about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--tvix/castore/src/fs/fuse.rs9
-rw-r--r--tvix/castore/src/fs/tests.rs2
-rw-r--r--tvix/store/src/bin/tvix-store.rs9
3 files changed, 16 insertions, 4 deletions
diff --git a/tvix/castore/src/fs/fuse.rs b/tvix/castore/src/fs/fuse.rs
index 1dce43915905..cd50618ff5bc 100644
--- a/tvix/castore/src/fs/fuse.rs
+++ b/tvix/castore/src/fs/fuse.rs
@@ -53,7 +53,12 @@ pub struct FuseDaemon {
 
 impl FuseDaemon {
     #[instrument(skip(fs, mountpoint), fields(mountpoint=?mountpoint), err)]
-    pub fn new<FS, P>(fs: FS, mountpoint: P, threads: usize) -> Result<Self, io::Error>
+    pub fn new<FS, P>(
+        fs: FS,
+        mountpoint: P,
+        threads: usize,
+        allow_other: bool,
+    ) -> Result<Self, io::Error>
     where
         FS: FileSystem + Sync + Send + 'static,
         P: AsRef<Path> + std::fmt::Debug,
@@ -64,7 +69,7 @@ impl FuseDaemon {
             .map_err(|e| io::Error::new(io::ErrorKind::Other, e.to_string()))?;
 
         #[cfg(target_os = "linux")]
-        session.set_allow_other(false);
+        session.set_allow_other(allow_other);
         session
             .mount()
             .map_err(|e| io::Error::new(io::ErrorKind::Other, e.to_string()))?;
diff --git a/tvix/castore/src/fs/tests.rs b/tvix/castore/src/fs/tests.rs
index 2f27c3c1c8e4..924454caa6dd 100644
--- a/tvix/castore/src/fs/tests.rs
+++ b/tvix/castore/src/fs/tests.rs
@@ -51,7 +51,7 @@ where
         Arc::new(root_nodes),
         list_root,
     );
-    FuseDaemon::new(Arc::new(fs), mountpoint.as_ref(), 4)
+    FuseDaemon::new(Arc::new(fs), mountpoint.as_ref(), 4, false)
 }
 
 async fn populate_blob_a(
diff --git a/tvix/store/src/bin/tvix-store.rs b/tvix/store/src/bin/tvix-store.rs
index ecee8d78f3b7..8f023696a4b7 100644
--- a/tvix/store/src/bin/tvix-store.rs
+++ b/tvix/store/src/bin/tvix-store.rs
@@ -111,6 +111,12 @@ enum Commands {
         #[arg(long, env, default_value_t = default_threads())]
         threads: usize,
 
+        #[arg(long, env, default_value_t = false)]
+        /// Whether to configure the mountpoint with allow_other.
+        /// Requires /etc/fuse.conf to contain the `user_allow_other`
+        /// option, configured via `programs.fuse.userAllowOther` on NixOS.
+        allow_other: bool,
+
         /// Whether to list elements at the root of the mount point.
         /// This is useful if your PathInfoService doesn't provide an
         /// (exhaustive) listing.
@@ -334,6 +340,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
             path_info_service_addr,
             list_root,
             threads,
+            allow_other,
         } => {
             let (blob_service, directory_service, path_info_service) =
                 tvix_store::utils::construct_services(
@@ -352,7 +359,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
                 );
                 info!(mount_path=?dest, "mounting");
 
-                FuseDaemon::new(fs, &dest, threads)
+                FuseDaemon::new(fs, &dest, threads, allow_other)
             })
             .await??;
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-11-03T23ยท33+0000