mount: Add "no-default-permissions" option
This option restores the previous behavior of `mount` by disabling the "DefaultPermissions" FUSE option. This allows any user that can access the mountpoint to read any file from the snapshot. Normal FUSE rules apply, so `allow-root` or `allow-other` can be used to allow users besides the mounting user to access these files.
This commit is contained in:
Kyle Lacy
parent
a35a24b8b4
commit
cf0883e16c
1 changed files with 12 additions and 8 deletions
|
|
@ -53,13 +53,14 @@ For details please see the documentation for time.Format() at:
|
||||||
|
|
||||||
// MountOptions collects all options for the mount command.
|
// MountOptions collects all options for the mount command.
|
||||||
type MountOptions struct {
|
type MountOptions struct {
|
||||||
OwnerRoot bool
|
OwnerRoot bool
|
||||||
AllowRoot bool
|
AllowRoot bool
|
||||||
AllowOther bool
|
AllowOther bool
|
||||||
Host string
|
NoDefaultPermissions bool
|
||||||
Tags restic.TagLists
|
Host string
|
||||||
Paths []string
|
Tags restic.TagLists
|
||||||
SnapshotTemplate string
|
Paths []string
|
||||||
|
SnapshotTemplate string
|
||||||
}
|
}
|
||||||
|
|
||||||
var mountOptions MountOptions
|
var mountOptions MountOptions
|
||||||
|
|
@ -71,6 +72,7 @@ func init() {
|
||||||
mountFlags.BoolVar(&mountOptions.OwnerRoot, "owner-root", false, "use 'root' as the owner of files and dirs")
|
mountFlags.BoolVar(&mountOptions.OwnerRoot, "owner-root", false, "use 'root' as the owner of files and dirs")
|
||||||
mountFlags.BoolVar(&mountOptions.AllowRoot, "allow-root", false, "allow root user to access the data in the mounted directory")
|
mountFlags.BoolVar(&mountOptions.AllowRoot, "allow-root", false, "allow root user to access the data in the mounted directory")
|
||||||
mountFlags.BoolVar(&mountOptions.AllowOther, "allow-other", false, "allow other users to access the data in the mounted directory")
|
mountFlags.BoolVar(&mountOptions.AllowOther, "allow-other", false, "allow other users to access the data in the mounted directory")
|
||||||
|
mountFlags.BoolVar(&mountOptions.NoDefaultPermissions, "no-default-permissions", false, "for 'allow-other', ignore Unix permissions and allow users to read all snapshot files")
|
||||||
|
|
||||||
mountFlags.StringVarP(&mountOptions.Host, "host", "H", "", `only consider snapshots for this host`)
|
mountFlags.StringVarP(&mountOptions.Host, "host", "H", "", `only consider snapshots for this host`)
|
||||||
mountFlags.Var(&mountOptions.Tags, "tag", "only consider snapshots which include this `taglist`")
|
mountFlags.Var(&mountOptions.Tags, "tag", "only consider snapshots which include this `taglist`")
|
||||||
|
|
@ -120,7 +122,9 @@ func mount(opts MountOptions, gopts GlobalOptions, mountpoint string) error {
|
||||||
mountOptions = append(mountOptions, systemFuse.AllowOther())
|
mountOptions = append(mountOptions, systemFuse.AllowOther())
|
||||||
}
|
}
|
||||||
|
|
||||||
mountOptions = append(mountOptions, systemFuse.DefaultPermissions())
|
if !opts.NoDefaultPermissions {
|
||||||
|
mountOptions = append(mountOptions, systemFuse.DefaultPermissions())
|
||||||
|
}
|
||||||
|
|
||||||
c, err := systemFuse.Mount(mountpoint, mountOptions...)
|
c, err := systemFuse.Mount(mountpoint, mountOptions...)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue