[Nix-dev] Re: [PATCH] autofs: Allow mounting ssufs-fuse filesystem using ssh-agents of the users only. There is afuse as well which might do a better job but that doesn't unmount automatically AFAIK. Using the example should prevent other users which are logged into your machinge using your mounts.

Marc Weber marco-oweber at gmx.de
Fri Dec 18 22:38:48 CET 2009


autofs4 (kernel module) and automount (daemon) are tools to mount
directories when they are accessed.

You define "keys" which are top level directories.
The default in is

/auto file: file-with-mappings.

You can define the contents of /auto using files.
See the according man pages.
Example:

file-with-mappings:
             cdrom-contents        -fstype=iso9660,ro  :/dev/cdrom

so you can access cd contents by cd /auto/cdrom-contents

If you stop accessing that filesystem automount will umount it for you.

In contrast to cdroms sshfs requires a key. automount is run by root
thus sshfs-fuse will use root keys by default. But automount won't show
passphrases. Neither does in know about your ssh-agent.
If you use google you'll find many howtos telling you how to create
a key with empty password. Bad idea!

The useful hack I wrote is a sshfs wrapper.
It uses pgrep to identify all runing ssh-agents.
It then defines SSH_AGENT_PID and
SSH_AUTH_SOCK and tries to mount the location.
If it fails the next ssh-agent is tried.
(Usually you only have one on your computer anyway..)

Using arbitrary ssh-agents is very dangerous:
Consider someone else logging into your machine.
If you add the key he could do:
  cd /auto/you-remote-location

If mount options allow_others was used he could access your your mount
without you even knowing about it.
Luckily you can define uid= and gid= mount options.
Knowing about uid the script ignores ssh-agents run by different users.
The mount is done by sudo -u#uid  sshfs ....
So other users can no longer access it.

They can still force mounting the directory:
$ cd /auto/mlin/
bash: cd: /auto/mlin/: Permission denied

I'll ask on the automount mailinglist how to prevent this from
happening.

Even root can't access the mounted directory (bug or feature?):
ls: cannot access /auto/mlin: Permission denied
total 0
d????????? ? ? ? ?            ? mlin

Root could change uid to access it as user though.
You have to trust root users anyway.

My use case is accessing log files and databasedumps on hosting accounts.
This is even a bit faster than using scp zsh completion and shared ssh
connections.

Any context questions left?

Marc Weber



More information about the nix-dev mailing list