Rainbow/DataStore Access: Difference between revisions

This page is a brain-storm page discussing how to implement the two basic access mode of the DataStore: read-only and write

To prevent excessive copying of files, the datastore should have a way to provide access a specific file in the store to a specific instance of the Activity. We need some user-id group-id setup for that:

All groups and users are the normal unix /etc/group and /etc/passwd users. Because we are going to be writing to them a lot, we need a locking mechanism!

• All installed activities get their own group called 'ActivityName.xo', this will be used for file permissions per-activity settings
• All activity instances get their own UID and GID. These will be between 10000 and 20000 and should for simplicity always MATCH. Unix requires names for users and groups, lets call them 'ActivityNNN' where Activity is the ActivityName (first 3 letters) and NNN is the UID#

Read-Only

Example: 'Write' needs access to a document during load:

• The Sugar shell creates UID/GID 10001 for the instance, and updates 'WriteGroup', adding Wri10001 to the WriteGroup
• The DataStore creates the tree:

{{{ user.group permissions file olpc.olpc 755 /ds olpc.Wri10001 750 /ds/<instance-uid>/ hardlink: ln /home/olpc/..../file-in-ds.ext /ds/<instance-uid>/somefile.doc olpc.Wri10001 640 /ds/<instance-uid>/somefile.doc }}}

• Sugar Shell invokes read_file()
• When read_file() returns, the DataStore sets permission 600 on somefile.doc and/or unlinks.