diff options
| -rw-r--r-- | CHANGES | 4 | ||||
| -rw-r--r-- | appl/lib/newns.b | 27 | ||||
| -rw-r--r-- | dis/lib/newns.dis | bin | 7041 -> 7454 bytes | |||
| -rw-r--r-- | include/version.h | 2 | ||||
| -rw-r--r-- | man/2/INDEX | 1 | ||||
| -rw-r--r-- | man/2/newns | 21 | ||||
| -rw-r--r-- | module/newns.m | 5 |
7 files changed, 52 insertions, 8 deletions
@@ -1,3 +1,7 @@ +20080111 + add newuser to newns(2) +20080109 + Sys->iounit should accept any valid file descriptor, not just ORDWR 20071227 add styxflush(2) etc. add NetBSD, emu/NetBSD diff --git a/appl/lib/newns.b b/appl/lib/newns.b index c0868b3c..2dc7025d 100644 --- a/appl/lib/newns.b +++ b/appl/lib/newns.b @@ -272,7 +272,8 @@ mount(argv: list of string, facfd: ref Sys->FD): string return ig(r, sys->sprint("cannot load %s: %r", Factotum->PATH)); factotum->init(); afd := sys->fauth(fd, spec); - ai := factotum->proxy(afd, facfd, "proto=p9any role=client"); # TO DO: something with ai + if(afd != nil) + factotum->proxy(afd, facfd, "proto=p9any role=client"); # ignore result; if it fails, mount will fail if(sys->mount(fd, afd, dir, r.flags, spec) < 0) return ig(r, sys->sprint("mount %q %q: %r", addr, dir)); return nil; @@ -351,7 +352,8 @@ import9(argv: list of string, facfd: ref Sys->FD): string } # TO DO: new style: impo aan|nofilter clear|ssl|tls\n afd := sys->fauth(fd, ""); - ai := factotum->proxy(afd, facfd, "proto=p9any role=client"); # TO DO: something with ai + if(afd != nil) + factotum->proxy(afd, facfd, "proto=p9any role=client"); if(sys->mount(fd, afd, dir, r.flags, "") < 0) return ig(r, sys->sprint("import %q %q: %r", addr, dir)); return nil; @@ -440,3 +442,24 @@ netmkaddr(addr, net, svc: string): string return addr; return sys->sprint("%s!%s", addr, svc); } + +newuser(user: string, cap: string, nsfile: string): string +{ + if(cap == nil) + return "no capability"; + + sys = load Sys Sys->PATH; + fd := sys->open("#¤/capuse", Sys->OWRITE); + if(fd == nil) + return sys->sprint("opening #¤/capuse: %r"); + + b := array of byte cap; + if(sys->write(fd, b, len b) < 0) + return sys->sprint("writing %s to #¤/capuse: %r", cap); + + # mount factotum as new user (probably unhelpful if not factotum owner) + sys->unmount(nil, "/mnt/factotum"); + sys->bind("#sfactotum", "/mnt/factotum", Sys->MREPL); + + return newns(user, nsfile); +} diff --git a/dis/lib/newns.dis b/dis/lib/newns.dis Binary files differindex 9d9a03cb..eaed2b2e 100644 --- a/dis/lib/newns.dis +++ b/dis/lib/newns.dis diff --git a/include/version.h b/include/version.h index 60a285ba..d5b076bf 100644 --- a/include/version.h +++ b/include/version.h @@ -1 +1 @@ -#define VERSION "Fourth Edition (20080109)" +#define VERSION "Fourth Edition (20080111)" diff --git a/man/2/INDEX b/man/2/INDEX index 3e4da75b..8e1c43ca 100644 --- a/man/2/INDEX +++ b/man/2/INDEX @@ -277,6 +277,7 @@ pathname names relative names rooted names newns newns +newuser newns categories palmfile dbinfo palmfile doc palmfile diff --git a/man/2/newns b/man/2/newns index 4b151558..46456617 100644 --- a/man/2/newns +++ b/man/2/newns @@ -1,12 +1,13 @@ .TH NEWNS 2 .SH NAME -newns \- build a new name space from a description file +Newns: newns, newuser \- build a new name space from a description file .SH SYNOPSIS .EX include "newns.m"; ns := load Newns Newns->PATH; -newns: fn(user: string, nsfile: string): string; +newns: fn(user: string, nsfile: string): string; +newuser: fn(user: string, cap: string, nsfile: string): string; .EE .SH DESCRIPTION .B Newns @@ -23,12 +24,28 @@ or empty, then .B newns attempts to read file the file .BR namespace . +.PP +.B Newuser +uses a capability +.I cap +suitable for +.IR cap (3) +to change the current process's user name to +.IR user , +and uses +.B newns +and +.I nsfile +to build it a new name space. +The capability is typically obtained via +.IR factotum (4). .SH SOURCE .B /appl/lib/newns.b .SH SEE ALSO .IR sys-bind (2), .IR sys-chdir (2), .IR sys-pctl (2), +.IR factotum (4), .IR namespace (6) .SH BUGS The diff --git a/module/newns.m b/module/newns.m index e7c0c23e..e5a16dfb 100644 --- a/module/newns.m +++ b/module/newns.m @@ -1,8 +1,7 @@ Newns: module { PATH: con "/dis/lib/newns.dis"; - # - # Build a new namespace from a description file - # + newns: fn(user: string, nsfile: string): string; + newuser: fn(user: string, cap: string, nsfile: string): string; }; |