Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Right now cap-std uses
RESOLVE_BENEATH
, notRESOLVE_IN_ROOT
which means absolute symlinks can't work.It's really handy to use cap-std where we can; I particularly like doing so in unit tests for example.
However...we really do need to support absolute
symlinks for many cases. Add a handy
RootDirectory
which exposes just a read-only subset of APIs - in particular we basically just wantopen()
(and convenience wrappers likeread_to_string()
on this).For other writing cases right now, one needs to construct a regular
Dir
.Note that unlike the rest of cap-std, absolutely¹ no attempt is made to handle cases where
openat2
isn't accessible (non-Linux, cases where the kernel is too old, etc.)¹ Pun not intended