Autore: Enrico Weigelt, metux IT consult Data: To: Jude Nelson CC: dng@lists.dyne.org Oggetto: Re: [Dng] Device management [WAS: system scriptinng language.]
On 31.12.2014 01:56, Jude Nelson wrote:
Hi,
> A much more elegant solution would be to give each session its own
> /dev like you were originally saying--it would allow users to
> interact with different devices under the same name, while also
> preserving POSIX filesystem semantics.
Yes, I really think, separate namespaces are the correct way to do.
Actually, I didn't even think about ACLs (which introduce extra
dimensions orthogonal to the filesystem tree), but doing everything
via separate /dev namespaces.
One interesting question here is whether we should do our own
namespacing (within vdev itself), or just use the kernel infrastructure
for that. (by the way: does anybody here know how other kernels,
like *bsd handle namespaces ?)
Maybe we could go through some scenarios, where you'd currently use
ACLs and check whether they could be done better w/ namespaces.
(in fact, I prefer not to use ACLs, due to additional complexity)
One example is session isolation: here I'm pretty sure that, on login
or session start, a proper namespace should be constructed, before
calling the login shell is started. Do you see any reason for not
going that way ?
By the way: does vdev's ACL handling also allow revoking permissions
to some device even on already opened fd's ?
cu
--
Enrico Weigelt,
metux IT consulting
+49-151-27565287