Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src - Do not checkfor peer credentials when perfused is autostar...
details: https://anonhg.NetBSD.org/src/rev/e9af42396cb0
branches: trunk
changeset: 757598:e9af42396cb0
user: manu <manu%NetBSD.org@localhost>
date: Tue Sep 07 02:11:04 2010 +0000
description:
- Do not checkfor peer credentials when perfused is autostarted and
therefore runs with filesystem privileges
- shut up warnings and debug messages when perfused is autostarted
- make perfused patch modifiable with CFLAGS for easier pkgsrc integration
- Fix build warnings
diffstat:
lib/libperfuse/ops.c | 4 ++-
lib/libperfuse/perfuse.c | 46 ++++++++++++--------------------------
lib/libperfuse/perfuse_if.h | 6 +++-
usr.sbin/perfused/msg.c | 4 +-
usr.sbin/perfused/perfused.c | 51 +++++++++++++++++++++++++++++--------------
5 files changed, 58 insertions(+), 53 deletions(-)
diffs (truncated from 317 to 300 lines):
diff -r ea899853df4a -r e9af42396cb0 lib/libperfuse/ops.c
--- a/lib/libperfuse/ops.c Tue Sep 07 00:25:37 2010 +0000
+++ b/lib/libperfuse/ops.c Tue Sep 07 02:11:04 2010 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ops.c,v 1.11 2010/09/06 01:40:24 manu Exp $ */
+/* $NetBSD: ops.c,v 1.12 2010/09/07 02:11:04 manu Exp $ */
/*-
* Copyright (c) 2010 Emmanuel Dreyfus. All rights reserved.
@@ -41,6 +41,8 @@
#include "perfuse_priv.h"
#include "fuse.h"
+extern int perfuse_diagflags;
+
static int node_close_common(struct puffs_usermount *, puffs_cookie_t, int);
static int no_access(puffs_cookie_t, const struct puffs_cred *, mode_t);
static void fuse_attr_to_vap(struct perfuse_state *,
diff -r ea899853df4a -r e9af42396cb0 lib/libperfuse/perfuse.c
--- a/lib/libperfuse/perfuse.c Tue Sep 07 00:25:37 2010 +0000
+++ b/lib/libperfuse/perfuse.c Tue Sep 07 02:11:04 2010 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: perfuse.c,v 1.4 2010/09/06 01:40:24 manu Exp $ */
+/* $NetBSD: perfuse.c,v 1.5 2010/09/07 02:11:04 manu Exp $ */
/*-
* Copyright (c) 2010 Emmanuel Dreyfus. All rights reserved.
@@ -115,8 +115,7 @@
if ((sv[0] = socket(PF_LOCAL, SOCK_STREAM, 0)) == -1) {
#ifdef PERFUSE_DEBUG
- printf("%s:%d socket failed: %s\n",
- __func__, __LINE__, strerror(errno));
+ DWARN("%s:%d socket failed: %s", __func__, __LINE__);
#endif
return -1;
}
@@ -138,8 +137,7 @@
*/
if (socketpair(PF_LOCAL, SOCK_STREAM, 0, sv) != 0) {
#ifdef PERFUSE_DEBUG
- printf("%s:%d: socketpair failed: %s\n",
- __func__, __LINE__, strerror(errno));
+ DWARN("%s:%d: socketpair failed", __func__, __LINE__);
#endif
return -1;
}
@@ -149,8 +147,7 @@
switch(fork()) {
case -1:
#ifdef PERFUSE_DEBUG
- printf("%s:%d: fork failed: %s\n",
- __func__, __LINE__, strerror(errno));
+ DWARN("%s:%d: fork failed", __func__, __LINE__);
#endif
return -1;
/* NOTREACHED */
@@ -158,8 +155,7 @@
case 0:
(void)execve(argv[0], argv, envp);
#ifdef PERFUSE_DEBUG
- printf("%s:%d: execve failed: %s\n",
- __func__, __LINE__, strerror(errno));
+ DWARN("%s:%d: execve failed", __func__, __LINE__);
#endif
return -1;
/* NOTREACHED */
@@ -181,32 +177,19 @@
const void *data;
{
int s;
-#if 0
- struct sockaddr_un sun;
-#endif
size_t len;
struct perfuse_mount_out pmo;
#ifdef PERFUSE_DEBUG
- printf("%s(\"%s\", \"%s\", \"%s\", 0x%lx, \"%s\")\n", __func__,
- source, target, filesystemtype, mountflags, (const char *)data);
+ if (perfuse_diagflags & PDF_MISC)
+ DPRINTF("%s(\"%s\", \"%s\", \"%s\", 0x%lx, \"%s\")\n",
+ __func__, source, target, filesystemtype,
+ mountflags, (const char *)data);
#endif
-#if 0
- if ((s = socket(PF_LOCAL, SOCK_STREAM, 0)) == -1)
- err(EX_OSERR, "socket failed");
-
- sun.sun_len = sizeof(sun);
- sun.sun_family = AF_LOCAL;
- (void)strcpy(sun.sun_path, _PATH_FUSE);
-
- if (connect(s, (struct sockaddr *)&sun, sun.sun_len) == -1)
- err(EX_UNAVAILABLE, "cannot connect to \"%s\"", _PATH_FUSE);
-#endif
if ((s = get_fd(data)) == -1)
return -1;
-
pmo.pmo_len = sizeof(pmo);
pmo.pmo_len += source ? (uint32_t)strlen(source) : 0;
pmo.pmo_len += target ? (uint32_t)strlen(target) : 0;
@@ -226,7 +209,8 @@
if (write(s, &pmo, sizeof(pmo)) != sizeof(pmo)) {
#ifdef PERFUSE_DEBUG
- printf("%s:%d short write\n", __func__, __LINE__);
+ if (perfuse_diagflags & PDF_MISC)
+ DPRINTF("%s:%d short write\n", __func__, __LINE__);
#endif
return -1;
}
@@ -235,7 +219,7 @@
len = pmo.pmo_source_len;
if (write(s, source, len) != (ssize_t)len) {
#ifdef PERFUSE_DEBUG
- printf("%s:%d short write\n", __func__, __LINE__);
+ DWARNX("%s:%d short write\n", __func__, __LINE__);
#endif
return -1;
}
@@ -245,7 +229,7 @@
len = pmo.pmo_target_len;
if (write(s, target, len) != (ssize_t)len) {
#ifdef PERFUSE_DEBUG
- printf("%s:%d short write\n", __func__, __LINE__);
+ DWARNX("%s:%d short write\n", __func__, __LINE__);
#endif
return -1;
}
@@ -255,7 +239,7 @@
len = pmo.pmo_filesystemtype_len;
if (write(s, filesystemtype, len) != (ssize_t)len) {
#ifdef PERFUSE_DEBUG
- printf("%s:%d short write\n", __func__, __LINE__);
+ DWARNX("%s:%d short write\n", __func__, __LINE__);
#endif
return -1;
}
@@ -265,7 +249,7 @@
len = pmo.pmo_data_len;
if (write(s, data, len) != (ssize_t)len) {
#ifdef PERFUSE_DEBUG
- printf("%s:%d short write\n", __func__, __LINE__);
+ DWARNX("%s:%d short write\n", __func__, __LINE__);
#endif
return -1;
}
diff -r ea899853df4a -r e9af42396cb0 lib/libperfuse/perfuse_if.h
--- a/lib/libperfuse/perfuse_if.h Tue Sep 07 00:25:37 2010 +0000
+++ b/lib/libperfuse/perfuse_if.h Tue Sep 07 02:11:04 2010 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: perfuse_if.h,v 1.6 2010/09/06 01:40:24 manu Exp $ */
+/* $NetBSD: perfuse_if.h,v 1.7 2010/09/07 02:11:04 manu Exp $ */
/*-
* Copyright (c) 2010 Emmanuel Dreyfus. All rights reserved.
@@ -28,8 +28,10 @@
#ifndef _REFUSE_PERFUSE_H
#define _REFUSE_PERFUSE_H
+#ifndef _PATH_PERFUSED
+#define _PATH_PERFUSED "/usr/sbin/perfused"
+#endif /* _PATH_PERFUSED */
#define _PATH_FUSE "/dev/fuse"
-#define _PATH_PERFUSED "/usr/sbin/perfused"
#define FUSE_COMMFD_ENV "_FUSE_COMMFD"
#define PERFUSE_MOUNT_MAGIC "noFuseRq"
#define PERFUSE_UNKNOWN_INO 0xffffffff
diff -r ea899853df4a -r e9af42396cb0 usr.sbin/perfused/msg.c
--- a/usr.sbin/perfused/msg.c Tue Sep 07 00:25:37 2010 +0000
+++ b/usr.sbin/perfused/msg.c Tue Sep 07 02:11:04 2010 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.c,v 1.4 2010/09/06 01:40:24 manu Exp $ */
+/* $NetBSD: msg.c,v 1.5 2010/09/07 02:11:04 manu Exp $ */
/*-
* Copyright (c) 2010 Emmanuel Dreyfus. All rights reserved.
@@ -87,7 +87,7 @@
if ((buf = malloc(len + 1)) == NULL)
err(EX_OSERR, "malloc(%zd) failed", len);
- if (read(fd, buf, len) != len) {
+ if (read(fd, buf, len) != (ssize_t)len) {
DWARN("short read");
return NULL;
}
diff -r ea899853df4a -r e9af42396cb0 usr.sbin/perfused/perfused.c
--- a/usr.sbin/perfused/perfused.c Tue Sep 07 00:25:37 2010 +0000
+++ b/usr.sbin/perfused/perfused.c Tue Sep 07 02:11:04 2010 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: perfused.c,v 1.6 2010/09/06 13:15:29 wiz Exp $ */
+/* $NetBSD: perfused.c,v 1.7 2010/09/07 02:11:04 manu Exp $ */
/*-
* Copyright (c) 2010 Emmanuel Dreyfus. All rights reserved.
@@ -52,13 +52,19 @@
static int getpeerid(int, pid_t *, uid_t *, gid_t *);
static int access_mount(const char *, uid_t, int);
-static void new_mount(int);
+static void new_mount(int, int);
static int parse_debug(char *);
static void siginfo_handler(int);
static int parse_options(int, char **);
static void get_mount_info(int, struct perfuse_mount_info *);
int main(int, char **);
+/*
+ * Flags for new_mount()
+ */
+#define PMNT_DEVFUSE 0x0 /* We use /dev/fuse */
+#define PMNT_SOCKPAIR 0x1 /* We use socketpair */
+
static int
getpeerid(s, pidp, uidp, gidp)
@@ -137,12 +143,12 @@
}
#ifdef PERFUSE_DEBUG
- DPRINTF("perfuse lengths: source = %"PRId32", target = %"PRId32", "
- "filesystemtype = %"PRId32", data = %"PRId32"\n",
- pmo->pmo_source_len,
- pmo->pmo_target_len,
- pmo->pmo_filesystemtype_len,
- pmo->pmo_data_len);
+ if (perfuse_diagflags & PDF_MISC)
+ DPRINTF("perfuse lengths: source = %"PRId32", "
+ "target = %"PRId32", filesystemtype = %"PRId32", "
+ "data = %"PRId32"\n", pmo->pmo_source_len,
+ pmo->pmo_target_len, pmo->pmo_filesystemtype_len,
+ pmo->pmo_data_len);
#endif
len = pmo->pmo_source_len;
source = perfuse_recv_early(fd, len);
@@ -159,8 +165,10 @@
data = perfuse_recv_early(fd, len);
#ifdef PERFUSE_DEBUG
- DPRINTF("%s(\"%s\", \"%s\", \"%s\", 0x%lx, \"%s\")\n", __func__,
- source, target, filesystemtype, mountflags, (const char *)data);
+ if (perfuse_diagflags & PDF_MISC)
+ DPRINTF("%s(\"%s\", \"%s\", \"%s\", 0x%lx, \"%s\")\n",
+ __func__, source, target, filesystemtype,
+ mountflags, (const char *)data);
#endif
pmi->pmi_source = source;
pmi->pmi_target = target;
@@ -172,8 +180,9 @@
}
static void
-new_mount(fd)
+new_mount(fd, pmnt_flags)
int fd;
+ int pmnt_flags;
{
struct puffs_usermount *pu;
struct perfuse_mount_info pmi;
@@ -202,17 +211,24 @@
get_mount_info(fd, &pmi);
/*
- * Get peer identity
+ * Get peer identity. If we use socketpair (-i option),
+ * peer identity if the same as us.
*/
- if (getpeerid(fd, NULL, &pmi.pmi_uid, NULL) != 0)
- DWARNX("Unable to retrieve peer identity");
+ if (pmnt_flags & PMNT_SOCKPAIR) {
+ pmi.pmi_uid = getuid();
+ } else {
+ if (getpeerid(fd, NULL, &pmi.pmi_uid, NULL) != 0) {
+ DWARNX("Unable to retreive peer identity");
+ pmi.pmi_uid = (uid_t)-1;
+ }
+ }
/*
* Check that peer owns mountpoint and read (and write) on it?
*/
ro_flag = pmi.pmi_mountflags & MNT_RDONLY;
if (access_mount(pmi.pmi_target, pmi.pmi_uid, ro_flag) != 0)
- DERRX(EX_NOPERM, "insufficient privileges to mount %s",
+ DERRX(EX_NOPERM, "insuficient privileges to mount on %s",
pmi.pmi_target);
@@ -337,6 +353,7 @@
break;
case 'f':
foreground = 1;
+ perfuse_diagflags |= PDF_MISC;
break;
case 'i':
retval = atoi(optarg);
@@ -371,7 +388,7 @@
Home |
Main Index |
Thread Index |
Old Index