Rootless Mounting

What is Mounting?

In Linux, mounting means making a filesystem (e.g., a folder, external drive, or virtual filesystem like FUSE) accessible from a specific location in your directory tree.

For example, when using tools like sshfs or iofs, you’re mounting a remote or virtual filesystem so it appears as part of your local filesystem.

Normally, mounting requires root permissions. But using user namespaces, you can do it without sudo. This document shows how to use Linux namespaces to allow mounting without requiring sudo.

Start a Rootless Shell

To create a temporary environment where you have root-like privileges, use the unshare command to create an isolated user and mount namespaces:

unshare -U -m -r /bin/bash -li

This opens a shell where you have root privileges for mounting, but only inside the isolated namespace. The flags function as follows.

• -U: Create a new user namespace
• -m: Create a new mount namespace
• -r: Map your real UID/GID to UID 0 (root) inside the namespace
• /bin/bash -li: Start an interactive login shell

To verify that the shell has root privileges inside the namespace, run: id. ou should see something like:

uid=0(root) gid=0(root) groups=0(root)