mount_tomb: make use of ACL in specific locations

Namely /run/media/$USER. The mount point itself is owned by root, therefore one needs to know the name of the mountpoint to change to the location. Other tools for mounting media like udisksctl set ACL to allow the owner to use it normally (autocompletion and such). Fixes #461
dyne · Aug 7, 2024 · 7904268 · 7904268
1 parent 75aafc0
commit 7904268
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/tomb b/tomb
@@ -65,6 +65,7 @@ typeset -i SPHINX=1
 typeset -i RESIZER=1
 typeset -i RECOLL=1
 typeset -i QRENCODE=1
+typeset -i ACL=1
 
 # Default mount options
 typeset		 MOUNTOPTS="rw,noatime,nodev"
@@ -1054,6 +1055,8 @@ _ensure_dependencies() {
 	command -v recoll 1>/dev/null 2>/dev/null || RECOLL=0
 	# Check for QREncode for paper backups of keys
 	command -v qrencode 1>/dev/null 2>/dev/null || QRENCODE=0
+	# Check for acl/setfacl for setting ACL at the mount location
+	command -v setfacl 1>/dev/null 2>/dev/null || ACL=0
 }
 
 # }}} - Commandline interaction
@@ -2510,6 +2513,11 @@ mount_tomb() {
 	# we need root from here on
 	_sudo mkdir -p "$tombmount"
 
+	# set ACL on /run/media/$_USER/
+	[[ $ACL == 1 ]] && [[ ! -d /media ]] && {
+		_sudo setfacl -m u:"$_USER":rwx "/run/media/$_USER"
+	}
+
 	# Default mount options are overridden with the -o switch
 	{ option_is_set -o } && {
 		local oldmountopts=$MOUNTOPTS