Systemd.automount activates systemd.mount immediately if mount path is /home/user/mnt

Due to file system access permissions of a flatpak app being restricted to /home/user I moved my mount path from /mnt/MBO to /home/wurstsemmel/mnt/MBO.

According to man systemd.automount, systemd.automount activates systemd.mount upon accessing the mount path. It works as described if I use /mnt/MBO as mount path.

When using /home/wurstsemmel/mnt/MBO as mount path, the remote file system is mounted immediately. Instead, it should be mounted upon (first) access.

Can anyone please help with an explanation and give a hint why? I would expect the same behaviour regardless of the mount path.

Thanks!

System: Fedora Linux 35 (Workstation Edition) on a Dell XPS 13 (9380)

Mount path /mnt/MBO: The WebDAV share is mounted upon first file system access, as described in the man page. Below, mount | grep MBO returns two lines after issuing ls.

[wurstsemmel@xps13 ~]$ sudo systemctl is-enabled mnt-MBO.mount
disabled
[wurstsemmel@xps13 ~]$ sudo systemctl is-enabled mnt-MBO.automount
disabled
[wurstsemmel@xps13 ~]$ mount | grep MBO
[wurstsemmel@xps13 ~]$ sudo systemctl start mnt-MBO.automount
[wurstsemmel@xps13 ~]$ mount | grep MBO
systemd-1 on /mnt/MBO type autofs (rw,relatime,fd=54,pgrp=1,timeout=300,minproto=5,maxproto=5,direct,pipe_ino=39346)
[wurstsemmel@xps13 ~]$ ls /mnt/MBO
 [...]
[wurstsemmel@xps13 ~]$ mount | grep MBO
systemd-1 on /mnt/MBO type autofs (rw,relatime,fd=54,pgrp=1,timeout=300,minproto=5,maxproto=5,direct,pipe_ino=39346)
https://dav.mailbox.org/servlet/webdav.infostore/Userstore/xxx on /mnt/MBO type fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=0,allow_other,max_read=16384)
[wurstsemmel@xps13 ~]$

Mount path /home/wurstsemmel/mnt/MBO: The WebDAV Share is mounted immediately after starting systemd.automount. Below, mount | grep MBO returns two lines immediately after starting the automount unit file.

[wurstsemmel@xps13 ~]$ sudo systemctl is-enabled home-wurstsemmel-mnt-MBO.automount
disabled
[wurstsemmel@xps13 ~]$ sudo systemctl is-enabled home-wurstsemmel-mnt-MBO.mount
disabled
[wurstsemmel@xps13 ~]$ mount | grep MBO
[wurstsemmel@xps13 ~]$ sudo systemctl start home-wurstsemmel-mnt-MBO.automount
[wurstsemmel@xps13 ~]$ mount | grep MBO
systemd-1 on /home/wurstsemmel/mnt/MBO type autofs (rw,relatime,fd=54,pgrp=1,timeout=300,minproto=5,maxproto=5,direct,pipe_ino=38229)
https://dav.mailbox.org/servlet/webdav.infostore/Userstore/xxx on /home/wurstsemmel/mnt/MBO type fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=0,allow_other,max_read=16384)
[wurstsemmel@xps13 ~]$

journalctl -xf lists pool or gvfs as trigger for automount to activate the mount unit file if the mount path is in /home.

Is it maybe Gnome Photos?

See also

Maybe I found the solution:

Under Settings → Search → Search Locations (German: “Orte durchsuchen”) I deactivated “Personal Folder”.

Edit: Unfortunately, a service called pool still triggers the automount.

Hi, you could give permissions to specific flatpak app to /home/user with:

# Give permission
sudo flatpak override --filesystem=/path/path org.NAMEOFAPP.APP

# Check permission
flatpak info --show-permissions org.NAMEOFAPP.APP

# Remove permission
sudo flatpak override --nofilesystem=/path/path org.NAMEOFAPP.APP

Please read the doc here on part “Filesystem access”.

Update:

I’m not sure, if we add *.automount under /home/user/ it always mounted automatically even we not accessing the folder. May be there a service from Gnome that altering the *.autoumount. As you can see the service that trigger that is gvfs.

Above about with adding flatpak permission to access specific path, may be you could stick with mnt-MBO.automount then enable it. Hopefully after restart the system, if the flatpak accessing the path (/mnt/MBO) it will trigger the *.mount unit.

1 Like

You could also use flatseal to manage flatpak permissions.

1 Like

Thank you, @oprizal & @grumpey.

These are certainly helpful ways to get access from within the flatpak app to /mnt/MBO.

However, I would prefer a way to exclude /home/wurstsemmel/mnt/MBO from being activated by the service called pool. I cannot reproduce gfvs to activate the *.automount.

Do you know how I can get more information on pool? The output from journalctl -xf is:

Feb 28 22:49:53 xps13 systemd[1]: home-wurstsemmel-mnt-MBO.automount: Got automount request for /home/wurstsemmel/mnt/MBO, triggered by 5318 (pool)

I followed the approach as proposed.

sudo flatpak override --filesystem=/mnt/MBO APP
flatpak info --show-permissions APP

To revert all overrides:

sudo flatpak override --reset APP
flatpak info --show-permissions APP

Thanks again!

1 Like