fix(rootfs): ssh auth invalid when container user not is root (#65)

By default, when the socket file mounted by the virtual machine is mounted to the container, the 'other' permission of the socket file is non-write. This will result in the lack of permission for non-root container users to send messages to the socket. Signed-off-by: Kevin Cui <bh@bugs.cc>
oomol-lab · Apr 10, 2024 · e8b4b9f · e8b4b9f
1 parent 80fdf81
commit e8b4b9f
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/buildroot_external/board/ovm/ssh/rootfs-overlay/usr/lib/systemd/system/ssh-auth.service b/buildroot_external/board/ovm/ssh/rootfs-overlay/usr/lib/systemd/system/ssh-auth.service
@@ -10,6 +10,7 @@ Restart=always
 ExecStartPre=/bin/mkdir -p /opt/ovm
 ExecStartPre=/bin/rm -f /opt/ovm/ssh-auth.sock
 ExecStart=socat UNIX-LISTEN:/opt/ovm/ssh-auth.sock,fork VSOCK-CONNECT:2:1028
+ExecStartPost=/bin/bash -c "while [ ! -e /opt/ovm/ssh-auth.sock ]; do sleep 0.1; done; /usr/bin/chmod a+rw /opt/ovm/ssh-auth.sock"
 
 [Install]
 WantedBy=default.target