Add "-ro" (read-only) flag
From the man page: **-ro** : Mount the filesystem read-only Also add a test.
This commit is contained in:
parent
305e9c1045
commit
82d87ff8ed
|
@ -117,6 +117,9 @@ option.
|
||||||
**-q, -quiet**
|
**-q, -quiet**
|
||||||
: Quiet - silence informational messages
|
: Quiet - silence informational messages
|
||||||
|
|
||||||
|
**-ro**
|
||||||
|
: Mount the filesystem read-only
|
||||||
|
|
||||||
**-scryptn int**
|
**-scryptn int**
|
||||||
: scrypt cost parameter logN. Setting this to a lower value speeds up
|
: scrypt cost parameter logN. Setting this to a lower value speeds up
|
||||||
mounting but makes the password susceptible to brute-force attacks (default 16)
|
mounting but makes the password susceptible to brute-force attacks (default 16)
|
||||||
|
|
8
main.go
8
main.go
|
@ -43,7 +43,7 @@ const (
|
||||||
type argContainer struct {
|
type argContainer struct {
|
||||||
debug, init, zerokey, fusedebug, openssl, passwd, foreground, version,
|
debug, init, zerokey, fusedebug, openssl, passwd, foreground, version,
|
||||||
plaintextnames, quiet, diriv, emenames, gcmiv128, nosyslog, wpanic,
|
plaintextnames, quiet, diriv, emenames, gcmiv128, nosyslog, wpanic,
|
||||||
longnames, allow_other bool
|
longnames, allow_other, ro bool
|
||||||
masterkey, mountpoint, cipherdir, cpuprofile, config, extpass,
|
masterkey, mountpoint, cipherdir, cpuprofile, config, extpass,
|
||||||
memprofile string
|
memprofile string
|
||||||
notifypid, scryptn int
|
notifypid, scryptn int
|
||||||
|
@ -182,6 +182,7 @@ func main() {
|
||||||
flagSet.BoolVar(&args.longnames, "longnames", true, "Store names longer than 176 bytes in extra files")
|
flagSet.BoolVar(&args.longnames, "longnames", true, "Store names longer than 176 bytes in extra files")
|
||||||
flagSet.BoolVar(&args.allow_other, "allow_other", false, "Allow other users to access the filesystem. "+
|
flagSet.BoolVar(&args.allow_other, "allow_other", false, "Allow other users to access the filesystem. "+
|
||||||
"Only works if user_allow_other is set in /etc/fuse.conf.")
|
"Only works if user_allow_other is set in /etc/fuse.conf.")
|
||||||
|
flagSet.BoolVar(&args.ro, "ro", false, "Mount the filesystem read-only")
|
||||||
flagSet.StringVar(&args.masterkey, "masterkey", "", "Mount with explicit master key")
|
flagSet.StringVar(&args.masterkey, "masterkey", "", "Mount with explicit master key")
|
||||||
flagSet.StringVar(&args.cpuprofile, "cpuprofile", "", "Write cpu profile to specified file")
|
flagSet.StringVar(&args.cpuprofile, "cpuprofile", "", "Write cpu profile to specified file")
|
||||||
flagSet.StringVar(&args.memprofile, "memprofile", "", "Write memory profile to specified file")
|
flagSet.StringVar(&args.memprofile, "memprofile", "", "Write memory profile to specified file")
|
||||||
|
@ -419,6 +420,11 @@ func initFuseFrontend(key []byte, args argContainer, confFile *configfile.ConfFi
|
||||||
// Second column, "Type", will be shown as "fuse." + Name
|
// Second column, "Type", will be shown as "fuse." + Name
|
||||||
mOpts.Name = "gocryptfs"
|
mOpts.Name = "gocryptfs"
|
||||||
|
|
||||||
|
// The kernel enforces read-only operation, we just have to pass "ro".
|
||||||
|
if args.ro {
|
||||||
|
mOpts.Options = append(mOpts.Options, "ro")
|
||||||
|
}
|
||||||
|
|
||||||
srv, err := fuse.NewServer(conn.RawFS(), args.mountpoint, &mOpts)
|
srv, err := fuse.NewServer(conn.RawFS(), args.mountpoint, &mOpts)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
tlog.Fatal.Printf("Mount failed: %v", err)
|
tlog.Fatal.Printf("Mount failed: %v", err)
|
||||||
|
|
|
@ -102,3 +102,21 @@ func TestInitPlaintextNames(t *testing.T) {
|
||||||
t.Error("FlagEMENames and FlagDirIV should be not set")
|
t.Error("FlagEMENames and FlagDirIV should be not set")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Test -ro
|
||||||
|
func TestRo(t *testing.T) {
|
||||||
|
dir := test_helpers.InitFS(t)
|
||||||
|
mnt := dir + ".mnt"
|
||||||
|
test_helpers.MountOrFatal(t, dir, mnt, "-ro", "-extpass=echo test")
|
||||||
|
defer test_helpers.Unmount(mnt)
|
||||||
|
|
||||||
|
file := mnt + "/file"
|
||||||
|
err := os.Mkdir(file, 0777)
|
||||||
|
if err == nil {
|
||||||
|
t.Errorf("Mkdir should have failed")
|
||||||
|
}
|
||||||
|
_, err = os.Create(file)
|
||||||
|
if err == nil {
|
||||||
|
t.Errorf("Create should have failed")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue