| Message ID | 20180829172409.18064-2-axel@tty0.ch (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | btrfs-progs: build distinct binaries for specific btrfs subcommands | expand |
On 2018/08/30 2:24, Axel Burri wrote: > Create separate binaries for each subcommand ("btrfs foo bar"). > Least invasive approach, generate c-files for each command: > > # ./splitcmd-gen.sh > # make V=1 btrfs-subvolume-show > # make V=1 btrfs-send > # [...] > > Alternative approach: instead of including the c-file, link with obj > in Makefile, e.g.: > > btrfs_subvolume_show_objects = cmds-subvolume.o > btrfs_send_objects = cmds-send.o > [...] > > This implies adaptions in cmds-subvolume.c (and others): > > -static int cmd_filesystem_show(int argc, char **argv) > +int cmd_filesystem_show(int argc, char **argv) > > If they are defined non-static, we could probably simplify further and > add `-Wl,-eentry` flags (changing entry point from "main" to "entry"). > > With this, and if handle_command_group() was declared in some library > instead of btrfs.c, we would get rid of generated files completely. > > Signed-off-by: Axel Burri <axel@tty0.ch> > --- > splitcmd-gen.sh | 70 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > splitcmd.c.in | 17 ++++++++++++++ > 2 files changed, 87 insertions(+) > create mode 100755 splitcmd-gen.sh > create mode 100644 splitcmd.c.in > > diff --git a/splitcmd-gen.sh b/splitcmd-gen.sh > new file mode 100755 > index 00000000..4d2e0509 > --- /dev/null > +++ b/splitcmd-gen.sh > @@ -0,0 +1,70 @@ > +#!/bin/bash > + > +# > +# Generate c-files for btrfs subcommands defined below > +# > + > +# Notes on linux capabilities: > +# > +# btrfs-subvolume-show, btrfs-subvolume-list, btrfs-send: > +# - CAP_FOWNER is only needed for O_NOATIME flag in open() system calls > +# - why CAP_SYS_ADMIN? shouldn't CAP_DAC_READ_SEARCH be enough? Hello, Not directly related this series and just FYI, I'm working to allow sub show/list to non-privileged user as long as he can access to the subvolume: https://www.spinics.net/lists/linux-btrfs/msg79285.html Hopefully this will be merged to master in near future (any comments from user/dev is welcome). Thanks, Misono > +# > +# btrfs-receive: > +# - dependent on send-stream (see cmds-receive.c: "send_ops"): > +# CAP_CHOWN, CAP_MKNOD, CAP_SETFCAP (for "lsetxattr") > +# > +# btrfs-filesystem-usage: > +# - CAP_SYS_ADMIN is for BTRFS_IOC_TREE_SEARCH and BTRFS_IOC_FS_INFO > +# in order to provide full level of detail, see btrfs-filesystem(8) > + > + > +makefile_out="Makefile.install_setcap" > + > +splitcmd_list="" > +setcap_lines="" > + > +function gen_splitcmd { > + local name="$1" > + local dest="${1}.c" > + local cfile="$2" > + local entry="$3" > + local caps="$4" > + echo "generating: ${dest} (cfile=${cfile}, entry=${entry})" > + echo -e "/*\n * ${name}\n *\n * GENERATED BY splitcmd-gen.sh\n */\n" > $dest > + sed -e "s|@BTRFS_SPLITCMD_CFILE_INCLUDE@|${cfile}|g" \ > + -e "s|@BTRFS_SPLITCMD_ENTRY@|${entry}|g" \ > + splitcmd.c.in >> $dest > +} > + > +gen_splitcmd "btrfs-subvolume-show" \ > + "cmds-subvolume.c" "cmd_subvol_show" \ > + "cap_sys_admin,cap_fowner,cap_dac_read_search" > + > +gen_splitcmd "btrfs-subvolume-list" \ > + "cmds-subvolume.c" "cmd_subvol_list" \ > + "cap_sys_admin,cap_fowner,cap_dac_read_search" > + > +gen_splitcmd "btrfs-subvolume-snapshot" \ > + "cmds-subvolume.c" "cmd_subvol_snapshot" \ > + "cap_sys_admin,cap_fowner,cap_dac_override,cap_dac_read_search" > + > +gen_splitcmd "btrfs-subvolume-delete" \ > + "cmds-subvolume.c" "cmd_subvol_delete" \ > + "cap_sys_admin,cap_dac_override" > + > +gen_splitcmd "btrfs-send" \ > + "cmds-send.c" "cmd_send" \ > + "cap_sys_admin,cap_fowner,cap_dac_read_search" > + > +gen_splitcmd "btrfs-receive" \ > + "cmds-receive.c" "cmd_receive" \ > + "cap_sys_admin,cap_fowner,cap_chown,cap_mknod,cap_setfcap,cap_dac_override,cap_dac_read_search" > + > +gen_splitcmd "btrfs-filesystem-usage" \ > + "cmds-fi-usage.c" "cmd_filesystem_usage" \ > + "cap_sys_admin" > + > +gen_splitcmd "btrfs-qgroup-destroy" \ > + "cmds-qgroup.c" "cmd_qgroup_destroy" \ > + "cap_sys_admin,cap_dac_override" > diff --git a/splitcmd.c.in b/splitcmd.c.in > new file mode 100644 > index 00000000..aa07af9a > --- /dev/null > +++ b/splitcmd.c.in > @@ -0,0 +1,17 @@ > +#include "@BTRFS_SPLITCMD_CFILE_INCLUDE@" > + > +/* > + * Dummy object: used from second-level command groups (e.g. in > + * "cmds-subvolume.c"), is never called in splitcmd executables. > + */ > +int handle_command_group(const struct cmd_group *grp, int argc, > + char **argv) > +{ > + exit(1); > +} > + > + > +int main(int argc, char **argv) > +{ > + return @BTRFS_SPLITCMD_ENTRY@(argc, argv); > +} >
diff --git a/splitcmd-gen.sh b/splitcmd-gen.sh new file mode 100755 index 00000000..4d2e0509 --- /dev/null +++ b/splitcmd-gen.sh @@ -0,0 +1,70 @@ +#!/bin/bash + +# +# Generate c-files for btrfs subcommands defined below +# + +# Notes on linux capabilities: +# +# btrfs-subvolume-show, btrfs-subvolume-list, btrfs-send: +# - CAP_FOWNER is only needed for O_NOATIME flag in open() system calls +# - why CAP_SYS_ADMIN? shouldn't CAP_DAC_READ_SEARCH be enough? +# +# btrfs-receive: +# - dependent on send-stream (see cmds-receive.c: "send_ops"): +# CAP_CHOWN, CAP_MKNOD, CAP_SETFCAP (for "lsetxattr") +# +# btrfs-filesystem-usage: +# - CAP_SYS_ADMIN is for BTRFS_IOC_TREE_SEARCH and BTRFS_IOC_FS_INFO +# in order to provide full level of detail, see btrfs-filesystem(8) + + +makefile_out="Makefile.install_setcap" + +splitcmd_list="" +setcap_lines="" + +function gen_splitcmd { + local name="$1" + local dest="${1}.c" + local cfile="$2" + local entry="$3" + local caps="$4" + echo "generating: ${dest} (cfile=${cfile}, entry=${entry})" + echo -e "/*\n * ${name}\n *\n * GENERATED BY splitcmd-gen.sh\n */\n" > $dest + sed -e "s|@BTRFS_SPLITCMD_CFILE_INCLUDE@|${cfile}|g" \ + -e "s|@BTRFS_SPLITCMD_ENTRY@|${entry}|g" \ + splitcmd.c.in >> $dest +} + +gen_splitcmd "btrfs-subvolume-show" \ + "cmds-subvolume.c" "cmd_subvol_show" \ + "cap_sys_admin,cap_fowner,cap_dac_read_search" + +gen_splitcmd "btrfs-subvolume-list" \ + "cmds-subvolume.c" "cmd_subvol_list" \ + "cap_sys_admin,cap_fowner,cap_dac_read_search" + +gen_splitcmd "btrfs-subvolume-snapshot" \ + "cmds-subvolume.c" "cmd_subvol_snapshot" \ + "cap_sys_admin,cap_fowner,cap_dac_override,cap_dac_read_search" + +gen_splitcmd "btrfs-subvolume-delete" \ + "cmds-subvolume.c" "cmd_subvol_delete" \ + "cap_sys_admin,cap_dac_override" + +gen_splitcmd "btrfs-send" \ + "cmds-send.c" "cmd_send" \ + "cap_sys_admin,cap_fowner,cap_dac_read_search" + +gen_splitcmd "btrfs-receive" \ + "cmds-receive.c" "cmd_receive" \ + "cap_sys_admin,cap_fowner,cap_chown,cap_mknod,cap_setfcap,cap_dac_override,cap_dac_read_search" + +gen_splitcmd "btrfs-filesystem-usage" \ + "cmds-fi-usage.c" "cmd_filesystem_usage" \ + "cap_sys_admin" + +gen_splitcmd "btrfs-qgroup-destroy" \ + "cmds-qgroup.c" "cmd_qgroup_destroy" \ + "cap_sys_admin,cap_dac_override" diff --git a/splitcmd.c.in b/splitcmd.c.in new file mode 100644 index 00000000..aa07af9a --- /dev/null +++ b/splitcmd.c.in @@ -0,0 +1,17 @@ +#include "@BTRFS_SPLITCMD_CFILE_INCLUDE@" + +/* + * Dummy object: used from second-level command groups (e.g. in + * "cmds-subvolume.c"), is never called in splitcmd executables. + */ +int handle_command_group(const struct cmd_group *grp, int argc, + char **argv) +{ + exit(1); +} + + +int main(int argc, char **argv) +{ + return @BTRFS_SPLITCMD_ENTRY@(argc, argv); +}
Create separate binaries for each subcommand ("btrfs foo bar"). Least invasive approach, generate c-files for each command: # ./splitcmd-gen.sh # make V=1 btrfs-subvolume-show # make V=1 btrfs-send # [...] Alternative approach: instead of including the c-file, link with obj in Makefile, e.g.: btrfs_subvolume_show_objects = cmds-subvolume.o btrfs_send_objects = cmds-send.o [...] This implies adaptions in cmds-subvolume.c (and others): -static int cmd_filesystem_show(int argc, char **argv) +int cmd_filesystem_show(int argc, char **argv) If they are defined non-static, we could probably simplify further and add `-Wl,-eentry` flags (changing entry point from "main" to "entry"). With this, and if handle_command_group() was declared in some library instead of btrfs.c, we would get rid of generated files completely. Signed-off-by: Axel Burri <axel@tty0.ch> --- splitcmd-gen.sh | 70 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ splitcmd.c.in | 17 ++++++++++++++ 2 files changed, 87 insertions(+) create mode 100755 splitcmd-gen.sh create mode 100644 splitcmd.c.in