Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
7c15b9b0ea
core-agent-linux/vm-systemd/bind-dirs.sh

127 lines
3.5 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash -e
# vim: set ts=4 sw=4 sts=4 et :
#
# bind-dirs
# Binds directories which allows changes in TemplateBasedVM to persist.
#
# To umount all bind-dirs, just pass any arg in $1, like umount
#
# Copyright (C) 2014 - 2015 Jason Mehring <nrgaway@gmail.com>
# Copyright (C) 2014 - 2015 Patrick Schleizer <adrelanos@riseup.net>
# License: GPL-2+
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
set -x
prerequisite() {
qubes_vm_persistence="$(qubesdb-read /qubes-vm-persistence)"
if [ ! "$qubes_vm_persistence" = "rw-only" ]; then
true "No TemplateBasedVM detected. Exiting."
exit 0
fi
if [ -f "/var/run/qubes-service/qubes-dvm" ]; then
# https://github.com/QubesOS/qubes-issues/issues/1328#issuecomment-169483029
# Do none of the following in a DispVM.
# During DispVM savefile generation, 'qubesdb-read /qubes-vm-persistence'
# outputs 'rw'.
exit 0
fi
}
init() {
[ -n "$rw_dest_dir" ] || rw_dest_dir="/rw/bind-dirs"
[ -n "$symlink_level_max" ] || symlink_level_max="10"
mkdir --parents "$rw_dest_dir"
shopt -s nullglob
shopt -s dotglob
}
legacy() {
true
}
bind_dirs() {
## legend
## fso: file system object
## ro: read-only
## rw: read-write
for fso_ro in ${binds[@]}; do
local symlink_level_counter
symlink_level_counter="0"
while true; do
if [ -h "$fso_ro" ]; then
## Resolving where there symlink points to, and using the result
## for bind mount instead.
symlink_level_counter="$(( symlink_level_counter + 1 ))"
true "$fso_ro is a symlink"
fso_real_location="$(realpath "$fso_ro")"
fso_ro="$fso_real_location"
else
true "$fso_ro is not a symlink"
break
fi
if [ "$symlink_level_counter" -ge "$symlink_level_max" ]; then
break
fi
done
true "fso_ro: $fso_ro"
fso_rw="${rw_dest_dir}${fso_ro}"
# Make sure fso_ro is not mounted.
umount "$fso_ro" 2> /dev/null || true
if [ -n "$1" ]; then
true "Umounting $1 only..."
continue
fi
# Initially copy over data directories to /rw if rw directory does not exist.
if [ -d "$fso_ro" ] || [ -f "$fso_ro" ]; then
cp --verbose --no-clobber --archive --recursive --parents "$fso_ro" "$rw_dest_dir"
else
true "$fso_ro is neither a directory nor a file or does not exist, skipping."
continue
fi
# Bind the fso.
mount --bind "$fso_rw" "$fso_ro"
done
}
main() {
prerequisite "$@"
init "$@"
legacy "$@"
bind_dirs "$@"
}
for source_folder in /usr/lib/qubes-bind-dirs.d /etc/qubes-bind-dirs.d /rw/config/qubes-bind-dirs.d ; do
true "source_folder: $source_folder"
if [ ! -d "$source_folder" ]; then
continue
fi
for file_name in "$source_folder/"*".conf" ; do
bash -n "$file_name"
source "$file_name"
done
done
main "$@"
true "OK: END."
Reference in New Issue View Git Blame Copy Permalink