Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 21 Oct 2014, 12:49
All times are UTC - 4
 Forum index » Advanced Topics » Cutting edge
populating /dev from /sys
Moderators: Flash, Ian, JohnMurga
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 3 of 3 Posts_count   Goto page: Previous 1, 2, 3
Author Message
jamesbond

Joined: 26 Feb 2007
Posts: 2227
Location: The Blue Marble

PostPosted: Wed 15 May 2013, 07:21    Post_subject:  

Iguleder wrote:
jamesbond wrote:
... (not just for all devices).


Why not?

Well I don't speak for him, but the dev nodes you create inside lxc container (glorified chroot jail actually) depends on what you want to run inside it (for security reasons) Very Happy

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send_private_message 
Iguleder


Joined: 11 Aug 2009
Posts: 1922
Location: Israel, somewhere in the beautiful desert

PostPosted: Wed 15 May 2013, 07:24    Post_subject:  

I don't see how this improves security. You're still using the same kernel as the host - that's the main weakness of jails, compared to virtualization.

For example, if you want to ruin the first hard drive (in 99% of cases, that's sda1) from inside the chroot environment, just create the device node with mknod (by the way, you don't even need /sys to know the major and minor numbers, since their constant).

_________________
My homepage
Back to top
View user's profile Send_private_message Visit_website MSNM 
ICQ 
jamesbond

Joined: 26 Feb 2007
Posts: 2227
Location: The Blue Marble

PostPosted: Wed 15 May 2013, 07:50    Post_subject:  

Quote:
that's the main weakness of jails, compared to virtualization
Agreed. But security is always trade-off. It depends on your needs. Even full virtualisation (KVM / Xen and the like) can be broken into if one is desperate enough. By the way mknod doesn't work as non-root so once you enter the jail and drop privileges you can't just make new nodes.

Anyway, we are distracting from the original topic. We can carry on the discussion in a new thread if you wish.
If technosaurus wants to continue exploring ways of creating device nodes from /sys then so be it Very Happy

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send_private_message 
Karl Godt


Joined: 20 Jun 2010
Posts: 3972
Location: Kiel,Germany

PostPosted: Thu 16 May 2013, 11:45    Post_subject:  

Mine looks now as:
Code:
#!/bin/ash

exec 1>>/tmp/photplug.log 2>&1

eval `env`

[ "$ACTION" = add ] || exit

[ "$MODALIAS" ] && {
        [ -f /tmp/hotplug.modules ] || modprobe -c >/tmp/hotplug.modules
        MODS=`grep "^alias $MODALIAS" /tmp/hotplug.modules |awk '{print $3}' | sort -u`
        #OPTS=`grep "^options $MODALIAS" /tmp/hotplug.modules |cut -f3- -d' '`
        for m in $MODS ;do
        OPTS=`grep -m1 "^options $m" /tmp/hotplug.modules |cut -f3- -d' '`
        modprobe -b -v $m $OPTS
        done
        exit
}

[ "$MAJOR" -a "$MINOR" -a "$DEVNAME" -a "$SUBSYSTEM" ] && {

sed -n '/Block devices:/,$ p' /proc/devices | grep "$SUBSYSTEM" | awk '{print $1}' | grep -w "$MAJOR" && {
        [ -e /dev/$DEVNAME ] && exit
        DEV="/${DEVNAME}"
        mkdir -p "/dev/${DEV%/*}"
        mknod /dev/$DEVNAME b $MAJOR $MINOR
        exit $? ; }

sed -n '/Character devices:/,/Block devices:/p' /proc/devices | grep "$SUBSYSTEM" | awk '{print $1}' | grep -w "$MAJOR" && {
        [ -e /dev/$DEVNAME ] && exit
        DEV="/${DEVNAME}"
        mkdir -p "/dev/${DEV%/*}"
        mknod /dev/$DEVNAME c $MAJOR $MINOR
        exit $? ; }
}

Nice replacement for /sbin/pup_event_backend* files . Very Happy Have to test it though .

Could need help for the much to long lines
Code:
sed -n '/Character devices:/,/Block devices:/p' /proc/devices | grep "$SUBSYSTEM" | awk '{print $1}' | grep -w "$MAJOR"

I guess that can be done by awk alone .. Question

Edited_time_total
Back to top
View user's profile Send_private_message Visit_website 
Karl Godt


Joined: 20 Jun 2010
Posts: 3972
Location: Kiel,Germany

PostPosted: Thu 16 May 2013, 14:35    Post_subject:  

Above wasn't loading any modules .

This now worked >
Code:
[ "$MODALIAS" ] && {
        LIST=`modprobe -b -D "$MODALIAS" | sed 's%.*\(/.*\)\.k.*%\1%'`
        for m in $LIST ; do
        modprobe -b -v "${m##*/}"
        done
       
}

Have sound and everything Razz

If it is faster and less load , time will tell . Am running a Puppy-4.3 without /etc/modprobe.d .

2.6.30.9-i586-dpup005-Celeron2G and it's name comes from being compiled on a dpup by iguleder Very Happy

Adjustment to rc.sysinit >
Code:
if [ -x /sbin/photplug ] ; then
echo '/sbin/photplug' >/proc/sys/kernel/hotplug
#v405 udevd calls /sbin/pup_event_backend_modprobe, which needs this...#my intention is for puppy to work with either of these...
elif [ -x /sbin/udevd ];then  ##changed -f to -x
Back to top
View user's profile Send_private_message Visit_website 
Karl Godt


Joined: 20 Jun 2010
Posts: 3972
Location: Kiel,Germany

PostPosted: Fri 17 May 2013, 03:17    Post_subject:  

Today had no sound.
What was wrong ?
My grep for SUBSYSTEM grep MAJOR does not work when
14 sound
116 alsa
are set in /proc/devices.
SUBSYSTEM passed by the kernel for MAJOR 116 is sound not alsa.
working fix looks as
Code:
[ "$SUBSYSTEM" = sound ] && GPATTERN='alsa|sound' || GPATTERN="$SUBSYSTEM"
sed -n '/Character devices:/,/Block devices:/p' /proc/devices | grep -E "$GPATTERN" | awk '{print $1}' | grep -w "$MAJOR" && {

_________________
«Give me GUI or Death» -- I give you [[Xx]term[inal]] [[Cc]on[s][ole]] .
Macpup user since 2010 on full installations.
People who want problems with Puppy boot frugal Razz
Back to top
View user's profile Send_private_message Visit_website 
Karl Godt


Joined: 20 Jun 2010
Posts: 3972
Location: Kiel,Germany

PostPosted: Fri 17 May 2013, 08:12    Post_subject:  

Old kernels have no DEVNAME ..
modprobe -D is short for --show-depends but there a several BUGs in the common modprobe.c getopt line :
Code:
 while ((opt = getopt_long(argc, argv, "VvqLnsd:C:h:S:o:DRrclt:aiIbf", options, NULL)) != -1){ /* h: has to be rearranged ':' meaning has to follow an argument */

/sbin/modprobe-3.11.1 | -3.12 compiled suppressing warnings is what I am using.
modprobe -D also sometimes shows the install lines .

Working code :
Code:
#!/bin/ash

exec 1>>/tmp/photplug.log 2>&1
alias sed='busybox sed'
alias grep='busybox grep'
#alias awk='busybox awk' ##awk: applet not found

#eval `env`  ##/sbin/photplug: eval: line 1: =/bin/busybox_1.18.3_STATIC_upx9_648KB: not found
env
[ "$ACTION" = add ] || exit
echo $MODALIAS
[ "$MODALIAS" ] && {
        #eval `modprobe -b -D "$MODALIAS"| grep -vE '^install|^blacklist|^options'`
        #exit
        LIST=`modprobe -b -D "$MODALIAS" | grep -vE '^install|^blacklist|^options' | sed 's%.*\(/.*\)\.k.*%\1%'`
        for m in $LIST ; do
        modprobe -b -v "${m##*/}"
        done
       
}

[ "$MAJOR" -a "$MINOR" -a "$SUBSYSTEM" ] && { [ "$DEVNAME" -o "$DEVPATH" ] && {

[ "$DEVNAME" ] || DEVNAME="${SUBSYSTEM}/${DEVPATH##*/}"

sed -n '/Block devices:/,$ p' /proc/devices | grep "$SUBSYSTEM" | awk '{print $1}' | grep -w "$MAJOR" && {
        [ -e /dev/$DEVNAME ] && exit
        DEV="/${DEVNAME}"
        mkdir -p "/dev/${DEV%/*}"
        mknod /dev/$DEVNAME b $MAJOR $MINOR
        exit $? ; }
       
[ "$SUBSYSTEM" = sound ] && GPATTERN='alsa|sound' || GPATTERN="$SUBSYSTEM"
sed -n '/Character devices:/,/Block devices:/p' /proc/devices | grep -E "$GPATTERN" | awk '{print $1}' | grep -w "$MAJOR" && {
        [ -e /dev/$DEVNAME ] && exit
        DEV="/${DEVNAME}"
        mkdir -p "/dev/${DEV%/*}"
        mknod /dev/$DEVNAME c $MAJOR $MINOR
        exit $? ; }
 }
}


Load is double than before Confused :
xload_after.jpg
 Description   desktop start
 Filesize   7.44 KB
 Viewed   555 Time(s)

xload_after.jpg

Back to top
View user's profile Send_private_message Visit_website 
Karl Godt


Joined: 20 Jun 2010
Posts: 3972
Location: Kiel,Germany

PostPosted: Mon 03 Jun 2013, 09:38    Post_subject:  

myself wrote:
Load is double than before Confused :

Found the problem : rc.network tries to configure something on my new current machine and running it from rxvt the load climbs up from 0 to 2 Evil or Very Mad

Have disabled rc.network and now it's fine Very Happy .
Back to top
View user's profile Send_private_message Visit_website 
Karl Godt


Joined: 20 Jun 2010
Posts: 3972
Location: Kiel,Germany

PostPosted: Mon 09 Dec 2013, 12:44    Post_subject: Firmware loading  

Had first troubles with
02:00.0 Network controller: Ralink corp. RT5390 Wireless 802.11n 1T/1R PCIe
that needs rt2860.bin firmware
( not sure about the current state of my /usr/share/misc/pci.ids file )

Code:
test "$FIRMWARE" && {
echo -n 1 > /sys/$DEVPATH/loading

FIRMWAREBIN=`ls /lib/firmware/$FIRMWARE`
test "$FIRMWAREBIN" || FIRMWAREBIN=`ls /lib/firmware/*/$FIRMWARE`
test "$FIRMWAREBIN" || exit 1
test -f "$FIRMWAREBIN" || exit 1
echo "FIRMWAREBIN='$FIRMWAREBIN'"

cat "$FIRMWAREBIN" > /sys/$DEVPATH/data
if [ $? = 0 ]; then
    #echo -n  1 > /sys/$DEVPATH/loading
    #echo -n -1 > /sys/$DEVPATH/loading
    echo 0 >/sys/$DEVPATH/loading
else
echo "ERROR loading '$FIRMWAREBIN'"
fi
}

_________________
«Give me GUI or Death» -- I give you [[Xx]term[inal]] [[Cc]on[s][ole]] .
Macpup user since 2010 on full installations.
People who want problems with Puppy boot frugal Razz
Back to top
View user's profile Send_private_message Visit_website 
technosaurus


Joined: 18 May 2008
Posts: 4353

PostPosted: Sun 15 Dec 2013, 14:13    Post_subject:  

here are some more functions that may be useful for hotplugging:

Code:
moddir=/lib/modules/`uname -r`

loadmod(){ #$1=topdir $2=module name
   [ -f $1/$2.ko ] && insmod $1/$2.ko && return
   for x in $1/*;do
      [ -d $x ] && loadmod $x $2;
   done
}
#loadmod $moddir $1

loaddeps(){
   [ "$1" ] || return
   while read mod deps; do
      case $mod in
         */$1.ko:)for x in $deps; do [ "$x" ] && insmod $moddir/$x;done;;
      esac
   done < $moddir/modules.dep
}

loadfirmware(){
   [ "$FIRMWARE" ] || return
   echo 1 > "/sys/$DEVPATH/loading"
   fwdir=/lib/modules
   [ -f "$fwdir/$FIRMWARE" ] && cat "$fwdir/$FIRMWARE" > "/sys/$DEVPATH/data" && \
   echo 0 > "/sys/$DEVPATH/loading" &
   [ ! -f "$fwdir/$FIRMWARE" ] && echo -1 > "/sys/$DEVPATH/loading" && return 1
}

#MODALIAS='pci:v000014E4d00004301sv*sd*bc*sc*i*'
loadmodfromalias(){
   [ ! "$MODALIAS" ] && [ ! "$1" ] && return
   [ ! "$MODALIAS" ] && MODALIAS="$1"
   while read dummy alias module; do
      [ "$MODALIAS" == "$alias" ] && loaddeps $module && loadmod $moddir $module && return
   done < $moddir/modules.alias
   [ "$1" ]
}


note: my functions use insmod to load modules instead of the simpler modprobe ... insmod can be implemented in <5 lines of c
note2: it does not yet handle missing modules, my recommendation would be that if the module does not exist, to use the package manager to download and install it, but we don't split up our modules like that (yet)

_________________
Web Programming - Pet Packaging 100 & 101
Back to top
View user's profile Send_private_message 
Karl Godt


Joined: 20 Jun 2010
Posts: 3972
Location: Kiel,Germany

PostPosted: Tue 03 Jun 2014, 10:24    Post_subject:  Xorg configured with udev
Sub_title: disables keyboard and mouse
 

Yesterday I run into real trouble :

Xorg.0.log :
Quote:
[ 3298.493] (**) ModulePath set to "/usr/lib64/xorg/modules"
[ 3298.498] (WW) Hotplugging is on, devices using drivers 'kbd', 'mouse' or 'vmmouse' will be disabled.
[ 3298.500] (WW) Disabling Mouse0
[ 3298.502] (WW) Disabling Keyboard0

When no udev is running, Xorg s from binary builds may go to desktop but without input enabled .
No keys working to switch to terminal or quitting the Xorg server .

Am not sure what causes it , but I suspect udev dependencies :
Code:
commit a6273cc85c01fc020643a68e49ca4e7a2d2ae898
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Thu Jan 12 10:17:34 2012 +1000

    xfree86: mention udev in the xorg.conf manpage AutoAddDevices section
   
    And point out what "hotplugging" means.
   
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
    Reviewed-by: Julien Cristau <jcristau@debian.org>

Twisted Evil
Back to top
View user's profile Send_private_message Visit_website 
technosaurus


Joined: 18 May 2008
Posts: 4353

PostPosted: Tue 03 Jun 2014, 11:19    Post_subject:  

yes its on my to-do list to look into patching X to run properly without libudev (need to find the commit that added it), but in the mean time tinyxserver is a self sufficient replacement.
I think a standard device fallback for each input would be sufficient if another utility maps actual input devices to those standard ones (via symlinks or whatever).

_________________
Web Programming - Pet Packaging 100 & 101
Back to top
View user's profile Send_private_message 
jamesbond

Joined: 26 Feb 2007
Posts: 2227
Location: The Blue Marble

PostPosted: Tue 03 Jun 2014, 11:33    Post_subject: Re: Xorg configured with udev
Sub_title: disables keyboard and mouse
 

Karl Godt wrote:
When no udev is running, Xorg s from binary builds may go to desktop but without input enabled .
No keys working to switch to terminal or quitting the Xorg server .

Code:
Section "ServerFlags"
  Option "AutoAddDevices" "false"
  Option "DontZap" "false"
EndSection

Add this snippet to your xorg.conf, it should help. It forces Xorg to disable hotplugging and uses configuration sections on your xorg.conf.

@technosaurus - I'm interested if you can find how to remove udev dependency from Xorg but still be able to have hotplugging (using other means).

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send_private_message 
technosaurus


Joined: 18 May 2008
Posts: 4353

PostPosted: Tue 03 Jun 2014, 13:47    Post_subject:  

it previously used hal so I can look at that. I was thinking since they split the config files, an inotify-watch on that directory for added/changed events would be logical (kqueue for bsd) Then the hotplug handler only has to add/modify a file. This can be done in shell, c, or whatever.

It talks about getting input setup in the 1.8 and 1.9 release notes without udev btw

_________________
Web Programming - Pet Packaging 100 & 101
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 3 of 3 Posts_count   Goto page: Previous 1, 2, 3
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Advanced Topics » Cutting edge
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1074s ][ Queries: 13 (0.0053s) ][ GZIP on ]