From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: * X-Spam-Status: No, score=1.1 required=5.0 tests=DATE_IN_PAST_03_06 autolearn=no autolearn_force=no version=3.4.4 Received: (qmail 23290 invoked from network); 18 Jan 2022 10:13:01 -0000 Received: from 4ess.inri.net (216.126.196.42) by inbox.vuxu.org with ESMTPUTF8; 18 Jan 2022 10:13:01 -0000 Received: from 5ess.inri.net ([107.191.111.177]) by 4ess; Tue Jan 18 00:25:02 -0500 2022 Received: from [127.0.0.1] ([104.59.85.219]) by 5ess; Tue Jan 18 00:06:43 -0500 2022 Date: Tue, 18 Jan 2022 05:06:41 +0000 From: Stanley Lieber To: 9front@9front.org In-Reply-To: <365B92442B08A87728AA2C4D28F26158@gmail.com> References: <365B92442B08A87728AA2C4D28F26158@gmail.com> Message-ID: <51605C26-36E6-4AB4-AF20-6761E2C389F3@stanleylieber.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: base descriptor hardware Subject: Re: [9front] werc comments egine Reply-To: 9front@9front.org Precedence: bulk On January 18, 2022 3:20:34 AM UTC, thinktankworkspaces@gmail=2Ecom wrote: >Okay thinking about this=2E I guess /rc/bin/cpurc has a line > > # cpu+auth server > auth/keyfs -wp -m /mnt/keys /adm/keys > aux/listen -q -t /rc/bin/service=2Eauth -d $serviced tcp > >Which I guess points to tcp services or /rc/bin/services > >cpu% cat tcp80 >#!/bin/rc >exec /rc/bin/rc-httpd/rc-httpd >>[2]/sys/log/www >cpu%=20 > >So how do I get the user to run this=2E Do I just pull it out of cpurc an= d add it to /usr/www/lib/profile or >clearly i'm confused? > >I guess I always drawterm and log in as glenda the run rcpu -u www=2E So = I should do that >and manually run=20 > >aux/listen -q -t /rc/bin/service=2Eauth -d $serviced tcp when you boot the system, $user is the hostowner, which refers to the owne= r of the kernel process=2E the hostowner ends up owning the disk file serve= r process, as well, but the disk file server programs don't provide any aut= omatic mechanism for violating disk file permissions without writing code o= r abusing the system's running processes with a special tool such as acid(1= )=2E disk file permissions are completely separate from kernel process permissi= ons, and are controlled by the disk file server process (cwfs or hjfs)=2E b= y convention, plan 9 arranges for the kernel, auth, and disk file server to= honor matching usernames, even though technically they're separate entitie= s=2E it looks like your system is running rc-httpd via a tcp80 script launched = by the default listen(8) process, which ends up being owned by the special = user none, rather than your chosen user www=2E here's what i do for 9front=2Eorg: first, move the /rc/bin/services/tcp80 script into /cfg/$sysname/service= =2Ewww/ then add the following to /cfg/$sysname/cpustart: auth/as www aux/listen -p 128 -t /cfg/$sysname/service=2Ewww when you reboot, this will start a listener running as user www on the dir= ectory /cfg/$sysname/service=2Ewww/, and any listener script you put in the= re will in turn be run as user www=2E sl