Bug 194206

Summary: sysutils/fusefs-encfs: failed to open fuse device: Permission denied
Product: Ports & Packages Reporter: greencoppermine
Component: Individual Port(s)Assignee: freebsd-ports-bugs (Nobody) <ports-bugs>
Status: Closed Works As Intended    
Severity: Affects Many People CC: elplutoniano, junovitch
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   

Description greencoppermine 2014-10-07 00:50:04 UTC 
I have installed fusefs-encfs using pkg.

I have then loaded the fuse module and kldstat shows fuse.ko as running.

I have then added vfs.usermount=1 to sysctl so that ordinary users may mount using encfs.

The normal user creates to directories foo and bar, and using encfs is extremely simple. However, no matter what I do, I cannot get it to work. The user owns both directories and has write access to both.

  $ mkdir foo
  $ mkdir bar
  $ encfs /home/user/foo /home/user/bar
  EncFS Password: 
fuse: failed to open fuse device: Permission denied
fuse failed.  Common problems:
 - fuse kernel module not installed (modprobe fuse)
 - invalid options -- see usage message
Comment 1 greencoppermine 2014-10-07 00:51:17 UTC 
I forgot, I am running FreeBSD 10.1-RC1 and the fuse package is fusefs-encfs-1.7.4_7
Comment 2 greencoppermine 2014-10-07 00:54:24 UTC 
If I add the "/usr/local/bin/encfs" command to sudo and makes the normal user use sudo the command succeeds. However, the user will not be able to access the directory even though it is owned by him.

Clearly something is messed up using fuse!
Comment 3 greencoppermine 2014-10-07 00:56:54 UTC 
The normal user is in group wheel too.
Comment 4 John Marino freebsd_committer freebsd_triage 2014-10-31 22:30:08 UTC 
Unfortunately, this port is not maintained and thus there is nobody to assign the PR to.  I'll have to move it to "open" without assigning it to anyone.
Comment 5 Vicen Dominguez 2015-01-17 02:12:52 UTC 
There is not bug. Solved for me when i added my user using encfs to the "operator" group.

That is because of the permissions in the /dev/fuse file.

Good luck! ;) ;)
Comment 6 Jason Unovitch freebsd_committer freebsd_triage 2015-09-06 01:57:14 UTC 
As mentioned above, /dev/fuse is owned by operator so either lax devfs.rules permissions or the user must be part of the operator group.  This seems to work as intended as shown below so I am marking the PR as such.

jason@Silverstone:/tmp/test % mkdir foo bar
jason@Silverstone:/tmp/test % encfs /tmp/test/foo/ /tmp/test/bar/
# ...<truncated> ...
jason@Silverstone:/tmp/test % ll foo/
total 5
-rw-r--r--  1 jason  wheel  1091 Sep  5 21:40 .encfs6.xml
jason@Silverstone:/tmp/test % ll bar/
total 0
jason@Silverstone:/tmp/test % touch bar/testfile
jason@Silverstone:/tmp/test % ll bar/
total 1
-rw-r--r--  1 jason  wheel  0 Sep  5 21:47 testfile
jason@Silverstone:/tmp/test % ll foo/
total 5
-rw-r--r--  1 jason  wheel     0 Sep  5 21:47 ,5EcdxPBzRznuNh-LJR8h4Tl
-rw-r--r--  1 jason  wheel  1091 Sep  5 21:40 .encfs6.xml
jason@Silverstone:/tmp/test % ll /dev/fuse 
crw-rw----  1 root  operator  0xbd Sep  5 21:47 /dev/fuse

Regarding not being able to access it when mounting as root, this is by design as well.  See mount.fuse(8) for details, a brief quote follows.

       user_allow_other
              Allow non-root users to specify the  allow_other  or  allow_root
              mount options (see below).