Re: [9fans] Using the Acme Editor
On Wed, Aug 20, 2008 at 11:46 PM, Eris Discordia [EMAIL PROTECTED] wrote: Thank you, sqweek. The second golden Golden Apple with καλλιστι on it is totally yours. The first one went to Russ Cox. You don't care who mounts what where, because the rest of the system doesn't notice the namespace change. So essentially there shouldn't be a problem with mounting on a single public namespace as long as there is one user on the system. mount restriction in UNIX systems was put in place because multiple users exist some of whom may be malicious. Virtualization and jailing will relax that requirement. Mount restrictions on unix are needed (among other reasons) because of a broken security model (ie., suid). Virtualization and jailing are hacks to work around the inherent limitation that in unix resources can not be easily abstracted/isolated and are plagued by the 'only root can do X' restriction ('only root can become another user', hence su/sudo, only root can open certain ports, etc.) which Plan 9 cleanly does away with. Linux could do many things plan9 can do, if it got rid of all suid programs (by perhaps using the cap device implementation for the linux kernel, if that is ever accepted in mainline linux), but until then... Uh, what now? You either have an interesting definition of home computer or some fucked up ideas about plan 9. You only need a cpu server if you want to let other machines run processes on your machine. You only need an auth server if you want to serve resources to a remote machine. Neither statement is true. On a home computer you certainly need a term. You'll need a cpu for a number of tasks. And you'll need auth if there's going to be more than one user on the system, or if you need a safe way of authenticating yourself to your computer. A single glenda account doesn't quite cut it. If you're going to access your storage you'll need some fs('s), too. The bottom line is: term is _certainly_ not enough for doing all the tasks a *BSD does, and requiring a home computer to do all these tasks is far from inconceivable. One *BSD system is almost functionally equivalent to a combination of term, cpu, auth, and some fs('s). A plan9 terminal can run programs, and can have a local storage file system, with multiple users. As for authentication, in such use case unix auth is little more than a farce of security theater which could easily be implemented in plan9 (and I think some people has) if you wanted to keep your three year old child from accessing your account but is futile for much else. incantation, that's beside the point. In 9p, the abstraction is a file tree, and the interface is auth/attach/open/read/write/clunk/walk/remove/stat. ioctl and VFS are suspiciously similar even though they serve less generic functions. Try to do ioctl over the network. network operations - everything is done via /net. Thanks to private namespaces, you can transparently replace /net with some other crazy [compatible] filesystem, which might load balance over multiple How does that differ from presenting of a network interface by a block device on UNIX? And why should avoiding system calls be considered an advantage? Your VFS layer could do anything expected from /net provided that file system abstraction for the resources represented under /net is viable in the first place. Here is a reason: Because Plan 9 has no network-related syscalls, and applications contain no networking code (even when they are still network transparent thanks to 9P), when ipv6 was added to plan9, no changes were required to either any syscalls or any applications. On the other hand on unix they are still to this day adding ipv6 support to certain apps (and every app that needs to access remote resources needs its own networking code that is aware of each protocol it wants to support, etc). When ipv6 needs to be replaced, the pain in the unix software ecosystem will be even greater, while in plan9 it will be virtually painless. There are also the benefits of allowing different applications (namespaces) use different network stacks without requiring full virtualization of the whole OS (the few unix systems that have been able to implement this functionality have done so after many years of painful efforts and the result is incredibly clunky and complex), and I don't think any unix systems allows a single application (or namespace) to access *multiple* network stacks concurrently... and remote network stacks? don't think so either. implemented on any system, which is true [to an extent]. But it's apparent than no others have the taste to do it as elegantly as plan 9 - It's not a matter of taste. There are situations, many situations actually, where the file system abstraction is plainly naive. Sticking with it for every application verges on being an ideology. The VFS approach is by no means inferior to Plan 9's everything-is-a-file, but on UNIX systems it is limited to
[9fans] window behaviour
Hi 9fans, I dont think I am doing anything wrong here % window -f $font (this opens a window and closes it), however % window (this opens a window) /Prem
Re: [9fans] window behaviour
On Thu, Aug 21, 2008 at 10:05 AM, prem [EMAIL PROTECTED] wrote: % window -f $font (this opens a window and closes it), however % window (this opens a window) As far as I know, window doesn't take a -f option. So it's probably trying to run the command '-f /lib/font/...' in the new window, which fails, and since that's all you wanted it to do, the window closes again. Robby
Re: [9fans] Using the Acme Editor
So essentially there shouldn't be a problem with mounting on a single public namespace namespaces are not public in the sense that they are visible to all processes. as long as there is one user on the system. since this started out as a discussion of terminals, i should point out that terminals by definition have a single user at a time. This is classic. Complication is a sign of maturation. Plan 9 has evaded that by not maturing, by avoiding diversification. Before you get angry I must say that's my personal opinion. Nothing I'm going to force unto you. Nothing I _can_ force unto you. equally one could say complication is a sign that one's vision was lacking; a sign that one's system lacks generality. if you call the opposite of complication immaturity, i'll be proud to have an operating system that suffers from it. How does that differ from presenting of a network interface by a block device on UNIX? And why should avoiding system calls be considered an advantage? Your VFS layer could do anything expected from /net provided that file system abstraction for the resources represented under /net is viable in the first place. i'm not sure what passes for unix these days, but linux at least does not present network interfaces as block devices. there is no /dev/eth0. The VFS approach is by no means inferior to Plan 9's everything-is-a-file, what do you mean by this? the VFS is a kernel interface along the general lines of plan 9's devtab. everything-is-a-file[server] is a general principle. but on UNIX systems it is limited to resources that can be meaningfully represented as file systems. so why is the network hidden in side channels in adjunct namespaces? - erik
Re: [9fans] Using the Acme Editor
A plan9 terminal can run programs, and can have a local storage file system, with multiple users. i think this is misleading. while the fs running on the terminal can have multiple users, it is not true that you can have multiple users using the cpu resources of a terminal concurrently. you can have all that and auth if you run a single machine with a cpu kernel with the downside that if you use the console you must be eve. since it's easy to get small, cheep, low-power machines, i run a traditional terminal with a seperate auth and fs. - erik
Re: [9fans] Using the Acme Editor
On Thu, Aug 21, 2008 at 3:58 AM, erik quanstrom [EMAIL PROTECTED]wrote: A plan9 terminal can run programs, and can have a local storage file system, with multiple users. i think this is misleading. while the fs running on the terminal can have multiple users, it is not true that you can have multiple users using the cpu resources of a terminal concurrently. you can have all that and auth if you run a single machine with a cpu kernel with the downside that if you use the console you must be eve. since it's easy to get small, cheep, low-power machines, i run a traditional terminal with a seperate auth and fs. You can even run 9vx as a totally reasonable terminal now... On a system that needs not be dedicated to Plan 9, and still have your CPU/FS/AUTH elsewhere. (Thanks Russ!) I'm a big fan of this approach, if people find it difficult to justify a whole machine as a Plan 9 terminal. I think Inferno is somewhat usable for this purpose even too right? I've just never managed to get it going (or admittedly spent much time trying). Dave - erik
Re: [9fans] Acme without Flamage
On Thu, Aug 21, 2008 at 2:06 AM, Paul Donnelly [EMAIL PROTECTED]wrote: [EMAIL PROTECTED] (Gorka Guardiola) writes: On Wed, Aug 20, 2008 at 7:42 PM, David Leimbach [EMAIL PROTECTED] wrote: The only thing I'd miss in Acme vs emacs then, most likely, for lisp-like languages is paren-matching. And I'd miss it dearly. Double click on the paren selects the area enclosed by the matching paren. -- - curiosity sKilled the cat I don't know if posts to usenet (where I lurk this list) go through to the mailing list, but I've found Acme's paren matching to be sufficient. The bear is indentation, since to make it work out it's necessary to use a fixed-width font (something I'd rather not do) and adjust it by hand, which needs to happen more often and by greater degrees than in a language like C. The chief issues being: (list (list 'a 'b 'c) (list 1 2 3)) ; ^ ; These need to line up. ; These need to line up. ; V (let ((a 3) (b 4)) (+ a b)) ; ^ ; Should be two spaces or so. Yeah I guess I'm spoiled by the hotkey visual cues I get from Emacs when typing in code, that automatically show me the matching parens as I type. Perhaps I really don't *need* that. I'll try Plan 9 Port acme again for some Scheme Shell or something and see how it goes. (Emacs screws up Scheme Shell pretty badly, due to it's not accepting | characters in it's syntax definition, and as I said before, customizing emacs is not the same as me getting my work done) Dave
Re: [9fans] aquarela only uses /rc/bin/9fs?
The trick you want is in /rc/bin/service/startcifs - this may not be exactly the code you want but it demonstrates the technique you need. -Steve startcifs didn't work quite like what I had in mind, so I ended up modifying /rc/bin/9fs. The excerpt below gives me exactly what I wanted: ... case wiki srv -m 'net!plan9.bell-labs.com!wiki' wiki /mnt/wiki case * switch($#*){ case 1 # Help out auarela: for(i in /usr/*) if($1=`{basename $i}){ bind -ac /usr/$1 /n/$1 exit } srv -m $1 case * ... winmail.dat
Re: [9fans] Using the Acme Editor
Virtualization and jailing are hacks to work around the inherent Virtualization is much more than that. It has a future and the future's here. It also has a rather glorious past in IBM VM/CMS. restriction ('only root can become another user', hence su/sudo, only root can open certain ports, etc.) which Plan 9 cleanly does away with. By assuming _anyone_ at a terminal is root, while sometimes the terminal is not a terminal at all. What happens when your home computer is bootstrapped? Is there a thing glenda can't do? I mean, if someone other than you turns your home computer on is it OK for them to be entitled to the same privileges that you normally are? Assuming there's method of stopping them from disconnecting the hard disk inside and/or from peeking into the data on it (there are practical solutions for both of these problems). A plan9 terminal can run programs, and can have a local storage file system, with multiple users. As for authentication, in such use case unix auth is little more than a farce of security theater which could easily be implemented in plan9 (and I think some people has) if you wanted to keep your three year old child from accessing your account but is futile for much else. A terminal per se should be dumb. How come it can run programs? It seems a Plan 9 term isn't exactly a terminal, not a dumb one for sure. If it can run a program, any program, who's going to control what the program accesses, especially when there are _multiple_ users some of whom may not be exactly trustable and there's a local store of sensitive information? Basically, a terminal should not hold _any_ information on its users. Where does the security of not keeping authentication information on a so-called terminal go when you _keep_ it on the terminal? But with multiple users you're going to need authentication. Right? My impression: the UNIX authentication farce happened because UNIX began as a replacement to a time-sharing system for more or less physically secure computers but then was downsized to an OS--many OS's, in fact--also usable on personal computers, e.g. 386BSD. Personal computers aren't as physically secure as the proverbial big computer in the basement, hence the need for role-based security which was, incidentally, introduced in 386BSD. However, as long as the physical security problem persists the farce goes on. Nothing wrong with UNIX. The twist is in the placement and role of personal computers which can be flaky vessels for sensitive information. Plan 9 doesn't solve that problem for the most common form of computer, i.e. the _home_ computer. Not even for the so-called workstation. It solves the problem only for the corporate/university/organization access point, if you know what I mean. Even then that isn't a _new_ solution--it was there when the original time-sharing systems were in operation. Of course, the Plan 9 solution costs--any solution does--and for the home computer these costs aren't followed by gains. The real problem: standalone terminal, also known as the home computer The real solution: physical security for anything that may carry sensitive information. Physical security must include software security against physical threats as well, e.g. encryption. As a side note, Rob Pike has been quoted--I take no responsibility for authenticity--saying, a smart terminal is not a smart ass terminal, but rather a terminal you can educate. That's the root of the problem: underestimation of home computers. A home computer is a smart terminal as well as a smart ass terminal and there's nothing you can do about it. Try to do ioctl over the network. I think I said ioctl serves a less generic function. Here is a reason: Because Plan 9 has no network-related syscalls, and applications contain no networking code (even when they are still network transparent thanks to 9P), when ipv6 was added to plan9, no [...] UNIX can accommodate this approach any minute now, figuratively speaking. It has the infrastructure. Current networking traditions in UNIX aren't inherent, they're circumstantial. Remember, the file system abstraction began in UNIX--or even before UNIX? I don't think any unix systems allows a single application (or namespace) to access *multiple* network stacks concurrently... and remote network stacks? don't think so either. So, what exactly is happening when the same process is sending HTTP requests to a server on the local 802.3 network, a second server on the Internet accessible through my dial-up connection, and a third server on a 802.11 network? Aren't there _three_ network stacks beneath (or over? the PPP, the Ethernet, the WiFi interfaces? To my meager knowledge, these are distinct at least up to network layer, i.e. physical-to-host, medium access (if present), and data link layers are different. namespace) to access *multiple* network stacks concurrently... and remote network stacks? don't
Re: [9fans] Using the Acme Editor
A correction: Mea culpa. UNIX systems apparently force processes to share a single network stack, but that can be changed: http://www.tel.fer.hr/zec/papers/zec-03.pdf A paper on virtualizing network stacks in FreeBSD kernel, 2003 USENIX.
Re: [9fans] Using the Acme Editor
On Thu, Aug 21, 2008 at 9:59 AM, Eris Discordia [EMAIL PROTECTED] wrote: A correction: Mea culpa. UNIX systems apparently force processes to share a single network stack, gee how about that? Isn't it nice to acquire knowledge and *then* post? but that can be changed: http://www.tel.fer.hr/zec/papers/zec-03.pdf A paper on virtualizing network stacks in FreeBSD kernel, 2003 USENIX. Similar work is being done in Linux. I talked to the guy who is doing it a year ago. Want to know what inspired it? Which OS? Wanna guess? And, they are putting other namespaces into Linux. Wonder where they got that idea and name? I know. Do you? yeeesh. ron
Re: [9fans] Using the Acme Editor
On Thu, Aug 21, 2008 at 9:39 AM, Eris Discordia [EMAIL PROTECTED] wrote: Basically, a terminal should not hold _any_ information on its users. Where does the security of not keeping authentication information on a so-called terminal go when you _keep_ it on the terminal? But with multiple users you're going to need authentication. Right? Eris, this is getting a little boring. Are you really this ignorant of what's going on? I don't mind ignorance per se but you keep wasting people's time as they try to explain CS 101 to you. Maybe you could start a blog and we could all ignore it -- it's much easier that way. My impression: the UNIX authentication farce happened because UNIX began as a replacement to a time-sharing system for more or less physically secure computers but then was downsized to an OS--many OS's, in fact--also usable on personal computers, e.g. 386BSD. Your impression? Well, that's one way to go at it.. Of course, there is the option of acquiring knowledge. It is more work however. If this is your picture of what happened then you need to go back and do some reading. You leave the impression, to me anyway, that you read a lot but I can not tell that you actually do much of anything. And, to top it off, you exist only as an imaginary wikipedia entry. List manager: can we *please* just boot this guy until he comes back as a real person? It's getting old. ron
Re: [9fans] Using the Acme Editor
namespaces are not public in the sense that they are visible to all processes. I was trying to compare UNIX to Plan 9. Apparently, UNIX processes share a single public namespace which therefore has to be protected by access privileges. since this started out as a discussion of terminals, i should point out that terminals by definition have a single user at a time. What about the so-called standalone terminals (~ home computers)? My intention was to equate a single user UNIX to a Plan 9 standalone terminal. It's the same difference, I suppose. i'm not sure what passes for unix these days, but linux at least does not present network interfaces as block devices. there is no /dev/eth0. The point is this can be done even if it hasn't been done. In case of FreeBSD, the network interfaces are represented under /dev/net. A sample installation shows this: crw--- 1 root wheel 0, 29 Aug 21 18:02 de0 crw--- 1 root wheel 0, 70 Aug 21 18:02 lo0 crw--- 1 root wheel 0, 35 Aug 21 18:02 plip0 Does it mean network interfaces are presented as _character_ devices? Doing cat foo de0 gives Operation not supported by device. what do you mean by this? the VFS is a kernel interface along the general lines of plan 9's devtab. everything-is-a-file[server] is a general principle. I mean VFS is an abstraction layer that presents a file system. What it represents as a file system is rather arbitrary. but on UNIX systems it is limited to resources that can be meaningfully represented as file systems. so why is the network hidden in side channels in adjunct namespaces? I don't understand this one. --On Thursday, August 21, 2008 6:36 AM -0400 erik quanstrom [EMAIL PROTECTED] wrote: So essentially there shouldn't be a problem with mounting on a single public namespace namespaces are not public in the sense that they are visible to all processes. as long as there is one user on the system. since this started out as a discussion of terminals, i should point out that terminals by definition have a single user at a time. This is classic. Complication is a sign of maturation. Plan 9 has evaded that by not maturing, by avoiding diversification. Before you get angry I must say that's my personal opinion. Nothing I'm going to force unto you. Nothing I _can_ force unto you. equally one could say complication is a sign that one's vision was lacking; a sign that one's system lacks generality. if you call the opposite of complication immaturity, i'll be proud to have an operating system that suffers from it. How does that differ from presenting of a network interface by a block device on UNIX? And why should avoiding system calls be considered an advantage? Your VFS layer could do anything expected from /net provided that file system abstraction for the resources represented under /net is viable in the first place. i'm not sure what passes for unix these days, but linux at least does not present network interfaces as block devices. there is no /dev/eth0. The VFS approach is by no means inferior to Plan 9's everything-is-a-file, what do you mean by this? the VFS is a kernel interface along the general lines of plan 9's devtab. everything-is-a-file[server] is a general principle. but on UNIX systems it is limited to resources that can be meaningfully represented as file systems. so why is the network hidden in side channels in adjunct namespaces? - erik
Re: [9fans] Using the Acme Editor
Skipping general offenses... List manager: can we *please* just boot this guy until he comes back as a real person? It's getting old. Is it _that_ annoying to you? I could just keep silent if it is so, no booting required. Though I have to say I don't understand how a handful of emails to a mailing list someone happens to read can irritate them to such extent. In passing, instead of a threat you could have simply let the first response be. Were it really a piece of useless text, it would rot on its own. --On Thursday, August 21, 2008 10:11 AM -0700 ron minnich [EMAIL PROTECTED] wrote: On Thu, Aug 21, 2008 at 9:39 AM, Eris Discordia [EMAIL PROTECTED] wrote: Basically, a terminal should not hold _any_ information on its users. Where does the security of not keeping authentication information on a so-called terminal go when you _keep_ it on the terminal? But with multiple users you're going to need authentication. Right? Eris, this is getting a little boring. Are you really this ignorant of what's going on? I don't mind ignorance per se but you keep wasting people's time as they try to explain CS 101 to you. Maybe you could start a blog and we could all ignore it -- it's much easier that way. My impression: the UNIX authentication farce happened because UNIX began as a replacement to a time-sharing system for more or less physically secure computers but then was downsized to an OS--many OS's, in fact--also usable on personal computers, e.g. 386BSD. Your impression? Well, that's one way to go at it.. Of course, there is the option of acquiring knowledge. It is more work however. If this is your picture of what happened then you need to go back and do some reading. You leave the impression, to me anyway, that you read a lot but I can not tell that you actually do much of anything. And, to top it off, you exist only as an imaginary wikipedia entry. List manager: can we *please* just boot this guy until he comes back as a real person? It's getting old. ron
Re: [9fans] Using the Acme Editor
On Thu, Aug 21, 2008 at 10:36 AM, Eris Discordia [EMAIL PROTECTED] wrote: Is it _that_ annoying to you? I could just keep silent if it is so, no booting required. goodness, it's not annoying. It's just a waste of breath, bandwidth, and bytes. Why not go do some reading and stop wasting all three? ron
Re: [9fans] Using the Acme Editor
goodness, it's not annoying. It's just a waste of breath, bandwidth, and bytes. Why not go do some reading and stop wasting all three? Breath I should rather save. Bandwidth I pay for. Bytes I push down the pipe. I admit it also costs 9fans.net a very very tiny amount. Anyway, you won't get any more of this. End of transmission. ␄ --On Thursday, August 21, 2008 1:39 PM -0700 ron minnich [EMAIL PROTECTED] wrote: On Thu, Aug 21, 2008 at 10:36 AM, Eris Discordia [EMAIL PROTECTED] wrote: Is it _that_ annoying to you? I could just keep silent if it is so, no booting required. goodness, it's not annoying. It's just a waste of breath, bandwidth, and bytes. Why not go do some reading and stop wasting all three? ron
Re: [9fans] tip9ug
Hi, I hadn't checked if the file server booted correctly after power maintenance. I rebooted everything and it's up and running now. Sorry for inconvenience. X-( -- On 8/18/08, Steve Simon [EMAIL PROTECTED] wrote: Hi, mordor.tip9ug.jp seems to have disappeared, as has www.tip9ug.jp - is this a temporary problem or has it been decomissioned? -Steve -- YAMANASHI Takeshi
Re: [9fans] tip9ug
thanks On Thu, Aug 21, 2008 at 11:00 PM, YAMANASHI Takeshi [EMAIL PROTECTED] wrote: Hi, I hadn't checked if the file server booted correctly after power maintenance. I rebooted everything and it's up and running now. Sorry for inconvenience. X-( -- On 8/18/08, Steve Simon [EMAIL PROTECTED] wrote: Hi, mordor.tip9ug.jp seems to have disappeared, as has www.tip9ug.jp - is this a temporary problem or has it been decomissioned? -Steve -- YAMANASHI Takeshi -- Federico G. Benavento