cuno-mount#

Synopsis#

cuno [-o <cunoFS subsystem option>] mount [--root <cloud path>] [--posix] [--no-allow-root] [<FUSE options>] [--auto-restart] <mount-path>

cuno mount --unmount|-u <mount-path>

Description#

cunoFS Mount uses a custom Linux FUSE (Filesystem in Userspace) to mount an object storage path in a directory within the local file system hierarchy. This allows you and any other user of the mount to access object storage as if it were just another directory.

Mount Options#

On the right hand-side of the mount verb, you can specify options that are specific to the mount operation.

--root <cloud path>

Specifies the root object storage path to be mounted. For example, to mount a single bucket, you would use --root s3://<bucket>.

--posix

Enables setting and enforcing access permissions, symbolic and hard links, users, groups, etc. Can be used with default permissions. Implicitly sets -o allow_other.

This option is ideally used with a mount that is only on a single bucket, e.g. cuno mount --root s3://<bucket> --posix <mount-path>. You should also be using cuno creds setposix s3://examplebucket true to enable POSIX handling of the bucket consistently when Direct Interception or a FlexMount is used.

<FUSE option>

Options that are specific to the FUSE mount operation. These options are passed on to fum ( fusermount3). Not to be confused with cunoFS subsystem options which use the same -o syntax. See below for some of these.

--no-allow-root

Do not allow root to access the mount (allowed by default). Disables support for SUID binaries, Snap, AppArmor, and Flatpak applications.

--auto-restart

Automatically restarts cunoFS Mount if problems occur during execution.

--mkdir

Automatically creates the mount point directory if it does not exist.

--debug

Enables debug output (same as cuno mount -o debug).

--dev-logs

Enabled debug logging to /tmp/fuse.logs

--verbose

Enables verbose output.

cunoFS Subsystem Options#

On the left hand-side of the mount verb, you can specify options that are specific to the cunoFS subsystem.

cachehome=<directory> (default: /cunodb;/dev/shm;/tmp/cache/cuno)

This option allows you to set a semicolon-delimited list of directories to consider for caching. This is for the internal metadata cache of the cunoFS process behind the mount. Note that the FUSE cache is separate from this cache.

Example:

cuno -o cachehome=/mnt/cache;/cunodb;/dev/shm mount <mount-path>
uid=<integer>

Define the default user ownership of files and directories within a bucket. These are the UIDs that the cunoFS subsystem will feed to the FUSE mount for non-POSIX (core file access) buckets. Not recommended for most use cases, but may be useful if mounting non-POSIX buckets in the same mount as POSIX buckets. Ignored if the bucket has an enabled POSIX tag.

Example:

cuno -o uid=$(id -u <username>) mount <mount-path>

To enforce these settings, use the FUSE mount option -o default_permissions.

gid=<integer>

Define the default group ownership of files and directories within a bucket. These are the GIDs that the cunoFS subsystem will feed to the FUSE mount for non-POSIX (core file access) buckets. Not recommended for most use cases, prefer to use POSIX file access. Not recommended for most use cases, but may be useful if mounting non-POSIX buckets in the same mount as POSIX buckets. Ignored if the bucket has an enabled POSIX tag.

Example:

cuno -o gid=$(id -g <username>) mount <mount-path>

To enforce these settings, use the FUSE mount option -o default_permissions.

filemode=<octal>

Define the default file access permission bits of files within a bucket. Supply the octal (numeric) representation of the permissions you want to apply. These are the permissions that the cunoFS subsystem will feed to the FUSE mount for non-POSIX (core file access) buckets. Not recommended for most use cases, but may be useful if mounting non-POSIX buckets in the same mount as POSIX buckets. Ignored if the bucket has an enabled POSIX tag.

For example, to set the default file access permission bits to 0770 (-rwxrwx---), use the following command:

cuno -o filemode=0770 mount <mount-path>

To enforce these settings, use the FUSE mount option -o default_permissions.

dirmode=<octal>

Define the default file access permission bits of directories within a bucket. Supply the octal (numeric) representation of the permissions you want to apply. These are the permissions that the cunoFS subsystem will feed to the FUSE mount for non-POSIX (core file access) buckets. Not recommended for most use cases, but may be useful if mounting non-POSIX buckets in the same mount as POSIX buckets. Ignored if the bucket has an enabled POSIX tag.

For example, to set the default file access permission bits to 0770 (drwxrwx---), use the following command:

cuno -o filemode=0770 mount <mount-path>

To enforce these settings, use the FUSE mount option -o default_permissions.

FUSE options#

On the right hand-side of the mount verb, you can also specify options that are specific to the FUSE mount operation. These options are passed on to fum ( fusermount3).

-o allow_root

Allows root access to the mount; required for SUID permissions.

-o allow_other

Allows other users to access the mount; requires user_allow_other in /etc/fuse.conf.

-o default_permissions

Enable permission checking by the kernel. To use Enforced POSIX, use --posix, which will set this internally.

-o auto_unmount

Automatically unmounts the mount when the process terminates.

-o ro

Mounts the file system read-only.

To achieve a read-only mount through cunoFS, you can alternatively use cuno mount --posix and change the permissions on dirs/files in the mount manually to read-only using chmod.

See here for more on standard mount options like ro, rw, etc.

-o rw (default)

Mounts the file system read-write.

-o exec (default)

Allow execution of binaries on the file system.

-o noexec

Disallow execution of binaries on the file system.

-o clone_fd

Uses a separate fuse device fd for each thread (may improve performance).

-o max_idle_threads

The maximum number of idle worker threads allowed (default: 10).

-s

Run in single-threaded mode.

-f

Run in the foreground.

-o debug

Enable debug output (implies -f).

FUSE kernel default attributes#

-o uid=N

Sets the file owner of all mounted files/dirs to the specified user ID. These are the UIDs that the FUSE mount will expose to the user. This will ignore any cuonFS POSIX settings including the bucket tag. To enforce these settings, use the FUSE mount option -o default_permissions.

-o gid=N

Sets the file group of all mounted files/dirs to the specified group ID. These are the GIDs that the FUSE mount will expose to the user. This will ignore any cuonFS POSIX settings including the bucket tag. To enforce these settings, use the FUSE mount option -o default_permissions.

-o umask=M

Sets the file permissions (octal) of all mounted files/dirs. These are the permissions that the FUSE mount will expose to the user. This will ignore any cuonFS POSIX settings including the bucket tag. To enforce these settings, use the FUSE mount option -o default_permissions.

FUSE kernel cache configuration#

-o kernel_cache

This method caches file data across open; i.e. disables flushing of the file data cache on every open. Without this option (and neither direct_io), data is cached before the next open so a read syscall may not initiate a read operation.

-o auto_cache

Enables automatic flushing of the data cache on open(). The cache is only flushed if the modification based on modification times (off).

-o entry_timeout=T

Sets the kernel cache timeout for names (1.0s).

-o negative_timeout=T

Sets the kernel cache timeout for a negative lookup (file not found) (0.0s).

-o attr_timeout=T

Sets the kernel cache timeout for attributes (1.0s).

-o ac_attr_timeout=T

Sets the kernel cache timeout for checking if -o auto_cache should flush file data on open.

See also#

cuno(1), cuno-shell(8), cuno-creds(1)