this post was submitted on 03 Nov 2024
25 points (96.3% liked)

Linux

48375 readers
1553 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Hi everyone! I want to be able to access a folder inside the guest that corresponds to a cloud drive that is mounted inside the guest for security purposes. I have tried setting up a shared filesystem inside Virt-Manager (KVM) with virtiofs (following this tutorial: https://absprog.com/post/qemu-kvm-shared-folder) but as soon as I mount the folder in order for it to be accessible on the ~~guest~~ host the cloud drive gets unmounted. I guess a folder cannot have two mounts at the same time. Aliasing the folder using bind and then sharing the aliased folder with the host doesn't work either. The aliased folder is simply empty on the host.

Does anyone have an idea regarding how I might accomplish this? Is KVM the right choice or would something like docker or podman better suited for this job? Thank you.

Edit: To clarify: The cloud drive is mounted inside a virtual machine for security purposes as the binary is proprietary and I do not want to mount it on the host (bwrap and the like introduce a whole lot of problems, the drive doesn't sync anymore and I have to relogin each time). I do not use the virtual machine per se, I just start it and leave it be.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 3 weeks ago (1 children)

What do you mean by intermediary? Do you mean syncing the files with the VM and then sharing the synced copy with the host?That wouldn’t work since my drive is smaller than the cloud drive and I need all the files on-demand.

that's one way. do you need them all at the same time? are they mostly the same size and type?

[–] [email protected] 1 points 3 weeks ago (1 children)

do you need them all at the same time?

I need to access all files conveniently and transparently depending on what I need at work in that particular moment.

are they mostly the same size and type?

Hard no.

[–] [email protected] 1 points 3 weeks ago (1 children)

sshfs might work if your fuse drive is mounted with options that will let it be shared and you have sudo access to enable sshfs. also ssh access is a requirement.

how is it mounted now? it should also be in that same mount printout and usually at the end of the line inside parenthesis.

[–] [email protected] 1 points 3 weeks ago (1 children)

rw,nosuid,nodev,relatime,user_id=0,group_id=0

[–] [email protected] 1 points 3 weeks ago (1 children)

user_id=0,group_id=0

do you have sudo access and are there any rules in /etc/sudo* that match your username or any of your groups? which distribution?

[–] [email protected] 1 points 3 weeks ago (1 children)

Since originally writing the post I have switched to a rootless podman container. Running it how I did before (inside a VM) would simply yield user_id=1000,group_id=1000 I think.

[–] [email protected] 1 points 3 weeks ago (1 children)

that implies that you're not using the binary anymore since you're in a container; is it using an overlay fs?

[–] [email protected] 1 points 3 weeks ago (1 children)

I am using the binary. Just running it inside a container instead of a VM.

overlay fs?

Yes.

[–] [email protected] 1 points 3 weeks ago (1 children)

so the drive isn't mounted when the container starts; but you execute it after it started and then the drive is mounted?

[–] [email protected] 1 points 3 weeks ago (1 children)
[–] [email protected] 1 points 3 weeks ago

i've never seen a workflow like that so i don't think i can help you with the container.

if getting it from the host os an option, then it makes sense to see if it's possible and something like a sudoer rule or selinux could prevent that; my last question was my attempt to ascertain this.