diff --git a/.github/dependabot.yml b/.github/dependabot.yml index b54037778..481ac300a 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -119,4 +119,4 @@ updates: interval: weekly time: "06:00" timezone: Australia/Brisbane - open-pull-requests-limit: 99 \ No newline at end of file + open-pull-requests-limit: 99 diff --git a/.github/workflows/clippy.yml b/.github/workflows/clippy.yml index b2ccec2a1..b39446091 100644 --- a/.github/workflows/clippy.yml +++ b/.github/workflows/clippy.yml @@ -38,15 +38,6 @@ jobs: libsqlite3-dev \ pkg-config - # - name: Install Rust - # uses: actions-rs/toolchain@v1 - # with: - # toolchain: stable - # override: true - # default: true - - name: "Run clippy (ignores errors, this is just a check)" - uses: actions-rs/cargo@v1 - with: - command: clippy + run: cargo clippy continue-on-error: true diff --git a/.github/workflows/debian_package_kanidm.yml b/.github/workflows/debian_package_kanidm.yml index 806908ebc..7ab727e62 100644 --- a/.github/workflows/debian_package_kanidm.yml +++ b/.github/workflows/debian_package_kanidm.yml @@ -42,11 +42,7 @@ jobs: curl \ sudo - name: Install Rust - uses: actions-rs/toolchain@v1 - with: - toolchain: stable - override: true - default: true + uses: dtolnay/rust-toolchain@stable - name: "Doing the package build" run: | make -f platform/debian/Makefile debs/all diff --git a/.github/workflows/kanidm_book.yml b/.github/workflows/kanidm_book.yml index 59ef716db..0db95a905 100644 --- a/.github/workflows/kanidm_book.yml +++ b/.github/workflows/kanidm_book.yml @@ -37,7 +37,7 @@ jobs: matrix: # tag: ${{ fromJson(needs.generate_tags.outputs.tags) }} tag: - - ${{ needs.generate_tags.outputs.latest}} + - ${{ needs.generate_tags.outputs.latest}} with: tag: ${{ matrix.tag }} parent_id: ${{ github.ref }} @@ -60,69 +60,10 @@ jobs: name: docs - name: Extract the files - run: | + run: | find . -name '*.tar.gz' -exec tar zxf "{}" \; ls -la docs/ - cd docs && ln -s ${{ needs.generate_tags.outputs.latest}}/ stable && cd .. + cd docs && \ + ln -s ${{ needs.generate_tags.outputs.latest}}/ stable && \ + cd .. ls -la docs/ - - - - # - uses: actions/checkout@v3 - # with: - # fetch-depth: 0 - # clean: false - - # - name: Install deps - # run: | - # sudo apt-get update - # sudo apt-get install -y clang build-essential \ - # librust-openssl-dev libssl-dev \ - # libsqlite3-dev libudev-dev \ - # libpam0g-dev - - # - name: Setup deno - # # Documentation: https://github.com/denoland/setup-deno - # uses: denoland/setup-deno@v1 - # with: - # deno-version: v1.x - - # - name: Test document formatting - # run: | - # make doc/format - - # - name: Setup mdBook - # uses: peaceiris/actions-mdbook@v1 - # with: - # mdbook-version: "latest" - - # - uses: actions-rs/toolchain@v1 - # with: - # toolchain: stable - - # - uses: actions-rs/cargo@v1 - # with: - # command: install - # args: mdbook-template - - # - name: Make all the books - # run: ./scripts/build_all_the_docs.sh - - # - name: Install python 3.10 - # uses: actions/setup-python@v4 - # with: - # python-version: "3.10" - - # - name: pykanidm docs - # run: | - # python -m pip install poetry - # make docs/pykanidm/build - # mv pykanidm/site ./docs/pykanidm - - # - name: Deploy - # uses: peaceiris/actions-gh-pages@v3 - # if: ${{ github.ref == 'refs/heads/master' }} - # with: - # github_token: ${{ secrets.GITHUB_TOKEN }} - # publish_dir: ./docs - # destination_dir: ./docs diff --git a/.github/workflows/kanidm_individual_book.yml b/.github/workflows/kanidm_individual_book.yml index 4f25d405d..9c2648bde 100644 --- a/.github/workflows/kanidm_individual_book.yml +++ b/.github/workflows/kanidm_individual_book.yml @@ -43,9 +43,8 @@ jobs: with: mdbook-version: "latest" - - uses: actions-rs/toolchain@v1 - with: - toolchain: stable + - name: Install Rust + uses: dtolnay/rust-toolchain@stable - name: Install python 3.10 uses: actions/setup-python@v4 diff --git a/.github/workflows/rust_build.yml b/.github/workflows/rust_build.yml index 20fd89a16..18c76b2a1 100644 --- a/.github/workflows/rust_build.yml +++ b/.github/workflows/rust_build.yml @@ -37,14 +37,5 @@ jobs: libssl-dev \ libsqlite3-dev - # - name: Install Rust - # uses: actions-rs/toolchain@v1 - # with: - # toolchain: stable - # override: true - # default: true - - name: Run tests - uses: actions-rs/cargo@v1 - with: - command: build - args: --verbose + - name: Run build + run: cargo build --verbose --workspace diff --git a/.github/workflows/rust_test.yml b/.github/workflows/rust_test.yml index aab3724e2..11d114c8f 100644 --- a/.github/workflows/rust_test.yml +++ b/.github/workflows/rust_test.yml @@ -36,14 +36,5 @@ jobs: libssl-dev \ libsqlite3-dev - # - name: Install Rust - # uses: actions-rs/toolchain@v1 - # with: - # toolchain: stable - # override: true - # default: true - name: Run tests - uses: actions-rs/cargo@v1 - with: - command: test - args: --release + run: cargo test --release diff --git a/.github/workflows/wasm_test.yml b/.github/workflows/wasm_test.yml index 25215a379..4f99c1122 100644 --- a/.github/workflows/wasm_test.yml +++ b/.github/workflows/wasm_test.yml @@ -21,21 +21,11 @@ jobs: libssl-dev \ libsqlite3-dev \ pkg-config - - name: Install Rust - uses: actions-rs/toolchain@v1 - with: - toolchain: stable - components: cargo - default: true - override: true - # target: wasm32-unknown-unknown + uses: dtolnay/rust-toolchain@stable - name: Install wasm-pack - uses: actions-rs/cargo@v1 - with: - command: install - args: wasm-pack + run: cargo install wasm-pack # https://github.com/browser-actions/setup-chrome - name: Install Chrome Headless diff --git a/.github/workflows/windows_build.yml b/.github/workflows/windows_build.yml index 38f8a94fb..dde7b6077 100644 --- a/.github/workflows/windows_build.yml +++ b/.github/workflows/windows_build.yml @@ -18,18 +18,11 @@ jobs: run: | vcpkg integrate install vcpkg install openssl:x64-windows-static-md - - name: Install latest stable - uses: actions-rs/toolchain@v1 - with: - toolchain: stable - default: true - override: true - components: cargo + - name: Install Rust + uses: dtolnay/rust-toolchain@stable - name: build - uses: actions-rs/cargo@v1 - with: - command: build - args: --release -p kanidm_client -p kanidm_tools -p orca -p daemon + # yamllint disable-line rule:line-length + run: cargo build --release -p kanidm_client -p kanidm_tools -p orca -p daemon windows_test_kanidm: runs-on: windows-latest steps: @@ -38,15 +31,8 @@ jobs: run: | vcpkg integrate install vcpkg install openssl:x64-windows-static-md - - name: Install latest stable - uses: actions-rs/toolchain@v1 - with: - toolchain: stable - default: true - components: cargo + - name: Install Rust + uses: dtolnay/rust-toolchain@stable - name: Run cargo test - uses: actions-rs/cargo@v1 - with: - command: test - # yamllint disable-line rule:line-length - args: -p kanidm_client -p kanidm_tools -p orca -p daemon -p kanidmd_core + # yamllint disable-line rule:line-length + run: cargo test -p kanidm_client -p kanidm_tools -p orca -p daemon -p kanidmd_core diff --git a/Makefile b/Makefile index 49c08650e..321e2ebc7 100644 --- a/Makefile +++ b/Makefile @@ -227,12 +227,10 @@ release/kanidm-unixd: ## Build the Kanidm UNIX tools - ensure you include the en release/kanidm-unixd: cargo build -p pam_kanidm --release cargo build -p nss_kanidm --release - cargo build --release \ - --bin kanidm_unixd \ - --bin kanidm_unixd_status \ + cargo build --features unix -p kanidm_unix_int --release \ + --bin kanidm_unixd \ --bin kanidm_unixd_tasks \ - --bin kanidm_cache_clear \ - --bin kanidm_cache_invalidate + --bin kanidm_unixd_status # cert things diff --git a/platform/debian/kanidm-unixd/rules b/platform/debian/kanidm-unixd/rules index 62d77b427..11b3bb1ca 100755 --- a/platform/debian/kanidm-unixd/rules +++ b/platform/debian/kanidm-unixd/rules @@ -72,14 +72,6 @@ override_dh_auto_install: -g root -o root \ target/release/kanidm_unixd_tasks \ ${BINDIR} - install \ - -g root -o root \ - target/release/kanidm_cache_clear \ - ${BINDIR} - install \ - -g root -o root \ - target/release/kanidm_cache_invalidate \ - ${BINDIR} install \ -g root -o root \ target/release/libpam_kanidm.so \ diff --git a/platform/debian/simple_pkg.sh b/platform/debian/simple_pkg.sh index acf54ed20..0ca054ddb 100755 --- a/platform/debian/simple_pkg.sh +++ b/platform/debian/simple_pkg.sh @@ -2,8 +2,8 @@ set -xe -## NOTE this is based on the Arch Linux PKGBUILD. It combines kanidm_tools, unixd and ssh -# as well as the systemd services. This is a simple alternative for building a tarball for +## NOTE this is based on the Arch Linux PKGBUILD. It combines kanidm_tools, unixd and ssh +# as well as the systemd services. This is a simple alternative for building a tarball for # use on debian based systems (tested on ubuntu 22.04). pushd "$( dirname -- "$0"; )/../../" @@ -20,20 +20,20 @@ if [ 1 -eq 0 ]; then mkdir -p deployment-config # Customize the following heredocs according to the deployment - cat << EOF > deployment-config/config + cat << EOF > deployment-config/config uri = "https://idm.example.com" verify_ca = true verify_hostnames = true EOF - cat << EOF > deployment-config/unixd + cat << EOF > deployment-config/unixd pam_allowed_login_groups = [""] EOF install -Dm644 deployment-config/config "${pkgdir}/etc/kanidm/config" install -Dm644 deployment-config/unixd "${pkgdir}/etc/kanidm/unixd" -fi +fi # This is for allowing login via PAM. It needs to be enabled using `pam-auth-update` install -Dm644 platform/debian/kanidm-unixd/kanidm-unixd.pam "${pkgdir}/usr/share/pam-configs/kanidm-unixd" @@ -52,8 +52,6 @@ install -Dm755 target/release/libnss_kanidm.so "${pkgdir}/usr/lib/x86_64-linux-g install -Dm755 target/release/libpam_kanidm.so "${pkgdir}/usr/lib/x86_64-linux-gnu/security/pam_kanidm.so" # install kanidm unix utilities -install -Dm755 target/release/kanidm_cache_clear "${pkgdir}/usr/local/sbin/kanidm_cache_clear" -install -Dm755 target/release/kanidm_cache_invalidate "${pkgdir}/usr/local/sbin/kanidm_cache_invalidate" install -Dm755 target/release/kanidm_ssh_authorizedkeys "${pkgdir}/usr/local/sbin/kanidm_ssh_authorizedkeys" install -Dm755 target/release/kanidm_ssh_authorizedkeys_direct "${pkgdir}/usr/local/sbin/kanidm_ssh_authorizedkeys_direct" install -Dm755 target/release/kanidm_unixd "${pkgdir}/usr/local/sbin/kanidm_unixd" @@ -65,18 +63,16 @@ install -Dm644 target/release/build/completions/_kanidm_ssh_authorizedkeys_direc install -Dm644 target/release/build/completions/_kanidm_cache_clear "${pkgdir}/usr/share/zsh/site-functions/_kanidm_cache_clear" install -Dm644 target/release/build/completions/_kanidm_cache_invalidate "${pkgdir}/usr/share/zsh/site-functions/_kanidm_cache_invalidate" install -Dm644 target/release/build/completions/_kanidm_ssh_authorizedkeys "${pkgdir}/usr/share/zsh/site-functions/_kanidm_ssh_authorizedkeys" -install -Dm644 target/release/build/completions/_kanidm_unixd_status "${pkgdir}/usr/share/zsh/site-functions/_kanidm_unixd_status" install -Dm644 target/release/build/completions/kanidm_ssh_authorizedkeys_direct.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_ssh_authorizedkeys_direct.sh" install -Dm644 target/release/build/completions/kanidm_cache_clear.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_cache_clear.sh" install -Dm644 target/release/build/completions/kanidm_cache_invalidate.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_cache_invalidate.sh" install -Dm644 target/release/build/completions/kanidm_ssh_authorizedkeys.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_ssh_authorizedkeys.sh" -install -Dm644 target/release/build/completions/kanidm_unixd_status.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_unixd_status.sh" tar cvzf "kanidm-client-tools.tar.gz" -C "$pkgdir" . -# extract the package in root, enable and run the systemd services and then setup nsswitch according to the docs -# and run pam-auth-update. You may also want to setup the ssh config. It's wise to leave a root console open until +# extract the package in root, enable and run the systemd services and then setup nsswitch according to the docs +# and run pam-auth-update. You may also want to setup the ssh config. It's wise to leave a root console open until # you've confirmed pam-auth-update worked so you don't lock yourself out. popd diff --git a/tools/cli/Cargo.toml b/tools/cli/Cargo.toml index 4db64da46..140dbe98e 100644 --- a/tools/cli/Cargo.toml +++ b/tools/cli/Cargo.toml @@ -37,7 +37,7 @@ futures-concurrency.workspace = true libc.workspace = true kanidm_client.workspace = true kanidm_proto.workspace = true -qrcode = { workspace = true, default-features = false } +qrcode = { workspace = true } rpassword.workspace = true serde = { workspace = true, features = ["derive"] } serde_json.workspace = true diff --git a/unix_integration/src/tasks_daemon.rs b/unix_integration/src/tasks_daemon.rs index d1d9a9ab5..8e46bfbd4 100644 --- a/unix_integration/src/tasks_daemon.rs +++ b/unix_integration/src/tasks_daemon.rs @@ -217,7 +217,7 @@ async fn handle_tasks(stream: UnixStream, cfg: &KanidmUnixdConfig) { } } -#[tokio::main] +#[tokio::main(flavor = "current_thread")] async fn main() -> ExitCode { // let cuid = get_current_uid(); // let cgid = get_current_gid();