Displaying 6 results from an estimated 6 matches for "nbdkit_peer_".
2020 Oct 03
0
[PATCH nbdkit v2 3/3] ocaml: Add bindings for nbdkit_peer_{pid, uid, gid}.
...it.mli
index ececd5fd..8abfeb49 100644
--- a/plugins/ocaml/NBDKit.mli
+++ b/plugins/ocaml/NBDKit.mli
@@ -162,3 +162,10 @@ val shutdown : unit -> unit
(** Print a debug message when nbdkit is in verbose mode. *)
val debug : ('a, unit, string, unit) format4 -> 'a
+
+(** Binding for [nbdkit_peer_pid]. *)
+val peer_pid : unit -> int
+(** Binding for [nbdkit_peer_uid]. *)
+val peer_uid : unit -> int
+(** Binding for [nbdkit_peer_gid]. *)
+val peer_gid : unit -> int
diff --git a/plugins/ocaml/NBDKit.ml b/plugins/ocaml/NBDKit.ml
index 739210fa..76fa3a77 100644
--- a/plugins/ocaml/NBDKi...
2020 Oct 05
2
Re: [PATCH nbdkit v2 3/3] ocaml: Add bindings for nbdkit_peer_{pid, uid, gid}.
...gt; --- a/plugins/ocaml/NBDKit.mli
> +++ b/plugins/ocaml/NBDKit.mli
> @@ -162,3 +162,10 @@ val shutdown : unit -> unit
>
> (** Print a debug message when nbdkit is in verbose mode. *)
> val debug : ('a, unit, string, unit) format4 -> 'a
> +
> +(** Binding for [nbdkit_peer_pid]. *)
> +val peer_pid : unit -> int
> +(** Binding for [nbdkit_peer_uid]. *)
> +val peer_uid : unit -> int
> +(** Binding for [nbdkit_peer_gid]. *)
> +val peer_gid : unit -> int
Is int sufficient on 32-bit platforms, or do you need int32? But on
64-bit platforms, I don...
2020 Oct 03
0
[PATCH nbdkit v2 2/3] ip: Add filtering by process ID, user ID and group ID.
.../')) != NULL) {
size_t pllen = &value[n] - &p[1];
@@ -401,6 +443,19 @@ matches_rule (const struct rule *rule,
sin6 = (struct sockaddr_in6 *) addr;
return ipv6_equal (sin6->sin6_addr, rule->u.ipv6, rule->prefixlen);
+ /* Note these work even if the underlying nbdkit_peer_* call fails. */
+ case PID:
+ if (family != AF_UNIX) return false;
+ return nbdkit_peer_pid () == rule->u.id;
+
+ case UID:
+ if (family != AF_UNIX) return false;
+ return nbdkit_peer_uid () == rule->u.id;
+
+ case GID:
+ if (family != AF_UNIX) return false;
+ return nbdk...
2020 Oct 03
2
[PATCH nbdkit 0/2] ip: Add filtering by process ID, user ID and group ID.
These two commits add new APIs and enhance nbdkit-ip-filter to allow
filtering of Unix domain sockets by the client's PID, UID or GID. eg:
nbdkit -U sock --filter=ip ... allow=uid:`id -u` deny=all
Rich.
2020 Oct 05
4
[PATCH nbdkit v3 0/4] ip: Add filtering by process ID, user ID and group ID.
v2 was here:
https://www.redhat.com/archives/libguestfs/2020-October/msg00019.html
v3:
* defence -> defense
* Use int64_t instead of int. This compiles on Windows.
* Add GC wrappers to OCaml bindings.
* New FreeBSD patch.
* Removed "pid:" example from the ip filter manual, and added a warning
beside the pid documentation.
Rich.
2020 Oct 03
7
[PATCH nbdkit v2 0/3] ip: Add filtering by process ID, user ID and group ID.
This is just a simple update to:
https://www.redhat.com/archives/libguestfs/2020-October/msg00015.html
rebased on top of current nbdkit master because I pushed a few simple
refactorings.
Rich.