From e0814b481fd6e08c378022efb810600b5ea7ebe4 Mon Sep 17 00:00:00 2001
From: Robin Schneider <ypid@riseup.net>
Date: Tue, 14 Mar 2017 20:31:28 +0100
Subject: [PATCH] bind-dirs: Create ro if bind target exists

Before, the script skipped none existing ro paths even if the path
existed below /rw. This would require someone who wants to use bind-dirs
only in TemplateBasedVM to ensure that the paths exist before the
bind-dirs script gets called.

This patch changes this behavior so that if the path exists below /rw, it
is ensured that an (empty) file/directory is present in ro (where the
corresponding path from /rw is then bind mounted over).

Requires: Docs update. I can open a PR when this PRs looks good.
Fixes limitation: "Does not work if the file / folder in question does
  not already exist in the root image. I.e. a file that does not exist in
  the root image cannot be bind mounted in the TemplateBasedVM."
Example use case: https://github.com/debops/ansible-persistent_paths
Tested on: Qubes OS 3.2; Debian 8 TemplateBasedVM (and Template)
Related to: https://github.com/QubesOS/qubes-issues/issues/2661
---
 vm-systemd/bind-dirs.sh | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/vm-systemd/bind-dirs.sh b/vm-systemd/bind-dirs.sh
index 9a6b393..e6ab031 100755
--- a/vm-systemd/bind-dirs.sh
+++ b/vm-systemd/bind-dirs.sh
@@ -87,15 +87,21 @@ bind_dirs() {
          continue
       fi
 
-      # Initially copy over data directories to /rw if rw directory does not exist.
-      if [ -d "$fso_ro" ] || [ -f "$fso_ro" ]; then
-         if ! [ -d "$fso_rw" -o -f "$fso_rw" ]; then
-            echo "Initializing $rw_dest_dir with files from $fso_ro" >&2
-            cp --archive --recursive --parents "$fso_ro" "$rw_dest_dir"
+      if [ -d "$fso_rw" ] || [ -f "$fso_rw" ]; then
+         if [ ! -e "$fso_ro" ]; then
+            ## Create empty file or directory if path exists in /rw to allow to bind mount none existing files/dirs.
+            test -d "$fso_rw" && mkdir --parents "$fso_ro"
+            test -f "$fso_rw" && touch "$fso_ro"
          fi
       else
-         true "$fso_ro is neither a directory nor a file or does not exist, skipping."
-         continue
+         if [ -d "$fso_ro" ] || [ -f "$fso_ro" ]; then
+            ## Initially copy over data directories to /rw if rw directory does not exist.
+            echo "Initializing $rw_dest_dir with files from $fso_ro" >&2
+            cp --archive --recursive --parents "$fso_ro" "$rw_dest_dir"
+         else
+            true "$fso_ro is neither a directory nor a file and the path does not exist below /rw, skipping."
+            continue
+         fi
       fi
 
       # Bind the fso.