diff options
| author | cinap_lenrek <cinap_lenrek@felloff.net> | 2021-02-23 01:47:33 +0100 |
|---|---|---|
| committer | cinap_lenrek <cinap_lenrek@felloff.net> | 2021-02-23 01:47:33 +0100 |
| commit | 27ad886c956acb71b4165219fcdd54c50b1c7811 (patch) | |
| tree | 6289b5de482d5ad8676dfb7fa7c1d0f584d70e72 | |
| parent | a96cf495fa9a315c86c723bd0a0bcd8bffaef42a (diff) | |
| download | plan9front-27ad886c956acb71b4165219fcdd54c50b1c7811.tar.xz | |
ip/tftpd: add -n namespace-file flag (thanks sam-d)
tftpd currently unconditionally sets its namespace via /lib/namespace
(newns("none", nil)), which stymied my attempts to pxe boot the
openbsd installer without creating a real /etc dir on 9front, which
would've been gross.
I tried working around this with -h (and -r for good measure), but
again hit issues because the namespace is rebuilt from scratch -- any
binds of /386, /amd64, /cfg/pxe, etc. into the tftp-specific directory
disappeared from tftpd's namespace and rendered my *9front* boxes
unable to boot. I could maintain copies of the needed files in the
tftp-specific directory, but that'd be kind of a drag.
The following patch adds a -n flag to allow the specification of a
namespace file in place of /lib/namespace; similar to ip/ftpd.
I thought about setting up a /lib/namespace.tftp to act as a default
rather than continuing to use /lib/namespace by default (which
security-wise is about the same as allowing 9p mounts by user none,
which I also have disabled), but I had trouble coming up with a sane
default. Maybe someone more experienced would like to try that out.
- sam-d
| -rw-r--r-- | sys/man/8/dhcpd | 5 | ||||
| -rw-r--r-- | sys/src/cmd/ip/tftpd.c | 6 |
2 files changed, 10 insertions, 1 deletions
diff --git a/sys/man/8/dhcpd b/sys/man/8/dhcpd index 082a28114..5ec8c5557 100644 --- a/sys/man/8/dhcpd +++ b/sys/man/8/dhcpd @@ -42,6 +42,8 @@ dhcpd, dhcp6d, dhcpleases, rarpd, tftpd \- Internet booting .IR homedir ] .RB [ -x .IR netmtpt ] +.RB [ -n +.IR namespace-file ] .SH DESCRIPTION These programs support booting over the Internet. They should all be run on the same server to @@ -318,6 +320,9 @@ supports only octet mode. .B r Restricts access to only those files rooted in the .IR homedir . +.TP +.B n +Sets the namespace file (default /lib/namespace). .PD .SH FILES .BR /lib/ndb/dhcp " directory of dynamic address files diff --git a/sys/src/cmd/ip/tftpd.c b/sys/src/cmd/ip/tftpd.c index aa69b3423..07ca3b37e 100644 --- a/sys/src/cmd/ip/tftpd.c +++ b/sys/src/cmd/ip/tftpd.c @@ -93,6 +93,7 @@ char raddr[64]; char *dirsl; int dirsllen; char *homedir = "/"; +char *nsfile = nil; char flog[] = "ipboot"; char net[Maxpath]; @@ -138,6 +139,9 @@ main(int argc, char **argv) case 'x': setnetmtpt(net, sizeof net, EARGF(usage())); break; + case 'n': + nsfile = EARGF(usage()); + break; default: usage(); }ARGEND @@ -740,7 +744,7 @@ setuser(void) { if(procsetuser("none") < 0) sysfatal("can't become none: %r"); - if(newns("none", nil) < 0) + if(newns("none", nsfile) < 0) sysfatal("can't build namespace: %r"); } |