From 5543c0bc13c109efd6ef252d82ec7dbfc91dfa7e Mon Sep 17 00:00:00 2001 From: Christian Eltzschig Date: Fri, 15 Dec 2023 03:09:35 +0100 Subject: [PATCH] [#42] Add acl feature flag and deactive it by default --- iceoryx2-bb/posix/Cargo.toml | 3 + iceoryx2-bb/posix/src/file_descriptor.rs | 15 +- iceoryx2-bb/posix/src/lib.rs | 24 ++ .../posix/tests/access_control_list_tests.rs | 233 +++++++++--------- .../posix/tests/file_descriptor_tests.rs | 3 + iceoryx2-pal/posix/Cargo.toml | 3 + iceoryx2-pal/posix/build.rs | 28 ++- iceoryx2-pal/posix/src/c/posix.h | 51 ++++ iceoryx2-pal/posix/src/c/posix_docs_rs.h | 2 + iceoryx2-pal/posix/src/freebsd/acl.rs | 22 ++ iceoryx2-pal/posix/src/freebsd/constants.rs | 15 -- iceoryx2-pal/posix/src/freebsd/mod.rs | 2 + iceoryx2-pal/posix/src/freebsd/types.rs | 7 - iceoryx2-pal/posix/src/linux/acl.rs | 22 ++ iceoryx2-pal/posix/src/linux/constants.rs | 15 -- iceoryx2-pal/posix/src/linux/mod.rs | 2 + iceoryx2-pal/posix/src/linux/types.rs | 7 - iceoryx2-pal/posix/src/macos/acl.rs | 22 ++ iceoryx2-pal/posix/src/macos/constants.rs | 15 -- iceoryx2-pal/posix/src/macos/mod.rs | 2 + iceoryx2-pal/posix/src/macos/types.rs | 7 - iceoryx2-pal/posix/src/windows/acl.rs | 25 ++ iceoryx2-pal/posix/src/windows/constants.rs | 15 -- iceoryx2-pal/posix/src/windows/mod.rs | 2 + iceoryx2-pal/posix/src/windows/types.rs | 10 - 25 files changed, 336 insertions(+), 216 deletions(-) diff --git a/iceoryx2-bb/posix/Cargo.toml b/iceoryx2-bb/posix/Cargo.toml index 60825fe07..d45880d33 100644 --- a/iceoryx2-bb/posix/Cargo.toml +++ b/iceoryx2-bb/posix/Cargo.toml @@ -10,6 +10,9 @@ repository = { workspace = true } rust-version = { workspace = true } version = { workspace = true } +[features] +acl = ["iceoryx2-pal-posix/acl"] + [dependencies] iceoryx2-bb-container = { workspace = true } iceoryx2-bb-system-types = { workspace = true } diff --git a/iceoryx2-bb/posix/src/file_descriptor.rs b/iceoryx2-bb/posix/src/file_descriptor.rs index fb10e25b8..f46014d56 100644 --- a/iceoryx2-bb/posix/src/file_descriptor.rs +++ b/iceoryx2-bb/posix/src/file_descriptor.rs @@ -46,6 +46,7 @@ //! use iceoryx2_bb_container::semantic_string::SemanticString; //! use iceoryx2_bb_posix::file_descriptor::*; //! use iceoryx2_bb_posix::file::*; +//! #[cfg(feature = "acl")] //! use iceoryx2_bb_posix::access_control_list::*; //! use iceoryx2_bb_posix::ownership::*; //! use iceoryx2_bb_posix::user::UserExt; @@ -68,14 +69,18 @@ //! file.set_permission(Permission::ALL); //! //! // set some new ACLs -//! let mut acl = file.access_control_list().expect("failed to get acl"); -//! acl.add_user("testUser2".as_user().unwrap().uid(), AclPermission::Read) -//! .expect("failed to add user"); -//! file.set_access_control_list(&acl); +//! #[cfg(feature = "acl")] +//! { +//! let mut acl = file.access_control_list().expect("failed to get acl"); +//! acl.add_user("testUser2".as_user().unwrap().uid(), AclPermission::Read) +//! .expect("failed to add user"); +//! file.set_access_control_list(&acl); +//! } //! ``` use std::fmt::Debug; +#[cfg(feature = "acl")] use crate::access_control_list::*; use crate::config::EINTR_REPETITIONS; use crate::file::*; @@ -303,6 +308,7 @@ pub trait FileDescriptorManagement: FileDescriptorBased + Debug + Sized { } /// Returns the current access control list + #[cfg(feature = "acl")] fn access_control_list( &self, ) -> Result { @@ -310,6 +316,7 @@ pub trait FileDescriptorManagement: FileDescriptorBased + Debug + Sized { } /// Sets a new access control list + #[cfg(feature = "acl")] fn set_access_control_list( &self, acl: &AccessControlList, diff --git a/iceoryx2-bb/posix/src/lib.rs b/iceoryx2-bb/posix/src/lib.rs index ffd8b055e..1d916a54d 100644 --- a/iceoryx2-bb/posix/src/lib.rs +++ b/iceoryx2-bb/posix/src/lib.rs @@ -12,6 +12,7 @@ //! Abstraction of POSIX constructs with a safe API +#[cfg(feature = "acl")] use access_control_list::AccessControlListError; use barrier::BarrierCreationError; use clock::ClockError; @@ -31,6 +32,7 @@ use thread::ThreadError; use unix_datagram_socket::UnixDatagramError; use user::UserError; +#[cfg(feature = "acl")] pub mod access_control_list; pub mod access_mode; pub mod adaptive_wait; @@ -70,6 +72,7 @@ pub mod unix_datagram_socket; pub mod unmovable_ipc_handle; pub mod user; +#[cfg(feature = "acl")] enum_gen! {Error generalization: AccessControlList <= AccessControlListError, @@ -90,3 +93,24 @@ enum_gen! {Error User <= UserError, UnixDatagramSocket <= UnixDatagramError } + +#[cfg(not(feature = "acl"))] +enum_gen! {Error + generalization: + Barrier <= BarrierCreationError, + Clock <= ClockError, + Directory <= DirectoryError, + File <= FileError, + FileLock <= FileLockError, + Group <= GroupError, + MemoryLock <= MemoryLockError, + Mutex <= MutexError, + Process <= ProcessError, + ReadWriteMutex <= ReadWriteMutexError, + Semaphore <= SemaphoreError, + SharedMemory <= SharedMemoryCreationError, + Signal <= SignalError, + Thread <= ThreadError, + User <= UserError, + UnixDatagramSocket <= UnixDatagramError +} diff --git a/iceoryx2-bb/posix/tests/access_control_list_tests.rs b/iceoryx2-bb/posix/tests/access_control_list_tests.rs index cb45f8ebc..fe7f4721e 100644 --- a/iceoryx2-bb/posix/tests/access_control_list_tests.rs +++ b/iceoryx2-bb/posix/tests/access_control_list_tests.rs @@ -10,137 +10,142 @@ // // SPDX-License-Identifier: Apache-2.0 OR MIT -use iceoryx2_bb_posix::access_control_list::*; -use iceoryx2_bb_posix::config::TEST_DIRECTORY; -use iceoryx2_bb_posix::directory::*; -use iceoryx2_bb_posix::file::*; -use iceoryx2_bb_posix::file_descriptor::FileDescriptorBased; -use iceoryx2_bb_posix::group::*; -use iceoryx2_bb_posix::user::*; -use iceoryx2_bb_system_types::file_name::FileName; -use iceoryx2_bb_system_types::file_path::FilePath; -use iceoryx2_bb_testing::assert_that; -use iceoryx2_bb_testing::test_requires; -use iceoryx2_pal_posix::*; - -// TODO: [#40] -#[ignore] -#[test] -fn access_control_list_string_conversion_works() { - test_requires!(posix::POSIX_SUPPORT_ACL); - - let mut sut = AccessControlList::new().unwrap(); - sut.add_user(0, AclPermission::Execute).unwrap(); - sut.add_group(0, AclPermission::WriteExecute).unwrap(); - - let sut_string = sut.as_string().unwrap(); - let new_sut = AccessControlList::from_string(&sut_string).unwrap(); - - assert_that!(sut.as_string().unwrap(), eq new_sut.as_string().unwrap()); - - let entries = sut.get().unwrap(); - let new_entries = new_sut.get().unwrap(); - - assert_that!(entries, len 6); - let new_entries_len = new_entries.len(); - assert_that!(entries, len new_entries_len); - - for i in 0..6 { - assert_that!(entries[i].id(), eq new_entries[i].id()); - assert_that!(entries[i].permission(), eq new_entries[i].permission()); - assert_that!(entries[i].tag(), eq new_entries[i].tag()); +#[cfg(feature = "acl")] +mod tests { + use iceoryx2_bb_posix::access_control_list::*; + use iceoryx2_bb_posix::config::TEST_DIRECTORY; + use iceoryx2_bb_posix::directory::*; + use iceoryx2_bb_posix::file::*; + use iceoryx2_bb_posix::file_descriptor::FileDescriptorBased; + use iceoryx2_bb_posix::group::*; + use iceoryx2_bb_posix::user::*; + use iceoryx2_bb_system_types::file_name::FileName; + use iceoryx2_bb_system_types::file_path::FilePath; + use iceoryx2_bb_testing::assert_that; + use iceoryx2_bb_testing::test_requires; + use iceoryx2_pal_posix::*; + + // TODO: [#40] + #[ignore] + #[test] + fn access_control_list_string_conversion_works() { + test_requires!(posix::POSIX_SUPPORT_ACL); + + let mut sut = AccessControlList::new().unwrap(); + sut.add_user(0, AclPermission::Execute).unwrap(); + sut.add_group(0, AclPermission::WriteExecute).unwrap(); + + let sut_string = sut.as_string().unwrap(); + let new_sut = AccessControlList::from_string(&sut_string).unwrap(); + + assert_that!(sut.as_string().unwrap(), eq new_sut.as_string().unwrap()); + + let entries = sut.get().unwrap(); + let new_entries = new_sut.get().unwrap(); + + assert_that!(entries, len 6); + let new_entries_len = new_entries.len(); + assert_that!(entries, len new_entries_len); + + for i in 0..6 { + assert_that!(entries[i].id(), eq new_entries[i].id()); + assert_that!(entries[i].permission(), eq new_entries[i].permission()); + assert_that!(entries[i].tag(), eq new_entries[i].tag()); + } } -} -#[test] -fn access_control_list_apply_to_file_works() { - test_requires!(posix::POSIX_SUPPORT_ACL); + #[test] + fn access_control_list_apply_to_file_works() { + test_requires!(posix::POSIX_SUPPORT_ACL); - Directory::create(&TEST_DIRECTORY, Permission::OWNER_ALL).unwrap(); - let file_path = FilePath::from_path_and_file(&TEST_DIRECTORY, unsafe { - &FileName::new_unchecked(b"access_control_list_test") - }) - .unwrap(); - - let file = FileBuilder::new(&file_path) - .creation_mode(CreationMode::PurgeAndCreate) - .create() + Directory::create(&TEST_DIRECTORY, Permission::OWNER_ALL).unwrap(); + let file_path = FilePath::from_path_and_file(&TEST_DIRECTORY, unsafe { + &FileName::new_unchecked(b"access_control_list_test") + }) .unwrap(); - let mut sut = AccessControlList::new().unwrap(); - sut.set(Acl::OwningUser, AclPermission::ReadExecute) - .unwrap(); - sut.set(Acl::OwningGroup, AclPermission::Execute).unwrap(); - sut.set(Acl::Other, AclPermission::None).unwrap(); - sut.set( - Acl::MaxAccessRightsForNonOwners, - AclPermission::ReadWriteExecute, - ) - .unwrap(); - - // apply basic settings - sut.apply_to_file_descriptor(unsafe { file.file_descriptor().native_handle() }) - .unwrap(); + let file = FileBuilder::new(&file_path) + .creation_mode(CreationMode::PurgeAndCreate) + .create() + .unwrap(); - // // acquire acl from fd and extend it - let mut sut = - AccessControlList::from_file_descriptor(unsafe { file.file_descriptor().native_handle() }) + let mut sut = AccessControlList::new().unwrap(); + sut.set(Acl::OwningUser, AclPermission::ReadExecute) .unwrap(); + sut.set(Acl::OwningGroup, AclPermission::Execute).unwrap(); + sut.set(Acl::Other, AclPermission::None).unwrap(); + sut.set( + Acl::MaxAccessRightsForNonOwners, + AclPermission::ReadWriteExecute, + ) + .unwrap(); - let testuser1_uid = "testuser1".as_user().unwrap().uid(); - let testuser2_uid = "testuser2".as_user().unwrap().uid(); - let testgroup1_gid = "testgroup1".as_group().unwrap().gid(); - let testgroup2_gid = "testgroup2".as_group().unwrap().gid(); + // apply basic settings + sut.apply_to_file_descriptor(unsafe { file.file_descriptor().native_handle() }) + .unwrap(); - sut.add_user(testuser1_uid, AclPermission::Read).unwrap(); - sut.add_user(testuser2_uid, AclPermission::Write).unwrap(); - sut.add_group(testgroup1_gid, AclPermission::ReadWrite) - .unwrap(); - sut.add_group(testgroup2_gid, AclPermission::WriteExecute) - .unwrap(); - sut.apply_to_file_descriptor(unsafe { file.file_descriptor().native_handle() }) + // // acquire acl from fd and extend it + let mut sut = AccessControlList::from_file_descriptor(unsafe { + file.file_descriptor().native_handle() + }) .unwrap(); - let sut = - AccessControlList::from_file_descriptor(unsafe { file.file_descriptor().native_handle() }) + let testuser1_uid = "testuser1".as_user().unwrap().uid(); + let testuser2_uid = "testuser2".as_user().unwrap().uid(); + let testgroup1_gid = "testgroup1".as_group().unwrap().gid(); + let testgroup2_gid = "testgroup2".as_group().unwrap().gid(); + + sut.add_user(testuser1_uid, AclPermission::Read).unwrap(); + sut.add_user(testuser2_uid, AclPermission::Write).unwrap(); + sut.add_group(testgroup1_gid, AclPermission::ReadWrite) + .unwrap(); + sut.add_group(testgroup2_gid, AclPermission::WriteExecute) + .unwrap(); + sut.apply_to_file_descriptor(unsafe { file.file_descriptor().native_handle() }) .unwrap(); - let entries = sut.get().unwrap(); - for entry in entries { - match entry.tag() { - AclTag::OwningUser => { - assert_that!(entry.permission(), eq AclPermission::ReadExecute) - } - AclTag::OwningGroup => { - assert_that!(entry.permission(), eq AclPermission::Execute) - } - AclTag::Other => { - assert_that!(entry.permission(), eq AclPermission::None) - } - AclTag::MaxAccessRightsForNonOwners => { - assert_that!(entry.permission(), eq AclPermission::ReadWriteExecute) - } - AclTag::User => { - if entry.id() == Some(testuser1_uid) { - assert_that!(entry.permission(), eq AclPermission::Read); - } else if entry.id() == Some(testuser2_uid) { - assert_that!(entry.permission(), eq AclPermission::Write); - } else { - assert_that!(true, eq false); + let sut = AccessControlList::from_file_descriptor(unsafe { + file.file_descriptor().native_handle() + }) + .unwrap(); + let entries = sut.get().unwrap(); + + for entry in entries { + match entry.tag() { + AclTag::OwningUser => { + assert_that!(entry.permission(), eq AclPermission::ReadExecute) } - } - AclTag::Group => { - if entry.id() == Some(testgroup1_gid) { - assert_that!(entry.permission(), eq AclPermission::ReadWrite); - } else if entry.id() == Some(testgroup2_gid) { - assert_that!(entry.permission(), eq AclPermission::WriteExecute); - } else { + AclTag::OwningGroup => { + assert_that!(entry.permission(), eq AclPermission::Execute) + } + AclTag::Other => { + assert_that!(entry.permission(), eq AclPermission::None) + } + AclTag::MaxAccessRightsForNonOwners => { + assert_that!(entry.permission(), eq AclPermission::ReadWriteExecute) + } + AclTag::User => { + if entry.id() == Some(testuser1_uid) { + assert_that!(entry.permission(), eq AclPermission::Read); + } else if entry.id() == Some(testuser2_uid) { + assert_that!(entry.permission(), eq AclPermission::Write); + } else { + assert_that!(true, eq false); + } + } + AclTag::Group => { + if entry.id() == Some(testgroup1_gid) { + assert_that!(entry.permission(), eq AclPermission::ReadWrite); + } else if entry.id() == Some(testgroup2_gid) { + assert_that!(entry.permission(), eq AclPermission::WriteExecute); + } else { + assert_that!(true, eq false); + } + } + _ => { assert_that!(true, eq false); } } - _ => { - assert_that!(true, eq false); - } } } } diff --git a/iceoryx2-bb/posix/tests/file_descriptor_tests.rs b/iceoryx2-bb/posix/tests/file_descriptor_tests.rs index d4d31cd7a..d326a6201 100644 --- a/iceoryx2-bb/posix/tests/file_descriptor_tests.rs +++ b/iceoryx2-bb/posix/tests/file_descriptor_tests.rs @@ -12,6 +12,7 @@ use iceoryx2_bb_container::semantic_string::SemanticString; use iceoryx2_bb_elementary::math::ToB64; +#[cfg(feature = "acl")] use iceoryx2_bb_posix::access_control_list::*; use iceoryx2_bb_posix::config::*; use iceoryx2_bb_posix::file::*; @@ -25,6 +26,7 @@ use iceoryx2_bb_system_types::file_path::FilePath; use iceoryx2_bb_testing::assert_that; use iceoryx2_bb_testing::test_requires; use iceoryx2_pal_posix::posix::{POSIX_SUPPORT_PERMISSIONS, POSIX_SUPPORT_USERS_AND_GROUPS}; +#[cfg(feature = "acl")] use iceoryx2_pal_posix::*; #[test] @@ -142,6 +144,7 @@ mod file_descriptor_management { test(Permission::OWNER_ALL | Permission::GROUP_ALL | Permission::OTHERS_ALL); } + #[cfg(feature = "acl")] #[test] fn access_control_list_handling_works() { test_requires!(posix::POSIX_SUPPORT_ACL); diff --git a/iceoryx2-pal/posix/Cargo.toml b/iceoryx2-pal/posix/Cargo.toml index f8c53f8d8..f557601ef 100644 --- a/iceoryx2-pal/posix/Cargo.toml +++ b/iceoryx2-pal/posix/Cargo.toml @@ -14,6 +14,9 @@ version = { workspace = true } cc = { workspace = true } bindgen = { workspace = true } +[features] +acl = [] + [dependencies] iceoryx2-pal-concurrency-sync = { workspace = true } iceoryx2-pal-configuration = { workspace = true } diff --git a/iceoryx2-pal/posix/build.rs b/iceoryx2-pal/posix/build.rs index 5791262ff..89836873f 100644 --- a/iceoryx2-pal/posix/build.rs +++ b/iceoryx2-pal/posix/build.rs @@ -23,23 +23,37 @@ fn main() { if std::env::var("DOCS_RS").is_ok() { println!("cargo:rerun-if-changed=src/c/posix_docs_rs.h"); } else { - #[cfg(target_os = "linux")] + #[cfg(all(target_os = "linux", feature = "acl"))] println!("cargo:rustc-link-lib=acl"); println!("cargo:rerun-if-changed=src/c/posix.h"); } let bindings = if std::env::var("DOCS_RS").is_ok() { - bindgen::Builder::default() - .header("src/c/posix_docs_rs.h") - .parse_callbacks(Box::new(bindgen::CargoCallbacks)) - .generate() - .expect("Unable to generate bindings") - } else { bindgen::Builder::default() .header("src/c/posix.h") .parse_callbacks(Box::new(bindgen::CargoCallbacks)) + .clang_arg("-D IOX2_DOCS_RS_SUPPORT") .generate() .expect("Unable to generate bindings") + } else { + #[cfg(not(feature = "acl"))] + { + bindgen::Builder::default() + .header("src/c/posix.h") + .parse_callbacks(Box::new(bindgen::CargoCallbacks)) + .generate() + .expect("Unable to generate bindings") + } + + #[cfg(feature = "acl")] + { + bindgen::Builder::default() + .header("src/c/posix.h") + .parse_callbacks(Box::new(bindgen::CargoCallbacks)) + .clang_arg("-D IOX2_ACL_SUPPORT") + .generate() + .expect("Unable to generate bindings") + } }; let out_path = PathBuf::from(env::var("OUT_DIR").unwrap()); diff --git a/iceoryx2-pal/posix/src/c/posix.h b/iceoryx2-pal/posix/src/c/posix.h index 435a87ad4..de6286346 100644 --- a/iceoryx2-pal/posix/src/c/posix.h +++ b/iceoryx2-pal/posix/src/c/posix.h @@ -1,6 +1,8 @@ #ifdef __FreeBSD__ #include +#if defined(IOX2_ACL_SUPPORT) && !defined(IOX2_DOCS_RS_SUPPORT) #include +#endif #include #include #include @@ -8,7 +10,9 @@ #endif #ifdef __linux__ +#if defined(IOX2_ACL_SUPPORT) && !defined(IOX2_DOCS_RS_SUPPORT) #include +#endif #include #endif @@ -38,3 +42,50 @@ #include #include #include + +#if defined(IOX2_DOCS_RS_SUPPORT) && defined(IOX2_ACL_SUPPORT) +/////////////////////////////// +// stub libacl.h implementation +/////////////////////////////// + +typedef int acl_tag_t; +typedef unsigned int acl_perm_t; +typedef int acl_type_t; +typedef int acl_t; +typedef int acl_entry_t; +typedef int acl_permset_t; + +#define ACL_EXECUTE 0x01 +#define ACL_WRITE 0x02 +#define ACL_READ 0x04 + +#define ACL_UNDEFINED_TAG 0 +#define ACL_USER_OBJ 1 +#define ACL_USER 2 +#define ACL_GROUP_OBJ 3 +#define ACL_GROUP 4 +#define ACL_MASK 5 +#define ACL_OTHER 6 + +#define ACL_FIRST_ENTRY 7 +#define ACL_NEXT_ENTRY 8 + +int acl_get_perm(acl_permset_t, acl_perm_t) { return 0; } +acl_t acl_init(int) { return 0; } +int acl_free(void *) { return 0; } +int acl_valid(acl_t) { return 0; } +int acl_create_entry(acl_t *, acl_entry_t *) { return 0; } +int acl_get_entry(acl_t, int, acl_entry_t *) { return 0; } +int acl_add_perm(acl_permset_t, acl_perm_t) { return 0; } +int acl_clear_perms(acl_permset_t) { return 0; } +int acl_get_permset(acl_entry_t, acl_permset_t *) { return 0; } +int acl_set_permset(acl_entry_t, acl_permset_t) { return 0; } +void *acl_get_qualifier(acl_entry_t) { return NULL; } +int acl_set_qualifier(acl_entry_t, const void *) { return 0; } +int acl_get_tag_type(acl_entry_t, acl_tag_t *) { return 0; } +int acl_set_tag_type(acl_entry_t, acl_tag_t) { return 0; } +acl_t acl_get_fd(int) { return 0; } +int acl_set_fd(int, acl_t) { return 0; } +char *acl_to_text(acl_t, ssize_t *) { return NULL; } +acl_t acl_from_text(const char *) { return 0; } +#endif diff --git a/iceoryx2-pal/posix/src/c/posix_docs_rs.h b/iceoryx2-pal/posix/src/c/posix_docs_rs.h index a7696b7ba..ae332a66c 100644 --- a/iceoryx2-pal/posix/src/c/posix_docs_rs.h +++ b/iceoryx2-pal/posix/src/c/posix_docs_rs.h @@ -23,6 +23,7 @@ #include #include +#ifdef IOX2_DOCS_RS_SUPPORT /////////////////////////////// // stub libacl.h implementation /////////////////////////////// @@ -67,3 +68,4 @@ acl_t acl_get_fd(int) { return 0; } int acl_set_fd(int, acl_t) { return 0; } char *acl_to_text(acl_t, ssize_t *) { return NULL; } acl_t acl_from_text(const char *) { return 0; } +#endif diff --git a/iceoryx2-pal/posix/src/freebsd/acl.rs b/iceoryx2-pal/posix/src/freebsd/acl.rs index d8642e832..7749d519e 100644 --- a/iceoryx2-pal/posix/src/freebsd/acl.rs +++ b/iceoryx2-pal/posix/src/freebsd/acl.rs @@ -15,6 +15,28 @@ use crate::posix::types::*; +pub const ACL_READ: acl_perm_t = crate::internal::ACL_READ; +pub const ACL_WRITE: acl_perm_t = crate::internal::ACL_WRITE; +pub const ACL_EXECUTE: acl_perm_t = crate::internal::ACL_EXECUTE; + +pub const ACL_UNDEFINED_TAG: acl_tag_t = crate::internal::ACL_UNDEFINED_TAG as _; +pub const ACL_USER_OBJ: acl_tag_t = crate::internal::ACL_USER_OBJ as _; +pub const ACL_USER: acl_tag_t = crate::internal::ACL_USER as _; +pub const ACL_GROUP_OBJ: acl_tag_t = crate::internal::ACL_GROUP_OBJ as _; +pub const ACL_GROUP: acl_tag_t = crate::internal::ACL_GROUP as _; +pub const ACL_MASK: acl_tag_t = crate::internal::ACL_MASK as _; +pub const ACL_OTHER: acl_tag_t = crate::internal::ACL_OTHER as _; + +pub const ACL_FIRST_ENTRY: int = crate::internal::ACL_FIRST_ENTRY as _; +pub const ACL_NEXT_ENTRY: int = crate::internal::ACL_NEXT_ENTRY as _; + +pub type acl_t = crate::internal::acl_t; +pub type acl_permset_t = crate::internal::acl_permset_t; +pub type acl_entry_t = crate::internal::acl_entry_t; +pub type acl_type_t = crate::internal::acl_type_t; +pub type acl_tag_t = crate::internal::acl_tag_t; +pub type acl_perm_t = crate::internal::acl_perm_t; + pub unsafe fn acl_get_perm(permset: acl_permset_t, perm: acl_perm_t) -> int { crate::internal::acl_get_perm_np(permset, perm) } diff --git a/iceoryx2-pal/posix/src/freebsd/constants.rs b/iceoryx2-pal/posix/src/freebsd/constants.rs index 70524521c..ffcc20d1c 100644 --- a/iceoryx2-pal/posix/src/freebsd/constants.rs +++ b/iceoryx2-pal/posix/src/freebsd/constants.rs @@ -19,21 +19,6 @@ pub const CPU_SETSIZE: usize = crate::internal::CPU_SETSIZE as _; pub const FD_SETSIZE: usize = crate::internal::FD_SETSIZE as _; pub const NULL_TERMINATOR: char = 0; -pub const ACL_READ: acl_perm_t = crate::internal::ACL_READ; -pub const ACL_WRITE: acl_perm_t = crate::internal::ACL_WRITE; -pub const ACL_EXECUTE: acl_perm_t = crate::internal::ACL_EXECUTE; - -pub const ACL_UNDEFINED_TAG: acl_tag_t = crate::internal::ACL_UNDEFINED_TAG as _; -pub const ACL_USER_OBJ: acl_tag_t = crate::internal::ACL_USER_OBJ as _; -pub const ACL_USER: acl_tag_t = crate::internal::ACL_USER as _; -pub const ACL_GROUP_OBJ: acl_tag_t = crate::internal::ACL_GROUP_OBJ as _; -pub const ACL_GROUP: acl_tag_t = crate::internal::ACL_GROUP as _; -pub const ACL_MASK: acl_tag_t = crate::internal::ACL_MASK as _; -pub const ACL_OTHER: acl_tag_t = crate::internal::ACL_OTHER as _; - -pub const ACL_FIRST_ENTRY: int = crate::internal::ACL_FIRST_ENTRY as _; -pub const ACL_NEXT_ENTRY: int = crate::internal::ACL_NEXT_ENTRY as _; - pub const O_RDONLY: int = crate::internal::O_RDONLY as _; pub const O_WRONLY: int = crate::internal::O_WRONLY as _; pub const O_RDWR: int = crate::internal::O_RDWR as _; diff --git a/iceoryx2-pal/posix/src/freebsd/mod.rs b/iceoryx2-pal/posix/src/freebsd/mod.rs index 55b8b4521..8343dd9cb 100644 --- a/iceoryx2-pal/posix/src/freebsd/mod.rs +++ b/iceoryx2-pal/posix/src/freebsd/mod.rs @@ -10,6 +10,7 @@ // // SPDX-License-Identifier: Apache-2.0 OR MIT +#[cfg(feature = "acl")] pub mod acl; pub mod constants; pub mod dirent; @@ -35,6 +36,7 @@ pub mod time; pub mod types; pub mod unistd; +#[cfg(feature = "acl")] pub use crate::freebsd::acl::*; pub use crate::freebsd::constants::*; pub use crate::freebsd::dirent::*; diff --git a/iceoryx2-pal/posix/src/freebsd/types.rs b/iceoryx2-pal/posix/src/freebsd/types.rs index c51fd9317..d9dbbc627 100644 --- a/iceoryx2-pal/posix/src/freebsd/types.rs +++ b/iceoryx2-pal/posix/src/freebsd/types.rs @@ -62,13 +62,6 @@ pub type uint = crate::internal::uint; pub type ushort = crate::internal::ushort; pub type void = core::ffi::c_void; -pub type acl_t = crate::internal::acl_t; -pub type acl_permset_t = crate::internal::acl_permset_t; -pub type acl_entry_t = crate::internal::acl_entry_t; -pub type acl_type_t = crate::internal::acl_type_t; -pub type acl_tag_t = crate::internal::acl_tag_t; -pub type acl_perm_t = crate::internal::acl_perm_t; - pub type sigset_t = crate::internal::sigset_t; impl Struct for sigset_t {} diff --git a/iceoryx2-pal/posix/src/linux/acl.rs b/iceoryx2-pal/posix/src/linux/acl.rs index e77165b5c..411ae883f 100644 --- a/iceoryx2-pal/posix/src/linux/acl.rs +++ b/iceoryx2-pal/posix/src/linux/acl.rs @@ -15,6 +15,28 @@ use crate::posix::types::*; +pub const ACL_READ: acl_perm_t = crate::internal::ACL_READ; +pub const ACL_WRITE: acl_perm_t = crate::internal::ACL_WRITE; +pub const ACL_EXECUTE: acl_perm_t = crate::internal::ACL_EXECUTE; + +pub const ACL_UNDEFINED_TAG: acl_tag_t = crate::internal::ACL_UNDEFINED_TAG as _; +pub const ACL_USER_OBJ: acl_tag_t = crate::internal::ACL_USER_OBJ as _; +pub const ACL_USER: acl_tag_t = crate::internal::ACL_USER as _; +pub const ACL_GROUP_OBJ: acl_tag_t = crate::internal::ACL_GROUP_OBJ as _; +pub const ACL_GROUP: acl_tag_t = crate::internal::ACL_GROUP as _; +pub const ACL_MASK: acl_tag_t = crate::internal::ACL_MASK as _; +pub const ACL_OTHER: acl_tag_t = crate::internal::ACL_OTHER as _; + +pub const ACL_FIRST_ENTRY: int = crate::internal::ACL_FIRST_ENTRY as _; +pub const ACL_NEXT_ENTRY: int = crate::internal::ACL_NEXT_ENTRY as _; + +pub type acl_t = crate::internal::acl_t; +pub type acl_permset_t = crate::internal::acl_permset_t; +pub type acl_entry_t = crate::internal::acl_entry_t; +pub type acl_type_t = crate::internal::acl_type_t; +pub type acl_tag_t = crate::internal::acl_tag_t; +pub type acl_perm_t = crate::internal::acl_perm_t; + pub unsafe fn acl_get_perm(permset: acl_permset_t, perm: acl_perm_t) -> int { crate::internal::acl_get_perm(permset, perm) } diff --git a/iceoryx2-pal/posix/src/linux/constants.rs b/iceoryx2-pal/posix/src/linux/constants.rs index 273f78d9f..d6977df65 100644 --- a/iceoryx2-pal/posix/src/linux/constants.rs +++ b/iceoryx2-pal/posix/src/linux/constants.rs @@ -19,21 +19,6 @@ pub const CPU_SETSIZE: usize = crate::internal::__CPU_SETSIZE as _; pub const FD_SETSIZE: usize = crate::internal::FD_SETSIZE as _; pub const NULL_TERMINATOR: char = 0; -pub const ACL_READ: acl_perm_t = crate::internal::ACL_READ; -pub const ACL_WRITE: acl_perm_t = crate::internal::ACL_WRITE; -pub const ACL_EXECUTE: acl_perm_t = crate::internal::ACL_EXECUTE; - -pub const ACL_UNDEFINED_TAG: acl_tag_t = crate::internal::ACL_UNDEFINED_TAG as _; -pub const ACL_USER_OBJ: acl_tag_t = crate::internal::ACL_USER_OBJ as _; -pub const ACL_USER: acl_tag_t = crate::internal::ACL_USER as _; -pub const ACL_GROUP_OBJ: acl_tag_t = crate::internal::ACL_GROUP_OBJ as _; -pub const ACL_GROUP: acl_tag_t = crate::internal::ACL_GROUP as _; -pub const ACL_MASK: acl_tag_t = crate::internal::ACL_MASK as _; -pub const ACL_OTHER: acl_tag_t = crate::internal::ACL_OTHER as _; - -pub const ACL_FIRST_ENTRY: int = crate::internal::ACL_FIRST_ENTRY as _; -pub const ACL_NEXT_ENTRY: int = crate::internal::ACL_NEXT_ENTRY as _; - pub const O_RDONLY: int = crate::internal::O_RDONLY as _; pub const O_WRONLY: int = crate::internal::O_WRONLY as _; pub const O_RDWR: int = crate::internal::O_RDWR as _; diff --git a/iceoryx2-pal/posix/src/linux/mod.rs b/iceoryx2-pal/posix/src/linux/mod.rs index 79140044d..1fa0831c9 100644 --- a/iceoryx2-pal/posix/src/linux/mod.rs +++ b/iceoryx2-pal/posix/src/linux/mod.rs @@ -10,6 +10,7 @@ // // SPDX-License-Identifier: Apache-2.0 OR MIT +#[cfg(feature = "acl")] pub mod acl; pub mod constants; pub mod dirent; @@ -35,6 +36,7 @@ pub mod time; pub mod types; pub mod unistd; +#[cfg(feature = "acl")] pub use crate::linux::acl::*; pub use crate::linux::constants::*; pub use crate::linux::dirent::*; diff --git a/iceoryx2-pal/posix/src/linux/types.rs b/iceoryx2-pal/posix/src/linux/types.rs index ab9cc66d7..d23f48c05 100644 --- a/iceoryx2-pal/posix/src/linux/types.rs +++ b/iceoryx2-pal/posix/src/linux/types.rs @@ -60,13 +60,6 @@ pub type uint = crate::internal::uint; pub type ushort = crate::internal::ushort; pub type void = core::ffi::c_void; -pub type acl_t = crate::internal::acl_t; -pub type acl_permset_t = crate::internal::acl_permset_t; -pub type acl_entry_t = crate::internal::acl_entry_t; -pub type acl_type_t = crate::internal::acl_type_t; -pub type acl_tag_t = crate::internal::acl_tag_t; -pub type acl_perm_t = crate::internal::acl_perm_t; - pub type sigset_t = crate::internal::sigset_t; impl Struct for sigset_t {} diff --git a/iceoryx2-pal/posix/src/macos/acl.rs b/iceoryx2-pal/posix/src/macos/acl.rs index 267b9adfb..fe5251804 100644 --- a/iceoryx2-pal/posix/src/macos/acl.rs +++ b/iceoryx2-pal/posix/src/macos/acl.rs @@ -15,6 +15,28 @@ use crate::posix::types::*; +pub const ACL_READ: acl_perm_t = 1; +pub const ACL_WRITE: acl_perm_t = 2; +pub const ACL_EXECUTE: acl_perm_t = 4; + +pub const ACL_UNDEFINED_TAG: acl_tag_t = 1; +pub const ACL_USER_OBJ: acl_tag_t = 2; +pub const ACL_USER: acl_tag_t = 4; +pub const ACL_GROUP_OBJ: acl_tag_t = 8; +pub const ACL_GROUP: acl_tag_t = 16; +pub const ACL_MASK: acl_tag_t = 32; +pub const ACL_OTHER: acl_tag_t = 64; + +pub const ACL_FIRST_ENTRY: int = 128; +pub const ACL_NEXT_ENTRY: int = 256; + +pub type acl_t = usize; +pub type acl_permset_t = usize; +pub type acl_entry_t = usize; +pub type acl_type_t = usize; +pub type acl_tag_t = usize; +pub type acl_perm_t = u32; + pub unsafe fn acl_get_perm(_permset: acl_permset_t, _perm: acl_perm_t) -> int { -1 } diff --git a/iceoryx2-pal/posix/src/macos/constants.rs b/iceoryx2-pal/posix/src/macos/constants.rs index dfdd90595..dbd2c196b 100644 --- a/iceoryx2-pal/posix/src/macos/constants.rs +++ b/iceoryx2-pal/posix/src/macos/constants.rs @@ -21,21 +21,6 @@ pub const FD_SETSIZE: usize = crate::internal::FD_SETSIZE as _; pub const THREAD_NAME_LENGTH: usize = 16; pub const NULL_TERMINATOR: char = 0; -pub const ACL_READ: acl_perm_t = 1; -pub const ACL_WRITE: acl_perm_t = 2; -pub const ACL_EXECUTE: acl_perm_t = 4; - -pub const ACL_UNDEFINED_TAG: acl_tag_t = 1; -pub const ACL_USER_OBJ: acl_tag_t = 2; -pub const ACL_USER: acl_tag_t = 4; -pub const ACL_GROUP_OBJ: acl_tag_t = 8; -pub const ACL_GROUP: acl_tag_t = 16; -pub const ACL_MASK: acl_tag_t = 32; -pub const ACL_OTHER: acl_tag_t = 64; - -pub const ACL_FIRST_ENTRY: int = 128; -pub const ACL_NEXT_ENTRY: int = 256; - pub const O_RDONLY: int = crate::internal::O_RDONLY as _; pub const O_WRONLY: int = crate::internal::O_WRONLY as _; pub const O_RDWR: int = crate::internal::O_RDWR as _; diff --git a/iceoryx2-pal/posix/src/macos/mod.rs b/iceoryx2-pal/posix/src/macos/mod.rs index 73526134e..0501a1e49 100644 --- a/iceoryx2-pal/posix/src/macos/mod.rs +++ b/iceoryx2-pal/posix/src/macos/mod.rs @@ -10,6 +10,7 @@ // // SPDX-License-Identifier: Apache-2.0 OR MIT +#[cfg(feature = "acl")] pub mod acl; pub mod constants; pub mod dirent; @@ -36,6 +37,7 @@ pub mod time; pub mod types; pub mod unistd; +#[cfg(feature = "acl")] pub use crate::macos::acl::*; pub use crate::macos::constants::*; pub use crate::macos::dirent::*; diff --git a/iceoryx2-pal/posix/src/macos/types.rs b/iceoryx2-pal/posix/src/macos/types.rs index 598ff1e56..26ba8ccde 100644 --- a/iceoryx2-pal/posix/src/macos/types.rs +++ b/iceoryx2-pal/posix/src/macos/types.rs @@ -65,13 +65,6 @@ pub type uint = crate::internal::uint; pub type ushort = crate::internal::ushort; pub type void = core::ffi::c_void; -pub type acl_t = usize; -pub type acl_permset_t = usize; -pub type acl_entry_t = usize; -pub type acl_type_t = usize; -pub type acl_tag_t = usize; -pub type acl_perm_t = u32; - pub type sigset_t = crate::internal::sigset_t; impl Struct for sigset_t {} diff --git a/iceoryx2-pal/posix/src/windows/acl.rs b/iceoryx2-pal/posix/src/windows/acl.rs index 2b6e5d129..c80042af5 100644 --- a/iceoryx2-pal/posix/src/windows/acl.rs +++ b/iceoryx2-pal/posix/src/windows/acl.rs @@ -16,6 +16,31 @@ use crate::posix::types::*; +pub const ACL_READ: acl_perm_t = 1; +pub const ACL_WRITE: acl_perm_t = 2; +pub const ACL_EXECUTE: acl_perm_t = 4; + +pub const ACL_UNDEFINED_TAG: acl_tag_t = 0; +pub const ACL_USER_OBJ: acl_tag_t = 1; +pub const ACL_USER: acl_tag_t = 2; +pub const ACL_GROUP_OBJ: acl_tag_t = 4; +pub const ACL_GROUP: acl_tag_t = 8; +pub const ACL_MASK: acl_tag_t = 16; +pub const ACL_OTHER: acl_tag_t = 32; + +pub const ACL_FIRST_ENTRY: int = 0; +pub const ACL_NEXT_ENTRY: int = 1; + +pub type acl_t = u64; +pub type acl_permset_t = u64; +pub type acl_entry_t = u64; + +pub struct acl_type_t {} +impl Struct for acl_type_t {} + +pub type acl_tag_t = u64; +pub type acl_perm_t = u32; + pub unsafe fn acl_get_perm(permset: acl_permset_t, perm: acl_perm_t) -> int { -1 } diff --git a/iceoryx2-pal/posix/src/windows/constants.rs b/iceoryx2-pal/posix/src/windows/constants.rs index f79e139f2..61e4d8863 100644 --- a/iceoryx2-pal/posix/src/windows/constants.rs +++ b/iceoryx2-pal/posix/src/windows/constants.rs @@ -20,21 +20,6 @@ pub const MAX_NUMBER_OF_THREADS: usize = 1024; pub const FD_SETSIZE: usize = windows_sys::Win32::Networking::WinSock::FD_SETSIZE as _; pub const NULL_TERMINATOR: char = 0; -pub const ACL_READ: acl_perm_t = 1; -pub const ACL_WRITE: acl_perm_t = 2; -pub const ACL_EXECUTE: acl_perm_t = 4; - -pub const ACL_UNDEFINED_TAG: acl_tag_t = 0; -pub const ACL_USER_OBJ: acl_tag_t = 1; -pub const ACL_USER: acl_tag_t = 2; -pub const ACL_GROUP_OBJ: acl_tag_t = 4; -pub const ACL_GROUP: acl_tag_t = 8; -pub const ACL_MASK: acl_tag_t = 16; -pub const ACL_OTHER: acl_tag_t = 32; - -pub const ACL_FIRST_ENTRY: int = 0; -pub const ACL_NEXT_ENTRY: int = 1; - pub const O_RDONLY: int = 1; pub const O_WRONLY: int = 2; pub const O_RDWR: int = 4; diff --git a/iceoryx2-pal/posix/src/windows/mod.rs b/iceoryx2-pal/posix/src/windows/mod.rs index 81109664f..58fc74868 100644 --- a/iceoryx2-pal/posix/src/windows/mod.rs +++ b/iceoryx2-pal/posix/src/windows/mod.rs @@ -10,6 +10,7 @@ // // SPDX-License-Identifier: Apache-2.0 OR MIT +#[cfg(feature = "acl")] pub mod acl; pub mod constants; pub mod dirent; @@ -42,6 +43,7 @@ pub mod win32_handle_translator; pub mod win32_security_attributes; mod win32_udp_port_to_uds_name; +#[cfg(feature = "acl")] pub use crate::windows::acl::*; pub use crate::windows::constants::*; pub use crate::windows::dirent::*; diff --git a/iceoryx2-pal/posix/src/windows/types.rs b/iceoryx2-pal/posix/src/windows/types.rs index 76f6dce8e..7c7cb95f8 100644 --- a/iceoryx2-pal/posix/src/windows/types.rs +++ b/iceoryx2-pal/posix/src/windows/types.rs @@ -63,16 +63,6 @@ pub type ushort = u16; pub type ulong = u64; pub type void = core::ffi::c_void; -pub type acl_t = u64; -pub type acl_permset_t = u64; -pub type acl_entry_t = u64; - -pub struct acl_type_t {} -impl Struct for acl_type_t {} - -pub type acl_tag_t = u64; -pub type acl_perm_t = u32; - #[derive(Clone, Copy)] pub struct sigset_t {} impl Struct for sigset_t {}