priv_sep

Privilege separation library.
git clone https://git.philomathiclife.com/repos/priv_sep
Log | Files | Refs | README

commit 4735b96619548aa1d2e931b787e3bf072a2fe286
parent 488780b95c21e0fbed86a4ff609301c16550bd98
Author: Zack Newman <zack@philomathiclife.com>
Date:   Wed, 18 Oct 2023 16:21:14 -0600

shortened UnveilErr variant names. minor cleanup

Diffstat:
MCargo.toml | 4++--
MREADME.md | 8++++----
Msrc/lib.rs | 22+++++++++++-----------
3 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml @@ -9,14 +9,14 @@ license = "MIT OR Apache-2.0" name = "priv_sep" readme = "README.md" repository = "https://git.philomathiclife.com/repos/priv_sep/" -version = "0.6.1" +version = "0.7.0" [lib] name = "priv_sep" path = "src/lib.rs" [dependencies] -libc = { version = "0.2.148", default-features = false, features = ["std"], optional = true } +libc = { version = "0.2.149", default-features = false, features = ["std"], optional = true } [build-dependencies] rustc_version = "0.4.0" diff --git a/README.md b/README.md @@ -40,15 +40,15 @@ laptop$ cd priv_sep/ laptop$ cargo build --release Updating crates.io index Compiling semver v1.0.18 - Compiling libc v0.2.148 + Compiling libc v0.2.149 Compiling rustc_version v0.4.0 - Compiling priv_sep v0.6.0 (/home/zack/priv_sep) + Compiling priv_sep v0.7.0 (/home/zack/priv_sep) Finished release [optimized] target(s) in 1.90s laptop$ touch /home/zack/foo.txt && cargo t && rm /home/zack/foo.txt Compiling semver v1.0.18 - Compiling libc v0.2.148 + Compiling libc v0.2.149 Compiling rustc_version v0.4.0 - Compiling priv_sep v0.6.0 (/home/zack/priv_sep) + Compiling priv_sep v0.7.0 (/home/zack/priv_sep) Finished test [unoptimized + debuginfo] target(s) in 1.43s Running unittests src/lib.rs (target/debug/deps/priv_sep-dcb151b099a76f20) diff --git a/src/lib.rs b/src/lib.rs @@ -62,7 +62,7 @@ use Promise::{ Tmppath, Tty, Unix, Unveil, Video, Vminfo, Vmm, Wpath, Wroute, }; #[non_exhaustive] -#[derive(Clone, Copy, Debug, Eq, Hash, PartialEq, PartialOrd, Ord)] +#[derive(Clone, Copy, Debug, Eq, Hash, Ord, PartialEq, PartialOrd)] /// A `promise` to [`pledge(2)`](https://man.openbsd.org/amd64/pledge.2). pub enum Promise { /// Consult `pledge(2)`. @@ -182,7 +182,7 @@ impl Display for Promise { } } /// Invokes [`pledge(2)`](https://man.openbsd.org/amd64/pledge.2) always passing in -/// `NULL` for `execpromises`. When `None` is passed, then `NULL` is passed for `promises`. When `Some(&[])` +/// `NULL` for `execpromises`. When `None` is passed, then `NULL` is passed for `promises`. When `Some([].as_slice())` /// is passed, then `""` is passed for `promises`. Like the system call it wraps, duplicates are ignored. /// /// # Errors @@ -265,7 +265,7 @@ pub fn pledge(promises: Option<&[Promise]>) -> Result<(), io::Error> { } /// A `permission` to [`unveil(2)`](https://man.openbsd.org/amd64/unveil.2). #[allow(clippy::exhaustive_enums)] -#[derive(Clone, Copy, Debug, Eq, Hash, PartialEq, PartialOrd, Ord)] +#[derive(Clone, Copy, Debug, Eq, Hash, Ord, PartialEq, PartialOrd)] pub enum Permission { /// Consult `unveil(2)`. Create, @@ -292,18 +292,18 @@ impl Display for Permission { #[derive(Debug)] pub enum UnveilErr { /// Error propagated from [`unveil(2)`](https://man.openbsd.org/amd64/unveil.2). - Error(io::Error), + Io(io::Error), /// Error when a path cannot be converted into a /// [`CString`]. - NulError(NulError), + Nul(NulError), } impl Display for UnveilErr { #[allow(clippy::ref_patterns)] #[inline] fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result { match *self { - Self::Error(ref err) => err.fmt(f), - Self::NulError(ref e) => write!( + Self::Io(ref err) => err.fmt(f), + Self::Nul(ref e) => write!( f, "The path passed to 'unveil(2)' was unable to be converted to a CString: {e}" ), @@ -351,7 +351,7 @@ fn unveil<P: AsRef<Path>, const N: usize>( perm_c = unsafe { CString::from_vec_with_nul_unchecked(v) }; (path_c.as_ptr(), perm_c.as_ptr()) } - Err(e) => return Err(UnveilErr::NulError(e)), + Err(e) => return Err(UnveilErr::Nul(e)), } } else { (ptr::null(), ptr::null()) @@ -361,7 +361,7 @@ fn unveil<P: AsRef<Path>, const N: usize>( // fst and snd meet the requirements of the unveil(2) call. match unsafe { unveil(fst, snd) } { 0i32 => Ok(()), - _ => Err(UnveilErr::Error(io::Error::last_os_error())), + _ => Err(UnveilErr::Io(io::Error::last_os_error())), } } /// Invokes [`unveil(2)`](https://man.openbsd.org/amd64/unveil.2) by passing `NULL` for both `path` and `permissions`. @@ -373,8 +373,8 @@ fn unveil<P: AsRef<Path>, const N: usize>( #[inline] pub fn unveil_no_more() -> Result<(), io::Error> { unveil::<PathBuf, 0>(None, []).map_err(|e| match e { - UnveilErr::Error(err) => err, - UnveilErr::NulError(_) => unreachable!("There is a bug in unveil."), + UnveilErr::Io(err) => err, + UnveilErr::Nul(_) => unreachable!("There is a bug in unveil."), }) } /// Invokes [`unveil(2)`](https://man.openbsd.org/amd64/unveil.2) by passing `path` for `path` and `""` for `permissions`.