mount_tomb: make use of ACL in a specific location

Namely /run/media/$USER, which was introduced as a replacement for the
classic /media. Main motiviation being, that $USER_B shouldn't get
access to or information about mounted devices from $USER_A.
The mount point itself is owned by root, therefore one needs currently
to know the name of the mountpoint to change to the location.
Other tools for mounting media like udisksctl set ACL to allow the
owner to use it normally (autocompletion and such).

Fixes #461
This commit is contained in:
Narrat 2023-06-24 01:15:00 +02:00 committed by Jaromil
parent 5409402196
commit a6e6a9c677

24
tomb
View File

@ -65,6 +65,7 @@ typeset -i RESIZER=1
typeset -i RECOLL=1 typeset -i RECOLL=1
typeset -i QRENCODE=1 typeset -i QRENCODE=1
typeset -i LSOF=1 typeset -i LSOF=1
typeset -i ACL=1
# Default mount options # Default mount options
typeset MOUNTOPTS="rw,noatime,nodev" typeset MOUNTOPTS="rw,noatime,nodev"
@ -897,7 +898,7 @@ function _print() {
_list_optional_tools() { _list_optional_tools() {
typeset -a _deps typeset -a _deps
_deps=(gettext dcfldd shred steghide) _deps=(gettext dcfldd shred steghide)
_deps+=(resize2fs tomb-kdb-pbkdf2 argon2 qrencode recoll unoconv lsof) _deps+=(resize2fs tomb-kdb-pbkdf2 argon2 qrencode recoll unoconv lsof setfacl)
for d in $_deps; do for d in $_deps; do
_print "`which $d`" _print "`which $d`"
done done
@ -960,6 +961,8 @@ _ensure_dependencies() {
command -v recoll 1>/dev/null 2>/dev/null || RECOLL=0 command -v recoll 1>/dev/null 2>/dev/null || RECOLL=0
# Check for QREncode for paper backups of keys # Check for QREncode for paper backups of keys
command -v qrencode 1>/dev/null 2>/dev/null || QRENCODE=0 command -v qrencode 1>/dev/null 2>/dev/null || QRENCODE=0
# Check for acl/setfacl for setting ACL at the mount location
command -v setfacl 1>/dev/null 2>/dev/null || ACL=0
} }
# }}} - Commandline interaction # }}} - Commandline interaction
@ -2289,8 +2292,11 @@ mount_tomb() {
local tombmount="$2" local tombmount="$2"
[[ -z "$tombmount" ]] && { [[ -z "$tombmount" ]] && {
tombmount="/media/$TOMBNAME" tombmount="/media/$TOMBNAME"
[[ -d /media ]] || { # no /media found, adopting /run/media/$USER (udisks2 compat) [[ -d /media ]] || {
tombmount="/run/media/$_USER/$TOMBNAME" # no /media found, adopting /run/media/$USER to match behaviour
# of tools following the notion to mount in that location (like udisks2)
local runmedia="/run/media/$_USER"
tombmount="$runmedia/$TOMBNAME"
} }
_message "Mountpoint not specified, using default: ::1 mount point::" "$tombmount" _message "Mountpoint not specified, using default: ::1 mount point::" "$tombmount"
} }
@ -2383,6 +2389,12 @@ mount_tomb() {
# we need root from here on # we need root from here on
_sudo mkdir -p "$tombmount" _sudo mkdir -p "$tombmount"
# set ACL on /run/media/$_USER/ to match behaviour (see #461)
# tmpfs -> it doesn't know acl/noacl mount options -> no check
[[ $ACL == 1 ]] && [[ -s $runmedia ]] && {
_sudo setfacl -m u:"$_USER":r-x "$runmedia"
}
# Default mount options are overridden with the -o switch # Default mount options are overridden with the -o switch
local oldmountopts local oldmountopts
{ option_is_set -o } && { { option_is_set -o } && {
@ -3305,6 +3317,12 @@ main() {
# Close the tomb # Close the tomb
umount|close) umount|close)
[[ "$subcommand" == "slam" ]] && {
SLAM=1
[[ $LSOF == 0 ]] && {
unset SLAM
_warning "lsof not installed: cannot slam tombs."
_warning "Trying a regular close." }}
umount_tomb $PARAM[1] umount_tomb $PARAM[1]
;; ;;