mpartel / bindfs Goto Github PK

Is there a way to ignore ext* (e.g. ext4) readonly and append-only attributes?
I couldn't find a way to ignore those attributes. Neither via standard Linux mount options, nor via bindfs.

I'd like to ensure full write access to a folder for all programs running as a certain user, while the bindfs process is running as root. Ignoring the unix permissions works fine via bindfs. But those ext* readonly and append-only attributes are still blocking.

If there's really no existing way to ignore those attributes, what about introducing an option to ignore them via bindfs?
If the bindfs process runs as root or has CAP_LINUX_IMMUTABLE, it can transparently remove those attributes in background from a file, when a program requests write access for that file. After file access ends, bindfs simply restores the attributes being set before. (or maybe there's even a technical way to do this without actually removing the attributes!?)

I'm talking about the attributes being set by:

chattr +a FILENAME
chattr +i FILENAME

I know I can use chattr -ai for a file before requesting write access. But there's a huge amount of files and I don't know which are being write accessed in advance. So doing chattr -ai in advance is no option.

Related: #37

Hello,

The latest version doesn't compile on arm64 (aka AArch64), because there is no SYS_getdents syscall (used in tests/test_dir_rewind.c) available, there is only SYS_getdents64:

$ grep -Ir SYS_getdents /usr/include/
/usr/include/aarch64-linux-gnu/bits/syscall.h:#define SYS_getdents64 __NR_getdents64
/usr/include/aarch64-linux-gnu/bits/syscall.h:#define SYS_getdents64 __NR_getdents64

I'm trying to set up a bindfs mount that is set to create new directories with execute permissions on directories for the group owner. I've tried multiple different ways to set that permission, without any luck. Setting permissions on the files works, but not the execute bit on directories.

This is with a linux system, bindfs-1.13.1, fuse-2.9.5

I'm trying to have this mount in fstab:

/public  /home/hpstream/Public  fuse.bindfs  create-with-perms=g+rwD,create-for-user=nobody,create-for-group=nobody,force-user=hpstream,force-group=hpstream  1 3

Hi - I'm wondering how the following can be achieved using bindfs.

An important note to what follows, I have unshare setuid:

$ ls -la /usr/bin/unshare
-rwsr-xr-x 1 root root 10432 Jun 12  2013 /usr/bin/unshare

All of the commands that follow are run as an unprivileged user.

In terminal 1:

$ unshare -m  /bin/bash
$ sudo mount -n --bind /home/myitcv/a /home/myitcv/xyz
$ ls /home/myitcv/xyz
aaaa.txt

In another terminal, terminal 2:

$ unshare -m  /bin/bash
$ sudo mount -n --bind /home/myitcv/b /home/myitcv/xyz
$ ls /home/myitcv/xyz
bbbb.txt

If I try something similar with bindfs I get the following.

Terminal 1's commands succeed:

$ unshare -m  /bin/bash
$ bindfs -ono-allow-other /home/myitcv/a /home/myitcv/xyz
$ ls /home/myitcv/xyz
aaaa.txt

But then in terminal 2:

$ unshare -m  /bin/bash
$ bindfs -ono-allow-other /home/myitcv/b /home/myitcv/xyz
fusermount: failed to access mountpoint /home/myitcv/gostuff: Permission denied

I think this may be related to the fact that the mount that succeeded in terminal 1 is visible to both, despite the call to unshare:

$ cat /proc/$$/mounts | grep bindfs
bindfs /home/myitcv/xyz fuse.bindfs rw,nosuid,nodev,relatime,user_id=1000,group_id=1000,default_permissions 0 0

Am I doing something wrong here?

Is there an option equivalent to the -n on mount -n whereby the mount is created without writing to /etc/mtab?

Thanks

The man page documents some known caveats with --multithreaded. They should be fixed so we can confidently default to multithreaded mode. A simple global lock around accessing file attributes should solve the problem, but this needs to be thought through carefully.

Lock forwarding (#36) needs multithreaded mode.

I came about that I need to keep folder structure browsable for write and create purpose but hide files in it.
So something like --fileperms:a-r will do the thing, not making changes to folder permissions.

Will probably make sense to add --folderperms as well.

Adding configuration flexibility.

Ubuntu 16.04, bindfs 1.12.6 (but similar problems on OS X with latest version):

root@hexagon:/tmp# umount root/
root@hexagon:/tmp# bindfs / root
root@hexagon:/tmp# cat /dev/null
root@hexagon:/tmp# cat root/dev/null 
cat: root/dev/null: Permission denied

If this is solvable I might try to submit a patch, so will look into code soon if I have time. If this is not solvable this limitation should be documented.

https://koji.fedoraproject.org/koji/taskinfo?taskID=20056296

• make -C tests/internals/ check
  make: Entering directory '/builddir/build/BUILD/bindfs-1.13.7/tests/internals'
  make check-TESTS
  make[1]: Entering directory '/builddir/build/BUILD/bindfs-1.13.7/tests/internals'
  ==19318== Memcheck, a memory error detector
  ==19318== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
  ==19318== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
  ==19318== Command: ./test_internals
  ==19318==
  ==19318== Conditional jump or move depends on uninitialised value(s)
  ==19318== at 0x180DD0: test_my_dirname (test_internals.c:12)
  ==19318== by 0x180F5F: my_dirname_suite (test_internals.c:25)
  ==19318== by 0x181547: test_internal_suite (test_internals.c:68)
  ==19318== by 0x181593: run_suite (test_common.c:7)
  ==19318== by 0x180ADF: main (test_internals.c:72)
  ==19318==
  ==19318== Conditional jump or move depends on uninitialised value(s)
  ==19318== at 0x180D10: test_my_dirname (test_internals.c:12)
  ==19318== by 0x180F5F: my_dirname_suite (test_internals.c:25)
  ==19318== by 0x181547: test_internal_suite (test_internals.c:68)
  ==19318== by 0x181593: run_suite (test_common.c:7)
  ==19318== by 0x180ADF: main (test_internals.c:72)
  ==19318==
  ==19318== Conditional jump or move depends on uninitialised value(s)
  ==19318== at 0x18148C: sprintf_new_suite (test_internals.c:63)
  ==19318== by 0x181593: run_suite (test_common.c:7)
  ==19318== by 0x180ADF: main (test_internals.c:72)
  ==19318==
  ==19318== Conditional jump or move depends on uninitialised value(s)
  ==19318== at 0x18149C: sprintf_new_suite (test_internals.c:63)
  ==19318== by 0x181593: run_suite (test_common.c:7)
  ==19318== by 0x180ADF: main (test_internals.c:72)
  ==19318==
  ==19318== Conditional jump or move depends on uninitialised value(s)
  ==19318== at 0x1811E4: sprintf_new_suite (test_internals.c:63)
  ==19318== by 0x181593: run_suite (test_common.c:7)
  ==19318== by 0x180ADF: main (test_internals.c:72)
  ==19318==
  ==19318==
  ==19318== HEAP SUMMARY:
  ==19318== in use at exit: 0 bytes in 0 blocks
  ==19318== total heap usage: 13 allocs, 13 frees, 216 bytes allocated
  ==19318==
  ==19318== All heap blocks were freed -- no leaks are possible
  ==19318==
  ==19318== For counts of detected and suppressed errors, rerun with: -v
  ==19318== Use --track-origins=yes to see where uninitialised values come from
  ==19318== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 from 0)
  FAIL: test_internals_valgrind.sh
  ==19324== Memcheck, a memory error detector
  ==19324== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
  ==19324== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
  ==19324== Command: ./test_rate_limiter
  ==19324==
  ==19324==
  ==19324== HEAP SUMMARY:
  ==19324== in use at exit: 0 bytes in 0 blocks
  ==19324== total heap usage: 0 allocs, 0 frees, 0 bytes allocated
  ==19324==
  ==19324== All heap blocks were freed -- no leaks are possible
  ==19324==
  ==19324== For counts of detected and suppressed errors, rerun with: -v
  ==19324== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
  PASS: test_rate_limiter_valgrind.sh
  ========================================
  1 of 2 tests failed
  Please report to [email protected]
  ========================================
  make[1]: Leaving directory '/builddir/build/BUILD/bindfs-1.13.7/tests/internals'
  make[1]: *** [Makefile:576: check-TESTS] Error 1
  make: Leaving directory '/builddir/build/BUILD/bindfs-1.13.7/tests/internals'
  make: *** [Makefile:699: check-am] Error 2
• cat tests/internals/test-suite.log
  cat: tests/internals/test-suite.log: No such file or directory
  error: Bad exit status from /var/tmp/rpm-tmp.hmsKCf (%check)

Ultimate goal would be to write bindfs in such manner that would enable it to be compiled as both, fuse binary and linux kernel module while using common code base...

Just idea :-) But it may improve performance...

If this will not be possible, then fork may be interresting.

Hi,

I know it's something really rare but today bindfs.org have been unavailable for a while. Meantime, someone try to build a new VM with Vagrant and the vagrant-bindfs plugin. The plugin try to install bindfs from source (which happen only when no official package is available for the guest distro) and fails, unable to download the source tarballs.

Is there any official mirror for source releases ? or is it possible to build one ?
I try to use github releases instead of bindfs.org ones but they are not build the same way and I don't want to add the additionnal dependencies of your makerelease.sh script to the plugin.

Thanks

On Fedora, the user nobody is in the group nobody, but the test script test_bindfs.rb assumes that the group is nogroup. Maybe the script could just use the primary group of the nobody user instead.

I'm sharing bindfs-mounted directories over nfs4. All files are visible on the server, but on the clients the number of directory entries is limited to 99. That's as of 1.13.1. No such issue with 1.13.0. Could the fix for #28 be involved?

I am using bindfs in combination with a NFS mount through Vagrant. The original source folder is on local OS, and bindfs is running in the VM, mirroring the NFS mounted folder to another location.

Furthermore, I have processes running on the VM that are watching the bindfs endpoint directory for changes and running build tasks when a file changes. However, these are not triggering when I make a change on my local host OS and the file is mirrored. Host** -> NFS -> bindfs*

directory being watched
* directory where change occurs

Is there a way to setup bindfs to fire off filesystem events?

Is this something bindfs could be extended to do?

Turns out readdir_r was deprecated around a year ago: https://lwn.net/Articles/696474/

We can probably safely replace it with readdir, but should check documentation on OS X and FreeBSD to be sure. Switching away from it would help avoid problems like #54.

Hey guys,

I wanted to give you the heads-up that the RedBottle site is no longer online and it's been several years since I did my original benchmark. You will probably want to take down the dead link for now, unless someone else has a benchmark they'd like to share.

Tested on a bindfs mount with --ctime-from-mtime:

# touch -d '2012-01-01' test

# stat test | grep -E '(Change|Modify)'
Modify: 2012-01-01 00:00:00.000000000 +0000
Change: 2012-01-01 00:00:00.159085122 +0000

# touch -d '2012-01-01' test

# stat test | grep -E '(Change|Modify)'
Modify: 2012-01-01 00:00:00.000000000 +0000
Change: 2012-01-01 00:00:00.775084888 +0000

# touch -d '2012-01-01 00:00:00.222222222' test

# stat test | grep -E '(Change|Modify)'
Modify: 2012-01-01 00:00:00.222222222 +0000
Change: 2012-01-01 00:00:00.491084298 +0000

# touch -d '2012-01-01 00:00:00.000000000' test

# stat test | grep -E '(Change|Modify)'
Modify: 2012-01-01 00:00:00.000000000 +0000
Change: 2012-01-01 00:00:00.687084044 +0000

I have been using bindfs on OSX for a while now, and there seems to be two lingering and daunting bugs in the way bindfs works on OSX, mounting folders from hfs+ partitions:

Extended file attributes won't work. Unless xattr-none option is mentioned in the mount command, bindfs will fail to start. This is quite problematic given that without xattr, OSX keeps creating dot files to save its badly needed metadata.

Also, file system updates go often undetected by bindfs, meaning that a file added to or deleted from the folder monitored and mounted (to another address) with bindfs is not detected.

I grouped these two issues here, because I figured out second issue may also have to do with handling file attributes. Don't hesitate to separate the two issues if this is not the case.

On macOS 10.13 Beta (17A362a) bindfs 1.13.7 will report a capacity of 0 of the mounted filesystem when used with osxfuse 3.7.0. The mount point filesystem is APFS.

Rolling back to osxfuse 3.6.3 shows the correct filesystem sizes again.

Sorry to replicate the question here but maybe someone can help me?
I asked this: http://serverfault.com/questions/669407/forcing-user-in-both-directions-using-bindfs

Thank you very much in advance of any possible help.

Append-only files are used by applications such as Redis. To set a file as append-only on an ext4 fs, use chattr +a file:

root@ubuntu:~# mkdir /test/ext4fs
root@ubuntu:~# cd /test/ext4fs
root@ubuntu:/test/ext4fs# touch append-only-file
root@ubuntu:/test/ext4fs# chattr +a append-only-file
root@ubuntu:/test/ext4fs# echo this >> append-only-file
root@ubuntu:/test/ext4fs# echo is >> append-only-file
root@ubuntu:/test/ext4fs# echo an >> append-only-file
root@ubuntu:/test/ext4fs# echo append only file >> append-only-file

An append-only file cannot be overwritten:

root@ubuntu:/test/ext4fs# echo cannot overwrite > append-only-file
-bash: append-only-file: Operation not permitted

Or deleted:

root@ubuntu:/test/ext4fs# rm append-only-file
rm: cannot remove 'append-only-file': Operation not permitted
root@ubuntu:/test/ext4fs# chattr -a append-only-file
root@ubuntu:/test/ext4fs# rm append-only-file

bindfs does not support append-only mode, even though the underlying file system does:

root@ubuntu:/test/ext4fs# mkdir /test/bindfs
root@ubuntu:/test/ext4fs# bindfs /test/ext4fs /test/bindfs
root@ubuntu:/test/ext4fs# cd /test/bindfs
root@ubuntu:/test/bindfs# touch aof
root@ubuntu:/test/bindfs# chattr +a aof
chattr: Function not implemented while reading flags on aof

Expected behavior is to allow chattr +a file on a bindfs file system if the underlying file system supports it.

I am trying to use the --mirror option with LDAP (Active Directory) users and groups. However, this doesn't work at all with the way bindfs currently builds its gid cache:

• The system's LDAP client does not allow remote users to be enumerated, so they do not show up in getpwent().
• Likewise, LDAP groups does not show up in getgrent() enumeration, and their member list cannot be obtained using getgr{nam,uid}().
• (This was done for performance reasons. I already tried allowing enumeration, and bindfs spent several minutes doing nothing else but building its cache. That's not going to work.)

To cope with such environments, bindfs needs to query user information on demand via getpwuid() and initgroups(). (Or even better: if FUSE allows it, it should just use the current credentials of the process accessing it...)

If "make check" errors, it only shows that errors might be in the log file instead of just showing the log file. This makes it harder to get the actual error message if a build system is used that does not allow to get the log file directly, e.g. on Fedora. Therefore please consider just showing the error directly.

Is there any way to find the source of a bindfs mount? eg. if I mount a folder as bindfs # bindfs /foo /bar is there a way to find the source dir of /bar ?

Hello,

Is it possible to, not only resolve the symbolic links, but also expose the target as a regular file if it's a block device?

For example, ln -s /dev/sdb2 /export/sdb2 and then I want to access sdb2 remotely though an NFS share.

Or is there any other alternative fuse that I should try?

Thanks!

Hello,
i'd like to use bindfs to mount one directory to another, while i'd like the second one to have some disk space limit.

Eg.: I'll have 1GB disk mounted in /mnt/storage and i'll have this directory /mnt/storage/unlimited that will have 1GB of free space in it. I want to mount /mnt/storage/unlimited using bindfs to /mnt/limited while specifiing that i want it to have eg. 10MB of space. eg.:

mount -t bindfs /mnt/storage/unlimited /mnt/limited -o quota=10M

So i will see the same directory in /mnt/limited and work with it as one would suppose, but when diskspace occupied by /mnt/storage/unlimited will reach 10MB i will not be able to write more data into /mnt/limited (only replace/delete).

There are several ways to implement this. Cheap way is to call "df" at every write, which is probably not good idea. So there probably should be some index/cache that will account the data as they are written in. eg. in /var/cache/bindfs/ when mounted by root (or from fstab) or in ~/.cache/bindfs when mounted manually by user. For me it's not important to account the data written directy to /mnt/storage/unlimited as i will simply not be doing this. But the index should be initialized during mount and check if there were any changes in original directory since the index was created. Also there can be option to override quota index location and/or completely disabling it (which would force bindfs to rebuild it at every mount).

Also would be super usefull if the quota could be changed without unmounting. Eg.:

fusermount -o remount,quota=23M /mnt/limited

Hello,

Recently, some software that I am running on a development box started misbehaving. The setup uses bindfs to configure the correct uid / gid on the files for use inside a Docker container. As it turned out, the sofware reading from the bindfs mount reported any directory inside the mount point to be empty, while in fact they were not. Running the same software without the bind mount does not show this problem.

Running the software with strace reveals that the software is running a specific sequence of file system operations:

openat(AT_FDCWD, "/data/", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 3
getdents(3, /* 30 entries */, 32768)    = 1080
lseek(3, 0, SEEK_SET)                   = 0
getdents(3, /* 0 entries */, 32768)     = 0

So, it reads the directory entry, which yields 1080 bytes of data. Then, it rewinds the file pointer and reads the directory entry again. The second read yields no data, which apparently makes the software believe that the directory is empty. Without the bind mount, the problem does not occur and strace shows:

openat(AT_FDCWD, "/data/", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 3
getdents(3, /* 30 entries */, 32768)    = 1080
lseek(3, 0, SEEK_SET)                   = 0
getdents(3, /* 30 entries */, 32768)    = 1080

I wrote a test which reproduces the problem, at least on one system. Below, a small C program which executes the operations shown above, printing the two byte counts on the terminal:

#define _GNU_SOURCE
#include <dirent.h>     /* Defines DT_* constants */
#include <fcntl.h>
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <sys/stat.h>
#include <sys/syscall.h>

#define handle_error(msg) \
        do { perror(msg); exit(EXIT_FAILURE); } while (0)

struct linux_dirent {
    long           d_ino;
    off_t          d_off;
    unsigned short d_reclen;
    char           d_name[];
};

#define BUF_SIZE 1024

int
main(int argc, char *argv[])
{
    int fd, nread;
    char buf[BUF_SIZE];
    struct linux_dirent *d;
    int bpos;
    char d_type;

   fd = open(argc > 1 ? argv[1] : ".", O_RDONLY | O_DIRECTORY);
    if (fd == -1)
        handle_error("open");

   // Read from directory entry, print the
   // number of bytes read
   nread = syscall(SYS_getdents, fd, buf, BUF_SIZE);
   printf("%d\n", nread);

   // Rewind file pointer
   lseek(fd, 0, SEEK_SET);

   // Read from directory entry again, print the
   // number of bytes read
   nread = syscall(SYS_getdents, fd, buf, BUF_SIZE);
   printf("%d\n", nread);

   exit(EXIT_SUCCESS);
}

Below, a shell script that creates a bind mount and runs the above code on both the original directory and its bind mount:

#!/bin/sh
# Create two directories
mkdir data datamount
# Bind mount data/ on datamount/
bindfs data datamount/
# Compile source
gcc test.c -o test
# Run test executable on both directories, output
# should be equal.
echo "Read from original directory:"
./test data/
echo "Read from bind mount:"
./test datamount/
# Unmount
fusermount -u datamount/
# Remove directories
rmdir data datamount

On Ubuntu Trusty, kernel 3.13.0-98, fuse 2.9.2, bindfs 1.12.3-1, I get the result that, I guess, shows the expected result, the bind mount is fully transparent:

Read from original directory:
48
48
Read from bind mount:
48
48

On Suse Tumbleweed, kernel 4.7.5-1, fuse 2.9.5-1.5, bindfs 1.13.2-1.1, I get something different:

Read from original directory:
48
48
Read from bind mount:
48
0

I have no idea if this is problem is caused by bindfs, fuse, the Linux kernel or something else. Or perhaps it is not a bug at all. Could someone please try to enlighten me here?

Thanks!

After a fresh install of OSXFuse, I tried to install the latest version of bindfs. Unfortunately compilation is failing with 3 warnings and 1 error generated.

gcc -DHAVE_CONFIG_H -I. -I..  -D_REENTRANT -D_FILE_OFFSET_BITS=64 -DFUSE_USE_VERSION=26 -D_FILE_OFFSET_BITS=64 -D_DARWIN_USE_64_BIT_INODE -I/usr/local/include/osxfuse/fuse   -O2 -Wall -g -O2 -MT bindfs.o -MD -MP -MF .deps/bindfs.Tpo -c -o bindfs.o bindfs.c

bindfs.c:699:11: warning: implicit declaration of function 'utimensat' is
      invalid in C99 [-Wimplicit-function-declaration]
    res = utimensat(settings.mntsrc_fd, path, tv, AT_SYMLINK_NOFOLLOW);
          ^

bindfs.c:699:51: error: use of undeclared identifier 'AT_SYMLINK_NOFOLLOW'
    res = utimensat(settings.mntsrc_fd, path, tv, AT_SYMLINK_NOFOLLOW);
                                                  ^

bindfs.c:918:19: warning: incompatible pointer types initializing 'int (*)(const
      char *, const char *, const char *, size_t, int, uint32_t)' with an
      expression of type 'int (const char *, const char *, const char *, size_t,
      int)' [-Wincompatible-pointer-types]
    .setxattr   = bindfs_setxattr,
                  ^~~~~~~~~~~~~~~

bindfs.c:919:19: warning: incompatible pointer types initializing 'int (*)(const
      char *, const char *, char *, size_t, uint32_t)' with an expression of
      type 'int (const char *, const char *, char *, size_t)'
      [-Wincompatible-pointer-types]
    .getxattr   = bindfs_getxattr,
                  ^~~~~~~~~~~~~~~

Any idea?

There are some build warnings that you might want to address. The full build log is available at:
https://kojipkgs.fedoraproject.org//packages/bindfs/1.13.0/1.fc24/data/logs/x86_64/build.log

gcc -DHAVE_CONFIG_H -I. -I..  -D_REENTRANT -D_FILE_OFFSET_BITS=64 -DFUSE_USE_VERSION=26 -D_FILE_OFFSET_BITS=64 -I/usr/include/fuse   -O2 -Wall -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic -c -o usermap.o usermap.c
gcc -DHAVE_CONFIG_H -I. -I..  -D_REENTRANT -D_FILE_OFFSET_BITS=64 -DFUSE_USE_VERSION=26 -D_FILE_OFFSET_BITS=64 -I/usr/include/fuse   -O2 -Wall -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic -c -o rate_limiter.o rate_limiter.c
In file included from /usr/include/stdlib.h:24:0,
                 from bindfs.c:40:
/usr/include/features.h:148:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
 # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"

/bin/sh ../../libtool  --tag=CC   --mode=link gcc -O2 -Wall -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic  -Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -o test_internals test_internals-test_internals.o test_internals-test_common.o test_internals-misc.o -pthread 
libtool: link: gcc -O2 -Wall -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic -Wl,-z -Wl,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -o test_rate_limiter test_rate_limiter-test_rate_limiter.o test_rate_limiter-test_common.o test_rate_limiter-rate_limiter.o -pthread  -pthread
libtool: link: gcc -O2 -Wall -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic -Wl,-z -Wl,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -o test_internals test_internals-test_internals.o test_internals-test_common.o test_internals-misc.o -pthread  -pthread
make[3]: Leaving directory '/builddir/build/BUILD/bindfs-1.13.0/tests/internals'
make[3]: Entering directory '/builddir/build/BUILD/bindfs-1.13.0/tests'
gcc -DHAVE_CONFIG_H -I. -I..     -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic -c -o readdir_inode.o readdir_inode.c
gcc -DHAVE_CONFIG_H -I. -I..     -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic -c -o utimens_nofollow.o utimens_nofollow.c
In file included from /usr/include/stdlib.h:24:0,
                 from utimens_nofollow.c:5:
/usr/include/features.h:148:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
 # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
   ^

I am getting an error trying to compile on CENTOS 6.8 box.

root@rhea:/opt/bindfs/bindfs-1.13.2# make
make all-recursive
make[1]: Entering directory /opt/bindfs/bindfs-1.13.2' Making all in src make[2]: Entering directory/opt/bindfs/bindfs-1.13.2/src'
gcc -DHAVE_CONFIG_H -I. -I.. -D_REENTRANT -D_FILE_OFFSET_BITS=64 -DFUSE_USE_VERSION=26 -D_FILE_OFFSET_BITS=64 -I/usr/include/fuse -O2 -Wall -g -O2 -MT bindfs.o -MD -MP -MF .deps/bindfs.Tpo -c -o bindfs.o bindfs.c
bindfs.c:1382: error: unknown field ‘flock’ specified in initializer
bindfs.c:1382: warning: initialization from incompatible pointer type
bindfs.c: In function ‘main’:
bindfs.c:2234: error: ‘struct fuse_operations’ has no member named ‘flock’
make[2]: *** [bindfs.o] Error 1
make[2]: Leaving directory /opt/bindfs/bindfs-1.13.2/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory/opt/bindfs/bindfs-1.13.2'
make: *** [all] Error 2

Any suggestions on how to work around this?

Hi!

I have just bumped bindfs to the latest release in Gentoo. While Gentoo may be special with regards to compile flags, packagers of other source-based distributions will probably want to get rid of the extension of CFLAGS that configure.ac does, too. Right now, that needs patching them out, e.g. this way gentoo/gentoo@e75f94d#diff-85c906dae59cc718b8c17c461475dc88 . It would be cool if I could resolve that patch at some point in the future (and to not forward-port it on upstream changes to configure.ac). Could you add means to bypass that extension or to drop it altogether? That would be appreciated. Thank you!

Best, Sebastian

I know this issue is not directly related to bindfs, but may be you can help with it.
I have a task to allow several developers to work with one directory. Linux groups and sudo can help, but both have some disadvantageous and problems. ACL looks bad in Linux. So bindfs is a great choice for such task and looks perfect.
The only problem is related with audit.
All changes in that directory I can trace with auditd are made from root user (I started bindfs from root). And only one way to find developer who made some changes is to trace bindfs start in audit log and find bindfs pid and use it to trace changes in files from that developer. But it is a speculation in some kind. I can find pid of process who started bindfs (I root shell for an example), I can find pid of process who used mount call and I can assume that last pid + 1 is a pid of bindfs process who is working in system. (I can guess that after mount bindfs runs fork() to demonize its process. ) But it can bee wrong assumption in some cases.

Can you please add a message to syslog about new bindfs process and its args. I can use a workaround with some wrapper. But it would be cool to have such functional from the box.

Anyway thank you for bindfs =)

Hi!

I'm trying to compile bindfs on an older linux distribution (REHL 4), which can't be upgraded right now. I've encountered an error message that I couldn't solve myself. It might be related to some library version or maybe some compiler version. I decided to file a bug so that, if that's related to a library version, the ./configure script could be modified in order to handle it.

Thanks for your attention.

Steps to reproduce the problem:

./configure
make

Expected result
The compiled bindfs binary

Real result

gcc -DHAVE_CONFIG_H -I. -I..  -D_REENTRANT -D_FILE_OFFSET_BITS=64 -DFUSE_USE_VERSION=25 -D_FILE_OFFSET_BITS=64 -I/usr/local/include/fuse   -O2 -Wall -g -O2 -MT userinfo.o -MD -MP -MF .deps/userinfo.Tpo -c -o userinfo.o userinfo.c
userinfo.c:40: error: syntax error before "cache_lock"
userinfo.c:40: warning: type defaults to `int' in declaration of `cache_lock'
userinfo.c:40: error: `PTHREAD_RWLOCK_INITIALIZER' undeclared here (not in a function)
userinfo.c:40: warning: data definition has no type or storage class

Software version
BindFS 1.12.2, Fuse 2.7.6, Red Hat EL 4 (kernel 2.6.9-78.0.1)

Aditional information

Full ./configure output

checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking for style of include used by make... GNU
checking dependency style of gcc... gcc3
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking how to print strings... printf
checking for a sed that does not truncate output... /bin/sed
checking for grep that handles long lines and -e... /bin/grep
checking for egrep... /bin/grep -E
checking for fgrep... /bin/grep -F
checking for ld used by gcc... /usr/bin/ld
checking if the linker (/usr/bin/ld) is GNU ld... yes
checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
checking the name lister (/usr/bin/nm -B) interface... BSD nm
checking whether ln -s works... yes
checking the maximum length of command line arguments... 98304
checking whether the shell understands some XSI constructs... yes
checking whether the shell understands "+="... no
checking how to convert i686-pc-linux-gnu file names to i686-pc-linux-gnu format... func_convert_file_noop
checking how to convert i686-pc-linux-gnu file names to toolchain format... func_convert_file_noop
checking for /usr/bin/ld option to reload object files... -r
checking for objdump... objdump
checking how to recognize dependent libraries... pass_all
checking for dlltool... no
checking how to associate runtime and link libraries... printf %s\n
checking for ar... ar
checking for archiver @FILE support... no
checking for strip... strip
checking for ranlib... ranlib
checking command to parse /usr/bin/nm -B output from gcc object... ok
checking for sysroot... no
checking for mt... mt
checking if mt is a manifest tool... no
checking how to run the C preprocessor... gcc -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for dlfcn.h... yes
checking for objdir... .libs
checking if gcc supports -fno-rtti -fno-exceptions... no
checking for gcc option to produce PIC... -fPIC -DPIC
checking if gcc PIC flag -fPIC -DPIC works... yes
checking if gcc static flag -static works... yes
checking if gcc supports -c -o file.o... yes
checking if gcc supports -c -o file.o... (cached) yes
checking whether the gcc linker (/usr/bin/ld) supports shared libraries... yes
checking whether -lc should be explicitly linked in... no
checking dynamic linker characteristics... GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... yes
checking for setxattr... yes
checking for getxattr... yes
checking for listxattr... yes
checking for removexattr... yes
checking for lsetxattr... yes
checking for lgetxattr... yes
checking for llistxattr... yes
checking for lremovexattr... yes
checking for pkg-config... /usr/local/bin/pkg-config
checking pkg-config is at least version 0.9.0... yes
checking for fuse... yes
configure: creating ./config.status
config.status: creating Makefile
config.status: creating src/Makefile
config.status: creating tests/Makefile
config.status: creating tests/internals/Makefile
config.status: creating config.h
config.status: executing depfiles commands
config.status: executing libtool commands

Full make output

make  all-recursive
make[1]: Entering directory `/tmp/teste-bindfs/bindfs-1.12.2'
Making all in src
make[2]: Entering directory `/tmp/teste-bindfs/bindfs-1.12.2/src'
gcc -DHAVE_CONFIG_H -I. -I..  -D_REENTRANT -D_FILE_OFFSET_BITS=64 -DFUSE_USE_VERSION=25 -D_FILE_OFFSET_BITS=64 -I/usr/local/include/fuse   -O2 -Wall -g -O2 -MT bindfs.o -MD -MP -MF .deps/bindfs.Tpo -c -o bindfs.o bindfs.c
mv -f .deps/bindfs.Tpo .deps/bindfs.Po
gcc -DHAVE_CONFIG_H -I. -I..  -D_REENTRANT -D_FILE_OFFSET_BITS=64 -DFUSE_USE_VERSION=25 -D_FILE_OFFSET_BITS=64 -I/usr/local/include/fuse   -O2 -Wall -g -O2 -MT debug.o -MD -MP -MF .deps/debug.Tpo -c -o debug.o debug.c
mv -f .deps/debug.Tpo .deps/debug.Po
gcc -DHAVE_CONFIG_H -I. -I..  -D_REENTRANT -D_FILE_OFFSET_BITS=64 -DFUSE_USE_VERSION=25 -D_FILE_OFFSET_BITS=64 -I/usr/local/include/fuse   -O2 -Wall -g -O2 -MT permchain.o -MD -MP -MF .deps/permchain.Tpo -c -o permchain.o permchain.c
mv -f .deps/permchain.Tpo .deps/permchain.Po
gcc -DHAVE_CONFIG_H -I. -I..  -D_REENTRANT -D_FILE_OFFSET_BITS=64 -DFUSE_USE_VERSION=25 -D_FILE_OFFSET_BITS=64 -I/usr/local/include/fuse   -O2 -Wall -g -O2 -MT userinfo.o -MD -MP -MF .deps/userinfo.Tpo -c -o userinfo.o userinfo.c
userinfo.c:40: error: syntax error before "cache_lock"
userinfo.c:40: warning: type defaults to `int' in declaration of `cache_lock'
userinfo.c:40: error: `PTHREAD_RWLOCK_INITIALIZER' undeclared here (not in a function)
userinfo.c:40: warning: data definition has no type or storage class
userinfo.c: In function `rebuild_uid_cache':
userinfo.c:121: warning: dereferencing type-punned pointer will break strict-aliasing rules
userinfo.c: In function `rebuild_gid_cache':
userinfo.c:165: warning: dereferencing type-punned pointer will break strict-aliasing rules
userinfo.c: In function `user_belongs_to_group':
userinfo.c:348: warning: implicit declaration of function `pthread_rwlock_rdlock'
userinfo.c:351: warning: implicit declaration of function `pthread_rwlock_unlock'
userinfo.c:353: warning: implicit declaration of function `pthread_rwlock_wrlock'
make[2]: *** [userinfo.o] Error 1
make[2]: Leaving directory `/tmp/teste-bindfs/bindfs-1.12.2/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/tmp/teste-bindfs/bindfs-1.12.2'
make: *** [all] Error 2

I wanted the ability to create read-only bind mount as an unprivileged user to avoid a firejail limitation, and bindfs (which I just discovered - very nice project BTW) looked like the perfect tool for the job! So I executed something like:

$ bindfs -nr /home/user/olddir /home/user/newdir
fusermount: option allow_other only allowed if 'user_allow_other' is set in /etc/fuse.conf

Running --help doesn't list -r as requiring root, and running as root would defeat the point for my use case. I also didn't want to grant fuse more privileges than necessary by adding user_allow_other to /etc/fuse.conf, but I was sure it should be possible without it so I was scratching my head looking through the man page, doing web searches, etc.

I eventually figured out the following works:

$ bindfs -n -r /home/user/olddir /home/user/newdir

Success! So there is just a small usability issue there when combining simple arguments.

It's possible to create a directory named something like 'smb-share:server=mysrv,share=files' (something gvfs does, for example). When trying to bind mount this directory with bindfs, bindfs exits with an error: fuse: unknown option 'share=files'.

When the source dir is deleted, bindfs should watch for it being created again and update its cwd.

Could be implemented as follows:

1. Add an inotify watch on the cwd path.
2. Check that the dir wasn't already deleted.
3. Wait for IN_DELETE_SELF or IN_MOVE_SELF.
4. Periodically poll for the path to reappear, or make an inotify-based system, which takes volatile parent dirs into account (would probably be something like a recursive version of the present algorithm).
5. When the path reappears, fchdir into it.

All this either in a new thread or use the low-level FUSE API and use async I/O with watches and the FUSE fd.

I tried running the test suite with Ruby 1.8 - actually Ruby 1.8.6, I'm aware that 1.8.7 may have brought in some features. Anyway, I did see in ticket #6 that Ruby is supposed to be >= 1.9. There are mentions of an existing workaround for 1.8.7 in test_bindfs.rb though.

So I managed to make "make check" work with 1.8.

Since I can't attach patches (yeah, pull requests, I know...), I'll just quote these simple ones here.

This is for

./test_bindfs.rb:42: undefined method `realpath' for File:Class (NoMethodError)
FAIL: test_bindfs.rb

diff -ur bindfs-1.13.6/tests/test_bindfs.rb bindfs-1.13.6-rubyrealpath/tests/test_bindfs.rb
--- bindfs-1.13.6/tests/test_bindfs.rb  2017-01-29 18:12:37.000000000 +0100
+++ bindfs-1.13.6-rubyrealpath/tests/test_bindfs.rb     2017-02-21 13:53:55.000000000 +0100
@@ -22,6 +22,7 @@
 localsrc_path = ENV['srcdir'] || '.'

 require localsrc_path + '/common.rb'
+require 'pathname'

 include Errno

@@ -42,7 +43,7 @@
 $nobody_gid = nobody_gid = Etc.getpwnam('nobody').gid
 $nobody_group = nobody_group = Etc.getgrgid(nobody_gid).name

-$tests_dir = File.realpath('.')
+$tests_dir = Pathname.new('.').realpath.to_s


 testenv("") do

This is for

undefined method `escape' for Shellwords:Module
  ./common.rb:134:in `testenv'
  ./test_bindfs.rb:49

Slightly modified workaround taken from purcell/darcs-to-git#21.

diff -ur bindfs-1.13.6/tests/common.rb bindfs-1.13.6-rubyshellescape/tests/common.rb
--- bindfs-1.13.6/tests/common.rb       2017-01-29 18:12:37.000000000 +0100
+++ bindfs-1.13.6-rubyshellescape/tests/common.rb       2017-02-21 13:58:32.000000000 +0100
@@ -19,7 +19,16 @@
 #

 require 'fileutils'
-require 'shellwords'
+if RUBY_VERSION >= "1.9"
+  require 'shellwords'
+else
+  module Shellwords
+    def self.escape(str)
+      return "''" if str.empty?
+      str.gsub(/([^A-Za-z0-9_\-.,:\/@\n])/n, "\\\\\\1").gsub(/\n/, "'\n'")
+    end
+  end
+end
 include FileUtils

 # Set the default umask for all tests

I wouldn't be surprised if you didn't care. ;) Just in case anyone else stumbles across this.

I have a bindfs mountpoint set up to mount at boot, mirroring users of the developer group like so:

bindfs --mirror=@developer --force-group=www-data --chgrp-deny /path/to/source /path/to/mountpoint

This works very well for users added to the group before I first set up bindfs, but for some reason users I create later don't get the mirror effect (they see the files owned by the actual owner, root). This effect persists even after I reboot.

I have no idea where to even start with debugging this. I don't see any obvious output for mirroring from the -d flag; is there a way to get debug information about mirroring?

Hi,

I'm having a weird issue that appeared only this week,
used to work without issue..

with a cPanel server on cloudlinux and cagefs enabled,
I'm sharing a directory to multiple users.

This actually seems to still work as expected..
but when the user is to be deleted, after the umount, the directory stays "busy"..
and the user's home directory cannot be removed completely unless the server is rebooted.

Here's what my fstab looks like:

/home/share/files    /home/test9/files    fuse.bindfs    map=1015/1060:@1017/@1062    0    0
/home/share/files    /home/test10/files    fuse.bindfs    map=1015/1061:@1017/@1063    0    0
/home/share/files    /home/test11/files    fuse.bindfs    map=1015/1062:@1017/@1064    0    0
/home/share/files    /home/test12/files    fuse.bindfs    map=1015/1063:@1017/@1065    0    0
/home/share/files    /home/test13/files    fuse.bindfs    map=1015/1064:@1017/@1066    0    0
/home/share/files    /home/test14/files    fuse.bindfs    map=1015/1065:@1017/@1067    0    0
/home/share/files    /home/test15/files    fuse.bindfs    map=1015/1066:@1017/@1068    0    0
/home/share/files    /home/test16/files    fuse.bindfs    map=1015/1067:@1017/@1069    0    0
#/home/share/files    /home/test16/files    fuse.bindfs    nodev,nosuid,noatime,force-user=test16,force-group=test16    0    0

the last line is me trying different options without any success so far..

Let's try to remove the user 'test13':

1. while it is still mounted and working as expected, fuser will show:

# fuser -vm /home/test13/files
                     USER        PID ACCESS COMMAND
/home/test13/files:
                     root     kernel mount /home/test13/files

2. proceed with the umount

# umount /home/test13/files
I also tried those, but I'm getting the same 'busy' error at the end:
# umount -f /home/test13/files
# umount -l /home/test13/files
# fusermount -u /home/test13/files
# fusermount -z -u /home/test13/files

3. there's an extra step with cagefs enabled

at this point, root sees the mount point empty ( with a simple # ls -la /home/test13/files )
but for the user to see it, we need to:
# cagefsctl --remount test13
or
# cagefsctl --remount-all

4. and this is where it all goes down.. removing the mount point:

# rm -rf /home/test13/files
rm: cannot remove ‘/home/test13/files’: Device or resource busy

5. the mount point is now empty, but to confirm I ran:

# umount /home/test13/files
umount: /home/test13/files: not mounted

# cat /proc/mounts | grep test13
( no output )

6. now the reason I created this issue here is because of the new output from fuser:

# fuser -vm /home/test13/files
                     USER        PID ACCESS COMMAND
/home/test13/files:
                     root     kernel mount /home
                     root       3586 f.c.. bindfs
                     root       3588 f.c.. bindfs
                     root       3590 f.c.. bindfs
                     root       3592 f.c.. bindfs
                     root       3596 f.c.. bindfs
                     root       3598 f.c.. bindfs
                     root       3600 f.c.. bindfs

these are the bindfs' PID of all the other mounts still active.

# ps aux | grep bindfs
root      3586  0.0  0.0  13616   492 ?        Ss   10:33   0:00 bindfs /home/share/files /home/test9/files -o rw,map=1015/1060:@1017/@1062,dev,suid
root      3588  0.0  0.0  13616   492 ?        Ss   10:33   0:00 bindfs /home/share/files /home/test10/files -o rw,map=1015/1061:@1017/@1063,dev,suid
root      3590  0.0  0.0  13616   492 ?        Ss   10:33   0:00 bindfs /home/share/files /home/test11/files -o rw,map=1015/1062:@1017/@1064,dev,suid
root      3592  0.0  0.0  13616   492 ?        Ss   10:33   0:00 bindfs /home/share/files /home/test12/files -o rw,map=1015/1063:@1017/@1065,dev,suid
root      3596  0.0  0.0  13616   492 ?        Ss   10:33   0:00 bindfs /home/share/files /home/test14/files -o rw,map=1015/1065:@1017/@1067,dev,suid
root      3598  0.0  0.0  13616   492 ?        Ss   10:33   0:00 bindfs /home/share/files /home/test15/files -o rw,map=1015/1066:@1017/@1068,dev,suid
root      3600  0.0  0.0  13616   696 ?        Ss   10:33   0:00 bindfs /home/share/files /home/test16/files -o rw,map=1015/1067:@1017/@1069,dev,suid

lsof has similar output too:

# lsof | grep 'share/files'
bindfs     3586                     root  cwd       DIR              253,2      4096 1073752629 /home/share/files
bindfs     3586                     root    3r      DIR              253,2      4096 1073752629 /home/share/files
bindfs     3588                     root  cwd       DIR              253,2      4096 1073752629 /home/share/files
bindfs     3588                     root    3r      DIR              253,2      4096 1073752629 /home/share/files
bindfs     3590                     root  cwd       DIR              253,2      4096 1073752629 /home/share/files
bindfs     3590                     root    3r      DIR              253,2      4096 1073752629 /home/share/files
bindfs     3592                     root  cwd       DIR              253,2      4096 1073752629 /home/share/files
bindfs     3592                     root    3r      DIR              253,2      4096 1073752629 /home/share/files
bindfs     3596                     root  cwd       DIR              253,2      4096 1073752629 /home/share/files
bindfs     3596                     root    3r      DIR              253,2      4096 1073752629 /home/share/files
bindfs     3598                     root  cwd       DIR              253,2      4096 1073752629 /home/share/files
bindfs     3598                     root    3r      DIR              253,2      4096 1073752629 /home/share/files
bindfs     3600                     root  cwd       DIR              253,2      4096 1073752629 /home/share/files
bindfs     3600                     root    3r      DIR              253,2      4096 1073752629 /home/share/files

7. i'm still not convinced bindfs is part of the issue

I tried unmounting them all.. fuser now shows:

fuser -vm /home/test13/files/
                     USER        PID ACCESS COMMAND
/home/test13/files
                     root     kernel mount /home

and yet i'm still unable to rm the mount point.. unless there's an ugly reboot involved

# rm -rf /home/test13/files
rm: cannot remove ‘/home/test13/files’: Device or resource busy

and now...

it used to work perfectly last week...
bindfs hasn't been updated or changed whatsoever since..
and the kernel hasn't been updated either for the path month.
there has been an update to cpanel.. ( 60.0.29 -> 60.0.30 ),
but I cannot see anything that looks suspicious in the changelog yet..

is there anything fishy in my steps above ? am I missing something obvious ?
at this point, even just a confirmation that bindfs has nothing to do with it would be helpful.

a tiny bit more info:

# bindfs --version
bindfs 1.13.8

# uname -a
Linux example.com 3.10.0-714.10.2.lve1.4.79.el7.x86_64 #1 SMP Thu Jan 4 13:30:50 EST 2018 x86_64 x86_64 x86_64 GNU/Linux

Please document the syntax which is used by the fstab parser of systemd.

In addition to the old syntax in the man page

bindfs#/home/bob/shared /var/www/shared/bob fuse perms=0000:u+rD 0 0

one should mention the new (recommended) one:

/home/bob/shared /var/www/shared/bob fuse.bindfs perms=0000:u+rD 0 0

For the deprecation of the prefix see mount(8):

The  programs  mount  and umount support filesystem subtypes.  
The subtype is defined by '.subtype' suffix.  For example  'fuse.sshfs'. 
It's recommended to use  subtype  notation  rather  than  add any prefix
to the mount source (for example 'sshfs#example.com' is deprecated).

In order to access the hard drive from my out-of-action MacBook, I attached my 'Home' partition via a USB connection to another machine. Both running Ubuntu 17.04 As I'm the second user on that PC, that machine's first user has ownership rights over my files, and I have not (due to Ubuntu using the UID- and GID-numbers to define file ownership).

Ubuntu automounts the USB drive at: /media/me/Home.

To fix the permissions to give me temporary access, I added a duplicate mount point: /media/Home and tested the command:

sudo bindfs --map=other_user/me --create-for-user=other_user --create-for-group=other_user /media/me/Home /media/Home

which, although the gid remains the other user's, gives me ownership of my files as the second user on the current system, and default ownership of any new files by uid 1000.

I added a line in fstab to achieve the same thing:

/media/me/Home /media/Home fuse.bindfs map=other_user/me,create-for-user=other_user,create-for-group=other_user 0 0

The fstab entry doesn't work - I don't have access to the mount point and my partition isn't mounted.

In Nautilus, the bindfs /media/Home partition displays the error: 'This partition could not be displayed. You do not have the permissions necessary to view the contents of "Home".
In the command line, ls -la returns:

ls: cannot open directory '/media/Home/': Permission denied

sudo ls -la returns:

total 0

Is there something else I should do?

Tested with valves steam application.
After this procedure, the application can neither start or display the right icon even.

mv /Applications/Steam.app/Contents/MacOS /Applications/Steam.app/Contents/MacOS.orig
mkdir /Applications/Steam.app/Contents/MacOS
src/bindfs /Applications/Steam.app/Contents/MacOS.orig /Applications/Steam.app/Contents/MacOS

On an Ubuntu 16.04 system, flock fails to lock a file on a file system bound with bindfs.

Set up:

root@ubuntu:~# bindfs -V
bindfs 1.12.6
root@ubuntu:~# uname -a
Linux ubuntu 4.4.0-31-generic #50-Ubuntu SMP Wed Jul 13 00:07:12 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
root@ubuntu:~# mkdir -p /test/realfs /test/bindfs1 /test/bindfs2
root@ubuntu:~# bindfs /test/realfs /test/bindfs1
root@ubuntu:~# bindfs /test/realfs /test/bindfs2
root@ubuntu:~# df -k
Filesystem                  1K-blocks    Used Available Use% Mounted on
udev                           480048       0    480048   0% /dev
tmpfs                           99844    4744     95100   5% /run
/dev/mapper/ubuntu--vg-root   6597808 1327856   4911760  22% /
tmpfs                          499204       0    499204   0% /dev/shm
tmpfs                            5120       0      5120   0% /run/lock
tmpfs                          499204       0    499204   0% /sys/fs/cgroup
/dev/sda1                      482922   56252    401736  13% /boot
tmpfs                             100       0       100   0% /run/lxcfs/controllers
tmpfs                           99844       0     99844   0% /run/user/0
bindfs                        6597808 1327856   4911760  22% /test/bindfs1
bindfs                        6597808 1327856   4911760  22% /test/bindfs2

Test flock on two different directories, same underlying fs, second lock should fail but does not:

root@ubuntu:~# flock -n -x -o /test/bindfs1/lockfile sleep 30 &
[1] 5102
root@ubuntu:~# flock -n -x -o /test/bindfs2/lockfile sleep 10
root@ubuntu:~# echo $?
0

Test flock on two different directories, the bindfs fs and the underlying fs, second lock should fail but does not:

root@ubuntu:~# flock -n -x -o /test/bindfs1/lockfile sleep 30 &
root@ubuntu:~# flock -n -x -o /test/realfs/lockfile sleep 10
root@ubuntu:~# echo $?
0

The expected behavior is for a file locked on a bindfs filesystem to attempt to lock the same file on the underlying file system.

Travis's default OpenVZ thing doesn't support FUSE, but apparently there's also an OS X environment. Should look into that.

I'm trying to setup my local web server using vagrant. My vagrant shared folder is in my home folder (~/home/vagrant/www) and I want to use bindfs to mount this folder inside /var/www.

These are the specs of my virtual machine:

Apache/2.4.23 (Ubuntu)
PHP 7.0.12
Ubuntu 14.04
I am using php-fpm to execute php scripts but after using bindfs, my site will always return File not found.

Also here is my virtualhost configuration:

<VirtualHost *:80>
   ServerName project1.dev

    ## Vhost docroot
    DocumentRoot "/var/www/project1/public"

    ## Directories, there should at least be a declaration for /var/www/project1/public

   <Directory "/var/www/project1/public">
       Options Indexes FollowSymlinks MultiViews
       AllowOverride All
       Require all granted

       <FilesMatch "\.php$">
          Require all granted
          SetHandler proxy:fcgi://127.0.0.1:9000
       </FilesMatch>

   </Directory>

   ## Logging
   ErrorLog "/var/log/apache2/av_anhk5lpgjldb_error.log"
   ServerSignature Off
   CustomLog "/var/log/apache2/av_anhk5lpgjldb_access.log" combined

   ## Server aliases 
   ServerAlias www.project1.dev

   ## SetEnv/SetEnvIf for environment variables
   SetEnv APP_ENV dev
   SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

   ## Custom fragment
</VirtualHost>

Anyone can help me?

I'm using bindfs on an android tablet (arm), running debian on linux deploy (which means chroot).
I tried both the debian package, and compiled bindfs myself, and I'm seeing the same problem:
In a directory that I mount, which is quite big, I only see some of the files and directories in some of the subdirectories (94 in one case, 81 in a second case).
The command I use is
bindfs --map=root/android:@aid_sdcard_r/@android /mnt/extSdCard /mnt/bindsd1

I can't see anything special in the debugging output. Here's the end, after mounting and ls on a dir with problems.

LOOKUP /dropbox full/file2.pdf
getattr /dropbox full/file2.pdf
NODEID: 82
unique: 167, success, outsize: 144
unique: 168, opcode: GETXATTR (22), nodeid: 82, insize: 68, pid: 20300
getxattr /dropbox full/file2.pdf security.capability 20
unique: 168, error: -95 (Operation not supported), outsize: 16
unique: 169, opcode: LOOKUP (1), nodeid: 2, insize: 106, pid: 20300
LOOKUP /dropbox full/Preview of \u201cMicrosoft Word - file1.doc\u201d.pdf
getattr /dropbox full/Preview of \u201cMicrosoft Word - file1.doc\u201d.pdf
NODEID: 83
unique: 169, success, outsize: 144
unique: 170, opcode: GETXATTR (22), nodeid: 83, insize: 68, pid: 20300
getxattr /dropbox full/Preview of \u201cMicrosoft Word - file1.doc\u201d.pdf security.capability 20
unique: 170, error: -95 (Operation not supported), outsize: 16
unique: 171, opcode: READDIR (28), nodeid: 2, insize: 80, pid: 20300
readdir[32521736] from 10623
unique: 171, success, outsize: 16
unique: 172, opcode: RELEASEDIR (29), nodeid: 2, insize: 64, pid: 0
releasedir[32521736] flags: 0x0

unique: 172, success, outsize: 16

Recent versions of aclocal of autoconf error out due to your current use of deprecated macro AM_CONFIG_HEADER. Please consider applying the patch below that I made to fix the problem in Gentoo Linux, originally. I would have attached the patch, but it seems GitHub does not allow me to. I hope the result still works well with git-am ..

If you're curious, the Gentoo bug report is up here:
https://bugs.gentoo.org/show_bug.cgi?id=486722

Best, Sebastian

From 6af7a53c962a12207275c49a79ae257a2c612259 Mon Sep 17 00:00:00 2001
From: Sebastian Pipping <[email protected]>
Date: Wed, 2 Oct 2013 00:10:39 +0200
Subject: [PATCH] Migrate to AC_CONFIG_HEADERS

---
 configure.ac | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index 6e45a78..0997c61 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,7 +1,7 @@
 AC_INIT([bindfs],[1.12.3],[[email protected]])

 AM_INIT_AUTOMAKE([foreign])
-AM_CONFIG_HEADER(config.h)
+AC_CONFIG_HEADERS([config.h])

 AC_PROG_CC
 AC_LANG(C)
-- 
1.8.2.1

Making all in src
cc -DHAVE_CONFIG_H -I. -I..  -D_REENTRANT -D_FILE_OFFSET_BITS=64 -DFUSE_USE_VERSION=26 -I/usr/local/include/fuse -D_FILE_OFFSET_BITS=64   -Wall -g -O2 -MT bindfs.o -MD -MP -MF .dep
s/bindfs.Tpo -c -o bindfs.o bindfs.c
In file included from bindfs.c:56:
/usr/include/sys/file.h:210:2: error: unknown type name 'u_int'
        u_int   xf_flag;        /* flags (see fcntl.h) */
        ^
bindfs.c:1090:15: warning: implicit declaration of function 'flock' is invalid in C99 [-Wimplicit-function-declaration]
    int res = flock(fi->fh, op);
              ^
1 warning and 1 error generated.
*** Error code 1

Stop.
make[2]: stopped in /tmp/bindfs-1.13.6/src
*** Error code 1

Stop.
make[1]: stopped in /tmp/bindfs-1.13.6
*** Error code 1

Stop.

appears to have started with 1.13.2 as 1.13.1 compiles without modification

The following list,

flush, opendir, readdir, releasedir, fsyncdir, bmap, poll, write_buf, read_buf, fallocate,

are not defined. I'm sure they are omitted on purpose, but I'm not sure why.

This is similar to comment #5 (comment) of issue #5, except that my kernel is new enough.

I'm have an old system with glibc 2.9 and kernel 2.6.27 (cough). utimensat() is indeed available, but not like your autoconf thinks it is, and AT_SYMLINK_NOFOLLOW also not quite so.

bindfs.c: In function 'bindfs_utimens':
bindfs.c:978: warning: implicit declaration of function 'utimensat'
bindfs.c:978: error: 'AT_SYMLINK_NOFOLLOW' undeclared (first use in this function)
bindfs.c:978: error: (Each undeclared identifier is reported only once
bindfs.c:978: error: for each function it appears in.)

Man pages such as these:
http://man7.org/linux/man-pages/man2/faccessat.2.html
http://man7.org/linux/man-pages/man2/utimensat.2.html
seem to hint at a certain condition:

      Since glibc 2.10:
          _POSIX_C_SOURCE >= 200809L
      Before glibc 2.10:
          _ATFILE_SOURCE

Perhaps that should be set. Anyway, if I add "-D_ATFILE_SOURCE" to my CFLAGS (probably CPPFLAGS, if you ask me), it compiles just fine for me.

Let me guess that the utimensat() autoconf test passes on my system, because the symbol is contained in my glibc (AC_CHECK_FUNC only checks the function's runtime availability). It just isn't declared in the headers without the above #define, and the macro is neither.

Other projects have created their own m4 rules for utimensat(), I'm not sure if this isn't overkill:
https://sourceforge.net/p/ltp/mailman/message/31694249/

I've encountered an issue with listing directory that is a nested FUSE mount (BorgBackup specifically). I'm getting "Software caused connection abort" error when accessing hierarchy:
/bindfs-mount/borg-mount

I'm not sure if it's the issue with bindfs or with Borg.

How to reproduce:

1. Download latest stable Borg binary https://github.com/borgbackup/borg/releases/tag/1.0.10

2. Initialize Borg repository

# mkdir -p /tmp/test/{source,borg-repository,borg-mount}
# touch /tmp/test/source/{a,b,c} 
# borg init --encryption none /tmp/test/borg-repository

3. Create backup

# borg create /tmp/test/borg-repository::{now} /tmp/test/source/

4. Mount Borg repository via FUSE (foreground & debug)

# borg mount -f --debug /tmp/test/borg-repository /tmp/test/borg-mount

5. Mount bindfs (foreground & debug)

# mkdir /tmp/bindfs-mount
# bindfs -f -d /tmp/test /tmp/bindfs-mount

6. WORKS: Listing normal directory

# ls -l /tmp/bindfs-mount/borg-repository

7. DOES NOT WORK: Listing nested mount (output from foreground mount below)

# ls -l /tmp/bindfs-mount/borg-mount
ls: reading directory /tmp/bindfs-mount/borg-mount/: Software caused connection abort
total 0

# ls -l /tmp/bindfs-mount
ls: cannot access /tmp/bindfs-mount: Transport endpoint is not connected

Output from borg mount:

using builtin fallback logging configuration
TAM-verified manifest
mount data cache capacity: 2 chunks
Mounting filesystem
Initializing llfuse
Calling fuse_mount
Calling fuse_lowlevel_new
Calling fuse_session_add_chan
Calling fuse_session_loop

Output from bindfs mount:

FUSE library version: 2.9.3
nullpath_ok: 0
nopath: 0
utime_omit_ok: 0
unique: 1, opcode: INIT (26), nodeid: 0, insize: 56, pid: 0
INIT: 7.25
flags=0x0007fffb
max_readahead=0x00020000
   INIT: 7.19
   flags=0x00000011
   max_readahead=0x00020000
   max_write=0x00020000
   max_background=0
   congestion_threshold=0
   unique: 1, success, outsize: 40
unique: 2, opcode: GETATTR (3), nodeid: 1, insize: 56, pid: 36621
getattr /
   unique: 2, success, outsize: 120
unique: 3, opcode: LOOKUP (1), nodeid: 1, insize: 51, pid: 36621
LOOKUP /borg-mount
getattr /borg-mount
   NODEID: 2
   unique: 3, success, outsize: 144
unique: 4, opcode: GETXATTR (22), nodeid: 2, insize: 65, pid: 36621
getxattr /borg-mount security.selinux 255
   unique: 4, error: -61 (No data available), outsize: 16
unique: 5, opcode: GETXATTR (22), nodeid: 2, insize: 72, pid: 36621
getxattr /borg-mount system.posix_acl_access 0
   unique: 5, error: -61 (No data available), outsize: 16
unique: 6, opcode: GETXATTR (22), nodeid: 2, insize: 73, pid: 36621
getxattr /borg-mount system.posix_acl_default 0
   unique: 6, error: -61 (No data available), outsize: 16
unique: 7, opcode: OPENDIR (27), nodeid: 2, insize: 48, pid: 36621
   unique: 7, success, outsize: 32
unique: 8, opcode: READDIR (28), nodeid: 2, insize: 80, pid: 36621
readdir[0] from 0
*** Error in `bindfs': free(): invalid next size (fast): 0x00000000024ba640 ***
Aborted