Bindfs-SharedDirectoryLocalUsers

Contents

Introduction
Installing bindfs
Creating the shared directory
Setting the permissions with bindfs
Testing the settings (Tips & Tricks)
Setting the permissions at boot time
1. Method 1 - Fstab
2. Method 2 - Upstart
Links

Introduction

bindfs is a FUSE filesystem for mounting a directory to another location (mountpoint), with permission settings. It allows you to specify the ownership and permissions of the files from inside the mountpoint, and allow multiple local users to read and write (create, delete, rename, modify...) all files (including newly created ones) from a shared directory, and its subdirectories. If you want to set up more advanced permissions for different users and/or groups please see ACLs.

Installing bindfs

Install it via:
```
  sudo apt-get install bindfs
```

Creating the shared directory

e.g. in the /home directory:
```
  sudo mkdir /home/shared
```
NOTE: If the directory already exist skip this step.
allow only root to access it, we will set the permissions later with bindfs:
```
  sudo chown root: /home/shared
  sudo chmod 0700 /home/shared
```

Setting the permissions with bindfs

Now use the bindfs command to mount the shared directory with altered permissions. Syntax of the command:
```
  bindfs [options] dir mountpoint
```
Example:
```
  sudo bindfs -o perms=0700,mirror-only=user1:user2:user3 /home/shared /home/shared
```
perms=0700 sets the permissions to 0700 (read/write for the owner, none for the group and other);mirror-only=user1:user2:user3: user1, user2 and user3 will see itself as the owner of the files (user names are separated by a colon).
Example:
```
  sudo bindfs -o perms=0750,mirror=user1:user2:user3,force-group=groupX /home/shared /home/shared
```
perms=0750 sets the permissions to 0750 (read/write for the owner, read permission for the group and none for other); group=groupX makes all files owned by the group groupX
For more options, see:
```
  man bindfs
```
To unmount the directory:
```
  sudo umount /home/shared
```

Testing the settings (Tips & Tricks)

Log in as user1 (user2, user3...) and try to create/delete/rename files in the shared direcctory. To try out different permissions you have to unmount the directory then remount it with different permissions.
You can use su or sudo to log in as a different user:
```
  su - username
```
```
  sudo -u username -i
```

su prompts for the target user's (username's) password, while sudo prompts for your admin password.

To log out the user press Ctrl+d or run:
```
  exit
```
You can run the file manager as a different user.
Allow the user to connect to the X server:
```
  xhost +SI:localuser:username
```
Run the file manager:
```
  sudo -u username -i nautilus /home/shared
```
Test the permissions, then close the file manager.
Remove the user from the list of allowed users to connect to the X server:
```
  xhost -SI:localuser:username
```

Setting the permissions at boot time

Method 1 - Fstab

Backup the fstab file:

  sudo cp /etc/fstab{,-backup}

Open it in a text editor:

  gksu gedit /etc/fstab

Add an entry at the end of the file. The syntax of an entry:

  /path/to/dir /path/to/dir fuse.bindfs options 0 0

Example:

  /home/shared /home/shared fuse.bindfs perms=0700,mirror-only=user1:user2:user3 0 0

Older versions of Ubuntu require this deprecated syntax:

  bindfs#/path/to/dir    /path/to/dir    fuse    options    0    0

Example:

  bindfs#/home/shared    /home/shared    fuse    perms=0700,mirror-only=user1:user2:user3    0    0

Save the file and exit.

Unmount the partition and mount all filesystems mentioned in fstab to check if the entry works as expected:

  sudo umount /home/shared
  sudo mount -a

If something went wrong, restore the original fstab file:

  sudo cp /etc/fstab{-backup,}

or edit it and remove the line you added.

Method 2 - Upstart

We need to create an Upstart job, which executes the bindfs command after all filesystems are mounted. Create the job file and open it for editing:
```
  gksu gedit /etc/init/mount-bindfs.conf
```
Paste the following code into the file:
```
  # Remount directories with bindfs
  #
  # Temporary workaround until BUG 503003 is fixed
  #
  description "Remount directories with different permissions"
  start on stopped mountall 
  script
    bindfs -o perms=0700,mirror-only=user1:user2:user3 /home/shared /home/shared
  end script
```
Adjust the bindfs options and mount point to fit your needs. Save the file and exit.
Unmount the partition and start the Upstart job to check if it works as expected:
```
  sudo umount /home/shared
  sudo initctl start mount-bindfs
```
If something went wrong remove the job file:
```
  sudo rm /etc/init/mount-bindfs.conf
```
Copy the files you want to share with the other users in the directory (/home/shared).

Links

Bindfs Homepage community/FilePermissions HowTo: Use ACLs

Bindfs-SharedDirectoryLocalUsers (last edited 2018-09-07 10:34:16 by aaron-whitehouse)