#!/bin/bash

## Copyright (C) 2019 - 2023 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
## See the file COPYING for copying conditions.

## test:
## sudo tb_home_folder=/home/user/.tb bash -x /usr/libexec/tb-starter/remount-exec

#set -x
set -e

if [ "$(id -u)" != "0" ]; then
   echo "ERROR: Must run as root." >&2
   exit 112
fi

## example tb_home_folder:
## /home/user/.tb

if [ "$tb_home_folder" = "" ]; then
   echo "$0: ERROR tb_home_folder is empty" >&2
   exit 1
fi

## Validate tb_home_folder
if [[ "${tb_home_folder}" =~ ^/home ]] \
   || [[ "${tb_home_folder}" =~ ^/var/cache/tb-binary ]]; then
   ## Check if already correct mount options.
   if mount | grep "$tb_home_folder" | grep -q noexec ; then
      ## noexec mount option found. Therefore remount.
      mount --bind -o nosuid,nodev "$tb_home_folder" "$tb_home_folder"
   fi
fi

## results in:
# mount | grep /home/user/.tb
# /dev/xvdb on /home/user/.tb type ext4 (rw,nosuid,nodev,relatime,discard)
# /dev/xvdb on /rw/home/user/.tb type ext4 (rw,nosuid,nodev,relatime,discard)
