starred/s3fs-fuse
1
0
Fork 0
mirror of https://github.com/s3fs-fuse/s3fs-fuse.git synced 2026-04-25 13:26:00 +03:00
Code Issues 305 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #525] Readonly / FSTAB Question #294

New issue
Closed
opened 2026-03-04 01:44:07 +03:00 by kerem · 4 comments
kerem commented 2026-03-04 01:44:07 +03:00
Owner
Copy link

Originally created by @bjay1404 on GitHub (Jan 24, 2017).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/525

Hi, this is not an issue.

The software works great!

I'm trying to figure out how to mount a bucket as read only. I've noticed that the permissions change when I mount the folder - so chmod is obviously out. How can I mount a bucket as read only without modifying IAM credentials? Also, how can I specify an iam role / read only in fstab?

Thanks!

Originally created by @bjay1404 on GitHub (Jan 24, 2017). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/525 Hi, this is not an issue. The software works great! I'm trying to figure out how to mount a bucket as read only. I've noticed that the permissions change when I mount the folder - so chmod is obviously out. How can I mount a bucket as read only without modifying IAM credentials? Also, how can I specify an iam role / read only in fstab? Thanks!
kerem 2026-03-04 01:44:07 +03:00
  • closed this issue
  • added the
    question
         label
kerem commented 2026-03-04 01:44:08 +03:00
Author
Owner
Copy link

@hayd commented on GitHub (Feb 17, 2017):

Surprising that write is required even for ls (of subdirectories).

Are there some specific objects that could be writable which would allow "mostly readonly"?

<!-- gh-comment-id:280761781 --> @hayd commented on GitHub (Feb 17, 2017): Surprising that write is required even for ls (of subdirectories). Are there some specific objects that could be writable which would allow "mostly readonly"?
kerem commented 2026-03-04 01:44:08 +03:00
Author
Owner
Copy link

@ggtakec commented on GitHub (Mar 19, 2017):

@bjay1404
To restrict writing to a file, you can use umask (mp_umask).
And to restrict the change of file permissions, the execution status flag(x) must not be set the current directory.
These are the same as the file system.
If you want to adapt the restrictions to all files under the bucket, you can use the umask(mp_umask) option.
If you want to use iam role, you can use iam_role option.

(if you need more information or my fault, please reopen this issue.)
Regards,

<!-- gh-comment-id:287635352 --> @ggtakec commented on GitHub (Mar 19, 2017): @bjay1404 To restrict writing to a file, you can use umask (mp_umask). And to restrict the change of file permissions, the execution status flag(x) must not be set the current directory. These are the same as the file system. If you want to adapt the restrictions to all files under the bucket, you can use the umask(mp_umask) option. If you want to use iam role, you can use iam_role option. (if you need more information or my fault, please reopen this issue.) Regards,
kerem commented 2026-03-04 01:44:08 +03:00
Author
Owner
Copy link

@hayd commented on GitHub (Mar 19, 2017):

@ggtakec The question is should s3fs be able to mount and read files if (either the role or api keys - I don't think that aspect is relevant) have readonly permissions to the s3 bucket?

When I tried (with readonly bucket permission) I was unable to mount. Is that expected?

Edit: SOLVED BY https://github.com/s3fs-fuse/s3fs-fuse/issues/189#issuecomment-112089764 (allow other and 0002):

s3fs -o allow_other -o umask=0002 [bucket-name] [mount-folder]
OR
s3fs -o iam_role=auto -d -o allow_other -o umask=0002 [bucket-name] [mount-folder]
<!-- gh-comment-id:287637079 --> @hayd commented on GitHub (Mar 19, 2017): @ggtakec The question is should s3fs be able to mount and read files if (either the role or api keys - I don't think that aspect is relevant) have readonly permissions to the s3 bucket? When I tried (with readonly bucket permission) I was unable to mount. Is that expected? Edit: SOLVED BY https://github.com/s3fs-fuse/s3fs-fuse/issues/189#issuecomment-112089764 (allow other and 0002): ``` s3fs -o allow_other -o umask=0002 [bucket-name] [mount-folder] OR s3fs -o iam_role=auto -d -o allow_other -o umask=0002 [bucket-name] [mount-folder] ```
kerem commented 2026-03-04 01:44:08 +03:00
Author
Owner
Copy link

@ggtakec commented on GitHub (Mar 19, 2017):

@hayd
I tried to access read only bucket which is mounted by s3fs(normal options).
It works(read the object under bucket, and could not write it, could not change permission) good for me.
example my s3fs line)
s3fs /mnt/s3 -o allow_other,url=https://s3.amazonaws.com

Regards,

<!-- gh-comment-id:287639359 --> @ggtakec commented on GitHub (Mar 19, 2017): @hayd I tried to access read only bucket which is mounted by s3fs(normal options). It works(read the object under bucket, and could not write it, could not change permission) good for me. example my s3fs line) s3fs <my read only bucket> /mnt/s3 -o allow_other,url=https://s3.amazonaws.com Regards,
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.97
v1.96
v1.95
v1.94
v1.93
v1.92
v1.91
v1.90
v1.89
v1.88
v1.87
v1.86
v1.85
v1.84
v1.83
v1.82
v1.81
v1.80
v1.79
v1.78
Pre-v1.78
v1.77
v1.76
v1.75
v1.74
Labels
Clear labels   
bug

   
bug

   
dataloss

   
duplicate

   
enhancement

   
feature request

   
help wanted

   
invalid

   
need info

   
performance

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
testing
No labels
bug
bug
dataloss
duplicate
enhancement
feature request
help wanted
invalid
need info
performance
pull-request
question
question
testing
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/s3fs-fuse#294
No description provided.