implementing #3064: enable split-personality ARM to run some services as 'gnunet' and others as grothoff, depending on level of personal information available to the service

7 files changed, 75 insertions, 6 deletions

diff --git a/doc/man/gnunet.conf.5 b/doc/man/gnunet.conf.5
index de2211f74..444042ea8 100644
--- a/doc/man/gnunet.conf.5
+++ b/doc/man/gnunet.conf.5
@@ -36,6 +36,10 @@ The following options are generic and shared by all services:
     If UNIX domain sockets are used, set this to YES if only users with the same UID are allowed to access the service.
 .IP UNIX_MATCH_GID
     If UNIX domain sockets are used, set this to YES if only users with the same GID are allowed to access the service.
+.IP USER_SERVICE
+    Set to YES if this service should be run per-user, NO if this is a system service.  End-users should never have to change the defaults GNUnet provides for this option.
+
+
 
 .SH ARM Options
 
diff --git a/src/arm/arm.conf.in b/src/arm/arm.conf.in
index 6bffca796..830b51dc1 100644
--- a/src/arm/arm.conf.in
+++ b/src/arm/arm.conf.in
@@ -17,6 +17,27 @@ UNIX_MATCH_GID = YES
 # log files are preserved.
 # GLOBAL_POSTFIX = -l $GNUNET_CACHE_HOME/{}-%Y-%m-%d.log
 GLOBAL_PREFIX = @MONKEYPREFIX@
+
+# If set to YES, ARM will only start services that are marked as
+# system-level services (and we'll expect a second ARM to be
+# run per-user to run user-level services).  Note that in this
+# case you must have manually created a different configuration
+# file with the user where at least this and the USER_ONLY
+# options differ.
+# SYSTEM_ONLY = YES
+
+# If set to YES, ARM will only start services that are marked as
+# per-user services (and we'll expect a system user to run ARM to
+# provide system-level services).  Per-user services enable
+# better personalization and  priviledge separation and in particular
+# ensures that personal data is stored under $HOME, which might
+# be important in a multi-user system (or if $HOME is encrypted
+# and /var/ is not).
+# USER_ONLY = YES
+
+
+
+# Name of the user that will be used to provide the service
 # USERNAME =
 # MAXBUF =
 # TIMEOUT =
diff --git a/src/arm/gnunet-service-arm.c b/src/arm/gnunet-service-arm.c
index 7c759d0ac..1eaaa26c5 100644
--- a/src/arm/gnunet-service-arm.c
+++ b/src/arm/gnunet-service-arm.c
@@ -36,6 +36,7 @@
  */
 #define MAX_NOTIFY_QUEUE 1024
 
+
 /**
  * List of our services.
  */
@@ -159,7 +160,7 @@ struct ServiceList
 
   /**
    * Is this service to be started by default (or did a client tell us explicitly
-   * to start it)?  GNUNET_NO if the service is started only upon 'accept' on a
+   * to start it)?  #GNUNET_NO if the service is started only upon 'accept' on a
    * listen socket or possibly explicitly by a client changing the value.
    */
   int is_default;
@@ -218,6 +219,16 @@ static struct GNUNET_DISK_PipeHandle *sigpipe;
 static int in_shutdown;
 
 /**
+ * Are we starting user services?
+ */
+static int start_user = GNUNET_YES;
+
+/**
+ * Are we starting system services?
+ */
+static int start_system = GNUNET_YES;
+
+/**
  * Handle to our server instance.  Our server is a bit special in that
  * its service is not immediately stopped once we get a shutdown
  * request (since we need to continue service until all of our child
@@ -387,7 +398,9 @@ broadcast_status (const char *name,
  *                   being started. 0 if starting was not requested.
  */
 static void
-start_process (struct ServiceList *sl, struct GNUNET_SERVER_Client *client, uint64_t request_id)
+start_process (struct ServiceList *sl,
+               struct GNUNET_SERVER_Client *client,
+               uint64_t request_id)
 {
   char *loprefix;
   char *options;
@@ -1273,6 +1286,19 @@ setup_service (void *cls, const char *section)
       /* not a service section */
       return;
     }
+  if ((GNUNET_YES ==
+       GNUNET_CONFIGURATION_have_value (cfg, section, "USER_SERVICE")) &&
+      (GNUNET_YES ==
+       GNUNET_CONFIGURATION_get_value_yesno (cfg, section, "USER_SERVICE")))
+  {
+    if (GNUNET_NO == start_user)
+      return; /* user service, and we don't deal with those */
+  }
+  else
+  {
+    if (GNUNET_NO == start_system)
+      return; /* system service, and we don't deal with those */
+  }
   sl = find_service (section);
   if (NULL != sl)
   {
@@ -1312,6 +1338,7 @@ setup_service (void *cls, const char *section)
     sl->pipe_control = GNUNET_CONFIGURATION_get_value_yesno (cfg, section, "PIPECONTROL");
 #endif
   GNUNET_CONTAINER_DLL_insert (running_head, running_tail, sl);
+
   if (GNUNET_YES !=
       GNUNET_CONFIGURATION_get_value_yesno (cfg, section, "AUTOSTART"))
     return;
@@ -1409,7 +1436,20 @@ run (void *cls, struct GNUNET_SERVER_Handle *serv,
       GNUNET_CONFIGURATION_get_value_string (cfg, "ARM", "GLOBAL_POSTFIX",
                                              &final_option))
     final_option = GNUNET_strdup ("");
-
+  if (GNUNET_YES ==
+      GNUNET_CONFIGURATION_get_value_yesno (cfg, "ARM", "USER_ONLY"))
+  {
+    GNUNET_break (GNUNET_YES == start_user);
+    start_system = GNUNET_NO;
+    return;
+  }
+  if (GNUNET_YES ==
+      GNUNET_CONFIGURATION_get_value_yesno (cfg, "ARM", "SYSTEM_ONLY"))
+  {
+    GNUNET_break (GNUNET_YES == start_system);
+    start_user = GNUNET_NO;
+    return;
+  }
   GNUNET_CONFIGURATION_iterate_sections (cfg, &setup_service, NULL);
 
   /* start default services... */
diff --git a/src/ats/ats.conf.in b/src/ats/ats.conf.in
index c53f50b08..47ca10411 100644
--- a/src/ats/ats.conf.in
+++ b/src/ats/ats.conf.in
@@ -10,7 +10,7 @@ UNIX_MATCH_UID = YES
 UNIX_MATCH_GID = YES
 
 # Designated assigment mode: PROPORTIONAL / MLP / RIL
-MODE = PROPORTIONAL 
+MODE = PROPORTIONAL
 
 # Network specific inbound/outbound quotas
 UNSPECIFIED_QUOTA_IN = 64 KiB
@@ -41,7 +41,7 @@ MLP_MIN_INTERVAL = 15000
 
 # MLP defaults
 # MLP_MAX_DURATION = 3 s
-# MLP_MAX_ITERATIONS = 1024 
+# MLP_MAX_ITERATIONS = 1024
 # MLP_COEFFICIENT_D = 1.0
 # MLP_COEFFICIENT_U = 1.0
 # MLP_COEFFICIENT_R = 1.0
@@ -51,7 +51,7 @@ MLP_MIN_INTERVAL = 15000
 # MLP Debugging settings
 DUMP_MLP = NO
 DUMP_SOLUTION = NO
-DUMP_OVERWRITE = NO 
+DUMP_OVERWRITE = NO
 DUMP_MIN_PEERS = 0
 DUMP_MIN_ADDRS = 0
 DUMP_OVERWRITE = NO
diff --git a/src/gns/gns.conf.in b/src/gns/gns.conf.in
index beb0ae9a9..4e83a00bf 100644
--- a/src/gns/gns.conf.in
+++ b/src/gns/gns.conf.in
@@ -23,6 +23,7 @@ ZONE_PUBLISH_TIME_WINDOW = 4 h
 [gns-proxy]
 BINARY = gnunet-gns-proxy
 AUTOSTART = NO
+USER_SERVICE = YES
 
 # Where is the certificate for the GNS proxy stored?
 PROXY_CACERT = $GNUNET_DATA_HOME/gns/gns_ca_cert.pem
@@ -32,6 +33,7 @@ PROXY_UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-gns-proxy.sock
 [dns2gns]
 BINARY = gnunet-dns2gns
 AUTOSTART = NO
+USER_SERVICE = YES
 
 # -d: DNS resolver to use, -s: suffix to use, -f: fcfs suffix to use
 OPTIONS = -d 8.8.8.8
diff --git a/src/identity/identity.conf.in b/src/identity/identity.conf.in
index 1b0d087e6..da46794df 100644
--- a/src/identity/identity.conf.in
+++ b/src/identity/identity.conf.in
@@ -1,5 +1,6 @@
 [identity]
 AUTOSTART = YES
+USER_SERVICE = YES
 @JAVAPORT@PORT = 2108
 HOSTNAME = localhost
 BINARY = gnunet-service-identity
diff --git a/src/namestore/namestore.conf.in b/src/namestore/namestore.conf.in
index 66695af2e..c1fb9435d 100644
--- a/src/namestore/namestore.conf.in
+++ b/src/namestore/namestore.conf.in
@@ -1,5 +1,6 @@
 [namestore]
 AUTOSTART = YES
+USER_SERVICE = YES
 UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-namestore.sock
 UNIX_MATCH_UID = NO
 UNIX_MATCH_GID = YES