Open peterverraedt opened 5 months ago
smallfz
commented
4 months ago Thanks for the work! It looks great so far. Please spare me some time for fully understand all this. I skipped a lot of lines about authentication in the RFCs so I need to make up for that.
tobychui
commented
3 months ago I just came across this amazing project and this function is exactly what I needed! Any chances that this will get merged soon? Thanks for the great work :)
Hello, first of all: good job! I'm trying to integrate this project to export a virtual file system as NFS. Being virtual, the displayed posix permissions don't necessarily match with the actual permissions a user has (i.e. which actions the user can do successfully). To handle this properly, I would like to retrieve the uid of a connecting user, so in listing files, it can appear that that user owns all files; and if the user tries to read/change anything, I can put custom enforcements based on his identity.
For this, I implemented AUTH_UNIX = AUTH_SYS, and I pass the current credentials to the new SetCreds function in the fs.FS interface. Since the SetCreds and the other FS functions should not interleave for different sessions, I now create a new FS for each connection in the provided backend.
I'm not entirely happy with the introduction of the SetCreds function, but it was currently the fastest way to pass this information. Alternatively, credentials could passed as argument to all FS' functions, or one could somehow create a new FS for each newly authenticated user and cache it.