ref: 121accd306fec1870a6e06a04916bc938fa61118
parent: 5a8080ba42efa1fe75d286fec5e94b7aa004959d
author: Ori Bernstein <ori@eigenstate.org>
date: Mon Apr 17 13:06:46 EDT 2023
fs: add permissive mode, remove '-u', and slim user list Forcing to a specific user id has always been a hack; having a permissive mode that can be used to allow all file system setup seems like a better start.
--- a/cons.c
+++ b/cons.c
@@ -103,14 +103,13 @@
}
static void
-refreshusers(int fd, char **ap, int na)
+refreshusers(int fd, char **, int)
{
- char *l, *e;
+ char *e;
Tree *t;
- l = (na == 0) ? "main" : ap[0];
- if((t = opensnap(l)) == nil){
- fprint(fd, "load users: no label %s\n", l);
+ if((t = opensnap("adm")) == nil){
+ fprint(fd, "load users: missing 'adm'\n");
return;
}
e = loadusers(fd, t);
@@ -233,6 +232,18 @@
}
static void
+permflip(int fd, char **ap, int)
+{
+ if(strcmp(ap[0], "on") == 0)
+ permissive = 0;
+ else if(strcmp(ap[0], "off") == 0)
+ permissive = 1;
+ else
+ fprint(fd, "unknown permissive mode %s\n", ap[0]);
+ fprint(fd, "permission checking: %d → %d\n", !permissive, permissive);
+}
+
+static void
help(int fd, char**, int)
{
char *msg =
@@ -246,6 +257,8 @@
" run a consistency check on the file system\n"
"users\n"
" reload user table from /adm/users in the main snap\n"
+ "disallow\n"
+ " turn off permissive mode\n"
"show\n"
" show debug debug information, the following dumps\n"
" are supported:\n"
@@ -272,6 +285,7 @@
{.name="halt", .sub=nil, .minarg=0, .maxarg=0, .fn=haltfs},
{.name="snap", .sub=nil, .minarg=2, .maxarg=2, .fn=snapfs},
{.name="check", .sub=nil, .minarg=0, .maxarg=0, .fn=fsckfs},
+ {.name="perm", .sub=nil, .minarg=1, .maxarg=1, .fn=permflip},
{.name="help", .sub=nil, .minarg=0, .maxarg=0, .fn=help},
{.name="df", .sub=nil, .minarg=0, .maxarg=0, .fn=showdf},
{.name="users", .sub=nil, .minarg=0, .maxarg=1, .fn=refreshusers},
--- a/fns.h
+++ b/fns.h
@@ -9,7 +9,7 @@
extern Gefs* fs;
extern int debug;
-extern char* forceuser;
+extern int permissive;
#define UNPACK8(p) (((uchar*)(p))[0])
#define UNPACK16(p) ((((uchar*)(p))[0]<<8)|(((uchar*)(p))[1]))
--- a/fs.c
+++ b/fs.c
@@ -852,7 +852,13 @@
}
rlock(&fs->userlk);
- n = (forceuser == nil) ? m->uname : forceuser;
+ n = m->uname;
+ /*
+ * to allow people to add themselves to the user file,
+ * we need to force the user id to one that exists.
+ */
+ if(permissive && strcmp(m->aname, "adm") == 0)
+ n = "adm";
if((u = name2user(n)) == nil){
runlock(&fs->userlk);
rerror(m, Enouser);
@@ -1251,15 +1257,16 @@
}
}
if(op & (Owmode|Owmtime)){
- if(f->uid != de->uid && !groupleader(f->uid, de->gid)){
+ if(!permissive && f->uid != de->uid && !groupleader(f->uid, de->gid)){
rerror(m, Ewstato);
goto Out;
}
}
if(op & Owuid){
- /* FIXME: should allow during bootstrapping */
- rerror(m, Ewstatu);
- goto Out;
+ if(!permissive){
+ rerror(m, Ewstatu);
+ goto Out;
+ }
}
if(op & Owgid){
if(!(f->uid == de->uid && ingroup(f->uid, n.gid))
--- a/main.c
+++ b/main.c
@@ -14,15 +14,16 @@
int stdio;
int noauth;
int nproc;
-char *forceuser;
+int permissive;
char *srvname = "gefs";
char *dev;
vlong cachesz = 512*MiB;
+Blk *blkbuf;
static void
initfs(vlong cachesz)
{
- Blk *b, *buf;
+ Blk *b;
if((fs = mallocz(sizeof(Gefs), 1)) == nil)
sysfatal("malloc: %r");
@@ -43,11 +44,10 @@
if((fs->dlcache = mallocz(fs->dlcmax*sizeof(Dlist*), 1)) == nil)
sysfatal("malloc: %r");
- /* leave room for corruption check magic */
- buf = sbrk(fs->cmax * sizeof(Blk));
- if(buf == (void*)-1)
+ blkbuf = sbrk(fs->cmax * sizeof(Blk));
+ if(blkbuf == (void*)-1)
sysfatal("sbrk: %r");
- for(b = buf; b != buf+fs->cmax; b++){
+ for(b = blkbuf; b != blkbuf+fs->cmax; b++){
b->bp.addr = -1;
b->bp.hash = -1;
b->magic = Magic;
@@ -163,8 +163,8 @@
case 'A':
noauth = 1;
break;
- case 'u':
- forceuser = EARGF(usage());
+ case 'S':
+ permissive = 1;
break;
case 'f':
dev = EARGF(usage());
--- a/ream.c
+++ b/ream.c
@@ -14,16 +14,8 @@
};
char *defaultusers =
- "-1:adm::glenda\n"
- "0:none::\n"
- "1:tor:tor:\n"
- "2:glenda:glenda:\n"
- "10000:sys::\n"
- "10001:map:map:\n"
- "10002:doc::\n"
- "10003:upas:upas:\n"
- "10004:font::\n"
- "10005:bootes:bootes:\n";
+ "-1:adm::\n"
+ "0:none::\n";
static void
fillxdir(Xdir *d, vlong qid, char *name, int type, int mode)
--- /dev/null
+++ b/test/mkgefs.rc
@@ -1,0 +1,20 @@
+#!/bin/rc
+
+@{cd .. && mk all}
+../6.out -r -f $1
+../6.out -n gefs.test -A -m 1024 -f $1
+
+echo perm off >> /srv/gefs.test.cmd
+mount -c /srv/gefs.test /n/gefs.adm adm
+echo '-1:adm::glenda,'$user'
+0:none::
+1:tor:tor:
+2:glenda:glenda:
+3:'$user':'$user':
+10000:sys::' > /n/gefs.adm/users
+echo perm on >> /srv/gefs.test.cmd
+echo sync >> /srv/gefs.test.cmd
+sleep 1
+echo users >> /srv/gefs.test.cmd
+
+mount -c /srv/gefs.test /n/gefs