[Pkg-ltsp-devel] Bug#574516: ltspfs: patches required for robust operation (including non-fuse-group users)
David Adam
zanchey at ucc.gu.uwa.edu.au
Wed Oct 20 12:30:17 UTC 2010
Package: ltspfs
Version: 0.5.3
Followup-For: Bug #574516
We've been trying to get LOCALDEV mounting working without adding all
our users to the fuser group. It can be accomplished with a file mode
change, editing a udev script, and a patch to lbmount.
* chmod o+x /usr/bin/fusermount
* add appropriate permissions flags to udev for /dev/fuse by editing
/etc/udev/rules.d/91-permissions.rules to include 'MODE="0666",' on
the KERNEL=="fuse" line.
* patch src/lbmount.c as follows:
--- a/src/lbmount.c
+++ b/src/lbmount.c
@@ -259,6 +259,10 @@
pwent->pw_name);
mkdir_safe(mediamount);
+ // use the calling user's group (so they don't have to be in the fuse group)
+ chown(mediamount, -1, pwent->pw_gid);
+ // restrictive umasks may deny group read permissions
+ chmod(mediamount, 0750);
/* Now, create the media dir underneath the uid dir */
---
(note that this patch also makes lbmount more robust in the face of
restrictive umasks such as 077)
I'm not sure this patch should go into stock lbmount but perhaps a more
general version could be implemented.
Initially the chown() call set the owner to uidReal as well, but I wasn't sure
if this precipitated the exact race condition that mkdir_safe() was intended to
avoid. If it doesn't, perhaps a patch without the chmod() lines which uses
chown(mediamount, uidReal, pwent->pw_gid();
would be more amenable for upstream use.
More information about the Pkg-ltsp-devel
mailing list