it-team/lmn-client
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Only VM media directory needs restricted access

Browse source
This commit is contained in:
Raphael Dannecker 2026-04-15 17:01:56 +02:00
parent 83522e7513
commit 1f0cbc02b9
1 changed files with 3 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
roles/lmn_vm/files/vm-run
View file

@ -125,8 +125,6 @@ create_clone() {
create_printerlist() { create_printerlist() {
## Prepare .printerlist.csv ## Prepare .printerlist.csv
mkdir -p "${VM_MEDIADIR}"
chgrp "$(id -g)" "${VM_MEDIADIR}"
echo "Name;IppURL" > "${VM_MEDIADIR}/.printerlist.csv" echo "Name;IppURL" > "${VM_MEDIADIR}/.printerlist.csv"
for p in $(lpstat -v | cut -f 3 -d" " | sed 's/:$//'); do for p in $(lpstat -v | cut -f 3 -d" " | sed 's/:$//'); do
echo "$p;ipp://192.168.122.1/printers/$p" >> "${VM_MEDIADIR}/.printerlist.csv" echo "$p;ipp://192.168.122.1/printers/$p" >> "${VM_MEDIADIR}/.printerlist.csv"
@ -208,7 +206,6 @@ EOF
QEMU='qemu:///session' QEMU='qemu:///session'
umask 077
NEWCLONE=0 NEWCLONE=0
PERSISTENT=0 PERSISTENT=0
@ -363,6 +360,8 @@ if ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
else else
VMINFO_DIR="/lmn/media/${USER}" VMINFO_DIR="/lmn/media/${USER}"
fi fi
mkdir -p "${VM_MEDIADIR}" -m 700
chgrp "$(id -g)" "${VM_MEDIADIR}"
create_printerlist create_printerlist
create_mountlist create_mountlist
@ -370,7 +369,7 @@ if ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
[[ "${QEMU}" = 'qemu:///session' ]] && start_virtiofsd [[ "${QEMU}" = 'qemu:///session' ]] && start_virtiofsd
# Create VMInfo Json file # Create VMInfo Json file
#( umask 027; ./vm-create-vminfo > "${VMINFO_DIR}/.vminfo.json" ) #( umask 077; ./vm-create-vminfo > "${VMINFO_DIR}/.vminfo.json" )
# Start vminfo.timer # Start vminfo.timer
systemctl --user restart vminfo.timer systemctl --user restart vminfo.timer