Re: [sshfs] Remapping uid/gid question

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On 02/18/2013 03:10 AM, Miklos Szeredi wrote:
> On Thu, Feb 14, 2013 at 8:50 PM, Mike<mik...@ti...>  wrote:
>> Hi,
>>
>>          I have an application where it would be darn conveinent to mount a
>> remote file system locally and re-map the uid/gid. This is a temporary
>> solution for a problem I have which will be resolved longer term by ldap
>> and having these centrally managed.
>>
>>          The issue is that, on the server, the user has uid 1008 and gid 1003.
>> On the client, that user has uid/gid 1000. I have sshfs v2.4 and have
>> tried using the uidmap/gidmap feature and apparently I'm just not able
>> to figure it out.
>>
>>          The local user name and group is simply 'vmail' and I have my
>> uidfile/gid files set thusly:
>>
>> sshfs.uidmap
>> vmail:1008
>>
>> sshfs.gidmap
>> vmail:1003
>>
>>
>>          Unfortunately the permissions are wrong and I can't even look at the
>> directory when mounted this way:
>>
>> ls: cannot access qmail: Permission denied
>> d?????????   ? ?    ?             ?            ? qmail
>
> Can you please send the debug log generated after "sshfs
> -odebug,sshfs_debug ..."
>
> Thanks,
> Miklos

Here is the debug output:

sshfs -d -p 22 -o 
debug,sshfs_debug,allow_other,suid,idmap=file,uidfile=/etc/sshfs.uidmap,gidfile=/etc/sshfs.gidmap 
root@10.0.1.92://mnt/data/replicated/mail/ /mail/qmail/
vmail: remote uid 1008 => local uid 1000
vmail: remote gid 1003 => local gid 1000
SSHFS version 2.4
FUSE library version: 2.8.4
nullpath_ok: 0
executing <ssh> <-x> <-a> <-oClearAllForwardings=yes> <-oPort=22> <-2> 
<root@10.0.1.92> <-s> <sftp>
root@10.0.1.92's password:
Server version: 3
Extension: pos...@op... <1>
Extension: st...@op... <2>
Extension: fst...@op... <2>
unique: 1, opcode: INIT (26), nodeid: 0, insize: 56
INIT: 7.13
flags=0x0000007b
max_readahead=0x00020000
    INIT: 7.12
    flags=0x00000011
    max_readahead=0x00020000
    max_write=0x00020000
    unique: 1, success, outsize: 40
unique: 2, opcode: GETATTR (3), nodeid: 1, insize: 56
getattr /
[00001] LSTAT
   [00001]          ATTRS       41bytes (0ms)
    unique: 2, success, outsize: 120
unique: 3, opcode: GETXATTR (22), nodeid: 1, insize: 65
    unique: 3, error: -38 (Function not implemented), outsize: 16
unique: 4, opcode: GETATTR (3), nodeid: 1, insize: 56
getattr /
    unique: 4, success, outsize: 120
unique: 5, opcode: ACCESS (34), nodeid: 1, insize: 48
    unique: 5, error: -38 (Function not implemented), outsize: 16
unique: 6, opcode: OPENDIR (27), nodeid: 1, insize: 48
    unique: 6, success, outsize: 32
unique: 7, opcode: READDIR (28), nodeid: 1, insize: 80
getdir[0]
[00002] OPENDIR
   [00002]         HANDLE       17bytes (0ms)
[00003] READDIR
   [00003]           NAME      841bytes (1ms)
[00004] CLOSE
    unique: 7, error: -1 (Operation not permitted), outsize: 16
unique: 8, opcode: RELEASEDIR (29), nodeid: 1, insize: 64
    unique: 8, success, outsize: 16
   [00004]         STATUS       28bytes (0ms)

Here is the attempt to access the directory as seen from the user 'vmail':
vmail@iredmail:/mail$ id
uid=1000(vmail) gid=1000(vmail) groups=1000(vmail)
vmail@iredmail:/mail$ ls
backup	qmail  qmail_mounted  sieve  vmail1
vmail@iredmail:/mail$ ls -l
total 20
drwxr-xr-x 2 root  root  4096 Dec  5 15:31 backup
drwxr-sr-x 1 vmail vmail 4096 Jan  3  2012 qmail
drwxr-xr-x 2 root  root  4096 Feb 12 16:47 qmail_mounted
drwx------ 3 vmail vmail 4096 Jan 10 11:35 sieve
drwx------ 6 vmail vmail 4096 Jan 10 11:34 vmail1
vmail@iredmail:/mail$ cd qmail
vmail@iredmail:/mail/qmail$ ls -l
ls: reading directory .: Operation not permitted
total 0
vmail@iredmail:/mail/qmail$

Any ideas?