答案1
挂载点默认权限
使用以下方式创建挂载点
mkdir --mode=0500 -p /mnt/mountpoint
只有创建用户才能写入它。您可以从 rc.local 预先填充它。当您挂载位于该挂载点之上的任何文件系统时,它将获取您在挂载时设置的覆盖权限。
顺便说一句,我会避免chattr +i
这样做,因为如果不是每个人都知道你这样做的话,这会让人们感到困惑,并且会在以后导致故障排除的乐趣。
答案2
chattr +i
我通过使用IdentityFile
中的选项来实现这一点sshfs
。
为了使其工作,您需要生成密钥并将其添加到远程主机。
ssh-keygen && ssh-copy-id username@host
完成后,您可以使用 sudo 和 sshfs 来挂载主机。
# If not running the sshfs command from a script,
# you need to save the following values prior to running sshfs.
# If you don't, they will be interpreted as the root user's env variables.
sshfs_uid="$UID"
sshfs_gid="$GID"
sshfs_key"$HOME/.ssh/id_rsa"
# Please note that all options passed to sshfs are required.
# Using these options will allow your user to read + write to the mounted dir.
# If they are not passed, your user won't be able to access the mounted dir.
sudo sshfs -o uid=$sshfs_uid -o gid=$sshfs_gid -o IdentityFile=$sshfs_key -o allow_other username@host:/path /path/to/mountpoint
如果您想将其添加为脚本的一部分或使其在登录时自动执行,您可能不想每次都输入密码。
修复方法:
sudo visudo
# Assuming your sudo group is "wheel".
# And assuming the permissions for your wheel group look something like this.
%wheel ALL=(ALL) ALL
# Add this line after the above line to allow sshfs mounting without a password
%wheel ALL=(ALL) NOPASSWD:/usr/bin/sshfs*