Hi there -
I’m in the process of setting up my new truenas scale build and I’m running into a challenge creating a bind mount designed to mount as an alternate user.
I’ve got a bunch of data in /mnt/core-hdd/privatedata/safesubfolder/media. It is owned by uid:gid 3006:3006, and I want to expose a subfolder (ro is fine) as a mount on another dataset that will be accessed by uid:gid 3010:3010. My hope was that I could do this without having to reassign all the permissions at source, but rather through a mount that impersonates the original user.
After a bit of research I though I could run a script like this on startup…
mount -o bind,ro,X-mount.idmap=b:3010:3006:1 /mnt/core-hdd/privatedata/safesubfolder/media /mnt/core-hdd/media/othermedia
Unfortunately, I cannot seems to get uid 3010 to have any permissions on the newly created mount. I’ve tried reversing the ids (b:3006:3010:1
), putting in quotes, and just about anything I can think of, but it’s to no avail. (Root can see the mount contents just fine.)
The documentation I could find on X-mount.idmap
seems to be quite limited (just a man page and handful of forum posts, so I’m really at a loss.
I’m open to ideas. Basically, I need to create a mount that impersonates another user without changing all the perms on the source files (they are the target of a sync process), and without moving data around all over the place, or creating NFS shares with maproot all over unless necessary. I would like to be able to use this technique in other places too.
(BTW - interestingly, truenas seems to actually respect the ‘ro’ option when creating bind mounts, in the past I’ve had to do a bind remount ro style command to make that work)
Open to ideas, and much appreciated!