On 2018/08/30 2:24, Axel Burri wrote:
> Create separate binaries for each subcommand ("btrfs foo bar").
> Least invasive approach, generate c-files for each command:
>
> # ./splitcmd-gen.sh
> # make V=1 btrfs-subvolume-show
> # make V=1 btrfs-send
> # [...]
>
> Alternative approach: instead of including the c-file, link with obj
> in Makefile, e.g.:
>
> btrfs_subvolume_show_objects = cmds-subvolume.o
> btrfs_send_objects = cmds-send.o
> [...]
>
> This implies adaptions in cmds-subvolume.c (and others):
>
> -static int cmd_filesystem_show(int argc, char **argv)
> +int cmd_filesystem_show(int argc, char **argv)
>
> If they are defined non-static, we could probably simplify further and
> add `-Wl,-eentry` flags (changing entry point from "main" to "entry").
>
> With this, and if handle_command_group() was declared in some library
> instead of btrfs.c, we would get rid of generated files completely.
>
> Signed-off-by: Axel Burri <axel@xxxxxxx>
> ---
> splitcmd-gen.sh | 70 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> splitcmd.c.in | 17 ++++++++++++++
> 2 files changed, 87 insertions(+)
> create mode 100755 splitcmd-gen.sh
> create mode 100644 splitcmd.c.in
>
> diff --git a/splitcmd-gen.sh b/splitcmd-gen.sh
> new file mode 100755
> index 00000000..4d2e0509
> --- /dev/null
> +++ b/splitcmd-gen.sh
> @@ -0,0 +1,70 @@
> +#!/bin/bash
> +
> +#
> +# Generate c-files for btrfs subcommands defined below
> +#
> +
> +# Notes on linux capabilities:
> +#
> +# btrfs-subvolume-show, btrfs-subvolume-list, btrfs-send:
> +# - CAP_FOWNER is only needed for O_NOATIME flag in open() system calls
> +# - why CAP_SYS_ADMIN? shouldn't CAP_DAC_READ_SEARCH be enough?
Hello,
Not directly related this series and just FYI,
I'm working to allow sub show/list to non-privileged user as long
as he can access to the subvolume:
https://www.spinics.net/lists/linux-btrfs/msg79285.html
Hopefully this will be merged to master in near future
(any comments from user/dev is welcome).
Thanks,
Misono
> +#
> +# btrfs-receive:
> +# - dependent on send-stream (see cmds-receive.c: "send_ops"):
> +# CAP_CHOWN, CAP_MKNOD, CAP_SETFCAP (for "lsetxattr")
> +#
> +# btrfs-filesystem-usage:
> +# - CAP_SYS_ADMIN is for BTRFS_IOC_TREE_SEARCH and BTRFS_IOC_FS_INFO
> +# in order to provide full level of detail, see btrfs-filesystem(8)
> +
> +
> +makefile_out="Makefile.install_setcap"
> +
> +splitcmd_list=""
> +setcap_lines=""
> +
> +function gen_splitcmd {
> + local name="$1"
> + local dest="${1}.c"
> + local cfile="$2"
> + local entry="$3"
> + local caps="$4"
> + echo "generating: ${dest} (cfile=${cfile}, entry=${entry})"
> + echo -e "/*\n * ${name}\n *\n * GENERATED BY splitcmd-gen.sh\n */\n" > $dest
> + sed -e "s|@BTRFS_SPLITCMD_CFILE_INCLUDE@|${cfile}|g" \
> + -e "s|@BTRFS_SPLITCMD_ENTRY@|${entry}|g" \
> + splitcmd.c.in >> $dest
> +}
> +
> +gen_splitcmd "btrfs-subvolume-show" \
> + "cmds-subvolume.c" "cmd_subvol_show" \
> + "cap_sys_admin,cap_fowner,cap_dac_read_search"
> +
> +gen_splitcmd "btrfs-subvolume-list" \
> + "cmds-subvolume.c" "cmd_subvol_list" \
> + "cap_sys_admin,cap_fowner,cap_dac_read_search"
> +
> +gen_splitcmd "btrfs-subvolume-snapshot" \
> + "cmds-subvolume.c" "cmd_subvol_snapshot" \
> + "cap_sys_admin,cap_fowner,cap_dac_override,cap_dac_read_search"
> +
> +gen_splitcmd "btrfs-subvolume-delete" \
> + "cmds-subvolume.c" "cmd_subvol_delete" \
> + "cap_sys_admin,cap_dac_override"
> +
> +gen_splitcmd "btrfs-send" \
> + "cmds-send.c" "cmd_send" \
> + "cap_sys_admin,cap_fowner,cap_dac_read_search"
> +
> +gen_splitcmd "btrfs-receive" \
> + "cmds-receive.c" "cmd_receive" \
> + "cap_sys_admin,cap_fowner,cap_chown,cap_mknod,cap_setfcap,cap_dac_override,cap_dac_read_search"
> +
> +gen_splitcmd "btrfs-filesystem-usage" \
> + "cmds-fi-usage.c" "cmd_filesystem_usage" \
> + "cap_sys_admin"
> +
> +gen_splitcmd "btrfs-qgroup-destroy" \
> + "cmds-qgroup.c" "cmd_qgroup_destroy" \
> + "cap_sys_admin,cap_dac_override"
> diff --git a/splitcmd.c.in b/splitcmd.c.in
> new file mode 100644
> index 00000000..aa07af9a
> --- /dev/null
> +++ b/splitcmd.c.in
> @@ -0,0 +1,17 @@
> +#include "@BTRFS_SPLITCMD_CFILE_INCLUDE@"
> +
> +/*
> + * Dummy object: used from second-level command groups (e.g. in
> + * "cmds-subvolume.c"), is never called in splitcmd executables.
> + */
> +int handle_command_group(const struct cmd_group *grp, int argc,
> + char **argv)
> +{
> + exit(1);
> +}
> +
> +
> +int main(int argc, char **argv)
> +{
> + return @BTRFS_SPLITCMD_ENTRY@(argc, argv);
> +}
>
