#!/bin/bash -e shopt -s nullglob dotglob # vim: set ts=4 sw=4 sts=4 et : # # bind-dirs # Binds directories which allows changes in TemplateBasedVM to persist. # https://www.qubes-os.org/doc/bind-dirs/ # # To umount all bind-dirs, just pass any arg in $1, like umount # # Copyright (C) 2014 - 2015 Jason Mehring # Copyright (C) 2014 - 2015 Patrick Schleizer # License: GPL-2+ # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # Source Qubes library. # shellcheck source=init/functions source /usr/lib/qubes/init/functions prerequisite() { if is_fully_persistent ; then echo "No TemplateBasedVM/DisposableVM detected. Exiting." exit 0 fi } init() { [ -n "$rw_dest_dir" ] || rw_dest_dir="/rw/bind-dirs" [ -n "$symlink_level_max" ] || symlink_level_max="10" mkdir --parents "$rw_dest_dir" } legacy() { ## The legacy function gets overwritten by Whonix: ## https://github.com/Whonix/qubes-whonix/blob/master/usr/lib/qubes-bind-dirs.d/41_qubes-whonix-legacy.conf ## Please do not remove this legacy function without coordination with Whonix. true } bind_dirs() { ## legend ## fso: file system object ## ro: read-only ## rw: read-write for fso_ro in "${binds[@]}"; do local symlink_level_counter symlink_level_counter="0" while true; do if [ -h "$fso_ro" ]; then ## Resolving where there symlink points to, and using the result ## for bind mount instead. symlink_level_counter="$(( symlink_level_counter + 1 ))" true "$fso_ro is a symlink" fso_real_location="$(realpath "$fso_ro")" fso_ro="$fso_real_location" else echo "$fso_ro is not a symlink" break fi if [ "$symlink_level_counter" -ge "$symlink_level_max" ]; then break fi done true "fso_ro: $fso_ro" fso_rw="${rw_dest_dir}${fso_ro}" # Make sure fso_ro is not mounted. umount "$fso_ro" 2> /dev/null || true if [ -n "$1" ]; then true "Umounting $1 only..." continue fi if [ -d "$fso_rw" ] || [ -f "$fso_rw" ]; then if [ ! -e "$fso_ro" ]; then ## Create empty file or directory if path exists in /rw to allow to bind mount none existing files/dirs. test -d "$fso_rw" && mkdir --parents "$fso_ro" test -f "$fso_rw" && touch "$fso_ro" fi else if [ -d "$fso_ro" ] || [ -f "$fso_ro" ]; then ## Initially copy over data directories to /rw if rw directory does not exist. echo "Initializing $rw_dest_dir with files from $fso_ro" >&2 cp --archive --recursive --parents "$fso_ro" "$rw_dest_dir" else echo "$fso_ro is neither a directory nor a file and the path does not exist below /rw, skipping." continue fi fi # Bind the fso. echo "Bind mounting $fso_rw onto $fso_ro" >&2 mount --bind "$fso_rw" "$fso_ro" done } main() { prerequisite "$@" init "$@" legacy "$@" bind_dirs "$@" } binds=() for source_folder in /usr/lib/qubes-bind-dirs.d /etc/qubes-bind-dirs.d /rw/config/qubes-bind-dirs.d ; do true "source_folder: $source_folder" if [ ! -d "$source_folder" ]; then continue fi for file_name in "$source_folder/"*".conf" ; do bash -n "$file_name" # shellcheck source=/dev/null source "$file_name" done done main "$@" true "OK: END."