mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-03-01 07:27:00 +01:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity
kanidm/docs/v1.0.0rc9/rustdoc/src/kanidm_unixd_tasks/tasks_daemon.rs.html
yaleman 0da8cd396a deploy: 048aa0dfb5
2022-10-07 09:23:12 +00:00

536 lines
37 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `kanidm_unix_int/src/tasks_daemon.rs`."><meta name="keywords" content="rust, rustlang, rust-lang"><title>tasks_daemon.rs - source</title><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Regular.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Medium.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Bold.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Semibold.ttf.woff2"><link rel="stylesheet" type="text/css" href="../../normalize.css"><link rel="stylesheet" type="text/css" href="../../rustdoc.css" id="mainThemeStyle"><link rel="stylesheet" type="text/css" href="../../ayu.css" disabled><link rel="stylesheet" type="text/css" href="../../dark.css" disabled><link rel="stylesheet" type="text/css" href="../../light.css" id="themeStyle"><script id="default-settings" ></script><script src="../../storage.js"></script><script defer src="../../source-script.js"></script><script defer src="../../source-files.js"></script><script defer src="../../main.js"></script><noscript><link rel="stylesheet" href="../../noscript.css"></noscript><link rel="alternate icon" type="image/png" href="../../favicon-16x16.png"><link rel="alternate icon" type="image/png" href="../../favicon-32x32.png"><link rel="icon" type="image/svg+xml" href="../../favicon.svg"></head><body class="rustdoc source"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="mobile-topbar"><button class="sidebar-menu-toggle">&#9776;</button><a class="sidebar-logo" href="../../kanidm_unixd_tasks/index.html"><div class="logo-container"><img class="rust-logo" src="../../rust-logo.svg" alt="logo"></div></a><h2 class="location"></h2></nav><nav class="sidebar"><a class="sidebar-logo" href="../../kanidm_unixd_tasks/index.html"><div class="logo-container"><img class="rust-logo" src="../../rust-logo.svg" alt="logo"></div></a></nav><main><div class="width-limiter"><div class="sub-container"><a class="sub-logo-container" href="../../kanidm_unixd_tasks/index.html"><img class="rust-logo" src="../../rust-logo.svg" alt="logo"></a><nav class="sub"><form class="search-form"><div class="search-container"><span></span><input class="search-input" name="search" autocomplete="off" spellcheck="false" placeholder="Click or press S to search, ? for more options…" type="search"><div id="help-button" title="help" tabindex="-1"><button type="button">?</button></div><div id="settings-menu" tabindex="-1"><a href="../../settings.html" title="settings"><img width="22" height="22" alt="Change settings" src="../../wheel.svg"></a></div></div></form></nav></div><section id="main-content" class="content"><div class="example-wrap"><pre class="line-numbers"><span id="1">1</span>
<span id="2">2</span>
<span id="3">3</span>
<span id="4">4</span>
<span id="5">5</span>
<span id="6">6</span>
<span id="7">7</span>
<span id="8">8</span>
<span id="9">9</span>
<span id="10">10</span>
<span id="11">11</span>
<span id="12">12</span>
<span id="13">13</span>
<span id="14">14</span>
<span id="15">15</span>
<span id="16">16</span>
<span id="17">17</span>
<span id="18">18</span>
<span id="19">19</span>
<span id="20">20</span>
<span id="21">21</span>
<span id="22">22</span>
<span id="23">23</span>
<span id="24">24</span>
<span id="25">25</span>
<span id="26">26</span>
<span id="27">27</span>
<span id="28">28</span>
<span id="29">29</span>
<span id="30">30</span>
<span id="31">31</span>
<span id="32">32</span>
<span id="33">33</span>
<span id="34">34</span>
<span id="35">35</span>
<span id="36">36</span>
<span id="37">37</span>
<span id="38">38</span>
<span id="39">39</span>
<span id="40">40</span>
<span id="41">41</span>
<span id="42">42</span>
<span id="43">43</span>
<span id="44">44</span>
<span id="45">45</span>
<span id="46">46</span>
<span id="47">47</span>
<span id="48">48</span>
<span id="49">49</span>
<span id="50">50</span>
<span id="51">51</span>
<span id="52">52</span>
<span id="53">53</span>
<span id="54">54</span>
<span id="55">55</span>
<span id="56">56</span>
<span id="57">57</span>
<span id="58">58</span>
<span id="59">59</span>
<span id="60">60</span>
<span id="61">61</span>
<span id="62">62</span>
<span id="63">63</span>
<span id="64">64</span>
<span id="65">65</span>
<span id="66">66</span>
<span id="67">67</span>
<span id="68">68</span>
<span id="69">69</span>
<span id="70">70</span>
<span id="71">71</span>
<span id="72">72</span>
<span id="73">73</span>
<span id="74">74</span>
<span id="75">75</span>
<span id="76">76</span>
<span id="77">77</span>
<span id="78">78</span>
<span id="79">79</span>
<span id="80">80</span>
<span id="81">81</span>
<span id="82">82</span>
<span id="83">83</span>
<span id="84">84</span>
<span id="85">85</span>
<span id="86">86</span>
<span id="87">87</span>
<span id="88">88</span>
<span id="89">89</span>
<span id="90">90</span>
<span id="91">91</span>
<span id="92">92</span>
<span id="93">93</span>
<span id="94">94</span>
<span id="95">95</span>
<span id="96">96</span>
<span id="97">97</span>
<span id="98">98</span>
<span id="99">99</span>
<span id="100">100</span>
<span id="101">101</span>
<span id="102">102</span>
<span id="103">103</span>
<span id="104">104</span>
<span id="105">105</span>
<span id="106">106</span>
<span id="107">107</span>
<span id="108">108</span>
<span id="109">109</span>
<span id="110">110</span>
<span id="111">111</span>
<span id="112">112</span>
<span id="113">113</span>
<span id="114">114</span>
<span id="115">115</span>
<span id="116">116</span>
<span id="117">117</span>
<span id="118">118</span>
<span id="119">119</span>
<span id="120">120</span>
<span id="121">121</span>
<span id="122">122</span>
<span id="123">123</span>
<span id="124">124</span>
<span id="125">125</span>
<span id="126">126</span>
<span id="127">127</span>
<span id="128">128</span>
<span id="129">129</span>
<span id="130">130</span>
<span id="131">131</span>
<span id="132">132</span>
<span id="133">133</span>
<span id="134">134</span>
<span id="135">135</span>
<span id="136">136</span>
<span id="137">137</span>
<span id="138">138</span>
<span id="139">139</span>
<span id="140">140</span>
<span id="141">141</span>
<span id="142">142</span>
<span id="143">143</span>
<span id="144">144</span>
<span id="145">145</span>
<span id="146">146</span>
<span id="147">147</span>
<span id="148">148</span>
<span id="149">149</span>
<span id="150">150</span>
<span id="151">151</span>
<span id="152">152</span>
<span id="153">153</span>
<span id="154">154</span>
<span id="155">155</span>
<span id="156">156</span>
<span id="157">157</span>
<span id="158">158</span>
<span id="159">159</span>
<span id="160">160</span>
<span id="161">161</span>
<span id="162">162</span>
<span id="163">163</span>
<span id="164">164</span>
<span id="165">165</span>
<span id="166">166</span>
<span id="167">167</span>
<span id="168">168</span>
<span id="169">169</span>
<span id="170">170</span>
<span id="171">171</span>
<span id="172">172</span>
<span id="173">173</span>
<span id="174">174</span>
<span id="175">175</span>
<span id="176">176</span>
<span id="177">177</span>
<span id="178">178</span>
<span id="179">179</span>
<span id="180">180</span>
<span id="181">181</span>
<span id="182">182</span>
<span id="183">183</span>
<span id="184">184</span>
<span id="185">185</span>
<span id="186">186</span>
<span id="187">187</span>
<span id="188">188</span>
<span id="189">189</span>
<span id="190">190</span>
<span id="191">191</span>
<span id="192">192</span>
<span id="193">193</span>
<span id="194">194</span>
<span id="195">195</span>
<span id="196">196</span>
<span id="197">197</span>
<span id="198">198</span>
<span id="199">199</span>
<span id="200">200</span>
<span id="201">201</span>
<span id="202">202</span>
<span id="203">203</span>
<span id="204">204</span>
<span id="205">205</span>
<span id="206">206</span>
<span id="207">207</span>
<span id="208">208</span>
<span id="209">209</span>
<span id="210">210</span>
<span id="211">211</span>
<span id="212">212</span>
<span id="213">213</span>
<span id="214">214</span>
<span id="215">215</span>
<span id="216">216</span>
<span id="217">217</span>
<span id="218">218</span>
<span id="219">219</span>
<span id="220">220</span>
<span id="221">221</span>
<span id="222">222</span>
<span id="223">223</span>
<span id="224">224</span>
<span id="225">225</span>
<span id="226">226</span>
<span id="227">227</span>
<span id="228">228</span>
<span id="229">229</span>
<span id="230">230</span>
<span id="231">231</span>
<span id="232">232</span>
<span id="233">233</span>
<span id="234">234</span>
<span id="235">235</span>
<span id="236">236</span>
<span id="237">237</span>
<span id="238">238</span>
<span id="239">239</span>
<span id="240">240</span>
<span id="241">241</span>
<span id="242">242</span>
<span id="243">243</span>
<span id="244">244</span>
<span id="245">245</span>
<span id="246">246</span>
<span id="247">247</span>
<span id="248">248</span>
<span id="249">249</span>
<span id="250">250</span>
<span id="251">251</span>
<span id="252">252</span>
<span id="253">253</span>
<span id="254">254</span>
<span id="255">255</span>
<span id="256">256</span>
<span id="257">257</span>
<span id="258">258</span>
<span id="259">259</span>
<span id="260">260</span>
<span id="261">261</span>
<span id="262">262</span>
<span id="263">263</span>
<span id="264">264</span>
<span id="265">265</span>
<span id="266">266</span>
<span id="267">267</span>
</pre><pre class="rust"><code><span class="attribute">#![<span class="ident">deny</span>(<span class="ident">warnings</span>)]</span>
<span class="attribute">#![<span class="ident">warn</span>(<span class="ident">unused_extern_crates</span>)]</span>
<span class="attribute">#![<span class="ident">deny</span>(<span class="ident">clippy::todo</span>)]</span>
<span class="attribute">#![<span class="ident">deny</span>(<span class="ident">clippy::unimplemented</span>)]</span>
<span class="attribute">#![<span class="ident">deny</span>(<span class="ident">clippy::unwrap_used</span>)]</span>
<span class="attribute">#![<span class="ident">deny</span>(<span class="ident">clippy::expect_used</span>)]</span>
<span class="attribute">#![<span class="ident">deny</span>(<span class="ident">clippy::panic</span>)]</span>
<span class="attribute">#![<span class="ident">deny</span>(<span class="ident">clippy::unreachable</span>)]</span>
<span class="attribute">#![<span class="ident">deny</span>(<span class="ident">clippy::await_holding_lock</span>)]</span>
<span class="attribute">#![<span class="ident">deny</span>(<span class="ident">clippy::needless_pass_by_value</span>)]</span>
<span class="attribute">#![<span class="ident">deny</span>(<span class="ident">clippy::trivially_copy_pass_by_ref</span>)]</span>
<span class="kw">use</span> <span class="ident">std::ffi::CString</span>;
<span class="kw">use</span> <span class="ident">std::os::unix::fs::symlink</span>;
<span class="kw">use</span> <span class="ident">std::path::Path</span>;
<span class="kw">use</span> <span class="ident">std::time::Duration</span>;
<span class="kw">use</span> <span class="ident">std</span>::{<span class="ident">fs</span>, <span class="ident">io</span>};
<span class="kw">use</span> <span class="ident">bytes</span>::{<span class="ident">BufMut</span>, <span class="ident">BytesMut</span>};
<span class="kw">use</span> <span class="ident">futures</span>::{<span class="ident">SinkExt</span>, <span class="ident">StreamExt</span>};
<span class="kw">use</span> <span class="ident">kanidm_unix_common::constants::DEFAULT_CONFIG_PATH</span>;
<span class="kw">use</span> <span class="ident">kanidm_unix_common::unix_config::KanidmUnixdConfig</span>;
<span class="kw">use</span> <span class="ident">kanidm_unix_common::unix_proto</span>::{<span class="ident">HomeDirectoryInfo</span>, <span class="ident">TaskRequest</span>, <span class="ident">TaskResponse</span>};
<span class="kw">use</span> <span class="ident">libc</span>::{<span class="ident">lchown</span>, <span class="ident">umask</span>};
<span class="kw">use</span> <span class="ident">sketching::tracing_forest::traits</span>::<span class="kw-2">*</span>;
<span class="kw">use</span> <span class="ident">sketching::tracing_forest::util</span>::<span class="kw-2">*</span>;
<span class="kw">use</span> <span class="ident">sketching::tracing_forest</span>::{<span class="self">self</span>};
<span class="kw">use</span> <span class="ident">tokio::net::UnixStream</span>;
<span class="kw">use</span> <span class="ident">tokio::time</span>;
<span class="kw">use</span> <span class="ident">tokio_util::codec</span>::{<span class="ident">Decoder</span>, <span class="ident">Encoder</span>, <span class="ident">Framed</span>};
<span class="kw">use</span> <span class="ident">users</span>::{<span class="ident">get_effective_gid</span>, <span class="ident">get_effective_uid</span>};
<span class="kw">struct</span> <span class="ident">TaskCodec</span>;
<span class="kw">impl</span> <span class="ident">Decoder</span> <span class="kw">for</span> <span class="ident">TaskCodec</span> {
<span class="kw">type</span> <span class="ident">Error</span> <span class="op">=</span> <span class="ident">io::Error</span>;
<span class="kw">type</span> <span class="ident">Item</span> <span class="op">=</span> <span class="ident">TaskRequest</span>;
<span class="kw">fn</span> <span class="ident">decode</span>(<span class="kw-2">&amp;mut</span> <span class="self">self</span>, <span class="ident">src</span>: <span class="kw-2">&amp;mut</span> <span class="ident">BytesMut</span>) -&gt; <span class="prelude-ty">Result</span><span class="op">&lt;</span><span class="prelude-ty">Option</span><span class="op">&lt;</span><span class="ident"><span class="self">Self</span>::Item</span><span class="op">&gt;</span>, <span class="ident"><span class="self">Self</span>::Error</span><span class="op">&gt;</span> {
<span class="kw">match</span> <span class="ident">serde_json::from_slice</span>::<span class="op">&lt;</span><span class="ident">TaskRequest</span><span class="op">&gt;</span>(<span class="kw-2">&amp;</span><span class="ident">src</span>) {
<span class="prelude-val">Ok</span>(<span class="ident">msg</span>) =&gt; {
<span class="comment">// Clear the buffer for the next message.</span>
<span class="ident">src</span>.<span class="ident">clear</span>();
<span class="prelude-val">Ok</span>(<span class="prelude-val">Some</span>(<span class="ident">msg</span>))
}
<span class="kw">_</span> =&gt; <span class="prelude-val">Ok</span>(<span class="prelude-val">None</span>),
}
}
}
<span class="kw">impl</span> <span class="ident">Encoder</span><span class="op">&lt;</span><span class="ident">TaskResponse</span><span class="op">&gt;</span> <span class="kw">for</span> <span class="ident">TaskCodec</span> {
<span class="kw">type</span> <span class="ident">Error</span> <span class="op">=</span> <span class="ident">io::Error</span>;
<span class="kw">fn</span> <span class="ident">encode</span>(<span class="kw-2">&amp;mut</span> <span class="self">self</span>, <span class="ident">msg</span>: <span class="ident">TaskResponse</span>, <span class="ident">dst</span>: <span class="kw-2">&amp;mut</span> <span class="ident">BytesMut</span>) -&gt; <span class="prelude-ty">Result</span><span class="op">&lt;</span>(), <span class="ident"><span class="self">Self</span>::Error</span><span class="op">&gt;</span> {
<span class="macro">debug!</span>(<span class="string">&quot;Attempting to send request -&gt; {:?} ...&quot;</span>, <span class="ident">msg</span>);
<span class="kw">let</span> <span class="ident">data</span> <span class="op">=</span> <span class="ident">serde_json::to_vec</span>(<span class="kw-2">&amp;</span><span class="ident">msg</span>).<span class="ident">map_err</span>(<span class="op">|</span><span class="ident">e</span><span class="op">|</span> {
<span class="macro">error!</span>(<span class="string">&quot;socket encoding error -&gt; {:?}&quot;</span>, <span class="ident">e</span>);
<span class="ident">io::Error::new</span>(<span class="ident">io::ErrorKind::Other</span>, <span class="string">&quot;JSON encode error&quot;</span>)
})<span class="question-mark">?</span>;
<span class="ident">dst</span>.<span class="ident">put</span>(<span class="ident">data</span>.<span class="ident">as_slice</span>());
<span class="prelude-val">Ok</span>(())
}
}
<span class="kw">impl</span> <span class="ident">TaskCodec</span> {
<span class="kw">fn</span> <span class="ident">new</span>() -&gt; <span class="self">Self</span> {
<span class="ident">TaskCodec</span>
}
}
<span class="kw">fn</span> <span class="ident">create_home_directory</span>(<span class="ident">info</span>: <span class="kw-2">&amp;</span><span class="ident">HomeDirectoryInfo</span>, <span class="ident">home_prefix</span>: <span class="kw-2">&amp;</span><span class="ident">str</span>) -&gt; <span class="prelude-ty">Result</span><span class="op">&lt;</span>(), <span class="ident">String</span><span class="op">&gt;</span> {
<span class="comment">// Final sanity check to prevent certain classes of attacks.</span>
<span class="kw">let</span> <span class="ident">name</span> <span class="op">=</span> <span class="ident">info</span>
.<span class="ident">name</span>
.<span class="ident">trim_start_matches</span>(<span class="string">&#39;.&#39;</span>)
.<span class="ident">replace</span>(<span class="string">&quot;/&quot;</span>, <span class="string">&quot;&quot;</span>)
.<span class="ident">replace</span>(<span class="string">&quot;\\&quot;</span>, <span class="string">&quot;&quot;</span>);
<span class="kw">let</span> <span class="ident">home_prefix_path</span> <span class="op">=</span> <span class="ident">Path::new</span>(<span class="ident">home_prefix</span>);
<span class="comment">// Does our home_prefix actually exist?</span>
<span class="kw">if</span> <span class="op">!</span><span class="ident">home_prefix_path</span>.<span class="ident">exists</span>() <span class="op">|</span><span class="op">|</span> <span class="op">!</span><span class="ident">home_prefix_path</span>.<span class="ident">is_dir</span>() {
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="string">&quot;Invalid home_prefix from configuration&quot;</span>.<span class="ident">to_string</span>());
}
<span class="comment">// Actually process the request here.</span>
<span class="kw">let</span> <span class="ident">hd_path_raw</span> <span class="op">=</span> <span class="macro">format!</span>(<span class="string">&quot;{}{}&quot;</span>, <span class="ident">home_prefix</span>, <span class="ident">name</span>);
<span class="kw">let</span> <span class="ident">hd_path</span> <span class="op">=</span> <span class="ident">Path::new</span>(<span class="kw-2">&amp;</span><span class="ident">hd_path_raw</span>);
<span class="comment">// Assert the resulting named home path is consistent and correct.</span>
<span class="kw">if</span> <span class="kw">let</span> <span class="prelude-val">Some</span>(<span class="ident">pp</span>) <span class="op">=</span> <span class="ident">hd_path</span>.<span class="ident">parent</span>() {
<span class="kw">if</span> <span class="ident">pp</span> <span class="op">!</span><span class="op">=</span> <span class="ident">home_prefix_path</span> {
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="string">&quot;Invalid home directory name - not within home_prefix&quot;</span>.<span class="ident">to_string</span>());
}
} <span class="kw">else</span> {
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="string">&quot;Invalid/Corrupt home directory path - no prefix found&quot;</span>.<span class="ident">to_string</span>());
}
<span class="kw">let</span> <span class="ident">hd_path_os</span> <span class="op">=</span>
<span class="ident">CString::new</span>(<span class="ident">hd_path_raw</span>.<span class="ident">clone</span>()).<span class="ident">map_err</span>(<span class="op">|</span><span class="kw">_</span><span class="op">|</span> <span class="string">&quot;Unable to create c-string&quot;</span>.<span class="ident">to_string</span>())<span class="question-mark">?</span>;
<span class="comment">// Does the home directory exist?</span>
<span class="kw">if</span> <span class="op">!</span><span class="ident">hd_path</span>.<span class="ident">exists</span>() {
<span class="comment">// Set a umask</span>
<span class="kw">let</span> <span class="ident">before</span> <span class="op">=</span> <span class="kw">unsafe</span> { <span class="ident">umask</span>(<span class="number">0o0027</span>) };
<span class="comment">// TODO: Should we copy content from /etc/skel?</span>
<span class="comment">// Create the dir</span>
<span class="kw">if</span> <span class="kw">let</span> <span class="prelude-val">Err</span>(<span class="ident">e</span>) <span class="op">=</span> <span class="ident">fs::create_dir_all</span>(<span class="ident">hd_path</span>) {
<span class="kw">let</span> <span class="kw">_</span> <span class="op">=</span> <span class="kw">unsafe</span> { <span class="ident">umask</span>(<span class="ident">before</span>) };
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="macro">format!</span>(<span class="string">&quot;{:?}&quot;</span>, <span class="ident">e</span>));
}
<span class="kw">let</span> <span class="kw">_</span> <span class="op">=</span> <span class="kw">unsafe</span> { <span class="ident">umask</span>(<span class="ident">before</span>) };
<span class="comment">// Change the owner to the gid - remember, kanidm ONLY has gid&#39;s, the uid is implied.</span>
<span class="kw">if</span> <span class="kw">unsafe</span> { <span class="ident">lchown</span>(<span class="ident">hd_path_os</span>.<span class="ident">as_ptr</span>(), <span class="ident">info</span>.<span class="ident">gid</span>, <span class="ident">info</span>.<span class="ident">gid</span>) } <span class="op">!</span><span class="op">=</span> <span class="number">0</span> {
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="string">&quot;Unable to set ownership&quot;</span>.<span class="ident">to_string</span>());
}
}
<span class="kw">let</span> <span class="ident">name_rel_path</span> <span class="op">=</span> <span class="ident">Path::new</span>(<span class="kw-2">&amp;</span><span class="ident">name</span>);
<span class="comment">// Does the aliases exist</span>
<span class="kw">for</span> <span class="ident">alias</span> <span class="kw">in</span> <span class="ident">info</span>.<span class="ident">aliases</span>.<span class="ident">iter</span>() {
<span class="comment">// Sanity check the alias.</span>
<span class="comment">// let alias = alias.replace(&quot;.&quot;, &quot;&quot;).replace(&quot;/&quot;, &quot;&quot;).replace(&quot;\\&quot;, &quot;&quot;);</span>
<span class="kw">let</span> <span class="ident">alias</span> <span class="op">=</span> <span class="ident">alias</span>
.<span class="ident">trim_start_matches</span>(<span class="string">&#39;.&#39;</span>)
.<span class="ident">replace</span>(<span class="string">&quot;/&quot;</span>, <span class="string">&quot;&quot;</span>)
.<span class="ident">replace</span>(<span class="string">&quot;\\&quot;</span>, <span class="string">&quot;&quot;</span>);
<span class="kw">let</span> <span class="ident">alias_path_raw</span> <span class="op">=</span> <span class="macro">format!</span>(<span class="string">&quot;{}{}&quot;</span>, <span class="ident">home_prefix</span>, <span class="ident">alias</span>);
<span class="kw">let</span> <span class="ident">alias_path</span> <span class="op">=</span> <span class="ident">Path::new</span>(<span class="kw-2">&amp;</span><span class="ident">alias_path_raw</span>);
<span class="comment">// Assert the resulting alias path is consistent and correct.</span>
<span class="kw">if</span> <span class="kw">let</span> <span class="prelude-val">Some</span>(<span class="ident">pp</span>) <span class="op">=</span> <span class="ident">alias_path</span>.<span class="ident">parent</span>() {
<span class="kw">if</span> <span class="ident">pp</span> <span class="op">!</span><span class="op">=</span> <span class="ident">home_prefix_path</span> {
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="string">&quot;Invalid home directory alias - not within home_prefix&quot;</span>.<span class="ident">to_string</span>());
}
} <span class="kw">else</span> {
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="string">&quot;Invalid/Corrupt alias directory path - no prefix found&quot;</span>.<span class="ident">to_string</span>());
}
<span class="kw">if</span> <span class="ident">alias_path</span>.<span class="ident">exists</span>() {
<span class="kw">let</span> <span class="ident">attr</span> <span class="op">=</span> <span class="kw">match</span> <span class="ident">fs::symlink_metadata</span>(<span class="ident">alias_path</span>) {
<span class="prelude-val">Ok</span>(<span class="ident">a</span>) =&gt; <span class="ident">a</span>,
<span class="prelude-val">Err</span>(<span class="ident">e</span>) =&gt; {
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="macro">format!</span>(<span class="string">&quot;{:?}&quot;</span>, <span class="ident">e</span>));
}
};
<span class="kw">if</span> <span class="ident">attr</span>.<span class="ident">file_type</span>().<span class="ident">is_symlink</span>() {
<span class="comment">// Probably need to update it.</span>
<span class="kw">if</span> <span class="kw">let</span> <span class="prelude-val">Err</span>(<span class="ident">e</span>) <span class="op">=</span> <span class="ident">fs::remove_file</span>(<span class="ident">alias_path</span>) {
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="macro">format!</span>(<span class="string">&quot;{:?}&quot;</span>, <span class="ident">e</span>));
}
<span class="kw">if</span> <span class="kw">let</span> <span class="prelude-val">Err</span>(<span class="ident">e</span>) <span class="op">=</span> <span class="ident">symlink</span>(<span class="ident">name_rel_path</span>, <span class="ident">alias_path</span>) {
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="macro">format!</span>(<span class="string">&quot;{:?}&quot;</span>, <span class="ident">e</span>));
}
}
} <span class="kw">else</span> {
<span class="comment">// Does not exist. Create.</span>
<span class="kw">if</span> <span class="kw">let</span> <span class="prelude-val">Err</span>(<span class="ident">e</span>) <span class="op">=</span> <span class="ident">symlink</span>(<span class="ident">name_rel_path</span>, <span class="ident">alias_path</span>) {
<span class="kw">return</span> <span class="prelude-val">Err</span>(<span class="macro">format!</span>(<span class="string">&quot;{:?}&quot;</span>, <span class="ident">e</span>));
}
}
}
<span class="prelude-val">Ok</span>(())
}
<span class="kw">async</span> <span class="kw">fn</span> <span class="ident">handle_tasks</span>(<span class="ident">stream</span>: <span class="ident">UnixStream</span>, <span class="ident">home_prefix</span>: <span class="kw-2">&amp;</span><span class="ident">str</span>) {
<span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">reqs</span> <span class="op">=</span> <span class="ident">Framed::new</span>(<span class="ident">stream</span>, <span class="ident">TaskCodec::new</span>());
<span class="kw">loop</span> {
<span class="kw">match</span> <span class="ident">reqs</span>.<span class="ident">next</span>().<span class="kw">await</span> {
<span class="prelude-val">Some</span>(<span class="prelude-val">Ok</span>(<span class="ident">TaskRequest::HomeDirectory</span>(<span class="ident">info</span>))) =&gt; {
<span class="macro">debug!</span>(<span class="string">&quot;Received task -&gt; HomeDirectory({:?})&quot;</span>, <span class="ident">info</span>);
<span class="kw">let</span> <span class="ident">resp</span> <span class="op">=</span> <span class="kw">match</span> <span class="ident">create_home_directory</span>(<span class="kw-2">&amp;</span><span class="ident">info</span>, <span class="ident">home_prefix</span>) {
<span class="prelude-val">Ok</span>(()) =&gt; <span class="ident">TaskResponse::Success</span>,
<span class="prelude-val">Err</span>(<span class="ident">msg</span>) =&gt; <span class="ident">TaskResponse::Error</span>(<span class="ident">msg</span>),
};
<span class="comment">// Now send a result.</span>
<span class="kw">if</span> <span class="kw">let</span> <span class="prelude-val">Err</span>(<span class="ident">e</span>) <span class="op">=</span> <span class="ident">reqs</span>.<span class="ident">send</span>(<span class="ident">resp</span>).<span class="kw">await</span> {
<span class="macro">error!</span>(<span class="string">&quot;Error -&gt; {:?}&quot;</span>, <span class="ident">e</span>);
<span class="kw">return</span>;
}
<span class="comment">// All good, loop.</span>
}
<span class="ident">other</span> =&gt; {
<span class="macro">error!</span>(<span class="string">&quot;Error -&gt; {:?}&quot;</span>, <span class="ident">other</span>);
<span class="kw">return</span>;
}
}
}
}
<span class="attribute">#[<span class="ident">tokio::main</span>]</span>
<span class="kw">async</span> <span class="kw">fn</span> <span class="ident">main</span>() {
<span class="comment">// let cuid = get_current_uid();</span>
<span class="comment">// let cgid = get_current_gid();</span>
<span class="comment">// We only need to check effective id</span>
<span class="kw">let</span> <span class="ident">ceuid</span> <span class="op">=</span> <span class="ident">get_effective_uid</span>();
<span class="kw">let</span> <span class="ident">cegid</span> <span class="op">=</span> <span class="ident">get_effective_gid</span>();
<span class="kw">if</span> <span class="ident">ceuid</span> <span class="op">!</span><span class="op">=</span> <span class="number">0</span> <span class="op">|</span><span class="op">|</span> <span class="ident">cegid</span> <span class="op">!</span><span class="op">=</span> <span class="number">0</span> {
<span class="macro">eprintln!</span>(<span class="string">&quot;Refusing to run - this process *MUST* operate as root.&quot;</span>);
<span class="ident">std::process::exit</span>(<span class="number">1</span>);
}
<span class="ident">tracing_forest::worker_task</span>()
.<span class="ident">set_global</span>(<span class="bool-val">true</span>)
<span class="comment">// Fall back to stderr</span>
.<span class="ident">map_sender</span>(<span class="op">|</span><span class="ident">sender</span><span class="op">|</span> <span class="ident">sender</span>.<span class="ident">or_stderr</span>())
.<span class="ident">build_on</span>(<span class="op">|</span><span class="ident">subscriber</span><span class="op">|</span> {
<span class="ident">subscriber</span>.<span class="ident">with</span>(
<span class="ident">EnvFilter::try_from_default_env</span>()
.<span class="ident">or_else</span>(<span class="op">|</span><span class="kw">_</span><span class="op">|</span> <span class="ident">EnvFilter::try_new</span>(<span class="string">&quot;info&quot;</span>))
.<span class="ident">expect</span>(<span class="string">&quot;Failed to init envfilter&quot;</span>),
)
})
.<span class="ident">on</span>(<span class="kw">async</span> {
<span class="kw">let</span> <span class="ident">unixd_path</span> <span class="op">=</span> <span class="ident">Path::new</span>(<span class="ident">DEFAULT_CONFIG_PATH</span>);
<span class="kw">let</span> <span class="ident">unixd_path_str</span> <span class="op">=</span> <span class="kw">match</span> <span class="ident">unixd_path</span>.<span class="ident">to_str</span>() {
<span class="prelude-val">Some</span>(<span class="ident">cps</span>) =&gt; <span class="ident">cps</span>,
<span class="prelude-val">None</span> =&gt; {
<span class="macro">error!</span>(<span class="string">&quot;Unable to turn unixd_path to str&quot;</span>);
<span class="ident">std::process::exit</span>(<span class="number">1</span>);
}
};
<span class="kw">let</span> <span class="ident">cfg</span> <span class="op">=</span> <span class="kw">match</span> <span class="ident">KanidmUnixdConfig::new</span>().<span class="ident">read_options_from_optional_config</span>(<span class="ident">unixd_path</span>) {
<span class="prelude-val">Ok</span>(<span class="ident">v</span>) =&gt; <span class="ident">v</span>,
<span class="prelude-val">Err</span>(<span class="kw">_</span>) =&gt; {
<span class="macro">error!</span>(<span class="string">&quot;Failed to parse {}&quot;</span>, <span class="ident">unixd_path_str</span>);
<span class="ident">std::process::exit</span>(<span class="number">1</span>);
}
};
<span class="kw">let</span> <span class="ident">task_sock_path</span> <span class="op">=</span> <span class="ident">cfg</span>.<span class="ident">task_sock_path</span>.<span class="ident">clone</span>();
<span class="macro">debug!</span>(<span class="string">&quot;Attempting to use {} ...&quot;</span>, <span class="ident">task_sock_path</span>);
<span class="kw">let</span> <span class="ident">server</span> <span class="op">=</span> <span class="kw">async</span> <span class="kw">move</span> {
<span class="kw">loop</span> {
<span class="macro">info!</span>(<span class="string">&quot;Attempting to connect to kanidm_unixd ...&quot;</span>);
<span class="comment">// Try to connect to the daemon.</span>
<span class="kw">match</span> <span class="ident">UnixStream::connect</span>(<span class="kw-2">&amp;</span><span class="ident">task_sock_path</span>).<span class="kw">await</span> {
<span class="comment">// Did we connect?</span>
<span class="prelude-val">Ok</span>(<span class="ident">stream</span>) =&gt; {
<span class="macro">info!</span>(<span class="string">&quot;Found kanidm_unixd, waiting for tasks ...&quot;</span>);
<span class="comment">// Yep! Now let the main handler do it&#39;s job.</span>
<span class="comment">// If it returns (dc, etc, then we loop and try again).</span>
<span class="ident">handle_tasks</span>(<span class="ident">stream</span>, <span class="kw-2">&amp;</span><span class="ident">cfg</span>.<span class="ident">home_prefix</span>).<span class="kw">await</span>;
}
<span class="prelude-val">Err</span>(<span class="ident">e</span>) =&gt; {
<span class="macro">error!</span>(<span class="string">&quot;Unable to find kanidm_unixd, sleeping ...&quot;</span>);
<span class="macro">debug!</span>(<span class="string">&quot;\\---&gt; {:?}&quot;</span>, <span class="ident">e</span>);
<span class="comment">// Back off.</span>
<span class="ident">time::sleep</span>(<span class="ident">Duration::from_millis</span>(<span class="number">5000</span>)).<span class="kw">await</span>;
}
}
}
};
<span class="ident">server</span>.<span class="kw">await</span>;
})
.<span class="kw">await</span>;
}
</code></pre></div>
</section></div></main><div id="rustdoc-vars" data-root-path="../../" data-current-crate="kanidm_unixd_tasks" data-themes="ayu,dark,light" data-resource-suffix="" data-rustdoc-version="1.64.0 (a55dd71d5 2022-09-19)" ></div></body></html>
Reference in a new issue View git blame Copy permalink