revokefs: Add demo to show how to revoke permissions

The demo starts two instances by the same users so the revoke doesn't really enforce any separation, but it demos how you would do it. Closes: #2657 Approved by: alexlarsson
flatpak · Apr 9, 2019 · 80249b5 · 80249b5
1 parent aeecbb7
commit 80249b5
Show file tree

Hide file tree

Showing 3 changed files with 87 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -59,6 +59,7 @@ common/flatpak-enum-types.h
 test-libflatpak
 httpcache
 revokefs-fuse
+revokefs-demo
 Flatpak-1.0.*
 /app/parse-datetime.c
 /doc/reference/gtkdoc-check.log

diff --git a/revokefs/Makefile.am.inc b/revokefs/Makefile.am.inc
@@ -20,7 +20,13 @@
 
 libexec_PROGRAMS += revokefs-fuse
 
+noinst_PROGRAMS += revokefs-demo
+
 revokefs_fuse_SOURCES = revokefs/main.c revokefs/writer.c revokefs/writer.h
 
 revokefs_fuse_CFLAGS = $(BASE_CFLAGS) -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 $(FUSE_CFLAGS) -I$(srcdir)/libglnx
 revokefs_fuse_LDADD = libglnx.la $(BASE_LIBS) $(FUSE_LIBS)
+
+revokefs_demo_SOURCES = revokefs/demo.c
+revokefs_demo_CFLAGS = $(BASE_CFLAGS)
+revokefs_demo_LDADD = $(BASE_LIBS)
diff --git a/revokefs/demo.c b/revokefs/demo.c
@@ -0,0 +1,80 @@
+#include <glib.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/socket.h>
+#include <unistd.h>
+#include <fcntl.h>
+
+int
+main (int argc, char *argv[])
+{
+ int sockets[2];
+ g_autofree char *socket_0 = NULL;
+ g_autofree char *socket_1 = NULL;
+ GError *error = NULL;
+ char buf[20];
+ GPid backend_pid, fuse_pid;
+
+ if (argc != 3)
+ {
+ g_printerr ("Usage: revokefs-demo basepath targetpath\n");
+ exit (EXIT_FAILURE);
+ }
+
+ if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, sockets))
+ {
+ perror ("Failed to create socket pair");
+ exit (EXIT_FAILURE);
+ }
+
+ socket_0 = g_strdup_printf ("--socket=%d", sockets[0]);
+ socket_1 = g_strdup_printf ("--socket=%d", sockets[1]);
+
+ char *backend_argv[] =
+ {
+ "./revokefs-fuse",
+ "--backend",
+ socket_0,
+ argv[1],
+ NULL
+ };
+
+ /* Don't inherit fuse socket in backend */
+ fcntl (sockets[1], F_SETFD, FD_CLOEXEC);
+ if (!g_spawn_async (NULL,
+ backend_argv,
+ NULL,
+ G_SPAWN_LEAVE_DESCRIPTORS_OPEN,
+ NULL, NULL,
+ &backend_pid, &error))
+ {
+ g_printerr ("Failed to launch backend: %s", error->message);
+ exit (EXIT_FAILURE);
+ }
+ close (sockets[0]); /* Close backend side now so it doesn't get into the fuse child */
+
+ char *fuse_argv[] =
+ {
+ "./revokefs-fuse",
+ socket_1,
+ argv[1],
+ argv[2],
+ NULL
+ };
+
+ if (!g_spawn_async (NULL,
+ fuse_argv,
+ NULL,
+ G_SPAWN_LEAVE_DESCRIPTORS_OPEN,
+ NULL, NULL,
+ &fuse_pid, &error))
+ {
+ g_printerr ("Failed to launch backend: %s", error->message);
+ exit (EXIT_FAILURE);
+ }
+
+ g_print ("Started revokefs, press enter to revoke");
+ fgets(buf, sizeof(buf), stdin);
+ g_print ("Revoking write permissions");
+ shutdown (sockets[1], SHUT_RDWR);
+}