I wonder if anybody can point to an example of a sshfs idmap file? I know it is possible to use this but I have no idea how to set it up and unless I've missed something, I can't find this information in the man pages or on the wiki. I did find some interesting forum threads but they weren't actually relevant, despite being independently interesting.
What I'm particularly interested to know is whether it is possible to use such a file to map a user's secondary groups as well as uid and primary gid. Using the idmap=user option on the command line, I get uid and, I think, primary gid mapping but not, I think, secondary stuff.
I also wondered if I can use the file to map one gid to a different gid. (Fedora has more default stuff set up so I couldn't always pick the same id numbers when I set up users and groups on my desktop as I'd used on my Arch laptop.)
I'm not sure if this is related or not. When I have my desktop filesystem mounted using sshfs, I can navigate to a directory under ~ and I can copy a file from one place on the remote system to another. I can also delete the file. But I cannot move the file as I get told that I don't have permission. Could somebody explain why that is?
Remote machine is running Fedora. sshd server is running and accepts connections.
Laptop is running Arch. ssh works fine. Filesystem mounts fine with sshfs etc. I'm using gpg-agent with a qt pinentry programme. This required modifying KDE's setup to avoid having two agents running but this is all working fine. The only issues I really have are those mentioned above. Everything else works really nicely. My most recent version of the command is:
sshfs -o idmap=user,transform_symlinks <myalias>:/ /mnt/<myalias>/
Where <myalias> is an alias for the relevant ip address set up in ssh.conf.
Note that I in fact know that this is probably not the ideal way to set things up for my purposes. I really need to sync particular directories. However, the directories in question are large and I'm not sure this is really manageable. Basically, a directory with a *lot* of pdf files. The really critical stuff is synced via wuala and is mostly text files. I suspect, though, that this is probably the best I can do right now. Basically, I try to remember what I need to copy back and forth for the non-synced stuff. (I'm not very good at this.) Anyway, the stuff I manage manually would just be a little bit easier if I could use mv rather than cp -p followed by rm!
Last edited by cfr (2013-01-15 00:18:24)
Wouldn't you need LDAP to keep all group memberships across systems?
I don't know. I've never tried this before. I'm not even certain that's the problem - just my current best guess.