Add unprivileged option in `mount.fuse3`

The unprivileged option allows to run the FUSE file system process without privileges by dropping capabilities and preventing them from being re-acquired via setuid / fscaps etc. To accomplish this, mount.fuse sets up the `/dev/fuse` file descriptor and mount itself and passes the file descriptor via the `/dev/fd/%u` mountpoint syntax to the FUSE file system.
author: Mattias Nissler <mnissler@chromium.org> 2018-08-31 09:44:04 +0200
committer: Nikolaus Rath <Nikolaus@rath.org> 2018-10-09 20:36:22 +0100
commit: da7c9b228aaf31f37684e106b75262055ca440de (patch)
tree: 548cb7e54d87af7c2cfdcde3dcb01d0f184f0315 /include
parent: 64e11073b9347fcf9c6d1eea143763ba9e946f70 (diff)
download: libfuse-da7c9b228aaf31f37684e106b75262055ca440de.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/include/fuse.h b/include/fuse.h
index 7b63c42..24e04bc 100644
--- a/include/fuse.h
+++ b/include/fuse.h
@@ -1219,6 +1219,16 @@ typedef struct fuse_fs *(*fuse_module_factory_t)(struct fuse_args *args,
 /** Get session from fuse object */
 struct fuse_session *fuse_get_session(struct fuse *f);
 
+/**
+ * Open a FUSE file descriptor and set up the mount for the given
+ * mountpoint and flags.
+ *
+ * @param mountpoint reference to the mount in the file system
+ * @param options mount options
+ * @return the FUSE file descriptor or -1 upon error
+ */
+int fuse_open_channel(const char *mountpoint, const char *options);
+
 #ifdef __cplusplus
 }
 #endif
author	Mattias Nissler <mnissler@chromium.org>	2018-08-31 09:44:04 +0200
committer	Nikolaus Rath <Nikolaus@rath.org>	2018-10-09 20:36:22 +0100
commit	da7c9b228aaf31f37684e106b75262055ca440de (patch)
tree	548cb7e54d87af7c2cfdcde3dcb01d0f184f0315 /include
parent	64e11073b9347fcf9c6d1eea143763ba9e946f70 (diff)
download	libfuse-da7c9b228aaf31f37684e106b75262055ca440de.tar.gz