From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from atuin.qyliss.net (localhost [IPv6:::1])
	by atuin.qyliss.net (Postfix) with ESMTP id E75A821EC3;
	Fri, 08 Aug 2025 18:03:36 +0000 (UTC)
Received: by atuin.qyliss.net (Postfix, from userid 993)
	id A3CF821E9D; Fri, 08 Aug 2025 18:03:34 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net
X-Spam-Level: 
X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,DMARC_MISSING,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS
	autolearn=unavailable autolearn_force=no version=4.0.1
Received: from fhigh-b8-smtp.messagingengine.com
 (fhigh-b8-smtp.messagingengine.com [202.12.124.159])
	by atuin.qyliss.net (Postfix) with ESMTPS id 7FD2421E99
	for <devel@spectrum-os.org>; Fri, 08 Aug 2025 18:03:33 +0000 (UTC)
Received: from phl-compute-01.internal (phl-compute-01.internal [10.202.2.41])
	by mailfhigh.stl.internal (Postfix) with ESMTP id E91EB7A00DB;
	Fri,  8 Aug 2025 14:03:31 -0400 (EDT)
Received: from phl-mailfrontend-02 ([10.202.2.163])
  by phl-compute-01.internal (MEProxy); Fri, 08 Aug 2025 14:03:32 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h=cc
	:content-type:content-type:date:date:from:from:in-reply-to
	:in-reply-to:message-id:mime-version:references:reply-to:subject
	:subject:to:to; s=fm2; t=1754676211; x=1754762611; bh=ujat4DN/S5
	ES2JrVzJg0pFWQB05yTWalekrzxm/zwtE=; b=QHi0WDSb8kc9jlr7PG2bpkIzgn
	7nAhli7bXvqBfCvkCJf3pUnA9Zg+iwPhHtsYkZRbSgzmJnT3r7BW6sR3MsCNL0J8
	nLdmu/U/w/tT+a02RRI8FUknuoU5IGW+QmqFIBgzxMmtoY+ZRb4tQW/YCjkgN5Dl
	LrGeWobKpefvpr6NAgYwOyrnJwT1S3yM1/8MS6dFhEFmDC1zZjY2D6/rpobujFHD
	25M8bTcK9VfZyatTDHAsJANcPqkTUXOdRBSB0gWza3xDQAPRXUNAXhPT1j+t89pt
	lhtAXt821q9bUJ2yVtbGpA2hfcIaORXAVOYCZV3c6IVonZ2gZsnDtLUmkhEQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-type:content-type:date:date
	:feedback-id:feedback-id:from:from:in-reply-to:in-reply-to
	:message-id:mime-version:references:reply-to:subject:subject:to
	:to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=
	1754676211; x=1754762611; bh=ujat4DN/S5ES2JrVzJg0pFWQB05yTWalekr
	zxm/zwtE=; b=gJopHksGUbcDH3rI40kQYS9LuN9+v2fW+9QIhb1VAMqEGRSEimP
	CPpmmeMGTGhNHKUCI7aEv/mGcPGSGUDDQN3bJXH7ocZEcB2Fe/A33Wi2x4h2jC64
	2iglPuFlz9kZY5mEI+c9rxkmo2ygrASzbmjpjnwljkQY9hZ6hT8v86ZcPqhjLqoY
	vBdIQ33UbBYEb2n0RBmHYRMEICB6vRQYtwzbIbIAAf0Q/WEkUMEhG2I9pO93Q0CZ
	04gacJdSc972PhUDIqQgP1jyMZM7vcl/NO4G2bMxEIizN0Q7ppclw2ollihOLjwO
	/p1SQI8HUt2ogrCjTK26bVTYfPUlj/p3qgQ==
X-ME-Sender: <xms:8zuWaBz4PwUGFWWOnVLORCpc_8dnVqzB8Ts-wkA93EirWUa3ZRp38g>
    <xme:8zuWaGjV9MX_3Rlp2sFasxL5TbM7agn9hnOzr4ZDs_VpO7XX_5CdHdVcDz7SUmoXZ
    9P7HoEM3X_snkhRww>
X-ME-Received: 
 <xmr:8zuWaNDsbQWYlYpL3AOGPMB7G4WmKFRmpvSM-joKIHNef04F8QiA1D2_xc-OXfE811-GzeBjioM31xwUN1fL-2POJ5lgM1j4kSsNJa1o>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgeeffedrtdefgdduvdeggeekucetufdoteggodetrf
    dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu
    rghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujf
    gurhephffvufgjfhffkfggtgesghdtreertddttdenucfhrhhomheptehlhihsshgrucft
    ohhsshcuoehhihesrghlhihsshgrrdhisheqnecuggftrfgrthhtvghrnhepvdeuvdeivd
    ehhfeikedtvddvhefgheffleevueeigffgtdffffeujedujeejkeejnecuvehluhhsthgv
    rhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhephhhisegrlhihshhsrgdrih
    hspdhnsggprhgtphhtthhopedvpdhmohguvgepshhmthhpohhuthdprhgtphhtthhopegu
    vghmihhosggvnhhouhhrsehgmhgrihhlrdgtohhmpdhrtghpthhtohepuggvvhgvlhessh
    hpvggtthhruhhmqdhoshdrohhrgh
X-ME-Proxy: <xmx:8zuWaLuqmfaSF4F_XYM06mrIXgHOKoQpHvgwVhQBKvsHEtp_M-pz6w>
    <xmx:8zuWaKb8D8WS9ZSctoueOM53J3ZexyQn1cl3Uo-9AnF9WK7j7rtlXg>
    <xmx:8zuWaGU0mgsXSytC2CRhXSb9EcCpJXZcF2QBgjJ0zjDG79AjEG8pAA>
    <xmx:8zuWaG74bvxYEyb7WGoiOpfj7oW5k1GIe_J4DR7cpPBbpPWIGvfTyw>
    <xmx:8zuWaACz_u2zAvR1BRxyX_FPShQwK7DFw1cZ0vtTB0vmGaXXTHoyi7wm>
Feedback-ID: i12284293:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri,
 8 Aug 2025 14:03:31 -0400 (EDT)
Received: by mbp.qyliss.net (Postfix, from userid 1000)
	id D072F133D6C3; Fri, 08 Aug 2025 20:03:29 +0200 (CEST)
From: Alyssa Ross <hi@alyssa.is>
To: Demi Marie Obenour <demiobenour@gmail.com>, Spectrum OS Development
 <devel@spectrum-os.org>
Subject: Re: [PATCH] host/rootfs: add /dev/fd and /dev/std*
In-Reply-To: <20250807-host-dev-fd-v1-1-3d08c0f5eab3@gmail.com>
References: <20250807-host-dev-fd-v1-1-3d08c0f5eab3@gmail.com>
Date: Fri, 08 Aug 2025 20:03:28 +0200
Message-ID: <87wm7d4rnz.fsf@alyssa.is>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha512; protocol="application/pgp-signature"
Message-ID-Hash: VFNQ45SZ2FZ63U2FO7A2NUYR7CE6MO7D
X-Message-ID-Hash: VFNQ45SZ2FZ63U2FO7A2NUYR7CE6MO7D
X-MailFrom: hi@alyssa.is
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation;
 header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1;
 header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3;
 header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 digests; suspicious-header
X-Mailman-Version: 3.3.9
Precedence: list
List-Id: Patches and low-level development discussion <devel.spectrum-os.org>
Archived-At: 
 <https://spectrum-os.org/lists/hyperkitty/list/devel@spectrum-os.org/message/VFNQ45SZ2FZ63U2FO7A2NUYR7CE6MO7D/>
List-Archive: 
 <https://spectrum-os.org/lists/hyperkitty/list/devel@spectrum-os.org/>
List-Help: <mailto:devel-request@spectrum-os.org?subject=help>
List-Owner: <mailto:devel-owner@spectrum-os.org>
List-Post: <mailto:devel@spectrum-os.org>
List-Subscribe: <mailto:devel-join@spectrum-os.org>
List-Unsubscribe: <mailto:devel-leave@spectrum-os.org>

--=-=-=
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Demi Marie Obenour <demiobenour@gmail.com> writes:

> This is the same as 14483e1a690c (img/app: add /dev/fd and /dev/std*),
> but for the host.
>
> Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
> ---
>  host/rootfs/etc/s6-linux-init/scripts/rc.init | 5 +++++
>  1 file changed, 5 insertions(+)

Hmm.  I did it only for img/app on purpose, because that's the only
place we run arbitrary executables.  In host/rootfs (and vm/sys/net),
we only run a limited set of code that we control.  WDYT?

> diff --git a/host/rootfs/etc/s6-linux-init/scripts/rc.init b/host/rootfs/=
etc/s6-linux-init/scripts/rc.init
> index 674fd38cc76837c7be25a5ef060f0f4d4b786394..ec654dd0ff329e01a25c03bdd=
80ee839e679e4d0 100755
> --- a/host/rootfs/etc/s6-linux-init/scripts/rc.init
> +++ b/host/rootfs/etc/s6-linux-init/scripts/rc.init
> @@ -2,6 +2,11 @@
>  # SPDX-License-Identifier: EUPL-1.2+
>  # SPDX-FileCopyrightText: 2020-2022, 2024 Alyssa Ross <hi@alyssa.is>
>=20=20
> +if { ln -s /proc/self/fd /dev }
> +if { ln -s /proc/self/fd/0 /dev/stdin }
> +if { ln -s /proc/self/fd/1 /dev/stdout }
> +if { ln -s /proc/self/fd/2 /dev/stderr }
> +
>  if { s6-rc-init -c /etc/s6-rc /run/service }
>=20=20
>  if { mount --make-shared /run }
>
> ---
> base-commit: 39baa378367d95fac6ce4d0140b25203b2ee9b53
> change-id: 20250805-host-dev-fd-51d57d8341bb
> --=20
> Sincerely,
> Demi Marie Obenour (she/her/hers)

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQRV/neXydHjZma5XLJbRZGEIw/wogUCaJY78AAKCRBbRZGEIw/w
omRsAQDca+nYz2OGvigmIJ4KnHFkoHUHZk50WjiizC+q6i27dAEA1gENEGQCatUf
oaf4VYNpxkkqgGPZd1hX9yPjSAh9vgI=
=wiPz
-----END PGP SIGNATURE-----
--=-=-=--