playbooks/trixie
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Run virtiofsd in usermode and mount shares with correct gid.

Browse source 
- The new virtiofsd provides the ability to map a specified
  UID and GID to that of the user when running in user mode.
  As a result, virtiofsd is moved to userland for VMs and
  the new -uid and -gid options are introduced that specify
  the IDs on the guest.New v
- The drives no longer have to be mounted with the group ID 1010.
  Therefore, the mount options are changed to the real group ID
This commit is contained in:
Raphael Dannecker 2024-06-17 21:35:18 +02:00
parent 8a9bebba65
commit f201332a4b
6 changed files with 37 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

5
roles/lmn_teacherlaptop/files/10-lmn-mount.sh
View file

@ -5,6 +5,7 @@ set -eu
if [[ "$CONNECTION_ID" = "wg0" ]]; then
USERNAME=$(ps -o pid,user,args -C sddm-helper | sed -nE 's/.*user (.*)$/\1/p')
USERID=$(id -u "${USERNAME}")
GROUPID=$(id -g "${USERNAME}")
KRB5CCNAME=$(ls /tmp/krb5cc_"${USERID}"_*)
export KRB5CCNAME
printenv >&2
@ -26,13 +27,13 @@ if [[ "$CONNECTION_ID" = "wg0" ]]; then
mkdir -p "/lmn/media/${USERNAME}/share"
mount -t cifs //server/default-school/ /srv/samba/schools/default-school \
-o "sec=krb5i,cruid=${USERID},user=${USERNAME},uid=${USERID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl,actimeo=600,cache=loose,echo_interval=10"
-o "sec=krb5i,cruid=${USERID},user=${USERNAME},uid=${USERID},gid=${GROUPID},file_mode=0700,dir_mode=0700,mfsymlinks,nobrl,actimeo=600,cache=loose,echo_interval=10"
echo "after mount" >&2
mount --bind /srv/samba/schools/default-school/share "/lmn/media/${USERNAME}/share"
elif [[ "$NM_DISPATCHER_ACTION" = "pre-down" ]]; then
# FIXME: Only umount server when Wireguard-Connection was the only connection to server.
# Dirty fix (works only in fvs-IP-Range)
if !(ip r s | grep "10.190." | grep -v wg0); then
if ! (ip r s | grep "10.190." | grep -v wg0); then
echo "Try to umount server shares"
umount "/lmn/media/${USERNAME}/share"
umount /srv/samba/schools/default-school

2
roles/lmn_teacherlaptop/files/mountserver
View file

@ -17,7 +17,7 @@ chmod 777 /srv/samba/schools/default-school
mkdir -p "/lmn/media/${SUDO_USER}/share"
mount -t cifs //server/default-school/ /srv/samba/schools/default-school \
-o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl,actimeo=600,cache=loose,echo_interval=10"
-o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=${SUDO_GID},file_mode=0700,dir_mode=0700,mfsymlinks,nobrl,actimeo=600,cache=loose,echo_interval=10"
mount --bind /srv/samba/schools/default-school/share "/lmn/media/${SUDO_USER}/share"
echo "Einbindung erfolgreich!"