Add Apparmor's fusermount3 custom rule for reverse SSHFS#4968
Merged
Conversation
mie313
force-pushed
the
modify_sshfs_settings
branch
from
f19caa6 to
296bc99
Compare
AkihiroSuda
reviewed
May 13, 2026
|
|
||
| # Some distribution (for example Ubuntu-25.10) has an apparmor rule for fusermount3. It causes SSHFS mount failed. | ||
| if [ -e "/etc/apparmor.d/fusermount3" ]; then | ||
| cat >"/etc/apparmor.d/local/fusermount3" <<EOF |
Member
There was a problem hiding this comment.
This file shouldn't be overwritten if it already exists
Contributor
Author
There was a problem hiding this comment.
Thank you for your review.
I modified the code to append new lines (>>) so that local/fusermount3 is not overwritten even if it already exists.
AkihiroSuda
reviewed
May 13, 2026
| # Some distribution (for example Ubuntu-25.10) has an apparmor rule for fusermount3. It causes SSHFS mount failed. | ||
| if [ -e "/etc/apparmor.d/fusermount3" ]; then | ||
| cat >"/etc/apparmor.d/local/fusermount3" <<EOF | ||
| mount fstype=@{fuse_types} options=(nosuid,nodev) options in (ro,rw,noatime,dirsync,nodiratime,noexec,sync) -> @{HOME}, |
Member
There was a problem hiding this comment.
Please add a comment to explain what it does
Contributor
Author
There was a problem hiding this comment.
I added comments to both the shell script file and local/fusermount3 file to be created.
Member
There was a problem hiding this comment.
Now the file grows on every boot
# The following two lines allow VM to be mounted to / unmounted from home directly.
mount fstype=@{fuse_types} options=(nosuid,nodev) options in (ro,rw,noatime,dirsync,nodiratime,noexec,sync) -> @{HOME},
# The following two lines allow VM to be mounted to / unmounted from home directly.
mount fstype=@{fuse_types} options=(nosuid,nodev) options in (ro,rw,noatime,dirsync,nodiratime,noexec,sync) -> @{HOME},
# The following two lines allow VM to be mounted to / unmounted from home directly.
mount fstype=@{fuse_types} options=(nosuid,nodev) options in (ro,rw,noatime,dirsync,nodiratime,noexec,sync) -> @{HOME},
[...]
mie313
force-pushed
the
modify_sshfs_settings
branch
2 times, most recently
from
3804e23 to
304d0ac
Compare
AkihiroSuda
reviewed
May 14, 2026
| fi | ||
|
|
||
| # Some distribution (for example Ubuntu-25.10) has an apparmor rule for fusermount3. It causes SSHFS mount failed. | ||
| # Therefore, define a custom rule to loosen the apparmor rule. |
Member
There was a problem hiding this comment.
Please add the URL of the issue in the code comment
AkihiroSuda
reviewed
May 14, 2026
| fi | ||
| fi | ||
|
|
||
| # Some distribution (for example Ubuntu-25.10) has an apparmor rule for fusermount3. It causes SSHFS mount failed. |
Member
There was a problem hiding this comment.
Maybe (please confirm)
Suggested change
| # Some distribution (for example Ubuntu-25.10) has an apparmor rule for fusermount3. It causes SSHFS mount failed. | |
| # Some distribution (since Ubuntu-25.04) has an apparmor rule for fusermount3. It causes SSHFS mount failed. |
mie313
force-pushed
the
modify_sshfs_settings
branch
from
304d0ac to
1da09e1
Compare
Signed-off-by: mie313 <mie313.tanaka@gmail.com>
mie313
force-pushed
the
modify_sshfs_settings
branch
from
1da09e1 to
b18cf05
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add a fusermount3 custom rule so that limactil can mount user's home directory using reverse SSHFS.
Related Issue: #4908