Re: /etc/rc.d/ramdisk script for review
From: Sven Willenberger (sven_at_dmv.com)
Date: 04/15/04
- Previous message: Eric Anderson: "Re: no internet connection"
- In reply to: Wes Peters: "Re: /etc/rc.d/ramdisk script for review"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: freebsd-current@freebsd.org Date: Thu, 15 Apr 2004 09:17:23 -0400
On Wed, 2004-04-14 at 16:35, Wes Peters wrote:
> On Monday 12 April 2004 02:48 pm, masta wrote:
> > Wes Peters wrote:
> > >A question came up on the mimedefang-users mailing list today. One
> > >user who has recently converted from 4.8 to 5.2.1 was lamenting the
> > >fact there is no way to control ownership and permission of memory
> > >disks in 5.x. The MIMEdefang spool area, often placed on a ramdisk
> > >for speed, needs to be owned by the MIMEdefang user and group.
> > >
> > >I poked around at mdmfs, aka mount_mfs, and thought there should be
> > >a more 5.x-ish way to create ramdisks early enough in the boot process
> > >to just put them in /etc/fstab directly. Here's what I came up with.
> >
> > I like the notion of having rc.conf nobs to do this stuff with, but we
> > can already use /etc/fstab to configure a ramdisk as such:
> >
> > md /tmp mfs
> > rw,-s3m 0 0
> > md /var mfs
> > rw,-s7m 0 0
> >
> > That is how I engineered wifibsd prior to the changes Brooks did to the
> > diskless script of Matt's. It would seem to me that we
> > could have the ownership options next to the "rw,-s7m" options fields
> > which already exists. Something like "rw,-s7m,-Owes:staff", or similare.
> >
> > Since mount_md, or mdmfs, or whatever mount uses to do the task, could
> > be changed to facilitate that one needful thing or using chown/chgrp,
> > right?
>
> No, because it can't change the ownership of the mount point after the
> mount, which is the point of the whole thing. If you recall from the
> original message, this was to create a temporary space for MIMEdefang,
> which runs as an untrusted user and so needs the ownership set
> appropriately. We use the same mechanism for virus scanning as well.
using the rc script works great, btw, in creating the memory device and
mounting it via /etc/fstab does so with root ownership. Since I use this
for mimedefang, I added the following to the mimedefang.sh startup
script in /usr/local/etc/rc.d which then successfully sets the perms as
needed (I am guessing that there is no way to preserve device ownership
and perms to the mountpoint?):
--- mimedefang.sh-dist Thu Apr 13 09:10:03 2004
+++ mimedefang.sh Tue Apr 13 12:22:14 2004
@@ -9,6 +9,15 @@
PID="$SPOOLDIR/$prog.pid"
MXPID="$SPOOLDIR/$prog-multiplexor.pid"
+# Test ownership and perms on SPOOLDIR
+eval $(stat -s $SPOOLDIR)
+if [ $st_uid -ne 26 ]; then
+ chown mailnull $SPOOLDIR
+fi
+if [ $st_mode -ne 040700 ] ; then
+ chmod 700 $SPOOLDIR
+fi
+
# Is the program executable? We search in /usr/bin and /usr/local/bin.
if [ -x /usr/local/bin/$prog ] ; then
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
- Previous message: Eric Anderson: "Re: no internet connection"
- In reply to: Wes Peters: "Re: /etc/rc.d/ramdisk script for review"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
