From owner-freebsd-hackers@FreeBSD.ORG  Sun Jul 22 13:24:08 2012
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 0B56A1065672
	for <hackers@freebsd.org>; Sun, 22 Jul 2012 13:24:08 +0000 (UTC)
	(envelope-from ming.zym@gmail.com)
Received: from mail-pb0-f54.google.com (mail-pb0-f54.google.com
	[209.85.160.54])
	by mx1.freebsd.org (Postfix) with ESMTP id CF0148FC0A
	for <hackers@freebsd.org>; Sun, 22 Jul 2012 13:24:07 +0000 (UTC)
Received: by pbbro2 with SMTP id ro2so9861080pbb.13
	for <hackers@freebsd.org>; Sun, 22 Jul 2012 06:24:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=message-id:subject:from:to:date:content-type:x-mailer:mime-version;
	bh=mi2K7dpXE0NRk6/WggW6o3debMERwQmZpLOX1lmpSJg=;
	b=kmvEvhQsbh0Y5EK/LkWMp0wO/9nRyVmUtFH7jfnKHmpVyEsQVRlmrACOu4V9wKJo5i
	zNDQ9vLlBE2i9c/2PINqwoCXkzovDD04opCtYNFbzw7h5H5v7MUkr2kZtdNUbN8uSpUV
	/UVK0ajqr3Jd0VKMe4a4a0pN24hatHNOLShNinWMgJMbBg3BauMhDQ0ei8e+2Z5iVa+y
	xMl7c0YutrBzxiJAok1xlTWeNY71UMaceaaBVYzP/Weocb8bPCvC+7LFvYLrOaMnVSWo
	+CJycF0T3xBP3+vaGhQ92GJwuakoOftdZ6rBU/9kLq0lFFcXJMIgHe9gtYDNMUvQ1qlG
	taZg==
Received: by 10.68.224.70 with SMTP id ra6mr27842424pbc.11.1342963447427;
	Sun, 22 Jul 2012 06:24:07 -0700 (PDT)
Received: from [10.62.241.2] (f0-0-tep-rtr2.corp.cnb.yahoo.com.
	[202.43.217.166])
	by mx.google.com with ESMTPS id ka5sm7923910pbb.37.2012.07.22.06.24.04
	(version=SSLv3 cipher=OTHER); Sun, 22 Jul 2012 06:24:06 -0700 (PDT)
Message-ID: <1342963441.4162.8.camel@zym6400>
From: "ming.zym@gmail.com" <ming.zym@gmail.com>
To: "hackers@FreeBSD.org" <hackers@FreeBSD.org>
Date: Sun, 22 Jul 2012 21:24:01 +0800
Content-Type: multipart/signed; micalg="pgp-sha256";
	protocol="application/pgp-signature"; boundary="=-seF2u1R8aenZMW6q/M/P"
X-Mailer: Evolution 3.4.3 
Mime-Version: 1.0
Cc: 
Subject: trafficserver and raw disk access in FreeBSD
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Jul 2012 13:24:08 -0000


--=-seF2u1R8aenZMW6q/M/P
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Apache Traffic Server may use raw disk for caching, and for privilege
elevation, the worker process(traffic_server) will setuid to nobody, my
question is, how to make traffic_server access the /dev/ada*?

in linux, disk permitting is root:disk 0660, we can go with:
1, setup a new user 'ats', and put it into 'disk' group
2, after setuid, run initgroups() to complete the groups evn.


we need a safe and easy to implement way for raw disk access in
FreeBSD.=20

thanks for you help

--=20
zym, Zhao Yongming.
aka: yonghao @ taobao.com

--=-seF2u1R8aenZMW6q/M/P
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)

iF4EABEIAAYFAlAL/vEACgkQQBjU8JUwVz6OfwEAhzFapWvHyC1ResMhcDLiY1ck
1PusKENuhqN60tyMiCcA+gO7ON0HPS1MLgJ6EsN9sUnZRQeZFvX/IeI+iRHPsdVT
=8D/m
-----END PGP SIGNATURE-----

--=-seF2u1R8aenZMW6q/M/P--