Commit Graph

181 Commits

Author SHA1 Message Date
pooka 27eb6005d2 reflect libpuffs change of puffs_access argument unification 2007-03-22 16:59:34 +00:00
pooka 4370dd6320 check puffs_access_{chmod,chown,times} in setattr 2007-03-21 19:56:49 +00:00
pooka 6d03fb0803 add support for permissions and file ownership 2007-03-20 18:30:30 +00:00
pooka 19dd9ef4ee don't shrink file size when writing to the middle of an existing file
(mandatory AsiaBSDCon live commit)
2007-03-11 10:08:37 +00:00
pooka d89ebe7462 * remove rogue header
* better variable name to avoid shadowing global symbol name
2007-02-27 22:03:45 +00:00
agc 7f4005e3b0 Add dbfs, an example (re)fuse file system which mounts a Berkeley
database as a file system.

The file was created in the first place with the following commands:

	cp /etc/passwd infile
	db -E B -w -f infile -F: -C btree bdb.db

and mounted as follows:

	./dbfs bdb.db /mnt

Example use is as follows, using a btree-based database with login
names as the key, and the rest of the passwd file entry as the value:

[21:17:20] agc@inspiron1300 ~ 142 > df -i /mnt
Filesystem        1K-blocks      Used     Avail Capacity  iused    ifree  %iused  Mounted on
puffs:refuse:dbfs        32        32         0   100%        1        0   100%   /mnt
[21:17:25] agc@inspiron1300 ~ 143 > l /mnt
total 2
drwxr-xr-x   2 root  wheel     0 Jan  1  1970 .
drwxr-xr-x  29 root  wheel  1024 Jan 31 21:14 ..
-r--r--r--   1 agc   agc      55 Feb 23 14:49 _pflogd
-r--r--r--   1 agc   agc      50 Feb 23 14:49 _proxy
-r--r--r--   1 agc   agc      46 Feb 23 14:49 _rwhod
-r--r--r--   1 agc   agc      49 Feb 23 14:49 _timedc
-r--r--r--   1 agc   agc      33 Feb 23 14:49 agc
-r--r--r--   1 agc   agc      51 Feb 23 14:49 bin
-r--r--r--   1 agc   agc      40 Feb 23 14:49 daemon
-r--r--r--   1 agc   agc      46 Feb 23 14:49 games
-r--r--r--   1 agc   agc      54 Feb 23 14:49 named
-r--r--r--   1 agc   agc      56 Feb 23 14:49 nobody
-r--r--r--   1 agc   agc      53 Feb 23 14:49 ntpd
-r--r--r--   1 agc   agc      49 Feb 23 14:49 operator
-r--r--r--   1 agc   agc      55 Feb 23 14:49 postfix
-r--r--r--   1 agc   agc      32 Feb 23 14:49 root
-r--r--r--   1 agc   agc      53 Feb 23 14:49 sshd
-r--r--r--   1 agc   agc      43 Feb 23 14:49 toor
-r--r--r--   1 agc   agc      52 Feb 23 14:49 uucp
[21:17:32] agc@inspiron1300 ~ 144 > grep nologin /mnt/*
/mnt/_pflogd:*:18:18:& pseudo-user:/var/chroot/pflogd:/sbin/nologin
/mnt/_proxy:*:21:21:Proxy Services:/nonexistent:/sbin/nologin
/mnt/_rwhod:*:19:19:& pseudo-user:/var/rwho:/sbin/nologin
/mnt/_timedc:*:22:22:& pseudo-user:/nonexistent:/sbin/nologin
/mnt/bin:*:3:7:Binaries Commands and Source:/:/sbin/nologin
/mnt/daemon:*:1:1:The devil himself:/:/sbin/nologin
/mnt/games:*:7:13:& pseudo-user:/usr/games:/sbin/nologin
/mnt/named:*:14:14:& pseudo-user:/var/chroot/named:/sbin/nologin
/mnt/nobody:*:32767:39:Unprivileged user:/nonexistent:/sbin/nologin
/mnt/ntpd:*:15:15:& pseudo-user:/var/chroot/ntpd:/sbin/nologin
/mnt/operator:*:2:5:System &:/usr/guest/operator:/sbin/nologin
/mnt/postfix:*:12:12:& pseudo-user:/var/spool/postfix:/sbin/nologin
/mnt/sshd:*:16:16:& pseudo-user:/var/chroot/sshd:/sbin/nologin
/mnt/uucp:*:66:1:UNIX-to-UNIX Copy:/nonexistent:/sbin/nologin
[21:17:37] agc@inspiron1300 ~ 145 >
2007-02-23 21:26:44 +00:00
pooka 27f51110f8 lookup in-core nodes in readdir() and provide the real inode for
each node.  This makes pwd work.
2007-02-16 16:39:56 +00:00
pooka 34faca38b1 * introduce path comparison method for the sysctl MIB paths
* use puffs_path_walkcmp() instead of a homegrown routine
2007-02-15 17:07:31 +00:00
pooka 3f1bccc16c Use new libpuffs dotdot features to get rid of embedding the directory
hierarchy in the in-memory nodes.  This allows us to easily do
reclaim, since we don't have to worry about reclaiming a node which
has alive children which might want to dotdot lookup later on.
2007-02-15 12:59:22 +00:00
pooka 5f82fb0670 support reclaim 2007-02-15 12:54:52 +00:00
pooka 70d42dbba1 do reclaim 2007-02-15 12:54:24 +00:00
pooka 9c41498b0b PUFFS_ISDOTDOT -> PCNISDOTDOT 2007-02-15 12:52:30 +00:00
gdt 5ff979921c Even though the parent doesn't descend here, it's still convenient to
have a makefile to build the 4 examples at once.
2007-01-30 01:26:58 +00:00
pooka c1b9179682 Avoid doing a ludicrous number of reallocs when the file grows by only
lazy extending the file in setattr and really extending it in write.
2007-01-28 10:47:36 +00:00
pooka f235a8d60c Add very uncorrect "suspend fs if server gets SIGUSR1" test for fs
suspension (hey, it's a test file system after all .... )
2007-01-26 23:02:05 +00:00
elad a78693aa19 Kill KAUTH_PROCESS_RESOURCE and just replace it with two actions for
nice and rlimit.
2007-01-20 16:47:38 +00:00
elad e52ee73ea8 arg0 is always 'struct proc *' for the process scope. 2007-01-15 17:05:01 +00:00
pooka b5da39fea6 Gur Zbba vf Jnavat Perfprag (19% bs Shyy)
Add a little layering experiment, which both exercises the
componentname modification feature of libpuffs and tries to do
layering (just a little too hardcoded for comfort, fow now).  This
simply uses the puffs nullfs to present all data and paths in rot13.
You can even mount it twice for extra fun.
2007-01-15 00:46:29 +00:00
pooka e6ea11c9c0 use new style to indicate rootpath 2007-01-15 00:43:07 +00:00
pooka 9a25a94ef7 adapt to libpuffs changes 2007-01-15 00:41:09 +00:00
pooka 14995912ad use the libpuffs path management routines to help build the sysctl
mib names
2007-01-15 00:40:37 +00:00
pooka dd15744c39 * register fsync operation
* test for -s, which causes no detach (don't need to remember to
  do follow-dances in gdb because of fork() used in daemon())
2007-01-11 17:50:35 +00:00
pooka 764f2241da * initialize pflags properly
* make 'dump' imply 'don't detach'
2007-01-11 11:52:53 +00:00
pooka cf4b2a379f example null file system built on top of the null layer in libpuffs 2007-01-11 01:03:03 +00:00
pooka a67e4ce37f * do mount as a forward operation instead of a callback
* process -o args for mount
2007-01-06 18:25:19 +00:00
elad a75d82b0bc We no longer have 'enum kauth_machdep_req'. 2007-01-05 13:23:22 +00:00
elad a13160f423 Make mount(2) and unmount(2) use kauth(9) for security policy.
Okay yamt@.
2007-01-02 10:47:28 +00:00
pooka d584a8d23a SUSv3 says: should the implementation not support directory unlinking,
unlink shall fail with EPERM and the errno of the failure shall be EPERM
2007-01-01 21:32:12 +00:00
pooka 6a42c9c838 apply wide-angle rotollation beam to match libpuffs changes 2006-12-29 15:37:06 +00:00
pooka fb7890b666 ssshfs is obsoleted by mount_psshfs 2006-12-29 15:36:18 +00:00
elad 504c71d9fe Make machdep scope architecture-agnostic by removing all arch-specific
requests and centralizing them all. The result is that some of these
are not used on some architectures, but the documentation was updated
to reflect that.
2006-12-26 10:43:43 +00:00
elad 3d11477c94 Add requests indicating access to unmanaged memory for arm, pc532, powerpc,
sh3, sh5, and vax, and use them instead of KAUTH_GENERIC_ISSUSER.

Update documentation and example secmodel code.
2006-12-22 11:13:21 +00:00
elad 238ad51d2d - moves 'nice' access semantics to secmodel code,
- makes sysctl_proc_find() just lookup the process,
- use KAUTH_PROCESS_CANSEE requests to determine if the caller is
  allowed to view the target process' corename, stop flags, and
  rlimits,
- use explicit kauth(9) calls with KAUTH_PROCESS_CORENAME,
  KAUTH_REQ_PROCESS_RESOURCE_NICE, KAUTH_REQ_PROCESS_RESOURCE_RLIMIT,
  and KAUTH_PROCESS_STOPFLAG when modifying the aforementioned.
- sync man-page and example skeleton secmodel with reality.

okay yamt@

this is a pullup candidate.
2006-12-14 11:45:08 +00:00
manu 098ea45eb4 New README.plainrsa sample file 2006-12-10 05:52:10 +00:00
pooka fe53828f70 use command line flags to set various options 2006-12-07 22:49:04 +00:00
pooka 7e3489d64a write requires setattr, so do a dummy version to make write here work
again after the checkops kernel changes
2006-12-07 10:59:03 +00:00
pooka fb5e346800 counter-rototill for libpuffs change: unify all callback ops under
a single structure
2006-12-07 10:54:29 +00:00
pooka 44576f90f6 fix IO_APPEND for write 2006-12-05 23:14:13 +00:00
pooka 05b1899256 only count directories in the number of hard links to a directory 2006-12-05 14:32:03 +00:00
pooka 69dbc08863 update flag names 2006-12-01 12:50:52 +00:00
pooka 496f59a99f adapt to flags parameter for puffs_mainloop() 2006-11-30 05:38:54 +00:00
wiz fa34b615d2 Correct spelling of "immediate(ly)". From Zafer. 2006-11-24 21:23:07 +00:00
hubertf 1ee989e6be Don't try to handle symlinks on versions of the SSH File Transfer Protocol
that don't support it, e.g. the Solaris 9/x86 sshd (SSH-2.0-Sun_SSH_1.0;
..._1.1 from Solaris 10/x86 is fine)

OK'd by pooka@
2006-11-23 01:51:15 +00:00
elad 4b316db1d1 Introduce KAUTH_REQ_MACHDEP_{ALPHA,X86}_UNMANAGEDMEM to handle access
to unmanaged memory.

These are the last two securelevel references in the MD code.
2006-11-22 12:12:51 +00:00
pooka 118c65eb6d * update comments
* puffs_nextdent() takes a directory type, not vtype, so translate
  that before calling it.  fixes find & other fts-stuff.
2006-11-21 23:19:45 +00:00
pooka 5676e026f8 * change usage to ssshfs user@host:path mountpath
* assorted little fixes

ssshfs now works for practical uses
2006-11-21 23:09:23 +00:00
pooka 2773d88a59 do better directory link accounting, fix bug in readdir(). find, rm -rf,
etcetc. now work
2006-11-21 15:35:58 +00:00
pooka a9772ae2fb better accounting. e.g. du works now 2006-11-21 13:05:47 +00:00
pooka e7a63c481b don't recache directory listing in all operations that use a directory 2006-11-21 12:42:15 +00:00
pooka 8f2fd4cb28 reclaim needs some more work, so don't do anything there for now.
This is good especially for not crashing in unmount, which in turn
would cause unpleasantries without the very latest & greatest kernel
2006-11-21 02:31:48 +00:00