From 27ad886c956acb71b4165219fcdd54c50b1c7811 Mon Sep 17 00:00:00 2001 From: cinap_lenrek Date: Tue, 23 Feb 2021 01:47:33 +0100 Subject: ip/tftpd: add -n namespace-file flag (thanks sam-d) tftpd currently unconditionally sets its namespace via /lib/namespace (newns("none", nil)), which stymied my attempts to pxe boot the openbsd installer without creating a real /etc dir on 9front, which would've been gross. I tried working around this with -h (and -r for good measure), but again hit issues because the namespace is rebuilt from scratch -- any binds of /386, /amd64, /cfg/pxe, etc. into the tftp-specific directory disappeared from tftpd's namespace and rendered my *9front* boxes unable to boot. I could maintain copies of the needed files in the tftp-specific directory, but that'd be kind of a drag. The following patch adds a -n flag to allow the specification of a namespace file in place of /lib/namespace; similar to ip/ftpd. I thought about setting up a /lib/namespace.tftp to act as a default rather than continuing to use /lib/namespace by default (which security-wise is about the same as allowing 9p mounts by user none, which I also have disabled), but I had trouble coming up with a sane default. Maybe someone more experienced would like to try that out. - sam-d --- sys/man/8/dhcpd | 5 +++++ sys/src/cmd/ip/tftpd.c | 6 +++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/sys/man/8/dhcpd b/sys/man/8/dhcpd index 082a28114..5ec8c5557 100644 --- a/sys/man/8/dhcpd +++ b/sys/man/8/dhcpd @@ -42,6 +42,8 @@ dhcpd, dhcp6d, dhcpleases, rarpd, tftpd \- Internet booting .IR homedir ] .RB [ -x .IR netmtpt ] +.RB [ -n +.IR namespace-file ] .SH DESCRIPTION These programs support booting over the Internet. They should all be run on the same server to @@ -318,6 +320,9 @@ supports only octet mode. .B r Restricts access to only those files rooted in the .IR homedir . +.TP +.B n +Sets the namespace file (default /lib/namespace). .PD .SH FILES .BR /lib/ndb/dhcp " directory of dynamic address files diff --git a/sys/src/cmd/ip/tftpd.c b/sys/src/cmd/ip/tftpd.c index aa69b3423..07ca3b37e 100644 --- a/sys/src/cmd/ip/tftpd.c +++ b/sys/src/cmd/ip/tftpd.c @@ -93,6 +93,7 @@ char raddr[64]; char *dirsl; int dirsllen; char *homedir = "/"; +char *nsfile = nil; char flog[] = "ipboot"; char net[Maxpath]; @@ -138,6 +139,9 @@ main(int argc, char **argv) case 'x': setnetmtpt(net, sizeof net, EARGF(usage())); break; + case 'n': + nsfile = EARGF(usage()); + break; default: usage(); }ARGEND @@ -740,7 +744,7 @@ setuser(void) { if(procsetuser("none") < 0) sysfatal("can't become none: %r"); - if(newns("none", nil) < 0) + if(newns("none", nsfile) < 0) sysfatal("can't build namespace: %r"); } -- cgit v1.2.3