LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   sshfs mount issues with fstab (https://www.linuxquestions.org/questions/linux-newbie-8/sshfs-mount-issues-with-fstab-941354/)

lleb 04-23-2012 03:55 PM
sshfs mount issues with fstab
 
Hello all. playing around with sshfs and fstab for mount/umount as user. I have a mount point created by user /usr/rx30/remote and a fstab entry:

Code:
sshfs#rx30@xxx.xxx.xxx.xxx:/usr/rx30 /usr/rx30/remote        fuse    users,noauto,rw 0 0
When I mount /usr/rx30/remote as root i am properly greeted with the p/w and then am able to mount the fuse to the mount point with no issues.

in visudo i have added /bin/mount /usr/rx30/remote, /bin/umount /usr/rx30/remote at the end of the user line.

when i try to mount as user i get permission errors.

Code:
[rx30@rx30 ~]$ mount /usr/rx30/remote/
fuse: failed to exec fusermount: Permission denied
my visudo:

Code:
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL) ALL
rx30    ALL =(root) NOPASSWD: /bin/dmesg -n 1, /usr/rx30/setroute.pl, /usr/bin/copyconfig.sh, /bin/mount -t iso9660 /dev/dvd /mnt/dvd, /bin
/umount /dev/dvd, /usr/bin/runit.sh, /usr/bin/dvd+rw-format -force /dev/dvd, /bin/mount /dev/dvd /mnt/dvd, /bin/mount -t iso9660 /dev/cdrom
 /mnt/cdrom, /bin/umount /mnt/cdrom, /usr/bin/eject, /usr/bin/eject -t, /usr/bin/fixprinter, /bin/mount /mnt/usb, /bin/umount /mnt/usb, /tm
p/formatDev.sh, /bin/chmod, /bin/chown, /bin/cp, /bin/mount /mnt/backup, /bin/umount /bin/backup, /bin/mount /usr/rx30/remote, /bin/umount
/usr/rx30/remote
tdsrmtbk ALL=(root) NOPASSWD: /home/tdsrmtbk/getSystemConfig.sh, /home/tdsrmtbk/setRoute.sh
some guidance would be great. Thanks.

Tinkster 04-23-2012 04:49 PM
So what happens if you actually try
Code:
sudo mount /usr/rx30/remote/
?

lleb 04-24-2012 07:11 AM
it prompts for password, then craps out saying that my user can not do that.

Code:
[rx30@rx30 ~]$ sudo mount /usr/rx30/remote/
[sudo] password for rx30:
Sorry, user rx30 is not allowed to execute '/bin/mount /usr/rx30/remote/' as root on rx30.localdomain.

lleb 04-24-2012 08:38 AM
but as root this is exactly what I want to happen:

Code:
[root@rx30 ~]# mount /usr/rx30/remote/
rx30@10.10.4.77's password:
[root@rx30 ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda3              65G  9.0G  52G  15% /
tmpfs                2.0G    0  2.0G  0% /dev/shm
/dev/sda1              97M  32M  61M  35% /boot
/dev/sda2              65G  245M  61G  1% /usr/rx30
rx30@10.10.4.77:/usr/rx30
                    1000G    0 1000G  0% /usr/rx30/remote
well for now. eventually ill want to setup fstab so the user/pw are in there so there is no prompting for the p/w that i can then put into the script.

lleb 04-24-2012 02:35 PM
found the problem. /usr/bin/fusermount didnt have correct permissions.

Code:
# chmod +x /usr/bin/fusermount
this fixed the issue. thank you for the help.

lleb 04-25-2012 09:00 AM
just wanted to add some more notes for those who come after and read this thread.

Snooping around to find a better way of setting up my rsa public key between the 2 servers for the sshfs to work better, i found a nice bit of code that really cuts down on the time and effort setting up the pub/private key pair between systems.

1. On the computer you want to connect FROM generate your rsa key as follows:

Code:
[user@server .ssh]$ ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/home/web/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/web/.ssh/id_rsa.
Your public key has been saved in /home/web/.ssh/id_rsa.pub.
The key fingerprint is:
90:83:0a:41:be:cd:1a:9a:75:42:2c:28:84:5b:1d:28 user@server
note this is without a pass phrase. This is a very open key and should be handled with caution. I will be using this as a single use key that is restricted to only mounting a specified mount point via sshfs. It will not be allowed to do any other action.

Once the key pair is generated you will want to get the id_rsa.pub to the computer you want to CONNECT TO. this is the nice bit of code I found this morning.

Code:
ssh-copy-id -i ~/.ssh/id_rsa.pub user@IP
This not only copies the public key to the other end, BUT is also populates the appropriate authorized_keys(2) file depending on the type of key you generate (rsa/dsa) and it just works. You are even told how to test the success of the key copy.

Enjoy this little tidbit and the power of sshfs.

(note on performance)

After mounting the sshfs I performed both a cp -Ravf and a rsync -aviS on that mount point to a /tmp/foo and timed this. The mount point contains roughly 3.3G worth of data and we are on a true gigabit LAN. The remote computer is a very old system running a P4 with 1G RAM, while the newer (local) box is a Dell T3500 with Intel(R) Xeon(R) CPU W3503 @ 2.40GHz
4G RAM
so a bit more powerful. Both the cp and the rsync took roughly 1.5min.

Then i ran scp from the other computer to push the same data across the LAN. this took slightly over 2min.

some nice food for thought.


All times are GMT -5. The time now is 11:41 PM.