Virtualization: How do I share a cloud drive mounted inside the guest with the host?
from GathererStuff@lemmy.ml to linux@lemmy.ml on 03 Nov 17:17
https://lemmy.ml/post/22102523

Hi everyone! I want to be able to access a folder inside the guest that corresponds to a cloud drive that is mounted inside the guest for security purposes. I have tried setting up a shared filesystem inside Virt-Manager (KVM) with virtiofs (following this tutorial: absprog.com/post/qemu-kvm-shared-folder) but as soon as I mount the folder in order for it to be accessible on the guest host the cloud drive gets unmounted. I guess a folder cannot have two mounts at the same time. Aliasing the folder using bind and then sharing the aliased folder with the host doesn’t work either. The aliased folder is simply empty on the host.

Does anyone have an idea regarding how I might accomplish this? Is KVM the right choice or would something like docker or podman better suited for this job? Thank you.

Edit: To clarify: The cloud drive is mounted inside a virtual machine for security purposes as the binary is proprietary and I do not want to mount it on the host (bwrap and the like introduce a whole lot of problems, the drive doesn’t sync anymore and I have to relogin each time). I do not use the virtual machine per se, I just start it and leave it be.

#linux

threaded - newest

Dariusmiles2123@sh.itjust.works on 03 Nov 17:53 next collapse

Wouldn’t you just be able to create a folder for Xdrive (imaginary alternative to Google drive) in the Virtual Machine and another one in the host.

Since they are both synchronized with Xdrive they would have the same content.

GathererStuff@lemmy.ml on 03 Nov 19:37 collapse

The cloud drive is mounted inside a virtual machine for security purposes as the binary is proprietary and I do not want to mount it on the host (bwrap and the like introduce a whole lot of problems, the drive doesn’t sync anymore and I have to relogin each time). I do not use the virtual machine per se, I just start it and leave it be.

gomp@lemmy.ml on 03 Nov 18:28 next collapse

The best option would be to have a “regular” client that keeps a local copy in sync with the cloud instead of a mount.

BTW: IDK what cloud storage you are using, but IIRC some show files that are not available locally (ie. only the most recent files are downloaded locally - the older stuff is downloaded on request).

Alternatively, you could hack something together running unison locally in the guest to sync the cloud folder to a shared one… you’ll have two copies of the data though.

GathererStuff@lemmy.ml on 03 Nov 19:40 collapse

That would be impossible since the cloud drive is 2TB and my physical storage space is under 500GB in size.

eldavi@lemmy.ml on 03 Nov 19:20 next collapse

fwiw: if you go w the container strategy with docker or podman, you should be able to use the storage overlay based on how i’m reading your question.

it’s hard to ascertain any path forward w/o knowing more details on the cloud drive and how’s it’s currently mounted on the guest instance.

GathererStuff@lemmy.ml on 03 Nov 19:39 collapse

I have no idea how it is mounted (how can I find out?) because the binary is proprietary. This is why it is contained inside a virtual machine.

eldavi@lemmy.ml on 03 Nov 19:44 collapse

run the command mount with sudo access and if you can see it enumerated in the printout then you should be able to proceed with either a container overlay or separate mount point.

if not, then it’ll get very advanced very quickly; do you know how to use strace?

GathererStuff@lemmy.ml on 03 Nov 20:11 collapse

I just checked and it is mounted as a fuse drive.

do you know how to use strace?

A very confident NO :)

eldavi@lemmy.ml on 03 Nov 20:25 collapse

fortunately we won’t have to bother w strace; but i think i can see where you’ll be blocked.

do you have to provide a username/password or token when you try to access the drive now?

if yes, then you should be able to mount it like you’re trying to do using instructions like these and you can use the information from the last printout to fill in the blanks.

if no, then its access is controlled outside of your guest instance and you’ll need to ask your admins to enable access.

GathererStuff@lemmy.ml on 03 Nov 20:47 collapse

do you have to provide a username/password or token when you try to access the drive now?

I do but it’s through the proprietary GUI of the binary which has no CLI or API I can use.

eldavi@lemmy.ml on 03 Nov 21:02 collapse

then strace might help if we’re lucky enough to get something like memory addresses.

strace can be very verbose and requires a lot of knowledge that i doubt i can share through comments back and forth.

is creating an intermediary like others have commented on in this post an option? they’re automatically easier and faster than strace and there’s no gaurantee that strace will show us the information we need.

GathererStuff@lemmy.ml on 05 Nov 07:08 collapse

strace can be very verbose and requires a lot of knowledge that i doubt i can share through comments back and forth.

No worries. Thank a lot nonetheless.

is creating an intermediary like others have commented on in this post an option?

What do you mean by intermediary? Do you mean syncing the files with the VM and then sharing the synced copy with the host?That wouldn’t work since my drive is smaller than the cloud drive and I need all the files on-demand.

eldavi@lemmy.ml on 05 Nov 07:16 collapse

What do you mean by intermediary? Do you mean syncing the files with the VM and then sharing the synced copy with the host?That wouldn’t work since my drive is smaller than the cloud drive and I need all the files on-demand.

that’s one way. do you need them all at the same time? are they mostly the same size and type?

GathererStuff@lemmy.ml on 05 Nov 07:22 collapse

do you need them all at the same time?

I need to access all files conveniently and transparently depending on what I need at work in that particular moment.

are they mostly the same size and type?

Hard no.

eldavi@lemmy.ml on 05 Nov 07:35 collapse

sshfs might work if your fuse drive is mounted with options that will let it be shared and you have sudo access to enable sshfs. also ssh access is a requirement.

how is it mounted now? it should also be in that same mount printout and usually at the end of the line inside parenthesis.

GathererStuff@lemmy.ml on 06 Nov 21:16 collapse

rw,nosuid,nodev,relatime,user_id=0,group_id=0

eldavi@lemmy.ml on 06 Nov 21:33 collapse

user_id=0,group_id=0

do you have sudo access and are there any rules in /etc/sudo* that match your username or any of your groups? which distribution?

GathererStuff@lemmy.ml on 06 Nov 21:48 collapse

Since originally writing the post I have switched to a rootless podman container. Running it how I did before (inside a VM) would simply yield user_id=1000,group_id=1000 I think.

eldavi@lemmy.ml on 06 Nov 21:50 collapse

that implies that you’re not using the binary anymore since you’re in a container; is it using an overlay fs?

GathererStuff@lemmy.ml on 06 Nov 21:57 collapse

I am using the binary. Just running it inside a container instead of a VM.

overlay fs?

Yes.

eldavi@lemmy.ml on 06 Nov 22:21 collapse

so the drive isn’t mounted when the container starts; but you execute it after it started and then the drive is mounted?

GathererStuff@lemmy.ml on 06 Nov 22:44 collapse

Yes.

eldavi@lemmy.ml on 06 Nov 23:13 collapse

i’ve never seen a workflow like that so i don’t think i can help you with the container.

if getting it from the host os an option, then it makes sense to see if it’s possible and something like a sudoer rule or selinux could prevent that; my last question was my attempt to ascertain this.

MangoPenguin@lemmy.blahaj.zone on 03 Nov 21:40 next collapse

Does rclone support the cloud service?

GathererStuff@lemmy.ml on 05 Nov 07:04 collapse

It does not, hence my question.

MangoPenguin@lemmy.blahaj.zone on 05 Nov 14:44 collapse

Gotcha, in that case maybe a container? You can use a bind mount to link a folder on the host to inside the container. You could use docker/podman or LXC.

GathererStuff@lemmy.ml on 06 Nov 20:56 collapse

This is what I have been trying for the past two days actually: lemmy.ml/post/22215540 Could you please assist me there if you have an idea? Thanks :)

Matty_r@programming.dev on 04 Nov 01:39 next collapse

Maybe reshare the directory locally through Samba on your VM?

GathererStuff@lemmy.ml on 05 Nov 07:12 collapse

Why not NFS? Regardless, wouldn’t it be slower anyway compared to virtiofs?

Matty_r@programming.dev on 05 Nov 08:13 collapse

Just throwing it out there as an option. Good luck.

GathererStuff@lemmy.ml on 06 Nov 21:12 collapse

Thank you!

cy_narrator@discuss.tchncs.de on 04 Nov 13:00 next collapse

Use something like SAMBA to share files between the two systems

GathererStuff@lemmy.ml on 05 Nov 07:10 collapse

I think NFS would be a better choice if I decide to go that route. Isn’t SAMBA slower and older than NFS?

chirping@infosec.pub on 06 Nov 16:14 next collapse

I don’t understand what you mean with the content disappearing when you mount the virtiofs on the guest - isn’t the mount empty when bound, untill the guest populates it?

Can you share what sync client+guest os you are using? if the client does “advanced” features like files on demand, then it might clash with virtiofs - this is where the details of which client/OS could be relevant, does it require local storage or support remote?

If guest os is windows, samba share it to the host. if guest os is linux, nfs will probably do. In both cases I would host the share on the client, unless the client specifically supports remote storage.

podman/docker seems to be the proper tool for you here, but a VM with the samba/nfs approach could be less hassle and less complicated, but somewhat bloaty. containers require some more tailoring but in theory is the right way to go.

Keep in mind that a screwup could be interpreted by the sync client as mass-deletes, so backups are important (as a rule of thumb, it always is, but especially for cloud hosted storage)

GathererStuff@lemmy.ml on 06 Nov 21:06 collapse

I don’t understand what you mean with the content disappearing when you mount the virtiofs on the guest - isn’t the mount empty when bound, untill the guest populates it?

Sorry I made a mistake in the original post. I wanted to say on the host instead of on the guest. My bad.

Yes, you are correct, the folder is empty until I log in insde the cloud application on the guest.

does it require local storage or support remote?

What do you mean? The cloud drive is a network drive basically. It only downloads files on demand.

if guest os is linux, nfs will probably do

This is what others have suggested and what I will probably do if the method below fails.

podman/docker seems to be the proper tool for you here

Yesterday I actually tried to spin a podman container hoping it would work but I encountered the following problem when trying to propagate mounts: lemmy.ml/post/22215540

Could you please assist me there if you have further ideas? Thank you :)

Keep in mind that a screwup could be interpreted by the sync client as mass-deletes

I am VERY aware of this *sweating*

serenissi@lemmy.world on 07 Nov 21:25 collapse

9p server