This patch adds support for Unix98 pseudo terminals, that is,
posix_openpt(3), grantpt(3), unlockpt(3), /dev/ptmx, and /dev/pts/.
The latter is implemented with a new pseudo file system, PTYFS.
In effect, this patch adds secure support for unprivileged pseudo
terminal allocation, allowing programs such as tmux(1) to be used by
non-root users as well. Test77 has been extended with new tests, and
no longer needs to run as root.
The new functionality is optional. To revert to the old behavior,
remove the "ptyfs" entry from /etc/fstab.
Technical nodes:
o The reason for not implementing the NetBSD /dev/ptm approach is that
implementing the corresponding ioctl (TIOCPTMGET) would require
adding a number of extremely hairy exceptions to VFS, including the
PTY driver having to create new file descriptors for its own device
nodes.
o PTYFS is required for Unix98 PTYs in order to avoid that the PTY
driver has to be aware of old-style PTY naming schemes and even has
to call chmod(2) on a disk-backed file system. PTY cannot be its
own PTYFS since a character driver may currently not also be a file
system. However, PTYFS may be subsumed into a DEVFS in the future.
o The Unix98 PTY behavior differs somewhat from NetBSD's, in that
slave nodes are created on ptyfs only upon the first call to
grantpt(3). This approach obviates the need to revoke access as
part of the grantpt(3) call.
o Shutting down PTY may leave slave nodes on PTYFS, but once PTY is
restarted, these leftover slave nodes will be removed before they
create a security risk. Unmounting PTYFS will make existing PTY
slaves permanently unavailable, and absence of PTYFS will block
allocation of new Unix98 PTYs until PTYFS is (re)mounted.
Change-Id: I822b43ba32707c8815fd0f7d5bb7a438f51421c1
As part of its built-in mmap emulation support for "none" file system
services, libfsdriver clears the VM cache upon exit. However, for
trivial file systems which do not even support reading from files, the
the VM cache need to be cleared either. With this patch, the VM cache
is cleared only when modified, so that such trivial file systems need
not be given CLEARCACHE permission.
Change-Id: I518c092443455302b9b9728f10a3f894d2c8036b
While putnode requests should always succeed, very simple file system
services may not care about reference counts and thus about putnode
requests at all. For this reason, we now default to an OK response if
no fdr_putnode implementation is given.
Change-Id: I01f6421abf4546a1f69d8c21900a92d6acc45745
The stat.st_ino field must always be filled with the inode number
given as part of the fdr_stat request anyway, so libfsdriver can
simply fill in the number and allow the file system not to bother.
Change-Id: Ia7a849d0b23dfc83010df0d48fa26e4225427694
Commit 723e513 erroneously removed a yield() call from VFS which was
necessary to get resumed pipe read/write threads to run before VFS
blocks on receive(). The removal caused those threads to run only
once VFS received another message, effectively slowing down activity
on pipes to a crawl in some cases.
Instead of readding the yield() call, this patch restructures the
get_work() code to go back through the main message loop even when no
new work is received, thus ensuring that newly started threads are
always activated without requiring a special case.
This fixes#65.
Change-Id: I59b7fb9e403d87dba1a5deecb04539cc37517742
kb_init() panics, if no keyboard controller is found during self-test.
Instead of panic, the driver should quit the init process and tell it the SEF .
Change-Id: Icdfb7125f5d4062f46cfbbdbbb9e54ac4b273642
This change requires a small patch to libc, in order to avoid that
libminc has to pull in a large chunk of libc just for mktime(3).
Change-Id: I48e598b3716eff626cac461f78a41e32334e6b28
Previously, services would obtain the user ID of "service" through
getpwnam(3). While this approach is conceptually better, it also
imposes linking against libc which in turn causes problems with
printf(3), which already led to PFS no longer dropping privileges at
all. For now, we hardcode SERVICE_UID and use that instead.
In the future, two changes should allow removal of SERVICE_UID again:
- "service edit" should cause RS to request that a service (such as
PFS) drop privileges through SEF, using the user ID resolved by
service(8), or something similar;
- a future devfs should make it possible for inet to start without
root privileges altogether.
Change-Id: Ie02a1e888cde325806fc0ae76909943ac42c9b96
For VFS, initialization is a special case for processing work: PFS
and the ramdisk MFS must be fully mounted before VFS can process any
other requests, in particular from init(8). This case was handled by
receiving reply messages only from the FS service being mounted, but
this effectively disallowed PFS from calling setuid(2) at startup.
This patch lets VFS receive all messages during the mounting process,
but defer processing any new requests. As a result, the FS services
have a bit more freedom in what they can do during startup.
Change-Id: I18275f458952a8d790736a9c9559b27bbef97b7b
This patch fixes two related issues:
- If a large (>PIPE_BUF) pipe write is processed partially, only to be
followed by a write error condition, then the process is left in an
incorrect state, possibly causing VFS to crash on a subsequent call.
- If such a partially processed large pipe write ends up resulting in
an EPIPE error, no corresponding SIGPIPE signal is generated.
The corrected behavior is tested in test68.
Change-Id: I5540e61ab6bcc60a31201485eda04bc49ece2ca8
From the termcap section of the GNU termutils manual:
"There is no way you can tell how much space is needed, so the convention
is to allocate a buffer 2048 characters long and assume that is enough.
(Formerly the convention was to allocate 1024 characters and assume that
was enough. But one day, for one kind of terminal, that was not
enough.)"
Change-Id: Ia5937366ae89e886dbaef7d180bee40669d0c488
As suggested in issue #43.
Historic Locations:
Prior to this commit
minix/commands/mined
Prior to commit 433d6423c3
commands
Change-Id: I374ab3ff0e3b9e47779fc21e80b47fda87698242
__STDC__ is used to mitigate the differences between K&R C and the
ANSI C standard. Nearly every compiler now supports ANSI C, so
there is no need to support non-standard compilers.
Change-Id: Ifc3381ecf1c43dfde9004bee48552d8b3ac4dcdc
* Remove undef NULL, EOF, getchar, putchar
* Rename putchar, getchar, _putchar, _getchar to putch, getch, _putch,
_getch to avoid conflict with libc functions.
* Rename UP() to UP1() (for UP 1 line) to avoid conflict with UP
definition in termcap.h. Rename DN1 LF1 RT1 for consistency.
* Add termcap.h for prototypes for tputs and friends.
* Add libterminfo references to Makefile
* Add return value to _putch() to make it work as tputs expects.
* Make putch() call _putch()
* Remove UNIX ifdefs and all code in the !UNIX branches.
closes#43
Change-Id: I0a6f7298aa8b12a74225badc88d3c236a02669ea
Removes the following man pages:
* awk.1x -- for a version of awk we no longer have
* kermit.1x -- seems gone altogether
* macros.1x -- not useful for anyone anymore
Moves the following man pages:
* mined.1x -- Moved to minix/commands/mined/mined.1
and reformatted to use the mdoc macros instead of the
Minix macros so that it displays properly.
Removes /usr/man/man1x from the directory tree.
closes#44
Change-Id: I59b8bd54cf5cba6d188e51e99a92b36e90c275c1
The escape sequences for the function keys used to be separated
out in older versions of Minix when they were different for m68k
and intel. Support for m68k was dropped and that code was
removed, leaving the ifdef i386. Since the sequences are the
same for i386 and arm, there is no need to keep the ifdef i386.
Change-Id: Id96a80bcb24da120efa63acc9b248d87fc347eac
It used to refer to several NIL_* definitions. Those were removed
in commit 6e25ad8b0a leaving the
comment with nothing to comment on.
Change-Id: I52221ae5d2c5216e82391b480cf2038ad723b8f0
Trying to boot Minix3 master on an appliance/sbc like ALIX fails, as
the service command throws an error. Making the rc script more robust
solves it.
Change-Id: I659043cbbaa2d67b70d6d6e5ab14fff8e1bba769
This allows to both override the default package repository and
preinstalled packages list from the command line or the environment.
Also use everywhere PACKAGEURL.
Change-Id: I3434ff53be769f8d0f890bb5fb44521a0017e123