This patch adds support for Unix98 pseudo terminals, that is,
posix_openpt(3), grantpt(3), unlockpt(3), /dev/ptmx, and /dev/pts/.
The latter is implemented with a new pseudo file system, PTYFS.
In effect, this patch adds secure support for unprivileged pseudo
terminal allocation, allowing programs such as tmux(1) to be used by
non-root users as well. Test77 has been extended with new tests, and
no longer needs to run as root.
The new functionality is optional. To revert to the old behavior,
remove the "ptyfs" entry from /etc/fstab.
Technical nodes:
o The reason for not implementing the NetBSD /dev/ptm approach is that
implementing the corresponding ioctl (TIOCPTMGET) would require
adding a number of extremely hairy exceptions to VFS, including the
PTY driver having to create new file descriptors for its own device
nodes.
o PTYFS is required for Unix98 PTYs in order to avoid that the PTY
driver has to be aware of old-style PTY naming schemes and even has
to call chmod(2) on a disk-backed file system. PTY cannot be its
own PTYFS since a character driver may currently not also be a file
system. However, PTYFS may be subsumed into a DEVFS in the future.
o The Unix98 PTY behavior differs somewhat from NetBSD's, in that
slave nodes are created on ptyfs only upon the first call to
grantpt(3). This approach obviates the need to revoke access as
part of the grantpt(3) call.
o Shutting down PTY may leave slave nodes on PTYFS, but once PTY is
restarted, these leftover slave nodes will be removed before they
create a security risk. Unmounting PTYFS will make existing PTY
slaves permanently unavailable, and absence of PTYFS will block
allocation of new Unix98 PTYs until PTYFS is (re)mounted.
Change-Id: I822b43ba32707c8815fd0f7d5bb7a438f51421c1
- adapt an arithmetic expression for the new sh
- update the fsck call to use the main fsck wrapper instead of a
specific fsck version.
Change-Id: I7e25bf6e54b5c9f564082459e78b9ce5c39254cf
The bin user doesn't need an actual home folder to run the tests. As
such this account should not be used in 'su - bin'. To be noted that
'su bin' still works as expected, and allow to run the minix test set
as usual.
Change-Id: I21fd178bf3b7b28849f05ef24930b553094cc851
We used to have an account "ast" as a token to Andrew S. Tannebaum,
the creator of MINIX. The account was disable by default, with no
possible way to login.
It seems it generates more confusion than it is worth, so this removes it.
The default skeleton user profile is still stored into /etc/ast instead
of the usual /etc/skel.
Change-Id: I71818c0bb9580cdecfa9621f8693586fc48d17cb