Fuse (and sshfs) support for OpenBSD

Tue, 05 Mar 2013 04:44:15 -0800 

Hi tech@

I send you this mail because a few months ago I tried to dabble with fuse
filesystem and OpenBSD. After some time working on this subject I have
succeeded to create something that works. It is not even near to be perfect
but with some changes and adaptions I think it could do the job.

In order to use these patches you will need to follow this procedure:

* apply the ports patch :
    root # cd /usr/ports
    root # ftp http://www.pmbsd.org/patch-fuse-ports
    root # patch -p0 < patch-fuse-ports

* apply the src patch
    root # cd /usr/src
    root # ftp http://www.pmbsd.org/patch-fuse-src
    root # patch -p0 < patch-fuse-src

* upgrade your system mount.h
    root # cp /usr/src/sys/sys/mount.h /usr/include/sys/mount.h

* compile all mount and umount binaries
    root # cd /usr/src/sbin/mount && make && make install
    root # cd /usr/src/sbin/mount_ffs && make && make install
    root # cd /usr/src/sbin/mount_fusefs && make && make install (there are
warning for a missing manpage)
      ...
    root # cd /usr/src/sbin/umount && make && make install

* build a new kernel
    root # cd /usr/src/sys/arch/i386/conf
    root # config GENERIC
    root # cd ../compile/GENERIC
    root # make && make install

* update MAKEDEV script and launch it to create the fuse device
    root # cd /dev
    root # ftp http://www.pmbsd.org/patch-fuse-MAKEDEV
    root # patch MAKEDEV < patch-fuse-MAKEDEV
    root # ./MAKEDEV
    root # ./MAKEDEV fuse

* install devel/fuse and sysutils/sshfs-fuse packages
   root # cd /usr/ports/devel/fuse && make && make install
   root # cd /usr/ports/sysutils/sshfs-fuse && make && make install

* reboot and try sshfs
   root # reboot
   root # sshfs s...@pmbsd.org:/home/syl/code /mnt
   root # ls /mnt


As I said before, this is not perfect... There are some outstanding
features to implement and bugs or architectural mistakes to solve...

There is some work to do to implement these missing vnops and vfs features :

  * vptof
  * fhtovp
  * checkexp
  * sysctl
  * strategy
  * fsync
  * symlink
  * rename vnop
  * you could only mount one filesystem at once.

I think some security improvement could be done on these patches like :
- fix some panics and tsleep hole that could produce DoS...
- allow the use of fuse with a securelevel equal to -1...
- other security stuff that I'm surely missing :)

I will not explain all the fuse protocol in this mail but if you want
information on how it works I will answer your questions in a private mail.

If you have any questions about these patches or want me to change or
rework something in this code I will be happy to do it.

Thanks for your time,

Cheers,

-- 
Sylvestre Gallon

Reply via email to