1BINDFS(1) General Commands Manual BINDFS(1)
2
3
4
6 bindfs ‐ mount --bind in user-space
7
8
9
11 bindfs [options] dir mountpoint
12
13
14
16 A FUSE filesystem for mirroring the contents of a directory to another
17 directory. Additionally, one can change the permissions of files in the
18 mirrored directory.
19
20
21
23 -h, --help
24 Displays a help message and exits.
25
26
27 -V, --version
28 Displays version information and exits.
29
30
31 -u, --user, --owner=user, -o owner=...
32 Makes all files owned by the specified user. Also causes chown
33 on the mounted filesystem to always fail.
34
35
36 -g, --group=group, -o group=...
37 Makes all files owned by the specified group. Also causes chgrp
38 on the mounted filesystem to always fail.
39
40
41 -p, --perms=permissions, -o perms=...
42 Takes a comma- or colon-separated list of chmod-like permission
43 specifications to be applied to the permission bits in order.
44 See PERMISSION SPECIFICATION below for details.
45
46 This only affects how the permission bits of existing files are
47 altered when shown in the mounted directory. You can use --cre‐
48 ate-with-perms to change the permissions newly created files get
49 in the source directory.
50
51
52 -m, --mirror=users, -o mirror=...
53 Takes a comma- or colon-separated list of users who will see
54 themselves as the owners of all files. Users who are not listed
55 here will still be able to access the mount if the permissions
56 otherwise allow them to.
57
58 You can also give a group name prefixed with an '@' to mirror
59 all members of a group. This will not change which group the
60 files are shown to have.
61
62
63 -M, --mirror-only=users, -o mirror-only=...
64 Like --mirror but disallows access for all other users (except
65 root).
66
67
68 -n, --no-allow-other, -o no-allow-other
69 Does not add -o allow_other to FUSE options. This causes the
70 mount to be accessible only by the current user.
71
72
73
75 New files and directories are created so they are owned by the mounter.
76 bindfs can let this happen (the default for normal users), or it can
77 try to change the owner to the uid/gid of the process that wants to
78 create the file (the default for root). It is also possible to have
79 bindfs try to change the owner to a particular user or group.
80
81
82 --create-as-user, -o create-as-user
83 Tries to change the owner and group of new files and directories
84 to the uid and gid of the caller. This can work only if the
85 mounter is root. It is also the default behavior (mimicing
86 mount --bind) if the mounter is root.
87
88
89 --create-as-mounter, -o create-as-mounter
90 All new files and directories will be owned by the mounter.
91 This is the default behavior for non-root mounters.
92
93
94 --create-for-user=user, -o create-for-user=...
95 Tries to change the owner of new files and directories to the
96 user specified here. This can work only if the mounter is root.
97 This option overrides the --create-as-user and --cre‐
98 ate-as-mounter options.
99
100
101 --create-for-group=group, -o create-for-group=...
102 Tries to change the owning group of new files and directories to
103 the group specified here. This can work only if the mounter is
104 root. This option overrides the --create-as-user and --cre‐
105 ate-as-mounter options.
106
107
108 --create-with-perms=permissions, -o create-with-perms=...
109 Works like --perms but is applied to the permission bits of new
110 files get in the source directory. Normally the permissions of
111 new files depend on the creating process's preferences and
112 umask. This option can be used to modify those permissions or
113 override them completely. See PERMISSION SPECIFICATION below
114 for details.
115
116
117
119 Chmod calls are forwarded to the source directory by default. This may
120 cause unexpected behaviour if bindfs is altering permission bits. Note
121 that regardless of the options given below, if the -u and -g options
122 are given then chown and chgrp respectively will always fail.
123
124
125 --chmod-normal, -o chmod-normal
126 Tries to chmod the underlying file. This will succeed if the
127 user has the appropriate mirrored permissions to chmod the mir‐
128 rored file AND the mounter has enough permissions to chmod the
129 real file. This is the default (in order to behave like mount
130 --bind by default).
131
132
133 --chmod-ignore, -o chmod-ignore
134 Lets chmod succeed (if the user has enough mirrored permissions)
135 but actually does nothing.
136
137
138 --chmod-deny, -o chmod-deny
139 Has chmod always fail with a 'permission denied' error.
140
141
142 --chmod-allow-x, -o chmod-allow-x
143 Allows setting and clearing the executable attribute on files
144 (but not directories). When used with --chmod-ignore, chmods
145 will only affect execute bits on files and changes to other bits
146 are discarded. With --chmod-deny, all chmods that would change
147 any bits except excecute bits on files will still fail with a
148 'permission denied'. This option does nothing with --chmod-nor‐
149 mal.
150
151
152
154 Extended attributes are mirrored by default, though not all underlying
155 file systems support xattrs.
156
157
158 --xattr-none, -o xattr-none
159 Disable extended attributes altogether. All operations will
160 return 'Operation not supported'.
161
162
163 --xattr-ro, -o xattr-ro
164 Let extended attributes be read-only.
165
166
167 --xattr-rw, -o xattr-rw
168 Let extended attributes be read-write (the default). The
169 read/write permissions are checked against the (possibly modi‐
170 fied) file permissions inside the mount.
171
172
173
175 Recall that a unix file has three standard timestamps: atime (last
176 access i.e. read time), mtime (last content modification time) ctime
177 (last content or metadata (inode) change time)
178
179 It may sometimes be useful to alter these timestamps, but care should
180 be taken not to cause programs (e.g. backup jobs) miss important
181 changes.
182
183
184 --ctime-from-mtime, -o ctime-from-mtime
185 Reads the ctime of each file and directory from its mtime. In
186 other words, only content modifications (as opposed to metadata
187 changes) will be reflected in a mirrored file's ctime. (The
188 underlying file's ctime will still be updated normally.)
189
190
191
193 -o options
194 Fuse options.
195
196
197 -d, -o debug
198 Enable debug output (implies -f).
199
200
201 -f Foreground operation.
202
203
204 -s Disable multithreaded operation.
205
206
207
209 The -p option takes a comma- or colon-separated list of either octal
210 numeric permission bits or symbolic representations of permission bit
211 operations. The symbolic representation is based on that of the
212 chmod(1) command. setuid, setgid and sticky bits are ignored.
213
214 This program extends the chmod symbolic representation with the follow‐
215 ing operands:
216
217 `D' (right hand side)
218 Works like X but applies only to directories (not to executables).
219
220 `d' and `f' (left hand side)
221 Makes this directive only apply to directories (d) or files (f).
222 e.g. gd-w would remove the group write bit from all directories.
223
224 `u', `g', `o' (right hand side)
225 Uses the user (u), group (g) or others (o) permission bits of
226 the original file.
227 e.g. g=u would copy the user's permission bits to the group.
228 ug+o would add the others' permissions to the owner and group.
229
230
231 Examples
232
233 o-rwx Removes all permission bits from others.
234
235
236 g=rD Allows group to read all files and enter all directories, but
237 nothing else.
238
239
240 0644,a+X
241 Sets permission bits to 0644 and adds the execute bit for every‐
242 one to all directories and executables.
243
244
245 og-x:og+rD:u=rwX:g+rw
246 Removes execute bit for others and group, adds read and direc‐
247 tory execute for others and group, sets user permissions to
248 read, write and execute directory/executable, adds read and
249 write for group.
250
251
252
254
255
256 bindfs -u www -g nogroup -p 0000,u=rD ~/mywebsite ~/public_html/mysite
257
258 Publishes a website in public_html so that only the 'www' user
259 can read the site.
260
261
262 bindfs -M foo,bar,1007,@mygroup -p 0600,u+X dir mnt
263
264 Gives access to 'foo', 'bar', the user with the UID 1007 as well
265 as everyone in the group 'mygroup'. Sets the permission bits to
266 0600, thus giving the specified users read/write access, and
267 adds the user execute bit for directories and executables.
268
269
270 bindfs -ono-allow-other,perms=a-w somedir somedir
271
272 Makes a directory read-only and accessable only by the current
273 user.
274
275
276 bindfs#/home/bob/shared /var/www/shared/bob fuse perms=0000:u+rD 0 0
277
278 An example /etc/fstab entry. Note that the colon must be used to
279 separate arguments to perms, because the comma is an option sep‐
280 arator in /etc/fstab.
281
282
283
285 Setuid and setgid bits have no effect inside the mount. This is a nec‐
286 essary security feature of FUSE.
287
288
289
291 Please report to the issue tracker on the project home page at
292 http://code.google.com/p/bindfs/
293
294
295
297 Martin Pärtel <martin dot partel at gmail dot com>
298
299
300
302 chmod(1), fusermount(1)
303
304
305
306
307 BINDFS(1)