|
|
|
|
|
|
by smasher164
1160 days ago
|
|
|
> How then would one leverage 9p filesystems to solve the containerization problem? In Plan 9, processes are sandboxed by default, so they only see what is exposed to them. You utilize mounts to attach filesystems to processes, and since all APIs are done through the filesystem, you can trivially wrap/extend/replace those APIs with different implementations. Essentially, everything-is-a-filesystem + 9p gave you a kind of capability-based security. |
|
|
In POSIX-land, I can write to a temp file, sync it and the parent directory, and rename it over the original and be pretty well guaranteed anyone accessing the file by name will never see a partially written to file.
How the heck does this work in 9p servers? For a "synthetic" file server one could decide to update the state depending on receiving full payloads I presume, and discard anything that's nonsense or incomplete. (like changing the baud on a serial port through the control file - you need to know the format of the commands and send the correct payload)
But what does one do about regular files? Write to temporary files and rename over them? Do the Plan 9 file systems have any atomic guarantees (HJFS, Fossil, KenFS etc?) and do I need to understand each of them?