Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixed issues#769 : Add newtypes for UserId, GroupId and ProcessId #812

Closed
wants to merge 7 commits into from
Closed

Fixed issues#769 : Add newtypes for UserId, GroupId and ProcessId #812

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
1f1f195
Fixed issues#769 : Add newtypes for UserId, GroupId and ProcessId
ZhangHanDong Dec 28, 2023
7d74b09
Fixed issues#769 : modify tests
ZhangHanDong Dec 28, 2023
986364e
Fixed issues#769 : modify ci
ZhangHanDong Dec 28, 2023
7fb4391
Fixed issues#769 : add test
ZhangHanDong Dec 29, 2023
4e4bfe1
Fixed issues#769 : modify
ZhangHanDong Dec 29, 2023
2f7ff64
Fixed issues#769 : modify
ZhangHanDong Dec 29, 2023
eb5f488
Fixed issues#769 : modify
ZhangHanDong Dec 29, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/common/command.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ impl CommandAndArguments {
arguments = vec!["-c".to_string(), escaped(arguments)]
}
} else {
command = arguments.get(0).map(|s| s.into()).unwrap_or_default();
command = arguments.first().map(|s| s.into()).unwrap_or_default();
arguments.remove(0);

// remember the original binary name before resolving symlinks; this is not
Expand Down
3 changes: 2 additions & 1 deletion src/common/context.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,7 @@ impl Context {

#[cfg(test)]
mod tests {
use crate::system::interface::UserId;
use crate::{sudo::SudoAction, system::hostname};
use std::collections::HashMap;

Expand All @@ -116,6 +117,6 @@ mod tests {
assert_eq!(context.command.command.to_str().unwrap(), "/usr/bin/echo");
assert_eq!(context.command.arguments, ["hello"]);
assert_eq!(context.hostname, hostname());
assert_eq!(context.target_user.uid, 0);
assert_eq!(context.target_user.uid, UserId(0));
}
}
6 changes: 3 additions & 3 deletions src/common/error.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
Configuration(String),
Options(String),
Pam(PamError),
IoError(Option<PathBuf>, std::io::Error),
IoErr(Option<PathBuf>, std::io::Error),
MaxAuthAttempts(usize),
PathValidation(PathBuf),
StringValidation(String),
Expand Down Expand Up @@ -64,7 +64,7 @@
Error::Configuration(e) => write!(f, "invalid configuration: {e}"),
Error::Options(e) => write!(f, "{e}"),
Error::Pam(e) => write!(f, "PAM error: {e}"),
Error::IoError(location, e) => {
Error::IoErr(location, e) => {

Check warning on line 67 in src/common/error.rs

View check run for this annotation

Codecov / codecov/patch

src/common/error.rs#L67 

Added line #L67 was not covered by tests
if let Some(path) = location {
write!(f, "cannot execute '{}': {e}", path.display())
} else {
Expand Down Expand Up @@ -98,7 +98,7 @@

impl From<std::io::Error> for Error {
fn from(err: std::io::Error) -> Self {
Error::IoError(None, err)
Error::IoErr(None, err)

Check warning on line 101 in src/common/error.rs

View check run for this annotation

Codecov / codecov/patch

src/common/error.rs#L101 

Added line #L101 was not covered by tests
}
}

Expand Down
2 changes: 1 addition & 1 deletion src/exec/interface.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@
}

fn pid(&self) -> i32 {
self.process.pid
self.process.pid.id()

Check warning on line 61 in src/exec/interface.rs

View check run for this annotation

Codecov / codecov/patch

src/exec/interface.rs#L61 

Added line #L61 was not covered by tests
}

fn use_pty(&self) -> bool {
Expand Down
8 changes: 5 additions & 3 deletions src/exec/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,16 +106,18 @@
}
}

let pid = ProcessId(options.pid());

Check warning on line 110 in src/exec/mod.rs

View check run for this annotation

Codecov / codecov/patch

src/exec/mod.rs#L109-L110 

Added lines #L109 - L110 were not covered by tests
if options.use_pty() {
match UserTerm::open() {
Ok(user_tty) => exec_pty(options.pid(), command, user_tty),
Ok(user_tty) => exec_pty(pid, command, user_tty),

Check warning on line 113 in src/exec/mod.rs

View check run for this annotation

Codecov / codecov/patch

src/exec/mod.rs#L113 

Added line #L113 was not covered by tests
Err(err) => {
dev_info!("Could not open user's terminal, not allocating a pty: {err}");
exec_no_pty(options.pid(), command)
exec_no_pty(pid, command)

Check warning on line 116 in src/exec/mod.rs

View check run for this annotation

Codecov / codecov/patch

src/exec/mod.rs#L116 

Added line #L116 was not covered by tests
}
}
} else {
exec_no_pty(options.pid(), command)
exec_no_pty(pid, command)

Check warning on line 120 in src/exec/mod.rs

View check run for this annotation

Codecov / codecov/patch

src/exec/mod.rs#L120 

Added line #L120 was not covered by tests
}
}

Expand Down
2 changes: 1 addition & 1 deletion src/exec/no_pty.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -147,7 +147,7 @@
/// - is the same PID of the command, or
/// - is in the process group of the command and either sudo or the command is the leader.
fn is_self_terminating(&self, signaler_pid: ProcessId) -> bool {
if signaler_pid != 0 {
if signaler_pid != ProcessId(0) {

Check warning on line 150 in src/exec/no_pty.rs

View check run for this annotation

Codecov / codecov/patch

src/exec/no_pty.rs#L150 

Added line #L150 was not covered by tests
if Some(signaler_pid) == self.command_pid {
return true;
}
Expand Down
5 changes: 3 additions & 2 deletions src/exec/use_pty/backchannel.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@
Self::CMD_STAT_EXIT => Self::CommandStatus(CommandStatus::Exit(data)),
Self::CMD_STAT_TERM => Self::CommandStatus(CommandStatus::Term(data)),
Self::CMD_STAT_STOP => Self::CommandStatus(CommandStatus::Stop(data)),
Self::CMD_PID => Self::CommandPid(data),
Self::CMD_PID => Self::CommandPid(ProcessId(data)),

Check warning on line 76 in src/exec/use_pty/backchannel.rs

View check run for this annotation

Codecov / codecov/patch

src/exec/use_pty/backchannel.rs#L76 

Added line #L76 was not covered by tests
Self::SHORT_READ => Self::ShortRead,
_ => unreachable!(),
}
Expand All @@ -90,7 +90,8 @@
};

let data = match self {
ParentMessage::IoError(data) | ParentMessage::CommandPid(data) => *data,
ParentMessage::IoError(data) => *data,
ParentMessage::CommandPid(data) => data.0,

Check warning on line 94 in src/exec/use_pty/backchannel.rs

View check run for this annotation

Codecov / codecov/patch

src/exec/use_pty/backchannel.rs#L93-L94 

Added lines #L93 - L94 were not covered by tests
ParentMessage::CommandStatus(status) => match status {
CommandStatus::Exit(data)
| CommandStatus::Term(data)
Expand Down
6 changes: 3 additions & 3 deletions src/exec/use_pty/monitor.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -198,9 +198,9 @@
original_set: Option<SignalSet>,
) -> io::Error {
// FIXME (ogsudo): Do any additional configuration that needs to be run after `fork` but before `exec`
let command_pid = std::process::id() as ProcessId;
let command_pid = ProcessId(std::process::id() as i32);

Check warning on line 201 in src/exec/use_pty/monitor.rs

View check run for this annotation

Codecov / codecov/patch

src/exec/use_pty/monitor.rs#L201 

Added line #L201 was not covered by tests

setpgid(0, command_pid).ok();
setpgid(ProcessId(0), command_pid).ok();

Check warning on line 203 in src/exec/use_pty/monitor.rs

View check run for this annotation

Codecov / codecov/patch

src/exec/use_pty/monitor.rs#L203 

Added line #L203 was not covered by tests

// Wait for the monitor to set us as the foreground group for the pty if we are in the
// foreground.
Expand Down Expand Up @@ -413,7 +413,7 @@
command_pid: ProcessId,
command_pgrp: ProcessId,
) -> bool {
if signaler_pid != 0 {
if signaler_pid != ProcessId(0) {

Check warning on line 416 in src/exec/use_pty/monitor.rs

View check run for this annotation

Codecov / codecov/patch

src/exec/use_pty/monitor.rs#L416 

Added line #L416 was not covered by tests
if signaler_pid == command_pid {
return true;
}
Expand Down
2 changes: 1 addition & 1 deletion src/exec/use_pty/parent.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -432,7 +432,7 @@
/// - is the same PID of the command, or
/// - is in the process group of the command and either sudo or the command is the leader.
fn is_self_terminating(&self, signaler_pid: ProcessId) -> bool {
if signaler_pid != 0 {
if signaler_pid != ProcessId(0) {

Check warning on line 435 in src/exec/use_pty/parent.rs

View check run for this annotation

Codecov / codecov/patch

src/exec/use_pty/parent.rs#L435 

Added line #L435 was not covered by tests
if Some(signaler_pid) == self.command_pid {
return true;
}
Expand Down
5 changes: 3 additions & 2 deletions src/su/context.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
};
use crate::exec::RunOptions;
use crate::log::user_warn;
use crate::system::interface::ROOT;
use crate::system::{Group, Process, User};

use super::cli::SuRunOptions;
Expand Down Expand Up @@ -82,7 +83,7 @@
.ok_or_else(|| Error::UserNotFound(options.user.clone().into()))?;

// check the current user is root
let is_current_root = User::real_uid() == 0;
let is_current_root = User::real_uid() == ROOT;
let is_target_root = options.user == "root";

// only root can set a (additional) group
Expand Down Expand Up @@ -241,7 +242,7 @@
}

fn pid(&self) -> i32 {
self.process.pid
self.process.pid.id()

Check warning on line 245 in src/su/context.rs

View check run for this annotation

Codecov / codecov/patch

src/su/context.rs#L245 

Added line #L245 was not covered by tests
}

fn use_pty(&self) -> bool {
Expand Down
13 changes: 7 additions & 6 deletions src/sudo/env/tests.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ use crate::sudo::{
cli::{SudoAction, SudoRunOptions},
env::environment::get_target_environment,
};
use crate::system::interface::{GroupId, UserId};
use crate::system::{Group, Process, User};
use std::collections::{HashMap, HashSet};

Expand Down Expand Up @@ -81,8 +82,8 @@ fn create_test_context(sudo_options: &SudoRunOptions) -> Context {
CommandAndArguments::build_from_args(None, sudo_options.positional_args.clone(), &path);

let current_user = User {
uid: 1000,
gid: 1000,
uid: UserId(1000),
gid: GroupId(1000),

name: "test".into(),
gecos: String::new(),
Expand All @@ -93,15 +94,15 @@ fn create_test_context(sudo_options: &SudoRunOptions) -> Context {
};

let current_group = Group {
gid: 1000,
gid: GroupId(1000),
name: "test".to_string(),
passwd: String::new(),
members: Vec::new(),
};

let root_user = User {
uid: 0,
gid: 0,
uid: UserId(0),
gid: GroupId(0),
name: "root".into(),
gecos: String::new(),
home: "/root".into(),
Expand All @@ -111,7 +112,7 @@ fn create_test_context(sudo_options: &SudoRunOptions) -> Context {
};

let root_group = Group {
gid: 0,
gid: GroupId(0),
name: "root".to_string(),
passwd: String::new(),
members: Vec::new(),
Expand Down
3 changes: 1 addition & 2 deletions src/sudo/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

use crate::common::{resolve::resolve_current_user, Context, Error};
use crate::log::dev_info;
use crate::system::interface::ROOT;
use crate::system::timestamp::RecordScope;
use crate::system::User;
use crate::system::{time::Duration, timestamp::SessionRecordFile, Process};
Expand Down Expand Up @@ -134,8 +135,6 @@ fn sudo_process() -> Result<(), Error> {
}

fn self_check() -> Result<(), Error> {
const ROOT: u32 = 0;

let euid = User::effective_uid();
if euid == ROOT {
Ok(())
Expand Down
2 changes: 1 addition & 1 deletion src/sudo/pipeline.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@
log_command_execution(&context);

crate::exec::run_command(&context, target_env)
.map_err(|io_error| Error::IoError(Some(context.command.command), io_error))
.map_err(|io_error| Error::IoErr(Some(context.command.command), io_error))

Check warning on line 89 in src/sudo/pipeline.rs

View check run for this annotation

Codecov / codecov/patch

src/sudo/pipeline.rs#L89 

Added line #L89 was not covered by tests
} else {
Err(Error::CommandNotFound(context.command.command))
};
Expand Down
3 changes: 2 additions & 1 deletion src/sudo/pipeline/list.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
pam::CLIConverser,
sudo::{cli::SudoListOptions, pam::PamAuthenticator, SudoersPolicy},
sudoers::{Authorization, ListRequest, Policy, Request, Sudoers},
system::interface::ROOT,
system::User,
};

Expand Down Expand Up @@ -87,7 +88,7 @@
}

Authorization::Forbidden => {
if context.current_user.uid == 0 {
if context.current_user.uid == ROOT {

Check warning on line 91 in src/sudo/pipeline/list.rs

View check run for this annotation

Codecov / codecov/patch

src/sudo/pipeline/list.rs#L91 

Added line #L91 was not covered by tests
if original_command.is_some() {
return Err(Error::Silent);
}
Expand Down
8 changes: 4 additions & 4 deletions src/sudoers/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ use std::{io, mem};
use crate::common::resolve::resolve_path;
use crate::log::auth_warn;
use crate::system::can_execute;
use crate::system::interface::{UnixGroup, UnixUser};
use crate::system::interface::{GroupId, UnixGroup, UnixUser, UserId};
use ast::*;
use tokens::*;

Expand Down Expand Up @@ -432,7 +432,7 @@ fn match_user(user: &impl UnixUser) -> impl Fn(&UserSpecifier) -> bool + '_ {
move |spec| match spec {
UserSpecifier::User(id) => match_identifier(user, id),
UserSpecifier::Group(Identifier::Name(name)) => user.in_group_by_name(name.as_cstr()),
UserSpecifier::Group(Identifier::ID(num)) => user.in_group_by_gid(*num),
UserSpecifier::Group(Identifier::ID(num)) => user.in_group_by_gid(GroupId(*num)),
_ => todo!(), // nonunix-groups, netgroups, etc.
}
}
Expand All @@ -443,7 +443,7 @@ fn in_group(user: &impl UnixUser, group: &impl UnixGroup) -> bool {

fn match_group(group: &impl UnixGroup) -> impl Fn(&Identifier) -> bool + '_ {
move |id| match id {
Identifier::ID(num) => group.as_gid() == *num,
Identifier::ID(num) => group.as_gid() == GroupId(*num),
Identifier::Name(name) => group.try_as_name().map_or(false, |s| name == s),
}
}
Expand Down Expand Up @@ -510,7 +510,7 @@ where
fn match_identifier(user: &impl UnixUser, ident: &ast::Identifier) -> bool {
match ident {
Identifier::Name(name) => user.has_name(name),
Identifier::ID(num) => user.has_uid(*num),
Identifier::ID(num) => user.has_uid(UserId(*num)),
}
}

Expand Down
12 changes: 6 additions & 6 deletions src/sudoers/test/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,16 +20,16 @@ impl UnixUser for Named {
self.0 == name
}

fn has_uid(&self, uid: u32) -> bool {
dummy_cksum(self.0) == uid
fn has_uid(&self, uid: UserId) -> bool {
dummy_cksum(self.0) == uid.id()
}

fn in_group_by_name(&self, name: &CStr) -> bool {
self.has_name(name.to_str().unwrap())
}

fn in_group_by_gid(&self, gid: u32) -> bool {
dummy_cksum(self.0) == gid
fn in_group_by_gid(&self, gid: GroupId) -> bool {
dummy_cksum(self.0) == gid.id()
}

fn is_root(&self) -> bool {
Expand All @@ -39,7 +39,7 @@ impl UnixUser for Named {

impl UnixGroup for Named {
fn as_gid(&self) -> crate::system::interface::GroupId {
dummy_cksum(self.0)
GroupId(dummy_cksum(self.0))
}
fn try_as_name(&self) -> Option<&str> {
Some(self.0)
Expand Down Expand Up @@ -175,7 +175,7 @@ fn permission_test() {
pass!(["user ALL=(ALL:ALL) /bin/foo"], "user" => request! { user, user }, "server"; "/bin/foo" => [authenticate: Authenticate::Nopasswd]);
pass!(["user ALL=(ALL:ALL) /bin/foo"], "user" => request! { user, root }, "server"; "/bin/foo" => [authenticate: Authenticate::None]);

assert_eq!(Named("user").as_gid(), 1466);
assert_eq!(Named("user").as_gid(), GroupId(1466));
pass!(["#1466 server=(ALL:ALL) ALL"], "user" => root(), "server"; "/bin/hello");
pass!(["%#1466 server=(ALL:ALL) ALL"], "user" => root(), "server"; "/bin/hello");
FAIL!(["#1466 server=(ALL:ALL) ALL"], "root" => root(), "server"; "/bin/hello");
Expand Down
2 changes: 1 addition & 1 deletion src/system/file/chown.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,6 @@
fn chown(&self, owner: UserId, group: GroupId) -> io::Result<()> {
let fd = self.as_raw_fd();

cerr(unsafe { libc::fchown(fd, owner, group) }).map(|_| ())
cerr(unsafe { libc::fchown(fd, owner.id(), group.id()) }).map(|_| ())

Check warning on line 16 in src/system/file/chown.rs

View check run for this annotation

Codecov / codecov/patch

src/system/file/chown.rs#L16 

Added line #L16 was not covered by tests
}
}
Loading
Loading