[9fans] Drawterm /mnt/term permissions issue

[9fans] Drawterm /mnt/term permissions issue

[Ethan Grammatikidis]

I run a plan 9 cpu server in Qemu and use drawterm to connect from the Linux host.  I thought the /mnt/term mechanism would be very convenient for exchanging files between host & guest, but the guest sees all user/group names as unknown/unknown, preventing writing.

Within drawterm:

sauvo> echo $user
ethan
sauvo> cd /mnt/term/home/ethan/tmp
sauvo> ls -l
d-rwxr-xr-x M 80 unknown unknown 4096 Jun  4 19:52 glibc-2.9
--rw-r--r-- M 80 unknown unknown 5539 Jun  2 21:57 installed
sauvo>

In Linux:

ethan@vardo $ pwd
/home/ethan/tmp
ethan@vardo $ ls -l
total 12K
drwxr-xr-x 67 ethan ethan 4.0K 2009-06-04 19:52 glibc-2.9/
-rw-r--r--  1 ethan ethan 5.5K 2009-06-02 21:57 installed
ethan@vardo $

Is this a drawterm issue? If so...

I can understand drawterm mapping most user & group names to unknown, but shouldn't I be able to write to my own files? This could be solved if drawterm mapped the username of the running user to that of the logged in user.

To illustrate how I think that mapping would appear in use, if my username on my Linux box was was "geoff", and used drawterm to log in to a plan 9 machine as user bootes the above example would appear as follows:

plan9host> echo $user
bootes
plan9host> cd /mnt/term/home/geoff/tmp
plan9host> ls -l
d-rwxr-xr-x M 80 bootes bootes 4096 Jun  4 19:52 glibc-2.9
--rw-r--r-- M 80 bootes bootes 5539 Jun  2 21:57 installed

geoff@linuxbox $ cd ~/tmp
geoff@linuxbox $ ls -l
total 12K
drwxr-xr-x 67 geoff geoff 4.0K 2009-06-04 19:52 glibc-2.9/
-rw-r--r--  1 geoff geoff 5.5K 2009-06-02 21:57 installed

--
Ethan Grammatikidis
The lyf so short, the craft so long to lerne. -- Chaucer

Re: [9fans] Drawterm /mnt/term permissions issue

[Russ Cox]

On Thu, Jun 4, 2009 at 4:58 PM, Ethan Grammatikidis <eekee57@fastmail.fm> wrote:
> I run a plan 9 cpu server in Qemu and use drawterm to connect from the Linux host.
> I thought the /mnt/term mechanism would be very convenient for exchanging files
> between host & guest, but the guest sees all user/group names as
> unknown/unknown, preventing writing.

That's surprising.  Drawterm isn't going around enforcing
permission bits: if it can write, it writes.  What it shows
you in ls is what it gets from stat, but it doesn't rely on
that to make decisions about what you can open.  It just
tries to open it.

http://cvs.pdos.csail.mit.edu/cvs/drawterm/kern/devfs-posix.c?rev=1.5;content-type=text%2Fplain

Russ

Re: [9fans] Drawterm /mnt/term permissions issue

[Ethan Grammatikidis]

On Thu, 4 Jun 2009 17:23:08 -0700
Russ Cox <rsc@swtch.com> wrote:

> On Thu, Jun 4, 2009 at 4:58 PM, Ethan Grammatikidis <eekee57@fastmail.fm> wrote:
> > I run a plan 9 cpu server in Qemu and use drawterm to connect from the Linux host.
> > I thought the /mnt/term mechanism would be very convenient for exchanging files
> > between host & guest, but the guest sees all user/group names as
> > unknown/unknown, preventing writing.
>
> That's surprising.  Drawterm isn't going around enforcing
> permission bits: if it can write, it writes.  What it shows
> you in ls is what it gets from stat, but it doesn't rely on
> that to make decisions about what you can open.  It just
> tries to open it.
>
> http://cvs.pdos.csail.mit.edu/cvs/drawterm/kern/devfs-posix.c?rev=1.5;content-type=text%2Fplain

Looks like a prime candidate for modification. ;) The code unconditionally sets d.uid = "unknown" immediately after stat(path, &stbuf) calls. stbuf.st_uid could be compared with the un*x UID drawterm is running as, & if matching d.uid is filled with the logged-in plan 9 username instead of "unknown". Similar for stbuf.st_gid and g.gid.

I could write a patch when I'm more awake. Rather a lot to look up when I'm falling asleep. :)

--
Ethan Grammatikidis
The lyf so short, the craft so long to lerne. -- Chaucer

Re: [9fans] Drawterm /mnt/term permissions issue

[Ethan Grammatikidis]

On Thu, 4 Jun 2009 17:23:08 -0700
Russ Cox <rsc@swtch.com> wrote:

> On Thu, Jun 4, 2009 at 4:58 PM, Ethan Grammatikidis <eekee57@fastmail.fm> wrote:
> > I run a plan 9 cpu server in Qemu and use drawterm to connect from the Linux host.
> > I thought the /mnt/term mechanism would be very convenient for exchanging files
> > between host & guest, but the guest sees all user/group names as
> > unknown/unknown, preventing writing.
>
> That's surprising.  Drawterm isn't going around enforcing
> permission bits: if it can write, it writes.  What it shows
> you in ls is what it gets from stat, but it doesn't rely on
> that to make decisions about what you can open.  It just
> tries to open it.

Oh now I get it: drawterm isn't enforcing permissions but the plan 9 kernel is, on seeing a dir with user/group = unknown/unknown and perms bits = 755 it won't allow creation within that dir. At least, I assume that's what's going on.

--
Ethan Grammatikidis
The lyf so short, the craft so long to lerne. -- Chaucer

Re: [9fans] Drawterm /mnt/term permissions issue

[erik quanstrom]

On Fri Jun  5 01:21:25 EDT 2009, eekee57@fastmail.fm wrote:
> On Thu, 4 Jun 2009 17:23:08 -0700
> Russ Cox <rsc@swtch.com> wrote:
>
> > On Thu, Jun 4, 2009 at 4:58 PM, Ethan Grammatikidis <eekee57@fastmail.fm> wrote:
> > > I run a plan 9 cpu server in Qemu and use drawterm to connect from the Linux host.
> > > I thought the /mnt/term mechanism would be very convenient for exchanging files
> > > between host & guest, but the guest sees all user/group names as
> > > unknown/unknown, preventing writing.
> >
> > That's surprising.  Drawterm isn't going around enforcing
> > permission bits: if it can write, it writes.  What it shows
> > you in ls is what it gets from stat, but it doesn't rely on
> > that to make decisions about what you can open.  It just
> > tries to open it.
>
> Oh now I get it: drawterm isn't enforcing permissions ,,,

correct,

> but the plan 9 kernel is, on seeing a dir with user/group = unknown/unknown and perms bits = 755 it won't allow creation within that dir. At least, I assume that's what's going on.

incorrect.  the linux kernel is checking the file's permissions against the
euid/egid of the drawterm process.

unknown/unknown are just filler that drawterm provides.  perhaps it
should say "(this space reserved for a user name if we had one)", but
that would be rather long and would break the general convention that
usernames in plan 9 do not have spaces or punctuation.

(bonus points for the first explot by a fs injecting shell script goo
into user/group name.  ☺)

- erik

Re: [9fans] Drawterm /mnt/term permissions issue

[sqweek]

2009/6/5 Ethan Grammatikidis <eekee57@fastmail.fm>:
> the guest sees all user/group names as unknown/unknown, preventing writing.

 incorrect diagnosis.

cpu% ls -ld /mnt/term/home/sqweek/tmp
d-rwxrwxr-x M 68780 unknown unknown 4096 Jun  5 16:07 /mnt/term/home/sqweek/tmp
cpu% touch /mnt/term/home/sqweek/tmp/lol
cpu% ls -l /mnt/term/home/sqweek/tmp/lol
--rw-rw-rw- M 68780 unknown unknown 0 Jun  5 16:11 /mnt/term/home/sqweek/tmp/lol

-sqweek

Re: [9fans] I fail at bind WAS: Drawterm /mnt/term permissions issue

[Ethan Grammatikidis]

On Fri, 5 Jun 2009 16:14:51 +0800
sqweek <sqweek@gmail.com> wrote:

> 2009/6/5 Ethan Grammatikidis <eekee57@fastmail.fm>:
> > the guest sees all user/group names as unknown/unknown, preventing writing.
>
>  incorrect diagnosis.
>
> cpu% ls -ld /mnt/term/home/sqweek/tmp
> d-rwxrwxr-x M 68780 unknown unknown 4096 Jun  5 16:07 /mnt/term/home/sqweek/tmp
> cpu% touch /mnt/term/home/sqweek/tmp/lol
> cpu% ls -l /mnt/term/home/sqweek/tmp/lol
> --rw-rw-rw- M 68780 unknown unknown 0 Jun  5 16:11 /mnt/term/home/sqweek/tmp/lol
>
> -sqweek
>

You're right. My lib/profile contained the following:

vxdir = /mnt/term/trees/x86-chroot/home/ethan/plan9/home
if (test -e $vxdir) {
	bind $vxdir $home/9vx-home
}

I was doing this:

sauvo> cd 9vx-home/
sauvo> echo foo > bar
bar: rc: can't open: 'bar' mounted directory forbids creation

I guess I assumed that error was global, as it would have been if I'd used Linux mount --bind. Sorry about that. Not off to a good start am I? :) I've fixed my profile & re-started drawterm & now everything's normal.

New question:
New files created under /mnt/term have permissions 0666, or 0777 for directories. Can I make the default not world-writable?

--
Ethan Grammatikidis
The lyf so short, the craft so long to lerne. -- Chaucer

Re: [9fans] Drawterm /mnt/term permissions issue

[Skip Tavakkolian]

> stbuf.st_uid could be compared with the un*x UID drawterm is running as, & if matching d.uid is filled with the logged-in plan 9 username instead of "unknown".

that might reduce some confusion. probably want to change
kern/devcons.c too so that reading /dev/user returns the value
of 'user' (drawterm.h)