per thread credentials

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

per thread credentials

Jack Halford
hello,

Gandi.net has need of per-thread credentials for a file server. There
have been prior discussions in a thread[1] in 2009 and also a design[2]
has been written out on the wiki in 2011. I'm in the process of
implementing this design.

Before posting my patch to reviews I'd like know if I've missed any
discussion on the subject since the design I'm basing myself on is quite
old (some of the points are now irrelevant after 7 years). Also maybe
someone knows why this was never implemented in the first place?

[1] https://lists.freebsd.org/pipermail/freebsd-arch/2009-May/009300.html
[2] https://wiki.freebsd.org/Per-Thread%20Credentials
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-arch
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: per thread credentials

Conrad Meyer-2
On Fri, Dec 7, 2018 at 2:37 AM Jack Halford <[hidden email]> wrote:

>
> hello,
>
> Gandi.net has need of per-thread credentials for a file server. There
> have been prior discussions in a thread[1] in 2009 and also a design[2]
> has been written out on the wiki in 2011. I'm in the process of
> implementing this design.
>...
>
> [1] https://lists.freebsd.org/pipermail/freebsd-arch/2009-May/009300.html
> [2] https://wiki.freebsd.org/Per-Thread%20Credentials

Both of these came out of Isilon.  I think we ended up with special
credential file descriptors, rather than using uid_t's and gid_t's
directly, because of a need for compatibility with arbitrary Windows
LDAP users ("SID"s?) not present in the local id database.

I can't speak to why it didn't land before — I wasn't really around
for that, and there's a 50-50 chance we just didn't want to put in the
effort — but we still use something similar now.  Zach Loafman left
the company long ago and hasn't been an active FreeBSD committer in
quite some time, and ditto mdf@.  Committers at Isilon now are me,
bdrewery@, vangyzen@, dab@, rstone@, and pho@, but none of us are
really involved with what Isilon calls "AIMA" (Authentication,
Identity Management, Authorization).

The APIs we use today look like:

663     AUE_NULL        STD     { int modifytcred2(int fd, \
                                    struct native_token *token, \
                                    int flags); }
664     AUE_NULL        STD     { int modifytcred(int fd1, int fd2, \
                                    int flags); }
665     AUE_NULL        STD     { int accesstcred(char *path, int flags, \
                                    int fd); }
666     AUE_NULL        STD     { int buildtcred(struct native_token *token, \
                                    int current); }
667     AUE_NULL        STD     { int gettcred(char *user, int thread); }
668     AUE_NULL        STD     { int settcred(int fd, int flags, \
                                    struct native_token *token); }
669     AUE_NULL        STD     { int reverttcred(void); }
670     AUE_NULL        STD     { int restricttcred(int fd, struct
native_token *token); }

Best,
Conrad
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-arch
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: Re: per thread credentials

Jack Halford
>On 07/12 08:53, Conrad Meyer wrote:
>Both of these came out of Isilon.  I think we ended up with special
>credential file descriptors, rather than using uid_t's and gid_t's
>directly, because of a need for compatibility with arbitrary Windows
>LDAP users ("SID"s?) not present in the local id database.

Thanks for the reply, as far as i can tell we are more interested in the
design that was posted initially. So I'll go ahead and submit that for review.

Best,
Jack
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-arch
To unsubscribe, send any mail to "[hidden email]"