From owner-freebsd-current@FreeBSD.ORG Tue Mar 23 14:38:07 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3521E16A4CE for ; Tue, 23 Mar 2004 14:38:07 -0800 (PST) Received: from avalon.linuxpowered.com (unknown [64.246.60.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id D95FF43D3F for ; Tue, 23 Mar 2004 14:38:06 -0800 (PST) (envelope-from diz@linuxpowered.com) Received: from webmail.linuxpowered.com ([::ffff:127.0.0.1]) (AUTH: CRAM-MD5 diz@linuxpowered.com) by avalon.linuxpowered.com with esmtp; Tue, 23 Mar 2004 16:42:47 -0600 Received: from 24.0.61.35 (SquirrelMail authenticated user diz@linuxpowered.com) by webmail.linuxpowered.com with HTTP; Tue, 23 Mar 2004 16:42:48 -0600 (CST) Message-ID: <60523.24.0.61.35.1080081768.squirrel@webmail.linuxpowered.com> Date: Tue, 23 Mar 2004 16:42:48 -0600 (CST) From: diz@linuxpowered.com To: "Luigi Rizzo" User-Agent: SquirrelMail/1.4.1 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 Importance: Normal cc: current@freebsd.org Subject: Re: userland|unprivileged file system handling tools X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Mar 2004 22:38:07 -0000 hi, Luigi Rizzo wrote: > We seem to lack tools that allow the generation/handling of file > system images without root privs. The 'standard techniques' used > to build the bootable floppies rely on vnconfig/mdconfig, disklabel, > fsck and mknod which all must run as root. > As far as -current goes, mknod is not anything worth mentioning because of devfs. My sysgen scripts (wifibsd) are divided into what requires root, and what doesn't. My observation is that only mdconfig requires root, and this must be done on the host system (aka not inside of a jail). > Colin Percival pointed me to ports/sysutils/makefs which builds an > almost correct fs image -- it has a couple of bugs, one which is > trivially fixed, the other one which could be cured by a pass of > fsck. There is still the issue of creating a label for the image > (which right now i do using a small C program), and handling device > nodes (not an issue on 5.x, but this could be possibly fixed with > some makefs extension). > I'd like to take a peek at the tiny C program please, if possible? > So: > > + is there interest in having makefs become part of the > standard system, instead of a port ? > > + how hard would it be to teach disklabel and fsck to > work on files (filesystem images) as well as devices ? > I'm conflicted on this myself. On the one side I am opposed to bloating the userland, after all I'm an embedded systems person so I tend to have negative opinions about unnecissary userland cruft. On the other hand we need to find a way to create image files without root, more simply, and that tool appears to do the trick, but it is redundant. Just thinking while typing, my reaction is to possibly suid mdconfig. I'll have to take a look at how it works before I can comment intelligently, but I'd say we could do well to make mdconfig usable by non-root users, and possibly even usable in a jail. Might be insecure in ways I'm not clear on at this time, but looking doesn't hurt. > cheers > luigi > -Jon Disnard (aka masta) irc.freenode.net