Date: Fri, 10 Dec 2021 10:53:12 +0300 From: Gleb Popov <arrowd@freebsd.org> To: "Daniel O'Connor" <darius@dons.net.au>, Eugene Grosbein <eugen@grosbein.net> Cc: freebsd-hackers <freebsd-hackers@freebsd.org> Subject: Re: What to use in place of abstract unix sockets? Message-ID: <CALH631m8P_NG3nTZ1JQ2hhZMTrAMuuGjS8Ahz_qDMu1bFDCzkw@mail.gmail.com> In-Reply-To: <F0BE714E-E25B-4A49-AA6E-B0E906374446@dons.net.au> References: <CALH631kYAz%2B_=p6VUhxzx0tz8eox804PCK5A9POxQkZTdThZCQ@mail.gmail.com> <F0BE714E-E25B-4A49-AA6E-B0E906374446@dons.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
--0000000000005d84b505d2c60558 Content-Type: text/plain; charset="UTF-8" On Wed, Dec 8, 2021 at 10:50 AM Eugene Grosbein <eugen@grosbein.net> wrote: > 08.12.2021 13:43, Gleb Popov wrote: > > > Hello hackers. > > > > I'm porting a software that does the following things on Linux: > > > > 1. Binds an abstract UDS (the socket name starts with '\0') > > 2. Launches a "client" process. > > 3. "Client" uses chroot() to constrain itself in a sort of jail. > > 4. "Client" connects to the abstract UDS. > > > >>From what I can tell, this works because abstract UDS's do not use the > > filesystem namespace, which is why "client" can connect out of the > > chroot'ed environment. > > > > What can I do to make this software work for FreeBSD? Simply using > regular > > UDS instead of abstract ones doesn't work for obvious reasons - the > > "client" can't find the socket file. > > > > Thanks in advance. > > If they are parent/child, you could try using socketpair(). > There are actually multiple children. If I understand it right, using socketpair() would lead to N sockets on the server side for the N connected clients. Right now there is a single UDS that handles all connections, so rewriting it with socketpair() would be problematic, I think. On Thu, Dec 9, 2021 at 3:08 AM Daniel O'Connor <darius@dons.net.au> wrote: > > > > On 8 Dec 2021, at 17:13, Gleb Popov <arrowd@freebsd.org> wrote: > > I'm porting a software that does the following things on Linux: > > > > 1. Binds an abstract UDS (the socket name starts with '\0') > > 2. Launches a "client" process. > > 3. "Client" uses chroot() to constrain itself in a sort of jail. > > 4. "Client" connects to the abstract UDS. > > > > From what I can tell, this works because abstract UDS's do not use the > > filesystem namespace, which is why "client" can connect out of the > > chroot'ed environment. > > > > What can I do to make this software work for FreeBSD? Simply using > regular > > UDS instead of abstract ones doesn't work for obvious reasons - the > > "client" can't find the socket file. > > If the parent knows where the child will chroot it could create a unix > domain socket under that directory somewhere. > Same problem as above - there should be a single socket on the server side. --0000000000005d84b505d2c60558--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CALH631m8P_NG3nTZ1JQ2hhZMTrAMuuGjS8Ahz_qDMu1bFDCzkw>