From bc5adfcada84b004f3978f3187e66c3b18d49569 Mon Sep 17 00:00:00 2001 From: denisonbarbosa Date: Thu, 7 Sep 2023 10:43:53 -0400 Subject: [PATCH 1/3] Update gitignore to also ignore Rust targets --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 4b1146e24..123518cbe 100644 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,7 @@ cmd/authd/authd pam/pam_authd.h pam/pam +target/ # Test binary, built with `go test -c` *.test From 923e25c90e829f991f8fc5fbc8bc6252b8f59753 Mon Sep 17 00:00:00 2001 From: denisonbarbosa Date: Thu, 7 Sep 2023 10:46:33 -0400 Subject: [PATCH 2/3] Add Rust crate to act as the NSS client --- Cargo.lock | 1358 +++++++++++++++++++++++++++++++++++++++++ Cargo.toml | 7 + nss/Cargo.toml | 32 + nss/build.rs | 6 + nss/src/client/mod.rs | 25 + nss/src/group/mod.rs | 107 ++++ nss/src/lib.rs | 58 ++ nss/src/logs/mod.rs | 76 +++ nss/src/passwd/mod.rs | 110 ++++ nss/src/shadow/mod.rs | 85 +++ 10 files changed, 1864 insertions(+) create mode 100644 Cargo.lock create mode 100644 Cargo.toml create mode 100644 nss/Cargo.toml create mode 100644 nss/build.rs create mode 100644 nss/src/client/mod.rs create mode 100644 nss/src/group/mod.rs create mode 100644 nss/src/lib.rs create mode 100644 nss/src/logs/mod.rs create mode 100644 nss/src/passwd/mod.rs create mode 100644 nss/src/shadow/mod.rs diff --git a/Cargo.lock b/Cargo.lock new file mode 100644 index 000000000..749952688 --- /dev/null +++ b/Cargo.lock @@ -0,0 +1,1358 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "addr2line" +version = "0.21.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a30b2e23b9e17a9f90641c7ab1549cd9b44f296d3ccbf309d2863cfe398a0cb" +dependencies = [ + "gimli", +] + +[[package]] +name = "adler" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" + +[[package]] +name = "aho-corasick" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c378d78423fdad8089616f827526ee33c19f2fddbd5de1629152c9593ba4783" +dependencies = [ + "memchr", +] + +[[package]] +name = "anyhow" +version = "1.0.75" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4668cab20f66d8d020e1fbc0ebe47217433c1b6c8f2040faf858554e394ace6" + +[[package]] +name = "async-stream" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cd56dd203fef61ac097dd65721a419ddccb106b2d2b70ba60a6b529f03961a51" +dependencies = [ + "async-stream-impl", + "futures-core", + "pin-project-lite", +] + +[[package]] +name = "async-stream-impl" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "16e62a023e7c117e27523144c5d2459f4397fcc3cab0085af8e2224f643a0193" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "async-trait" +version = "0.1.73" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bc00ceb34980c03614e35a3a4e218276a0a824e911d07651cd0d858a51e8c0f0" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "autocfg" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" + +[[package]] +name = "axum" +version = "0.6.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b829e4e32b91e643de6eafe82b1d90675f5874230191a4ffbc1b336dec4d6bf" +dependencies = [ + "async-trait", + "axum-core", + "bitflags 1.3.2", + "bytes", + "futures-util", + "http", + "http-body", + "hyper", + "itoa", + "matchit", + "memchr", + "mime", + "percent-encoding", + "pin-project-lite", + "rustversion", + "serde", + "sync_wrapper", + "tower", + "tower-layer", + "tower-service", +] + +[[package]] +name = "axum-core" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "759fa577a247914fd3f7f76d62972792636412fbfd634cd452f6a385a74d2d2c" +dependencies = [ + "async-trait", + "bytes", + "futures-util", + "http", + "http-body", + "mime", + "rustversion", + "tower-layer", + "tower-service", +] + +[[package]] +name = "backtrace" +version = "0.3.69" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2089b7e3f35b9dd2d0ed921ead4f6d318c27680d4a5bd167b3ee120edb105837" +dependencies = [ + "addr2line", + "cc", + "cfg-if", + "libc", + "miniz_oxide", + "object", + "rustc-demangle", +] + +[[package]] +name = "base64" +version = "0.21.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "414dcefbc63d77c526a76b3afcf6fbb9b5e2791c19c3aa2297733208750c6e53" + +[[package]] +name = "bitflags" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + +[[package]] +name = "bitflags" +version = "2.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b4682ae6287fcf752ecaabbfcc7b6f9b72aa33933dc23a554d853aea8eea8635" + +[[package]] +name = "bytes" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a2bd12c1caf447e69cd4528f47f94d203fd2582878ecb9e9465484c4148a8223" + +[[package]] +name = "cc" +version = "1.0.83" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1174fb0b6ec23863f8b971027804a42614e347eafb0a95bf0b12cdae21fc4d0" +dependencies = [ + "libc", +] + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "colored" +version = "2.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2674ec482fbc38012cf31e6c42ba0177b431a0cb6f15fe40efa5aab1bda516f6" +dependencies = [ + "is-terminal", + "lazy_static", + "windows-sys 0.48.0", +] + +[[package]] +name = "ctor" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f34ba9a9bcb8645379e9de8cb3ecfcf4d1c85ba66d90deb3259206fa5aa193b" +dependencies = [ + "quote", + "syn", +] + +[[package]] +name = "deranged" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2696e8a945f658fd14dc3b87242e6b80cd0f36ff04ea560fa39082368847946" + +[[package]] +name = "either" +version = "1.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a26ae43d7bcc3b814de94796a5e736d4029efb0ee900c12e2d54c993ad1a1e07" + +[[package]] +name = "equivalent" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" + +[[package]] +name = "errno" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "136526188508e25c6fef639d7927dfb3e0e3084488bf202267829cf7fc23dbdd" +dependencies = [ + "errno-dragonfly", + "libc", + "windows-sys 0.48.0", +] + +[[package]] +name = "errno-dragonfly" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf" +dependencies = [ + "cc", + "libc", +] + +[[package]] +name = "error-chain" +version = "0.12.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2d2f06b9cac1506ece98fe3231e3cc9c4410ec3d5b1f24ae1c8946f0742cdefc" +dependencies = [ + "version_check", +] + +[[package]] +name = "fastrand" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6999dc1837253364c2ebb0704ba97994bd874e8f195d665c50b7548f6ea92764" + +[[package]] +name = "fixedbitset" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80" + +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + +[[package]] +name = "futures-channel" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "955518d47e09b25bbebc7a18df10b81f0c766eaf4c4f1cccef2fca5f2a4fb5f2" +dependencies = [ + "futures-core", +] + +[[package]] +name = "futures-core" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4bca583b7e26f571124fe5b7561d49cb2868d79116cfa0eefce955557c6fee8c" + +[[package]] +name = "futures-sink" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f43be4fe21a13b9781a69afa4985b0f6ee0e1afab2c6f454a8cf30e2b2237b6e" + +[[package]] +name = "futures-task" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "76d3d132be6c0e6aa1534069c705a74a5997a356c0dc2f86a47765e5617c5b65" + +[[package]] +name = "futures-util" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26b01e40b772d54cf6c6d721c1d1abd0647a0106a12ecaa1c186273392a69533" +dependencies = [ + "futures-core", + "futures-task", + "pin-project-lite", + "pin-utils", +] + +[[package]] +name = "getrandom" +version = "0.2.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427" +dependencies = [ + "cfg-if", + "libc", + "wasi", +] + +[[package]] +name = "gimli" +version = "0.28.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6fb8d784f27acf97159b40fc4db5ecd8aa23b9ad5ef69cdd136d3bc80665f0c0" + +[[package]] +name = "h2" +version = "0.3.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "91fc23aa11be92976ef4729127f1a74adf36d8436f7816b185d18df956790833" +dependencies = [ + "bytes", + "fnv", + "futures-core", + "futures-sink", + "futures-util", + "http", + "indexmap 1.9.3", + "slab", + "tokio", + "tokio-util", + "tracing", +] + +[[package]] +name = "hashbrown" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" + +[[package]] +name = "hashbrown" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c6201b9ff9fd90a5a3bac2e56a830d0caa509576f0e503818ee82c181b3437a" + +[[package]] +name = "heck" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8" + +[[package]] +name = "hermit-abi" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "443144c8cdadd93ebf52ddb4056d257f5b52c04d3c804e657d19eb73fc33668b" + +[[package]] +name = "home" +version = "0.5.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5444c27eef6923071f7ebcc33e3444508466a76f7a2b93da00ed6e19f30c1ddb" +dependencies = [ + "windows-sys 0.48.0", +] + +[[package]] +name = "hostname" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c731c3e10504cc8ed35cfe2f1db4c9274c3d35fa486e3b31df46f068ef3e867" +dependencies = [ + "libc", + "match_cfg", + "winapi", +] + +[[package]] +name = "http" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd6effc99afb63425aff9b05836f029929e345a6148a14b7ecd5ab67af944482" +dependencies = [ + "bytes", + "fnv", + "itoa", +] + +[[package]] +name = "http-body" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5f38f16d184e36f2408a55281cd658ecbd3ca05cce6d6510a176eca393e26d1" +dependencies = [ + "bytes", + "http", + "pin-project-lite", +] + +[[package]] +name = "httparse" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d897f394bad6a705d5f4104762e116a75639e470d80901eed05a860a95cb1904" + +[[package]] +name = "httpdate" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" + +[[package]] +name = "hyper" +version = "0.14.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffb1cfd654a8219eaef89881fdb3bb3b1cdc5fa75ded05d6933b2b382e395468" +dependencies = [ + "bytes", + "futures-channel", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "httparse", + "httpdate", + "itoa", + "pin-project-lite", + "socket2 0.4.9", + "tokio", + "tower-service", + "tracing", + "want", +] + +[[package]] +name = "hyper-timeout" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbb958482e8c7be4bc3cf272a766a2b0bf1a6755e7a6ae777f017a31d11b13b1" +dependencies = [ + "hyper", + "pin-project-lite", + "tokio", + "tokio-io-timeout", +] + +[[package]] +name = "indexmap" +version = "1.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" +dependencies = [ + "autocfg", + "hashbrown 0.12.3", +] + +[[package]] +name = "indexmap" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5477fe2230a79769d8dc68e0eabf5437907c0457a5614a9e8dddb67f65eb65d" +dependencies = [ + "equivalent", + "hashbrown 0.14.0", +] + +[[package]] +name = "is-terminal" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb0889898416213fab133e1d33a0e5858a48177452750691bde3666d0fdbaf8b" +dependencies = [ + "hermit-abi", + "rustix", + "windows-sys 0.48.0", +] + +[[package]] +name = "itertools" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b1c173a5686ce8bfa551b3563d0c2170bf24ca44da99c7ca4bfdab5418c3fe57" +dependencies = [ + "either", +] + +[[package]] +name = "itoa" +version = "1.0.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af150ab688ff2122fcef229be89cb50dd66af9e01a4ff320cc137eecc9bacc38" + +[[package]] +name = "lazy_static" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" + +[[package]] +name = "libc" +version = "0.2.147" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" + +[[package]] +name = "libnss" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41bcbddc10dc229d4119553cc8dc61968cdd134286a4669ba31184f8e9efa442" +dependencies = [ + "lazy_static", + "libc", + "paste", +] + +[[package]] +name = "linux-raw-sys" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57bcfdad1b858c2db7c38303a6d2ad4dfaf5eb53dfeb0910128b2c26d6158503" + +[[package]] +name = "log" +version = "0.4.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f" + +[[package]] +name = "match_cfg" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffbee8634e0d45d258acb448e7eaab3fce7a0a467395d4d9f228e3c1f01fb2e4" + +[[package]] +name = "matchit" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed1202b2a6f884ae56f04cff409ab315c5ce26b5e58d7412e484f01fd52f52ef" + +[[package]] +name = "memchr" +version = "2.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f232d6ef707e1956a43342693d2a31e72989554d58299d7a88738cc95b0d35c" + +[[package]] +name = "mime" +version = "0.3.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" + +[[package]] +name = "miniz_oxide" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7810e0be55b428ada41041c41f32c9f1a42817901b4ccf45fa3d4b6561e74c7" +dependencies = [ + "adler", +] + +[[package]] +name = "mio" +version = "0.8.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "927a765cd3fc26206e66b296465fa9d3e5ab003e651c1b3c060e7956d96b19d2" +dependencies = [ + "libc", + "wasi", + "windows-sys 0.48.0", +] + +[[package]] +name = "multimap" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e5ce46fe64a9d73be07dcbe690a38ce1b293be448fd8ce1e6c1b8062c9f72c6a" + +[[package]] +name = "nss" +version = "0.1.0" +dependencies = [ + "ctor", + "lazy_static", + "libc", + "libnss", + "log", + "paste", + "prost", + "simple_logger", + "syslog", + "tokio", + "tonic", + "tonic-build", + "tower", +] + +[[package]] +name = "num_cpus" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43" +dependencies = [ + "hermit-abi", + "libc", +] + +[[package]] +name = "num_threads" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44" +dependencies = [ + "libc", +] + +[[package]] +name = "object" +version = "0.32.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9cf5f9dd3933bd50a9e1f149ec995f39ae2c496d31fd772c1fd45ebc27e902b0" +dependencies = [ + "memchr", +] + +[[package]] +name = "once_cell" +version = "1.18.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" + +[[package]] +name = "paste" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c" + +[[package]] +name = "percent-encoding" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b2a4787296e9989611394c33f193f676704af1686e70b8f8033ab5ba9a35a94" + +[[package]] +name = "petgraph" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e1d3afd2628e69da2be385eb6f2fd57c8ac7977ceeff6dc166ff1657b0e386a9" +dependencies = [ + "fixedbitset", + "indexmap 2.0.0", +] + +[[package]] +name = "pin-project" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fda4ed1c6c173e3fc7a83629421152e01d7b1f9b7f65fb301e490e8cfc656422" +dependencies = [ + "pin-project-internal", +] + +[[package]] +name = "pin-project-internal" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4359fd9c9171ec6e8c62926d6faaf553a8dc3f64e1507e76da7911b4f6a04405" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "pin-project-lite" +version = "0.2.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8afb450f006bf6385ca15ef45d71d2288452bc3683ce2e2cacc0d18e4be60b58" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "ppv-lite86" +version = "0.2.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" + +[[package]] +name = "prettyplease" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8832c0f9be7e3cae60727e6256cfd2cd3c3e2b6cd5dad4190ecb2fd658c9030b" +dependencies = [ + "proc-macro2", + "syn", +] + +[[package]] +name = "proc-macro2" +version = "1.0.66" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "prost" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa8473a65b88506c106c28ae905ca4a2b83a2993640467a41bb3080627ddfd2c" +dependencies = [ + "bytes", + "prost-derive", +] + +[[package]] +name = "prost-build" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "30d3e647e9eb04ddfef78dfee2d5b3fefdf94821c84b710a3d8ebc89ede8b164" +dependencies = [ + "bytes", + "heck", + "itertools", + "log", + "multimap", + "once_cell", + "petgraph", + "prettyplease", + "prost", + "prost-types", + "regex", + "syn", + "tempfile", + "which", +] + +[[package]] +name = "prost-derive" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56075c27b20ae524d00f247b8a4dc333e5784f889fe63099f8e626bc8d73486c" +dependencies = [ + "anyhow", + "itertools", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "prost-types" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cebe0a918c97f86c217b0f76fd754e966f8b9f41595095cf7d74cb4e59d730f6" +dependencies = [ + "prost", +] + +[[package]] +name = "quote" +version = "1.0.33" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "libc", + "rand_chacha", + "rand_core", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom", +] + +[[package]] +name = "redox_syscall" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "567664f262709473930a4bf9e51bf2ebf3348f2e748ccc50dea20646858f8f29" +dependencies = [ + "bitflags 1.3.2", +] + +[[package]] +name = "regex" +version = "1.9.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "697061221ea1b4a94a624f67d0ae2bfe4e22b8a17b6a192afb11046542cc8c47" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata", + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c2f401f4955220693b56f8ec66ee9c78abffd8d1c4f23dc41a23839eb88f0795" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dbb5fb1acd8a1a18b3dd5be62d25485eb770e05afb408a9627d14d451bae12da" + +[[package]] +name = "rustc-demangle" +version = "0.1.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d626bb9dae77e28219937af045c257c28bfd3f69333c512553507f5f9798cb76" + +[[package]] +name = "rustix" +version = "0.38.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0c3dde1fc030af041adc40e79c0e7fbcf431dd24870053d187d7c66e4b87453" +dependencies = [ + "bitflags 2.4.0", + "errno", + "libc", + "linux-raw-sys", + "windows-sys 0.48.0", +] + +[[package]] +name = "rustversion" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ffc183a10b4478d04cbbbfc96d0873219d962dd5accaff2ffbd4ceb7df837f4" + +[[package]] +name = "serde" +version = "1.0.188" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf9e0fcba69a370eed61bcf2b728575f726b50b55cba78064753d708ddc7549e" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_derive" +version = "1.0.188" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4eca7ac642d82aa35b60049a6eccb4be6be75e599bd2e9adb5f875a737654af2" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "simple_logger" +version = "4.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2230cd5c29b815c9b699fb610b49a5ed65588f3509d9f0108be3a885da629333" +dependencies = [ + "colored", + "log", + "time", + "windows-sys 0.42.0", +] + +[[package]] +name = "slab" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f92a496fb766b417c996b9c5e57daf2f7ad3b0bebe1ccfca4856390e3d3bb67" +dependencies = [ + "autocfg", +] + +[[package]] +name = "socket2" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64a4a911eed85daf18834cfaa86a79b7d266ff93ff5ba14005426219480ed662" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "socket2" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2538b18701741680e0322a2302176d3253a35388e2e62f172f64f4f16605f877" +dependencies = [ + "libc", + "windows-sys 0.48.0", +] + +[[package]] +name = "syn" +version = "2.0.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "718fa2415bcb8d8bd775917a1bf12a7931b6dfa890753378538118181e0cb398" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "sync_wrapper" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160" + +[[package]] +name = "syslog" +version = "6.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7434e95bcccce1215d30f4bf84fe8c00e8de1b9be4fb736d747ca53d36e7f96f" +dependencies = [ + "error-chain", + "hostname", + "libc", + "log", + "time", +] + +[[package]] +name = "tempfile" +version = "3.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb94d2f3cc536af71caac6b6fcebf65860b347e7ce0cc9ebe8f70d3e521054ef" +dependencies = [ + "cfg-if", + "fastrand", + "redox_syscall", + "rustix", + "windows-sys 0.48.0", +] + +[[package]] +name = "time" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17f6bb557fd245c28e6411aa56b6403c689ad95061f50e4be16c274e70a17e48" +dependencies = [ + "deranged", + "itoa", + "libc", + "num_threads", + "serde", + "time-core", + "time-macros", +] + +[[package]] +name = "time-core" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb" + +[[package]] +name = "time-macros" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a942f44339478ef67935ab2bbaec2fb0322496cf3cbe84b261e06ac3814c572" +dependencies = [ + "time-core", +] + +[[package]] +name = "tokio" +version = "1.32.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17ed6077ed6cd6c74735e21f37eb16dc3935f96878b1fe961074089cc80893f9" +dependencies = [ + "backtrace", + "bytes", + "libc", + "mio", + "num_cpus", + "pin-project-lite", + "socket2 0.5.3", + "tokio-macros", + "windows-sys 0.48.0", +] + +[[package]] +name = "tokio-io-timeout" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "30b74022ada614a1b4834de765f9bb43877f910cc8ce4be40e89042c9223a8bf" +dependencies = [ + "pin-project-lite", + "tokio", +] + +[[package]] +name = "tokio-macros" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tokio-stream" +version = "0.1.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "397c988d37662c7dda6d2208364a706264bf3d6138b11d436cbac0ad38832842" +dependencies = [ + "futures-core", + "pin-project-lite", + "tokio", +] + +[[package]] +name = "tokio-util" +version = "0.7.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "806fe8c2c87eccc8b3267cbae29ed3ab2d0bd37fca70ab622e46aaa9375ddb7d" +dependencies = [ + "bytes", + "futures-core", + "futures-sink", + "pin-project-lite", + "tokio", + "tracing", +] + +[[package]] +name = "tonic" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5469afaf78a11265c343a88969045c1568aa8ecc6c787dbf756e92e70f199861" +dependencies = [ + "async-stream", + "async-trait", + "axum", + "base64", + "bytes", + "h2", + "http", + "http-body", + "hyper", + "hyper-timeout", + "percent-encoding", + "pin-project", + "prost", + "tokio", + "tokio-stream", + "tower", + "tower-layer", + "tower-service", + "tracing", +] + +[[package]] +name = "tonic-build" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b477abbe1d18c0b08f56cd01d1bc288668c5b5cfd19b2ae1886bbf599c546f1" +dependencies = [ + "prettyplease", + "proc-macro2", + "prost-build", + "quote", + "syn", +] + +[[package]] +name = "tower" +version = "0.4.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8fa9be0de6cf49e536ce1851f987bd21a43b771b09473c3549a6c853db37c1c" +dependencies = [ + "futures-core", + "futures-util", + "indexmap 1.9.3", + "pin-project", + "pin-project-lite", + "rand", + "slab", + "tokio", + "tokio-util", + "tower-layer", + "tower-service", + "tracing", +] + +[[package]] +name = "tower-layer" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c20c8dbed6283a09604c3e69b4b7eeb54e298b8a600d4d5ecb5ad39de609f1d0" + +[[package]] +name = "tower-service" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52" + +[[package]] +name = "tracing" +version = "0.1.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ce8c33a8d48bd45d624a6e523445fd21ec13d3653cd51f681abf67418f54eb8" +dependencies = [ + "cfg-if", + "log", + "pin-project-lite", + "tracing-attributes", + "tracing-core", +] + +[[package]] +name = "tracing-attributes" +version = "0.1.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f4f31f56159e98206da9efd823404b79b6ef3143b4a7ab76e67b1751b25a4ab" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tracing-core" +version = "0.1.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0955b8137a1df6f1a2e9a37d8a6656291ff0297c1a97c24e0d8425fe2312f79a" +dependencies = [ + "once_cell", +] + +[[package]] +name = "try-lock" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3528ecfd12c466c6f163363caf2d02a71161dd5e1cc6ae7b34207ea2d42d81ed" + +[[package]] +name = "unicode-ident" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "301abaae475aa91687eb82514b328ab47a211a533026cb25fc3e519b86adfc3c" + +[[package]] +name = "version_check" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" + +[[package]] +name = "want" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfa7760aed19e106de2c7c0b581b509f2f25d3dacaf737cb82ac61bc6d760b0e" +dependencies = [ + "try-lock", +] + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + +[[package]] +name = "which" +version = "4.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87ba24419a2078cd2b0f2ede2691b6c66d8e47836da3b6db8265ebad47afbfc7" +dependencies = [ + "either", + "home", + "once_cell", + "rustix", +] + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "windows-sys" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a3e1820f08b8513f676f7ab6c1f99ff312fb97b553d30ff4dd86f9f15728aa7" +dependencies = [ + "windows_aarch64_gnullvm 0.42.2", + "windows_aarch64_msvc 0.42.2", + "windows_i686_gnu 0.42.2", + "windows_i686_msvc 0.42.2", + "windows_x86_64_gnu 0.42.2", + "windows_x86_64_gnullvm 0.42.2", + "windows_x86_64_msvc 0.42.2", +] + +[[package]] +name = "windows-sys" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" +dependencies = [ + "windows-targets", +] + +[[package]] +name = "windows-targets" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" +dependencies = [ + "windows_aarch64_gnullvm 0.48.5", + "windows_aarch64_msvc 0.48.5", + "windows_i686_gnu 0.48.5", + "windows_i686_msvc 0.48.5", + "windows_x86_64_gnu 0.48.5", + "windows_x86_64_gnullvm 0.48.5", + "windows_x86_64_msvc 0.48.5", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "597a5118570b68bc08d8d59125332c54f1ba9d9adeedeef5b99b02ba2b0698f8" + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e08e8864a60f06ef0d0ff4ba04124db8b0fb3be5776a5cd47641e942e58c4d43" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" + +[[package]] +name = "windows_i686_gnu" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c61d927d8da41da96a81f029489353e68739737d3beca43145c8afec9a31a84f" + +[[package]] +name = "windows_i686_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" + +[[package]] +name = "windows_i686_msvc" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44d840b6ec649f480a41c8d80f9c65108b92d89345dd94027bfe06ac444d1060" + +[[package]] +name = "windows_i686_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8de912b8b8feb55c064867cf047dda097f92d51efad5b491dfb98f6bbb70cb36" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26d41b46a36d453748aedef1486d5c7a85db22e56aff34643984ea85514e94a3" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9aec5da331524158c6d1a4ac0ab1541149c0b9505fde06423b02f5ef0106b9f0" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" diff --git a/Cargo.toml b/Cargo.toml new file mode 100644 index 000000000..59ca718a4 --- /dev/null +++ b/Cargo.toml @@ -0,0 +1,7 @@ +[workspace] +members = ["nss/"] +exclude = ["vendor_rust/"] +resolver = "2" + +[profile.release] +lto = "thin" diff --git a/nss/Cargo.toml b/nss/Cargo.toml new file mode 100644 index 000000000..4eb517e62 --- /dev/null +++ b/nss/Cargo.toml @@ -0,0 +1,32 @@ +[package] +name = "nss" +version = "0.1.0" +edition = "2021" + +[lib] +crate-type = ["cdylib"] +path = "src/lib.rs" +name = "nss_authd" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[features] +# Allows to override the socket path used to connect to the grpc server, through the AUTHD_NSS_SOCKET env variable. +custom_socket = [] + +[dependencies] +libnss = "0.5.0" +lazy_static = "1.4.0" +libc = "0.2.147" +paste = "1.0.14" +tonic = "0.10.0" +prost = "0.12.0" +tokio = { version = "1.32.0", features = ["macros", "rt-multi-thread"] } +tower = "0.4.13" +log = "0.4.20" +simple_logger = {version = "4.2.0", features = ["stderr"]} +syslog = "6.1.0" +ctor = "0.2.4" + +[build-dependencies] +tonic-build = "0.10.0" diff --git a/nss/build.rs b/nss/build.rs new file mode 100644 index 000000000..a0bdcd706 --- /dev/null +++ b/nss/build.rs @@ -0,0 +1,6 @@ +fn main() -> Result<(), Box> { + tonic_build::configure() + .build_server(false) + .compile(&["../authd.proto"], &["../"])?; + Ok(()) +} diff --git a/nss/src/client/mod.rs b/nss/src/client/mod.rs new file mode 100644 index 000000000..aa556f1b1 --- /dev/null +++ b/nss/src/client/mod.rs @@ -0,0 +1,25 @@ +use authd::nss_client::NssClient; +use std::error::Error; +use tokio::net::UnixStream; +use tonic::transport::{Channel, Endpoint, Uri}; +use tower::service_fn; + +use crate::debug; + +pub mod authd { + tonic::include_proto!("authd"); +} + +/// new_client creates a new client connection to the gRPC server or returns an active one. +pub async fn new_client() -> Result, Box> { + debug!("Connecting to authd on {}...", super::socket_path()); + + // The URL must have a valid format, even though we don't use it. + let ch = Endpoint::try_from("https://not-used:404")? + .connect_with_connector(service_fn(|_: Uri| { + UnixStream::connect(super::socket_path()) + })) + .await?; + + Ok(NssClient::new(ch)) +} diff --git a/nss/src/group/mod.rs b/nss/src/group/mod.rs new file mode 100644 index 000000000..85d06f9bc --- /dev/null +++ b/nss/src/group/mod.rs @@ -0,0 +1,107 @@ +use crate::error; +use libc::gid_t; +use libnss::group::{Group, GroupHooks}; +use libnss::interop::Response; +use tonic::Request; + +use crate::client::{self, authd}; +use authd::GroupEntry; + +pub struct AuthdGroup; +impl GroupHooks for AuthdGroup { + /// get_all_entries returns all group entries. + fn get_all_entries() -> Response> { + get_all_entries() + } + + /// get_entry_by_gid returns the group entry for the given gid. + fn get_entry_by_gid(gid: gid_t) -> Response { + get_entry_by_gid(gid) + } + + /// get_entry_by_name returns the group entry for the given name. + fn get_entry_by_name(name: String) -> Response { + get_entry_by_name(name) + } +} + +/// get_all_entries connects to the grpc server and asks for all group entries. +fn get_all_entries() -> Response> { + super::RT.block_on(async { + let mut client = match client::new_client().await { + Ok(c) => c, + Err(e) => { + error!("could not connect to gRPC server: {}", e); + return Response::Unavail; + } + }; + + let request = Request::new(authd::Empty {}); + match client.get_group_entries(request).await { + Ok(r) => Response::Success(group_entries_to_groups(r.into_inner().entries)), + Err(e) => { + error!("error when listing groups: {}", e.message()); + super::grpc_status_to_nss_response(e) + } + } + }) +} + +/// get_entry_by_gid connects to the grpc server and asks for the group entry with the given gid. +fn get_entry_by_gid(gid: gid_t) -> Response { + super::RT.block_on(async { + let mut client = match client::new_client().await { + Ok(c) => c, + Err(e) => { + error!("could not connect to gRPC server: {}", e); + return Response::Unavail; + } + }; + + let req = Request::new(authd::GetByIdRequest { id: gid }); + match client.get_group_by_gid(req).await { + Ok(r) => Response::Success(group_entry_to_group(r.into_inner())), + Err(e) => { + error!("error when getting group by gid: {}", e.message()); + super::grpc_status_to_nss_response(e) + } + } + }) +} + +/// get_entry_by_name connects to the grpc server and asks for the group entry with the given name. +fn get_entry_by_name(name: String) -> Response { + super::RT.block_on(async { + let mut client = match client::new_client().await { + Ok(c) => c, + Err(e) => { + error!("could not connect to gRPC server: {}", e); + return Response::Unavail; + } + }; + + let req = Request::new(authd::GetByNameRequest { name }); + match client.get_group_by_name(req).await { + Ok(r) => Response::Success(group_entry_to_group(r.into_inner())), + Err(e) => { + error!("error when getting group by name: {}", e.message()); + super::grpc_status_to_nss_response(e) + } + } + }) +} + +/// group_entry_to_group converts a GroupEntry to a libnss::Group. +fn group_entry_to_group(entry: GroupEntry) -> Group { + Group { + name: entry.name, + passwd: entry.passwd, + gid: entry.gid, + members: entry.members, + } +} + +/// group_entries_to_groups converts a Vec to a Vec. +fn group_entries_to_groups(entries: Vec) -> Vec { + entries.into_iter().map(group_entry_to_group).collect() +} diff --git a/nss/src/lib.rs b/nss/src/lib.rs new file mode 100644 index 000000000..99b4f08fa --- /dev/null +++ b/nss/src/lib.rs @@ -0,0 +1,58 @@ +#[macro_use] +extern crate lazy_static; +use libnss::{interop::Response, libnss_group_hooks, libnss_passwd_hooks, libnss_shadow_hooks}; + +mod passwd; +use passwd::AuthdPasswd; +libnss_passwd_hooks!(authd, AuthdPasswd); + +mod group; +use group::AuthdGroup; +libnss_group_hooks!(authd, AuthdGroup); + +mod shadow; +use shadow::AuthdShadow; +use tokio::runtime::{Builder, Runtime}; +use tonic::{Code, Status}; +libnss_shadow_hooks!(authd, AuthdShadow); + +mod logs; + +mod client; + +lazy_static! { + pub static ref RT: Runtime = Builder::new_current_thread().enable_all().build().unwrap(); +} + +#[ctor::ctor] +/// init_logger is a constructor that ensures the logger object initialization only happens once per +/// library invocation in order to avoid races to the log file. +fn init_logger() { + logs::init_logger(); +} + +/// socket_path returns the socket path to connect to the gRPC server. +/// +/// It uses the AUTHD_NSS_SOCKET env value if set and the custom_socket feature is enabled, +/// otherwise it uses the default path. +fn socket_path() -> String { + #[cfg(feature = "custom_socket")] + match std::env::var("AUTHD_NSS_SOCKET") { + Ok(s) => return s, + Err(err) => { + debug!( + "AUTHD_NSS_SOCKET not set or badly configured, using default value: {}", + err + ); + } + } + "/run/authd.sock".to_string() +} + +/// grpc_status_to_nss_response converts a gRPC status to a NSS response. +fn grpc_status_to_nss_response(status: Status) -> Response { + match status.code() { + Code::NotFound => Response::NotFound, + _ => Response::Unavail, + } +} diff --git a/nss/src/logs/mod.rs b/nss/src/logs/mod.rs new file mode 100644 index 000000000..65c640b6d --- /dev/null +++ b/nss/src/logs/mod.rs @@ -0,0 +1,76 @@ +use log::{LevelFilter, Metadata}; +use simple_logger::SimpleLogger; +use std::env; +use syslog::{BasicLogger, Facility, Formatter3164}; + +#[macro_export] +macro_rules! debug { + ($($arg:tt)*) => { + let log_prefix = "authd:"; + log::debug!("{} {}", log_prefix, format_args!($($arg)*)); + } +} + +#[macro_export] +macro_rules! error { + ($($arg:tt)*) => { + let log_prefix = "authd:"; + log::error!("{} {}", log_prefix, format_args!($($arg)*)); + } +} + +/// init_logger initialize the global logger with a default level set to info. This function is only +/// required to be called once and is a no-op on subsequent calls. +/// +/// The log level can be set to debug by setting the environment variable AUTHD_NSS_DEBUG. +pub fn init_logger() { + if log::logger().enabled(&Metadata::builder().build()) { + return; + } + + let mut level = LevelFilter::Info; + if let Ok(target) = env::var("AUTHD_NSS_DEBUG") { + level = LevelFilter::Debug; + match target { + s if s == *"stderr" => init_stderr_logger(level), + _ => init_sys_logger(level), + } + } else { + init_sys_logger(level); + } + + debug!("Log level set to {:?}", level); +} + +/// init_sys_logger initializes a global log that prints messages to the system logs. +fn init_sys_logger(log_level: LevelFilter) { + let formatter = Formatter3164 { + facility: Facility::LOG_USER, + hostname: None, + process: "authd".into(), + pid: 0, + }; + + let logger = match syslog::unix(formatter) { + Err(err) => { + println!("cannot connect to syslog: {err:?}"); + return; + } + Ok(l) => l, + }; + + if let Err(err) = log::set_boxed_logger(Box::new(BasicLogger::new(logger))) + .map(|()| log::set_max_level(log_level)) + { + eprintln!("cannot set log level: {err:?}"); + return; + }; + + debug!("Log output set to syslog"); +} + +/// init_stderr_logger initializes a global log that prints the messages to stderr. +fn init_stderr_logger(log_level: LevelFilter) { + SimpleLogger::new().with_level(log_level).init().unwrap(); + debug!("Log output set to stderr"); +} diff --git a/nss/src/passwd/mod.rs b/nss/src/passwd/mod.rs new file mode 100644 index 000000000..c2c08aca1 --- /dev/null +++ b/nss/src/passwd/mod.rs @@ -0,0 +1,110 @@ +use crate::error; +use libc::uid_t; +use libnss::interop::Response; +use libnss::passwd::{Passwd, PasswdHooks}; +use tonic::Request; + +use crate::client::{self, authd}; +use authd::PasswdEntry; + +pub struct AuthdPasswd; +impl PasswdHooks for AuthdPasswd { + /// get_all_entries returns all passwd entries. + fn get_all_entries() -> Response> { + get_all_entries() + } + + /// get_entry_by_uid returns the passwd entry for the given uid. + fn get_entry_by_uid(uid: uid_t) -> Response { + get_entry_by_uid(uid) + } + + /// get_entry_by_name returns the passwd entry for the given name. + fn get_entry_by_name(name: String) -> Response { + get_entry_by_name(name) + } +} + +/// get_all_entries connects to the grpc server and asks for all passwd entries. +fn get_all_entries() -> Response> { + super::RT.block_on(async { + let mut client = match client::new_client().await { + Ok(c) => c, + Err(e) => { + error!("could not connect to gRPC server: {}", e); + return Response::Unavail; + } + }; + + let req = Request::new(authd::Empty {}); + match client.get_passwd_entries(req).await { + Ok(r) => Response::Success(passwd_entries_to_passwds(r.into_inner().entries)), + Err(e) => { + error!("error when listing passwd: {}", e.message()); + super::grpc_status_to_nss_response(e) + } + } + }) +} + +/// get_entry_by_uid connects to the grpc server and asks for the passwd entry with the given uid. +fn get_entry_by_uid(uid: uid_t) -> Response { + super::RT.block_on(async { + let mut client = match client::new_client().await { + Ok(c) => c, + Err(e) => { + error!("could not connect to gRPC server: {}", e); + return Response::Unavail; + } + }; + + let req = Request::new(authd::GetByIdRequest { id: uid }); + match client.get_passwd_by_uid(req).await { + Ok(r) => Response::Success(passwd_entry_to_passwd(r.into_inner())), + Err(e) => { + error!("error when getting passwd by uid: {}", e.message()); + super::grpc_status_to_nss_response(e) + } + } + }) +} + +/// get_entry_by_name connects to the grpc server and asks for the passwd entry with the given name. +fn get_entry_by_name(name: String) -> Response { + super::RT.block_on(async { + let mut client = match client::new_client().await { + Ok(c) => c, + Err(e) => { + error!("could not connect to gRPC server: {}", e); + return Response::Unavail; + } + }; + + let req = Request::new(authd::GetByNameRequest { name }); + match client.get_passwd_by_name(req).await { + Ok(r) => Response::Success(passwd_entry_to_passwd(r.into_inner())), + Err(e) => { + error!("error when getting passwd by name: {}", e.message()); + super::grpc_status_to_nss_response(e) + } + } + }) +} + +/// passwd_entry_to_passwd converts a PasswdEntry to a libnss::Passwd. +fn passwd_entry_to_passwd(entry: PasswdEntry) -> Passwd { + Passwd { + name: entry.name, + passwd: entry.passwd, + uid: entry.uid, + gid: entry.gid, + gecos: entry.gecos, + dir: entry.homedir, + shell: entry.shell, + } +} + +/// passwd_entries_to_passwds converts a Vec to a Vec. +fn passwd_entries_to_passwds(entries: Vec) -> Vec { + entries.into_iter().map(passwd_entry_to_passwd).collect() +} diff --git a/nss/src/shadow/mod.rs b/nss/src/shadow/mod.rs new file mode 100644 index 000000000..f4aef23b7 --- /dev/null +++ b/nss/src/shadow/mod.rs @@ -0,0 +1,85 @@ +use crate::error; +use libnss::interop::Response; +use libnss::shadow::{Shadow, ShadowHooks}; +use tonic::Request; + +use crate::client::{self, authd}; +use authd::ShadowEntry; + +pub struct AuthdShadow; + +impl ShadowHooks for AuthdShadow { + /// get_all_entries returns all shadow entries. + fn get_all_entries() -> Response> { + get_all_entries() + } + + /// get_entry_by_name returns the shadow entry for the given name. + fn get_entry_by_name(name: String) -> Response { + get_entry_by_name(name) + } +} + +/// get_all_entries connects to the grpc server and asks for all shadow entries. +fn get_all_entries() -> Response> { + super::RT.block_on(async { + let mut client = match client::new_client().await { + Ok(c) => c, + Err(e) => { + error!("could not connect to gRPC server: {}", e); + return Response::Unavail; + } + }; + + let req = Request::new(authd::Empty {}); + match client.get_shadow_entries(req).await { + Ok(r) => Response::Success(shadow_entries_to_shadows(r.into_inner().entries)), + Err(e) => { + error!("error when listing shadow: {}", e.message()); + super::grpc_status_to_nss_response(e) + } + } + }) +} + +/// get_entry_by_name connects to the grpc server and asks for the shadow entry with the given name. +fn get_entry_by_name(name: String) -> Response { + super::RT.block_on(async { + let mut client = match client::new_client().await { + Ok(c) => c, + Err(e) => { + error!("could not connect to gRPC server: {}", e); + return Response::Unavail; + } + }; + + let req = Request::new(authd::GetByNameRequest { name }); + match client.get_shadow_by_name(req).await { + Ok(r) => Response::Success(shadow_entry_to_shadow(r.into_inner())), + Err(e) => { + error!("error when getting shadow by name: {}", e.message()); + super::grpc_status_to_nss_response(e) + } + } + }) +} + +/// shadow_entries_to_shadows converts a vector of shadow entries to a vector of shadows. +fn shadow_entry_to_shadow(entry: ShadowEntry) -> Shadow { + Shadow { + name: entry.name, + passwd: entry.passwd, + last_change: entry.last_change as isize, + change_min_days: entry.change_min_days as isize, + change_max_days: entry.change_max_days as isize, + change_warn_days: entry.change_warn_days as isize, + change_inactive_days: entry.change_inactive_days as isize, + expire_date: entry.expire_date as isize, + reserved: usize::MAX, + } +} + +/// shadow_entries_to_shadows converts a vector of shadow entries to a vector of shadows. +fn shadow_entries_to_shadows(entries: Vec) -> Vec { + entries.into_iter().map(shadow_entry_to_shadow).collect() +} From fb286510d78eb267843110375712ce9f38ab6a2c Mon Sep 17 00:00:00 2001 From: denisonbarbosa Date: Tue, 19 Sep 2023 06:03:40 -0400 Subject: [PATCH 3/3] Add Rust QA to the CI --- .github/workflows/qa.yaml | 40 +++++++++++++++++++++++++++++++++++---- nss/build.rs | 1 + 2 files changed, 37 insertions(+), 4 deletions(-) diff --git a/.github/workflows/qa.yaml b/.github/workflows/qa.yaml index c11c43723..8bbbc53b2 100644 --- a/.github/workflows/qa.yaml +++ b/.github/workflows/qa.yaml @@ -12,8 +12,8 @@ env: libpam0g-dev jobs: - sanity: - name: Code sanity + go-sanity: + name: "Go: Code sanity" runs-on: ubuntu-latest steps: - name: Install dependencies @@ -27,8 +27,38 @@ jobs: golangci-lint-configfile: ".golangci.yaml" tools-directory: "tools" - tests: - name: Tests + rust-sanity: + name: "Rust: Code sanity" + runs-on: ubuntu-latest + steps: + - name: Install dependencies + run: | + sudo DEBIAN_FRONTEND=noninteractive apt update + sudo DEBIAN_FRONTEND=noninteractive apt install -y ${{ env.apt_deps }} protobuf-compiler protobuf-compiler-grpc + - uses: actions/checkout@v4 + - uses: actions-rs/toolchain@v1 + with: + profile: minimal + toolchain: stable + override: true + components: rustfmt, clippy + - name: Build crate + uses: actions-rs/cargo@v1 + with: + command: build + args: --all-features + - name: Check code format with rustfmt + uses: actions-rs/cargo@v1 + with: + command: fmt + - name: Check code format with clippy + uses: actions-rs/clippy-check@v1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + args: --all-features + + go-tests: + name: "Go: Tests" runs-on: ubuntu-latest steps: - name: Install dependencies @@ -51,3 +81,5 @@ jobs: uses: codecov/codecov-action@v3 with: file: /tmp/coverage.combined + + # TODO: rust-tests: diff --git a/nss/build.rs b/nss/build.rs index a0bdcd706..0782bf585 100644 --- a/nss/build.rs +++ b/nss/build.rs @@ -1,6 +1,7 @@ fn main() -> Result<(), Box> { tonic_build::configure() .build_server(false) + .protoc_arg("--experimental_allow_proto3_optional") .compile(&["../authd.proto"], &["../"])?; Ok(()) }