[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r30161 - in gnunet: doc/man src/arm src/ats src/gns src/ide
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r30161 - in gnunet: doc/man src/arm src/ats src/gns src/identity src/namestore |
|
Date: |
Fri, 11 Oct 2013 18:09:56 +0200 |
Author: grothoff
Date: 2013-10-11 18:09:56 +0200 (Fri, 11 Oct 2013)
New Revision: 30161
Modified:
gnunet/doc/man/gnunet.conf.5
gnunet/src/arm/arm.conf.in
gnunet/src/arm/gnunet-service-arm.c
gnunet/src/ats/ats.conf.in
gnunet/src/gns/gns.conf.in
gnunet/src/identity/identity.conf.in
gnunet/src/namestore/namestore.conf.in
Log:
implementing #3064: enable split-personality ARM to run some services as
'gnunet' and others as grothoff, depending on level of personal information
available to the service
Modified: gnunet/doc/man/gnunet.conf.5
===================================================================
--- gnunet/doc/man/gnunet.conf.5 2013-10-11 16:09:18 UTC (rev 30160)
+++ gnunet/doc/man/gnunet.conf.5 2013-10-11 16:09:56 UTC (rev 30161)
@@ -36,7 +36,11 @@
If UNIX domain sockets are used, set this to YES if only users with the
same UID are allowed to access the service.
.IP UNIX_MATCH_GID
If UNIX domain sockets are used, set this to YES if only users with the
same GID are allowed to access the service.
+.IP USER_SERVICE
+ Set to YES if this service should be run per-user, NO if this is a system
service. End-users should never have to change the defaults GNUnet provides
for this option.
+
+
.SH ARM Options
This section is configuration for the automatic restart manager which is
responsible for launching services.
Modified: gnunet/src/arm/arm.conf.in
===================================================================
--- gnunet/src/arm/arm.conf.in 2013-10-11 16:09:18 UTC (rev 30160)
+++ gnunet/src/arm/arm.conf.in 2013-10-11 16:09:56 UTC (rev 30161)
@@ -17,6 +17,27 @@
# log files are preserved.
# GLOBAL_POSTFIX = -l $GNUNET_CACHE_HOME/{}-%Y-%m-%d.log
GLOBAL_PREFIX = @MONKEYPREFIX@
+
+# If set to YES, ARM will only start services that are marked as
+# system-level services (and we'll expect a second ARM to be
+# run per-user to run user-level services). Note that in this
+# case you must have manually created a different configuration
+# file with the user where at least this and the USER_ONLY
+# options differ.
+# SYSTEM_ONLY = YES
+
+# If set to YES, ARM will only start services that are marked as
+# per-user services (and we'll expect a system user to run ARM to
+# provide system-level services). Per-user services enable
+# better personalization and priviledge separation and in particular
+# ensures that personal data is stored under $HOME, which might
+# be important in a multi-user system (or if $HOME is encrypted
+# and /var/ is not).
+# USER_ONLY = YES
+
+
+
+# Name of the user that will be used to provide the service
# USERNAME =
# MAXBUF =
# TIMEOUT =
Modified: gnunet/src/arm/gnunet-service-arm.c
===================================================================
--- gnunet/src/arm/gnunet-service-arm.c 2013-10-11 16:09:18 UTC (rev 30160)
+++ gnunet/src/arm/gnunet-service-arm.c 2013-10-11 16:09:56 UTC (rev 30161)
@@ -36,6 +36,7 @@
*/
#define MAX_NOTIFY_QUEUE 1024
+
/**
* List of our services.
*/
@@ -159,7 +160,7 @@
/**
* Is this service to be started by default (or did a client tell us
explicitly
- * to start it)? GNUNET_NO if the service is started only upon 'accept' on a
+ * to start it)? #GNUNET_NO if the service is started only upon 'accept' on
a
* listen socket or possibly explicitly by a client changing the value.
*/
int is_default;
@@ -218,6 +219,16 @@
static int in_shutdown;
/**
+ * Are we starting user services?
+ */
+static int start_user = GNUNET_YES;
+
+/**
+ * Are we starting system services?
+ */
+static int start_system = GNUNET_YES;
+
+/**
* Handle to our server instance. Our server is a bit special in that
* its service is not immediately stopped once we get a shutdown
* request (since we need to continue service until all of our child
@@ -387,7 +398,9 @@
* being started. 0 if starting was not requested.
*/
static void
-start_process (struct ServiceList *sl, struct GNUNET_SERVER_Client *client,
uint64_t request_id)
+start_process (struct ServiceList *sl,
+ struct GNUNET_SERVER_Client *client,
+ uint64_t request_id)
{
char *loprefix;
char *options;
@@ -1273,6 +1286,19 @@
/* not a service section */
return;
}
+ if ((GNUNET_YES ==
+ GNUNET_CONFIGURATION_have_value (cfg, section, "USER_SERVICE")) &&
+ (GNUNET_YES ==
+ GNUNET_CONFIGURATION_get_value_yesno (cfg, section, "USER_SERVICE")))
+ {
+ if (GNUNET_NO == start_user)
+ return; /* user service, and we don't deal with those */
+ }
+ else
+ {
+ if (GNUNET_NO == start_system)
+ return; /* system service, and we don't deal with those */
+ }
sl = find_service (section);
if (NULL != sl)
{
@@ -1312,6 +1338,7 @@
sl->pipe_control = GNUNET_CONFIGURATION_get_value_yesno (cfg, section,
"PIPECONTROL");
#endif
GNUNET_CONTAINER_DLL_insert (running_head, running_tail, sl);
+
if (GNUNET_YES !=
GNUNET_CONFIGURATION_get_value_yesno (cfg, section, "AUTOSTART"))
return;
@@ -1409,7 +1436,20 @@
GNUNET_CONFIGURATION_get_value_string (cfg, "ARM", "GLOBAL_POSTFIX",
&final_option))
final_option = GNUNET_strdup ("");
-
+ if (GNUNET_YES ==
+ GNUNET_CONFIGURATION_get_value_yesno (cfg, "ARM", "USER_ONLY"))
+ {
+ GNUNET_break (GNUNET_YES == start_user);
+ start_system = GNUNET_NO;
+ return;
+ }
+ if (GNUNET_YES ==
+ GNUNET_CONFIGURATION_get_value_yesno (cfg, "ARM", "SYSTEM_ONLY"))
+ {
+ GNUNET_break (GNUNET_YES == start_system);
+ start_user = GNUNET_NO;
+ return;
+ }
GNUNET_CONFIGURATION_iterate_sections (cfg, &setup_service, NULL);
/* start default services... */
Modified: gnunet/src/ats/ats.conf.in
===================================================================
--- gnunet/src/ats/ats.conf.in 2013-10-11 16:09:18 UTC (rev 30160)
+++ gnunet/src/ats/ats.conf.in 2013-10-11 16:09:56 UTC (rev 30161)
@@ -10,7 +10,7 @@
UNIX_MATCH_GID = YES
# Designated assigment mode: PROPORTIONAL / MLP / RIL
-MODE = PROPORTIONAL
+MODE = PROPORTIONAL
# Network specific inbound/outbound quotas
UNSPECIFIED_QUOTA_IN = 64 KiB
@@ -41,7 +41,7 @@
# MLP defaults
# MLP_MAX_DURATION = 3 s
-# MLP_MAX_ITERATIONS = 1024
+# MLP_MAX_ITERATIONS = 1024
# MLP_COEFFICIENT_D = 1.0
# MLP_COEFFICIENT_U = 1.0
# MLP_COEFFICIENT_R = 1.0
@@ -51,7 +51,7 @@
# MLP Debugging settings
DUMP_MLP = NO
DUMP_SOLUTION = NO
-DUMP_OVERWRITE = NO
+DUMP_OVERWRITE = NO
DUMP_MIN_PEERS = 0
DUMP_MIN_ADDRS = 0
DUMP_OVERWRITE = NO
Modified: gnunet/src/gns/gns.conf.in
===================================================================
--- gnunet/src/gns/gns.conf.in 2013-10-11 16:09:18 UTC (rev 30160)
+++ gnunet/src/gns/gns.conf.in 2013-10-11 16:09:56 UTC (rev 30161)
@@ -23,6 +23,7 @@
[gns-proxy]
BINARY = gnunet-gns-proxy
AUTOSTART = NO
+USER_SERVICE = YES
# Where is the certificate for the GNS proxy stored?
PROXY_CACERT = $GNUNET_DATA_HOME/gns/gns_ca_cert.pem
@@ -32,6 +33,7 @@
[dns2gns]
BINARY = gnunet-dns2gns
AUTOSTART = NO
+USER_SERVICE = YES
# -d: DNS resolver to use, -s: suffix to use, -f: fcfs suffix to use
OPTIONS = -d 8.8.8.8
Modified: gnunet/src/identity/identity.conf.in
===================================================================
--- gnunet/src/identity/identity.conf.in 2013-10-11 16:09:18 UTC (rev
30160)
+++ gnunet/src/identity/identity.conf.in 2013-10-11 16:09:56 UTC (rev
30161)
@@ -1,5 +1,6 @@
[identity]
AUTOSTART = YES
+USER_SERVICE = YES
@address@hidden = 2108
HOSTNAME = localhost
BINARY = gnunet-service-identity
Modified: gnunet/src/namestore/namestore.conf.in
===================================================================
--- gnunet/src/namestore/namestore.conf.in 2013-10-11 16:09:18 UTC (rev
30160)
+++ gnunet/src/namestore/namestore.conf.in 2013-10-11 16:09:56 UTC (rev
30161)
@@ -1,5 +1,6 @@
[namestore]
AUTOSTART = YES
+USER_SERVICE = YES
UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-namestore.sock
UNIX_MATCH_UID = NO
UNIX_MATCH_GID = YES
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r30161 - in gnunet: doc/man src/arm src/ats src/gns src/identity src/namestore,
gnunet <=