mirror of
https://github.com/libfuse/libfuse.git
synced 2024-11-28 14:44:35 +08:00
183 lines
5.1 KiB
Plaintext
183 lines
5.1 KiB
Plaintext
General Information
|
|
===================
|
|
|
|
FUSE (Filesystem in Userspace) is a simple interface for userspace
|
|
programs to export a virtual filesystem to the linux kernel. FUSE
|
|
also aims to provide a secure method for non privileged users to
|
|
create and mount their own filesystem implementations.
|
|
|
|
You can download the source code releases from
|
|
|
|
http://sourceforge.net/projects/fuse
|
|
|
|
or alternatively you can use CVS to get the very latest development
|
|
version by setting the cvsroot to
|
|
|
|
:pserver:anonymous@cvs.sourceforge.net:/cvsroot/fuse
|
|
|
|
and checking out the 'fuse' module.
|
|
|
|
Installation
|
|
============
|
|
|
|
./configure
|
|
make
|
|
make install
|
|
modprobe fuse
|
|
|
|
You may also need to add '/usr/local/lib' to '/etc/ld.so.conf' and/or
|
|
run ldconfig.
|
|
|
|
For more details see the file 'INSTALL'
|
|
|
|
How To Use
|
|
==========
|
|
|
|
FUSE is made up of three main parts:
|
|
|
|
- A kernel filesystem module
|
|
|
|
- A userspace library
|
|
|
|
- A mount/unmount program
|
|
|
|
|
|
Here's how to create your very own virtual filesystem in five easy
|
|
steps (after installing FUSE):
|
|
|
|
1) Edit the file example/fusexmp.c to do whatever you want...
|
|
|
|
2) Build the fusexmp program
|
|
|
|
3) run 'example/fusexmp /mnt/fuse -d'
|
|
|
|
4) ls -al /mnt/fuse
|
|
|
|
5) Be glad
|
|
|
|
If it doesn't work out, please ask! Also see the file 'include/fuse.h' for
|
|
detailed documentation of the library interface.
|
|
|
|
Security
|
|
========
|
|
|
|
If you run 'make install', the fusermount program is installed
|
|
set-user-id to root. This is done to allow normal users to mount
|
|
their own filesystem implementations.
|
|
|
|
There must however be some limitations, in order to prevent Bad User from
|
|
doing nasty things. Currently those limitations are:
|
|
|
|
- The user can only mount on a mountpoint, for which it has write
|
|
permission
|
|
|
|
- The mountpoint is not a sticky directory which isn't owned by the
|
|
user (like /tmp usually is)
|
|
|
|
- No other user (including root) can access the contents of the mounted
|
|
filesystem.
|
|
|
|
Configuration
|
|
=============
|
|
|
|
Some options regarding mount policy can be set in the file
|
|
'/etc/fuse.conf'
|
|
|
|
Currently these options are:
|
|
|
|
mount_max = NNN
|
|
|
|
Set the maximum number of FUSE mounts allowed to non-root users.
|
|
The default is 1000.
|
|
|
|
user_allow_other
|
|
|
|
Allow non-root users to specify the 'allow_other' or 'allow_root'
|
|
mount options.
|
|
|
|
|
|
Mount options
|
|
=============
|
|
|
|
These are FUSE specific mount options that can be specified for all
|
|
filesystems:
|
|
|
|
default_permissions
|
|
|
|
By default FUSE doesn't check file access permissions, the
|
|
filesystem is free to implement it's access policy or leave it to
|
|
the underlying file access mechanism (e.g. in case of network
|
|
filesystems). This option enables permission checking, restricting
|
|
access based on file mode. This is option is usually useful
|
|
together with the 'allow_other' mount option.
|
|
|
|
allow_other
|
|
|
|
This option overrides the security measure restricting file access
|
|
to the user mounting the filesystem. This option is by default only
|
|
allowed to root, but this restriction can be removed with a
|
|
configuration option described in the previous section.
|
|
|
|
allow_root
|
|
|
|
This option is similar to 'allow_other' but file access is limited
|
|
to the user mounting the filesystem and root.
|
|
|
|
kernel_cache
|
|
|
|
This option disables flushing the cache of the file contents on
|
|
every open(). This should only be enabled on filesystems, where the
|
|
file data is never changed externally (not through the mounted FUSE
|
|
filesystem). Thus it is not suitable for network filesystems and
|
|
other "intermediate" filesystems.
|
|
|
|
NOTE: if this option is not specified (and neither 'direct_io') data
|
|
is still cached after the open(), so a read() system call will not
|
|
always initiate a read operation.
|
|
|
|
large_read
|
|
|
|
Issue large read requests. This can improve performance for some
|
|
filesystems, but can also degrade performance. This option is only
|
|
useful on 2.4.X kernels, as on 2.6 kernels requests size is
|
|
automatically determined for optimum performance.
|
|
|
|
direct_io
|
|
|
|
This option disables the use of page cache (file content cache) in
|
|
the kernel for this filesystem. This has several affects:
|
|
|
|
- Each read() or write() system call will initiate one or more
|
|
read or write operations, data will not be cached in the
|
|
kernel.
|
|
|
|
- The return value of the read() and write() system calls will
|
|
correspond to the return values of the read and write
|
|
operations. This is useful for example if the file size is not
|
|
known in advance (before reading it).
|
|
|
|
max_read=N
|
|
|
|
With this option the maximum size of read operations can be set.
|
|
The default is infinite. Note that the size of read requests is
|
|
limited anyway to 32 pages (which is 128kbyte on i386).
|
|
|
|
hard_remove
|
|
|
|
The default behavior is that if an open file is deleted, the file is
|
|
renamed to a hidden file (.fuse_hiddenXXX), and only removed when
|
|
the file is finally released. This relieves the filesystem
|
|
implementation of having to deal with this problem. This option
|
|
disables the hiding behavior, and files are removed immediately in
|
|
an unlink operation (or in a rename operation which overwrites an
|
|
existing file).
|
|
|
|
debug
|
|
|
|
Turns on debug information printing by the library.
|
|
|
|
fsname=NAME
|
|
|
|
Sets the filesystem name. The default is the program name.
|
|
|