Using FUSE to create a userfriendly layer.
Author: Stef Bon
For some time now I'm working on a construction which offers the user a layer around the normal system, giving the user access to all kinds of resources found, local like partitions on harddrives and usbsticks and cdroms, network like SMB shares, and (todo) services like Google Docs and Amazon S3. Simply, after the user logs in the root of the system is transormed into:
For screenshots and more see: http://linux.bononline.nl/wiki/index.php/Changes_and_issues And general information: http://linux.bononline.nl/wiki/index.php/Mount.md5key
I haven't found anybody else using it, it looks a lot like GoboLinux. When showing it to other Linux developers, they all react like: "nice, but I wouldn't use it". Well the target user is the not so familiar with linux user, and don't want to learn...
The folder with local devices (Computer) is managed using udev for dynamic detection of resources, and static scanning for devices when a session starts.
Network resources, for now only SMB services are supported, are detected while the user is browsing. The FUSE fs launches some external scripts, which on their turn use utilties like nbtscan, nmblookup and smbclient to detect SMB resources.
Access to Internet Services like Google Docs and Amazon S3 is possible, but does not work yet. I haven't found the time to work on these, but it's very possible to access these services (and others like these) with a FUSE fs. I like to have access to remote file on the Internet (cloudlike services) not to replace existing methods to access them, but I like very much just seeing everything in a directory I can browse. And these services are very handy when moving a lot data /files from the local computer to the Internet space (upload), where doing this from the browser is not so handy.
This construction uses a FUSE module (fuse-workspace), the automounter, some clever remounting, a chroot when a session starts (pam_chroot), a hash table for every resource found using a md5 value as index.
The FUSE fs has the ability to hide an entry by skipping it at the readdir call. This makes it possible to create a new chroot where directories like /bin, /usr, /lib etcetera are hidden. They are present but hidden. This is only possible so far as I know with a FUSE fs.
I had to "invent" mimetypes for directories (actually roles) to make this work good like:
This mimetype is provided using the Xattr:
getfattr --name system.workspace_mimetype .
Extended attributes are used a lot to get/set properties.
I'm working on/have been working on:
. making inotify work in combination with a FUSE fs, and cifs (and possibly nfs)
. safe removal of a cdrom and usb stick
. create e new pam module which does everything: run external scripts, create a new namespace and chroot.