Ubuntu – How to get sudo access to shares mounted by Gigolo

fusegigologvfs

As found around the web or here, I can use Gigolo to mount a Windows share and even access it through a terminal, via the ~/.gvfs/share on server/ directory, such as:

ls ~/.gvfs/share\ on\ server/

Unfortunately, when I try to access the same directory from a command via sudo, e. g.

sudo ls ~/.gvfs/share\ on\ server/

which fails with:

ls: cannot access /home/user/.gvfs/share\ on\ server/: Permission denied

Any suggestions on how to get sudo access to existing Gigolo-mounted shares? Or, how to run Gigolo in order to get sudo access to the shares?

Best Answer

Gigolo is a frontend to gvfs. gvfs uses FUSE (Filesystem in Userspace) in order to mount network devices (such as Windows shares). Such mountpoints cannot normally be read by other users than the user who mounted it, even by root. Why? Karl Auer suggests here that the reason is that

Just because you have root access on one system doesn't mean you should be allowed to see the files to which other people have access on other systems. I'm pretty sure that is why the .gvfs directory is managed the way it is.

That is, if you are user A on machine X, and you mount some directory from machine Y (where you also have a login) to some place on machine X, then root on machine X shouldn't be able to read that, because root on machine X may not usually have any access to machine Y at all.

Bearing that in mind, if you do want to allow root to acces your ~/.gvfs directory, you can proceed as follows.

1) Edit the file /etc/fuse.conf and uncomment the line that reads #user_allow_other. This will later allow your user to start the gvfs-fuse daemon with the allow_root option, which is what you want. The following command does it quickly for you:

$ sudo sed -i -e 's/#user_allow_other/user_allow_other/' /etc/fuse.conf

2) Add your own user to the fuse group, so that you may read the the file /etc/fuse.conf. Otherwise the change in the previous step would have no effect.

$ sudo addgroup USERNAME fuse
$ newgrp fuse

Replace USERNAME with your username, of course. The newgrp command avoids the need to log out and back in again for the group change to take effect. Check that it works by issuing the command:

$ groups

and verify that fuse is listed among the groups that your user belongs to. If it does not work, log out and back in again. At any rate, your user should be able to read /etc/fuse.conf before you proceed with the next step.

3) You are now able to restart the gvfs-fuse daemon with the allow_root option. First, unmount your ~/.gvfs directory:

$ fusermount -zu $HOME/.gvfs

Next, to restart the daemon, issue the following commands on Ubuntu 13.10:

$ killall gvfsd-fuse
$ /usr/lib/gvfs/gvfsd-fuse -o allow_root $HOME/.gvfs

In older Ubuntu versions, the latter two commands may instead be:

$ killall gvfs-fuse-daemon
$ /usr/lib/gvfs/gvfs-fuse-daemon -o allow_root $HOME/.gvfs

4) Restart Gigolo and mount your Windows share again. root should now be able to read your ~/.gvfs directory.

That's it!

In order to make these changes permanent:

To make the changes permanent, you can write the three commands from step 3 into a small script that you autostart at login time. There may be cleaner ways to do this, but this should work. Your script would contain something like the following:

!#/bin/bash
fusermount -zu $HOME/.gvfs
killall gvfsd-fuse
/usr/lib/gvfs/gvfsd-fuse -o allow_root $HOME/.gvfs

Save that to a file and make the file executable:

chmod 755 /path/to/the/file

This script should now be automatically executed at login time. To find out how to autostart applications, refer to How do I start applications automatically on login?.

Some more discussion on the issue can be found here: https://lists.ubuntu.com/archives/ubuntu-users/2008-November/165644.html

Related Solutions

GNOME – Why GVFS Mounts Don’t Show Up Under ~/.gvfs or /run/user//gvfs

The ~/.gvfs directory should be a FUSE mount handled by the gvfs-fuse-daemon process. If the directory appears to be empty, it would indicate that gvfs-fuse-daemon did not start correctly.

You could try starting it manually with the following command:

/usr/lib/gvfs/gvfs-fuse-daemon ~/.gvfs

If that fails, you could try checking whether anything else is mounted there, or even delete and recreate the ~/.gvfs directory first. If things still fail, could you update your question and provide any error messages printed by gvfs-fuse-daemon?

** On 14.04 the daemon is called gvfsd-fuse and can be found in /usr/lib/gvfs/gvfsd-fuse.

Ubuntu – Slow gvfs SMB Performance

Same here 12MB/s vs 5MB/s. I think the main difference is the buffer size. By CIFS I use 1MB buffer size, by GVFS you cannot set the buffer size as far as I know. I checked the code https://wiki.gnome.org/Projects/gvfs, but I am not a C expert. According to it the max is 64KB buffer size the GVFS SMB implementation can handle. By the copy from SMB to the same SMB drive the buffer size was given manually and it was only 4KB. By the other parts it was injected from an upper abstraction level I did not check. It is a big lib. I suspect that GVFS uses only 4KB buffer size by default. I tried a CIFS mount with 64KB buffer size and it had the same speed as with the 1MB buffer size. I wait for the Gnome guys to confirm this and/or fix it somehow. Btw. this is a really old bug, at least I read about it in many forums.

Best Answer

Related Solutions

GNOME – Why GVFS Mounts Don’t Show Up Under ~/.gvfs or /run/user//gvfs

Ubuntu – Slow gvfs SMB Performance

Related Question