* a consideration on cwfs
@ 2014-08-10 11:53 Kenji Arisawa
2014-08-10 14:01 ` [9front] " cinap_lenrek
2014-08-10 20:40 ` cinap_lenrek
0 siblings, 2 replies; 7+ messages in thread
From: Kenji Arisawa @ 2014-08-10 11:53 UTC (permalink / raw)
To: 9front
Hello,
my server is running on plan9 (9front). of course the file system is cwfs.
the original file system is unable to accept because I am afraid that the allow mode
might make a problem.
I need maintenance and then need allow mode.
I don't want to disconnect network cable when cwfs is in allow mode.
it is curious for me that no one have complained this problem.
(fossil enables allow mode that restricts only to glenda)
I have been obliged to add patch to cwfs.
the patch enables
allow [user]
which restricts allow mode only to specified user.
I am happy if 9front people support this feature.
you will find the patch at http://plan9.ar.aichi-u.ac.jp/netlib/cwfs/
that has some other premiums.
Kenji Arisawa
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [9front] a consideration on cwfs
2014-08-10 11:53 a consideration on cwfs Kenji Arisawa
@ 2014-08-10 14:01 ` cinap_lenrek
2014-08-10 20:40 ` cinap_lenrek
1 sibling, 0 replies; 7+ messages in thread
From: cinap_lenrek @ 2014-08-10 14:01 UTC (permalink / raw)
To: 9front
i cant resolve the domain here, but this seems to work:
http://plan9.aichi-u.ac.jp/netlib/cwfs/
--
cinap
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [9front] a consideration on cwfs
2014-08-10 11:53 a consideration on cwfs Kenji Arisawa
2014-08-10 14:01 ` [9front] " cinap_lenrek
@ 2014-08-10 20:40 ` cinap_lenrek
2014-08-16 10:41 ` arisawa
1 sibling, 1 reply; 7+ messages in thread
From: cinap_lenrek @ 2014-08-10 20:40 UTC (permalink / raw)
To: 9front
thanks! this is a good idea. just commited the change but also
used the opportunity to unify the permission override code to
get rid of wstatallow flag and all the extra code in the callers
of iaccess().
--
cinap
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [9front] a consideration on cwfs
2014-08-10 20:40 ` cinap_lenrek
@ 2014-08-16 10:41 ` arisawa
2014-08-16 22:07 ` arisawa
0 siblings, 1 reply; 7+ messages in thread
From: arisawa @ 2014-08-16 10:41 UTC (permalink / raw)
To: 9front
Hello cinap,
sorry, some lines in 9p2.c have slipped off when I updated cwfs.
static int
fs_open(Chan* chan, Fcall* f, Fcall* r)
{
Iobuf *p;
Dentry *d;
File *file;
Tlock *t;
Qid qid;
int error, ro, fmod, wok;
wok = 0;
p = nil;
if(chan == cons.chan || writeallow)
wok = 1;
if((file = filep(chan, f->fid, 0)) == nil){
error = Efid;
goto out;
}
if(file->open != 0){
error = Emode;
goto out;
}
+ if(allowed && (allowed == file->uid)){
+ if(chatty > 1)
+ fprint(2, "fs_open: chan=%s who=%s uid=%d\n",
+ chan->whochan, chan->whoname, file->uid);
+ wok = 1;
+ }
you write much better codes than I.
I'll leave it up to you.
Kenji Arisawa
2014/08/11 5:40、cinap_lenrek@felloff.net のメール:
> thanks! this is a good idea. just commited the change but also
> used the opportunity to unify the permission override code to
> get rid of wstatallow flag and all the extra code in the callers
> of iaccess().
>
> --
> cinap
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [9front] a consideration on cwfs
2014-08-16 10:41 ` arisawa
@ 2014-08-16 22:07 ` arisawa
2014-08-16 23:02 ` cinap_lenrek
0 siblings, 1 reply; 7+ messages in thread
From: arisawa @ 2014-08-16 22:07 UTC (permalink / raw)
To: 9front
Hello cinap,
sorry again. another slip off in sub.c
int
iaccess(File *f, Dentry *d, int m)
{
...
/*
* various forms of superuser
*/
if(wstatallow)
return 0;
+ if(allowed && allowed == f->uid) //Kenar
+ return 0;
if(duallow != 0 && duallow == f->uid)
if((d->mode & DDIR) && (m == DREAD || m == DEXEC))
return 0;
return 1;
}
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [9front] a consideration on cwfs
2014-08-16 22:07 ` arisawa
@ 2014-08-16 23:02 ` cinap_lenrek
2014-08-17 0:19 ` arisawa
0 siblings, 1 reply; 7+ messages in thread
From: cinap_lenrek @ 2014-08-16 23:02 UTC (permalink / raw)
To: 9front
what do you mean? i'm not doing it like that.
i defined a function:
int
isallowed(File *f)
{
if(f->cp == cons.chan)
return 1;
switch(allowed){
case 0:
return 0;
case -1:
return 1;
default:
return f->uid == allowed;
}
}
which is used both in iaccess() (see last line)
and 9p1.c and 9p2.c to handle wstat. i didnt
want to spread this godmode logic all over the
place but have just *one* place for it. you
see, this function also handles direct commands
from the console (f->cp == cons.chan) and
"allow all" (allow == -1) (for backwards compatibility
with the uid-less "allow" console command).
--
cinap
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [9front] a consideration on cwfs
2014-08-16 23:02 ` cinap_lenrek
@ 2014-08-17 0:19 ` arisawa
0 siblings, 0 replies; 7+ messages in thread
From: arisawa @ 2014-08-17 0:19 UTC (permalink / raw)
To: 9front
sorry I have not looked your changes.
I did hg update just now.
I will try.
my mail is about my cwfs.
Kenji Arisawa
On 2014/08/17, at 8:02, cinap_lenrek@felloff.net wrote:
> what do you mean? i'm not doing it like that.
> i defined a function:
>
> int
> isallowed(File *f)
> {
> if(f->cp == cons.chan)
> return 1;
> switch(allowed){
> case 0:
> return 0;
> case -1:
> return 1;
> default:
> return f->uid == allowed;
> }
> }
>
> which is used both in iaccess() (see last line)
> and 9p1.c and 9p2.c to handle wstat. i didnt
> want to spread this godmode logic all over the
> place but have just *one* place for it. you
> see, this function also handles direct commands
> from the console (f->cp == cons.chan) and
> "allow all" (allow == -1) (for backwards compatibility
> with the uid-less "allow" console command).
>
> --
> cinap
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2014-08-17 0:19 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-08-10 11:53 a consideration on cwfs Kenji Arisawa
2014-08-10 14:01 ` [9front] " cinap_lenrek
2014-08-10 20:40 ` cinap_lenrek
2014-08-16 10:41 ` arisawa
2014-08-16 22:07 ` arisawa
2014-08-16 23:02 ` cinap_lenrek
2014-08-17 0:19 ` arisawa
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).