From cbfba46d1d8aff25cf26a97a5c436671788815ac Mon Sep 17 00:00:00 2001 From: Thomas Walker Lynch Date: Thu, 25 Sep 2025 14:08:58 +0000 Subject: [PATCH] dot --- developer/source/mount/masu__map_own_all.sh | 25 ++++----- developer/source/mount/masu_subu__map_own.sh | 59 +++++++------------- 2 files changed, 32 insertions(+), 52 deletions(-) diff --git a/developer/source/mount/masu__map_own_all.sh b/developer/source/mount/masu__map_own_all.sh index 59cd368..5518cab 100755 --- a/developer/source/mount/masu__map_own_all.sh +++ b/developer/source/mount/masu__map_own_all.sh @@ -1,28 +1,25 @@ #!/usr/bin/env bash -# usage: sudo ./masu__map_own_all.sh [--suid=subu1,subu2] +# usage: sudo ./masu__map_own_all.sh [--suid=US,x6] set -euo pipefail +masu="${1:?usage: $0 [--suid=a,b]}" +suid_list="${2-}" -masu="${1:?Usage: $0 [--suid=subu1,subu2] }" -suid_list="${2-}" # optional --suid=a,b,c - -want_suid() { - [[ -n "$suid_list" && "$suid_list" =~ ^--suid= ]] || return 1 +want_suid_for() { + [[ "$suid_list" =~ ^--suid= ]] || return 1 IFS=',' read -r -a arr <<< "${suid_list#--suid=}" for n in "${arr[@]}"; do [[ "$n" == "$1" ]] && return 0; done return 1 } -# List subu names from authoritative source -subu_root="/home/$masu/subu_data" -[[ -d "$subu_root" ]] || { echo "No subu_data dir for $masu: $subu_root" >&2; exit 1; } -mapfile -t subus < <(find "$subu_root" -mindepth 1 -maxdepth 1 -type d -printf '%f\n' | sort -u) -[[ ${#subus[@]} -gt 0 ]] || { echo "No sub-users found for $masu"; exit 1; } +subus="$(./masu__subu_dir_list.sh "$masu")" +[[ -n "$subus" ]] || { echo "No sub-users found for $masu"; exit 1; } -for s in "${subus[@]}"; do +while IFS= read -r s; do + [[ -n "$s" ]] || continue echo "Opening sub-user: $s" - if want_suid "$s"; then + if want_suid_for "$s"; then sudo ./masu_subu__map_own.sh "$masu" "$s" --suid else sudo ./masu_subu__map_own.sh "$masu" "$s" fi -done +done <<< "$subus" diff --git a/developer/source/mount/masu_subu__map_own.sh b/developer/source/mount/masu_subu__map_own.sh index c880a54..358f7fe 100755 --- a/developer/source/mount/masu_subu__map_own.sh +++ b/developer/source/mount/masu_subu__map_own.sh @@ -2,53 +2,36 @@ # usage: sudo ./masu_subu__map_own.sh [--suid] set -euo pipefail +masu="${1:?usage: $0 [--suid]}" +subu="${2:?usage: $0 [--suid]}" +want_suid=0; [[ "${3-}" == "--suid" ]] && want_suid=1 + need(){ command -v "$1" >/dev/null 2>&1 || { echo "missing: $1" >&2; exit 1; }; } need bindfs; need findmnt; need umount -masu="${1:?usage: $0 [--suid] }" -subu="${2:?usage: $0 [--suid] }" -want_suid=0 -[[ "${3-}" == "--suid" ]] && want_suid=1 - -master_user="$masu" -master_group="$masu" -subu_user="${masu}-${subu}" -subu_group="${masu}-${subu}" - -id "$master_user" >/dev/null -id "$subu_user" >/dev/null - src="/home/$masu/subu_data/$subu" -tgt="/home/$masu/subu/$subu" -[[ -d "$src" ]] || { echo "no source dir: $src" >&2; exit 1; } -mkdir -p "$tgt" - -# IMPORTANT: don’t stay inside the target tree while (un)mounting -cd / +mp="/home/$masu/subu/$subu" +[[ -d "$src" ]] || { echo "❌ source not found: $src" >&2; exit 1; } +mkdir -p "$mp" +# mount options base_opts="allow_other,default_permissions,exec" -opts="$base_opts,nosuid" -(( want_suid )) && opts="$base_opts,suid" - -map_opt="--map=${subu_user}/${master_user}:@${subu_group}/@${master_group}" +opts="$base_opts,$([[ $want_suid -eq 1 ]] && echo suid || echo nosuid)" -# Peel any existing mount at tgt (use -T to match covering mount) -while findmnt -nr -T "$tgt" >/dev/null 2>&1; do - umount "$tgt" 2>/dev/null || umount -l "$tgt" || break +# fully unstack any prior bindfs at the target +while findmnt -rn -T "$mp" -t fuse.bindfs >/dev/null 2>&1; do + umount "$mp" 2>/dev/null || umount -l "$mp" || break + sleep 0.1 done -echo "mounting $src -> $tgt (opts: $opts)" -bindfs -o "$opts" $map_opt "$src" "$tgt" +echo "mounting $src -> $mp (opts: $opts)" +bindfs -o "$opts" --map="${masu}-${subu}/${masu}:@${masu}-${subu}/@${masu}" "$src" "$mp" -# Verify -if findmnt -nr -T "$tgt" -o TARGET,SOURCE,FSTYPE,OPTIONS; then - echo "OK" - if (( want_suid )); then - echo "note: suid is ENABLED at $tgt" - else - echo "note: nosuid (default) — setuid will NOT take effect at $tgt" - fi +# verify (single line, kernel-only) +findmnt -rn -T "$mp" -S "$src" -o TARGET,SOURCE,FSTYPE,OPTIONS | head -n1 +echo "OK" +if [[ $want_suid -eq 1 ]]; then + echo "note: suid enabled at $mp" else - echo "❌ bindfs did not mount at $tgt" >&2 - exit 2 + echo "note: nosuid (default) — setuid will NOT take effect at $mp" fi -- 2.20.1