bindfs (1) - Linux Manuals
bindfs: mount --bind in user-space
NAME
bindfs - mount --bind in user-space
SYNOPSIS
bindfs [options] dir mountpoint
DESCRIPTION
A FUSE filesystem for mirroring the contents of a directory to another directory. Additionally, one can change the permissions of files in the mirrored directory.
OPTIONS
- -h, --help
-
Displays a help message and exits.
- -V, --version
-
Displays version information and exits.
- -u, --user, --owner=user, -o owner=...
-
Makes all files owned by the specified user.
Also causes chown on the mounted filesystem to always fail.
- -g, --group=group, -o group=...
-
Makes all files owned by the specified group.
Also causes chgrp on the mounted filesystem to always fail.
- -p, --perms=permissions, -o perms=...
-
Takes a comma- or colon-separated list of chmod-like permission
specifications to be applied to the permission bits in order.
See PERMISSION SPECIFICATION below for details.
This only affects how the permission bits of existing files are altered when shown in the mounted directory. You can use --create-with-perms to change the permissions newly created files get in the source directory.
- -m, --mirror=users, -o mirror=...
-
Takes a comma- or colon-separated list of users who will see themselves as
the owners of all files. Users who are not listed here will still be able
to access the mount if the permissions otherwise allow them to.
You can also give a group name prefixed with an '@' to mirror all members of a group. This will not change which group the files are shown to have.
- -M, --mirror-only=users, -o mirror-only=...
-
Like --mirror but disallows access for all other users (except root).
- -n, --no-allow-other, -o no-allow-other
-
Does not add -o allow_other to FUSE options.
This causes the mount to be accessible only by the current user.
FILE CREATION POLICY
New files and directories are created so they are owned by the mounter. bindfs can let this happen (the default for normal users), or it can try to change the owner to the uid/gid of the process that wants to create the file (the default for root). It is also possible to have bindfs try to change the owner to a particular user or group.
- --create-as-user, -o create-as-user
-
Tries to change the owner and group of new files and directories to the
uid and gid of the caller. This can work only if the mounter is root.
It is also the default behavior (mimicing mount --bind) if the mounter is root.
- --create-as-mounter, -o create-as-mounter
-
All new files and directories will be owned by the mounter.
This is the default behavior for non-root mounters.
- --create-for-user=user, -o create-for-user=...
-
Tries to change the owner of new files and directories to the user
specified here. This can work only if the mounter is root. This
option overrides the --create-as-user and --create-as-mounter options.
- --create-for-group=group, -o create-for-group=...
-
Tries to change the owning group of new files and directories to the
group specified here. This can work only if the mounter is root. This
option overrides the --create-as-user and --create-as-mounter options.
- --create-with-perms=permissions, -o create-with-perms=...
-
Works like --perms but is applied to the permission bits of new files
get in the source directory.
Normally the permissions of new files depend on the creating process's
preferences and umask.
This option can be used to modify those permissions or override
them completely.
See PERMISSION SPECIFICATION below for details.
CHMOD POLICY
Chmod calls are forwarded to the source directory by default. This may cause unexpected behaviour if bindfs is altering permission bits. Note that regardless of the options given below, if the -u and -g options are given then chown and chgrp respectively will always fail.
- --chmod-normal, -o chmod-normal
-
Tries to chmod the underlying file. This will succeed if the user has
the appropriate mirrored permissions to chmod the mirrored file AND
the mounter has enough permissions to chmod the real file.
This is the default (in order to behave like mount --bind by default).
- --chmod-ignore, -o chmod-ignore
-
Lets chmod succeed (if the user has enough mirrored permissions)
but actually does nothing.
- --chmod-deny, -o chmod-deny
-
Has chmod always fail with a 'permission denied' error.
- --chmod-allow-x, -o chmod-allow-x
-
Allows setting and clearing the executable attribute on files
(but not directories). When used with --chmod-ignore,
chmods will only affect execute bits on files and changes to other bits are
discarded.
With --chmod-deny, all chmods that would change any bits except
excecute bits on files will still fail with a 'permission denied'.
This option does nothing with --chmod-normal.
XATTR POLICY
Extended attributes are mirrored by default, though not all underlying file systems support xattrs.
- --xattr-none, -o xattr-none
-
Disable extended attributes altogether. All operations will
return 'Operation not supported'.
- --xattr-ro, -o xattr-ro
-
Let extended attributes be read-only.
- --xattr-rw, -o xattr-rw
-
Let extended attributes be read-write (the default).
The read/write permissions are checked against the (possibly modified)
file permissions inside the mount.
TIME-RELATED OPTIONS
Recall that a unix file has three standard timestamps: atime (last access i.e. read time), mtime (last content modification time) ctime (last content or metadata (inode) change time)
It may sometimes be useful to alter these timestamps, but care should be taken not to cause programs (e.g. backup jobs) miss important changes.
- --ctime-from-mtime, -o ctime-from-mtime
-
Reads the ctime of each file and directory from its mtime.
In other words, only content modifications (as opposed to metadata changes)
will be reflected in a mirrored file's ctime.
(The underlying file's ctime will still be updated normally.)
FUSE OPTIONS
- -o options
-
Fuse options.
- -d, -o debug
-
Enable debug output (implies -f).
- -f
-
Foreground operation.
- -s
-
Disable multithreaded operation.
PERMISSION SPECIFICATION
The -p option takes a comma- or colon-separated list of either octal numeric permission bits or symbolic representations of permission bit operations. The symbolic representation is based on that of the chmod(1) command. setuid, setgid and sticky bits are ignored.This program extends the chmod symbolic representation with the following operands:
`D' (right hand side)
`d' and `f' (left hand side)
`u', `g', `o' (right hand side)
Examples
Publishes a website in public_html so that only the 'www' user can
read the site.
Gives access to 'foo', 'bar', the user with the UID 1007 as well as
everyone in the group 'mygroup'. Sets the permission bits to 0600,
thus giving the specified users read/write access,
and adds the user execute bit for directories and executables.
Makes a directory read-only and accessable only by the current user.
An example /etc/fstab entry. Note that the colon must be used to
separate arguments to perms, because the comma is an option separator in
/etc/fstab.
Setuid and setgid bits have no effect inside the mount.
This is a necessary security feature of FUSE.
Please report to the issue tracker on the project home page at
http://code.google.com/p/bindfs/
EXAMPLES
.TP
bindfs -u www -g nogroup -p 0000,u=rD ~/mywebsite ~/public_html/mysite
NOTES
BUGS
AUTHOR
Martin P[:a]rtel <martin dot partel at gmail dot com>