diff options
| author | Florian Klink <flokli@flokli.de> | 2024-02-17T06·18+0700 |
|---|---|---|
| committer | clbot <clbot@tvl.fyi> | 2024-02-17T07·00+0000 |
| commit | 34a1ff291a0444b3e56f96e6cc72899ab818a2f7 (patch) | |
| tree | 69b4d43847ca33c8ae0717a058c358a5dd0b18ac | |
| parent | 58f474041ec18551b8e77b25f8c92e9347784f76 (diff) | |
feat(tvix/castore/fs): make allow_other configurable r/7535
Also add a cli argument to the `tvix-store` binary. Change-Id: Id07d7fedb60d6060543b195f3a810a46137f9ad5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10945 Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de> Reviewed-by: tazjin <tazjin@tvl.su>
| -rw-r--r-- | tvix/castore/src/fs/fuse.rs | 9 | ||||
| -rw-r--r-- | tvix/castore/src/fs/tests.rs | 2 | ||||
| -rw-r--r-- | tvix/store/src/bin/tvix-store.rs | 9 |
3 files changed, 16 insertions, 4 deletions
diff --git a/tvix/castore/src/fs/fuse.rs b/tvix/castore/src/fs/fuse.rs index 1dce43915905..cd50618ff5bc 100644 --- a/tvix/castore/src/fs/fuse.rs +++ b/tvix/castore/src/fs/fuse.rs @@ -53,7 +53,12 @@ pub struct FuseDaemon { impl FuseDaemon { #[instrument(skip(fs, mountpoint), fields(mountpoint=?mountpoint), err)] - pub fn new<FS, P>(fs: FS, mountpoint: P, threads: usize) -> Result<Self, io::Error> + pub fn new<FS, P>( + fs: FS, + mountpoint: P, + threads: usize, + allow_other: bool, + ) -> Result<Self, io::Error> where FS: FileSystem + Sync + Send + 'static, P: AsRef<Path> + std::fmt::Debug, @@ -64,7 +69,7 @@ impl FuseDaemon { .map_err(|e| io::Error::new(io::ErrorKind::Other, e.to_string()))?; #[cfg(target_os = "linux")] - session.set_allow_other(false); + session.set_allow_other(allow_other); session .mount() .map_err(|e| io::Error::new(io::ErrorKind::Other, e.to_string()))?; diff --git a/tvix/castore/src/fs/tests.rs b/tvix/castore/src/fs/tests.rs index 2f27c3c1c8e4..924454caa6dd 100644 --- a/tvix/castore/src/fs/tests.rs +++ b/tvix/castore/src/fs/tests.rs @@ -51,7 +51,7 @@ where Arc::new(root_nodes), list_root, ); - FuseDaemon::new(Arc::new(fs), mountpoint.as_ref(), 4) + FuseDaemon::new(Arc::new(fs), mountpoint.as_ref(), 4, false) } async fn populate_blob_a( diff --git a/tvix/store/src/bin/tvix-store.rs b/tvix/store/src/bin/tvix-store.rs index ecee8d78f3b7..8f023696a4b7 100644 --- a/tvix/store/src/bin/tvix-store.rs +++ b/tvix/store/src/bin/tvix-store.rs @@ -111,6 +111,12 @@ enum Commands { #[arg(long, env, default_value_t = default_threads())] threads: usize, + #[arg(long, env, default_value_t = false)] + /// Whether to configure the mountpoint with allow_other. + /// Requires /etc/fuse.conf to contain the `user_allow_other` + /// option, configured via `programs.fuse.userAllowOther` on NixOS. + allow_other: bool, + /// Whether to list elements at the root of the mount point. /// This is useful if your PathInfoService doesn't provide an /// (exhaustive) listing. @@ -334,6 +340,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> { path_info_service_addr, list_root, threads, + allow_other, } => { let (blob_service, directory_service, path_info_service) = tvix_store::utils::construct_services( @@ -352,7 +359,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> { ); info!(mount_path=?dest, "mounting"); - FuseDaemon::new(fs, &dest, threads) + FuseDaemon::new(fs, &dest, threads, allow_other) }) .await??; |