Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 29 Nov 2024 16:44:07 +0000
From:      Edward Tomasz Napierala <trasz@freebsd.org>
To:        Konstantin Belousov <kostikbel@gmail.com>
Cc:        src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org
Subject:   Re: git: b165e9e3ea4e - main - Add fchroot(2)
Message-ID:  <Z0nvV5GF33l-EdMz@pustak.ultrahub>
In-Reply-To: <Z0ncu8p149bHqCC_@kib.kiev.ua>
References:  <202411291222.4ATCMG8Y068265@gitrepo.freebsd.org> <Z0ncu8p149bHqCC_@kib.kiev.ua>
index | next in thread | previous in thread | raw e-mail 

On 1129T1724, Konstantin Belousov wrote:
> On Fri, Nov 29, 2024 at 12:22:16PM +0000, Edward Tomasz Napierala wrote:
> > The branch main has been updated by trasz:
> > 
> > URL: https://cgit.FreeBSD.org/src/commit/?id=b165e9e3ea4e327fc421d81c2a89242bd8720780
> > 
> > commit b165e9e3ea4e327fc421d81c2a89242bd8720780
> > Author:     Edward Tomasz Napierala <trasz@FreeBSD.org>
> > AuthorDate: 2024-11-29 07:46:07 +0000
> > Commit:     Edward Tomasz Napierala <trasz@FreeBSD.org>
> > CommitDate: 2024-11-29 12:10:02 +0000
> > 
> >     Add fchroot(2)
> >     
> >     This is similar to chroot(2), but takes a file descriptor instead
> >     of path.  Same syscall exists in NetBSD and Solaris.  It is part of a larger
> >     patch to make absolute pathnames usable in Capsicum mode, but should
> >     be useful in other contexts too.
> 
> I wonder if it should be fchrootat(fd, path, flags) with the support for
> AT_EMPTY_PATH instead.  Then fchroot() becomes the libc wrapper.
> 
> I can see arguments both pro and contra.  Main argument against is that
> the immediate semantic is easily emulated by openat() + fchroot().  But
> the freedom of adding the fchroot-specific flags might be worth considering.

Yeah, I thought about that too.  In the end I decided to go with the simpler
API, because I like how it mirrors fchdir(2); both do something fundamentally
very similar, they set the default starting points for path lookups.
And we never had the need to add fchdirat(2).
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Z0nvV5GF33l-EdMz>