From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <140e7ec30907140034j5a206e44oc36cc19fa805d63c@mail.gmail.com> References: <0F3972F5-D44B-4231-97FA-C6CE871B032B@gmail.com> <140e7ec30907130124g1a0e4c90m6d83a08516d95463@mail.gmail.com> <140e7ec30907140034j5a206e44oc36cc19fa805d63c@mail.gmail.com> Date: Tue, 14 Jul 2009 08:33:43 -0600 Message-ID: From: Latchesar Ionkov To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: [9fans] v9fs question Topicbox-Message-UUID: 1fce0782-ead5-11e9-9d60-3106f5b1d025 Hmm, I don't understand how this works. v9fs should issue its own Tversion and Tattach and discard the previously authenticated session, right? Or I am missing something? Thanks, Lucho On Tue, Jul 14, 2009 at 1:34 AM, sqweek wrote: > 2009/7/13 Latchesar Ionkov : >> On Mon, Jul 13, 2009 at 2:24 AM, sqweek wrote: >>> =A0Anyway, note that if you auth you'll need supporting software from >>> p9p also. Factotum and srv -a, in particular, then give v9fs a -o >>> trans=3Dunix. >> >> I don't think that auth is working with v9fs at all. The auth support >> got dropped accidentally with some of the changes, probably when >> access=3Duser|any| was introduced. I.e. my fault. > > =A0I didn't realise v9fs ever had auth support. Here is how I've been > getting an authenticated mount for years: > > # create mountpoint > $ n=3D$HOME/n > $ mkdir -p $n/wren > > # need factotum running to do the dirty work > $ factotum > > # srv -a posts a pre-authenticated socket in the p9p ns directory > # wren is my fileserver > $ srv -a wren > !adding key: role=3Dclient proto=3Dp9sk1 dom=3Dsqweek.dnsdojo.org > user[sqweek]: > password: > > $ 9mount -i 'unix!/tmp/ns.sqweek.:0/wren' $n/wren > =A0(or) > $ mount -t 9p -o uname=3Dsqweek,trans=3Dunix,noextend,dfltuid=3D$(id > -u),dfltgid=3D$(id -g) /tmp/ns.sqweek.:0/wren $n/wren > # I'm not sure if uname is strictly necessary > > $ 9bind $n/wren/home/sqweek/mail $HOME/sqweek/mail > # various other binds > > =A0Jorden mentioned it's a bad idea to let anyone mount anything because > everyone shares the same namespace. 9mount does have some sanity > checks for that environment, it will only let you mount over a > directory you have write access to (and isn't sticky) or is under your > home dir. Never really been field tested though :) > >> Adding the support we had before the access=3D support is probably easy, >> but I would like to make it better and support authentication for >> multiple users. Still no idea what is the correct way. :( Any >> suggestions are welcome. > > =A0Can't help you there - I'm not sure it makes sense to try and put > factotum's functionality in the linux kernel... Is there some problem > with the private namespace/individual user mount approach? > -sqweek > >