[artix-general] access to network drive - denies to root?

Ruben Safir ruben at mrbrklyn.com
Tue Jul 7 18:57:36 CEST 2020


On Tue, Jul 07, 2020 at 11:29:04AM -0400, Artix wrote:
> This behavior is correct.
> Local root and remote root are 2 different accounts(even though both are
> called "root"). Obviously remote "root" should be able to access
> everything on the remote. And local root should be able to access
> everything on local. But local "root" should not be able to have "root"
> privileges on a remote server...
> 
> Even though you mounted it locally, it is still a remote server. Your
> root is not the root of that remote server.
> 


Interesting

So NTFS and SAMBA also work like that?


> On 7/7/20 11:07 AM, Ruben Safir wrote:
> > On Mon, Jul 06, 2020 at 10:53:01PM -0400, Artix wrote:
> >> https://unix.stackexchange.com/questions/59685/sshfs-mount-sudo-gets-permission-denied
> >>
> >> On 7/6/20 10:28 PM, Ruben Safir via artix-general wrote:
> >>> I have a drive mounted through sshfs
> >>>
> >>> [ruben at flatbush 101___06]$ mount|grep sshfs
> >>> ruben at home2:/usr/local/apache2/htdocs/ on /home/ruben/mnt4 type
> >>> fuse.sshfs (rw,nosuid,nodev,relatime,user_id=1000,group_id=1000)
> >>>
> >>> I can not access it with sudo which is bizzarre and unexpected
> >>>
> >>> [ruben at flatbush 101___06]$ sudo ls -al  /home/ruben/mnt4/brooklyn/mv/
> >>> ls: cannot access '/home/ruben/mnt4/brooklyn/mv/': Permission denied
> >>> [ruben at flatbush 101___06]$ ls -al  /home/ruben/mnt4/brooklyn/mv/
> >>> total 74965180
> >>> drwxr-xr-x 1 ruben daemon      16384 Jul  6 22:25  .
> >>> drwxr-xr-x 1 ruben    111       4096 Jul  4 10:52  ..
> >>> -rw-r--r-- 1 ruben    111   83996672 May 18  2008
> >>> 0.607_Star_Trek_TNG_-_6x07_-_Rascals.avi
> >>> -rw-r--r-- 1 ruben    111   54562564 Jun 28  2008
> >>> 06_-_SNL_-_Quentin_Tarantino_s_Welcome_Back_Kotter.mpeg
> >>> ....
> >>>
> >>>
> >>>
> >>> why is this?
> >>>
> > 
> > 
> > But how does it do that?  You would think this breaks the basic secuirty
> > model.  How can a mount be created that root has no access to?
> > 
> >>
> >> -- 
> >> Chris Cromer
> >> Artix Developer
> > 
> > [-- Error: unable to create PGP subprocess! --]
> > 
> > 
> > 
> > 
> > 
> >> -- 
> >> artix-general mailing list
> >> artix-general at artixlinux.org
> >> https://lists.artixlinux.org/listinfo/artix-general
> > 
> > 
> 
> -- 
> Chris Cromer
> Artix Developer

[-- Error: unable to create PGP subprocess! --]

> -- 
> artix-general mailing list
> artix-general at artixlinux.org
> https://lists.artixlinux.org/listinfo/artix-general


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com 

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive 
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com 

Being so tracked is for FARM ANIMALS and extermination camps, 
but incompatible with living as a free human being. -RI Safir 2013



More information about the artix-general mailing list