From owner-freebsd-hackers@freebsd.org Tue Mar 13 23:16:51 2018 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C36A55E4 for ; Tue, 13 Mar 2018 23:16:50 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-io0-x22b.google.com (mail-io0-x22b.google.com [IPv6:2607:f8b0:4001:c06::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 576067BB99 for ; Tue, 13 Mar 2018 23:16:50 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: by mail-io0-x22b.google.com with SMTP id u84so2113715iod.9 for ; Tue, 13 Mar 2018 16:16:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20150623.gappssmtp.com; s=20150623; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=cTa81h6/z1KS5YFlSaRhtTyQj/shBEZzC+Lt3AUJggA=; b=Etdn+/Xb6GaAtNWDrjJfbNpVVhhHM+/lRn7TJvvoe8zf7LdThgxPizzZ85CozuKGo3 6xKBfggcAyVCAizoNKxnU8iar+7XDsPTY+157UpQbQ6gmPyxXj3l1lddBUOxf+siS8+P 1DYZiZa80ski1Xwx9tjmAt9fL1kbycfJ26ZmgkonXUOnJnaCcqRM5mXPHL5Z2tFxMOYT q82TCvC1LwKjKoEYV2dbj4jtM6Xtb5BVThY3a5WyH9OAQ6S83Bsmznxfctux0aocHhVl YhKtcd9LbHuWBmTUzFD+6Q7LAPJr3CjB0RvCbxEpVfbNPGlOIkZhi2JeOwaY7H0rN+av pE/g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=cTa81h6/z1KS5YFlSaRhtTyQj/shBEZzC+Lt3AUJggA=; b=rbUBMuDXnJ5K+qPXZ/BX/zu3dZYI2C+wE/zL6x87S5+ZtYsBhAmIeimipU66C68YfI LTrebZuzn+eymG+DkddlZVFB342MH60oFrnOuIlui/R51mxR37C4qOZV4DS5NEOEmv2P FzsJHW1CxV+F6sJs2qi6d0Jx3uQ+iphOFT2vbVxrPt71CHHY14uA0dvjFqlzm3t7gRFf LrxUvo5qZE2ND0EvlIDQimDmY1nMnScqvvJ61bkg961qyYJU3OGeD4pOTuPPTcfxQJ74 F/yiGg9L4vd9Gu88ViDF9+4NYJAwlUGbnvuwi4/qj/vPaDOG3dScrWqMsQVzTmRvWRg7 4sag== X-Gm-Message-State: AElRT7FC2Hjare7OSNHlWuVd+XUki3+szwz5QnsUmtTJLZ+e8VfyGQrO w64RL1//bMfn9Icyp4rGZctpDHzoo/vTX69jsQh6oA== X-Google-Smtp-Source: AG47ELsl7Fe7bGfYkR8eaqC4edf9HItxL6XqSd/d0yXNhnwVt+16nCGdLlyTsN8UCcFa0I1oWm0hAhWfHN3NqKSzDDM= X-Received: by 10.107.18.162 with SMTP id 34mr2678389ios.168.1520983009421; Tue, 13 Mar 2018 16:16:49 -0700 (PDT) MIME-Version: 1.0 Sender: wlosh@bsdimp.com Received: by 10.79.203.196 with HTTP; Tue, 13 Mar 2018 16:16:48 -0700 (PDT) X-Originating-IP: [2603:300b:6:5100:18a2:a4f7:170:8dd9] In-Reply-To: References: <201803132055.aa28780@berenice.pkmab.se> From: Warner Losh Date: Tue, 13 Mar 2018 17:16:48 -0600 X-Google-Sender-Auth: Fz9VUnb4e15vlIaxe-yJKsQ3lew Message-ID: Subject: Re: GSoC Idea: per-process filesystem namespaces for FreeBSD To: Mark Saad Cc: "freebsd-hackers@freebsd.org" , Kristoffer Eriksson , Theron Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Mar 2018 23:16:51 -0000 On Tue, Mar 13, 2018 at 4:31 PM, Mark Saad wrote: > > On Mar 13, 2018, at 5:43 PM, Warner Losh wrote: > > On Tue, Mar 13, 2018 at 1:55 PM, Kristoffer Eriksson wrote= : > > > On 13 Mar 2018 12:53:18, Theron wrote: > > For those unfamiliar with Plan9, here is a rough explanation of the > > namespace feature: unlike in Unix, where all processes share the same > > virtual filesystem, each process instead has its own view of the > > filesystem according to what has been mounted ... > > > What if I mount a new /etc with a passwd file where root has no > > password, and then run "su"? > > > (How does Plan9 handle that?) > > > > Plan9 handles that by having a daemon that does user authentication. It's > actually more complicated than that, but the machine owner has control ov= er > who can do what. For this to work in FreeBSD, either we'd need to disallo= w > the 'file' type for passwd, or we'd have to do something sensible with > setuid programs. Well, maybe not 'or' but 'and' since the security of > setuid programs depends on the security of the filesystem.... Plan 9 > doesn't have these complications, so it can offer a user malleable > filesystem without security risk. > > Warner > > > A kind of related task; FreeBSD could benefit from : Fixing and > improving unionfs / nullfs. There are some weird issues with the current > unionfs and while it works in many cases there are some edge cases where > the comments are something like =E2=80=9C FreeBSD needs a proper stacking= vfs ...=E2=80=9D > the examples I can think of ; imagine you have a jail , chroot or even = a > Pxe booted system where you want a a read only null mount from the hosts > /bin to the targets /bin . Now expand that to most of the base system and > the mount tmpfs=E2=80=99s for /tep /var/log etc. most of that works but = try to > unmount it in the wrong order or thrash a unionfs with lots of writes ,on > top of a tmpfs and things break . > So to be clear the project would be to better document the various uses o= f > unionfs and nullfs that work , for the ones that do not diving into the > stacking vfs and seeing if it could be implemented and if it would help . > > Alternatively making FreeBSD multiboot compliant would rock . This would > allow FreeBSD to natively boot from ipxe or syslinux derivates; thus > allowing you to boot a working FreeBSD install via a kernel and mfsroot > image off a web server . > There appears to already be a multiboot.c in the bootloader. I've been told by others in the past it just works... Warner