Add PTYFS, Unix98 pseudo terminal support
This patch adds support for Unix98 pseudo terminals, that is,
posix_openpt(3), grantpt(3), unlockpt(3), /dev/ptmx, and /dev/pts/.
The latter is implemented with a new pseudo file system, PTYFS.
In effect, this patch adds secure support for unprivileged pseudo
terminal allocation, allowing programs such as tmux(1) to be used by
non-root users as well. Test77 has been extended with new tests, and
no longer needs to run as root.
The new functionality is optional. To revert to the old behavior,
remove the "ptyfs" entry from /etc/fstab.
Technical nodes:
o The reason for not implementing the NetBSD /dev/ptm approach is that
implementing the corresponding ioctl (TIOCPTMGET) would require
adding a number of extremely hairy exceptions to VFS, including the
PTY driver having to create new file descriptors for its own device
nodes.
o PTYFS is required for Unix98 PTYs in order to avoid that the PTY
driver has to be aware of old-style PTY naming schemes and even has
to call chmod(2) on a disk-backed file system. PTY cannot be its
own PTYFS since a character driver may currently not also be a file
system. However, PTYFS may be subsumed into a DEVFS in the future.
o The Unix98 PTY behavior differs somewhat from NetBSD's, in that
slave nodes are created on ptyfs only upon the first call to
grantpt(3). This approach obviates the need to revoke access as
part of the grantpt(3) call.
o Shutting down PTY may leave slave nodes on PTYFS, but once PTY is
restarted, these leftover slave nodes will be removed before they
create a security risk. Unmounting PTYFS will make existing PTY
slaves permanently unavailable, and absence of PTYFS will block
allocation of new Unix98 PTYs until PTYFS is (re)mounted.
Change-Id: I822b43ba32707c8815fd0f7d5bb7a438f51421c1
2015-06-22 19:14:34 +02:00
|
|
|
20150623:
|
|
|
|
In order to use the new Unix98 PTYs, and to ensure that the test set
|
|
|
|
continues to pass, please add the following line to your /etc/fstab:
|
|
|
|
|
|
|
|
"none /dev/pts ptyfs rw,rslabel=ptyfs 0 0"
|
|
|
|
|
2014-08-01 14:58:40 +02:00
|
|
|
20140801:
|
|
|
|
As the ABI went under heavy changes it is not possible to do a source
|
|
|
|
upgrade (make build) between:
|
|
|
|
commit 7ebdb97a28234e0181f93a8b786331dda507482
|
|
|
|
Date: Sun Feb 16 20:08:20 2014 +0000
|
|
|
|
and
|
|
|
|
commit f1deff716ea30b28693c16f8e48ba1a369e2e922
|
|
|
|
Date: Thu Jul 31 18:36:24 2014 +0200
|
|
|
|
|
|
|
|
WARNING: Attempting to do so will break your system beyond repair, and
|
|
|
|
require a full reinstallation. You have been warned.
|