From 6b1133a0b13e8636d567d00b40d97088919b4b4b Mon Sep 17 00:00:00 2001
From: Kislay Kishore <kislayk@google.com>
Date: Wed, 23 Jul 2025 13:59:53 +0530
Subject: [PATCH 1/5] Check write permissions while mounting using fusermount

fusermount doesn't let user mount unless they have write permissions on the mount-point.
It also doesn't give an informative error in the output.
Add a check to detect that the user has write access and throw error if they don't.
---
 mount_linux.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/mount_linux.go b/mount_linux.go
index 402dc467..f9725e8f 100644
--- a/mount_linux.go
+++ b/mount_linux.go
@@ -145,6 +145,11 @@ func mount(dir string, cfg *MountConfig, ready chan<- error) (*os.File, error) {
 		if err != nil {
 			return nil, err
 		}
+		// fusermount requires the runtime user to have write access to the directory.
+		// However, it doesn't give a useful error. So, check write access.
+		if err := unix.Access(dir, unix.W_OK); err != nil {
+			return nil, fmt.Errorf("the user doesn't have permissions on the mount point: %w", err)
+		}
 		argv := []string{
 			"-o", cfg.toOptionsString(),
 			"--",

From e57234e2e14f9a1bef1da35227b0609ede9cad57 Mon Sep 17 00:00:00 2001
From: Kislay Kishore <kislayk@google.com>
Date: Wed, 23 Jul 2025 14:28:50 +0530
Subject: [PATCH 2/5] Enhance comment

---
 mount_linux.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/mount_linux.go b/mount_linux.go
index f9725e8f..61fb2650 100644
--- a/mount_linux.go
+++ b/mount_linux.go
@@ -145,8 +145,9 @@ func mount(dir string, cfg *MountConfig, ready chan<- error) (*os.File, error) {
 		if err != nil {
 			return nil, err
 		}
-		// fusermount requires the runtime user to have write access to the directory.
-		// However, it doesn't give a useful error. So, check write access.
+		// fusermount requires the mount user to have write access to the directory.
+		// However, it doesn't give a useful error on mount-failure if the access is missing.
+		// So, add this check and return a useful error if the user doesn't have write-access.
 		if err := unix.Access(dir, unix.W_OK); err != nil {
 			return nil, fmt.Errorf("the user doesn't have permissions on the mount point: %w", err)
 		}

From 4117e9dee694279d7bb1a179c0ea86a49bebaad3 Mon Sep 17 00:00:00 2001
From: Kislay Kishore <kislayk@google.com>
Date: Wed, 23 Jul 2025 14:30:09 +0530
Subject: [PATCH 3/5] Enhance error message

---
 mount_linux.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mount_linux.go b/mount_linux.go
index 61fb2650..5e5ef3c2 100644
--- a/mount_linux.go
+++ b/mount_linux.go
@@ -149,7 +149,7 @@ func mount(dir string, cfg *MountConfig, ready chan<- error) (*os.File, error) {
 		// However, it doesn't give a useful error on mount-failure if the access is missing.
 		// So, add this check and return a useful error if the user doesn't have write-access.
 		if err := unix.Access(dir, unix.W_OK); err != nil {
-			return nil, fmt.Errorf("the user doesn't have permissions on the mount point: %w", err)
+			return nil, fmt.Errorf("the user doesn't have write-access on the mount point: %w", err)
 		}
 		argv := []string{
 			"-o", cfg.toOptionsString(),

From 62121d3ff71f88ad208350e2ee40931770e9b91c Mon Sep 17 00:00:00 2001
From: Kislay Kishore <kislayk@google.com>
Date: Fri, 25 Jul 2025 20:55:52 +0530
Subject: [PATCH 4/5] Only check for access if fusermount fails

---
 mount_linux.go | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/mount_linux.go b/mount_linux.go
index 5e5ef3c2..656699f3 100644
--- a/mount_linux.go
+++ b/mount_linux.go
@@ -145,18 +145,21 @@ func mount(dir string, cfg *MountConfig, ready chan<- error) (*os.File, error) {
 		if err != nil {
 			return nil, err
 		}
-		// fusermount requires the mount user to have write access to the directory.
-		// However, it doesn't give a useful error on mount-failure if the access is missing.
-		// So, add this check and return a useful error if the user doesn't have write-access.
-		if err := unix.Access(dir, unix.W_OK); err != nil {
-			return nil, fmt.Errorf("the user doesn't have write-access on the mount point: %w", err)
-		}
 		argv := []string{
 			"-o", cfg.toOptionsString(),
 			"--",
 			dir,
 		}
-		return fusermount(fusermountPath, argv, []string{}, true, cfg.DebugLogger)
+		dev, err := fusermount(fusermountPath, argv, []string{}, true, cfg.DebugLogger)
+		if err == nil {
+			return dev, nil
+		}
+		// fusermount requires the mount user to have write access to the directory.
+		// However, it doesn't give a useful error on mount-failure if the access is missing.
+		// So, add this check and return a useful error if the user doesn't have write-access.
+		if err2 := unix.Access(dir, unix.W_OK); err2 != nil {
+			return nil, errors.Join(err, fmt.Errorf("the user doesn't have write-access on the mount point: %w", err2))
+		}
 	}
 	return dev, err
 }

From 2712fc7883f9c7a601bbe552268441c3589435c9 Mon Sep 17 00:00:00 2001
From: Kislay Kishore <kislayk@google.com>
Date: Fri, 25 Jul 2025 21:00:57 +0530
Subject: [PATCH 5/5] Fix bug

---
 mount_linux.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mount_linux.go b/mount_linux.go
index 656699f3..38e19c5d 100644
--- a/mount_linux.go
+++ b/mount_linux.go
@@ -160,6 +160,7 @@ func mount(dir string, cfg *MountConfig, ready chan<- error) (*os.File, error) {
 		if err2 := unix.Access(dir, unix.W_OK); err2 != nil {
 			return nil, errors.Join(err, fmt.Errorf("the user doesn't have write-access on the mount point: %w", err2))
 		}
+		return dev, err
 	}
 	return dev, err
 }