diff --git a/roles/lmn_vm/files/lmn-vm b/roles/lmn_vm/files/lmn-vm index bc79403..006b84c 100644 --- a/roles/lmn_vm/files/lmn-vm +++ b/roles/lmn_vm/files/lmn-vm @@ -16,6 +16,11 @@ lmnsynci ALL=(root) NOPASSWD: /usr/local/bin/vm-aria2 %role-student ALL=(root) NOPASSWD: /usr/local/bin/vm-link-images %role-teacher ALL=(root) NOPASSWD: /usr/local/bin/vm-link-images +# vm-virtiofsd: Start Virtiofsd as systemd-service +%examusers ALL=(root) NOPASSWD: /usr/local/bin/vm-virtiofsd +%role-student ALL=(root) NOPASSWD: /usr/local/bin/vm-virtiofsd +%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/vm-virtiofsd + # desktop-sync: %examusers ALL=(root) NOPASSWD: /usr/local/bin/desktop-sync %role-student ALL=(root) NOPASSWD: /usr/local/bin/desktop-sync diff --git a/roles/lmn_vm/files/virtiofsd b/roles/lmn_vm/files/virtiofsd new file mode 100755 index 0000000..83fa42a Binary files /dev/null and b/roles/lmn_vm/files/virtiofsd differ diff --git a/roles/lmn_vm/files/vm-run b/roles/lmn_vm/files/vm-run index 454b4c5..af0bd67 100755 --- a/roles/lmn_vm/files/vm-run +++ b/roles/lmn_vm/files/vm-run @@ -149,7 +149,7 @@ start_virtiofs_service() { local drive_letter=$3 local socket="/run/user/${UID}/virtiofs-${VM_NAME}-${target_name,,}.sock" - systemd-run --user /usr/lib/qemu/virtiofsd --uid-map=":${GUEST_UID}:${UID}:1:" --gid-map=":${GUEST_GID}:$(id -g):1:" \ + systemd-run --user /usr/local/bin/virtiofsd --uid-map=":${GUEST_UID}:${UID}:1:" --gid-map=":${GUEST_GID}:$(id -g):1:" \ --socket-path "${socket}" --shared-dir "${shared_dir}" --syslog if [[ $? -ne 0 ]]; then @@ -208,8 +208,6 @@ EOF QEMU='qemu:///session' -umask 077 - NEWCLONE=0 PERSISTENT=0 LIBVIRTOSINFO="win10" diff --git a/roles/lmn_vm/files/vm-virtiofsd b/roles/lmn_vm/files/vm-virtiofsd new file mode 100755 index 0000000..9326a5f --- /dev/null +++ b/roles/lmn_vm/files/vm-virtiofsd @@ -0,0 +1,50 @@ +#!/usr/bin/bash + +set -eu + +# if less than one arguments supplied, display usage +if [[ $# -ne 1 ]]; then + echo "This script takes as input the name of the VM " >&2 + echo "Usage: $0 vm_name" >&2 + exit 1 +fi + +VM_NAME="$1" + +## Make sure VMs can read the base directory: +chgrp 1010 "/lmn/media/${SUDO_USER}" +chmod 0775 "/lmn/media/${SUDO_USER}" + +socket="/run/user/$(id -u $SUDO_USER)/virtiofs-${VM_NAME}.sock" + +# FIXME: This does not work. In windows, there is no virtiofs device. +# In GNU/Linux it's only readable. +# +#if ! systemctl -q is-active virtiofs-${VM_NAME}.socket ; then +# systemd-run --unit=virtiofs-${VM_NAME} \ +# --slice=system-virtiofs \ +# --collect \ +# --socket-property=ListenStream="$socket" \ +# --socket-property=Accept=no \ +# --socket-property=SocketMode=0700 \ +# --socket-property=SocketUser=${SUDO_USER} \ +# --property=Type=exec \ +# --property=StandardInput=socket \ +# /usr/local/bin/virtiofsd --log-level debug --sandbox none \ +# --syslog --fd=0 --shared-dir "/lmn/media/${SUDO_USER}" +#else +# systemctl restart virtiofs-${VM_NAME}.socket +#fi + +if [[ ! -S "$socket" ]] ; then + systemd-run --unit=virtiofs-${VM_NAME} \ + --slice=system-virtiofs \ + --collect \ + --property=Type=exec \ + --property=SuccessExitStatus=1 \ + --property="ExecStopPost=rm $socket" \ + /usr/local/bin/virtiofsd --socket-path "$socket" \ + --shared-dir "/lmn/media/${SUDO_USER}" +fi +sleep 1 +chown "${SUDO_USER}" "$socket" diff --git a/roles/lmn_vm/files/vm-vminfo b/roles/lmn_vm/files/vm-vminfo index c99627d..559d47f 100755 --- a/roles/lmn_vm/files/vm-vminfo +++ b/roles/lmn_vm/files/vm-vminfo @@ -57,9 +57,7 @@ def get_krb5 (): def get_mounts(): mounts = [] mounts.append({ 'Drive': 'H', 'RemotePath': '\\\\server.pn.steinbeis.schule' + nethome.replace('/srv/samba/schools','').replace('/','\\'), 'Name': 'Home_Server' }) - mounts.append({ 'Drive': 'T', 'RemotePath': '\\\\server.pn.steinbeis.schule\\default-school\\share', 'Name': 'Tausch' }) - if "role-teacher" in vminfo['Groups']: - mounts.append({ 'Drive': 'S', 'RemotePath': '\\\\server.pn.steinbeis.schule\\default-school\\students', 'Name': 'SuS' }) + mounts.append({ 'Drive': 'T', 'RemotePath': '\\\\server.pn.steinbeis.schule\default-school\share', 'Name': 'Tausch' }) return mounts def get_user_folders(): diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml index d586431..e2c312b 100644 --- a/roles/lmn_vm/tasks/main.yml +++ b/roles/lmn_vm/tasks/main.yml @@ -21,7 +21,6 @@ - virt-viewer - dialog # for vm-netboot menu - python3-impacket - - virtiofsd # - name: allow all users to use VMs # lineinfile: @@ -126,7 +125,9 @@ - vm-upload - vm-sync - vm-link-images + - vm-virtiofsd - vm-vminfo + - virtiofsd - vm-aria2 - uploadseed - desktop-sync @@ -221,7 +222,7 @@ Description=Create .vminfo.json for VMs [Service] Type=simple - ExecStart=/usr/bin/bash -c 'umask 077; /usr/local/bin/vm-vminfo > "{% if localhome %}/home{% else %}/lmn/media{% endif %}/${USER}/.vminfo.json"' + ExecStart=/usr/bin/bash -c 'umask 027; /usr/local/bin/vm-vminfo > "{% if localhome %}/home{% else %}/lmn/media{% endif %}/${USER}/.vminfo.json"' dest: /etc/systemd/user/vminfo.service mode: '0644'