Introduction

  • bindfs is a FUSE filesystem for mounting a directory to another location (mountpoint), with permission settings. It allows you to specify the ownership and permissions of the files from inside the mountpoint, and allow multiple local users to read and write (create, delete, rename, modify...) all files (including newly created ones) from a shared directory, and its subdirectories. If you want to set up more advanced permissions for different users and/or groups please see ACLs.

Installing bindfs

  • Install it via:

      sudo apt-get install bindfs

Creating the shared directory

  • e.g. in the /home directory:

      sudo mkdir /home/shared
    NOTE: If the directory already exist skip this step.

    allow only root to access it, we will set the permissions later with bindfs:

      sudo chown root: /home/shared
      sudo chmod 0700 /home/shared

Setting the permissions with bindfs

  • Now use the bindfs command to mount the shared directory with altered permissions. Syntax of the command:

      bindfs [options] dir mountpoint

    Example:

      sudo bindfs -o perms=0700,mirror-only=user1:user2:user3 /home/shared /home/shared
    perms=0700 sets the permissions to 0700 (read/write for the owner, none for the group and other);mirror-only=user1:user2:user3: user1, user2 and user3 will see itself as the owner of the files (user names are separated by a colon).

    Example:

      sudo bindfs -o perms=0750,mirror=user1:user2:user3,group=groupX /home/shared /home/shared
    perms=0750 sets the permissions to 0750 (read/write for the owner, read permission for the group and none for other); group=groupX makes all files owned by the group groupX

    For more options, see:

      man bindfs

    To unmount the directory:

      sudo umount /home/shared

Testing the settings (Tips & Tricks)

  • Log in as user1 (user2, user3...) and try to create/delete/rename files in the shared direcctory. To try out different permissions you have to unmount the directory then remount it with different permissions.

    You can use su or sudo to log in as a different user:

      su - username
      sudo -u username -i

su prompts for the target user's (username's) password, while sudo prompts for your admin password.

  • To log out the user press Ctrl+d or run:

      exit
    You can run the file manager as a different user.

    Allow the user to connect to the X server:

      xhost +SI:localuser:username

    Run the file manager:

      sudo -u username -i nautilus /home/shared
    Test the permissions, then close the file manager.

    Remove the user from the list of allowed users to connect to the X server:

      xhost -SI:localuser:username

Setting the permissions at boot time

Method 1 - Fstab

  • Backup the fstab file:

      sudo cp /etc/fstab{,-backup}

    Open it in a text editor:

      gksu gedit /etc/fstab

    Add an entry at the end of the file. The syntax of an entry:

      bindfs#/path/to/dir    /path/to/dir    fuse    options    0    0

    Example:

      bindfs#/home/shared    /home/shared    fuse    perms=0700,mirror-only=user1:user2:user3    0    0

    Example:

      bindfs#/home/shared    /home/shared    fuse    perms=0750,mirror=user1:user2:user3,group=groupX    0    0
    Save the file and exit.

    Unmount the partition and mount all filesystems mentioned in fstab to check if the entry works as expected:

      sudo umount /home/shared
      sudo mount -a

    If something went wrong, restore the original fstab file:

      sudo cp /etc/fstab{-backup,}
    or edit it and remove the line you added.

Method 2 - Upstart

  • We need to create an Upstart job, which executes the bindfs command after all filesystems are mounted. Create the job file and open it for editing:

      gksu gedit /etc/init/mount-bindfs.conf

    Paste the following code into the file:

      # Remount directories with bindfs
      #
      # Temporary workaround until BUG 503003 is fixed
      #
      description "Remount directories with different permissions"
      start on stopped mountall 
      script
        bindfs -o perms=0700,mirror-only=user1:user2:user3 /home/shared /home/shared
      end script
    Adjust the bindfs options and mount point to fit your needs. Save the file and exit.

    Unmount the partition and start the Upstart job to check if it works as expected:

      sudo umount /home/shared
      sudo initctl start mount-bindfs

    If something went wrong remove the job file:

      sudo rm /etc/init/mount-bindfs.conf
    Copy the files you want to share with the other users in the directory (/home/shared).

Links

Bindfs Homepage community/FilePermissions HowTo: Use ACLs

Bindfs-SharedDirectoryLocalUsers (last edited 2014-07-20 22:31:58 by penalvch)