Hi,
I want to develop a filesystem driver. It will be able to access SMB
shares without mountnig.
I'll do a daemon that use libsmbclient from Samba 3.0 that do all the
dirty stuff (getting the available domains, authenticating, getting
files, etc...) and a device driver that will be a filesystem driver. The
driver should communicate with the daemon to ask him about shares,
machines, domains, etc...
The idea is:
- the daemon should be started by "/etc/init.d/browser start" at beginning
- The daemon loads the driver into the kernel
- The daemon then mounts the filesystem on /smb using the filesystem
provided by the driver
- The driver waits for file requests on /smb to serve them
The hierarchy will be :
/smb --|-- WG1 --|-- Machine1 --|-- Share1
| | |-- Share2
| |-- Machine2 --|-- Share1
| |-- Share2
| |-- Share3
|
|-- WG2 --|-- Machine3 --|-- Share1
|-- DOM1 --|-- Machine4 --|-- etc...
|-- DOM2 --|-- Machine5
Then the user access /smb/WG2/Machine38/Share12/Dir1/File2
Cool, no?
The authentication is done externally from the kernel, by a userland
process or PAM (a kerberos ticket is gotten from the Domain controller
or Samba PDC). Then the daemon uses that info to authenticate in the
domain. If no auth info is available, then it's authenticated as Guest.
My question:
what is the best/easy way to make a kernel driver communicate with
userland? Is it via UNIX socket? Or ioctl? Shared memory? Else?
Thanks for any idea.
-jec
Jean-Eric Cuendet wrote:
> Hi,
> I want to develop a filesystem driver. It will be able to access SMB
> shares without mountnig.
> I'll do a daemon that use libsmbclient from Samba 3.0 that do all the
> dirty stuff (getting the available domains, authenticating, getting
> files, etc...) and a device driver that will be a filesystem driver.
> The driver should communicate with the daemon to ask him about shares,
> machines, domains, etc...
>
> The idea is:
> - the daemon should be started by "/etc/init.d/browser start" at
> beginning
> - The daemon loads the driver into the kernel
> - The daemon then mounts the filesystem on /smb using the filesystem
> provided by the driver
> - The driver waits for file requests on /smb to serve them
> The hierarchy will be :
>
> /smb --|-- WG1 --|-- Machine1 --|-- Share1
> | | |-- Share2
> | |-- Machine2 --|-- Share1
> | |-- Share2
> | |-- Share3
> |
> |-- WG2 --|-- Machine3 --|-- Share1
> |-- DOM1 --|-- Machine4 --|-- etc...
> |-- DOM2 --|-- Machine5
>
> Then the user access /smb/WG2/Machine38/Share12/Dir1/File2
> Cool, no?
I see some shortcomings :
How will you handle multiple users ?
Janice and Bob have accounts on the Linux client and both want to have
access at the same time to their [Home] for example :
|-- DOM1 --|-- Machine4--|--[Home]
How will you handle users with multiple logins on a Domain/Machine ?
Maybe you'd be better starting with something like :
local_user_home_directory--|--smb--|--login--|--WGx/DOMy--|....
user's could provide something like a ".smbwalker.config"
with lines like
login_to_try how_to_get_credential
local_user_home_directory--|--smb could be mounted by automount or
mounted/umounted on first login/end of last session
LB
>
>
>> Then the user access /smb/WG2/Machine38/Share12/Dir1/File2
>> Cool, no?
>
> I see some shortcomings :
>
> How will you handle multiple users ?
> Janice and Bob have accounts on the Linux client and both want to have
> access at the same time to their [Home] for example :
> |-- DOM1 --|-- Machine4--|--[Home]
To access files on the server share, the client must send authentication
tockens. This should be send by the daemon and must be get from a file
on the disk that each user shuold have (the kerberos ticket got by PAM).
If no file (or invalid one) is available, then it should be accessed as
guest.
> How will you handle users with multiple logins on a Domain/Machine ?
The user will already been logged on ONE domain controller.
> Maybe you'd be better starting with something like :
>
> local_user_home_directory--|--smb--|--login--|--WGx/DOMy--|....
I don't understand why a per-user directory tree should be needed. A
per-machine tree should be enough.
This doesn't answer my question:
How do I communicate between a kernel driver and a userspace program?
What is the best method in terms of:
- simplicity (first implementation)
- efficacity (second implementation, performance oriented)
Is it viy UNIX sockets?
Is it ioctls?
Or shared memory?
Thanks.
-jec
>
>
> Isn't that what does Sharity ? Ok, it's not open-source, but if
>you never heard of that program give it a try, it may help you to define
>your implementation...
Yes, sharity does exactly what I'd like to do!
But it's not free...
I remarked that there is no kernel module loaded, just a daemon and an
[rpciod] kernel thread that started just after the daemon. I see that in
the "ps -ef" list.
I think that means that the daemon communicate with the rpciod (what is
this beast exactly?) to provide filesystem informations.
How do we do that? What are the principles behind that? What are the
needed calls?
Thanks
-jec
On Saturday 31 August 2002 12:23, Jean-Eric Cuendet wrote:
> To access files on the server share, the client must send authentication
> tockens. This should be send by the daemon and must be get from a file
> on the disk that each user shuold have (the kerberos ticket got by PAM).
> If no file (or invalid one) is available, then it should be accessed as
> guest.
And if they're using shadow passwords and not PAM?
> > How will you handle users with multiple logins on a Domain/Machine ?
>
> The user will already been logged on ONE domain controller.
And if they're not using an LM Domain?
Sorry, but I don't know anything about writing drivers under Linux yet...just
starting so I can get voice over IP working on a proprietary card. However,
I thought I'd interject some ideas, to give you some ideas on how to improve
the initial ideas. It sounds useful, but even in my highly unspecialized
environment, it wouldn't work because I don't use a domain controller, and I
don't use shadow passwords, not PAM.
Most of the machines on our network use Slackware (which doesn't use PAM), and
they're running on a Windows workgroup, not a domain.
On Sat, 2002-08-31 at 13:30, Jean-Eric Cuendet wrote:
> Hi,
> I want to develop a filesystem driver. It will be able to access SMB
> shares without mountnig.
> I'll do a daemon that use libsmbclient from Samba 3.0 that do all the
> dirty stuff (getting the available domains, authenticating, getting
> files, etc...) and a device driver that will be a filesystem driver. The
> driver should communicate with the daemon to ask him about shares,
> machines, domains, etc...
People who reinvent the wheel usually end up making it square.
>
> The idea is:
> - the daemon should be started by "/etc/init.d/browser start" at beginning
> - The daemon loads the driver into the kernel
> - The daemon then mounts the filesystem on /smb using the filesystem
> provided by the driver
> - The driver waits for file requests on /smb to serve them
> The hierarchy will be :
>
> /smb --|-- WG1 --|-- Machine1 --|-- Share1
> | | |-- Share2
> | |-- Machine2 --|-- Share1
> | |-- Share2
> | |-- Share3
> |
> |-- WG2 --|-- Machine3 --|-- Share1
> |-- DOM1 --|-- Machine4 --|-- etc...
> |-- DOM2 --|-- Machine5
>
> Then the user access /smb/WG2/Machine38/Share12/Dir1/File2
> Cool, no?
>
> The authentication is done externally from the kernel, by a userland
> process or PAM (a kerberos ticket is gotten from the Domain controller
> or Samba PDC). Then the daemon uses that info to authenticate in the
> domain. If no auth info is available, then it's authenticated as Guest.
>
> My question:
> what is the best/easy way to make a kernel driver communicate with
> userland? Is it via UNIX socket? Or ioctl? Shared memory? Else?
>
> Thanks for any idea.
> -jec
>
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
Gilad Ben-Yossef <[email protected]>
http://benyossef.com
"Money talks, bullshit walks and GNU awks."
-- Shachar "Sun" Shemesh, debt collector for the GNU/Yakuza
On Sat, 2002-08-31 at 13:30, Jean-Eric Cuendet wrote:
> Hi,
> I want to develop a filesystem driver. It will be able to access SMB
> shares without mountnig.
> I'll do a daemon that use libsmbclient from Samba 3.0 that do all the
> dirty stuff (getting the available domains, authenticating, getting
> files, etc...) and a device driver that will be a filesystem driver. The
> driver should communicate with the daemon to ask him about shares,
> machines, domains, etc...
People who reinvent the wheel usually end up with a square one :-)
lufs is a User Land Filesystem for Linux -
http://lufs.sourceforge.net/
Share && Enjoy,
Gilad.
--
Gilad Ben-Yossef <[email protected]>
http://benyossef.com
"Money talks, bullshit walks and GNU awks."
-- Shachar "Sun" Shemesh, debt collector for the GNU/Yakuza