Fusermount systemd-service in home-manager

zeec123 · December 20, 2019, 10:11am

Hi, I am trying to mount a cloud drive via rclone. Manually, this does work:

rclone mount onedrive: ~/cloudstorage/onedrive/

Now I am trying to use a systemd-service in my home-manager configuration to do the same. It looks like follows:

{ pkgs, lib, config, security, ... }:

let 
    mountdir = "${config.home.homeDirectory}/cloudstorage/onedrive";
in
{ 
    systemd.user = {
        services.onedrive_mount = {
            Unit = {
                Description = "mount onedrive dirs";
            };
            Install.WantedBy = [ "multi-user.target" ];
            Service = {
                ExecStartPre = "/run/current-system/sw/bin/mkdir -p ${mountdir}";
                ExecStart = ''
                    ${pkgs.rclone}/bin/rclone mount onedrive: ${mountdir} \
                        --dir-cache-time 48h \
                        --vfs-cache-max-age 48h \
                        --vfs-read-chunk-size 10M \
                        --vfs-read-chunk-size-limit 512M \
                        --buffer-size 512M
                '';
                ExecStop = "${pkgs.fuse}/bin/fusermount -u ${mountdir}";
                Type = "notify";
                Restart = "always";
                RestartSec = "10s";
                Environment = [ "PATH=${pkgs.fuse}/bin:$PATH" ];
            };
        };
    };
}

and journalctl --user -xe shows me the following error:
mount helper error: fusermount: mount failed: Operation not permitted

I figured I may have to set

  environment.etc."fuse.conf".text = ''
    user_allow_other
  '';
  security.wrappers = {
    fusermount.source  = "${pkgs.fuse}/bin/fusermount";
  };

in the global configuration.nix. Is this correct? If yes, how can I reference this security wrapper in my home.nix?

ajs124 · December 20, 2019, 11:37am

The wrapper should be located at /run/wrappers/bin/fusermount

zeec123 · October 6, 2020, 5:46am

Thanks. I am using the absolute path as below, but still get the same error.
mount helper error: fusermount: mount failed: Operation not permitted

services.onedrive_mount = {
    Unit = {
        Description = "mount onedrive dirs";
        After = [ "network-online.target" ];
    };
    Install.WantedBy = [ "multi-user.target" ];
    Service = {
        ExecStartPre = "/run/current-system/sw/bin/mkdir -p ${mountdir}";
        ExecStart = ''
            ${pkgs.rclone}/bin/rclone mount onedrive: ${mountdir} \
                --dir-cache-time 48h \
                --vfs-cache-mode full \
                --vfs-cache-max-age 48h \
                --vfs-read-chunk-size 10M \
                --vfs-read-chunk-size-limit 512M \
                --buffer-size 512M
        '';
        ExecStop = "/run/wrappers/bin/fusermount -u ${mountdir}";
        Type = "notify";
        Restart = "always";
        RestartSec = "10s";
        Environment = [ "PATH=${pkgs.fuse}/bin:/run/wrappers/bin/:$PATH" ];
    };
};

};

primeos · October 9, 2020, 11:17am

That error should come from ${pkgs.rclone}/bin/rclone mount ...

You should remove ${pkgs.fuse}/bin so that the suid binary in /run/wrappers/bin/ will be used instead (for that reason one should basically never reference ${pkgs.fuse}/bin in this case). Hope that helps.

zeec123 · October 18, 2020, 7:12am

Thank you so much. That works.