diff options
| author | cinap_lenrek <cinap_lenrek@felloff.net> | 2022-12-18 13:45:31 +0000 |
|---|---|---|
| committer | cinap_lenrek <cinap_lenrek@felloff.net> | 2022-12-18 13:45:31 +0000 |
| commit | e0372c26e9263207fb9ede2b8d706e4f8cd24b7a (patch) | |
| tree | 011914beff271ee531f792d669ec63d97ccdcf55 | |
| parent | 0f0270cdd612d6bc7f065b5c25c4cfffc2c0bd87 (diff) | |
cwfs: remove noauth and nonone commans from fileserver console
The noauth and nonone commands are only valid in config mode.
The problem is that some people assumed that issuing the
noauth command in the runtime fileserver console would be
persistent across reboots, which is not the case.
To avoid this confusion, we remove these commands from the
fileserver console.
To still give a way to disable authentication at runtime,
define a authdisabled flag that can be toggled at runtime.
| -rw-r--r-- | sys/src/cmd/cwfs/9p2.c | 4 | ||||
| -rw-r--r-- | sys/src/cmd/cwfs/all.h | 4 | ||||
| -rw-r--r-- | sys/src/cmd/cwfs/con.c | 17 |
3 files changed, 6 insertions, 19 deletions
diff --git a/sys/src/cmd/cwfs/9p2.c b/sys/src/cmd/cwfs/9p2.c index 3745fff76..0239df5ad 100644 --- a/sys/src/cmd/cwfs/9p2.c +++ b/sys/src/cmd/cwfs/9p2.c @@ -184,7 +184,7 @@ auth(Chan* chan, Fcall* f, Fcall* r) Filsys *fs; int error; - if(noauth) + if(noauth || (cons.flags & authdisableflag) != 0) return Eauthdisabled; error = 0; @@ -237,7 +237,7 @@ authorize(Chan* chan, Fcall* f) db = cons.flags & authdebugflag; - if(noauth){ + if(noauth || (cons.flags & authdisableflag) != 0){ uid = strtouid(f->uname); if(db) fprint(2, "permission granted by noauth uid %s = %d\n", diff --git a/sys/src/cmd/cwfs/all.h b/sys/src/cmd/cwfs/all.h index 900113fbd..783781021 100644 --- a/sys/src/cmd/cwfs/all.h +++ b/sys/src/cmd/cwfs/all.h @@ -74,8 +74,10 @@ ulong roflag; ulong errorflag; ulong chatflag; ulong authdebugflag; +ulong authdisableflag; + int noattach; /* attach is disabled */ -int noauth; /* auth is disable */ +int noauth; /* auth is disabled */ int nonone; /* attach as none disabled */ int noatime; /* atime is disabled */ int noatimeset; /* noatime was changed (reset after dump) */ diff --git a/sys/src/cmd/cwfs/con.c b/sys/src/cmd/cwfs/con.c index 1d2e0c608..ed76c9703 100644 --- a/sys/src/cmd/cwfs/con.c +++ b/sys/src/cmd/cwfs/con.c @@ -730,20 +730,6 @@ cmd_time(int argc, char *argv[]) } void -cmd_noauth(int, char *[]) -{ - noauth = !noauth; - print("auth %s\n", noauth ? "disabled" : "enabled"); -} - -void -cmd_nonone(int, char *[]) -{ - nonone = !nonone; - print("none %s\n", nonone ? "disabled" : "enabled"); -} - -void cmd_noattach(int, char *[]) { noattach = !noattach; @@ -816,8 +802,6 @@ installcmds(void) cmd_install("who", "[user ...] -- print attaches", cmd_who); cmd_install("hangup", "chan -- clunk files", cmd_hangup); cmd_install("printconf", "-- print configuration", cmd_printconf); - cmd_install("noauth", "-- toggle noauth flag", cmd_noauth); - cmd_install("nonone", "-- toggle nonone flag", cmd_nonone); cmd_install("noattach", "-- toggle noattach flag", cmd_noattach); cmd_install("files", "-- report on files structure", cmd_files); @@ -825,6 +809,7 @@ installcmds(void) errorflag = flag_install("error", "-- on errors"); whoflag = flag_install("allchans", "-- on who"); authdebugflag = flag_install("authdebug", "-- report authentications"); + authdisableflag = flag_install("authdisable", "-- disable authentication"); } int |