Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Mount directory via sshfs a remote NFS share
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
devilheart
l33t
l33t


Joined: 17 Mar 2005
Posts: 837
Location: Villach, Austria

PostPosted: Mon Sep 23, 2019 3:33 pm    Post subject: Mount directory via sshfs a remote NFS share Reply with quote

Hello all,

we have a filer which exports some shares via NFS to a server farm. We have SSH access to the hosts of the farm, but not directly to the filer.
I'd like to mount one of these shares to a gentoo box which is not part of the farm itself.
The problem I'm facing is that I am a member of more that 16 groups and the NFS share I'm trying to mount belongs to a group which is not among the first 16 in my groups list.

When I'm logged in the farm I use tools like newgrp to overcome this limit, but how can I do this via sshfs.

The sshfs command I'm using is

Code:

sshfs -o nonempty,idmap=user,workaround=rename,gid=17610 user@loginsrv:/nfs/project1 $HOME/xyz

and I get
Code:

user@loginsrv:/nfs/project1: permission denied


Has anyone faced a similar issue?

I also tried this solution
Code:

sshfs -d -o nonempty,idmap=user,workaround=rename,gid=17610,ssh_command="ssh loginsrv /home/user/setgrp" user@loginsrv:/nfs/project1 $HOME/xyz

but I get
Code:

FUSE library version: 2.9.8
nullpath_ok: 0
nopath: 0
utime_omit_ok: 0
************************************************
Use of this system by unauthorized persons or   
in an unauthorized manner is strictly prohibited
************************************************
stty: standard input: Inappropriate ioctl for device
stty: standard input: Inappropriate ioctl for device

and there it hangs

/home/user/setgrp is just a simple shell script which runs
Code:

/usr/bin/newgrp projectg
Back to top
View user's profile Send private message
petr2008
n00b
n00b


Joined: 03 Jan 2008
Posts: 56
Location: Prague, cz

PostPosted: Mon Sep 23, 2019 5:54 pm    Post subject: Reply with quote

Did you tried sftp? for file copy it is enough and works inside mc.
When I need really the mount nfs over distance I use vpn and I have
mount specified in the fstab same as in local network.
Back to top
View user's profile Send private message
devilheart
l33t
l33t


Joined: 17 Mar 2005
Posts: 837
Location: Villach, Austria

PostPosted: Tue Sep 24, 2019 8:21 am    Post subject: Reply with quote

petr2008 wrote:
Did you tried sftp? for file copy it is enough and works inside mc.
When I need really the mount nfs over distance I use vpn and I have
mount specified in the fstab same as in local network.

Hi, I'm afraid sftp is not really an option. In principle, I could use scp or rsync from the farm to copy data to the local PC.
I need a mount because I'd like to post-process locally some data which is stored in the farm.
I could ask the IT folks to enable a CIFS share of those directories and mount them locally, but I'd like to stick to sshfs because I don't have to involve other people
Back to top
View user's profile Send private message
krinn
Watchman
Watchman


Joined: 02 May 2003
Posts: 7367

PostPosted: Tue Sep 24, 2019 4:56 pm    Post subject: Reply with quote

You know the "if the mountain will not come"...

What prevent one of your 16 groups to be gid 17610?
Back to top
View user's profile Send private message
devilheart
l33t
l33t


Joined: 17 Mar 2005
Posts: 837
Location: Villach, Austria

PostPosted: Tue Sep 24, 2019 8:11 pm    Post subject: Reply with quote

krinn wrote:
You know the "if the mountain will not come"...

What prevent one of your 16 groups to be gid 17610?
I'm a member of more than 16 groups. The NFS share I'm trying to mount is not owned by me, but it's owned by a group whose gid is 17610. I'm a member of this group but it is not among the first 16, if I run
Code:
id $USER

after I log in to the farm
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 14922

PostPosted: Wed Sep 25, 2019 1:03 am    Post subject: Reply with quote

newgrp will try to run a shell as you. This is probably not what sshfs expects. What is printed if you set ssh_command to ssh loginsrv /bin/echo? Does it work if you set up a wrapper that fixes the group id, then execs the requested program?
Back to top
View user's profile Send private message
devilheart
l33t
l33t


Joined: 17 Mar 2005
Posts: 837
Location: Villach, Austria

PostPosted: Thu Sep 26, 2019 12:13 pm    Post subject: Reply with quote

Hu wrote:
newgrp will try to run a shell as you. This is probably not what sshfs expects. What is printed if you set ssh_command to ssh loginsrv /bin/echo?

remote host has disconnected

Quote:
Does it work if you set up a wrapper that fixes the group id, then execs the requested program?

I'm not sure I understand what you mean. I'm not trying to run a program. The /home/user/setgrp in the first post is just a script which runs newgrp to set my primary group to the group I'm interested in
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 14922

PostPosted: Fri Sep 27, 2019 2:11 am    Post subject: Reply with quote

devilheart wrote:
remote host has disconnected
Strange. Please provide the full output of what you ran and how the system responded.
devilheart wrote:
I'm not sure I understand what you mean. I'm not trying to run a program. The /home/user/setgrp in the first post is just a script which runs newgrp to set my primary group to the group I'm interested in
If you aren't running a program on the remote end, what does sshfs talk to on the remote end? newgrp will exec a child process after updating the gid. In your case, you aren't giving one, so it will default to spawning a shell. This is probably not what you want, and would explain the error messages you showed.
Back to top
View user's profile Send private message
devilheart
l33t
l33t


Joined: 17 Mar 2005
Posts: 837
Location: Villach, Austria

PostPosted: Fri Sep 27, 2019 11:28 am    Post subject: Reply with quote

Hu wrote:
devilheart wrote:
remote host has disconnected
Strange. Please provide the full output of what you ran and how the system responded.

Code:

$ sshfs -o nonempty,idmap=user,workaround=rename,gid=17610,ssh_command="ssh loginsrv /bin/echo" user@loginsrv:/nfs/project1 $HOME/xyz
remote host has disconnected


Hu wrote:
devilheart wrote:
I'm not sure I understand what you mean. I'm not trying to run a program. The /home/user/setgrp in the first post is just a script which runs newgrp to set my primary group to the group I'm interested in
If you aren't running a program on the remote end, what does sshfs talk to on the remote end? newgrp will exec a child process after updating the gid. In your case, you aren't giving one, so it will default to spawning a shell. This is probably not what you want, and would explain the error messages you showed.
What does sshfs normally talk to?
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 14922

PostPosted: Sat Sep 28, 2019 12:38 am    Post subject: Reply with quote

Whatever program it asks the peer to run. If I read the source correctly, you can get it to print the command if you enable debug mode. I think it runs the sftp server program.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum