Conversation with #inferno at Sat Dec 15 16:32:59 2012 on powerman@irc.freenode.net (irc)
(17:03:35) fdd [fdd@unaffiliated/fdd] entered the room.
(17:47:48) dreadlorde [~dreadlord@c-68-42-82-10.hsd1.mi.comcast.net] entered the room.
(18:19:34) fdd left the room (quit: Ping timeout: 240 seconds).
(19:04:56) raphaelsc [~raphaelsc@187-127-210-151.user.veloxzone.com.br] entered the room.
(19:13:34) raphaelsc left the room (quit: Quit: Leaving).
(19:19:46) vpm left the room (quit: Quit: co'o).
(19:21:00) vpm [~vpm@blumenthal.vrinimi.int.eu.org] entered the room.
(21:14:02) Fish- left the room (quit: Ping timeout: 255 seconds).
(21:19:40) Fish- [~Fish@bus77-2-82-244-150-190.fbx.proxad.net] entered the room.
(22:05:11) Aram left the room (quit: Quit: .).
(00:14:43) raphaelsc [~raphaelsc@187-127-210-151.user.veloxzone.com.br] entered the room.
(00:24:21) Fish- left the room (quit: Quit: WeeChat 0.3.9.2).
(01:39:55) raphaelsc left the room (quit: Quit: Leaving).
(06:11:45) raphaelsc [~raphaelsc@187-127-210-151.user.veloxzone.com.br] entered the room.
(06:12:13) raphaelsc left the room (quit: Read error: Connection reset by peer).
(10:19:11) `jpi left the room (quit: Ping timeout: 246 seconds).
(10:42:05) `jpi [~jpi@unaffiliated/pseud0cod3r] entered the room.
(12:15:24) k3nz0 [~k3nz0@unaffiliated/k3nz0] entered the room.
(12:15:35) k3nz0: Hello guys 
(12:16:09) k3nz0: In order to run limbo binaries, there is no other choice except installing inferno-os ? 
(13:11:37) powerman: k3nz0: you can package your .dis app and all modules it uses inside emu binary and configure it to run your app on start
(13:12:17) powerman: this way you'll get, say, single emu.exe file which you can run on windows and which will work just as your app
(13:12:59) powerman: same works for *nix
(13:15:37) C-Keen: yeah, all it really needs is a dis emulator and all modules it uses
(16:20:58) k3nz0 left the room (quit: Ping timeout: 245 seconds).
(17:02:42) raphaelsc [~raphaelsc@187-127-112-51.user.veloxzone.com.br] entered the room.
(19:15:01) Fish [~Fish@9fans.fr] entered the room.
(20:18:00) dreadlorde left the room (quit: ).
(20:22:38) dreadlorde [~dreadlord@c-68-42-82-10.hsd1.mi.comcast.net] entered the room.
(22:18:03) raphaelsc left the room (quit: Ping timeout: 245 seconds).
(22:44:16) fdd [fdd@2a02:2f02:8029:f009::bc18:47ef] entered the room.
(22:44:17) fdd left the room (quit: Changing host).
(22:44:17) fdd [fdd@unaffiliated/fdd] entered the room.
(04:05:39) raphaelsc [~raphaelsc@187-127-112-51.user.veloxzone.com.br] entered the room.
(08:47:23) dreadlorde left the room (quit: Ping timeout: 260 seconds).
(08:50:26) raphaelsc left the room (quit: Ping timeout: 272 seconds).
(09:01:51) Gegemon [~ynv@mx1.airis.ru] entered the room.
(09:05:10) Gegemon left the room (quit: Client Quit).
(09:05:21) Gegemon [~ynv@mx1.airis.ru] entered the room.
(09:06:42) Fish left the room (quit: Quit: WeeChat 0.3.9.2).
(09:56:21) yiyus left the room (quit: Ping timeout: 244 seconds).
(10:19:17) `jpi left the room (quit: Ping timeout: 255 seconds).
(10:25:06) yiyus [1242712427@server1.bouncer4you.de] entered the room.
(10:26:33) `jpi [~jpi@unaffiliated/pseud0cod3r] entered the room.
(10:57:06) rogpeppe [~rog@host-92-23-121-105.as13285.net] entered the room.
(12:29:49) Gegemon left the room (quit: Quit: Leaving.).
(12:31:50) Aram [~aram@chello084112126145.24.11.vie.surfer.at] entered the room.
(12:31:50) Aram left the room (quit: Changing host).
(12:31:50) Aram [~aram@unaffiliated/aramdune] entered the room.
(13:30:55) Gegemon [~ynv@mx1.airis.ru] entered the room.
(14:42:45) Gegemon left the room (quit: Quit: Leaving.).
(14:47:47) Gegemon [~ynv@mx1.airis.ru] entered the room.
(14:59:54) dreadlorde [~dreadlord@c-68-42-82-10.hsd1.mi.comcast.net] entered the room.
(15:57:08) Gegemon left the room (quit: Quit: Leaving.).
(17:27:35) fdd left the room (quit: Ping timeout: 240 seconds).
(20:53:13) raphaelsc [~raphaelsc@187-127-112-51.user.veloxzone.com.br] entered the room.
(21:16:50) Fish [~Fish@9fans.fr] entered the room.
(22:20:32) anth_r [none@adsl-99-40-132-129.dsl.bcvloh.sbcglobal.net] entered the room.
(23:18:28) Aram left the room (quit: Remote host closed the connection).
(00:58:44) dreadlorde left the room (quit: ).
(03:51:02) raphaelsc left the room (quit: Quit: Leaving).
(04:19:44) doublec: if I have a client that uses 'mount' on a remote service and fails authentication then the service on the server that manages /mnt/keys seems to die
(04:19:50) doublec: I have to re-run svc/auth
(04:20:02) doublec: Am I perhaps doing something wrong here?
(04:58:38) dreadlorde [dreadlorde@c-68-42-82-10.hsd1.mi.comcast.net] entered the room.
(05:42:11) raphaelsc [~raphaelsc@187-127-112-51.user.veloxzone.com.br] entered the room.
(06:06:34) raphaelsc left the room (quit: Remote host closed the connection).
(06:37:21) raphaelsc [~raphaelsc@187-127-112-51.user.veloxzone.com.br] entered the room.
(07:39:33) Gegemon [~ynv@mx1.airis.ru] entered the room.
(07:49:08) Gegemon left the room (quit: Quit: Leaving.).
(07:55:05) Gegemon [~ynv@mx1.airis.ru] entered the room.
(10:18:42) `jpi left the room (quit: Ping timeout: 264 seconds).
(10:23:40) `jpi [~jpi@unaffiliated/pseud0cod3r] entered the room.
(11:28:31) fdd [fdd@2a02:2f02:8029:f003::bc18:5068] entered the room.
(11:28:32) fdd left the room (quit: Changing host).
(11:28:32) fdd [fdd@unaffiliated/fdd] entered the room.
(11:56:12) raphaelsc left the room (quit: Ping timeout: 272 seconds).
(12:23:33) powerman: doublec: perhaps. auth server doesn't involved in process of authenticating some client on some server/service, so it can't die because of it
(12:30:29) doublec: powerman: I notice a post from leetspete on the mailing list where he says the issue too
(12:32:14) powerman: doublec: can you send me a link?
(12:33:17) doublec: powerman: http://article.gmane.org/gmane.os.inferno.general/5468
(12:33:56) doublec: powerman: the steps to reproduce are to do a "listen" exporting something, then on a client "mount" it, but get the password wrong.
(12:34:18) doublec: powerman: then the /mnt/keys on the server is gone, and the server that manages that is dead
(12:34:27) doublec: powerman: running 'svc/auth' again sarts it
(12:35:23) doublec: I assume it's keyfs or some similar service that 'svc/auth' starts that is dying
(12:40:47) powerman: doublec: did you tried solution which helps leetspete - mk nuke etc.?
(12:42:00) powerman: ohh, I see his next email
(12:51:32) powerman: doublec: I've just tried to reproduce it, and everything works fine for me
(12:51:44) powerman: so, let's compare what we're doing
(12:53:19) powerman: 1) I've inferno installed system-wide in /usr/inferno, thus /keydb/keys file belongs to root, and I have to execute emu-g as root to run local auth server.
(12:54:07) powerman: 2) edit /lib/ndb/local and set SIGNER=localhost
(12:54:56) powerman: 3) create server cert, run auth server, add user account:
(12:55:00) powerman: # emu-g
(12:55:13) powerman: ; auth/createsignerkey powerman.name
(12:55:34) powerman: ; svc/auth
(12:55:34) powerman: Key: 
(12:55:34) powerman: Confirm key: 
(12:55:51) powerman: ; auth/changelogin inferno
(12:55:51) powerman: new account
(12:55:51) powerman: secret: 
(12:55:51) powerman: confirm: 
(12:55:51) powerman: expires [DDMMYYYY/permanent, return = 18122013]: permanent
(12:55:51) powerman: change written
(12:56:47) powerman: 4) now, run emu-g as usual user, and try to get cert for just created user inferno using wrong pass:
(12:56:51) powerman: $ emu-g
(12:57:29) powerman: ; getauthinfo tcp!localhost
(12:57:29) powerman: use signer [$SIGNER]: 
(12:57:29) powerman: remote user name [powerman]: inferno
(12:57:29) powerman: password: 
(12:57:29) powerman: getauthinfo: failed to authenticate: name or secret incorrect (alpha**r0 mod p)
(12:58:02) powerman: (at this point on auth server I got this on screen):
(12:58:02) powerman: listen: got connection on tcp!*!inflogin from 127.0.0.1!43667
(12:58:02) powerman: logind: can't get alpha**r1 mod p:hungup
(12:58:08) doublec: right
(12:58:22) doublec: now looking at /mnt/keys o nthe signing server shows nothing
(12:58:37) powerman: (continue in user's emu-g, getauthinfo tries again, now with good pass):
(12:58:37) powerman: use signer [$SIGNER]: 
(12:58:37) powerman: remote user name [inferno]: 
(12:58:37) powerman: password: 
(12:58:37) powerman: save in file [yes]: 
(12:58:37) powerman: ;
(12:58:41) doublec: and future attempts on the client fails
(12:58:55) doublec: try doing a listen on the server
(12:58:56) powerman: nope:
(12:58:56) powerman: ; ls -l /mnt/keys
(12:58:56) powerman: d-r-x------ M 4 root root 0 Dec 18 12:58 /mnt/keys/inferno
(12:58:58) doublec: and a mount on the client
(12:59:09) doublec: but fail the mount authentication
(12:59:22) doublec: (using a wrong certificate or something)
(13:00:14) powerman: ok, let's export/mount some resource using auth
(13:00:43) powerman: for this we've to create one more user/certificate - for server which will export something
(13:04:10) doublec: ok, I've duplicated it
(13:04:13) doublec: the exact steps are
(13:04:28) doublec: on server: listen 'tcp!*!8000' { export '/usr/chris' & }
(13:04:40) doublec: on client I have no 'default' in my keyrings directory
(13:05:00) doublec: then on client I do: mount 'tcp!server!8000' /mnt/test
(13:05:02) doublec: it fails
(13:05:10) doublec: with "default does not exist"
(13:05:25) doublec: on server I see: listen: auth on tcp!*!8000 failed: hungup
(13:05:34) doublec: then /mnt/keys on server is empty
(13:05:42) doublec: an any existing auth request fails
(13:09:36) powerman: I've successfully (on root's emu-g): create new user "fileserver", get it certificate, run svc/styx.
(13:09:36) powerman: Then I was able to mount tcp!localhost from user's emu-g. I have no errors on screen in both emu.
(13:09:36) powerman: But. Keyfs process really exit in root's emu-g after that. Without any errors.
(13:10:41) powerman: any chance it's security feature? :)
(13:10:58) powerman: to avoid external access to /keydb/keys?
(13:11:34) doublec: the problem is a user can DoS a server by failing the authentication
(13:11:37) doublec: now no one can authenticate
(13:11:47) doublec: until it's restarted
(13:12:27) powerman: maybe the problem is what you run something on auth server? auth server supposed to run only auth services and nothing else.
(13:12:45) powerman: keyfs(4) make this very clear
(13:13:43) doublec: hmm, maybe
(13:15:31) doublec: let me try with exporting the namespace on a different server
(13:23:16) doublec: powerman: you're right. Doing the listen on a seperate server works.
(13:23:45) powerman: doublec: actually I didn't see this sort of security feature inside keyfs source
(13:24:00) powerman: so it's still unclear why it exits
(13:24:22) powerman: I've run auth/keyfs manually after it exited, and now experimenting, but it won't exit anymore
(13:26:51) powerman: doublec: ok, looks like I catch it. keyfs exits when listen started
(13:27:22) powerman: even this one: listen -v 'tcp!*!12345' {echo ok}
(13:30:03) powerman: yep. looks like after auth/keyfs it's allowed to run only listen on few auth-related ports, and running listen on any other port result in killing Keyfs process
(13:31:00) doublec: so it's by design or an error?
(13:31:02) powerman: /appl/cmd/listen.b:83
(13:31:08) powerman: it's a security feature
(13:31:44) powerman: listen(1): The -t  option declares the command to be `trusted' giving it access to elements of the current name space such as /mnt/keys  on an authentication server. By default it has not got that access.
(13:31:47) doublec: ok, so rule of thumb is signing server should run nothing else
(13:31:58) powerman: shouldn't 
(13:32:04) doublec: right, sorry, typo
(13:32:22) doublec: that explains the "-t" used in svc/auth listen commands
(13:37:08) powerman: I've sent reply to maillist describing this, for future references.
(13:41:18) doublec: thanks for tracking it down
(13:43:02) powerman: no prob, it was funny :)
(13:52:49) fdd left the room (quit: Read error: Connection reset by peer).
(13:53:30) fdd [fdd@unaffiliated/fdd] entered the room.