Rclone unable to access the all shared files/folders of a service account

What is the problem you are having with rclone?

I have created remote of my service account named sa
This service account has been given access to many folders and team drives but it only shows one folder in output

This service account has been given access at 6 places

a) One in my team drive
b) Two in my friend's separate team drives
c) One in my friends gsuite account's primary storage
b) One in my primary google drive storage
e) One in my friend's edu accont primary storage

remote lsd sa: --drive-shared-with-me only listed the c folder from above mentiond

What is your rclone version (output from rclone version)

rclone v1.51.0

Which OS you are using and how many bits (eg Windows 7, 64 bit)

  • os/arch: android/arm64
  • go version: go1.13.7

Which cloud storage system are you using? (eg Google Drive)

Google Drive

The command you were trying to run (eg rclone copy /tmp remote:tmp)

<rclone lsd sa: --drive-shared-with-me>

A log from the command with the -vv flag (eg output from rclone -vv copy /tmp remote:tmp)

rclone lsd sa: --drive-shared-with-me -vv
2020/05/07 03:11:54 DEBUG : rclone: Version "v1.51.0" starting with parameters ["rclone" "lsd" "sa:" "--drive-shared-with-me" "-vv"]
2020/05/07 03:11:54 DEBUG : Using config file from "/data/data/com.termux/files/home/.config/rclone/rclone.conf"
          -1 2020-05-07 03:11:40        -1 Test
2020/05/07 03:11:56 DEBUG : 7 go routines active
2020/05/07 03:11:56 DEBUG : rclone: Version "v1.51.0" finishing with parameters ["rclone" "lsd" "sa:" "--drive-shared-with-me" "-vv"]

What are you expecting to happen?

Shouldn't rclone lsd sa: --drive-shared-with-me list all the folders of which service account is having access ?
It only lists 1 folder out of all the ones it has access

What's your rclone.conf look like without the passwords and keys?

Are you using --drive-impersonate foo@example.com to use the service account?

The config for the service account Remote has just 4 lines
type = drive
scope = drive
service_account_file = /data/data/com.termux/files/home/1.json
root_folder_id = 0AFT1-91WuvhB######

I am not using this --drive-impersonate flag , i am not even aware what this flag does as of now

Out of these six pieces, we'd need to understand how they gave access:

This gives an explanation of how I've normally seen access done:


So if they gave access to the service account, you are using the service account to impersonate access and there would be a remote for A/B/C/D/E as those are all separate Google Drives.

I'm not sure how'd you would 'shared with me' with a service account as that field usually requires an email to use.

1 Like

Actually i have created a google group and added that service account in that google group
Now my googlegroups id is having access to all those 6 folders. ( #####@googlegroups.com is what that id looks like )

A remote can only point to one drive or 'root_folder_id".

You'd have a remote for each drive.
If permissions are setup properly, you'd use that group as impersonation.

rclone lsf remoteA: --drive-impersonate #####@googlegroups.com

So everytime i add my service accont (googlegroups_id ) to different team drives
I will have to create a separate Remote for each td and while creating that remote , i need to set it up as team drive right ?

And then , assuming that remote is named td1
rclone lsf td1: --drive-impersonate #####@googlegroups.com
This will list all the contents of that Teamdrive as my service account is added to it ?

I hope i have understood it correctly

I believe so as each team drive is its own unique thing so would need a remote.

You can test with one and validate.

Yes that's correct
I set up one service account remote as team drive and it listed all contents inside that team drive as the service account ( googlegroups_id ) has access to it
Although the command i used is simply- rclone lsd sa2:
and it worked as intended

If i do rclone lsd sa2: --drive-impersonate #####@googlegroups.com , it gives some errors - https://del.dog/service_account.txt

Looks like that account is missing some access. Did you authorize it as well?

Apparently permissions are given but since my main concern was resolved , i will let if go off for now and check it all later. Thx for all your help
Just one last question out of curiosity
I currently have like 15+ remotes and have to copy/clone files & folders from different sources to different destination on a frequent basis
It has got really time consuming process to keep creating remotes , keep track of them like remoteA is for this drive etc...i have to create Remote even for those one time unique source to unique destination cloning

Isn't there something in rclone like..
rclone copy source_folder_id destination_folder_id
What can work without need of remotes and do it quickly That would be really quite helpful for me
I will just keep 2,3 remotes of my gdrive and td as its permanent

You could create a script to hold enviroment variables that are common to what you need. and then source them before you run commands. See this.

The problem you may find though is the oauth. Those will go invalid. So your script may need to grab the latest set from the existing config to work. That should be scriptable though too.

1 Like

Shortcuts (available in the latest rclone beta) should simplify this a lot once we have a command to create them from rclone.

Thanks i will surely check it out

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.