On Fri, Oct 12, 2001 at 05:12:12AM -0400, Roland McGrath wrote: > I think I disagree with all of your conclusions
Only because you thought of io_restrict_auth, and we didn't :-P I am very glad to hear that there is a solution. > So, > use io_restrict_auth to get a port to the writable underlying directory on > the user's behalf, and make dir_mkdir or file-creating dir_lookup calls on > that port. However, this assumes that shadowfs always has at least the permissions of the user. If for example root wants to create a directory, he can not do it through shadowfs if it runs as a user, he will not be able to do it through shadowfs, right? Not that this is a big problem, as root is always able to get at the underlying filesystems (at least theoretically). Hmmm. Can you ever use shadowfs as a bootstrap filesystem for a new (sub) Hurd? It seems that then two different auth servers come into play here (the one shadowfs is authenticated to for accesses to the underlyng filesystems in the other Hurd, and the one in the new Hurd the user of shadowfs is authenticated to). Certainly Hurd-to-Hurd communication will turn out to be a very interesting subject! (Maybe this is where Thomas' collectives come into the game, but I am drifting off). > > 1) it would mean that in every looked up virtual directory node in > > shadowfs, the according path would have to be stored. This is not > > nice. (An alternative to storing the path in every node would be to > > automatically create the directories on the writable filesystem as > > they are successfully looked up. Then the creation of whole > > directory hierarchies wouldn't be needed.) > > >From a little experimentation, creating all the directories on read-only > lookups seems to be what BSD does. Seems a little iffy to me, but if it's > ok for them I guess it's not so bad. This is not too bad. [...] > That is, each virtual directory has a cached port if the underlying > directory has been created or an existing one used, and if there is no > cached port you get your dotdot's port and do the lookup and dir_mkdir as > necessary. But with what name, the name it was looked up under? I am worried about things like renaming middle-directories between the lookup and the mkdir call (worried in a confused way, because thinking about multiple filesystems and multiple users in a shdowfs way always makes me very dizzy). Thanks, Marcus -- `Rhubarb is no Egyptian god.' Debian http://www.debian.org [EMAIL PROTECTED] Marcus Brinkmann GNU http://www.gnu.org [EMAIL PROTECTED] [EMAIL PROTECTED] http://www.marcus-brinkmann.de _______________________________________________ Bug-hurd mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/bug-hurd
