diff options
Diffstat (limited to 'crates')
61 files changed, 786 insertions, 533 deletions
diff --git a/crates/common/batcher/Cargo.toml b/crates/common/batcher/Cargo.toml index b0999d53..f71182ab 100644 --- a/crates/common/batcher/Cargo.toml +++ b/crates/common/batcher/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "batcher" -version = "0.7.1" +version = "0.7.2" authors = ["thin-edge.io team <info@thin-edge.io>"] edition = "2021" rust-version = "1.58.1" diff --git a/crates/common/certificate/Cargo.toml b/crates/common/certificate/Cargo.toml index 882e3553..dacf2123 100644 --- a/crates/common/certificate/Cargo.toml +++ b/crates/common/certificate/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "certificate" -version = "0.7.1" +version = "0.7.2" authors = ["thin-edge.io team <info@thin-edge.io>"] edition = "2021" rust-version = "1.58.1" diff --git a/crates/common/clock/Cargo.toml b/crates/common/clock/Cargo.toml index 72660ffb..6f0db77c 100644 --- a/crates/common/clock/Cargo.toml +++ b/crates/common/clock/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "clock" -version = "0.7.1" +version = "0.7.2" authors = ["thin-edge.io team <info@thin-edge.io>"] edition = "2021" rust-version = "1.58.1" diff --git a/crates/common/download/Cargo.toml b/crates/common/download/Cargo.toml index c161c9cd..e4977cb5 100644 --- a/crates/common/download/Cargo.toml +++ b/crates/common/download/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "download" -version = "0.7.1" +version = "0.7.2" authors = ["thin-edge.io team <info@thin-edge.io>"] edition = "2021" rust-version = "1.58.1" @@ -14,10 +14,8 @@ nix = "0.23" reqwest = { version = "0.11", default-features = false, features = ["rustls-tls"] } serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" -tedge_utils = { path = "../tedge_utils" } -tempfile = "3.2" thiserror = "1.0" -tokio = "1.12" +tokio = { version = "1.12", features = ["fs"] } url = "2.2" [dev-dependencies] diff --git a/crates/common/flockfile/Cargo.toml b/crates/common/flockfile/Cargo.toml index b0574ff2..acfc4245 100644 --- a/crates/common/flockfile/Cargo.toml +++ b/crates/common/flockfile/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "flockfile" -version = "0.7.1" +version = "0.7.2" authors = ["thin-edge.io team <info@thin-edge.io>"] edition = "2021" rust-version = "1.58.1" diff --git a/crates/common/flockfile/src/unix.rs b/crates/common/flockfile/src/unix.rs index 2efaa316..4ef847d2 100644 --- a/crates/common/flockfile/src/unix.rs +++ b/crates/common/flockfile/src/unix.rs @@ -108,7 +108,7 @@ impl AsRef<Path> for Flockfile { /// Check `run_dir`/lock/ for a lock file of a given `app_name` pub fn check_another_instance_is_not_running( app_name: &str, - run_dir: &PathBuf, + run_dir: &Path, ) -> Result<Flockfile, FlockfileError> { match Flockfile::new_lock( run_dir diff --git a/crates/common/json_writer/Cargo.toml b/crates/common/json_writer/Cargo.toml index ca1e3867..1b6e9d95 100644 --- a/crates/common/json_writer/Cargo.toml +++ b/crates/common/json_writer/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "json-writer" -version = "0.7.1" +version = "0.7.2" authors = ["thin-edge.io team <info@thin-edge.io>"] edition = "2021" rust-version = "1.58.1" diff --git a/crates/common/logged_command/Cargo.toml b/crates/common/logged_command/Cargo.toml index 9a9b9442..e86c0a68 100644 --- a/crates/common/logged_command/Cargo.toml +++ b/crates/common/logged_command/Cargo.toml @@ -1,14 +1,12 @@ [package] name = "logged_command" -version = "0.7.1" +version = "0.7.2" authors = ["thin-edge.io team <info@thin-edge.io>"] edition = "2021" rust-version = "1.58.1" [dependencies] -async-trait = "0.1" log = "0.4" -thiserror = "1.0" tokio = { version = "1.8", features = [ "fs", "io-util", "macros", "process", "rt" ] } diff --git a/crates/common/mqtt_channel/Cargo.toml b/crates/common/mqtt_channel/Cargo.toml index c68811ec..b800e720 100644 --- a/crates/common/mqtt_channel/Cargo.toml +++ b/crates/common/mqtt_channel/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mqtt_channel" -version = "0.7.1" +version = "0.7.2" authors = ["thin-edge.io team <info@thin-edge.io>"] edition = "2021" rust-version = "1.58.1" diff --git a/crates/common/mqtt_channel/src/session.rs b/crates/common/mqtt_channel/src/session.rs index 17831758..97cd91f4 100644 --- a/crates/common/mqtt_channel/src/session.rs +++ b/crates/common/mqtt_channel/src/session.rs @@ -37,7 +37,7 @@ pub async fn init_session(config: &Config) -> Result<(), MqttError> { } Err(err) => { - eprintln!("Connection Error {}", err.to_string()); + eprintln!("Connection Error {}", err); break; } _ => (), @@ -77,7 +77,7 @@ pub async fn clear_session(config: &Config) -> Result<(), MqttError> { } Err(err) => { - eprintln!("Connection Error {}", err.to_string()); + eprintln!("Connection Error {}", err); break; } _ => (), diff --git a/crates/common/tedge_config/Cargo.toml b/crates/common/tedge_config/Cargo.toml index 9b73955f..71c9df24 100644 --- a/crates/common/tedge_config/Cargo.toml +++ b/crates/common/tedge_config/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tedge_config" -version = "0.7.1" +version = "0.7.2" authors = ["thin-edge.io team <info@thin-edge.io>"] edition = "2021" rust-version = "1.58.1" @@ -9,7 +9,6 @@ rust-version = "1.58.1" certificate = { path = "../certificate" } serde = { version = "1.0", features = ["derive"] } tedge_utils = { path = "../tedge_utils" } -tedge_users = { path = "../tedge_users" } tempfile = "3.2" thiserror = "1.0" toml = "0.5" diff --git a/crates/common/tedge_config/src/models/file_path.rs b/crates/common/tedge_config/src/models/file_path.rs index 62ef5723..7b80c972 100644 --- a/crates/common/tedge_config/src/models/file_path.rs +++ b/crates/common/tedge_config/src/models/file_path.rs @@ -45,8 +45,12 @@ impl std::fmt::Display for FilePath { } } +// If we `impl From<FilePath> for PathBuf` as suggested by clippy, +// Then we can no more have a generic implementation +// `impl<T> From<T> for FilePath where PathBuf: From<T>` +#[allow(clippy::from_over_into)] impl Into<PathBuf> for FilePath { fn into(self) -> PathBuf { - PathBuf::from(self.0) + self.0 } } diff --git a/crates/common/tedge_users/Cargo.toml b/crates/common/tedge_users/Cargo.toml deleted file mode 100644 index 82d79a88..00000000 --- a/crates/common/tedge_users/Cargo.toml +++ /dev/null @@ -1,12 +0,0 @@ -[package] -name = "tedge_users" -version = "0.7.1" -authors = ["thin-edge.io team <info@thin-edge.io>"] -edition = "2021" -rust-version = "1.58.1" - -[dependencies] -thiserror = "1.0" - -[target.'cfg(unix)'.dependencies] -users = "0.11" diff --git a/crates/common/tedge_users/src/lib.rs b/crates/common/tedge_users/src/lib.rs deleted file mode 100644 index 68ccc32e..00000000 --- a/crates/common/tedge_users/src/lib.rs +++ /dev/null @@ -1,28 +0,0 @@ -#[cfg(unix)] -mod unix; - -#[cfg(unix)] -pub use unix::*; - -#[cfg(not(unix))] -mod windows; - -#[cfg(not(unix))] -pub use windows::*; - -pub const ROOT_USER: &str = "root"; -pub const TEDGE_USER: &str = "tedge"; -pub const BROKER_USER: &str = "mosquitto"; - -#[allow(dead_code)] // These errors are only raised from unix -#[derive(thiserror::Error, Debug)] -pub enum UserSwitchError { - #[error("Tried to become user, but it did not exist: {name}")] - UnknownUser { name: String }, - - #[error("Tried to become group, but it did not exist: {name}")] - UnknownGroup { name: String }, - - #[error(transparent)] - NotAuthorized(#[from] std::io::Error), -} diff --git a/crates/common/tedge_users/src/unix.rs b/crates/common/tedge_users/src/unix.rs deleted file mode 100644 index a37e8784..00000000 --- a/crates/common/tedge_users/src/unix.rs +++ /dev/null @@ -1,225 +0,0 @@ -use std::fmt; -use std::rc::Rc; -use std::sync::Mutex; - -/// The `UserManager` allows the process to switch from one unix user to another. -/// -/// * If the process is running as root, then the method `UserManager::become_user()` -/// is effective and the process can switch back and forth to different users. -/// * If the process is not running as root, then the method `UserManager::become_user()` -/// has no effect. Note that no error is raised. -/// -/// The rational is that a `tedge` command running as root (i.e. using `sudo tedge`) -/// has a fine grained control over the different operations and files, -/// while the unprivileged `tedge` command never switches to a different user -/// and has to manipulate all the system resources with the initial user. -/// -#[derive(Clone)] -pub struct UserManager { - // This implementation can never be thread-safe because the current user is a global concept for the process. - // If one thread changes the user, it affects another thread that might have wanted a different user. - // So, let's use Rc rather than Arc to force !Send. - inner: Rc<Mutex<InnerUserManager>>, -} - -impl fmt::Debug for UserManager { - fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { - f.debug_struct("UserManager").finish() - } -} - -struct InnerUserManager { - users: Vec<String>, - guard: Option<users::switch::SwitchUserGuard>, -} - -impl UserManager { - /// Create a `UserManager`. - /// - /// This function MUST be called only once. - /// But be warned, the compiler will not prevent you to call it twice. - /// If you do so, one thread might be switched by another thread to some un-expected user. - /// - /// This struct is not `Send` and cannot be shared between thread. - pub fn new() -> UserManager { - UserManager { - inner: Rc::new(Mutex::new(InnerUserManager { - users: vec![], - guard: None, - })), - } - } - - /// Check if the process has been launched using `sudo` or not. - /// - /// # Example - /// - /// ``` - /// # use tedge_users::UserManager; - /// let path = if UserManager::running_as_root() { - /// "/etc/mosquitto/mosquitto.conf" - /// } else { - /// ".tedge/mosquitto.conf" - /// }; - /// ``` - pub fn running_as_root() -> bool { - users::get_current_uid() == 0 - } - - /// Check if the process has been launched using a desired user or not. - /// - /// # Example - /// - /// ``` - /// # use tedge_users::UserManager; - /// let path = if UserManager::running_as("tedge-mapper") { - /// "/etc/tedge/tedge.toml" - /// } else { - /// ".tedge/tedge.toml" - /// }; - /// ``` - pub fn running_as(desired_user: &str) -> bool { - users::get_current_username() == Some(desired_user.into()) - } - - /// Switch the effective user of the running process. - /// - /// This method returns a guard. As long as the guard is owned by the caller, - /// the process is running under the requested user. When the guard is dropped, - /// then the process switches back to the former user. These calls can be stacked. - /// - /// # Example - /// - /// ``` - /// # use tedge_users::UserManager; - /// let user_manager = UserManager::new(); - /// let _user_guard_1 = user_manager.become_user("user_1").expect("Fail to become user_1"); - /// // Running as user1 - /// { - /// let _user_guard_2 = user_manager.become_user("user_2").expect("Fail to become user_2"); - /// // Running as user2 - /// } - /// // Running as user1 - /// ``` - /// - /// If the process is not running as root, the user is unchanged, - /// no error is raised and a dummy guard is returned. - /// In other words, a process running as root can have a fine control of the different permission modes, - /// while the same program running under a non-privileged user will perform the same operations - /// but all using the same permission mode. - /// For that to work, appropriate user-accessible resources will have to be used. - /// - /// For example, running as root, the process can read the configuration file as the tedge user, - /// then create a private key as mosquitto and restart mosquitto using systemd as root. - /// The same process, running as the a regular user, operates as this initial user for all the operations, - /// reading its own configuration file, creating its own private certificate and running its own mosquitto instance. - /// - /// The function returns a `UserSwitchError` if the given user is unknown. - /// - pub fn become_user(&self, username: &str) -> Result<UserGuard, super::UserSwitchError> { - if UserManager::running_as_root() { - self.inner.lock().unwrap().become_user(username)?; - } - - Ok(UserGuard { - user_manager: self.clone(), - }) - }</ |