starred/s3fs-fuse
1
0
Fork 0
mirror of https://github.com/s3fs-fuse/s3fs-fuse.git synced 2026-04-25 05:16:00 +03:00
Code Issues 305 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #519] Permission denied to read files uploaded via S3 webinterface/console #290

New issue
Closed
opened 2026-03-04 01:44:06 +03:00 by kerem · 3 comments
kerem commented 2026-03-04 01:44:06 +03:00
Owner
Copy link

Originally created by @Timboo89 on GitHub (Jan 12, 2017).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/519

Additional Information

The following information is very important in order to help us to help you. Omission of the following details may delay your support request or receive no attention at all.

  • Version of s3fs being used (s3fs --version)

  • _example: 1.80

  • Version of fuse being used (pkg-config --modversion fuse)

  • _example: 2.9.4

  • System information (uname -a)

  • _command result: #1 SMP Mon Jan 9 23:00:57 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

  • Distro (cat /etc/issue)

  • _command result:
    Amazon Linux AMI release 2016.09
    Kernel \r on an \m

  • s3fs command line used (if applicable)

  • /etc/fstab entry (if applicable):
    s3fs#mybucket /mnt/s3bucket fuse _netdev,rw,nosuid,nodev,allow_other 0 0

  • s3fs syslog messages (grep s3fs /var/log/syslog, or s3fs outputs)
    if you execute s3fs with dbglevel, curldbg option, you can get detail debug messages

Details about issue

I mounted my s3bucket as via /etc/fstab.
What's working:
Writing files to bucket as any user on EC2 instance.
Reading files from bucket, that the EC2 user created himself.
Reading ALL files (and folders) as su of EC2 instance.

What's not working:
Reading files as normal user of EC2 instance, that he didn't create / were created via the S3 webinterface / console.

ls -al /mnt/s3bucket
-rw-rw-r-- 1 root root 259216 Jan 11 13:57 3.png
-rw-rw-r-- 1 root root 12 Jan 11 13:57 hello.txt
d--------- 1 root root 0 Jan 11 14:21 newtest
drwxrwxr-x 1 root root 0 Jan 9 10:36 test1
drwxrwxr-x 1 ftpuser ftpuser 0 Jan 11 13:59 test2
-rw-rw-r-- 1 ec2-user ec2-user 6 Jan 11 14:30 test2.txt

The files 3.png and hello.txt as well as the folder newest were created via the s3 webinterface. The rest is created directly via ssh. If I want wo read any of those 3 files I get this message:
tail /mnt/s3bucket/3.png
tail: cannot open '/mnt/s3bucket/3.png' for reading: Permission denied

As su thats not a problem. How can I fix it, so that every/another user of my EC2 instance can read those files?

Thanks a lot.

Originally created by @Timboo89 on GitHub (Jan 12, 2017). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/519 #### Additional Information _The following information is very important in order to help us to help you. Omission of the following details may delay your support request or receive no attention at all._ - Version of s3fs being used (s3fs --version) - _example: 1.80 - Version of fuse being used (pkg-config --modversion fuse) - _example: 2.9.4 - System information (uname -a) - _command result: #1 SMP Mon Jan 9 23:00:57 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux - Distro (cat /etc/issue) - _command result: Amazon Linux AMI release 2016.09 Kernel \r on an \m - s3fs command line used (if applicable) ``` ``` - /etc/fstab entry (if applicable): ` s3fs#mybucket /mnt/s3bucket fuse _netdev,rw,nosuid,nodev,allow_other 0 0 ` - s3fs syslog messages (grep s3fs /var/log/syslog, or s3fs outputs) _if you execute s3fs with dbglevel, curldbg option, you can get detail debug messages_ ``` ``` #### Details about issue I mounted my s3bucket as via /etc/fstab. What's working: Writing files to bucket as any user on EC2 instance. Reading files from bucket, that the EC2 user created himself. Reading ALL files (and folders) as su of EC2 instance. What's not working: Reading files as normal user of EC2 instance, that he didn't create / were created via the S3 webinterface / console. `ls -al /mnt/s3bucket` `-rw-rw-r-- 1 root root 259216 Jan 11 13:57 3.png` `-rw-rw-r-- 1 root root 12 Jan 11 13:57 hello.txt` `d--------- 1 root root 0 Jan 11 14:21 newtest` `drwxrwxr-x 1 root root 0 Jan 9 10:36 test1` `drwxrwxr-x 1 ftpuser ftpuser 0 Jan 11 13:59 test2` `-rw-rw-r-- 1 ec2-user ec2-user 6 Jan 11 14:30 test2.txt` The files 3.png and hello.txt as well as the folder newest were created via the s3 webinterface. The rest is created directly via ssh. If I want wo read any of those 3 files I get this message: `tail /mnt/s3bucket/3.png ` `tail: cannot open '/mnt/s3bucket/3.png' for reading: Permission denied` As su thats not a problem. How can I fix it, so that every/another user of my EC2 instance can read those files? Thanks a lot.
kerem closed this issue 2026-03-04 01:44:06 +03:00
kerem commented 2026-03-04 01:44:07 +03:00
Author
Owner
Copy link

@ggtakec commented on GitHub (Jan 15, 2017):

@Timboo89
I think that similar problems have not occurred at s3fs so far.
So 3.png file is allowed read access for other users but you can not read it, we should know permission for mount point directory.
Other than that, you can try to use uid/gid/umask/mp_umask option for s3fs.

Thanks in advance for your assistance.

<!-- gh-comment-id:272684208 --> @ggtakec commented on GitHub (Jan 15, 2017): @Timboo89 I think that similar problems have not occurred at s3fs so far. So 3.png file is allowed read access for other users but you can not read it, we should know permission for mount point directory. Other than that, you can try to use uid/gid/umask/mp_umask option for s3fs. Thanks in advance for your assistance.
kerem commented 2026-03-04 01:44:07 +03:00
Author
Owner
Copy link

@Timboo89 commented on GitHub (Jan 17, 2017):

Thanks a lot =)
This is working well!
For everyone who does not know how to get the uid of a user, hit the following in your shell:
id -u username
The /etc/fstab entry looks like this:
s3fs#mybucket /mnt/s3bucket fuse _netdev,rw,nosuid,nodev,allow_other,uid=XX 0 0

<!-- gh-comment-id:273086357 --> @Timboo89 commented on GitHub (Jan 17, 2017): Thanks a lot =) This is working well! For everyone who does not know how to get the uid of a user, hit the following in your shell: `id -u username` The /etc/fstab entry looks like this: `s3fs#mybucket /mnt/s3bucket fuse _netdev,rw,nosuid,nodev,allow_other,uid=XX 0 0`
kerem commented 2026-03-04 01:44:07 +03:00
Author
Owner
Copy link

@javilumbrales commented on GitHub (Nov 16, 2017):

In case someone on Mac having this issue, I managed to be able to read folders and files with the below command:

s3fs BUCKET_NAME /path/to/mount/ -o passwd_file=/path/to/credentials,allow_other,uid=`id -u`,umask=0077,mp_umask=0077,use_cache=/path/to/cache/ -d -d -f
<!-- gh-comment-id:344773454 --> @javilumbrales commented on GitHub (Nov 16, 2017): In case someone on Mac having this issue, I managed to be able to read folders and files with the below command: s3fs BUCKET_NAME /path/to/mount/ -o passwd_file=/path/to/credentials,allow_other,uid=`id -u`,umask=0077,mp_umask=0077,use_cache=/path/to/cache/ -d -d -f
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.97
v1.96
v1.95
v1.94
v1.93
v1.92
v1.91
v1.90
v1.89
v1.88
v1.87
v1.86
v1.85
v1.84
v1.83
v1.82
v1.81
v1.80
v1.79
v1.78
Pre-v1.78
v1.77
v1.76
v1.75
v1.74
Labels
Clear labels   
bug

   
bug

   
dataloss

   
duplicate

   
enhancement

   
feature request

   
help wanted

   
invalid

   
need info

   
performance

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
testing
No labels
bug
bug
dataloss
duplicate
enhancement
feature request
help wanted
invalid
need info
performance
pull-request
question
question
testing
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/s3fs-fuse#290
No description provided.