Author |
Message |
jamesbond
Joined: 26 Feb 2007 Posts: 3218 Location: The Blue Marble
|
Posted: Wed 15 May 2013, 07:21 Post subject:
|
|
Iguleder wrote: | jamesbond wrote: | ... (not just for all devices). |
Why not? |
Well I don't speak for him, but the dev nodes you create inside lxc container (glorified chroot jail actually) depends on what you want to run inside it (for security reasons)
_________________ Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread.
|
Back to top
|
|
 |
Iguleder

Joined: 11 Aug 2009 Posts: 2031 Location: Israel, somewhere in the beautiful desert
|
Posted: Wed 15 May 2013, 07:24 Post subject:
|
|
I don't see how this improves security. You're still using the same kernel as the host - that's the main weakness of jails, compared to virtualization.
For example, if you want to ruin the first hard drive (in 99% of cases, that's sda1) from inside the chroot environment, just create the device node with mknod (by the way, you don't even need /sys to know the major and minor numbers, since their constant).
_________________ My homepage
My GitHub profile
|
Back to top
|
|
 |
jamesbond
Joined: 26 Feb 2007 Posts: 3218 Location: The Blue Marble
|
Posted: Wed 15 May 2013, 07:50 Post subject:
|
|
Quote: | that's the main weakness of jails, compared to virtualization | Agreed. But security is always trade-off. It depends on your needs. Even full virtualisation (KVM / Xen and the like) can be broken into if one is desperate enough. By the way mknod doesn't work as non-root so once you enter the jail and drop privileges you can't just make new nodes.
Anyway, we are distracting from the original topic. We can carry on the discussion in a new thread if you wish.
If technosaurus wants to continue exploring ways of creating device nodes from /sys then so be it
_________________ Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread.
|
Back to top
|
|
 |
Karl Godt

Joined: 20 Jun 2010 Posts: 4208 Location: Kiel,Germany
|
Posted: Thu 16 May 2013, 11:45 Post subject:
|
|
Mine looks now as:
Code: | #!/bin/ash
exec 1>>/tmp/photplug.log 2>&1
eval `env`
[ "$ACTION" = add ] || exit
[ "$MODALIAS" ] && {
[ -f /tmp/hotplug.modules ] || modprobe -c >/tmp/hotplug.modules
MODS=`grep "^alias $MODALIAS" /tmp/hotplug.modules |awk '{print $3}' | sort -u`
#OPTS=`grep "^options $MODALIAS" /tmp/hotplug.modules |cut -f3- -d' '`
for m in $MODS ;do
OPTS=`grep -m1 "^options $m" /tmp/hotplug.modules |cut -f3- -d' '`
modprobe -b -v $m $OPTS
done
exit
}
[ "$MAJOR" -a "$MINOR" -a "$DEVNAME" -a "$SUBSYSTEM" ] && {
sed -n '/Block devices:/,$ p' /proc/devices | grep "$SUBSYSTEM" | awk '{print $1}' | grep -w "$MAJOR" && {
[ -e /dev/$DEVNAME ] && exit
DEV="/${DEVNAME}"
mkdir -p "/dev/${DEV%/*}"
mknod /dev/$DEVNAME b $MAJOR $MINOR
exit $? ; }
sed -n '/Character devices:/,/Block devices:/p' /proc/devices | grep "$SUBSYSTEM" | awk '{print $1}' | grep -w "$MAJOR" && {
[ -e /dev/$DEVNAME ] && exit
DEV="/${DEVNAME}"
mkdir -p "/dev/${DEV%/*}"
mknod /dev/$DEVNAME c $MAJOR $MINOR
exit $? ; }
}
|
Nice replacement for /sbin/pup_event_backend* files . Have to test it though .
Could need help for the much to long lines
Code: | sed -n '/Character devices:/,/Block devices:/p' /proc/devices | grep "$SUBSYSTEM" | awk '{print $1}' | grep -w "$MAJOR" |
I guess that can be done by awk alone ..
Last edited by Karl Godt on Fri 17 May 2013, 08:13; edited 1 time in total
|
Back to top
|
|
 |
Karl Godt

Joined: 20 Jun 2010 Posts: 4208 Location: Kiel,Germany
|
Posted: Thu 16 May 2013, 14:35 Post subject:
|
|
Above wasn't loading any modules .
This now worked >
Code: | [ "$MODALIAS" ] && {
LIST=`modprobe -b -D "$MODALIAS" | sed 's%.*\(/.*\)\.k.*%\1%'`
for m in $LIST ; do
modprobe -b -v "${m##*/}"
done
} |
Have sound and everything
If it is faster and less load , time will tell . Am running a Puppy-4.3 without /etc/modprobe.d .
2.6.30.9-i586-dpup005-Celeron2G and it's name comes from being compiled on a dpup by iguleder
Adjustment to rc.sysinit >
Code: | if [ -x /sbin/photplug ] ; then
echo '/sbin/photplug' >/proc/sys/kernel/hotplug
#v405 udevd calls /sbin/pup_event_backend_modprobe, which needs this...#my intention is for puppy to work with either of these...
elif [ -x /sbin/udevd ];then ##changed -f to -x |
|
Back to top
|
|
 |
Karl Godt

Joined: 20 Jun 2010 Posts: 4208 Location: Kiel,Germany
|
Posted: Fri 17 May 2013, 03:17 Post subject:
|
|
Today had no sound.
What was wrong ?
My grep for SUBSYSTEM grep MAJOR does not work when
14 sound
116 alsa
are set in /proc/devices.
SUBSYSTEM passed by the kernel for MAJOR 116 is sound not alsa.
working fix looks as
Code: | [ "$SUBSYSTEM" = sound ] && GPATTERN='alsa|sound' || GPATTERN="$SUBSYSTEM"
sed -n '/Character devices:/,/Block devices:/p' /proc/devices | grep -E "$GPATTERN" | awk '{print $1}' | grep -w "$MAJOR" && { |
_________________ «Give me GUI or Death» -- I give you [[Xx]term[inal]] [[Cc]on[s][ole]] .
Macpup user since 2010 on full installations.
People who want problems with Puppy boot frugal 
|
Back to top
|
|
 |
Karl Godt

Joined: 20 Jun 2010 Posts: 4208 Location: Kiel,Germany
|
Posted: Fri 17 May 2013, 08:12 Post subject:
|
|
Old kernels have no DEVNAME ..
modprobe -D is short for --show-depends but there a several BUGs in the common modprobe.c getopt line :
Code: | while ((opt = getopt_long(argc, argv, "VvqLnsd:C:h:S:o:DRrclt:aiIbf", options, NULL)) != -1){ /* h: has to be rearranged ':' meaning has to follow an argument */ |
/sbin/modprobe-3.11.1 | -3.12 compiled suppressing warnings is what I am using.
modprobe -D also sometimes shows the install lines .
Working code :
Code: | #!/bin/ash
exec 1>>/tmp/photplug.log 2>&1
alias sed='busybox sed'
alias grep='busybox grep'
#alias awk='busybox awk' ##awk: applet not found
#eval `env` ##/sbin/photplug: eval: line 1: =/bin/busybox_1.18.3_STATIC_upx9_648KB: not found
env
[ "$ACTION" = add ] || exit
echo $MODALIAS
[ "$MODALIAS" ] && {
#eval `modprobe -b -D "$MODALIAS"| grep -vE '^install|^blacklist|^options'`
#exit
LIST=`modprobe -b -D "$MODALIAS" | grep -vE '^install|^blacklist|^options' | sed 's%.*\(/.*\)\.k.*%\1%'`
for m in $LIST ; do
modprobe -b -v "${m##*/}"
done
}
[ "$MAJOR" -a "$MINOR" -a "$SUBSYSTEM" ] && { [ "$DEVNAME" -o "$DEVPATH" ] && {
[ "$DEVNAME" ] || DEVNAME="${SUBSYSTEM}/${DEVPATH##*/}"
sed -n '/Block devices:/,$ p' /proc/devices | grep "$SUBSYSTEM" | awk '{print $1}' | grep -w "$MAJOR" && {
[ -e /dev/$DEVNAME ] && exit
DEV="/${DEVNAME}"
mkdir -p "/dev/${DEV%/*}"
mknod /dev/$DEVNAME b $MAJOR $MINOR
exit $? ; }
[ "$SUBSYSTEM" = sound ] && GPATTERN='alsa|sound' || GPATTERN="$SUBSYSTEM"
sed -n '/Character devices:/,/Block devices:/p' /proc/devices | grep -E "$GPATTERN" | awk '{print $1}' | grep -w "$MAJOR" && {
[ -e /dev/$DEVNAME ] && exit
DEV="/${DEVNAME}"
mkdir -p "/dev/${DEV%/*}"
mknod /dev/$DEVNAME c $MAJOR $MINOR
exit $? ; }
}
} |
Load is double than before :
Description |
desktop start |
Filesize |
7.44 KB |
Viewed |
1063 Time(s) |

|
|
Back to top
|
|
 |
Karl Godt

Joined: 20 Jun 2010 Posts: 4208 Location: Kiel,Germany
|
Posted: Mon 03 Jun 2013, 09:38 Post subject:
|
|
myself wrote: | Load is double than before Confused : |
Found the problem : rc.network tries to configure something on my new current machine and running it from rxvt the load climbs up from 0 to 2
Have disabled rc.network and now it's fine .
|
Back to top
|
|
 |
Karl Godt

Joined: 20 Jun 2010 Posts: 4208 Location: Kiel,Germany
|
Posted: Mon 09 Dec 2013, 12:44 Post subject:
Firmware loading |
|
Had first troubles with
02:00.0 Network controller: Ralink corp. RT5390 Wireless 802.11n 1T/1R PCIe
that needs rt2860.bin firmware
( not sure about the current state of my /usr/share/misc/pci.ids file )
Code: | test "$FIRMWARE" && {
echo -n 1 > /sys/$DEVPATH/loading
FIRMWAREBIN=`ls /lib/firmware/$FIRMWARE`
test "$FIRMWAREBIN" || FIRMWAREBIN=`ls /lib/firmware/*/$FIRMWARE`
test "$FIRMWAREBIN" || exit 1
test -f "$FIRMWAREBIN" || exit 1
echo "FIRMWAREBIN='$FIRMWAREBIN'"
cat "$FIRMWAREBIN" > /sys/$DEVPATH/data
if [ $? = 0 ]; then
#echo -n 1 > /sys/$DEVPATH/loading
#echo -n -1 > /sys/$DEVPATH/loading
echo 0 >/sys/$DEVPATH/loading
else
echo "ERROR loading '$FIRMWAREBIN'"
fi
} |
_________________ «Give me GUI or Death» -- I give you [[Xx]term[inal]] [[Cc]on[s][ole]] .
Macpup user since 2010 on full installations.
People who want problems with Puppy boot frugal 
|
Back to top
|
|
 |
technosaurus

Joined: 18 May 2008 Posts: 4850 Location: Blue Springs, MO
|
Posted: Sun 15 Dec 2013, 14:13 Post subject:
|
|
here are some more functions that may be useful for hotplugging:
Code: | moddir=/lib/modules/`uname -r`
loadmod(){ #$1=topdir $2=module name
[ -f $1/$2.ko ] && insmod $1/$2.ko && return
for x in $1/*;do
[ -d $x ] && loadmod $x $2;
done
}
#loadmod $moddir $1
loaddeps(){
[ "$1" ] || return
while read mod deps; do
case $mod in
*/$1.ko:)for x in $deps; do [ "$x" ] && insmod $moddir/$x;done;;
esac
done < $moddir/modules.dep
}
loadfirmware(){
[ "$FIRMWARE" ] || return
echo 1 > "/sys/$DEVPATH/loading"
fwdir=/lib/modules
[ -f "$fwdir/$FIRMWARE" ] && cat "$fwdir/$FIRMWARE" > "/sys/$DEVPATH/data" && \
echo 0 > "/sys/$DEVPATH/loading" &
[ ! -f "$fwdir/$FIRMWARE" ] && echo -1 > "/sys/$DEVPATH/loading" && return 1
}
#MODALIAS='pci:v000014E4d00004301sv*sd*bc*sc*i*'
loadmodfromalias(){
[ ! "$MODALIAS" ] && [ ! "$1" ] && return
[ ! "$MODALIAS" ] && MODALIAS="$1"
while read dummy alias module; do
[ "$MODALIAS" == "$alias" ] && loaddeps $module && loadmod $moddir $module && return
done < $moddir/modules.alias
[ "$1" ]
} |
note: my functions use insmod to load modules instead of the simpler modprobe ... insmod can be implemented in <5 lines of c
note2: it does not yet handle missing modules, my recommendation would be that if the module does not exist, to use the package manager to download and install it, but we don't split up our modules like that (yet)
_________________ Check out my github repositories. I may eventually get around to updating my blogspot.
|
Back to top
|
|
 |
Karl Godt

Joined: 20 Jun 2010 Posts: 4208 Location: Kiel,Germany
|
Posted: Tue 03 Jun 2014, 10:24 Post subject:
Xorg configured with udev Subject description: disables keyboard and mouse |
|
Yesterday I run into real trouble :
Xorg.0.log :
Quote: | [ 3298.493] (**) ModulePath set to "/usr/lib64/xorg/modules"
[ 3298.498] (WW) Hotplugging is on, devices using drivers 'kbd', 'mouse' or 'vmmouse' will be disabled.
[ 3298.500] (WW) Disabling Mouse0
[ 3298.502] (WW) Disabling Keyboard0 |
When no udev is running, Xorg s from binary builds may go to desktop but without input enabled .
No keys working to switch to terminal or quitting the Xorg server .
Am not sure what causes it , but I suspect udev dependencies :
Code: | commit a6273cc85c01fc020643a68e49ca4e7a2d2ae898
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Thu Jan 12 10:17:34 2012 +1000
xfree86: mention udev in the xorg.conf manpage AutoAddDevices section
And point out what "hotplugging" means.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Julien Cristau <jcristau@debian.org> |
|
Back to top
|
|
 |
technosaurus

Joined: 18 May 2008 Posts: 4850 Location: Blue Springs, MO
|
Posted: Tue 03 Jun 2014, 11:19 Post subject:
|
|
yes its on my to-do list to look into patching X to run properly without libudev (need to find the commit that added it), but in the mean time tinyxserver is a self sufficient replacement.
I think a standard device fallback for each input would be sufficient if another utility maps actual input devices to those standard ones (via symlinks or whatever).
_________________ Check out my github repositories. I may eventually get around to updating my blogspot.
|
Back to top
|
|
 |
jamesbond
Joined: 26 Feb 2007 Posts: 3218 Location: The Blue Marble
|
Posted: Tue 03 Jun 2014, 11:33 Post subject:
Re: Xorg configured with udev Subject description: disables keyboard and mouse |
|
Karl Godt wrote: | When no udev is running, Xorg s from binary builds may go to desktop but without input enabled .
No keys working to switch to terminal or quitting the Xorg server . |
Code: | Section "ServerFlags"
Option "AutoAddDevices" "false"
Option "DontZap" "false"
EndSection
|
Add this snippet to your xorg.conf, it should help. It forces Xorg to disable hotplugging and uses configuration sections on your xorg.conf.
@technosaurus - I'm interested if you can find how to remove udev dependency from Xorg but still be able to have hotplugging (using other means).
_________________ Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread.
|
Back to top
|
|
 |
technosaurus

Joined: 18 May 2008 Posts: 4850 Location: Blue Springs, MO
|
Posted: Tue 03 Jun 2014, 13:47 Post subject:
|
|
it previously used hal so I can look at that. I was thinking since they split the config files, an inotify-watch on that directory for added/changed events would be logical (kqueue for bsd) Then the hotplug handler only has to add/modify a file. This can be done in shell, c, or whatever.
It talks about getting input setup in the 1.8 and 1.9 release notes without udev btw
_________________ Check out my github repositories. I may eventually get around to updating my blogspot.
|
Back to top
|
|
 |
Ibidem
Joined: 25 May 2010 Posts: 553 Location: State of Jefferson
|
Posted: Thu 22 Jan 2015, 14:21 Post subject:
|
|
FYI, I've written an experimental library intended to use as a fallback/replacement for some of the features libudev offers.
Right now it only will map a device to a sysfs directory and get the PCI IDs if they're available.
Source is over at https://github.com/idunham/libsysdev; the first port of anything to use it is https://github.com/idunham/xf86-input-evdev, branch sysdev
The API is intended to make porting Mesa to it simple.
There's no "listen for events" code, though. I might see about something to make it easy to listen to inotify events in /dev/input and /dev/block or /dev/disk.
|
Back to top
|
|
 |
|