Re: What to use in place of abstract unix sockets?
- Reply: Gleb Popov : "Re: What to use in place of abstract unix sockets?"
- In reply to: Gleb Popov : "Re: What to use in place of abstract unix sockets?"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 11 Dec 2021 17:02:36 UTC
On Fri, Dec 10, 2021 at 12:54 AM Gleb Popov <arrowd@freebsd.org> wrote: > > On Wed, Dec 8, 2021 at 10:50 AM Eugene Grosbein <eugen@grosbein.net> wrote: > > > 08.12.2021 13:43, Gleb Popov wrote: > > > > > Hello hackers. > > > > > > I'm porting a software that does the following things on Linux: > > > > > > 1. Binds an abstract UDS (the socket name starts with '\0') > > > 2. Launches a "client" process. > > > 3. "Client" uses chroot() to constrain itself in a sort of jail. > > > 4. "Client" connects to the abstract UDS. > > > > > >>From what I can tell, this works because abstract UDS's do not use the > > > filesystem namespace, which is why "client" can connect out of the > > > chroot'ed environment. > > > > > > What can I do to make this software work for FreeBSD? Simply using > > regular > > > UDS instead of abstract ones doesn't work for obvious reasons - the > > > "client" can't find the socket file. > > > > > > Thanks in advance. > > > > If they are parent/child, you could try using socketpair(). > > > > There are actually multiple children. If I understand it right, using > socketpair() would lead to N sockets on the server side for the N connected > clients. Right now there is a single UDS that handles all connections, so > rewriting it with socketpair() would be problematic, I think. > > > > > On Thu, Dec 9, 2021 at 3:08 AM Daniel O'Connor <darius@dons.net.au> wrote: > > > > > > > > On 8 Dec 2021, at 17:13, Gleb Popov <arrowd@freebsd.org> wrote: > > > I'm porting a software that does the following things on Linux: > > > > > > 1. Binds an abstract UDS (the socket name starts with '\0') > > > 2. Launches a "client" process. > > > 3. "Client" uses chroot() to constrain itself in a sort of jail. > > > 4. "Client" connects to the abstract UDS. > > > > > > From what I can tell, this works because abstract UDS's do not use the > > > filesystem namespace, which is why "client" can connect out of the > > > chroot'ed environment. > > > > > > What can I do to make this software work for FreeBSD? Simply using > > regular > > > UDS instead of abstract ones doesn't work for obvious reasons - the > > > "client" can't find the socket file. > > > > If the parent knows where the child will chroot it could create a unix > > domain socket under that directory somewhere. > > > > Same problem as above - there should be a single socket on the server side. Since socketpair() doesn't work in this case, why not just use a UDP socket bound to 127.0.0.1 ?