RFC rawpipe
Volker Lendecke
Volker.Lendecke at SerNet.DE
Mon May 30 06:33:31 UTC 2016
On Thu, May 26, 2016 at 11:45:55AM +0100, Noel Power wrote:
> Hi,
> I'm trying once again to get my head around the WSP stuff, one of the
> prerequisites for that is working with rawpipes, some time ago I posted
> some patches around dealing with such rawpipes that was too heavy weight
> (see
> https://lists.samba.org/archive/samba-technical/2014-July/100884.html)
> See attached patches that attempt to rework this,
First of all -- it's great that you start working on this again, trying
to get it upstream! If my comments below turn out to be too hard to work
upon, I'd much prefer to get WSP in ignoring my whining than to delay
it indefinitely!
Question -- do we really want "internal" raw pipes? My preference would
be to move as much as possible out of the core smbd blob. Would it be
possible to have two backends for named pipes only in smbd? One for
the existing RPC infrastructure (that eventually needs to move out to
pure transport too), and the other one for a pure unix domain socket
transport. I know that there's more to named pipes than just a stream
of bytes, named pipes can be message-boundary preserving, so we need to
define a protocol on that unix domain socket. Also, we need to solve the
problem of authentication tokens passed to the named pipe server, so it
might not be just as simple as it first looks. But I would prefer not
to add another name_pipe_server_details VFS-like structure, if possible.
I'm absolutely not against putting more code into Samba, but if possible
I would really prefer separate small binaries that provide services over
wellknown IPC mechanisms. Privilege separation, better crash resiliency,
much easier to make async etc. Samba does have quite an elaborate set
of infrastructure to build upon, so that's handy, but smbd is already
overloaded and needs to be put on a diet.
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
SerNet & BSI laden ein: 29. Juni 2016,
2. IT-Grundschutztag 2016, BPA Berlin.
Anmeldung: https://www.sernet.de/gstag
More information about the samba-technical
mailing list