Hi everyone! I want to be able to access a folder inside the guest that corresponds to a cloud drive that is mounted inside the guest for security purposes. I have tried setting up a shared filesystem inside Virt-Manager (KVM) with virtiofs (following this tutorial: https://absprog.com/post/qemu-kvm-shared-folder) but as soon as I mount the folder in order for it to be accessible on the guest host the cloud drive gets unmounted. I guess a folder cannot have two mounts at the same time. Aliasing the folder using bind and then sharing the aliased folder with the host doesn’t work either. The aliased folder is simply empty on the host.

Does anyone have an idea regarding how I might accomplish this? Is KVM the right choice or would something like docker or podman better suited for this job? Thank you.

  • Possibly linux
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 months ago

    You will need to mange the VM separately and the added hop (into the VM and then out again) will slow down performance and create another point of failure.

    Why would running it in a VM benefit security? Couldn’t you just mount it with fuse?

    • GathererStuff@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 month ago

      Because the executable is proprietary (and a bit legacy I would say) and full of telemetry, undocumented and the cloud service has no CLI, WebDAV or rclone support. I do not want to run something like that on my personal computer and I do not know how to use bwrap properly and don’t want to risk it. I have since switched over to a podman container but I encounter the same problem, the folder is empty on the host (See my post here: https://lemmy.ml/post/22215540).

      • S_S@lemy.lol
        link
        fedilink
        English
        arrow-up
        1
        ·
        25 days ago

        I’ve used bubblewrap for many things and for a long time now, if you want to try that and have questions about it I think I can help, it is what I should have done in your scenario and what I have done much for the same reasons