On 12/10/25 07:47, Alyssa Ross wrote:
The document portal has to be root to mount its fuse filesystem. This needs to be a shared namespace because virtiofsd needs to be in the same mount namespace as the document portal so that it sees the fuse filesystem, so we create a per-VM persistent user namespace.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
(snip)
diff --git a/host/rootfs/image/usr/bin/run-appimage b/host/rootfs/image/usr/bin/run-appimage index 47cab4c5..5e8e29fa 100755 --- a/host/rootfs/image/usr/bin/run-appimage +++ b/host/rootfs/image/usr/bin/run-appimage @@ -44,4 +44,6 @@ if { s6-instance-delete /run/service/vm-services $id }
if { umount ${dir}/mount } # mount namespace if { umount ${dir}/mount } # private bind mount +if { umount ${dir}/user } # user namespace +if { umount ${dir}/user } # private bind mount rm -r $dir /run/configs/${id} diff --git a/host/rootfs/image/usr/bin/run-flatpak b/host/rootfs/image/usr/bin/run-flatpak index bb366735..86ccc12a 100755 --- a/host/rootfs/image/usr/bin/run-flatpak +++ b/host/rootfs/image/usr/bin/run-flatpak @@ -46,4 +46,6 @@ if { s6-instance-delete -- /run/service/vm-services $id }
if { umount ${dir}/mount } # mount namespace if { umount ${dir}/mount } # private bind mount +if { umount ${dir}/user } # user namespace +if { umount ${dir}/user } # private bind mount rm -r $dir /run/configs/${id}
Why is it necessary to unmount twice here? -- Sincerely, Demi Marie Obenour (she/her/hers)