sftp icon indicating copy to clipboard operation
sftp copied to clipboard

Published 20 hours ago verified publisher icon atmoz

Unable to mount home directory

Open sschleicher208 opened this issue 4 years ago • 6 comments

I'm using the template provided by https://charbelnemnom.com/2019/06/how-to-deploy-sftp-service-on-microsoft-azure/ In that example he mounts a volume specific to the user. This works perfectly. I wanted to change the mount to just mount the "/home" directory so the the FTP server will automatically create user folders under the mounted home directory. When starting the container, the user folders for each user are created when starting the container, but, upon logging in, I get

bad ownership or modes for chroot directory component "/home/"

I've seen other posts indicating that root must have access to these directories, but I'm confused because it obviously has enough permissions to create the user folders in the mounted home directory. So why would I get the error when the user tries to log in? How would I modify the resource template to allow user folders to be auto-created by the FTP server while also allowing the user to be CHRooted to them?

The following works: { "mountPath": "/home/user1", "name": "sftpvolume", "readOnly": false }

This does not work: { "mountPath": "/home", "name": "sftpvolume", "readOnly": false }

sschleicher208 avatar Jun 05 '20 17:06 sschleicher208

I'm in the same position, I want to be able to add files to the root path but can't figure out how.

chrisjainsley avatar Nov 27 '20 16:11 chrisjainsley

Yep, same issue. I simply want users to be able to upload to their own user directories. I get the same error...

bad ownership or modes for chroot directory component "/home/"

If anyone can help that would be great!

chrispont avatar Jun 17 '21 14:06 chrispont

I've actually got to the bottom of this. It's all down to the Azure File Share - you can't change the permission in the file share, and so when you mount at the /home level, the directory is given 0755 permissions, which as you've seen, it doesn't like. By setting the mount path lower down (i.e /home/myuser/upload) it works fine as the /home/myuser folder is still within the container and has the correct permissions. My solution was to simply create a mount for each user. Not ideal, but I don't think there's another solution if you're using Azure File Shares.

chrispont avatar Jun 17 '21 17:06 chrispont

Any other workarounds found?

SlyNet avatar Mar 08 '22 13:03 SlyNet

Regarding mounting, you could mount all user data outside /home, e.g. /data. Then you could symlink each user's data directory (/data/<user>) into the related /home/<user> directory. You only need one mount point and you avoid the problem with permissions.

atmoz avatar Mar 08 '22 17:03 atmoz