1mount.davfs(8) 1.6.1 mount.davfs(8)
2
3
4
6 mount.davfs - Mount a WebDAV resource as davfs2 file system
7
8
9
11 mount.davfs [-h | --help] [-V | --version]
12 mount {dir | webdavserver}
13
14
15
17 mount -t davfs [-o option[,...]] webdavserver dir
18 mount.davfs [-o option[,...]] webdavserver dir
19
20
21
23 mount.davfs allows you to mount the WebDAV resource identified by web‐
24 davserver into the local filesystem at dir. WebDAV is an extension to
25 HTTP that allows remote, collaborative authoring of Web resources, de‐
26 fined in RFC 4918. mount.davfs is part of davfs2.
27
28
29 davfs2 allows documents on a remote Web server to be edited using stan‐
30 dard applications. For example, a remote Web site could be updated
31 in-place using the same development tools that initially created the
32 site. Or you may use a WebDAV resource for documents you want to ac‐
33 cess and edited from different locations.
34
35
36 davfs2 supports TLS/SSL (if the neon library supports it) and proxies.
37 mount.davfs runs as a daemon in userspace. It integrates into the vir‐
38 tual file system by the fuse kernel files system. Currently FUSE_KER‐
39 NEL_VERSION 7 is supported.
40
41
42 mount.davfs is usually invoked by the mount(8) command when using the
43 -t davfs option. After mounting it runs as a daemon. To unmount the
44 umount(8) command is used.
45
46
47 webdavserver is the URL of the server. It must at least contain the
48 host name. It may additionally contain the scheme, the port and the
49 path. Missing components are set to sensible default values. The path
50 component must not be %-encoded, but when entering the URL at the com‐
51 mand line or in /etc/fstab the escaping rules of the shell or fstab
52 must be obeyed.
53
54
55 dir is the mountpoint where the WebDAV resource is mounted on. It may
56 be an absolute or relative path.
57
58
59 fstab may be used to define mounts and mount options as usual. In place
60 of the device the url of the WebDAV server must be given. There must
61 not be more than one entry in fstab for every mountpoint.
62
63
64
66 -V --version
67 Output version.
68
69
70 -h --help
71 Print a help message.
72
73
74 -o A comma-separated list defines mount options to be used. Avail‐
75 able options are:
76
77
78 [no]auto
79 Can (not) be mounted with mount -a.
80 Default: auto.
81
82
83 comment=some comment
84 This option is ignored by mount.davfs but other programs
85 may require it to be present in fstab.
86
87
88 conf=absolute path
89 An alternative user configuration file. This option is
90 intended for cases where the default user configuration
91 file in the users home directory can not be used.
92 Default: ~/.davfs2/davfs2.conf
93
94
95 [no]dev
96 (Do not) interpret character or block special devices
97 on the file system. This option is only included for
98 compatibility with the mount(8) program. It will always
99 be set to nodev
100
101
102 dir_mode=mode
103 The default mode bits for directories in the mounted file
104 system. Value given in octal. s-bits for user and group
105 are always silently ignored.
106 Default: calculated from the umask of the mounting user;
107 an x-bit is associated to every r-bit in u-g-o.
108
109
110 [no]exec
111 (Do not) allow execution of any binaries on the
112 mounted file system.
113 Default: exec. (When mounting as an ordinary user, the
114 mount(8) program will set the default to noexec.)
115
116
117 file_mode=mode
118 The default mode bits for files in the mounted file sys‐
119 tem. Value given in octal. s-bits for user and group are
120 always silently ignored.
121 Default: calculated from the umask of the mounting user;
122 no x-bits are set for files.
123
124
125 gid=group
126 The group the mounted file system belongs to. It may be a
127 numeric ID or a group name. The mounting user, if not
128 root, must be member of this group.
129 Default: the primary group of the mounting user.
130
131
132 [no]grpid
133 When this option is set a newly created file will take
134 the group id of the directory in which it is created.
135 This will also apply to all files that are on the server
136 and not in the local cache. (That is because the group id
137 is not stored on the server.)
138 If the group id of the directory is root this option is
139 ignored.
140 Default: nogrpid.
141
142
143 [no]_netdev
144 The file system needs a (no) network connection for oper‐
145 ation. This information allows the operating system to
146 handle the file system properly at system start and when
147 the network is shut down.
148 Default: _netdev
149
150
151 ro Mount the file system read-only.
152 Default: rw.
153
154
155 rw Mount the file system read-write.
156 Default: rw.
157
158
159 [no]suid
160 Do not allow set-user-identifier or set-group-identifier
161 bits to take effect. This option is only included for
162 compatibility with the mount program. It will always be
163 set to nosuid.
164
165
166 [no]user
167 (Do not) allow an ordinary user to mount the file
168 system. The name of the mounting user is written to mtab
169 so that he can unmount the file system again. Option user
170 implies the options noexec, nosuid and nodev (unless
171 overridden by subsequent options). This option makes only
172 sense when set in fstab.
173 Default: ordinary users are not allowed to mount.
174
175
176 users Like user, but any user is allowed to unmount the file
177 system, not only the mounting user. This is generally not
178 recomended. If the user option allows an unprivileged
179 user to mount, but unmounting by the mounting user fails
180 the users may be a work around.
181 Default: only the mounting user is allowed to unmount the
182 file system.
183
184
185 uid=user
186 The owner of the mounted file system. It may be a numeric
187 ID or a user name. Only when mounted by root, this may
188 be different from the mounting user.
189 Default: ID of the mounting user.
190
191
192 username=WebDAV_user
193 Use this name to authenticate with the WebDAV server.
194 This option is intended for use with pam_mount only. When
195 this option is set the credentials in the secrets files
196 will be ignored. The password will always be read from
197 stdin, even when option askauth is set to 0. Do not use
198 it in fstab. The username will be visible for everyone in
199 the output of ps.
200 Default: no username.
201
202
203
205 mount.davfs needs root privileges for mounting. But running a daemon,
206 that is connected to the internet, with root privileges is a security
207 risk. So mount.davfs will change its uid and gid when entering daemon
208 mode.
209
210
211 When invoked by root mount.davfs will run as user davfs2 and
212 group davfs2. This may be changed in /etc/davfs2/davfs2.conf.
213
214
215 When invoked by an ordinary user it will run with the id of this
216 user and with group davfs2.
217
218 As the file system may be mounted over an insecure internet connection,
219 this increases the risk that malicious content may be included in the
220 file system. So mount.davfs is slightly more restrictive than mount(8).
221
222
223 Options nosuid and nodev will always be set; even root can not
224 change this.
225
226
227 For ordinary users to be able to mount, they must be member of
228 group davfs2 and there must be an entry in fstab.
229
230
231 When the mount point given in fstab is a relative file name and
232 the file system is mounted by an unprivileged user, the mount
233 point must lie within the home directory of the mounting user.
234
235
236 If in fstab option uid and/or gid are given, an ordinary user
237 can only mount, if her uid is the one given in option uid and he
238 belongs to the group given in option gid.
239
240 WARNING: If root allows an ordinary user to mount a file system (using
241 fstab) this includes the permission to read the associated credentials
242 from /etc/davfs2/secrets as well as the private key of the associated
243 client certificate and the mounting user may get access to this infor‐
244 mation. You should only do this, if you might as well give this infor‐
245 mation to the user directly.
246
247
249 Special characters like spaces in pathnames are a mess. They are inter‐
250 preted differently by different programs and protocols, and there are
251 different rules for escaping.
252
253
254 In fstab spaces must be replaced by a three digit octal escape se‐
255 quence. Write http://foo.bar/path\040with\040spaces instead of
256 http://foo.bar/path with spaces.
257
258
259 For the davfs2.conf and the secrets files please see the escape and
260 quotation rules described in the davfs2.conf(5) man page.
261
262
263 On command line you must obey the escaping rules of the shell.
264
265
266
268 mount.davfs tries to reduce HTTP-trafic by caching and reusing data.
269 Information about directories and files are held in memory, while down‐
270 loaded files are cached on disk.
271
272
273 mount.davfs needs to hold a local copy of all open files in the cache
274 directory. Please make sure that enough local disk space is available.
275
276
277 mount.davfs will consider cached information about directories and file
278 attributes valid for a configurable time and look up this information
279 on the server only after this time has expired (or there is other evi‐
280 dence that this information is stale). So if somebody else creates or
281 deletes files on the server it may take some time before the local file
282 system reflects this.
283
284
285 This will not affect the content of files and directory listings. When‐
286 ever a file is opened, the server is looked up for a newer version of
287 the file. Please consult the manual davfs2.conf(5) to see how can you
288 configure this according your needs.
289
290
291
293 WebDAV introduced locks and mount.davfs uses them by default. This will
294 in most cases prevent two people from changing the same file in paral‐
295 lel. But not always:
296
297
298 You might have disabled locks in /etc/davfs2/davfs2.conf or
299 ~/.davfs2/davfs2.conf.
300
301
302 The server might not support locks (they are not mandatory).
303
304
305 A bad connection might prevent mount.davfs from refreshing the
306 lock in time.
307
308
309 Another WebDAV-client might use your lock (that is not too dif‐
310 ficult and might even happen without intention).
311
312
313 mount.davfs will therefore check if the file has been changed on the
314 the server before it uploads a new version. If it finds it impossible
315 to upload the locally changed file, it will store it in the local
316 backup direcotry lost+found. You should check this directory from time
317 to time and decide what to do with this files.
318
319
320 Sometimes locks held by some client on the server will not be released.
321 Maybe the client crashes or the network connection fails. When
322 mount.davfs finds a file locked on the server, it will check whether
323 the lock is held by mount.davfs and the current user, and if so tries
324 to reuse and release it. But this will not always succeed. So servers
325 should automatically release locks after some time, when they are not
326 refreshed by the client.
327
328
329 WebDAV allows one to lock files that don't exist (to protect the name
330 when a client intends to create a new file). This locks will be dis‐
331 played as files with size 0 and last modified date of 1970-01-01. If
332 this locks are not released properly mount.davfs may not be able to ac‐
333 cess this files. You can use cadaver(1) <http://www.webdav.org/ca‐
334 daver/> to remove this locks.
335
336
337
339 davfs2 implements Unix permissions for access control. But changing
340 owner and permissions of a file is only local. It is intended as a
341 means for the owner of the file system, to control whether other local
342 users may acces this file system.
343
344
345 The server does not know about this. From the servers point of view
346 there is just one user (identified by the credentials) connected. An‐
347 other WebDAV-client, connected to the same server, is not affected by
348 this local changes.
349
350
351 There is one exception: The execute bit on files is stored as a prop‐
352 erty on the sever. You may think of this property as an information
353 about the type of file rather than a permission. Whether the file is
354 executable on the local system is still controlled by mount options and
355 local permissions.
356
357
358 When the file system is unmounted, attributes of cached files (includ‐
359 ing owner and permissions) are stored in cache, as well as the at‐
360 tributs of the direcotries they are in. But there is no information
361 stored about directories that do not contain cached files.
362
363
364
366 /etc/davfs2/davfs2.conf
367 System wide configuration file.
368
369
370 ~/.davfs2/davfs2.conf
371 Configuration file in the users home directory.The user configu‐
372 ration takes precedence over the system wide configuration. If
373 it does not exist, mount.davfs will will create a template file.
374
375
376 /etc/davfs2/secrets
377 Holds the credentials for WebDAV servers and the proxy, as well
378 as decryption passwords for client certificates. The file must
379 be read-writable by root only.
380
381
382 ~/.davfs2/secrets
383 Holds credentials for WebDAV servers and proxy, as well as de‐
384 cryption passwords for client certificates. The file must be
385 read-writable by the owner only. Credentials are first looked up
386 in the home directory of the mounting user. If not found there
387 the system wide secrets file is consulted. If no creditentials
388 and passwords are found they are asked from the user interac‐
389 tively (if not disabled). If the file does not exist,
390 mount.davfs will will create a template file.
391
392
393 /etc/davfs2/certs
394 You may store trusted server certificates here, that can not be
395 verified by use of the system wide CA-Certificates. This is use‐
396 ful when your server uses a selfmade certificate. You must con‐
397 figure the servercert option in /etc/davfs2/davfs2.conf or
398 ~/.davfs2/davfs2.conf to use it. Certificates must be in PEM
399 format.
400 Be sure to verify the certificate.
401
402
403 ~/.davfs2/certs
404 You may store trusted server certificates here, that can not be
405 verified by use of the system wide CA-Certificates. This is use‐
406 ful when your server uses a selfmade certificate. You must con‐
407 figure the servercert option in ~/.davfs2/davfs2.conf to use it.
408 Certificates must be in PEM format.
409 Be sure to verify the certificate.
410
411
412 /etc/davfs2/certs/private
413 To store client certificates. Certificates must be in PKCS#12
414 format. You must configure the clientcert option in
415 /etc/davfs2/davfs2.conf or ~/.davfs2/davfs2.conf to use it. This
416 directory must be rwx by root only.
417
418
419 ~/.davfs2/certs/private
420 To store client certificates. Certificates must be in PKCS#12
421 format. You must configure the clientcert option in
422 ~/.davfs2/davfs2.conf to use it. This directory must be rwx by
423 the owner only.
424
425
426 /var/run/mount.davfs
427 PID-files of running mount.davfs processes are stored there.
428 This directory must belong to group davfs2 with write permis‐
429 sions for the group and the sticky-bit set (mode 1775). The
430 PID-files are named after the mount point of the file system.
431
432
433 /var/cache/davfs2
434 System wide directory for cached files. Used when the file sys‐
435 tem is mounted by root. It must belong do group davfs2 and read,
436 write and execute bits for group must be set. There is a subdi‐
437 rectory for every mounted file system. The names of this subdi‐
438 rectories are created from url, mount point and user name.
439
440
441 ~/.davfs2/cache
442 Cache directory in the mounting users home directory. For every
443 mounted WebDAV resource a subdirectory is created.
444
445 mount.davfs will try to create missing directories, but it will not
446 touch /etc/davfs2.
447
448
450 https_proxy http_proxy all_proxy
451 If no proxy is defined in the configuration file the value is
452 taken from this environment variables. The proxy may be given
453 with or without scheme and with or without port
454 http_proxy=[http://]foo.bar[:3218]
455 Only used when the mounting user is root.
456
457
458 no_proxy
459 A comma separated list of domain names that shall be accessed
460 directly. * matches any domain name. A domain name starting
461 with . (period) matches all subdomains.
462 Only used when the mounting user is root.
463 Not applied when the proxy is defined in /etc/davfs2.
464
465
466
468 Non root user (e.g. filomena):
469
470
471 To allow an ordinary user to mount there must be an entry in fstab
472 http://webdav.org/dav /media/dav davfs noauto,user 0 0
473
474
475 If a proxy must be used this should be configured in
476 /etc/davfs2/davfs2.conf
477 proxy proxy.mycompany.com:8080
478
479
480 Credentials are stored in /home/filomena/.davfs2/secrets
481 proxy.mycompany.com filomena "my secret"
482 /media/dav webdav-username password
483
484
485 Now the WebDAV resource may be mounted by user filomena invoking
486 mount /media/dav
487
488
489 and unmounted by user filomena invoking
490 umount /media/dav
491
492
493 Root user only:
494
495
496 Mounts the resource https://asciigirl.com/webdav at mount point
497 /mount/site, encrypting all traffic with SSL. Credentials for
498 http://webdav.org/dav will be looked up in /etc/davfs2/secrets, if not
499 found there the user will be asked.
500 mount -t davfs -o uid=otto,gid=users,mode=775 https://asci‐
501 igirl.com/webdav /mount/site
502
503
504 Mounts the resource http://linux.org.ar/repos at /dav.
505 mount.davfs -o uid=otto,gid=users,mode=775
506 http://linux.org.ar/repos/ /dav
507
508
509
511 davfs2 does not support links.
512
513 A davfs2 file system cannot be moved with mount --move.
514
515
516
518 This man page was written by Luciano Bello <luciano@linux.org.ar> for
519 Debian, for version 0.2.3 of davfs2.
520
521
522 It has been updated for this version by Werner Baumann <werner.bau‐
523 mann@onlinhome.de>.
524
525
526 davfs2 is developed by Sung Kim <hunkim@gmail.com>.
527
528
529 Version 1.0.0 (and later) of davfs2 is a complete rewrite by Werner
530 Baumann.
531
532
533
535 http://savannah.nongnu.org/projects/davfs2
536
537
538
540 umount.davfs(8), davfs2.conf(5), mount(8), umount(8), fstab(5)
541
542
543
544davfs2 2020-08-03 mount.davfs(8)