homefs 0.2.1 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8da5aed5c790cde44852ed7d17e9878f5ee8a786
-  data.tar.gz: bd0a7440218649a6901b6f7530c41cc66502ab9f
+  metadata.gz: f11d42ee83c4b4ebf69e367d4ae58cc1a4927fac
+  data.tar.gz: c8bba0a2cad6c689a3865c910c7d172c14bb9933
 SHA512:
-  metadata.gz: 2897cf7ee8057733b4c896303d38629feb86ef92486c4c27cb1aebd68465bef5fd339aa0cf985cf753d2560330df9b7d515f6b957b72efbe563d8aeaf994f435
-  data.tar.gz: 2989acfca06ed15ba9a10796d8613e2e43fc8e7e2015f776ec3a903fedf22a34172ece57d0266efafcb94cfb66a3e76801054344f2c46ed35af5bbe871135cda
+  metadata.gz: d31980d7d5be1f62af06b45e14ae95bfc1001202eb674edb479921730c5fea3eb7c5908158b613fe7ff721edf418554cf1d29a8a7678d269c76ed6e30ab08156
+  data.tar.gz: 714090d6643662fe47fdc65987fd867a8da0368ef5cfa9534211ea314120ec5eadd53914ece6196e7d8e58f17c004bd13dbfb2426746fd1e5e98685a428426ae

data/bin/homefs

@@ -1,8 +1,8 @@
 #!/usr/bin/env ruby
 
 require 'homefs'
-require 'rb-inotify'
-require 'fileutils'
+
+DEBUG = false
 
 if ARGV.size < 2
     warn "Usage:\n\t#{File.basename($0)} relative_directory mountpoint [options...]"
@@ -10,8 +10,10 @@ if ARGV.size < 2
 end
 
 # Return immediately
-if fork
-    exit 0
+unless DEBUG
+    if fork
+        exit 0
+    end
 end
 
 reldir = ARGV.shift
@@ -19,35 +21,47 @@ reldir = ARGV.shift
 fs = HomeFS.new(reldir)
 
 # Shut up
-$stdout = File.open("/dev/null", "w")
-$stderr = File.open("/dev/null", "w")
-
-pid = fork
-if pid
-    # The child process will be the one actually handling the FuseFS,
-    # so we want to exit as soon as it dies
-    trap 'CLD' do
-        exit 0
-    end
+unless DEBUG
+    $stdout = File.open("/dev/null", "w")
+    $stderr = File.open("/dev/null", "w")
+end
 
-    # Set a watch for /etc/passwd, and update our hash of UIDs => homedirs
-    # when it changes
-    notifier = INotify::Notifier.new
-    notifier.watch('/etc/passwd', :modify) do
-        # Send a signal to the child process; it will catch USR1 and update
-        # the homedirs hash
-        Process::kill('USR1', pid)
-    end
-    notifier.run
-else
-    # Here we trap the signal to be sent to us by our parent
-    # when /etc/passwd changes and update our hash accordingly
-    trap 'USR1' do
-        fs.read_passwd
+if DEBUG
+    fs = HomeFS::Wrapper.new(fs)
+end
+
+begin
+    require 'rb-inotify'
+    pid = fork
+    if pid
+        # The child process will be the one actually handling the FuseFS,
+        # so we want to exit as soon as it dies
+        trap 'CLD' do
+            exit 0
+        end
+
+        # Set a watch for /etc/passwd, and update our hash of UIDs => homedirs
+        # when it changes
+        notifier = INotify::Notifier.new
+        notifier.watch('/etc/passwd', :modify) do
+            # Send a signal to the child process; it will catch USR1 and update
+            # the homedirs hash
+            Process::kill('USR1', pid)
+        end
+        notifier.run
+    else
+        # Here we trap the signal to be sent to us by our parent
+        # when /etc/passwd changes and update our hash accordingly
+        trap 'USR1' do
+            fs.read_passwd
+        end
     end
+rescue LoadError
+    # We don't have rb-inotify, and so don't watch for changes to
+    # /etc/passwd
 end
 
 # We set allow_other, because this filesystem doesn't really make sense
 # without it (why direct different users to different places if only one
 # user can access the filesystem?).
-FuseFS.main(ARGV + ["-o", "allow_other"]) { fs }
+RFuse.main(ARGV + ["-o", "allow_other"]) { fs }

data/lib/homefs/debug.rb

@@ -0,0 +1,21 @@
+class HomeFS
+    class Wrapper
+        def initialize(object)
+            methods = (object.class.instance_methods -
+                       Object.instance_methods)
+            methods.each do |method|
+                self.define_singleton_method(method) do |*args|
+                    warn "#{method} called with args #{args.inspect}"
+                    begin
+                        ret = object.send(method, *args)
+                        warn "\tMethod returned #{ret.inspect}"
+                        return ret
+                    rescue Exception => e
+                        warn e
+                        warn e.backtrace
+                    end
+                end
+            end
+        end
+    end
+end

data/lib/homefs/homefs.rb

@@ -1,24 +1,25 @@
-require 'rfusefs'
+require 'rfuse'
 
 # An instance of HomeFS; this implements all FuseFS methods, and ultimately
 # handles reading, writing, and inspection of files.
 #
 # We rely on the context provided to us by FUSE to determine the calling user's
-# UID and GID. If you want to access an instance of this class directly, you may
-# set the UID and GID of the current thread like so
-#   Thread.current[:fusefs_reader_uid] = uid
-#   Thread.current[:fusefs_reader_gid] = gid
-# where 'uid' and 'gid' are the desired UID and GID you wish to emulate.
+# UID and GID.
+#
+# Currently, HomeFS does not support POSIX locking (which has little effect
+# in practice), and special files (those created by mknod/FIFOs). We do
+# supported extended filesystem attributes, but only if you have the
+# 'ffi-xattr' gem.
 # @author Dylan Frese
 class HomeFS
 
     # Creates a new instance of HomeFS. This instance should probably be passed
-    # to FuseFS, as it does nothing on its own. The path is relative to the
+    # to RFuse, as it does nothing on its own. The path is relative to the
     # calling user's home directory, that is, the user interacting with the
     # filesystem through open(2), read(2), write(2), etc.
     # @param [String] path the path, relative to $HOME, to use as the root of
     # the file system.
-    def initialize(path)
+    def initialize(path, options = Hash.new)
         @relpath = path
         read_passwd
         read_group
@@ -54,7 +55,7 @@ class HomeFS
         }
     end
 
-    # Read or re-read /etc/group to update the internal table of group
+    # Read or re-read /etc/group to update the internal table of
     # group membership.
     # @return [void]
     def read_group
@@ -69,7 +70,7 @@ class HomeFS
         group.each_line.map { |line|
             next if line.strip.empty?
             _name, _, gid, members = line.split(':')
-            members = members.strip.split(',').map {|member| p member; @usernames[member]}
+            members = members.strip.split(',').map {|member| @usernames[member]}
             [Integer(gid), members]
         }.reject { |line|
             line.nil?
@@ -81,11 +82,12 @@ class HomeFS
     # Return the path to the root of HomeFS relative to the underlying
     # filesystem. If _path_ is specified, it is taken to be relative to the
     # root of HomeFS.
+    # @param [Integer] uid the UID whose home directory to use as a base
+    # @param [String] path a relative path to a resource
     # @return [String] path to the root of the HomeFS relative to the underlying
     #   filesystem, or if _path_ is specified, the path to that resource
     #   relative to the underlying filesystem.
-    def homepath(path = nil)
-        uid = FuseFS.reader_uid
+    def homepath(uid, path = nil)
         basepath = @homedirs[uid]
         # basepath shouldn't ever be nil, but fail gracefully just
         # in case.
@@ -129,16 +131,15 @@ class HomeFS
     # @param [String] file the path to the file to check
     # @param [Integer] mask the mask against which to check the file's mode.
     #   It is recommended you write this in octal (with a leading 0).
-    # @param [Boolean] check_ids if true, only check user and group permissions
-    #   if the caller is, respectively, the owner of the file/in the file's
-    #   group.
+    # @param [Integer] uid if not nil, only check user and group permissions
+    #   if the user it represents is, respectively, the owner of the
+    #   file/in the file's group.
     # @return [Boolean] whether the mode of _file_ matches the given mask
-    def mode_mask(file, mask, check_ids = true)
+    def mode_mask(file, mask, uid = nil)
         stat = File.stat(file)
         fmode = stat.mode
-        if check_ids
+        if uid
             fuid, fgid = stat.uid, stat.gid
-            uid = FuseFS.reader_uid
             # Zero out the third digit (in octal).
             # We could use a constant here, but this works
             # for a mask of any length
@@ -156,263 +157,640 @@ class HomeFS
     # we test if the parent directory is either writable or has the sticky bit
     # set.
     # @param [String] path the path to test
+    # @param [Integer] uid the UID to check the privilage of. If nil, this
+    # method returns whether the file is writable by anyone.
     # @return [Boolean] whether the given path is writable
-    def writable?(path)
-        return true if mode_mask(path, 0222)
+    def writable?(path, uid = nil)
         if !File.exist?(path)
-            mode_mask(File.dirname(path), 01222)
+            mode_mask(File.dirname(path), 01222, uid)
         else
-            false
+            mode_mask(path, 0222, uid)
         end
     end
 
-    # Rename the file or directory at from_path to to_path. This is mostly
-    # equivalent to /bin/mv.
-    # @param [String] from_path the path of the file to be moved
-    # @param [String] to_path the destination of the file
+    # Test whether the user described by _uid_ can read from the given
+    # path. If no file exists at the given path, an Errno::ENOENT is
+    # raised.
+    # @param [String] path the path to test
+    # @param [Integer] uid the UID to check the privilage of. If nil, this
+    # method returns whether the file is readable by anyone.
+    # @return [Boolean] whether the given path is readable
+    # @raise [Errno::ENOENT] if no file exists at _path_
+    def readable?(path, uid = nil)
+        mode_mask(path, 0444, uid)
+    end
+
+    # Test whether the user described by _uid_ can execute the given
+    # path. If no file exists at the given path, an Errno::ENOENT is
+    # raised.
+    # @param [String] path the path to test
+    # @param [Integer] uid the UID to check the privilage of. If nil, this
+    # method returns whether the file is executable by anyone.
+    # @return [Boolean] whether the given path is executable
+    # @raise [Errno::ENOENT] if no file exists at _path_
+    def executable?(path, uid = nil)
+        mode_mask(path, 0111, uid)
+    end
+
+    # This method raises an Errno::EACCES if the user given by _uid_ cannot
+    # write to the given path. The check is the same as in {#writable?}.
+    # @param [String] relpath the path to test, relative to the root of
+    # HomeFS (not the actual filesystem)
+    # @param [Integer] uid the UID to check the privilage of
     # @return [void]
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def rename(from_path, to_path)
-        FileUtils.mv(homepath(from_path), homepath(to_path))
+    # @raise [Errno::EACCES] if the path is not writable by the given user
+    def check_writable(uid, relpath)
+        hpath = homepath(uid, relpath)
+        unless writable?(hpath, uid)
+            fail Errno::EACCES, relpath
+        end
     end
 
-    # Update the mtime and atime (last-modified and last-accessed time) of the
-    # file at _path_ to the time given by modtime.
-    # @param [String] path the path to the file to touch
-    # @param [Time] modtime the time to update the file's times to
+    # This method raises an Errno::EACCES if the user given by _uid_ cannot
+    # read from the given path.
+    # @param [String] relpath the path to test, relative to the root of
+    # HomeFS (not the actual filesystem)
+    # @param [Integer] uid the UID to check the privilage of
     # @return [void]
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def touch(path, modtime)
-        File.utime(modtime, modtime, homepath(path))
+    # @raise [Errno::EACCES] if the path is not readable by the given user
+    # @raise [Errno::ENOENT] if no file or directory exists at the given
+    # path
+    def check_readable(uid, relpath)
+        hpath = homepath(uid, relpath)
+        unless readable?(hpath, uid)
+            fail Errno::EACCES, relpath
+        end
     end
 
-    # Remove the directory at the given path. The directory must be empty. This
-    # is mostly equivalent to rmdir(1).
-    # @param [String] path the path to the directory to remove
+    # This method raises an Errno::EACCES if the user given by _uid_ cannot
+    # list the given directory, i.e., if the user does not have the execute
+    # and read permissions on the given directory. If the path given is not
+    # a directory, the dirname of the given path is tested.
+    # @param [String] relpath the path to test, relative to the root of
+    # HomeFS (not the actual filesystem)
+    # @param [Integer] uid the UID to check the privilage of
     # @return [void]
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def rmdir(path)
-        FileUtils.rmdir(homepath(path))
+    # @raise [Errno::EACCES] if the path is not readable by the given user
+    def check_listable(uid, relpath)
+        hpath = homepath(uid, relpath)
+        unless File.directory?(hpath)
+            hpath = File.dirname(hpath)
+        end
+        unless readable?(hpath) && executable?(hpath)
+            fail Errno::EACCES, relpath
+        end
     end
 
-    # Test whether we can remove the directory given by _path_.
-    # @param [String] path the path to the directory to test
-    # @return [Boolean] true if the directory given can be removed.
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def can_rmdir?(path)
-        File.writable?(homepath(path)) &&
-            Dir.new(path).to_a.size == 2
+    # This method raises an Errno::EACCES if the user given by _uid_ is not
+    # the owner of the file described by _relpath_
+    # @param [String] relpath the path to test, relative to the root of
+    # HomeFS (not the actual filesystem)
+    # @param [Integer] uid the UID to check ownership of
+    # @return [void]
+    # @raise [Errno::EACCES] if the path is not owned by the given user
+    # @raise [Errno::ENOENT] if no file or directory exists at the given
+    # path
+    def check_owner(uid, relpath)
+        hpath = File.dirname(homepath(uid, relpath))
+        unless File.stat(hpath).uid == uid
+            fail Errno::EACCES, relpath
+        end
     end
 
-    # Make a new directory at _path_. This is similar to mkdir(1).
-    # @param [String] path the path to the directory to make
+    # Check access permissions
+    # @overload access(context,path,mode)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [Integer] mode the permissions to check
     # @return [void]
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def mkdir(path)
-        FileUtils.mkdir(homepath(path))
+    # @raise [Errno::EACCESS] if the requested permission isn't available
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def access(context, path, mode)
+        uid = context.uid
+        unless mode_mask(homepath(uid, path), mode * 0111, uid)
+            raise Errno::EACCES
+        end
     end
 
-    # Test if we can make a directory at the given path.
-    # @param [String] path the path to test
-    # @return [Boolean] true if we can make a directory at _path_.
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def can_mkdir?(path)
-        writable?(homepath(path))
+    # Change file permissions
+    # @overload chmod(context,path,mode)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [Integer] mode
+    # @return [void]
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def chmod(context, path, mode)
+        hpath = homepath(context.uid, path)
+        check_owner(context.uid, path)
+        File.chmod(mode, hpath)
     end
 
-    # Delete the file given by _path_. This is similar to rm(1).
-    # @param [String] path the path to the file to delete
+    # Change file ownership
+    # @overload chown(context,path,uid,gid)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [Integer] uid new user id
+    # @param [Integer] gid new group id
     # @return [void]
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def delete(path)
-        FileUtils.rm(homepath(path))
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def chown(context, path, uid, gid)
+        raise Errno::EACCES, path if context.uid != 0
+        hpath = homepath(context.uid, path)
+        File.chown(uid, gid, hpath)
     end
 
-    # Test if we can delete the file given by _path_.
-    # @param [String] path the path to the file to test
+    # Create and open a file
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [Integer] mode the file permissions to create
+    # @param [Fileinfo] ffi - use the FileInfo#fh attribute to store a
+    #   filehandle
     # @return [void]
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def can_delete?(path)
-        writable?(File.dirname(homepath(path)))
+    # @raise [Errno]
+    # If the file does not exist, first create it with the specified mode,
+    #   and then open it.
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def create(context, path, mode, ffi)
+        check_writable(context.uid, path)
+        hpath = homepath(context.uid, path)
+
+        # It is important that we create the file and chown it before we
+        # set its mode to prevent a possible privilage escalation
+        # race-condition. To be more specific, if this filesystem is
+        # running as root (which it usually is), the file will be created
+        # owned by root. If the mode were set when the file is created,
+        # then an attacker could create a setuid file writable by anyone,
+        # and then, in the 'real' filesystem (not HomeFS), quickly write a
+        # small program that just executes /bin/bash. If the write
+        # completed before handle.chown was called, the attacker could have
+        # a setuid shell.
+        handle = File.new(hpath, File::CREAT | File::WRONLY, 0600)
+        handle.chown(context.uid, context.gid)
+        handle.chmod(mode)
+        ffi.fh = handle
     end
 
-    # Write the given data to the given path.
-    # @param [String] path the path to write to
-    # @param [String] str a binary string of data to write
+    # Get attributes of an open file
+    # @overload fgetattr(context,path,ffi)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [Fileinfo] ffi
+    # @return [Stat] file attributes
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def fgetattr(context, path, ffi)
+        ffi.fh.lstat
+    end
+
+    # Possibly flush cached data
+    # @overload flush(context,path,ffi)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [FileInfo] ffi
     # @return [void]
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def write_to(path, str)
-        File.open(homepath(path), "wb") {|file| file.write(str) }
+    # @raise [Errno]
+    # BIG NOTE: This is not equivalent to fsync(). It's not a request to sync dirty data.
+    # Flush is called on each close() of a file descriptor. So if a
+    # filesystem wants to return write errors in close() and the file has
+    # cached dirty data, this is a good place to write back data and return
+    # any errors. Since many applications ignore close() errors this is not
+    # always useful.
+    #
+    # NOTE: The flush() method may be called more than once for each
+    # open(). This happens if more than one file descriptor refers to an
+    # opened file due to dup(), dup2() or fork() calls. It is not possible
+    # to determine if a flush is final, so each flush should be treated
+    # equally. Multiple write-flush sequences are relatively rare, so this
+    # shouldn't be a problem.
+    #
+    # Filesystems shouldn't assume that flush will always be called after
+    # some writes, or that if will be called at all.
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def flush(context, path, ffi) # We don't do any caching
     end
 
-    # Test whether we can write out to the given path.
-    # @param [String] path the path to test
-    # @return [Boolean] whether we can write to the given path
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def can_write?(path)
-        writable?(homepath(path))
-    end
-
-    # Get the times (atime, mtime, ctime) for the file at the given path.
-    # @param [String] path the path to the file to get the times for
-    # @return [Array<Time>] an array of size three of the last-accessed time,
-    #    the last-modified time, and the creation time for the file
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def times(path)
-        atime = File.atime(homepath(path))
-        mtime = File.mtime(homepath(path))
-        ctime = File.ctime(homepath(path))
-        [atime, mtime, ctime]
-    end
-
-    # Test whether the file given by _path_ is executable.
-    # @param [String] path the path to the file to test
-    # @return [Boolean] whether the file at the given path is executable.
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def executable?(path)
-        mode_mask(homepath(path), 0111)
-    end
-
-    # Read the contents of the file given by _path_.
-    # @param [String] path the path of the file to read
-    # @return [String] a binary string of the contents of the file
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def read_file(path)
-        File.open(homepath(path), "rb") do |file|
-            file.read
+    # Synchronize file contents
+    # @overload fsync(context,path,datasync,ffi)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [Integer] datasync if non-zero, then only user data should be
+    #   flushed, not the metadata
+    # @param [FileInfo] ffi
+    # @return [void]
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def fsync(context, path, datasync, ffi)
+        if datasync
+            ffi.fh.fdatasync
+        else
+            ffi.fh.fsync
         end
     end
 
-    # List the contents of a directory. This includes '.' and '..' (the current
-    # directory and its parent).
-    # @param [String] path the path to the directory to list
-    # @return [Array<String>] a list of file names of files in the directory
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def contents(path)
-        Dir.new(homepath(path)).to_a
+    # Change the size of an open file
+    # @overload ftruncate(context,path,size,ffi)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [Integer] size
+    # @param [Fileinfo] ffi
+    # @return [void]
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def ftruncate(context, path, size, ffi)
+        ffi.fh.truncate(size)
     end
 
-    # Get the size of the file at _path_
-    # @param [String] path the path to the file or directory to get the size of
-    # @return [Integer] the size, in bytes, of the file
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def size(path)
-        File.size(homepath(path))
+    # Get file attributes.
+    # @overload getattr(context,path)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @return [Stat] or something that quacks like a stat, or nil if the path does not exist
+    # @raise [Errno]
+    # Similar to stat(). The 'st_dev' and 'st_blksize' fields are ignored.
+    # The 'st_ino' field is ignored except if the 'use_ino' mount option is
+    # given.
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def getattr(context, path)
+        check_listable(context.uid, path)
+        File.lstat(homepath(context.uid, path))
     end
 
-    # Test whether _path_ is the name of a file (i.e., not a directory)
-    # @param [String] path the path to test
-    # @return [Boolean] whether _path_ represents a file
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def file?(path)
-        File.file?(homepath(path))
+    # Called when filesystem is initialised
+    # @overload init(info)
+    # @abstract
+    # @param [Context] context
+    # @param [Struct] info connection information
+    # @return [void]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def init(context, info)
     end
 
-    # Test whether _path_ is the name of a directory
-    # @param [String] path the path to test
-    # @return [Boolean] whether _path_ represents a directory
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def directory?(path)
-        File.directory?(homepath(path))
-    end
-
-    # Open a file handle to the file given by _path_, with the mode given by
-    # _mode_. Right now, the supported modes are "rw", "w", and "r", for
-    # read/write, write, and read. If the mode is write or read/write and no
-    # file exists at _path_, on will be created.
-    # @param [String] path the path to the file to open
-    # @param [String] mode the mode to open the file with
-    # @param rfusefs ignored
-    # @return [File] a file handle of the file given by _path_
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def raw_open(path, mode, rfusefs = nil)
-        mode = case mode
-               when "rw" then File::RDWR | File::CREAT | File::BINARY
-               when "r"  then File::RDONLY | File::BINARY
-               when "w"  then File::WRONLY | File::CREAT | File::BINARY
-               end
-        File.open(homepath(path), mode)
-    end
-
-    # Read _size_ bytes, starting at _offset_, from the file handle given by _raw_
-    # (which is returned by a call to _raw_open_). If raw is nil and a path is
-    # given, a file will be opened at _path_, and closed after the data is read.
-    # Otherwise, _path_ is ignored.
-    # @param [String] path the path to the file
-    # @param [Integer] offset the offset, in bytes, from the start of the file
-    #   to start reading from.
-    # @param [Integer] size the amount of bytes to read
-    # @param [File] raw the file handle to read from
-    # @return [String] a binary string of the requested data
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def raw_read(path, offset, size, raw = nil)
-        file = raw || raw_open(path, "r")
-        file.seek(offset, :SET)
-        file.read(size)
-    ensure
-        file.close if raw.nil?
-    end
-
-    # Sync writes to the underlying filesystem. If _raw_ is nil, no operation is
-    # performed.
-    # @param path ignored
-    # @param datasync ignored
-    # @param [File] raw the file handle to sync
+    # Create a hard link to file
+    # @overload link(context,from,to)
+    # @abstract
+    # @param [Context] context
+    # @param [String] from
+    # @param [String] to
     # @return [void]
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def raw_sync(path, datasync, raw = nil)
-        return if raw.nil? # Should we sync anyway?
-        raw.fdatasync
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def link(context, from, to)
+        hfrom = homepath(context.uid, from)
+        check_writable(context.uid, from)
+        File.link(hfrom, to)
+        File.chown(context.uid, hfrom) if context.uid == 0
     end
 
-    # Close the file handle given by _raw_.
-    # @param path ignored
-    # @param [File] raw the file handle to close
+    # (see RFuse::Fuse#mkdir)
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def mkdir(context, path, mode)
+        check_writable(context.uid, path)
+        hpath = homepath(context.uid, path)
+        Dir.mkdir(hpath, mode)
+        File.chown(context.uid, context.gid, hpath) if context.uid == 0
+    end
+
+    # File open operation
+    # @overload open(context,path,ffi)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [FileInfo] ffi
+    # file open flags etc.
+    # The fh attribute may be used to store an arbitrary filehandle object
+    # which will be passed to all subsequent operations on this file
+    # @raise [Errno::ENOPERM] if user is not permitted to open the file
+    # @raise [Errno] for other errors
     # @return [void]
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def raw_close(path, raw = nil)
-        return if raw.nil? # ???
-        raw.close
-    end
-
-    # Write _sz_ bytes from _buf_ to the file handle _raw_, starting at _off_.
-    # If no file handle is given, one will be opened at the given path, and
-    # closed after the write is complete.
-    # @param [String] path the path of the file
-    # @param [Integer] off the offset, in bytes, to starting writing to the
-    #   file at
-    # @param [Integer] sz the amount of bytes to read from buf
-    # @param [String] buf a binary string containing the data to be written
-    # @param [File] raw the file handle to write to
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def open(context, path, ffi)
+        if ffi.flags & File::RDWR != 0
+            mask = 0666
+        elsif ffi.flags & File::WRONLY != 0
+            mask = 0222
+        else
+            mask = 0444
+        end
+        hpath = homepath(context.uid, path)
+        unless mode_mask(hpath, mask, context.uid)
+            fail Errno::EACCES, path
+        end
+
+        # We pass the flags straight into File.open because the constants
+        # in RFuse::Fcntl and File::Constants have the same values, because
+        # they both have the same values as the open syscall. If this were
+        # not the case, we'd have the map the values of RFuse::Fcntl to
+        # their equivalents in File::Constants
+        ffi.fh = File.open(hpath, ffi.flags)
+    end
+
+    # Open directory
+    # @overload opendir(context,path,name)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [FileInfo] ffi
     # @return [void]
-    # @note This method should usually only be called by FUSE, and not called
-    #   directly
-    def raw_write(path, off, sz, buf, raw = nil)
-        file = raw || File.open(path, "w")
-        file.seek(off, :SET)
-        file.write(buf[0...sz])
-    ensure
-        file.close if raw.nil?
+    # @raise [Errno]
+    # Unless the 'default_permissions' mount option is given, this method
+    # should check if opendir is permitted for this directory. Optionally
+    # opendir may also return an arbitrary filehandle in the fuse_file_info
+    # structure, which will be available to {#readdir},  {#fsyncdir},
+    # {#releasedir}.
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def opendir(context, path, ffi)
+        check_listable(context.uid, path)
+        ffi.fh = Dir.new(homepath(context.uid, path))
+    end
+
+    # Read data from an open file
+    # @overload read(context,path,size,offset,ffi)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [Integer] size
+    # @param [Integer] offset
+    # @param [FileInfo] ffi
+    # @return [String] should be exactly the number of bytes requested, or
+    #   empty string on EOF
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def read(context, path, size, offset, ffi)
+        if offset < 0
+            ffi.fh.seek(offset, :END)
+        else
+            ffi.fh.seek(offset, :SET)
+        end
+        ffi.fh.read(size)
+    end
+
+    # (see RFuse::Fuse#readdir)
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def readdir(context, path, filler, offset, ffi)
+        filler.push(".", nil, 0)
+        filler.push("..", nil, 0)
+        ffi.fh.pos = offset
+        ffi.fh.each do |filename|
+            next if filename == '.' || filename == '..'
+            filler.push(filename, nil, 0)
+        end
     end
+
+    # Resolve target of symbolic link
+    # @overload readlink(context,path,size)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [Integer] size if the resolved path is greater than this size
+    #   it should be truncated
+    # @return [String] the resolved link path
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def readlink(context, path, size)
+        # Is it okay that we return the 'real' path here?
+        File.readlink(homepath(context.uid, path))[0 ... size]
+    end
+
+    # Release an open file
+    # @overload release(context,path,ffi)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [FileInfo] ffi
+    # @return [void]
+    # Release is called when there are no more references to an open file:
+    # all file descriptors are closed and all memory mappings are unmapped.
+    #
+    # For every {#open} call there will be exactly one {#release} call with
+    # the same flags and file descriptor. It is possible to have a file
+    # opened more than once, in which case only the last release will mean,
+    # that no more reads/writes will happen on the file.
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def release(context, path, ffi)
+        ffi.fh.close
+    end
+
+    # (see RFuse::Fuse#rename)
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def rename(context, from, to)
+        hfrom = homepath(context.uid, from)
+        hto = homepath(context.uid, to)
+        check_readable(context.uid, from)
+        check_writable(File.dirname(from), context.uid)
+        check_writable(File.dirname(to), context.uid)
+        FileUtils.mv(hfrom, hto, :force => true)
+    end
+
+    # Create a symbolic link
+    # @overload symlink(context,to,from)
+    # @abstract
+    # @param [Context] context
+    # @param [String] to
+    # @param [String] from
+    # @return [void]
+    # @raise [Errno]
+    # Create a symbolic link named "from" which, when evaluated, will lead
+    #   to "to".
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def symlink(context, to, from)
+        check_writable(context.uid, from)
+        hfrom = homepath(context.uid, from)
+        File.symlink(to, hfrom)
+        begin
+            File.lchown(context.uid, context.gid, hfrom)
+        rescue
+        end
+    end
+
+    # Change the size of a file
+    # @overload truncate(context,path,offset)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [Integer] offset
+    # @return [void]
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def truncate(context, path, offset)
+        check_writable(context.uid, path)
+        File.truncate(homepath(context.uid, path), offset)
+    end
+
+    # Remove a file
+    # @overload unlink(context,path)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @return [void]
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def unlink(context, path)
+        check_writable(context.uid, File.dirname(path))
+        File.unlink(homepath(context.uid, path))
+    end
+
+    # Change access/modification times of a file
+    # @overload utimens(context,path,actime,modtime)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [Integer] actime access time in nanoseconds
+    # @param [Integer] modtime modification time in nanoseconds
+    # @return [void]
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def utimens(context, path, actime, modtime)
+        check_writable(context.uid, path)
+        File.utime(actime, modtime, homepath(context.uid, path))
+    end
+
+    # Write data to an open file
+    # @overload write(context,path,data,offset,ffi)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [String] data
+    # @param [Integer] offset
+    # @param [FileInfo] ffi
+    # @return [Integer] exactly the number of bytes requested except on
+    #   error
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    def write(context, path, data, offset, ffi)
+        if offset < 0
+            ffi.fh.seek(offset, :END)
+        else
+            ffi.fh.seek(offset, :SET)
+        end
+        ffi.fh.write(data)
+    end
+
+begin
+
+    require 'ffi-xattr'
+
+    # Get extended attribute
+    # @overload getxattr(context,path,name)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [String] name
+    # @return [String] attribute value
+    # @raise [Errno] Errno::ENOATTR if attribute does not exist
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    # @note This method is only defined if the gem 'ffi-xattr' is
+    # available
+    def getxattr(context, path, name)
+        check_readable(context.uid, path)
+        hpath = homepath(context.uid, path)
+        check_nodata Xattr::Lib.get(hpath, false, name)
+    end
+
+    # Set extended attributes
+    # @overload setxattr(context,path,name,data,flags)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [String] name
+    # @param [String] data
+    # @param [Integer] flags
+    # @return [void]
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    # @note This method is only defined if the gem 'ffi-xattr' is
+    # available
+    def setxattr(context, path, name, data, flags)
+        check_writable(context.uid, path)
+        hpath = homepath(context.uid, path)
+        Xattr::Lib.set(hpath, false, name, data)
+    end
+
+    # List extended attributes
+    # @overload listxattr(context,path)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @return [Array<String>] list of attribute names
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    # @note This method is only defined if the gem 'ffi-xattr' is
+    # available
+    def listxattr(context, path)
+        check_readable(context.uid, path)
+        hpath = homepath(context.uid, path)
+        check_nodata Xattr::Lib.list(hpath, false)
+    end
+
+    # Remove extended attribute
+    # @overload removexattr(context,path,name)
+    # @abstract
+    # @param [Context] context
+    # @param [String] path
+    # @param [String] name attribute to remove
+    # @return [void]
+    # @raise [Errno]
+    # @note This method should usually only be called by FUSE, and not
+    #   called directly
+    # @note This method is only defined if the gem 'ffi-xattr' is
+    #   available
+    def removexattr(context, path, name)
+        check_writable(context.uid, path)
+        hpath = homepath(context.uid, path)
+        Xattr::Lib.remove(hpath, false, name)
+    end
+
+    # Raise Errno::ENODATA if _value_ is nil. Otherwise, return _value_.
+    # @param [Object] value the value to check
+    # @return [Object] the given value
+    # @raise [Errno::ENODATA] if value is nil
+    def check_nodata(value)
+        if value.nil?
+            fail Errno::ENODATA
+        end
+        value
+    end
+    private :check_nodata
+
+rescue LoadError # require 'ffi-xattr'
+    # We don't have the library, so we don't define those methods
+end
+
 end

data/lib/homefs.rb

@@ -1 +1,2 @@
 require 'homefs/homefs'
+require 'homefs/debug'

metadata

@@ -1,31 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: homefs
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.3.0
 platform: ruby
 authors:
 - Dylan Frese
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-10-26 00:00:00.000000000 Z
+date: 2015-10-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rfusefs
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rb-inotify
+  name: rfuse
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -39,9 +25,9 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 description: |-
-  FuseFS currently written in Ruby that directs filesystem
-                      calls to a directory relative to the calling user's home
-                      directory.
+  FUSE filesystem currently written in Ruby that directs
+                      filesystem calls to a directory relative to the calling
+                      user's home directory.
 email: dmfrese@gmail.com
 executables:
 - homefs
@@ -50,6 +36,7 @@ extra_rdoc_files: []
 files:
 - bin/homefs
 - lib/homefs.rb
+- lib/homefs/debug.rb
 - lib/homefs/homefs.rb
 homepage: 
 licenses: