auth/keyfs: support -r flag to mount read-only
This commit is contained in:
aiju
parent
04171d2477
commit
54ec7aed62
2 changed files with 27 additions and 1 deletions
|
|
@ -14,6 +14,9 @@ keyfs, warning \- authentication database files
|
||||||
.BI -m mntpt
|
.BI -m mntpt
|
||||||
]
|
]
|
||||||
[
|
[
|
||||||
|
.B -r
|
||||||
|
]
|
||||||
|
[
|
||||||
.I keyfile
|
.I keyfile
|
||||||
]
|
]
|
||||||
.PP
|
.PP
|
||||||
|
|
@ -84,6 +87,10 @@ If any changes are made to the database that affect the information stored in
|
||||||
.IR keyfile ,
|
.IR keyfile ,
|
||||||
a new version of the file is written.
|
a new version of the file is written.
|
||||||
.PP
|
.PP
|
||||||
|
If the
|
||||||
|
.B -r
|
||||||
|
option is given, the database is mounted `read-only' and no changes are permitted.
|
||||||
|
.PP
|
||||||
There are two authentication databases,
|
There are two authentication databases,
|
||||||
one for Plan 9 user information,
|
one for Plan 9 user information,
|
||||||
and one for SecureNet user information.
|
and one for SecureNet user information.
|
||||||
|
|
|
||||||
|
|
@ -92,6 +92,7 @@ int nuser;
|
||||||
ulong uniq = 1;
|
ulong uniq = 1;
|
||||||
Fcall rhdr, thdr;
|
Fcall rhdr, thdr;
|
||||||
int usepass;
|
int usepass;
|
||||||
|
int readonly;
|
||||||
char *warnarg;
|
char *warnarg;
|
||||||
uchar mdata[8192 + IOHDRSZ];
|
uchar mdata[8192 + IOHDRSZ];
|
||||||
int messagesize = sizeof mdata;
|
int messagesize = sizeof mdata;
|
||||||
|
|
@ -137,7 +138,7 @@ char *(*fcalls[])(Fid*) = {
|
||||||
static void
|
static void
|
||||||
usage(void)
|
usage(void)
|
||||||
{
|
{
|
||||||
fprint(2, "usage: %s [-p] [-m mtpt] [-w warn] [keyfile]\n", argv0);
|
fprint(2, "usage: %s [-p] [-r] [-m mtpt] [-w warn] [keyfile]\n", argv0);
|
||||||
exits("usage");
|
exits("usage");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -165,6 +166,9 @@ main(int argc, char *argv[])
|
||||||
case 'w':
|
case 'w':
|
||||||
warnarg = EARGF(usage());
|
warnarg = EARGF(usage());
|
||||||
break;
|
break;
|
||||||
|
case 'r':
|
||||||
|
readonly = 1;
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
usage();
|
usage();
|
||||||
break;
|
break;
|
||||||
|
|
@ -390,6 +394,8 @@ Create(Fid *f)
|
||||||
|
|
||||||
if(!f->busy)
|
if(!f->busy)
|
||||||
return "create of unused fid";
|
return "create of unused fid";
|
||||||
|
if(readonly)
|
||||||
|
return "mounted read-only";
|
||||||
name = rhdr.name;
|
name = rhdr.name;
|
||||||
if(f->user != nil){
|
if(f->user != nil){
|
||||||
return "permission denied";
|
return "permission denied";
|
||||||
|
|
@ -531,6 +537,8 @@ Write(Fid *f)
|
||||||
|
|
||||||
if(!f->busy)
|
if(!f->busy)
|
||||||
return "permission denied";
|
return "permission denied";
|
||||||
|
if(readonly)
|
||||||
|
return "mounted read-only";
|
||||||
n = rhdr.count;
|
n = rhdr.count;
|
||||||
data = rhdr.data;
|
data = rhdr.data;
|
||||||
switch(f->qtype){
|
switch(f->qtype){
|
||||||
|
|
@ -613,6 +621,10 @@ Remove(Fid *f)
|
||||||
{
|
{
|
||||||
if(!f->busy)
|
if(!f->busy)
|
||||||
return "permission denied";
|
return "permission denied";
|
||||||
|
if(readonly){
|
||||||
|
Clunk(f);
|
||||||
|
return "mounted read-only";
|
||||||
|
}
|
||||||
if(f->qtype == Qwarnings)
|
if(f->qtype == Qwarnings)
|
||||||
f->user->warnings = 0;
|
f->user->warnings = 0;
|
||||||
else if(f->qtype == Quser)
|
else if(f->qtype == Quser)
|
||||||
|
|
@ -649,6 +661,8 @@ Wstat(Fid *f)
|
||||||
|
|
||||||
if(!f->busy || f->qtype != Quser)
|
if(!f->busy || f->qtype != Quser)
|
||||||
return "permission denied";
|
return "permission denied";
|
||||||
|
if(readonly)
|
||||||
|
return "mounted read-only";
|
||||||
if(rhdr.nstat > sizeof buf)
|
if(rhdr.nstat > sizeof buf)
|
||||||
return "wstat buffer too big";
|
return "wstat buffer too big";
|
||||||
if(convM2D(rhdr.stat, rhdr.nstat, &d, buf) == 0)
|
if(convM2D(rhdr.stat, rhdr.nstat, &d, buf) == 0)
|
||||||
|
|
@ -712,6 +726,11 @@ writeusers(void)
|
||||||
uchar *p, *buf;
|
uchar *p, *buf;
|
||||||
ulong expire;
|
ulong expire;
|
||||||
|
|
||||||
|
if(readonly){
|
||||||
|
fprint(2, "writeusers called while read-only; shouldn't happen\n");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
/* what format to use */
|
/* what format to use */
|
||||||
keydblen = KEYDBLEN;
|
keydblen = KEYDBLEN;
|
||||||
keydboff = KEYDBOFF;
|
keydboff = KEYDBOFF;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue