Before this change, writing files to an `nfsmount` via Finder on macOS would cause critical errors, rendering `nfsmount` effectively unusable on macOS. This change fixes the issue so that writes via Finder should be possible. The issue was primarily caused by the handler's HandleLimit being set to -1. -1 is the correct default for a NullAuthHandler, but not for a CachingHandler, which interprets -1 not as "no limit" but as "no cache". This change sets a high default of 1000000, and gives the user control over it with a new --nfs-cache-handle-limit flag (available in both `serve nfs` and `nfsmount`. A minimum of 5 is enforced, as any lower than this will be insufficient to support directory listing.
23 KiB
rclone @ allows Linux, FreeBSD, macOS and Windows to
mount any of Rclone's cloud storage systems as a file system with
FUSE.
First set up your remote using rclone config
. Check it works with rclone ls
etc.
On Linux and macOS, you can run mount in either foreground or background (aka
daemon) mode. Mount runs in foreground mode by default. Use the --daemon
flag
to force background mode. On Windows you can run mount in foreground only,
the flag is ignored.
In background mode rclone acts as a generic Unix mount program: the main
program starts, spawns background rclone process to setup and maintain the
mount, waits until success or timeout and exits with appropriate code
(killing the child process if it fails).
On Linux/macOS/FreeBSD start the mount like this, where /path/to/local/mount
is an empty existing directory:
rclone @ remote:path/to/files /path/to/local/mount
On Windows you can start a mount in different ways. See below
for details. If foreground mount is used interactively from a console window,
rclone will serve the mount and occupy the console so another window should be
used to work with the mount until rclone is interrupted e.g. by pressing Ctrl-C.
The following examples will mount to an automatically assigned drive,
to specific drive letter X:
, to path C:\path\parent\mount
(where parent directory or drive must exist, and mount must not exist,
and is not supported when mounting as a network drive), and
the last example will mount as network share \\cloud\remote
and map it to an
automatically assigned drive:
rclone @ remote:path/to/files *
rclone @ remote:path/to/files X:
rclone @ remote:path/to/files C:\path\parent\mount
rclone @ remote:path/to/files \\cloud\remote
When the program ends while in foreground mode, either via Ctrl+C or receiving
a SIGINT or SIGTERM signal, the mount should be automatically stopped.
When running in background mode the user will have to stop the mount manually:
# Linux
fusermount -u /path/to/local/mount
# OS X
umount /path/to/local/mount
The umount operation can fail, for example when the mountpoint is busy.
When that happens, it is the user's responsibility to stop the mount manually.
The size of the mounted file system will be set according to information retrieved
from the remote, the same as returned by the rclone about
command. Remotes with unlimited storage may report the used size only,
then an additional 1 PiB of free space is assumed. If the remote does not
support the about feature
at all, then 1 PiB is set as both the total and the free size.
Installing on Windows
To run rclone @ on Windows, you will need to
download and install WinFsp.
WinFsp is an open-source
Windows File System Proxy which makes it easy to write user space file
systems for Windows. It provides a FUSE emulation layer which rclone
uses combination with cgofuse.
Both of these packages are by Bill Zissimopoulos who was very helpful
during the implementation of rclone @ for Windows.
Mounting modes on windows
Unlike other operating systems, Microsoft Windows provides a different filesystem
type for network and fixed drives. It optimises access on the assumption fixed
disk drives are fast and reliable, while network drives have relatively high latency
and less reliability. Some settings can also be differentiated between the two types,
for example that Windows Explorer should just display icons and not create preview
thumbnails for image and video files on network drives.
In most cases, rclone will mount the remote as a normal, fixed disk drive by default.
However, you can also choose to mount it as a remote network drive, often described
as a network share. If you mount an rclone remote using the default, fixed drive mode
and experience unexpected program errors, freezes or other issues, consider mounting
as a network drive instead.
When mounting as a fixed disk drive you can either mount to an unused drive letter,
or to a path representing a nonexistent subdirectory of an existing parent
directory or drive. Using the special value *
will tell rclone to
automatically assign the next available drive letter, starting with Z: and moving backward.
Examples:
rclone @ remote:path/to/files *
rclone @ remote:path/to/files X:
rclone @ remote:path/to/files C:\path\parent\mount
rclone @ remote:path/to/files X:
Option --volname
can be used to set a custom volume name for the mounted
file system. The default is to use the remote name and path.
To mount as network drive, you can add option --network-mode
to your @ command. Mounting to a directory path is not supported in
this mode, it is a limitation Windows imposes on junctions, so the remote must always
be mounted to a drive letter.
rclone @ remote:path/to/files X: --network-mode
A volume name specified with --volname
will be used to create the network share path.
A complete UNC path, such as \\cloud\remote
, optionally with path
\\cloud\remote\madeup\path
, will be used as is. Any other
string will be used as the share part, after a default prefix \\server\
.
If no volume name is specified then \\server\share
will be used.
You must make sure the volume name is unique when you are mounting more than one drive,
or else the mount command will fail. The share name will treated as the volume label for
the mapped drive, shown in Windows Explorer etc, while the complete
\\server\share
will be reported as the remote UNC path by
net use
etc, just like a normal network drive mapping.
If you specify a full network share UNC path with --volname
, this will implicitly
set the --network-mode
option, so the following two examples have same result:
rclone @ remote:path/to/files X: --network-mode
rclone @ remote:path/to/files X: --volname \\server\share
You may also specify the network share UNC path as the mountpoint itself. Then rclone
will automatically assign a drive letter, same as with *
and use that as
mountpoint, and instead use the UNC path specified as the volume name, as if it were
specified with the --volname
option. This will also implicitly set
the --network-mode
option. This means the following two examples have same result:
rclone @ remote:path/to/files \\cloud\remote
rclone @ remote:path/to/files * --volname \\cloud\remote
There is yet another way to enable network mode, and to set the share path,
and that is to pass the "native" libfuse/WinFsp option directly:
--fuse-flag --VolumePrefix=\server\share
. Note that the path
must be with just a single backslash prefix in this case.
Note: In previous versions of rclone this was the only supported method.
See also Limitations section below.
Windows filesystem permissions
The FUSE emulation layer on Windows must convert between the POSIX-based
permission model used in FUSE, and the permission model used in Windows,
based on access-control lists (ACL).
The mounted filesystem will normally get three entries in its access-control list (ACL),
representing permissions for the POSIX permission scopes: Owner, group and others.
By default, the owner and group will be taken from the current user, and the built-in
group "Everyone" will be used to represent others. The user/group can be customized
with FUSE options "UserName" and "GroupName",
e.g. -o UserName=user123 -o GroupName="Authenticated Users"
.
The permissions on each entry will be set according to options
--dir-perms
and --file-perms
, which takes a value in traditional Unix
numeric notation.
The default permissions corresponds to --file-perms 0666 --dir-perms 0777
,
i.e. read and write permissions to everyone. This means you will not be able
to start any programs from the mount. To be able to do that you must add
execute permissions, e.g. --file-perms 0777 --dir-perms 0777
to add it
to everyone. If the program needs to write files, chances are you will
have to enable VFS File Caching as well (see also
limitations). Note that the default write permission have
some restrictions for accounts other than the owner, specifically it lacks
the "write extended attributes", as explained next.
The mapping of permissions is not always trivial, and the result you see in
Windows Explorer may not be exactly like you expected. For example, when setting
a value that includes write access for the group or others scope, this will be
mapped to individual permissions "write attributes", "write data" and
"append data", but not "write extended attributes". Windows will then show this
as basic permission "Special" instead of "Write", because "Write" also covers
the "write extended attributes" permission. When setting digit 0 for group or
others, to indicate no permissions, they will still get individual permissions
"read attributes", "read extended attributes" and "read permissions". This is
done for compatibility reasons, e.g. to allow users without additional
permissions to be able to read basic metadata about files like in Unix.
WinFsp 2021 (version 1.9) introduced a new FUSE option "FileSecurity",
that allows the complete specification of file security descriptors using
SDDL.
With this you get detailed control of the resulting permissions, compared
to use of the POSIX permissions described above, and no additional permissions
will be added automatically for compatibility with Unix. Some example use
cases will following.
If you set POSIX permissions for only allowing access to the owner,
using --file-perms 0600 --dir-perms 0700
, the user group and the built-in
"Everyone" group will still be given some special permissions, as described
above. Some programs may then (incorrectly) interpret this as the file being
accessible by everyone, for example an SSH client may warn about "unprotected
private key file". You can work around this by specifying
-o FileSecurity="D:P(A;;FA;;;OW)"
, which sets file all access (FA) to the
owner (OW), and nothing else.
When setting write permissions then, except for the owner, this does not
include the "write extended attributes" permission, as mentioned above.
This may prevent applications from writing to files, giving permission denied
error instead. To set working write permissions for the built-in "Everyone"
group, similar to what it gets by default but with the addition of the
"write extended attributes", you can specify
-o FileSecurity="D:P(A;;FRFW;;;WD)"
, which sets file read (FR) and file
write (FW) to everyone (WD). If file execute (FX) is also needed, then change
to -o FileSecurity="D:P(A;;FRFWFX;;;WD)"
, or set file all access (FA) to
get full access permissions, including delete, with
-o FileSecurity="D:P(A;;FA;;;WD)"
.
Windows caveats
Drives created as Administrator are not visible to other accounts,
not even an account that was elevated to Administrator with the
User Account Control (UAC) feature. A result of this is that if you mount
to a drive letter from a Command Prompt run as Administrator, and then try
to access the same drive from Windows Explorer (which does not run as
Administrator), you will not be able to see the mounted drive.
If you don't need to access the drive from applications running with
administrative privileges, the easiest way around this is to always
create the mount from a non-elevated command prompt.
To make mapped drives available to the user account that created them
regardless if elevated or not, there is a special Windows setting called
linked connections
that can be enabled.
It is also possible to make a drive mount available to everyone on the system,
by running the process creating it as the built-in SYSTEM account.
There are several ways to do this: One is to use the command-line
utility PsExec,
from Microsoft's Sysinternals suite, which has option -s
to start
processes as the SYSTEM account. Another alternative is to run the mount
command from a Windows Scheduled Task, or a Windows Service, configured
to run as the SYSTEM account. A third alternative is to use the
WinFsp.Launcher infrastructure).
Read more in the install documentation.
Note that when running rclone as another user, it will not use
the configuration file from your profile unless you tell it to
with the --config
option.
Note also that it is now the SYSTEM account that will have the owner
permissions, and other accounts will have permissions according to the
group or others scopes. As mentioned above, these will then not get the
"write extended attributes" permission, and this may prevent writing to
files. You can work around this with the FileSecurity option, see
example above.
Note that mapping to a directory path, instead of a drive letter,
does not suffer from the same limitations.
Mounting on macOS
Mounting on macOS can be done either via built-in NFS server, macFUSE
(also known as osxfuse) or FUSE-T. macFUSE is a traditional
FUSE driver utilizing a macOS kernel extension (kext). FUSE-T is an alternative FUSE system
which "mounts" via an NFSv4 local server.
NFS mount
This method spins up an NFS server using serve nfs command and mounts
it to the specified mountpoint. If you run this in background mode using |--daemon|, you will need to
send SIGTERM signal to the rclone process using |kill| command to stop the mount.
Note that --nfs-cache-handle-limit
controls the maximum number of cached file handles stored by the nfsmount
caching handler.
This should not be set too low or you may experience errors when trying to access files. The default is 1000000,
but consider lowering this limit if the server's system resource usage causes problems.
macFUSE Notes
If installing macFUSE using dmg packages from
the website, rclone will locate the macFUSE libraries without any further intervention.
If however, macFUSE is installed using the macports package manager,
the following addition steps are required.
sudo mkdir /usr/local/lib
cd /usr/local/lib
sudo ln -s /opt/local/lib/libfuse.2.dylib
FUSE-T Limitations, Caveats, and Notes
There are some limitations, caveats, and notes about how it works. These are current as
of FUSE-T version 1.0.14.
ModTime update on read
As per the FUSE-T wiki:
File access and modification times cannot be set separately as it seems to be an
issue with the NFS client which always modifies both. Can be reproduced with
'touch -m' and 'touch -a' commands
This means that viewing files with various tools, notably macOS Finder, will cause rlcone
to update the modification time of the file. This may make rclone upload a full new copy
of the file.
Unicode Normalization
Rclone includes flags for unicode normalization with macFUSE that should be updated
for FUSE-T. See this forum post
and FUSE-T issue #16. The following
flag should be added to the rclone mount
command.
-o modules=iconv,from_code=UTF-8,to_code=UTF-8
Read Only mounts
When mounting with --read-only
, attempts to write to files will fail silently as
opposed to with a clear warning as in macFUSE.
Limitations
Without the use of --vfs-cache-mode
this can only write files
sequentially, it can only seek when reading. This means that many
applications won't work with their files on an rclone mount without
--vfs-cache-mode writes
or --vfs-cache-mode full
.
See the VFS File Caching section for more info.
When using NFS mount on macOS, if you don't specify |--vfs-cache-mode|
the mount point will be read-only.
The bucket-based remotes (e.g. Swift, S3, Google Compute Storage, B2)
do not support the concept of empty directories, so empty
directories will have a tendency to disappear once they fall out of
the directory cache.
When rclone mount
is invoked on Unix with --daemon
flag, the main rclone
program will wait for the background mount to become ready or until the timeout
specified by the --daemon-wait
flag. On Linux it can check mount status using
ProcFS so the flag in fact sets maximum time to wait, while the real wait
can be less. On macOS / BSD the time to wait is constant and the check is
performed only at the end. We advise you to set wait time on macOS reasonably.
Only supported on Linux, FreeBSD, OS X and Windows at the moment.
rclone @ vs rclone sync/copy
File systems expect things to be 100% reliable, whereas cloud storage
systems are a long way from 100% reliable. The rclone sync/copy
commands cope with this with lots of retries. However rclone @
can't use retries in the same way without making local copies of the
uploads. Look at the VFS File Caching
for solutions to make @ more reliable.
Attribute caching
You can use the flag --attr-timeout
to set the time the kernel caches
the attributes (size, modification time, etc.) for directory entries.
The default is 1s
which caches files just long enough to avoid
too many callbacks to rclone from the kernel.
In theory 0s should be the correct value for filesystems which can
change outside the control of the kernel. However this causes quite a
few problems such as
rclone using too much memory,
rclone not serving files to samba
and excessive time listing directories.
The kernel can cache the info about a file for the time given by
--attr-timeout
. You may see corruption if the remote file changes
length during this window. It will show up as either a truncated file
or a file with garbage on the end. With --attr-timeout 1s
this is
very unlikely but not impossible. The higher you set --attr-timeout
the more likely it is. The default setting of "1s" is the lowest
setting which mitigates the problems above.
If you set it higher (10s
or 1m
say) then the kernel will call
back to rclone less often making it more efficient, however there is
more chance of the corruption issue above.
If files don't change on the remote outside of the control of rclone
then there is no chance of corruption.
This is the same as setting the attr_timeout option in mount.fuse.
Filters
Note that all the rclone filters can be used to select a subset of the
files to be visible in the mount.
systemd
When running rclone @ as a systemd service, it is possible
to use Type=notify. In this case the service will enter the started state
after the mountpoint has been successfully set up.
Units having the rclone @ service specified as a requirement
will see all files and folders immediately in this mode.
Note that systemd runs mount units without any environment variables including
PATH
or HOME
. This means that tilde (~
) expansion will not work
and you should provide --config
and --cache-dir
explicitly as absolute
paths via rclone arguments.
Since mounting requires the fusermount
program, rclone will use the fallback
PATH of /bin:/usr/bin
in this scenario. Please ensure that fusermount
is present on this PATH.
Rclone as Unix mount helper
The core Unix program /bin/mount
normally takes the -t FSTYPE
argument
then runs the /sbin/mount.FSTYPE
helper program passing it mount options
as -o key=val,...
or --opt=...
. Automount (classic or systemd) behaves
in a similar way.
rclone by default expects GNU-style flags --key val
. To run it as a mount
helper you should symlink rclone binary to /sbin/mount.rclone
and optionally
/usr/bin/rclonefs
, e.g. ln -s /usr/bin/rclone /sbin/mount.rclone
.
rclone will detect it and translate command-line arguments appropriately.
Now you can run classic mounts like this:
mount sftp1:subdir /mnt/data -t rclone -o vfs_cache_mode=writes,sftp_key_file=/path/to/pem
or create systemd mount units:
# /etc/systemd/system/mnt-data.mount
[Unit]
Description=Mount for /mnt/data
[Mount]
Type=rclone
What=sftp1:subdir
Where=/mnt/data
Options=rw,_netdev,allow_other,args2env,vfs-cache-mode=writes,config=/etc/rclone.conf,cache-dir=/var/rclone
optionally accompanied by systemd automount unit
# /etc/systemd/system/mnt-data.automount
[Unit]
Description=AutoMount for /mnt/data
[Automount]
Where=/mnt/data
TimeoutIdleSec=600
[Install]
WantedBy=multi-user.target
or add in /etc/fstab
a line like
sftp1:subdir /mnt/data rclone rw,noauto,nofail,_netdev,x-systemd.automount,args2env,vfs_cache_mode=writes,config=/etc/rclone.conf,cache_dir=/var/cache/rclone 0 0
or use classic Automountd.
Remember to provide explicit config=...,cache-dir=...
as a workaround for
mount units being run without HOME
.
Rclone in the mount helper mode will split -o
argument(s) by comma, replace _
by -
and prepend --
to get the command-line flags. Options containing commas
or spaces can be wrapped in single or double quotes. Any inner quotes inside outer
quotes of the same type should be doubled.
Mount option syntax includes a few extra options treated specially:
env.NAME=VALUE
will set an environment variable for the mount process.
This helps with Automountd and Systemd.mount which don't allow setting
custom environment for mount helpers.
Typically you will useenv.HTTPS_PROXY=proxy.host:3128
orenv.HOME=/root
command=cmount
can be used to runcmount
or any other rclone command
rather than the defaultmount
.args2env
will pass mount options to the mount helper running in background
via environment variables instead of command line arguments. This allows to
hide secrets from such commands asps
orpgrep
.vv...
will be transformed into appropriate--verbose=N
- standard mount options like
x-systemd.automount
,_netdev
,nosuid
and alike
are intended only for Automountd and ignored by rclone.