summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorTomasz Kramkowski <tomasz@kramkow.ski>2023-01-30 20:37:26 +0000
committerTomasz Kramkowski <tomasz@kramkow.ski>2023-01-30 20:43:52 +0000
commit2d25ea7eb25f4c6480cf0b1b53cab0cfe1e0c87d (patch)
tree3c880330e7eee6aa5d661b1c189ef878d5a3b7e7 /src
parent6b89e0dcb0d3a513d548fb38c08d4b66a353f364 (diff)
downloadpam_usercg_rust-master.tar.gz
pam_usercg_rust-master.tar.xz
pam_usercg_rust-master.zip
Switch to rustixHEADmaster
Diffstat (limited to 'src')
-rw-r--r--src/lib.rs53
1 files changed, 33 insertions, 20 deletions
diff --git a/src/lib.rs b/src/lib.rs
index 42a9c1b..0b5fff9 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -5,31 +5,38 @@ mod pam;
mod passwd;
mod syslog;
-use cap_std::fs::{Dir, OpenOptions};
use pam::PAMHandle;
+use rustix::fd::{AsFd, OwnedFd};
+use rustix::fs::{self, Mode, OFlags};
+use rustix::io::{self, Errno};
+use rustix::path::Arg;
use std::ffi::{c_char, c_int, CStr, CString};
-use std::io::{ErrorKind, Write};
use std::panic;
-use std::path::Path;
use std::process;
use syslog::{Facility, Level, Priority};
-fn create_and_open_dir<P: AsRef<Path> + ?Sized>(
- d: &Dir,
- path: &P,
-) -> std::io::Result<Dir> {
- if let Err(e) = d.create_dir(path) {
- if e.kind() != ErrorKind::AlreadyExists {
+fn create_and_open_dir<D: AsFd, P: Arg + Copy>(
+ d: &D,
+ path: P,
+) -> rustix::io::Result<OwnedFd> {
+ if let Err(e) = fs::mkdirat(d, path, Mode::RWXU | Mode::RWXG | Mode::RWXO) {
+ if e != Errno::EXIST {
return Err(e);
}
}
- d.open_dir(path)
+ fs::openat(d, path, OFlags::DIRECTORY | OFlags::PATH, Mode::empty())
}
struct SessionError;
-impl From<std::io::Error> for SessionError {
- fn from(_: std::io::Error) -> Self {
+impl From<rustix::io::Errno> for SessionError {
+ fn from(_: rustix::io::Errno) -> Self {
+ SessionError
+ }
+}
+
+impl From<std::ffi::NulError> for SessionError {
+ fn from(_: std::ffi::NulError) -> Self {
SessionError
}
}
@@ -52,7 +59,7 @@ fn open_session(h: &PAMHandle, mountpoint: &str) -> Result<(), SessionError> {
}
};
let uid = match passwd::get_uid_by_name(&user) {
- Some(uid) => uid.to_string(),
+ Some(uid) => CString::new(uid.to_string())?,
None => {
if let Ok(message) =
CString::new(format!("Failure to map user {user:?} to passwd entry"))
@@ -62,16 +69,22 @@ fn open_session(h: &PAMHandle, mountpoint: &str) -> Result<(), SessionError> {
return Err(SessionError);
}
};
- let d = Dir::open_ambient_dir(mountpoint, cap_std::ambient_authority())?;
+ let d = fs::openat(
+ fs::cwd(),
+ mountpoint,
+ OFlags::DIRECTORY | OFlags::PATH,
+ Mode::empty(),
+ )?;
let d = create_and_open_dir(&d, "user")?;
let d = create_and_open_dir(&d, &uid)?;
let d = create_and_open_dir(&d, "leaf")?;
- let pid = process::id().to_string();
- let mut options = OpenOptions::new();
- options.write(true);
- let mut procs = d.open_with("cgroup.procs", &options)?;
- procs.write_all(pid.as_bytes())?;
- Ok(())
+ let pid = CString::new(process::id().to_string())?;
+ let pid = pid.as_bytes();
+ let procs = fs::openat(d, "cgroup.procs", OFlags::WRONLY, Mode::empty())?;
+ match io::write(procs, pid) {
+ Ok(n) if n == pid.len() => Ok(()),
+ _ => Err(SessionError),
+ }
}
const CG_MOUNT: &str = "/sys/fs/cgroup";