[Cherry-picked to v0.20.2] alpine: avoid wiping out writable host mounts under /home, etc.

[AkihiroSuda]

A host directory could be wiped out when all the following conditions are met:

• The directory is mounted to Lima via virtiofs or 9p (reverse-sshfs is not affected)
• The mount is writable
• The mount point in the guest is under one of: /etc /home /root /usr/local /var/lib
• The guest OS is Alpine Linux

Fix #2221
Fix rancher-sandbox/rancher-desktop#6582

[jandubois]

• The directory is mounted to Lima via virtiofs

I have not tested it, but I suspect the same will be true for 9p. The important factor is that the directory is mounted before cloud-init is running, which is true for 9p and virtiofs, but not for reverse-sshfs.

[jandubois]

There is some code that has become redundant with this change and should be removed.

[AkihiroSuda]

DNM, since fstab is gone, the PR has to be worked out again from scratch

[AkihiroSuda]

Confirmed that the issue affects 9p as well

[AkihiroSuda]

Added a test

[jandubois]

Thanks, LGTM and worked in my local tests.

I don't think the mounting code will work with mount points that include backslashes, due to the way we have to do the quoting, but I think that is acceptable; who is using backslashes in directory names?

[jandubois]

I think this is fine to merge as-is. But if you want to support double-quotes and backslashes in mountpoints, then you could to

Suggested change

	echo "mount -t \"${MNTTYPE}\" -o \"${MNTOPTS}\" \"${MNTDEV}\" \"${MNTPNT}\"" >>/mnt.sh
	MNTPNT=${MNTPNT//\\/\\\\}
	MNTPNT=${MNTPNT//\"/\\\"}
	echo "mount -t \"${MNTTYPE}\" -o \"${MNTOPTS}\" \"${MNTDEV}\" \"${MNTPNT}\"" >>/mnt.sh

I've tested it with

$ MNTPNT=$'foo\\bar"baz\nfoo\\bar"baz'
$ echo "$MNTPNT"
foo\bar"baz
foo\bar"baz
$ MNTPNT=${MNTPNT//\\/\\\\}
$ MNTPNT=${MNTPNT//\"/\\\"}
$ echo "$MNTPNT"
foo\\bar\"baz
foo\\bar\"baz

If you do that, then you should probably also update the test case to use backslashes and quotes in the test directory name.

Just realized that lima-init.sh in alpine-lima doesn't support backslashes and quotes in mountpoint either right now: https://github.com/rancher-sandbox/alpine-lima/blob/5a55b61512a6e7b4affb8a9779d179f559b0ac18/lima-init.sh#L65-L66

So the tests would fail unless we fix this in alpine-lima as-well.

[AkihiroSuda]

Thanks, applied

[AkihiroSuda]

Cherry-picked to v0.20.2

• [release/0.20] alpine: avoid wiping out writable host mounts under /home, etc #2241