From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Wed, 15 Oct 2008 02:42:22 -0700 From: "Roman V. Shaposhnik" In-reply-to: <26c1814ccfc8559a96987385a144c4e7@quanstro.net> To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Message-id: <1224063742.4463.145.camel@goose.sun.com> MIME-version: 1.0 Content-type: text/plain Content-transfer-encoding: 7BIT References: <26c1814ccfc8559a96987385a144c4e7@quanstro.net> Subject: Re: [9fans] several things Topicbox-Message-UUID: 1e724976-ead4-11e9-9d60-3106f5b1d025 On Mon, 2008-10-13 at 18:35 -0400, erik quanstrom wrote: > > 4) What is the sense of > > bind 'sth' 'the_same_sth' > > ? (like 'bind / /' or 'bind /usr/ruda/a /usr/ruda/a') > > i believe this is a noop. in the case of "bind / /", look > at /lib/namespace. consider the case where $rootdir > isn't nil. I have always thought, that the only reason for "bind " is so that subsequent "bind -a/-b" would work: http://groups.google.com/group/comp.os.plan9/browse_thread/thread/c6cc9fb882978983/5067403b25124bac?hl=en&lnk=gst&q=bind+#5067403b25124bac I would really love to be educated is there's something more subtle to it. > > 5) When I do > > > > cd > > mkdir a > > mntgen a > > bind lib a/b > > unmount a > > > > all these command finish ok, but I am left with > > > > bind /usr/ruda/lib /usr/ruda/a/b > > > > in the namespace (see the result of the 'ns' command; there you can also > > spot that after issueing the 'mntgen' command a line > > 'bind /usr/ruda/a /usr/ruda/a/' appears; that relates to my 4th question; > > this bind is the one removed by the 'unmount' command). > > How can I get rid of that then? > > i don't think any pruning of inaccessable bits of > the namespace is ever done. consider a program > like ftpd which via /lib/namespace.ftp (sic) typically > binds something like /usr/ftp/ onto /. while everything > above /usr/ftp is unaccessable, it's not removed from > the namespace and you can't touch it. > > ; mntgen a > ; bind /env a/env > ; bind /bin a/bin > ; bind /proc a/proc > ; bind a / > ; ns > > consider it a security feature. Be it as it may, I still can't quite follow why *manual* pruning of the entries from the namespace would be forbidden. unmount(2) takes two strings as arguments, right? It doesn't even need an fd. Thanks, Roman.