virtualfs all changes logs

virtualfs all changes logs

Change log index

Version 1.8

This is the first release of virtualfs. It was originally named netaudio and then remaudio, but the added functionality was worth a rename. Expect this project to evolve a lot!!!


And more

Check out the documentation

Support X terminals CD and floppy

This is new. Each X terminal users can access their floppy and CD transparently (no mount/umount). This works as well with workstation.

Works on glibc 2.0 and 2.1

Virtualfs works on both glibc 2.0 and 2.1. Currently, modified glibc are supplied for Red Hat 5.2 and 6.0. Other distribution will be supported as well.

Version 1.9

This is the second public release of virtualfs. This mostly includes bugs fixes and performance tuning. And more documentation.



I have written small man pages for many utilities and file format. The following pages are now available

  • virtualfs.1
  • litefsd.1
  • litefs-proxy.1
  • litefs-ssh.1
  • litefs.5
  • persmount.5
  • remaudioserv.8
  • persmount_remote.8

litefs performance

Litefs performance has been enhance. This particularly affect operation over slow link/high latency. Further tuning is possible in litefs-proxy to enhance the streaming of the protocol.


The command litefs-shh has been create to help setting litefs connections over ssh links. With that, ssh will nicely popup an X window program to request the password. This means that litefs links may be established by scripts.

litefs: shutdown protocol

You can turn off a litefs link by using litefs-shutdown command. It sends a LITE_SHUTDOWN command to all litefs back-end. This command is used by the "virtualfs umountall" command.

virtualfs umountall option

The virtualfs package provide auto-mounting of various resources. While the floppies and cdroms are mount/umount on the fly, other resources (novell mounts, smb/windows mounts) stay mounted until you umount them. litefs connection also stay on. By issuing

virtualfs umountall

you are closing all litefs connections and umounting all novell and smb shares. They will auto-mount again if accessed.

Version 1.10


fchmod missing

1.10 is just a quick fix to add support for fchmod, especially in litefs.

Version 1.11

1.11 is a bug fix release and finally includes a working AclFS component. Check it out!


AclFS: A powerful Access Control List File system

This is the first release of AclFS, a component of the virtualfs package. AclFS sits on top of a normal Linux file-system (such as ext2) but provides extended privileges (17 for now), granted to list of users and groups.

AclFS is a must on multi-user system with tight security. ISPs who need to grant access various parts of their web space to potentially unknown people will want to review this.

Check out to learn more.

More man pages

Many man pages were added.

Version 1.12

This is a bug fix release, with more documentation,


AclFS: Some documentation

There is some documentation now in the document which explain how to use AclFS. More documentation is needed to explain further the syntax of the ..acl files, although one can easily guess from the supplied examples.

persmount: New helper scripts for SMB and NCP

Two new utilities were created: virtualfs_xsmb and virtualfs_xncp. They are wrappers to simplify mounting SMB (Nt,Samba) and NCP (Novell) share with a popup (to enter the password). The documentation was modified to present those utilities instead of the explicit calls to ncpmount and smbmount.

Both utilities work the same

virtualfs-xsmb --server server --share share [ --account account ] 
     --mountdir mount_point

virtualfs command: New option

The virtualfs script was enhanced. There are two new options/command:

  • clean-n

    Virtualfs use the HOME/n directories to place its logical mount points. But it also use this directory to create sub-directories. This is done when one is changing its working directory inside one Virtualfs volume. Virtualfs creates a sub-directory there and change the process current directory. If the process starts new programs, they inherit the logical current working directory this way.

    After a while, you may end up with many empty directory in HOME/n. By using the command

    virtualfs clean-n

    all sub-directory not currently used by any process (not the working directory of any process) are removed. This requires a kernel 2.2 though.

  • --authdaemon

    Virtualfs is a "personal" thing. Each user may have its own set of configuration files (mappings). These are the .aclfs, .litefs and .persmount for example). Those config files are read by each processes generally early at startup time. They are not read again later (this might change some day).

    Some programs change identity. For example, ftpd (the ftp server) starts as root and then change to the user id of the logged client. By starting virtualfs with the --authdaemon, we are passing a directive to the various Virtualfs drivers to wait until the client is authenticated (the uid is not 0 anymore) to start normal operation.

    By placing the following line in /etc/inetd.conf, we can use Virtualfs services (especially AclFS) in an ftp session.

    ftp stream tcp nowait root /usr/bin/virtualfs virtualfs
     --authdaemon /usr/sbin/in.ftpd -l -a

    (The line was folded in two lines for this document).

    Note that for now we must place virtualfs calls here and there because of the experimental nature of virtualfs. In the future, we will have means to globally enable it. Another solution for inetd services would be to start inetd from virtualfs, so all process will share the ability to use it.


persmount: new layout

The .persmount file have been modified. They use to have the following layout:

volume   mount command ....

This was not that practical. The persmount driver was assuming that the real mount point was HOME/.n/volume all the time. The layout has been modified to accept the mount point as the second parameter.

    volume mount_point command ...

The command is now optional. This can be use to create simple redirection. This has some advantage over a symbolic link. This allows you to set your working directory in a resource logically, yet the resource may be unmounted anytime. I am using this facility in combination with the kernel auto-mounter. I have .persmount line like this

    machine   /n/machine

So I can do the following sequence

    cd n/machine/sub-dir
    # wait a while
    # and /n/machine is umounted by the kernel auto-mounter
    # it is mounted again

There are other usages I guess :-)

Bug fixes

AclFS: ..acl inheritance

..acl files were not properly inherited by sub-directories.

Version 1.16


AclFS: aclfsd --reloadconf

A new command line option was added. --reloadconf tells aclfsd to reread its configuration (/etc/aclfsd.conf).

aclfs: new config file /etc/aclfs.conf

/etc/aclfs.conf is a default set of mapping for every user. Previously every user wanting to participate (access AclFS volumes) had to set his own .aclfs file. Now his configuration is the union of /etc/aclfs.conf and .aclfs. Both file have the same syntax.

AclFS: new privileges

The list has grown to 21 privileges. Notably there are chown and chmod privileges which were changed:

  • chmod and chmodany. The later allows the user to apply a chmod command on file he does not own.
  • chmodsuid: This let the user apply a chmod command which is setting some special bits (set uid bits).
  • chown and chownany: The later allows the user to chown file that do not belong to him. This is pretty much root access.

The new privileges gives tremendous power to users. Because of that the macro "MOST" was added. This grant most useful privilege for normal file access/edition/addition, but not too much. The macro "ALL" provides all privileges and should be used with care. Only truly trusted users should have this privilege.

AclFS: sysv init script provided

The package virtualfs-aclfs now provides a system V init script suitable for redhat 5.2 and 6.0.

LiteFS: Too many changes

A major rework of the LiteFS protocol was done. This will allows various future optimization such as write behind and read ahead. But the major feature is the "remote execution" concept. If you execute a file on a LiteFS volume, it is executed on the remote server transparently. Check it out!!!


aclfs: /var/run/aclfs.s moved

The unix domain socket to reach the aclfsd server was moved from /var/run/aclfs.s to /.aclfs.s. This was done to ease usage of AclFS on chroot environment. By doing various hard links pointing to /.aclfs.s in the root of each chroot environment, one can access AclFS volumes from there. No need to create /var/run directories everywhere.

Bug fixes

utime support

The utime syscall (changing the date of a file) was not supported properly. You need to install the latest glibc version to use that.

Version 1.17

AclFS is now ready for serious testing


AclFS: create-file-mode and mkdir-mode

This is one of the last key feature needed to really use AclFS. With it you can control the Unix permission and ownership assigned to new files and directories. In previous version, they were simply assigned to root. Both command use the same syntax:

create-file-mode user,group,permission-bits
mkdir-mode user,group,permission-bit

Any of the 3 supplied value may be replaced by a dash (-). In this case the value is taken from the call made by the client program. the default creation mode is -,-,-.

Those commands may be placed at 3 places in an ..acl file. They may be outside of any "file" directive. They represent the global default. They may be defined inside a file directive, but outside a context directive. They represent the default for a given file pattern. They may also be defined within a context directive, overriding any default.

AclFS: file pattern

Now you can put file pattern in ..acl using the familiar shell simple regular expression syntax (see "man 7 glob")..

Version 1.18

Bug fixes

AclFS: bug with rename sys-call

Rename was not working at all. Fixed!

Version 1.19


bigcp: improvement for LiteFS over high latency link

LiteFS in not optimized for high latency link. I expect to add some features to litefs-proxy, notably write-behind, read-ahead and directory caching. In the mean time, I have created bigcp, which is a cp like utility but copies using larger buffers (32000).

bigcp has a single option, -v for verbose mode. It is fairly crude. You can do either:

     bigcp source-file dest-file
     bigcp source-file .... dest-dir

Version 1.20

Bug fixes

LiteFS: bug in utime syscall

The utime system call (changing the dates of a file) was not working properly. The change involve a protocol fix, so you need to update virtualfs on all machine talking with LiteFS.

Version 1.21

Bug fixes

litefsd lost when mount fails

This affects X terminals users mostly. When trying to access the floppy or the CD (in $HOME/n/a: or $HOME/n/cdrom), if the drive is empty (no floppy or no CD), nothing is displayed, but it is not possible to use the drive any more until the terminal is reboot.

Fixed :-)

Version 1.22


AclFS: New privilege widelink

The privilege widelink was added. The privilege symlink allows the user to create symbolic links, but with some restriction:

  • They must be relative.

  • The must point inside the AclFS volume. The user are not supposed to know where the AclFS volume are and as such can't meaningfully create a symbolic link that points outside.

Widelink remove this restriction. Note that widelink is not part of the pseudo privilege "MOST". Only trusted (highly) users should own this privilege.

AclFS: program directive in ..acl

The program directive in ..acl is now operational. You can create an ..acl like this (part of one ..acl):

	list HTMLEDITOR { jack , joe, @users }
	file *.html{
	    context a{
	        program /usr/bin/edithtml;
	        program /usr/bin/viewhtml;
	        grant { &HTMLEDITOR }
	        rights MOST;

In this example, member of the list HTMLEDITOR are allowed to do almost anything with *.html files, except that they can only do it with the programs edithtml and viewhtml. Note that those programs are not privieged (not setuid), yet it is the only way users can deal with html page.

This "program" feature may very well be the alternative to setuid root programs. If a setuid program has a security hole and is abused by a user, he may very well take control of the system (get a root shell).

With AclFS program feature, the user may end up abusing the content of *.html file, but that's all, since edithtml and viewhtml do not have any privilege.

Note that /usr/bin/edithtml and /usr/bin/viewhtml must be owned by root and must be chmod to 111, so they look like this with the "ls -l" command:

---x--x--x 1 root  root      1234 aug  6  1998 edithtml

By turning off read access, you are preventing users from using a debugger over the process and overriding its behavior. But this does not grant any privilege to those programs.

Default configuration files

System wide defaults now exist for litefs.conf, aclfs.conf and persmount.conf. They are stored in /etc/virtualfs. Virtualfs 1.22 delivers one default litefs.conf and persmount.conf. This means that virtualfs is immediately useful without needing configuration.

If a user define his own .virtualfs/litefs.conf for example, it overrides the one in /etc/virtualfs.

LiteFS: browsing the net (network neighborhood)

The virtualfs-browsenet utility was created to retrieve information about workgroups, workstations and shares on the SMB (windows) network. The code was borrowed from the gnomba project. The virtualfs-browsenet command is a simple tool used by litefsd-browse. The default configuration for virtualfs 1.22 provides a browse sub-directory that works like this:

	ls n/browse
	# This produces the list of workgroup
	ls n/browse/group
	# This produces the list of workstation in this group
	ls n/browse/group/station
	# This presents the list of shares offered by the station
	ls n/browse/group/station/share
	# This connects to the share using the persmount automap
	# feature. A graphical login pops up.

Browsing the net can be slow. The command is producing a cache in .virtualfs/browsenet-IP.cache, where IP is the IP number of the eth0 network adaptor. The command won't browse the net unless this cache is removed. To produce a "refresh", erase the cache.

The encoding of the IP number is useful for notebook computers. It creates one cache per visited network.

By default, virtualfs-browsenet only scans the local network (eth0). You can create a configuration file .virtualfs/browsenet-IP.conf or .virtualfs/browsetnet.conf. The first lets you define one per network. This file contains one one per IP range to scan. It generally goes like this:

	# start IP      End

Note that virtualfs-browsenet does not support the browse master protocol. It could be modified to support novell networks as well.

LiteFS: litefsd-browse, a generic back-end

litefsd-browse is a LiteFS back-end. It maps the output of simple commands to file system information. The goal is to create administrative file systems. For example, using virtualfs 1.22 default configuration, one can do:

	ls n/printers
	ls n/printers/lp
	rm n/printers/lp/402

The first commands is showing the list of configured printers in /etc/printcap. The second is showing the job list for the print queue "lp". The third is removing the job 402 from the queue (if the user is allowed).

In this case, the litefsd-browse is using the virtualfs-printers command to retrieve the print queue information. This command is very simple. It is not a daemon. Ultimately, it could be a simple shell script.. The 3 lines above correspond to the 3 virtualfs-printers command:

	virtualfs-printers --list
	virtualfs-printers --list lp
	virtualfs-printers --unlink lp/402

Using this framework, one can map other information to file systems rather easily.

LiteFS: unix domain socket location

litefs.conf (was .litefs) is defining unix domain socket (second column). By default, if the socket has a relative path, they are created and expected in .virtualfs. Prior to 1.22, they were created in the HOME directory, and this was annoying.

Also to simplify the litefs.conf, you are not forced to repeat the socket name in the startup command. Prior to 1.22, one had to write something like:

tmp   .tmp    litefsd --fork --socket .tmp --chdir /tmp

WIth 1.22, the socket name is passed as an environment variable called LITEFS_SOCKET. All LiteFS front-end/back-end know about this environment variable, so there is no need to use the --socket command line option anymore. The example above becomes:

tmp   .tmp    litefsd --fork  --chdir /tmp

Persmount: Multi-level auto-map

Persmount (personal auto-mounter) is normally used to map a logical volume in HOME/n to a network share. A configuration line in .virtualfs/persmount.conf normally goes like this

	volume .n/volume mount command

When you access n/volume, a mount is triggered (if not already done) in HOME/.n/volume.

Now persmount may map a hierarchy in a single line. This was created to support the litefsd-browse with virtualfs-browsenet. Instead of specifying a mount point, you specify the depth of the hierarchy, like this

	volume  =3 mount command
The =3 token indicates that the hierarchy is 3 levels deep. Note that the mount command must be smart enough to deal with that. A single line in persmount.conf may corresponds to several mounts. To help the mount, persmount supplies 2 macros, %v indicates the map and %m indicates the mount point (always in HOME/.n). Here is the configuration line needed to support browsing network shares:

browse  =3  virtualfs-xsmb --map %v --mountdir %m


AclFS: New path for configuration files

The files /etc/aclfsd.conf and /etc/aclfs.conf were moved to /etc/virtualfs. You will have to move them yourself.

New configuration file hierarchy

Prior to 1.22, the various configuration files were stored in the HOME directory of each users. This was adding many dot files (.litefs, .persmount) in the home and was annoying. All those files were moved to the sub-direction .virtualfs. Since they are hidden in a dot-file directory there is no need to hide them anymore, so the various configuration files were renamed:

  • .litefs was renamed litefs.conf

  • .persmount was renamed persmount.conf

  • .aclfs was renamed aclfs.conf

Version 1.23


Mounting SMB shares (samba, windows)

The virtualfs-xsmb was redone using the Linuxconf UI toolkit. It pops a dialog where you can enter the user id you wish to use to connect and the password.

A check-box allows you so save the user/password pair in .virtualfs/share.conf. Those will be silently reused for future connection. Note that share.conf is not encrypted at all. I am working on a solution that will use gnu privacy gard to encrypt the file.

Anyway, this enhancement make browsing much more complete.

You need linuxconf-lib to install this new virtualfs though. Version 1.17r3 or better.

remaudio: bug fixes and midi support

The remaudio component was enhanced. Some ioctl were not supported and MIDI devices were completely ignored. With this new releases, MP3 player should work fine (mpg123 operate seamlessly).

Note that the protocol was changed a bit. You must update virtualfs and virtualfs-server on both ends to get proper sounds.

There is still some missing ioctl's and gmix for one is not working. I will fix that soon.

Version 1.24


AclFS: module directive

The module directive in ..acl is now operational. I have written to potentially useful modules. A module directive goes inside a context block. You can have as many module directive as you want.

	context xx{
		grant { ... }
		rights ...;
		module module_name args ...;

The argument are separated by spaces. The module_name correspond to a file in /usr/lib/aclfsd/modules/ (the path and the .so extension are added).

Argument are generally named. So they are not position dependent and optional argument are possible. Note that this is not a rule, but a suggestion. Both module implemented so far conform to that.

A module may have two effects: It can invalidate the context and/or it can add or remove some privileges granted by the context. Invalidating a context happens when a user (a request) is not part of the "grant" list.

So far, two modules where created:

  • aclmod_sched

    This modules works a little like the crontab. You specify various time range (minutes, hours, mdays, months, wdays) and if the current time does not fit in any range, the context is invalidated.

    Parameters are passed with name. Here is an example:

    module aclmod_sched hours=8-18,22 wdays=1

    This example says that access is allowed (the context is valid) on sunday, between 8 and 18 hour and at 22 hour.

    Another parameter, debug=yes, is available.

  • aclmod_file

    This module accepts a single argument file=some_path. If the file some_path does not exist, the context is invalidated. An administrator may setup something like:

    module aclmod_file file=/home/jack/.secret

    in his home directory and he can turn on and off access to a file system area just by creating and removing this file. Since the ..acl are owned by root and only readable by root (enforced by aclfsd), noone can guess the name of this file. For sure, the admin picks a location where noone can create files as well, except himself.

This complete the feature set of AclFS for now. More real world experience will be needed to polish its features. Comments are welcome.

Version 1.25


rprintserv: a light lpd server for X terminals

rprintserv is a new utility which implements the unix printer network protocol (like lpd). This utility is suitable for X terminals. It receives print request and send it right to the printer (parallel port).

The X terminal toolkit ( has been enhanced to support it. Check out the change log.

"rprintserv --help" report the usage. A man page is coming ...

Bug fixes

LiteFS: remote execution bug

In some situation, a process executing remotely was locking for no apparent reason. There was a bug in the demultiplexer (all processes are sharing the same communication session). Two processes were mixed. Anyway, if you have experienced some locking, this was probably it.

Version 1.26

Bug fixes

Missing ioctl for xmixer

The xmixer was using a non supported control sequence. It was added to virtualfs so xmixer now work without a hitch.

Problems when playing multiple sound file

The remote sound support has a flaw. The "close" command was not synchronous. It was not waiting for the various buffers to drain before returning. This was confusing some applications.

Note that a new version of the protocol had to be issued. This means that you must update both virtualfs and virtualfs-server on each side of the connection.

Version 1.27


Better compatibility with KDE kfm file manager

kfm is a little too curious when it browses directories. If you browse the HOME/n directory, it may triggers un-wanted mounts. Virtualfs is now a little kfm aware to avoid this.

Version 1.28


User connected to several X terminals at once

The access to the floppy and cdrom was confused when a user was logged more than once (using two terminals at once). The litefs driver was creating a single socket in HOME/.virtualfs/.display. Now it creates the socket HOME/.virtualfs/.display:$DISPLAY, which fixes the problem.

Version 1.29

Bug fixes

Bug with sounds and floppies

When running virtualfs on the console (not on an X terminal), there were some problems with floppies and sound. MP3 file were not playing at all and the floppy was behaving very strangely when using low level commands such as fdformat and friends.

Version 1.30


Enhanced browsing ability

You could already browse an SMB network (windows, samba) in $HOME/n/browse. Unfortunately, you were requested to enter a password only when you were connecting to a share, not when you were trying to view the available shares.

Now a popup allows you to enter a user and password pair. Later this pair will be reused (if you saved to disk) to connect to the share. If the connection fails, you will be able to enter another user/password share. This mean you can connect to a NT/Samba server using different identity for each shares and for browsing the available shares.

virtualfs-xsmb supports various samba

This utility probes the version of smbmount and adapt. Currently, it supports the command line syntax of 2.03, 2.05 and 2.06.

Version 1.35


RedHat 7.1 support

Some changes were made to support glibc found RedHat 7.1. The issue was to support the symbol versioning, especially the readdir64() function. This is solved and now a virtualfs package compiled on rh7.0 works as well on rh7.1, with glibc 2.1 or 2.2.

The ftp site contains new version of glibc for redhat 7.0 and 7.1. If you had previously updated your glibc, you need to update again to use virtualfs 1.35.

I have been stucked with this issue for some time now :-)

Version 1.38


adminfs utility

The adminfs utility is used to configure the n/adminfs file system. You can add new configuration, trigger a connection, end it.

You can export all the connection definition to a KDE menu on your desktop.

adminfs: new litefs solution

adminfs shows up as n/adminfs. Each sub-directory corresponds to a host you administer. This directory is populated using either the adminfs GUI front-end (new in this release) or on demand.

The on-demand mode works like this. You try to access a new host in n/adminfs (well, not a host, but a name). Say you do:

	ls n/adminfs/foo

Since foo does not exist, a pop-up shows up asking the specification of the adminfs connection (host, accounts, directory,vserver). Once filled the connection is established using litefs-ssh. A pop-up shows up to request the ssh password.

RedHat 8 and 9

glibc is now available for redhat 8 and 9. They are available at

Bug fixes

large files

The open64 system call was implemented using the open system call. It was not possible to manage large files using virtualfs. Note that not all virtualfs plug-gins support open64, but virtualfs now do not interfere with open64 outside of its scope.

Version 1.39


remaudio flaws

The remaudio component was not handling non-blocking access to audio devices (/dev/audio, /dev/dsp, ...). When writing to a device with a buffer full condition, the EAGAIN error code was not properly reported to the application, so it was skipping way fast to the end of the tune. Applications such as xine, xmms and mpg123 were affected by this flaw.

We had to change the protocol a bit, so the protocol revision number was raised from 3 to 4. This means that both side must be updated if you move to virtualfs 1.39 (xterminal and server side). This only applies to the remote sound capability. Other virtualfs components are not affected by the protocol change.

Note that X terminals have no problem playing video over the network (this has been tested with xine). Way cool.

Bug fixes

Browsing SMB workgroups and servers

The n/browse pseudo volume was buggy. The smbmount utility has changed usage (its command line syntax) over time and the virtualfs component was improperly parsing the smbmount version. As such, it was using the wrong syntax, so could not perform the mount.

Version 1.40


Remote execution using litefsd

When executing a command on the other side of a litefs volume, a PATH variable is set to /bin:/usr/bin:/usr/X11R6/bin:/usr/local/bin.

virtualfs PS1 prompt

When virtualfs starts a session, it changes the PS1 prompt to remind it is active. Now it uses a different prompt for root and other users. The one for root ends with # and $ is used for users.

Bug fixes

litefs: remote execution

Execution of remote command sometime failed to end. This was caused by unclosed file handle.

Version 1.43


aclfsd: authentication protocol

Normally, aclfsd is using Unix Credentials learned from the unix domain socket to learn the real user id if the client. An extension to the protocol allows the client to pass the userid and password of another user so it works on his behalf.

This was done for dav_ufs (an Apache mod_dav module used to publish files not normally available to apache).

aclfsd: per user configuration

aclfsd normally uses the /etc/virtualfs/aclfsd.conf configuration file. This file simply provides mappings for aclfs volume and location in the file system.

aclfsd accepts the --config command line option, allowing one to use a different configuration file. If this option starts with the | character (pipe), aclfsd assumes it is a command and will execute it whenever a new user connects. Further, the command is parsed for special tokens. They are replaced like this:

  • %u: userid
  • %g: main group of the user

The command should produce mappings more appropriate, making life easier for the user (and somewhat enhance the security).

For example, a normal aclfsd file would look like

	home	/home

A user using the home volume would see all homes and would have to select the proper one. A special script may be written to provide a mapping directly associated with the user. This means that two users accessing the same aclfs volume may end up in two different places without knowing.

libaclfs: new

The virtualfs plug-gin aclfs is now available as a library so aclfs client may be written. The library is called libaclfs and all function are named with the aclfs_ prefix.

This was done for the dav_ufs project (webdav using aclfsd to access files).

Preserving the user identify in created files and directories

The "create-file-mode" and "mkdir-mode" allows one to override how files and directories are created. It is sometime necessary to override only the user or group and preserve the identity of the user doing the creation.

The keyword $SELF may be used to reference the original user. The following example creates files own by group ftp, but preserves the user.

	create-file-mode $SELF,ftp,0644;

Bug fixes

Man page acl.5 renamed to aclfile.5

Another package was supplying a different file with this name.