-
Notifications
You must be signed in to change notification settings - Fork 84
/
fuse-overlayfs.1
137 lines (104 loc) · 3.15 KB
/
fuse-overlayfs.1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
.nh
.TH fuse-overlayfs 1 "User Commands"
.SH NAME
.PP
fuse-overlayfs - overlayfs FUSE implementation
.SH SYNOPSIS
.PP
mounting
fuse-overlayfs [-f] [--debug] [-o OPTS] MOUNT_TARGET
.PP
unmounting
fusermount -u mountpoint
.SH DESCRIPTION
.PP
fuse-overlayfs provides an overlayfs FUSE implementation so that it
can be used since Linux 4.18 by unprivileged users in an user
namespace.
.SH OPTIONS
.PP
\fB--debug\fP
Enable debugging mode, can be very noisy.
.PP
\fB-o lowerdir=low1[:low2...]\fP
A list of directories separated by \fB\fC:\fR\&. Their content is merged.
.PP
\fB-o upperdir=upperdir\fP
A directory merged on top of all the lowerdirs where all the changes
done to the file system will be written.
.PP
\fB-o workdir=workdir\fP
A directory used internally by fuse-overlays, must be on the same file
system as the upper dir.
.PP
\fB-o uidmapping=UID:MAPPED-UID:LEN[,UID2:MAPPED-UID2:LEN2]\fP
\fB-o gidmapping=GID:MAPPED-GID:LEN[,GID2:MAPPED-GID2:LEN2]\fP
Specifies the dynamic UID/GID mapping used by fuse-overlayfs when
reading/writing files to the system.
.PP
The fuse-overlayfs dynamic mapping is an alternative and cheaper way
to chown'ing the files on the host to accommodate the user namespace
settings.
.PP
It is useful to share the same storage among different user namespaces
and counter effect the mapping done by the user namespace itself, and
without requiring to chown the files.
.PP
For example, given on the host two files like:
.PP
$ stat -c %u:%g lower/a lower/b
0:0
1:1
.PP
When we run in a user namespace with the following configuration:
$ cat /proc/self/uid_map
0 1000 1
1 110000 65536
.PP
We would see:
.PP
$ stat -c %u:%g merged/a merged/b
65534:65534
65534:65534
.PP
65534 is the overflow id used when the UID/GID is not known inside the
user namespace. This happens because both users 0:0 and 1:1 are not
mapped.
.PP
In the above example, if we mount the fuse-overlayfs file system using:
\fB\fC-ouidmapping=0:1000:1:1:110000:65536,gidmapping=0:1000:1:1:110000:65536\fR,
which is the namespace configuration specified on a single line, we'd
see from the same user namespace:
.PP
$ stat -c %u:%g merged/a merged/b
0:0
1:1
.PP
Those are the same IDs visible from outside the user namespace.
.PP
\fB-o squash_to_root\fP
Every file and directory is owned by the root user (0:0).
.PP
\fB-o squash_to_uid=uid\fP
\fB-o squash_to_gid=gid\fP
Every file and directory is owned by the specified uid or gid.
.PP
It has higher precedence over \fBsquash_to_root\fP\&.
.PP
\fB-o static_nlink\fP
Set st_nlink to the static value 1 for all directories.
.PP
This can be useful for higher latency file systems such as NFS, where
counting the number of hard links for a directory with many files can
be a slow operation. With this option enabled, the number of hard
links reported when running stat for any directory is 1.
.PP
\fB-o noacl\fP
Disable ACL support in the FUSE file system.
.SH SEE ALSO
.PP
\fBfuse\fP(8), \fBmount\fP(8), \fBuser_namespaces\fP(7)
.SH AVAILABILITY
.PP
The fuse-overlayfs command is available from
\fBhttps://github.com/containers/fuse-overlayfs\fP under GNU GENERAL PUBLIC LICENSE Version 3 or later.