umanux 0.1.1

Library for managing Linux users and their directories
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275

use std::{io::Seek, io::SeekFrom, path::PathBuf};

#[allow(unused_imports)]
use log::{debug, error, info, trace, warn};
use std::fs::{File, OpenOptions};
use std::io::Read;
use std::io::Write;
use std::ops::Deref;

#[derive(Debug)]
pub struct Files {
    pub passwd: Option<PathBuf>,
    pub shadow: Option<PathBuf>,
    pub group: Option<PathBuf>,
}

impl Default for Files {
    /// use the default Linux `/etc/` paths
    fn default() -> Self {
        Self {
            passwd: Some(PathBuf::from("/etc/passwd")),
            shadow: Some(PathBuf::from("/etc/shadow")),
            group: Some(PathBuf::from("/etc/group")),
        }
    }
}

impl Files {
    /// Check if all the files are defined. Because some operations require the files to be present
    #[must_use]
    pub const fn is_virtual(&self) -> bool {
        !(self.group.is_some() & self.passwd.is_some() & self.shadow.is_some())
    }
    pub fn lock_and_get_passwd(&self) -> Result<LockedFileGuard, crate::UserLibError> {
        let path = self.passwd.as_ref();
        match path {
            Some(p) => LockedFileGuard::new(p),
            None => Err(crate::UserLibError::FilesRequired),
        }
    }
    pub fn lock_and_get_shadow(&self) -> Result<LockedFileGuard, crate::UserLibError> {
        let path = self.shadow.as_ref();
        match path {
            Some(p) => LockedFileGuard::new(p),
            None => Err(crate::UserLibError::FilesRequired),
        }
    }
    pub fn lock_and_get_group(&self) -> Result<LockedFileGuard, crate::UserLibError> {
        let path = self.group.as_ref();
        match path {
            Some(p) => LockedFileGuard::new(p),
            None => Err(crate::UserLibError::FilesRequired),
        }
    }

    pub fn lock_all_get(
        &self,
    ) -> Result<(LockedFileGuard, LockedFileGuard, LockedFileGuard), crate::UserLibError> {
        let pwd = self.lock_and_get_passwd()?;
        let shd = self.lock_and_get_shadow()?;
        let grp = self.lock_and_get_group()?;
        Ok((pwd, shd, grp))
    }
}

#[derive(Debug)]
pub struct LockedFileGuard {
    lockfile: PathBuf,
    path: PathBuf,
    pub(crate) file: File,
}

#[derive(Debug)]
struct TempLockFile {
    tlf: PathBuf,
}

impl Drop for TempLockFile {
    fn drop(&mut self) {
        info!("removing temporary lockfile {}", self.tlf.to_str().unwrap());
        std::fs::remove_file(&self.tlf).unwrap();
    }
}
impl Deref for TempLockFile {
    type Target = PathBuf;
    fn deref(&self) -> &PathBuf {
        &self.tlf
    }
}
impl LockedFileGuard {
    pub fn new(path: &PathBuf) -> Result<Self, crate::UserLibError> {
        let locked = Self::try_to_lock_file(path);
        match locked {
            Ok((lockfile, file)) => Ok(Self {
                lockfile,
                path: path.to_owned(),
                file,
            }),
            Err(e) => Err(e),
        }
    }

    pub fn replace_contents(&mut self, new_content: String) -> Result<(), crate::UserLibError> {
        self.file = match File::create(&self.path) {
            Ok(file) => file,
            Err(e) => return Err(("Failed to truncate file.".to_owned(), e).into()),
        };
        match self.file.write_all(&new_content.into_bytes()) {
            Ok(_) => (),
            Err(e) => return Err(("Could not write (all) users. ".to_owned(), e).into()),
        };
        let _ = self.file.write(b"\n");
        Ok(())
    }

    pub fn append(&mut self, appendee: String) -> Result<(), crate::UserLibError> {
        // Seek to the last character.
        self.file.seek(SeekFrom::End(-1)).map_or_else(
            |e| Err(format!("Failed to append to file {}", e)),
            |_| Ok(()),
        )?;
        // Read the last character
        let mut b = [0_u8; 1];
        self.file.read_exact(&mut b)?;
        // Verify it is '\n' else append '\n' so in any case the file ends with with a newline now
        if &b != b"\n" {
            //self.file.write_all(&b)?;
            self.file.write_all(b"\n")?;
        }
        // write the new line.
        self.file.write_all(&appendee.into_bytes()).map_or_else(
            |e| Err(("Failed to append to file".to_owned(), e).into()),
            Ok,
        )
    }

    /// This function tries to lock a file in the way other passwd locking mechanisms work.
    ///
    /// * get the pid
    /// * create the temporary lockfilepath "/etc/passwd.12397"
    /// * create the lockfilepath "/etc/passwd.lock"
    /// * open the temporary file
    /// * write the pid to the tempfile
    /// * try to make a link from the temporary file created to the lockfile
    /// * ensure that the file has been linked successfully
    ///
    /// when the link could not be created:
    ///
    /// * Open the lockfile
    /// * read the contents of the lockfile
    /// * check if the lockfile contains a pid if not error out
    /// * check if the containing pid is in a valid format. If not create a matching error
    ///
    /// not implemented yet:
    ///
    /// * test if this process could be killed. If so disclose the pid in the error.
    /// * try to delete the lockfile as it is apparently not used by the process anmore. (cleanup)
    /// * try to lock again now that the old logfile has been safely removed.
    /// * remove the original file and only keep the lock hardlink
    fn try_to_lock_file(path: &PathBuf) -> Result<(PathBuf, File), crate::UserLibError> {
        info!("locking file {}", path.to_string_lossy());
        let mut tempfilepath_const = path.clone();
        // get the pid
        let pid = std::process::id();
        debug!("using pid {}", std::process::id());
        // get the filename
        let filename = tempfilepath_const.file_name().unwrap().to_owned();
        // and the base path which is the base for tempfile and lockfile.
        tempfilepath_const.pop();
        let mut lockfilepath = tempfilepath_const.clone();
        // push the filenames to the paths
        tempfilepath_const.push(format!("{}.{}", filename.to_str().unwrap(), pid));
        let tempfilepath = TempLockFile {
            tlf: tempfilepath_const,
        };
        lockfilepath.push(format!("{}.lock", filename.to_str().unwrap()));
        debug!(
            "Lockfile paths: {:?} (temporary) {:?} (final)",
            *tempfilepath, lockfilepath
        );
        // write the pid into the tempfile
        {
            let mut tempfile = File::create(&*tempfilepath).unwrap_or_else(|e| {
                panic!("Failed to open {} error: {}", filename.to_str().unwrap(), e)
            });
            write!(tempfile, "{}", pid).or_else(|e| {
                let error_msg = format!(
                    "could not write to {} error {}",
                    filename.to_string_lossy(),
                    e
                );
                error!("{}", error_msg);
                let err: crate::UserLibError = error_msg.into();
                Err(err)
            })?;
        }

        // try to make a hardlink from the lockfile to the tempfile
        let linkresult = std::fs::hard_link(&*tempfilepath, &lockfilepath);
        match linkresult {
            Ok(()) => {
                debug!("successfully locked");

                // open the file
                let resfile = OpenOptions::new().read(true).write(true).open(&path);
                return match resfile {
                    Ok(file) => Ok((lockfilepath, file)),
                    Err(e) => {
                        // failed to open the file undo the locks
                        let _ = std::fs::remove_file(&lockfilepath);
                        let ret: crate::UserLibError = format!(
                            "Failed to open the file: {}, error: {}",
                            path.to_str().unwrap(),
                            e
                        )
                        .into();
                        Err(ret)
                    }
                };
            }
            Err(e) => match e.kind() {
                // analyze the error further
                std::io::ErrorKind::AlreadyExists => {
                    warn!("The file is already locked by another process! – testing the validity of the lock");
                    {
                        let mut lf = match File::open(&lockfilepath) {
                            Ok(file) => file,
                            Err(e) => {
                                panic!("failed to open the lockfile: {}", e);
                            }
                        };
                        let mut content = String::new();
                        lf.read_to_string(&mut content)
                            .unwrap_or_else(|e| panic!("failed to read the lockfile{}", e));

                        let content = content.trim().trim_matches(char::from(0));
                        let lock_pid = content.parse::<u32>();
                        match lock_pid {
                            Ok(pid) => {
                                warn!(
                                    "found a pid: {}, checking if this process is still running",
                                    pid
                                );
                                error!("The file could not be locked");
                                todo!("Validate the lock and delete the file if the process does not exist anymore");
                                /*let sent = nix::sys::signal::kill(
                                    nix::unistd::Pid::from_raw(pid as i32),
                                    nix::sys::signal::Signal::from(0),
                                );*/
                            }
                            Err(e) => error!(
                                "existing lock file {} with an invalid PID '{}' Error: {}",
                                lockfilepath.to_str().unwrap(),
                                content,
                                e
                            ),
                        }
                    }
                }

                _ => {
                    panic!("failed to lock the file: {}", e);
                }
            },
        }
        Err("was not able to lock!".into())
    }
}

impl Drop for LockedFileGuard {
    fn drop(&mut self) {
        info!("removing lock");
        std::fs::remove_file(&self.lockfile).unwrap();
    }
}