osi-tools/bin/osi-mount

152 lines
4.4 KiB
Plaintext
Raw Normal View History

#!/usr/bin/env bash
2018-08-18 18:42:42 +00:00
# Copyright (C) 2018 Luke Shumaker
# Copyright (C) 2023-2024 Umorpha Systems
2018-08-18 18:42:42 +00:00
# SPDX-License-Identifier: AGPL-3.0-or-later
declare -r NAME=osi-mount
2023-10-23 22:19:22 +00:00
declare -r VERSION=20231023
set -euE
install_prefix="$(realpath --logical --canonicalize-missing -- "${BASH_SOURCE[0]}/../..")"
readonly install_prefix
source "${install_prefix}/lib/osi.sh"
source "${install_prefix}/lib/argparse.sh"
main() {
opt_specs+=(': --inside : : internal-use only')
opt_visit:inside() { argparse:setmode inside; }
opt_final:inside() { :; }
opt_specs+=(': --user : : mount the image RO, run COMMAND as SUDO_USER')
opt_specs+=(': --root : : mount the image RW, run COMMAND as root, protect the rest of the system')
local arg_user=
opt_visit:user() { set_arg_user 'user'; }
opt_visit:root() { set_arg_user 'root'; }
set_arg_user() {
if [[ -n $arg_user ]]; then
argparse:error "Multiple --user/--root flags given"
fi
arg_user=$1
}
opt_final:user() { :; }
opt_final:root() {
if [[ -z $arg_user ]]; then
argparse:error "Must specify either --root or --user"
fi
}
opt_specs+=(': --rwdir : DIR : keep DIR read+write, even when --root')
local arg_rwdirs=()
opt_visit:rwdir() { arg_rwdirs+=("$1"); }
opt_final:rwdir() { :; }
opt_specs+=('-o : --options : LIST : comma-separated list of mount options')
opt_visit:options() { arg_mountopt="$1"; }
opt_final:options() { :; }
local arg_device=
local arg_mountopt=
local arg_cmd=()
opt_positional() {
case "$#" in
0) osi.sh:error 0 "Must specify an image, mountpoint, and a command"; return;;
1) osi.sh:error 0 "Must specify a mountpoint and a command"; return;;
2) osi.sh:error 0 "Must specify a command"; return;;
2018-08-14 20:54:09 +00:00
esac
arg_device=$(realpath -- "$1")
arg_mountpoint=$2
arg_cmd=("${@:3}")
}
local arg_orig=("$@")
argparse outside "$@"
case "$opt_mode" in
error)
osi.sh:print "Try '%q --help' for more information" "${0##*/}" >&2
2024-01-05 02:13:25 +00:00
return $EXIT_INVALIDARGUMENT
;;
version)
osi.sh:print "%s (osi-tools) %s" "$NAME" "$VERSION"
return $EXIT_SUCCESS
;;
help)
osi.sh:print 'Usage: sudo %s [OPTIONS] --<user|root> FILENAME.img MOUNTPOINT COMMAND...' "${0##*/}"
osi.sh:print 'Operating System Image: Mount'
echo
# 000000000011111111112222222222333333333344444444445555555555666666666677777777778
# 012345678901234567890123456789012345678901234567890123456789012345678901234567890
osi.sh:print 'Run COMMAND with FILENAME.img mounted at MOUNTPOINT.'
echo
osi.sh:print 'OPTIONS:'
echo "${opt_flaghelp}" | grep -v -e --inside
return $EXIT_SUCCESS
;;
outside)
osi.sh:needs_root
osi.sh:needs_sudo
if out="$(losetup --associated "$arg_device")" && [[ -n $out ]]; then
osi.sh:error 0 "Seems to already be mounted somewhere: %s" "$arg_device"
printf '%s\n' "$out"
exit $EXIT_FAILURE
fi
# I feel guilty pulling in the hugeness of systemd-run
# just for `--property=ProtectSystem=strict`, but I
# don't want to implement my own protection system.
flags=(
--pty --same-dir --wait --collect --quiet
--setenv=SUDO_UID="$SUDO_UID"
2024-01-26 01:43:54 +00:00
${SOURCE_DATE_EPOCH:+"--setenv=SOURCE_DATE_EPOCH=$SOURCE_DATE_EPOCH"}
${TMPDIR:+"--setenv=TMPDIR=$TMPDIR"}
--property=PrivateMounts=true
)
case "$arg_user" in
user) :;;
root)
flags+=(
--property=ProtectSystem=strict
2024-01-05 02:23:58 +00:00
--property=ProtectHome=read-only
2023-10-30 21:14:27 +00:00
--property=ReadWritePaths="$arg_device"
"${arg_rwdirs[@]/#/--property=ReadWritePaths=}"
)
;;
esac
systemd-run "${flags[@]}" -- "${BASH_SOURCE[0]}" --inside "${arg_orig[@]}"
2018-08-14 15:37:29 +00:00
if out="$(losetup --associated "$arg_device")" && [[ -n $out ]]; then
osi.sh:error 0 "umount'ed, but file is still associated with a loop device: %s" "$arg_device"
2018-08-14 15:37:29 +00:00
printf '%s\n' "$out"
exit $EXIT_FAILURE
2018-08-13 04:47:18 +00:00
fi
;;
2018-08-14 20:54:09 +00:00
inside)
osi.sh:needs_root
osi.sh:needs_sudo
2018-08-14 20:54:09 +00:00
case "$arg_user" in
2023-10-30 21:14:27 +00:00
user) arg_mountopt+="${arg_mountopt:+,}ro";;
root) arg_mountopt+="${arg_mountopt:+,}rw,discard";;
2018-08-14 15:37:29 +00:00
esac
2018-08-13 04:47:18 +00:00
2023-10-30 21:14:27 +00:00
cmd=(mount --no-mtab -o "$arg_mountopt" -- "$arg_device" "$arg_mountpoint")
r=0
out=$("${cmd[@]}" 2>&1) || r=$?
2023-10-30 21:13:27 +00:00
if (( r != 0 )); then
osi.sh:error $r '%s: %s' "${cmd[*]@Q}" "$out"
2018-08-13 04:47:18 +00:00
fi
2018-08-14 20:54:09 +00:00
case "$arg_user" in
user) osi.sh:sudo -u "#${SUDO_UID}" -- "${arg_cmd[@]}";;
root) command -- "${arg_cmd[@]}";;
esac
;;
*) osi.sh:error $EXIT_FAILURE 'Internal error. The programmer writing this tool screwed up.';;
esac
}
main "$@"