From: Gilles Chanteperdrix <gilles.chanteperdrix@xenomai.org>
To: Jan Kiszka <jan.kiszka@web.de>
Cc: Xenomai <xenomai@xenomai.org>
Subject: Re: [Xenomai] [Xenomai-git] Philippe Gerum: copperplate: add configuration tunable for registry moint point
Date: Sat, 3 Jan 2015 20:40:50 +0100 [thread overview]
Message-ID: <20150103194050.GH12052@daedalus> (raw)
In-Reply-To: <54A6C072.7020303@web.de>
On Fri, Jan 02, 2015 at 04:59:46PM +0100, Jan Kiszka wrote:
> On 2015-01-02 16:06, Gilles Chanteperdrix wrote:
> > To explain a bit more completely. We can not assume that xenomai
> > applications are running as root user. And non root user are not
> > allowed to create /run/xenomai or /var/run/xenomai (at least not on
> > debian or slackware). What is more, these directories being
> > typically non persistent, a script has to be modified somewhere to
> > add mkdir /var/run/xenomai at every boot. On the other hand, mkdir
> > /mnt/xenomai has to be done once and only once, in the "make
> > install" phase for instance, since "make install" is run as root,
> > except that if /mnt is read-only it will not work. But not many
> > users are running system where they compile and run things with root
> > filesystem read-only. Anyway, the two cases are really similar, no
> > one is advantageous over the other. We are going to see questions on
> > the mailing list about that, whatever we do. Perhaps adding a small
> > kernel module to create /proc/xenomai/registry would make things
> > simpler...
> >
>
> Non-root users are indeed an interesting new aspect. However, the
> solution to make a central directory writable seems weird to me. If you
> want to allow non-root users to access the registry, it would be way
> more logical to either shoot up a single privileged sysregd that
> everyone can talk to or use private instances that also run against
> their own per-user mount points, likely located in $HOME.
The solution which works for every case is to add a boot script
which:
- creates the mount point (and ignore failure if the system is
read-only, as it is then the responsibility of whoever creates the
file system to create the mount point, ignore also failure if the
mount point already exists);
- mount a tmpfs on the mount point if the file system is read-only,
and fail if the mount point does not exist
- change the directory permission to allow all users of the e.g.
xenomai group to write to this directory.
Alternatively (to the last item), the sysregd could be made suid
root, create the session directory if it does not exist with root
permissions but with the target user as owner, then drop root
privileges and continue as a normal user.
--
Gilles.
next prev parent reply other threads:[~2015-01-03 19:40 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <mailman.787.1420134217.6101.xenomai-git@xenomai.org>
2015-01-02 10:28 ` [Xenomai] [Xenomai-git] Philippe Gerum: copperplate: add configuration tunable for registry moint point Jan Kiszka
2015-01-02 10:58 ` Philippe Gerum
2015-01-02 11:11 ` Jan Kiszka
2015-01-02 12:51 ` Gilles Chanteperdrix
2015-01-02 13:05 ` Jan Kiszka
2015-01-02 13:41 ` Gilles Chanteperdrix
2015-01-02 15:05 ` Lennart Sorensen
2015-01-02 15:10 ` Gilles Chanteperdrix
2015-01-02 15:22 ` Gilles Chanteperdrix
2015-01-02 15:47 ` Lennart Sorensen
2015-01-02 18:06 ` Gilles Chanteperdrix
2015-01-02 12:56 ` Gilles Chanteperdrix
2015-01-02 13:06 ` Jan Kiszka
2015-01-02 13:29 ` Philippe Gerum
2015-01-02 13:24 ` Jan Kiszka
2015-01-02 14:02 ` Philippe Gerum
2015-01-02 13:56 ` Jan Kiszka
2015-01-02 14:16 ` Gilles Chanteperdrix
2015-01-02 15:06 ` Gilles Chanteperdrix
2015-01-02 15:59 ` Jan Kiszka
2015-01-02 18:03 ` Gilles Chanteperdrix
2015-01-02 18:07 ` Philippe Gerum
2015-01-02 18:09 ` Jan Kiszka
2015-01-02 19:20 ` Philippe Gerum
2015-01-02 19:15 ` Jan Kiszka
2015-01-02 19:31 ` Philippe Gerum
2015-01-02 19:28 ` Jan Kiszka
2015-01-02 19:55 ` Philippe Gerum
2015-01-02 19:49 ` Jan Kiszka
2015-01-02 20:18 ` Philippe Gerum
2015-01-02 22:05 ` [Xenomai] registry daemon mangement (was: Re: [Xenomai-git] Philippe Gerum: copperplate: add configuration tunable for registry moint point) Jan Kiszka
2015-01-02 22:17 ` Gilles Chanteperdrix
2015-01-03 18:36 ` [Xenomai] registry daemon mangement Philippe Gerum
2015-01-03 20:09 ` Jan Kiszka
2015-01-03 20:55 ` Philippe Gerum
2015-01-04 13:03 ` Jan Kiszka
2015-01-03 19:40 ` Gilles Chanteperdrix [this message]
2015-01-03 20:17 ` [Xenomai] [Xenomai-git] Philippe Gerum: copperplate: add configuration tunable for registry moint point Jan Kiszka
2015-01-03 22:25 ` Gilles Chanteperdrix
2015-01-07 18:14 ` Jan Kiszka
2015-01-12 10:42 ` Gilles Chanteperdrix
2015-01-12 11:19 ` Jan Kiszka
2015-01-12 11:34 ` Gilles Chanteperdrix
2015-01-12 11:59 ` Jan Kiszka
2015-01-12 14:35 ` Philippe Gerum
2015-01-12 14:34 ` Jan Kiszka
2015-01-13 9:22 ` Philippe Gerum
2015-01-13 9:11 ` Jan Kiszka
2015-01-13 9:45 ` Philippe Gerum
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150103194050.GH12052@daedalus \
--to=gilles.chanteperdrix@xenomai.org \
--cc=jan.kiszka@web.de \
--cc=xenomai@xenomai.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.