public inbox for nncp-devel@lists.cypherpunks.ru
Atom feed
From: Sergey Matveev <stargrave@stargrave•org>
To: nncp-devel@lists.cypherpunks.ru
Subject: Re: Setup on unprivileged accounts
Date: Wed, 4 Aug 2021 16:50:55 +0300 [thread overview]
Message-ID: <YQqbP79STxfdGgVq@stargrave.org> (raw)
In-Reply-To: <87lf5hx36j.fsf@complete.org>
[-- Attachment #1: Type: text/plain, Size: 1460 bytes --]
Greetings!
*** John Goerzen [2021-08-03 23:08]:
>My initial scheme, used elsewhere, of calling to "|sudo ... nncp-daemon
>-inetd" won't work here. I'm thinking of alternatives.
Hopefully I am missing something, but I just do not see why do you need
root/sudo/setuid? Why high privileges, if we are not expecting to run on
ports below 1024? I assume that each user has its own directory. Why can
not he have his own spool directory in his home one? NNCPCFG in .profile
can point to the configuration file in his home. Croned tasks can be
avoided if person manually (ssh sdf "nncp-daemon -ucspi ; nncp-toss")
runs tossing when necessary.
>4) Perhaps a variant on #3, I could have a regular-permissioned spool
>directory and then nncp-xfer into a separate tree with directories owned as
>appropriate with sticky bits set. Peers would have a similar nncp-xfer to
>pull stuff out of there.
Only here I understand that you want to share packets between the user
accounts on the same system? nncp-xfer is what comes in my mind first
here: one shared/accessible directory. And spools in home directories.
And much more efficient transmission comparing to online (-daemon,
-call*) tools. Actually files from the spool technically can be even
hardlinked, without any copying at all, in theory (current code just
copies data).
--
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2021-08-04 13:51 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-04 4:08 Setup on unprivileged accounts John Goerzen
2021-08-04 12:22 ` John Goerzen
2021-08-04 13:50 ` Sergey Matveev [this message]
2021-08-04 18:58 ` Jonathan Lane
2021-08-05 4:23 ` John Goerzen