From owner-freebsd-hackers@freebsd.org Wed Mar 14 00:00:04 2018 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 198C8F2C9FE for ; Wed, 14 Mar 2018 00:00:04 +0000 (UTC) (envelope-from nonesuch@longcount.org) Received: from mail-qk0-x235.google.com (mail-qk0-x235.google.com [IPv6:2607:f8b0:400d:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AEACB7D556 for ; Wed, 14 Mar 2018 00:00:03 +0000 (UTC) (envelope-from nonesuch@longcount.org) Received: by mail-qk0-x235.google.com with SMTP id y137so1657634qka.4 for ; Tue, 13 Mar 2018 17:00:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=longcount-org.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=A4AwSKlTV8Y+yBxLSKXR9KGdxY1BuRaYF0yGfSL0XpY=; b=KyZMapPcTBkeh93gxq22j+jQ3buQ174BvN6t2GIKZ6k5msjb33/GGSthdcwKMTk5Ag J/po4ljIT98pob4kd2EHxLq23o8ubT3pUcvSmfqeDqEY5ncGzZ2NBbczrHNN2zZ6CYFq lOPqOzsUMPDEx7NpRF9dhSXl57faFhZOC9btosK1z/h3dib3Nt/7WdqLRPTdakVx1/dS CSXPAZ06UidYPn0/HRkOmbl66PHITIl+gOpmM3TsaJNAkGZB7M4cAFT93QsfGL+R35xP 2l5HhylhFQRilzdd1/dKLzgARBKDTIVkV2pm7bipBnSIunGzh8+p41Op53tp2pkrEdmM 7Hwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=A4AwSKlTV8Y+yBxLSKXR9KGdxY1BuRaYF0yGfSL0XpY=; b=U2ShS7gM+tFhimt+rIXzKGP0qyWY2Eb3YMeiak8+sLrPHfPzmyl9lon2cG+ZigZ+Kt xqppZNAmcxUKtlFRVYJ9Pyi8rHE1w+/l4XITI0n6bIb4Iu/dJ30YOOkkQWtndDXOVmm3 cdPbdcymbauRVdCCnzDDW3m0Hky/A1w5F2Ea2rJkgWIVyn8Aar+L3/KH3uMdNyUJRic6 A5wxnqUI3h00q24JWE35XhWPA/wFAF1nXC9nKBSlm+kUS8+Nl84SVWcaRUM7QaDDDc3P eVDgM32PadVn7u5FaZEZdul6UUgpmtMly/KccfCj7GdqsD0JVCGvgduLUGTfq49W5x9V 3+PA== X-Gm-Message-State: AElRT7H+fyBUTAhJsYXzPpn4Jzmo3I39DUnd2ytkleN5CoZe2qVdsUtm uMKnY41Y76nj0lA29cXp5gUBwDM6atA= X-Google-Smtp-Source: AG47ELvpsZny1XzZHBbhI8BoY86hfbCCyzxIIPiNeq6GnL0fDril8psfmIvkuXhEYynS1Hf1BVvLHg== X-Received: by 10.55.16.135 with SMTP id 7mr3722166qkq.85.1520985602838; Tue, 13 Mar 2018 17:00:02 -0700 (PDT) Received: from [192.168.1.41] (ool-435225e3.dyn.optonline.net. [67.82.37.227]) by smtp.gmail.com with ESMTPSA id f13sm988652qtj.63.2018.03.13.17.00.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Mar 2018 17:00:01 -0700 (PDT) Mime-Version: 1.0 (1.0) Subject: Re: GSoC Idea: per-process filesystem namespaces for FreeBSD From: Mark Saad X-Mailer: iPhone Mail (15D100) In-Reply-To: Date: Tue, 13 Mar 2018 20:00:00 -0400 Cc: "freebsd-hackers@freebsd.org" , Kristoffer Eriksson , Theron Message-Id: References: <201803132055.aa28780@berenice.pkmab.se> To: Warner Losh Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Mar 2018 00:00:04 -0000 > On Mar 13, 2018, at 7:16 PM, Warner Losh wrote: >=20 >=20 >=20 >> On Tue, Mar 13, 2018 at 4:31 PM, Mark Saad wrote= : >>=20 >>> On Mar 13, 2018, at 5:43 PM, Warner Losh wrote: >>>=20 >>>> On Tue, Mar 13, 2018 at 1:55 PM, Kristoffer Eriksson wro= te: >>>>=20 >>>>=20 >>>>> On 13 Mar 2018 12:53:18, Theron wrote: >>>>> For those unfamiliar with Plan9, here is a rough explanation of the >>>>> namespace feature: unlike in Unix, where all processes share the same >>>>> virtual filesystem, each process instead has its own view of the >>>>> filesystem according to what has been mounted ... >>>>=20 >>>> What if I mount a new /etc with a passwd file where root has no >>>> password, and then run "su"? >>>>=20 >>>> (How does Plan9 handle that?) >>>>=20 >>>=20 >>> Plan9 handles that by having a daemon that does user authentication. It'= s >>> actually more complicated than that, but the machine owner has control o= ver >>> who can do what. For this to work in FreeBSD, either we'd need to disall= ow >>> the 'file' type for passwd, or we'd have to do something sensible with >>> setuid programs. Well, maybe not 'or' but 'and' since the security of >>> setuid programs depends on the security of the filesystem.... Plan 9 >>> doesn't have these complications, so it can offer a user malleable >>> filesystem without security risk. >>>=20 >>> Warner >>=20 >> A kind of related task; FreeBSD could benefit from : Fixing and improvi= ng unionfs / nullfs. There are some weird issues with the current unionfs an= d while it works in many cases there are some edge cases where the comments a= re something like =E2=80=9C FreeBSD needs a proper stacking vfs ...=E2=80=9D= the examples I can think of ; imagine you have a jail , chroot or even a P= xe booted system where you want a a read only null mount from the hosts /bin= to the targets /bin . Now expand that to most of the base system and the mo= unt tmpfs=E2=80=99s for /tep /var/log etc. most of that works but try to un= mount it in the wrong order or thrash a unionfs with lots of writes ,on top o= f a tmpfs and things break .=20 >> So to be clear the project would be to better document the various uses o= f unionfs and nullfs that work , for the ones that do not diving into the st= acking vfs and seeing if it could be implemented and if it would help .=20 >>=20 >> Alternatively making FreeBSD multiboot compliant would rock . This would a= llow FreeBSD to natively boot from ipxe or syslinux derivates; thus allowing= you to boot a working FreeBSD install via a kernel and mfsroot image off a w= eb server . >=20 > There appears to already be a multiboot.c in the bootloader. I've been tol= d by others in the past it just works... >=20 > Warner I am going down the rabbit hole to see how it works . However I still think the unionfs / nullfs work I mentioned before would be a= good project related to the plan9 idea in some ways .=20 --- Mark Saad | nonesuch@longcount.org=