Cryptomator Vault Folders/Files & Sudo Permissions Denial

X0X0 · November 6, 2023, 2:56am

sudo user does not have permissions within the folders and files that are within Cryptomator vault.

If I use sudo with an operation within or to the encrypted folder and files, I do get this:

fdupes: could not chdir to /home/userx/.local/share/Cryptomator/mnt/Folder_01/Folder_02

How do I resolve this issue, and add sudo user permissions to be able to function on the Cryptomator encrypted folders and files?

I am running an App Img Cryptomator on Debian Bookworm, 12.

Thanx

infeo · November 6, 2023, 9:20am

Cryptomator vaults are mounted with FUSE into the system. An normally, the root user (which you become when using sudo) does not have access. See Why does root get Permission denied when accessing FUSE directory? - Unix & Linux Stack Exchange

Read in our docs, how to allow root access:
https://docs.cryptomator.org/en/latest/desktop/volume-type/#desktop-volume-type-fuse-fuse

X0X0 · November 6, 2023, 6:03pm

Thank you for your delineation. Thus it is a the default permission value for a FUSE mount in regards to the ‘sudo’.

Will go through the documentation to allow the root access.

Thank you

X0X0 · November 6, 2023, 6:39pm

I did a couple changes to give sudo user the permissions successfully to the mounted encrypted vault:

allow_rootandallow_othercannot be used as [custom mount flags without enabling (uncommenting)user_allow_other` option in /etc/fuse.conf configuration file.

sudo nano /etc/fuse.conf

  GNU nano 7.2                                                                                                   /etc/fuse.conf                                                                                                             
# The file /etc/fuse.conf allows for the following parameters:
#
# user_allow_other - Using the allow_other mount option works fine as root, in
# order to have it work as user you need user_allow_other in /etc/fuse.conf as
# well. (This option allows users to use the allow_other option.) You need
# allow_other if you want users other than the owner to access a mounted fuse.
# This option must appear on a line by itself. There is no value, just the
# presence of the option.

user_allow_other


# mount_max = n - this option sets the maximum number of mounts.
# Currently (2014) it must be typed exactly as shown
# (with a single space before and after the equals sign).

#mount_max = 1000

Under ‘Show Vault Options’ > ‘Mounting’

Under ‘Custom mount flags’, there is a default value

-oauto_unmount -ouid=1000 -ogid=1000 -oattr_timeout=5

I did replace the value with

-oallow_root

Thank you for your guidance and assistance