ExternalVendorCode/genode
1
0
Fork 0
mirror of https://github.com/genodelabs/genode.git synced 2025-02-26 03:28:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
genode/repos/os/src/server/ram_fs/README
Norman Feske ca971bbfd8 Move repositories to 'repos/' subdirectory 
This patch changes the top-level directory layout as a preparatory
step for improving the tools for managing 3rd-party source codes.
The rationale is described in the issue referenced below.

Issue #1082
2014-05-14 16:08:00 +02:00

58 lines
2.2 KiB
Plaintext
Raw Blame History

This directory contains an in-memory file-system implementation.
Configuration
~~~~~~~~~~~~~
Access to the file system can be tailored for each session depending on the
session's label. By default, no permissions are granted to any session.
To selectively permit access to (a part of) the file system, at least one
ram_fs policy must be defined.
The following configuration illustates the way of how to express policy.
! <config>
! <!-- preload RAM file system with some ROM images -->
! <content>
! <dir name="tmp">
! <rom name="init" as="blubb" />
! </dir>
! <dir name="home">
! <dir name="user">
! <inline name=".vimrc">
! set hidden
! </inline>
! </dir>
! </dir>
! </content>
! <!-- constrain sessions according to their labels -->
! <policy label="noux -> root" root="/" />
! <policy label="noux -> home" root="/home/user" writeable="yes" />
! <policy label="noux -> tmp" root="/tmp" writeable="yes" />
! </config>
The '<content>' sub node of the '<config>' node provides a way to pre-populate
the file system with directories and files. Note that '<dir>' nodes can be
arbitrarily nested. Files can be loaded from the ROM service. By adding the
optional 'at' attribute to a rom node, the file name can be defined
independently from the ROM module name. In addition to creating files from
ROM modules, files can be created from data specified directly as part of the
configuration using '<inline>' nodes. The content of such nodes is used as
file content as is.
Session-specific access-control policy is expressed via one or more '<policy>'
nodes. At session-creation time, each policy node is matched against the label
of the new session. If the label of a policy node matches, the defined policy
is applied. If multiple policies match, the one with the longest 'label'
attribute (the most specific one) is selected.
A policy node may contain the following attributes. The mandatory 'root'
attribute defines the viewport of the session onto the file system. The
optional 'writeable' attribute grants the permission to modify the file system.
Example
~~~~~~~
To illustrate the use of ram_fs, refer to the 'libports/run/libc_fs.run'
script.
Reference in New Issue View Git Blame Copy Permalink