Google云端存储桶:具有全局权限的Linux实例中的挂载 [英] Google Cloud Storage Buckets: Mounting in a Linux instance with Global Permissions
问题描述
我已经创建了一个标准的Google存储桶,并试图将其安装在CentOS Linux计算引擎实例中,但是该权限似乎并未让我向除root用户(可以读取的用户)之外的用户授予访问权限并在gcsfuse挂载后写入存储位置).如果我尝试以非root用户身份挂载,则gcsfuse命令会说它成功完成,但是尝试读取或写入存储桶会导致I/O错误.我希望能得到在Linux实例中具有Google存储桶经验的任何人的指导.
I've created a standard Google storage bucket that I'm trying to mount in a CentOS Linux compute engine instance, but the permissions don't seem to let me grant access to users other than the root user (who can read and write to the storage location once it's mounted with gcsfuse). If I try to mount as a non-root user, the gcsfuse command says it completes successfully, but attempts to read or write to the bucket result in I/O errors. I'd appreciate guidance from anyone with Google storage bucket experience mounted in Linux instances.
推荐答案
这是GCSF的预期行为,您可以使用-o allow_other标志覆盖权限,如所述
This is an expected behavior for GCSFuse you can override the permissions with -o allow_other flag as mentioned here:
权限和所有权
节点
默认情况下,gcsfuse文件系统中的所有inode均显示为gcsfuse进程本身的UID和GID所拥有,即安装文件系统的用户.所有文件的许可权位为0644,所有目录的许可权位为0755(但请参见下文,了解其他用户的使用问题).不支持更改inode模式(使用chmod(2)或类似方法),并且更改会被静默忽略.
By default, all inodes in a gcsfuse file system show up as being owned by the UID and GID of the gcsfuse process itself, i.e. the user who mounted the file system. All files have permission bits 0644, and all directories have permission bits 0755 (but see below for issues with use by other users). Changing inode mode (using chmod(2) or similar) is unsupported, and changes are silently ignored.
可以使用--uid,-gid,-file-mode和--dir-mode标志覆盖这些默认设置.
These defaults can be overriden with the --uid, --gid, --file-mode, and --dir-mode flags.
保险丝
保险丝内核层本身将文件系统的访问权限限制为安装用户(请参见fuse.txt).因此,无论配置了什么inode权限,默认情况下,其他用户在尝试访问文件系统时都会收到"permission否认"错误.这包括root用户.
The fuse kernel layer itself restricts file system access to the mounting user (cf. fuse.txt). So no matter what the configured inode permissions, by default other users will receive "permission denied" errors when attempting to access the file system. This includes the root user.
可以通过设置-o allow_other以允许其他用户访问文件系统来覆盖此设置.当心!可能存在安全隐患.
This can be overridden by setting -o allow_other to allow other users to access the file system. Be careful! There may be security implications.
这篇关于Google云端存储桶:具有全局权限的Linux实例中的挂载的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
