Mount error due to user_allow_other not in /etc/fuse.conf even though it is #10264

ProximaNova · 2023-12-17T07:31:08Z

Checklist

This is a bug report, not a question. Ask questions on discuss.ipfs.io.
I have searched on the issue tracker for my bug.
I am running the latest kubo version or have an issue updating.

Installation method

ipfs-update or dist.ipfs.tech

Version

Kubo version: 0.25.0
Repo version: 15
System version: 386/linux
Golang version: go1.21.5

Config

{
  "API": {
    "HTTPHeaders": {}
  },
  "Addresses": {
    "API": "/ip4/127.0.0.1/tcp/5001",
    "Announce": [],
    "AppendAnnounce": [],
    "Gateway": "/ip4/127.0.0.1/tcp/8080",
    "NoAnnounce": [],
    "Swarm": [
      "/ip4/0.0.0.0/tcp/4001",
      "/ip6/::/tcp/4001",
      "/ip4/0.0.0.0/udp/4001/quic-v1",
      "/ip4/0.0.0.0/udp/4001/quic-v1/webtransport",
      "/ip6/::/udp/4001/quic-v1",
      "/ip6/::/udp/4001/quic-v1/webtransport"
    ]
  },
  "AutoNAT": {},
  "Bootstrap": [
    "/dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa",
    "/dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb",
    "/dnsaddr/bootstrap.libp2p.io/p2p/QmcZf59bWwK5XFi76CZX8cbJ4BhTzzA3gU1ZjYZcYW3dwt",
    "/ip4/104.131.131.82/tcp/4001/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ",
    "/ip4/104.131.131.82/udp/4001/quic-v1/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ",
    "/dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN"
  ],
  "DNS": {
    "Resolvers": {}
  },
  "Datastore": {
    "BloomFilterSize": 0,
    "GCPeriod": "1h",
    "HashOnRead": false,
    "Spec": {
      "mounts": [
        {
          "child": {
            "path": "blocks",
            "shardFunc": "/repo/flatfs/shard/v1/next-to-last/2",
            "sync": true,
            "type": "flatfs"
          },
          "mountpoint": "/blocks",
          "prefix": "flatfs.datastore",
          "type": "measure"
        },
        {
          "child": {
            "compression": "none",
            "path": "datastore",
            "type": "levelds"
          },
          "mountpoint": "/",
          "prefix": "leveldb.datastore",
          "type": "measure"
        }
      ],
      "type": "mount"
    },
    "StorageGCWatermark": 90,
    "StorageMax": "10GB"
  },
  "Discovery": {
    "MDNS": {
      "Enabled": true
    }
  },
  "Experimental": {
    "FilestoreEnabled": false,
    "Libp2pStreamMounting": false,
    "OptimisticProvide": false,
    "OptimisticProvideJobsPoolSize": 0,
    "P2pHttpProxy": false,
    "StrategicProviding": false,
    "UrlstoreEnabled": false
  },
  "Gateway": {
    "APICommands": [],
    "DeserializedResponses": null,
    "DisableHTMLErrors": null,
    "ExposeRoutingAPI": null,
    "HTTPHeaders": {},
    "NoDNSLink": false,
    "NoFetch": false,
    "PathPrefixes": [],
    "PublicGateways": null,
    "RootRedirect": ""
  },
  "Identity": {
    "PeerID": "12D3KooWHbueeWnYHoCswdCBafmAWybiEaiSZsdYRSdomJNP4pwU"
  },
  "Internal": {},
  "Ipns": {
    "RecordLifetime": "",
    "RepublishPeriod": "",
    "ResolveCacheSize": 128
  },
  "Migration": {
    "DownloadSources": [],
    "Keep": ""
  },
  "Mounts": {
    "FuseAllowOther": true,
    "IPFS": "/ipfs",
    "IPNS": "/ipns"
  },
  "Peering": {
    "Peers": null
  },
  "Pinning": {
    "RemoteServices": {}
  },
  "Plugins": {
    "Plugins": null
  },
  "Provider": {
    "Strategy": ""
  },
  "Pubsub": {
    "DisableSigning": false,
    "Router": ""
  },
  "Reprovider": {},
  "Routing": {
    "AcceleratedDHTClient": false,
    "Methods": null,
    "Routers": null
  },
  "Swarm": {
    "AddrFilters": null,
    "ConnMgr": {},
    "DisableBandwidthMetrics": false,
    "DisableNatPortMap": false,
    "RelayClient": {},
    "RelayService": {},
    "ResourceMgr": {},
    "Transports": {
      "Multiplexers": {},
      "Network": {},
      "Security": {}
    }
  }
}

Description

In the past I ran "ipfs daemon --mount & disown"; it worked somewhat OK (but didn't work well with Apache HTTP Server, somewhat different issue so ignore that). I was reading this https://willschenk.com/labnotes/2020/ipfs_and_fuse/ and it said to run "ipfs config --json Mounts.FuseAllowOther true". After doing that, "ipfs daemon --mount & disown" no longer works. Error message:

$ ipfs daemon --mount & disown
[...]
2023/12/17 07:26:26 mount helper error: fusermount: option allow_other only allowed if 'user_allow_other' is set in /etc/fuse.conf
2023/12/17 07:26:26 mount helper error: fusermount: option allow_other only allowed if 'user_allow_other' is set in /etc/fuse.conf
2023-12-17T07:26:26.984Z	ERROR	node	node/mount_unix.go:92	error mounting: fusermount: exit status 1
2023-12-17T07:26:26.984Z	ERROR	node	node/mount_unix.go:96	error mounting: fusermount: exit status 1

Error: fuse failed to access mountpoint /ipfs

It says "mount helper error: fusermount: option allow_other only allowed if 'user_allow_other' is set in /etc/fuse.conf"; however, user_allow_other is in fact in file "/etc/fuse.conf":

$ sudo cat /etc/fuse.conf
# /etc/fuse.conf - Configuration file for Filesystem in Userspace (FUSE)

# Set the maximum number of FUSE mounts allowed to non-root users.
# The default is 1000.
#mount_max = 1000

# Allow non-root users to specify the allow_other or allow_root mount options.
user_allow_other
$

The text was updated successfully, but these errors were encountered:

ProximaNova · 2023-12-21T11:11:43Z

As seen in the version info above, this is a problem in 32-bit computers. It's not a problem in some/all 64-bit computers, such as this one computer:

$ ipfs config --json Mounts.FuseAllowOther true
$ sudo grep ^user /etc/fuse.conf
user_allow_other
$ ipfs daemon --mount & disown
[...no errors...]
$ ipfs version --all
Kubo version: 0.24.0
Repo version: 15
System version: amd64/linux
Golang version: go1.21.3
$

and this other 64-bit computer, call it "HP computer":

$ ipfs version --all
Kubo version: 0.23.0
Repo version: 15
System version: amd64/linux
Golang version: go1.21.1
$

In HP computer, if I run fusermount -u /ipns; fusermount -u /ipfs; ipfs config --json Mounts.FuseAllowOther false; ipfs mount then this results in 403 Forbidden: http://localhost/symlink1/Qm... ("localhost" = Apache HTTP Server and "symlink1" = symbolic link to "/ipfs"). If I then run fusermount -u /ipns; fusermount -u /ipfs; ipfs config --json Mounts.FuseAllowOther true; ipfs mount then that same link http://localhost/symlink1/Qm... results in 200 OK.

So having Mounts.FuseAllowOther working might be the only way to get an IPFS mount to work with Apache Server. (Or the only easy way to do it.) Mounts.FuseAllowOther doesn't work in 32-bit systems.

ProximaNova · 2023-12-25T07:24:58Z

Docs related to Filesystem in Userspace (FUSE):
https://github.com/ipfs/kubo/blob/master/docs/fuse.md

ProximaNova added kind/bug A bug in existing code (including security flaws) need/triage Needs initial labeling and prioritization labels Dec 17, 2023

lidel added topic/fuse Topic fuse need/analysis Needs further analysis before proceeding P3 Low: Not priority right now help wanted Seeking public contribution on this issue and removed need/triage Needs initial labeling and prioritization labels Jan 30, 2024

gdkrmr mentioned this issue Feb 14, 2024

ipfs daemon --mount not working #10340

Open

3 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Mount error due to user_allow_other not in /etc/fuse.conf even though it is #10264

Mount error due to user_allow_other not in /etc/fuse.conf even though it is #10264

ProximaNova commented Dec 17, 2023

ProximaNova commented Dec 21, 2023 •

edited

ProximaNova commented Dec 25, 2023

Mount error due to user_allow_other not in /etc/fuse.conf even though it is #10264

Mount error due to user_allow_other not in /etc/fuse.conf even though it is #10264

Comments

ProximaNova commented Dec 17, 2023

Checklist

Installation method

Version

Config

Description

ProximaNova commented Dec 21, 2023 • edited

ProximaNova commented Dec 25, 2023

ProximaNova commented Dec 21, 2023 •

edited