From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ar@cs.msu.ru>
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
 sa.local.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,RP_MATCHES_RCVD autolearn=ham autolearn_force=no
 version=3.4.1
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=cs.msu.ru; 
 s=dkim;
 h=Subject:In-Reply-To:Content-Type:MIME-Version:References:Message-ID
 :Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=tCa0lEJsdOXxNEgX1zXCJVCUOEoL0soNXzXOpvv93j8=; b=WxUeRHxCc/VbcZJ8lrSbaQGk+U
 wTsS2YMo/E6arcesD1QDPz9rrxl2XthvBFRffnGd1y0VQEBY/fuRXUvsA8gIVjJ18BBGMvLgeB/nd
 OtYvf9lyqrrEAz45ChsKh1WZJSO+1Xct5auXcaiJ4b3tvEj4AjPRjgFF2ZRKsWz4hWzCIbOveSGr5
 GPT6CiH7F0b56gVDHPC3cA81QJBSEuwQHUx6A52Mv3NEieuUJVf/GT7Q3d+TlCQCCFJG4dJHTCD03
 RKPuaobH4RqW7nNpCA7KAf+7rhWBivdqYygMlLe11w2vE3phnsdmJADCbPL8dpQzbD5oKc45Guv8z
 kFl3wM8A==;
Date: Thu, 17 Sep 2020 16:12:36 +0300
From: Arseny Maslennikov <ar@cs.msu.ru>
To: Alex Gladkov <legion@altlinux.ru>, devel@lists.altlinux.org
Message-ID: <20200917131236.GK286846@cello>
References: <cover.1576183643.git.legion@altlinux.org>
 <9bca7626b593f896de4283cba2d6290ec99eb4f2.1576183643.git.legion@altlinux.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="vk/v8fjDPiDepTtA"
Content-Disposition: inline
In-Reply-To: <9bca7626b593f896de4283cba2d6290ec99eb4f2.1576183643.git.legion@altlinux.org>
OpenPGP: url=http://grep.cs.msu.ru/~ar/pgp-key.asc
X-SA-Exim-Connect-IP: 10.7.5.179
X-SA-Exim-Mail-From: ar@cs.msu.ru
X-SA-Exim-Version: 4.2.1
X-SA-Exim-Scanned: Yes (on mail.cs.msu.ru)
Cc: ldv@altlinux.org
Subject: Re: [devel] [PATCH hasher-priv v1 1/3] Makefile
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux Team development discussions <devel@lists.altlinux.org>
List-Id: ALT Linux Team development discussions <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/devel>,
 <mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
 <mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Sep 2020 13:12:41 -0000
Archived-At: <http://lore.altlinux.org/devel/20200917131236.GK286846@cello/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>


--vk/v8fjDPiDepTtA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Dec 13, 2019 at 12:42:03PM +0100, Alex Gladkov wrote:
> diff --git a/hasher-priv/Makefile b/hasher-priv/Makefile
> index a815e9e..82aa385 100644
> --- a/hasher-priv/Makefile
> +++ b/hasher-priv/Makefile
> @@ -11,7 +11,7 @@ VERSION =3D $(shell sed '/^Version: */!d;s///;q' hasher=
-priv.spec)
>  HELPERS =3D getconf.sh getugid1.sh chrootuid1.sh getugid2.sh chrootuid2.=
sh
>  MAN5PAGES =3D $(PROJECT).conf.5
>  MAN8PAGES =3D $(PROJECT).8 hasher-useradd.8
> -TARGETS =3D $(PROJECT) hasher-useradd $(HELPERS) $(MAN5PAGES) $(MAN8PAGE=
S)
> +TARGETS =3D $(PROJECT) hasher-privd hasher-useradd $(HELPERS) $(MAN5PAGE=
S) $(MAN8PAGES)

To everyone: While the name "hasher-privd" minimises the amount of
renaming we have to do, it is too long a name, given that /proc/%d/comm
for each task is up to 16 bytes long on Linux, and is too easy to
confuse with hasher-priv, the client invoker program.

How about hasherd? hshd is too easily confused with sshd.
hasher-priv can then be mnemonised as "hasher-request-priv-operation",
hsh is the user frontend, and hasherd is the daemon.

> =20
>  sysconfdir =3D /etc
>  libexecdir =3D /usr/lib
> @@ -21,6 +21,7 @@ man5dir =3D $(mandir)/man5
>  man8dir =3D $(mandir)/man8
>  configdir =3D $(sysconfdir)/$(PROJECT)
>  helperdir =3D $(libexecdir)/$(PROJECT)
> +socketdir =3D /var/run

Why /var/run and not /run, especially in a new project?

Even further, I would suggest that we store the socket in
/run/hasher-priv or something, setgid hashman, with 0710 rights. The
major service managers can create the directory on startup for us:
there's mkdir(1), there's RuntimeDirectory=3D and RuntimeDirectoryMode=3D.

>  DESTDIR =3D
> =20
>  MKDIR_P =3D mkdir -p
> @@ -33,17 +34,25 @@ WARNINGS =3D -Wall -W -Wshadow -Wpointer-arith -Wwrit=
e-strings \
>  	-Wmissing-prototypes -Wmissing-declarations -Wmissing-noreturn \
>  	-Wmissing-format-attribute -Wredundant-decls -Wdisabled-optimization
>  CPPFLAGS =3D -std=3Dgnu99 -D_GNU_SOURCE $(CHDIRUID_FLAGS) \
> -	$(LFS_CFLAGS) -DPROJECT_VERSION=3D\"$(VERSION)\"
> +	$(LFS_CFLAGS) -DPROJECT_VERSION=3D\"$(VERSION)\" \
> +	-DSOCKETDIR=3D\"$(socketdir)\" -DPROJECT=3D\"$(PROJECT)\"
>  CFLAGS =3D -pipe -O2
>  override CFLAGS +=3D $(WARNINGS)
>  LDLIBS =3D
> =20
> -SRC =3D caller.c chdir.c chdiruid.c chid.c child.c chrootuid.c cmdline.c=
 \
> +SRC =3D hasher-priv.c cmdline.c fds.c sockets.c logging.c communication.=
c xmalloc.c pass.c
> +OBJ =3D $(SRC:.c=3D.o)
> +
> +server_SRC =3D hasher-privd.c \
> +	communication.c epoll.c pidfile.c logging.c sockets.c \
> +	caller.c caller_server.c caller_task.c \
> +	chdir.c chdiruid.c chid.c child.c chrootuid.c cmdline.c \
>  	config.c fds.c getconf.c getugid.c ipc.c killuid.c io_log.c io_x11.c \
> -	main.c makedev.c mount.c net.c parent.c pass.c pty.c signal.c tty.c \
> +	makedev.c mount.c net.c parent.c pass.c pty.c signal.c tty.c \
>  	unshare.c xmalloc.c x11.c
> -OBJ =3D $(SRC:.c=3D.o)
> -DEP =3D $(SRC:.c=3D.d)
> +server_OBJ =3D $(server_SRC:.c=3D.o)
> +
> +DEP =3D $(SRC:.c=3D.d) $(server_SRC:.c=3D.d)
> =20
>  .PHONY:	all install clean indent
> =20
> @@ -52,14 +61,19 @@ all: $(TARGETS)
>  $(PROJECT): $(OBJ)
>  	$(LINK.o) $^ $(LOADLIBES) $(LDLIBS) -o $@
> =20
> +hasher-privd: $(server_OBJ)
> +	$(LINK.o) $^ $(LOADLIBES) $(LDLIBS) -o $@
> +
>  install: all
>  	$(MKDIR_P) -m710 $(DESTDIR)$(configdir)/user.d
>  	$(INSTALL) -p -m640 fstab $(DESTDIR)$(configdir)/fstab
>  	$(INSTALL) -p -m640 system.conf $(DESTDIR)$(configdir)/system
> +	$(INSTALL) -p -m640 server.conf $(DESTDIR)$(configdir)/server
>  	$(MKDIR_P) -m750 $(DESTDIR)$(helperdir)
>  	$(INSTALL) -p -m700 $(PROJECT) $(DESTDIR)$(helperdir)/
>  	$(INSTALL) -p -m755 $(HELPERS) $(DESTDIR)$(helperdir)/
>  	$(MKDIR_P) -m755 $(DESTDIR)$(sbindir)
> +	$(INSTALL) -p -m755 hasher-privd $(DESTDIR)$(sbindir)/
>  	$(INSTALL) -p -m755 hasher-useradd $(DESTDIR)$(sbindir)/
>  	$(MKDIR_P) -m755 $(DESTDIR)$(man5dir)
>  	$(INSTALL) -p -m644 $(MAN5PAGES) $(DESTDIR)$(man5dir)/
> @@ -67,7 +81,7 @@ install: all
>  	$(INSTALL) -p -m644 $(MAN8PAGES) $(DESTDIR)$(man8dir)/
> =20
>  clean:
> -	$(RM) $(TARGETS) $(DEP) $(OBJ) core *~
> +	$(RM) $(TARGETS) $(DEP) $(OBJ) $(server_OBJ) core *~
> =20
>  indent:
>  	indent *.h *.c

--vk/v8fjDPiDepTtA
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE56JD3UKTLEu/ddrm9dQjyAYL01AFAl9jYMQACgkQ9dQjyAYL
01C/rBAAiCLi95rjZQ9jCNhSBHTBWgSOthQ4FQYwH14oiHZiDEuvxSyioLTWIIYW
F+CseTKq/LsgCGKRHLbK2WC/gjnFqyGsOfUaIKHUhmPm3ej/no8O62Y3Ts/Ng2YE
HQMr4bieiN3DYxm4/aZR58Ugfkh6UPr7DPXkHVVNC9+DQcByc8D+DoR66aQXwofC
c6dhgNp7p38TY2NkP71JbzFA6S2V2bTHu9mxJ7YurCr/2/JhwpH3CttuDawZ49ed
xzCCe8hkxi5oZbj9K4kh73Wfb2OVDmTbUZWMLV7HcFmNf7wF09Ao8rJDPE+AOd5a
zdadkXAJBuBt2BXWrvsWwwRK4Gc7Fkd3mKsHvGhMXkmPSnfkssjoIRmtlF5aHQKp
uitTtpLMnsd6/PwRWp9xjjI6HhLm6zDN8sY1YmtHEcIspISxrbbE98oS2SRNSNdW
RuLoqHSocTNfuPhzLHH6bufCwa3ahQ4cqeieTvHaiYRZ/bOlev6rS+DxFgCvMtPX
Z7HBNCf2flu3Fa5hli1Nb6Zto/iW1ZwmqMyiW9TPaZqsNysCxmraHdK8BZ1VpMIZ
lb4/FuUe3VEejv7tjB4ZNC18jhpu5v5LDIF+9somkWyGlCImsfktIa/gHKK8hRj8
9emwxoVuI+H12NZFDWlyzYe3khYzYYyOKr4L4oTxHv4/HHXfnog=
=k69S
-----END PGP SIGNATURE-----

--vk/v8fjDPiDepTtA--