[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: hurd does NOT need /hurd

On Tue, May 21, 2002 at 10:33:09AM -0400, Nathan Hawkins wrote:
> Jails are kind of like the translators. They're a kernel-specifc (or 
> whatever the Hurd is supposed to be) add-on.

Just to illuminate this a bit more.

The Hurd is not really an extension to something.  The Hurd is the system. 
The microkernel only provides the basic features of resource management,
like enforcing the scheduling policy and managing the pagemap.

Everything else, network, filesystems, signals, pipes, sockets, all of that
is in the Hurd.

But all of this is run as userland processes, and in lots of different
servers that communicate, cooperate, are replaced, run with different
permissions, start up or die.

The users can start all Hurd servers himself in a meaningful way, running a
second Hurd system beside the first.  Or he can just start individual
servers, use them in addition or instead the system default servers.

It requires a bit to get used to.

A jail is not anything like a translator, but a translator can be like a
jail.  You would start the translator that would provide a filesystem like a
jail provides.  And then you would set your root directory to be that of the
filesystem provided by this translator.  And then you can exec the program
you want to be in the jail.  However, this would only cover the chroot part. 
For example, to restrict which processes it can see and control, you need to
write a new process server, and make that process be the one used by the
program you exec.  That would cover the process part.  Other things that are
restricted in a way had to be implemented by proxy'ing more Hurd server
components.

For example, fakeroot in the Hurd consists of two parts, one part that fakes
a root user id (called fakeauth, because it is a proxy to the authentication
server), and one part that fakes the filesystem operations (the
/hurd/fakeroot translator). 

Together, they implement fakeroot.sh like this:

exec /bin/settrans --chroot \
     /bin/fakeauth /bin/sh -c "cd `pwd; exec $*" \
     -- / /hurd/fakeroot

--chroot makes the translator started to be the root and current directory
of the command following --chroot (up to the --).  This translator is
/hurd/fakeroot on the whole filesystem ("/" before /hurd/fakeroot).

The command run in this fakeroot filesystem is /bin/fakeauth /bin/sh ...
fakeauth itself runs the command following it with a faked auth server.

All this is in user space.  Nothing of this requires any specific kernel
level support.  All of the basic functionality required to use it is already
in the Hurd system, so the whole implementation of fakeroot does not need
any root privileges or changes to the existing system either.

I explained this so lengthy because hopefully it sheds some light on how the
Hurd works conceptionally, and why the Hurd is the system itself, and not an
extension to a kernel.  The Hurd itself can be extended by users in the same
way the Hurd works itself.

Thanks,
Marcus

-- 
`Rhubarb is no Egyptian god.' Debian http://www.debian.org brinkmd@debian.org
Marcus Brinkmann              GNU    http://www.gnu.org    marcus@gnu.org
Marcus.Brinkmann@ruhr-uni-bochum.de
http://www.marcus-brinkmann.de


-- 
To UNSUBSCRIBE, email to debian-hurd-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: