537637c02
        Filesystem magic number:  0xEF53
        Filesystem revision #:    1 (dynamic)
        Filesystem features:      has_journal filetype needs_recovery sparse_super large_file
        Default mount options:    (none)
        Filesystem state:         clean
        Errors behavior:          Continue
        Filesystem OS type:       Linux
        Inode count:              5242880
        Block count:              10485760
        Reserved block count:     524288
        Free blocks:              2169443
        Free inodes:              5169476
        First block:              0
        Block size:               4096
        Fragment size:            4096
        Blocks per group:         32768
        Fragments per group:      32768
        Inodes per group:         16384
        Inode blocks per group:   512
        Last mount time:          Thu Jan 15 10:40:21 2009
        Last write time:          Thu Jan 15 10:40:21 2009
        Mount count:              20
        Maximum mount count:      30
        Last checked:             Fri Sep 26 09:33:51 2008
        Check interval:           0 (<none>)
        Reserved blocks uid:      0 (user root)
        Reserved blocks gid:      0 (group root)
        First inode:              11
        Inode size:              128
        Journal inode:            8
        First orphan inode:       4030510
        Journal backup:           inode blocks

        Package: davfs2
        Priority: extra
        Section: universe/utils
        Installed-Size: 476
        Maintainer: Ubuntu MOTU Developers <ubuntu-motu@lists.ubuntu.com>
        Original-Maintainer: Luciano Bello <luciano@debian.org>
        Architecture: i386
        Version: 1.3.3-1ubuntu1
        Depends: libc6 (>= 2.8~20080505), libneon27 (>= 0.28.2), debconf (>= 0.5) | debconf-2.0, adduser
        Filename: pool/universe/d/davfs2/davfs2_1.3.3-1ubuntu1_i386.deb
        Size: 144142
        MD5sum: 50b6390457596b249c89cec393bb508c
        SHA1: 21ed45a1c5c1cb6613cf47398786b83d55277b00
        SHA256: 826d2dec10285b134cacd697ec7d09a92889cad33c288d19ad6acf6bd9836bd3
        Description: mount a WebDAV resource as a regular file system
        Web Distributed Authoring and Versioning (WebDAV), an extension to the
        HTTP-protocol, allows authoring of resources on a remote
        web server. davfs2 provides the ability to access such resources like
        a typical filesystem, allowing for use by standard applications with no
        built-in support for WebDAV.
        .
        davfs2 is designed to fully integrate into the filesystem semantics of
        Unix-like systems (mount, umount, et c.). davfs2 makes
        mounting by unprivileged users as easy and secure as possible.
        .
        davfs2 does extensive caching to make the file system responsive,
        to avoid unnecessary network traffic and to prevent data loss, and to cope
        for slow or unreliable connections.
        .
        davfs2 will work with most WebDAV servers needing little or no configuration.
        Bugs: mailto:ubuntu-users@lists.ubuntu.com
        Origin: Ubuntu

         
    • Blasco Bonito
      Blasco Bonito
      2009-01-20

      I meant it stays as 2700

       
    • Werner Baumann
      Werner Baumann
      2009-01-20

      As I understand your system automatically changes mode to 2700 and does not allow you (the owner of the file system) to change this (remove that 2, the sgid-bit).
      This is very strange behaviour and I never heard of this, and I can't see what should be the use of this. If this is the default behaviour of your Ubuntu-System (and not explicitely configured for your system by you ore someone else) you should file a Bug report to Ubuntu. I would be interested te hear the reason for this.

      davfs2 instists on mode 0700 for security reasons. The cache could contain sensible data and davfs2 can not know, who is allowed to read them. So it restricts access as much as possible, this is read and write acces for the mounting user (or the davfs2 system user in case the mounting user is root). I don't know what security implications a setgid-bit might have. But as it is perfectly useless for the davfs2-cache, I see no reason to bother with this, but just instist on mode 700.

      Cheers
      Werner

       
  • Philipp Hahn
    Philipp Hahn
    2011-07-19

    See info coreutils 'mkdir invocation'*Note Directory Setuid and Setgid::

    On most systems, if a directory's set-group-ID bit is set, newly
    created subfiles inherit the same group as the directory, and newly
    created subdirectories inherit the set-group-ID bit of the parent
    directory.  On a few systems, a directory's set-user-ID bit has a
    similar effect on the ownership of new subfiles and the set-user-ID
    bits of new subdirectories.  These mechanisms let users share files
    more easily, by lessening the need to use `chmod' or `chown' to share
    new files.

    These convenience mechanisms rely on the set-user-ID and set-group-ID
    bits of directories.  If commands like `chmod' and `mkdir' routinely
    cleared these bits on directories, the mechanisms would be less
    convenient and it would be harder to share files.  Therefore, a command
    like `chmod' does not affect the set-user-ID or set-group-ID bits of a
    directory unless the user specifically mentions them in a symbolic
    mode, or sets them in a numeric mode.

    This behavior is a GNU extension.  Portable scripts should not rely
    on requests to set or clear these bits on directories, as POSIX allows
    implementations to ignore these requests.