From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 5260 invoked from network); 2 Jul 2022 21:26:45 -0000 Received: from 9front.inri.net (168.235.81.73) by inbox.vuxu.org with ESMTPUTF8; 2 Jul 2022 21:26:45 -0000 Received: from mimir.eigenstate.org ([206.124.132.107]) by 9front; Sat Jul 2 17:25:44 -0400 2022 Received: from stockyard.localdomain (cpe-68-174-86-38.nyc.res.rr.com [68.174.86.38]) by mimir.eigenstate.org (OpenSMTPD) with ESMTPSA id 95b8a221 (TLSv1.2:ECDHE-RSA-AES256-SHA:256:NO) for <9front@9front.org>; Sat, 2 Jul 2022 14:25:36 -0700 (PDT) Message-ID: <767DB82332D40F4FCBDC0BF96384869C@eigenstate.org> To: 9front@9front.org Date: Sat, 02 Jul 2022 17:25:34 -0400 From: ori@eigenstate.org In-Reply-To: <88b93657-5d28-2309-4e43-0cba952fdf20@posixcafe.org> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: firewall package firewall Subject: Re: [9front] [PATCH] Permissions for child boards in /srv Reply-To: 9front@9front.org Precedence: bulk Quoth Jacob Moody : > > Here's the patch in total now against the now reverted version > in tree, happy to provide more context. Since this is more or less > a full rewrite, I've included the full devsrv.c as an attachment if > that is easier to dig through. > Applied this on shithub, let's see if the front falls off. I'll also be putting together some code to make more use of it. Maybe we also want auth/box to grow a way of running with a private /srv? Maybe even unconditionally? Something like: diff d457233c70ef6aa28861dd2978e92968ffba0920 uncommitted --- a/sys/src/cmd/auth/box.c +++ b/sys/src/cmd/auth/box.c @@ -145,11 +145,11 @@ { char *b; Dir *d; - char devs[1024]; - int dfd; + char devs[1024], srvname[24], srvpath[32]; + int dfd, sfd; char *parts[256]; int mflags[256]; - int nparts; + int n, nparts; nparts = 0; memset(devs, 0, sizeof devs); @@ -192,6 +192,14 @@ rfork(RFNAMEG|RFFDG); skelfs(); + sfd = open("/srv/clone", OREAD); + if(sfd < 0) + sysfatal("could not open /srv/clone: %r"); + if((n = read(sfd, srvname, sizeof(srvname))) == -1) + sysfatal("could not read srv id: %r"); + snprint(srvpath, sizeof(srvpath), "/srv/%.*s", n, srvname); + if(bind(srvpath, "/srv", MREPL) < 0) + sysfatal("could not bind %s: %r", srvpath); dfd = open("/dev/drivers", OWRITE|OCEXEC); if(dfd < 0) sysfatal("could not /dev/drivers: %r");