debian-bugs-dist  

Bug#473545: fuse-utils: /dev/fuse belongs to group root after reboot (udev)

Luca Capello
Mon, 19 Oct 2009 08:40:05 -0700

found 473545 2.7.4-2
severity 473545 important
tags 473545 + patch
thanks

Hi there!

I remember that when I installed sshfs back in July the only thing I did
was adding the normal user to group fuse and then everything worked like
a charm.

However, now that I needed it again, there is a permission error:
=====
l...@gismo:~$ sshfs IP: ~/sshfs
Enter passphrase for key '/home/luca/.ssh/id_rsa': 
fuse: failed to open /dev/fuse: Permission denied

l...@gismo:~$ ls -l /dev/fuse
crw-rw---- 1 root root 10, 229 2009-10-16 23:15 /dev/fuse

l...@gismo:~$
=====

I guess the problem is that everytime the system restarts, udev
recreates the node, but does not change the ownership.  The solution is
to install the following udev rules file:

--8<---------------cut here---------------start------------->8---
KERNEL=="fuse",                                 GROUP="fuse"
--8<---------------cut here---------------end--------------->8---

With it, everything in postinst and initscript should be unnecessary,
given the fact that udev will automatically change the group permission
every time the fuse module is loaded.

Because the group fuse is not a standard group, the rule above can not
be included in udev, which at first I thought was the correct place.

BTW, the workaround in the initscript is in the wrong place: in *any*
case (thus even when the module has already been loaded), group
ownership should be checked.

Finally, the severity is IMHO important since after the first reboot
/dev/fuse is not available anymore for non-root (as group) users.

Thx, bye,
Gismo / Luca

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.30-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages fuse-utils depends on:
ii  adduser                       3.111      add and remove users and groups
ii  libc6                         2.10.1-1   GNU C Library: Shared libraries
ii  libfuse2                      2.7.4-2    Filesystem in USErspace library
ii  makedev                       2.3.1-89   creates device files in /dev
ii  sed                           4.2.1-3    The GNU sed stream editor
ii  udev                          146-5      /dev/ and hotplug management daemo

fuse-utils recommends no packages.

fuse-utils suggests no packages.

-- no debconf information

Attachment: pgpFzB0Fcfd1P.pgp
Description: PGP signature