tech-kern: Re: representation of persistent device status, was Re: devfs, was Re: ptyfs...

Subject: Re: representation of persistent device status, was Re: devfs, was Re: ptyfs...
To: M. Warner Losh <imp@bsdimp.com>
From: Bill Studenmund <wrstuden@netbsd.org>
List: tech-kern
Date: 11/20/2004 17:06:28

--tsOsTdHNUZQcU9Ye
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Nov 20, 2004 at 05:48:49PM -0700, M. Warner Losh wrote:
> In message: <20041120230815.GA12975@netbsd.org>
>             Bill Studenmund <wrstuden@NetBSD.org> writes:
> : (*) What is appropriate is a local policy decision, but I think a good=
=20
> : option should be to make the "duplicate" show up with permissions 000 (=
no=20
> : read, no write, no nothing) and to log BIG NASTY messages in syslog.=20
> : Perhaps even not completely booting, since we can't mount a file system=
=20
> : from that partition. But that's the policy I'd want; other folks or oth=
er=20
> : cases may want different.
>=20
> FreeBSD lets the driver set the policy to a limited extent, but also
> has a devfs control node that lets one load rules to override things
> like ownership, permissions, adding aliases etc.  From FreeBSD's man
> page:
>=20
>    Rule Subsystem
>      The devfs(5) rule subsystem provides a way for the administrator of a
>      system to control the attributes of DEVFS nodes.  Each DEVFS mount-p=
oint
>      has a ``ruleset'', or a list of rules, associated with it.  When a d=
evice
>      driver creates a new node, all the rules in the ruleset associated w=
ith
>      each mount-point are applied (see below) before the node becomes vis=
ible
>      to the userland.  This permits the administrator to change the prope=
r-
>      ties, including the visibility, of certain nodes.  For example, one =
might
>      want to hide all disk nodes in a jail(2)'s /dev.
>=20
> Anyway, just wanted to point this out as prior art.  One can argue all
> day long as to if it is good prior art or bad. :-)

Heh. Thanks.

Take care,

Bill

--tsOsTdHNUZQcU9Ye
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQFBn+oUWz+3JHUci9cRArjHAJ0Z36/X74844q3TMJXoZaZaGyYp2QCeMJdI
QjCmt2uIDXU4VUwpM32ZKTk=
=U9CZ
-----END PGP SIGNATURE-----

--tsOsTdHNUZQcU9Ye--