Open AnneCYH opened 1 month ago
Thanks for the detailed report @AnneCYH!
I am able to reproduce and will look into this
Ok, the issue here is that the apparmor profile for the sshfs server used to serve the mount does not include the mount target of the encrypted directory. This is because we do not recursively follow all mounts/symlinks within mounted directories and allow access to them, just the top level directory itself.
@AnneCYH As a workaround for the time being, you can define the mount so that the mount target is included in the mount. For example, it looks like the the default directory is /home/.ecryptfs/<user>/.Private/
so mounting /home
into the instance includes the mount target as well as your own home directory and should work as intended.
I don't think there is much we can do about this. We could document mounting /home
as a workaround, but it might be too specific to this case for generic documentation. Something to think about perhaps.
Describe the bug "Permission denied" error when trying to view the contents of the "/home/annecyh" folder which should have been mounted when creating the "primary" instance and when manually creating instances + manually mounting folders.
Followed the instructions in the multipass docs here: https://multipass.run/docs/get-started-with-multipass-linux
Some info about the host machine:
I think I used these instructions: https://www.linuxuprising.com/2018/04/how-to-encrypt-home-folder-in-ubuntu.html
Other commands that were executed while debugging the issue (but did not help resolve the issue):
To Reproduce These are all the commands that were executed on my host machine. (The issues observed are similar on first and subsequent installations of multipass). Also attached a text file with the complete steps and terminal output. multipass-fun.txt
Expected behavior Home directory should be mounted automatically for "primary" instance, and should be mounted correctly for subsequent instances when mounted manually. I expect to be able to run
ls
and see the contents of the mounted home folder.Logs Attached the daemon log: journalctl-output.log
Also including the output of the other commands that were requested.
ls -ld /home/annecyh
on host machine:snap connections multipass
on host machine:lsblk -f | grep -v "^loop"
on host machine:grep home /proc/self/mountinfo
on host machine:sudo ls /home/annecyh
on host machine:Additional info
multipass version
:multipass info
:multipass get local.driver
:Additional context N/A.
Thank you mutlipass team!