Re: Shadowfs - some notes

bug-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Shadowfs - some notes

From:	Marcus Brinkmann
Subject:	Re: Shadowfs - some notes
Date:	Fri, 12 Oct 2001 13:36:32 +0200
User-agent:	Mutt/1.3.22i

On Fri, Oct 12, 2001 at 05:12:12AM -0400, Roland McGrath wrote:
> I think I disagree with all of your conclusions

Only because you thought of io_restrict_auth, and we didn't :-P

I am very glad to hear that there is a solution.

> So,
> use io_restrict_auth to get a port to the writable underlying directory on
> the user's behalf, and make dir_mkdir or file-creating dir_lookup calls on
> that port.

However, this assumes that shadowfs always has at least the permissions of
the user.  If for example root wants to create a directory, he can not do it
through shadowfs if it runs as a user, he will not be able to do it through
shadowfs, right?  Not that this is a big problem, as root is always able to
get at the underlying filesystems (at least theoretically).

Hmmm.  Can you ever use shadowfs as a bootstrap filesystem for a new (sub) 
Hurd? 
It seems that then two different auth servers come into play here (the one
shadowfs is authenticated to for accesses to the underlyng filesystems in
the other Hurd, and the one in the new Hurd the user of shadowfs is
authenticated to).  Certainly Hurd-to-Hurd communication will turn out to be
a very interesting subject!  (Maybe this is where Thomas' collectives come
into the game, but I am drifting off).

> > 1) it would mean that in every looked up virtual directory node in
> >    shadowfs, the according path would have to be stored. This is not
> >    nice. (An alternative to storing the path in every node would be to
> >    automatically create the directories on the writable filesystem as
> >    they are successfully looked up. Then the creation of whole
> >    directory hierarchies wouldn't be needed.)
> 
> >From a little experimentation, creating all the directories on read-only
> lookups seems to be what BSD does.  Seems a little iffy to me, but if it's
> ok for them I guess it's not so bad.

This is not too bad.

[...]

> That is, each virtual directory has a cached port if the underlying
> directory has been created or an existing one used, and if there is no
> cached port you get your dotdot's port and do the lookup and dir_mkdir as
> necessary.

But with what name, the name it was looked up under?  I am worried about
things like renaming middle-directories between the lookup and the mkdir
call (worried in a confused way, because thinking about multiple filesystems
and multiple users in a shdowfs way always makes me very dizzy).

Thanks,
Marcus

-- 
`Rhubarb is no Egyptian god.' Debian http://www.debian.org brinkmd@debian.org
Marcus Brinkmann              GNU    http://www.gnu.org    marcus@gnu.org
Marcus.Brinkmann@ruhr-uni-bochum.de
http://www.marcus-brinkmann.de

[Prev in Thread]

Current Thread

[Next in Thread]

Shadowfs - some notes, Moritz Schulte, 2001/10/11
- Re: Shadowfs - some notes, Roland McGrath, 2001/10/12
  - Re: Shadowfs - some notes, Marcus Brinkmann <=
    - Re: Shadowfs - some notes, Roland McGrath, 2001/10/12
  - Re: Shadowfs - some notes, Moritz Schulte, 2001/10/14

Prev by Date: Re: Shadowfs - some notes
Next by Date: Re: PowerPC port
Previous by thread: Re: Shadowfs - some notes
Next by thread: Re: Shadowfs - some notes
Index(es):
- Date
- Thread