Couple of small changes (#887)

trifectatechfoundation · Oct 21, 2024 · 273c317 · 273c317
2 parents 986d016 + da30a0a
commit 273c317
Show file tree

Hide file tree

Showing 5 changed files with 18 additions and 13 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -295,11 +295,6 @@ jobs:
           sudo apt update
           sudo apt install libpam0g-dev
 
-      - name: Rust Cache
-        uses: Swatinem/rust-cache@v2
-        with:
-          shared-key: "msrv"
-
       - name: Install rust-bindgen
         uses: taiki-e/install-action@v2
         with:

diff --git a/src/su/mod.rs b/src/su/mod.rs
@@ -26,7 +26,7 @@ fn authenticate(
 ) -> Result<PamContext<CLIConverser>, Error> {
     let context = if login { "su-l" } else { "su" };
     let use_stdin = true;
-    let mut pam = PamContext::builder_cli("su", use_stdin, Default::default())
+    let mut pam = PamContext::builder_cli("su", use_stdin, false)
         .target_user(user)
         .service_name(context)
         .build()?;

diff --git a/src/sudo/mod.rs b/src/sudo/mod.rs
@@ -24,7 +24,7 @@ mod pipeline;
 
 const VERSION: &str = std::env!("CARGO_PKG_VERSION");
 
-fn candidate_sudoers_file() -> &'static Path {
+pub(crate) fn candidate_sudoers_file() -> &'static Path {
     let pb_rs: &'static Path = Path::new("/etc/sudoers-rs");
     if pb_rs.exists() {
         dev_info!("Running with /etc/sudoers-rs file");

diff --git a/src/system/mod.rs b/src/system/mod.rs
@@ -600,7 +600,7 @@ impl Process {
     /// attached to the given process
     pub fn tty_device_id(pid: WithProcess) -> std::io::Result<Option<DeviceId>> {
         // device id of tty is displayed as a signed integer of 32 bits
-        let data: i32 = read_proc_stat(pid, 6)?;
+        let data: i32 = read_proc_stat(pid, 7 /* tty_nr */)?;
         if data == 0 {
             Ok(None)
         } else {
@@ -615,7 +615,7 @@ impl Process {
 
     /// Get the process starting time of a specific process
     pub fn starting_time(pid: WithProcess) -> io::Result<SystemTime> {
-        let process_start: u64 = read_proc_stat(pid, 21)?;
+        let process_start: u64 = read_proc_stat(pid, 22 /* start_time */)?;
 
         // the startime field is stored in ticks since the system start, so we need to know how many
         // ticks go into a second
@@ -634,6 +634,12 @@ impl Process {
     }
 }
 
+/// Read the n-th field (with 1-based indexing) from `/proc/<pid>/self`.
+///
+/// See ["Table 1-4: Contents of the stat fields" of "The /proc
+/// Filesystem"][proc_stat_fields] in the Linux docs for all available fields.
+///
+/// [proc_stat_fields]: https://www.kernel.org/doc/html/latest/filesystems/proc.html#id10
 fn read_proc_stat<T: FromStr>(pid: WithProcess, field_idx: isize) -> io::Result<T> {
     // read from a specific pid file, or use `self` to refer to our own process
     let pidref = pid.to_proc_string();
@@ -655,7 +661,7 @@ fn read_proc_stat<T: FromStr>(pid: WithProcess, field_idx: isize) -> io::Result<
     // we've now passed the first two fields, so we are at index 1, now we skip over
     // fields until we arrive at the field we are searching for
     let mut curr_field = 1;
-    while curr_field < field_idx && !stat.is_empty() {
+    while curr_field <= field_idx && !stat.is_empty() {
         if stat[0] == b' ' {
             curr_field += 1;
         }

diff --git a/src/visudo/mod.rs b/src/visudo/mod.rs
@@ -11,7 +11,7 @@ use std::{
 };
 
 use crate::{
-    sudo::diagnostic,
+    sudo::{candidate_sudoers_file, diagnostic},
     sudoers::Sudoers,
     system::{
         can_execute,
@@ -64,7 +64,9 @@ pub fn main() {
 }
 
 fn check(file_arg: Option<&str>, perms: bool, owner: bool) -> io::Result<()> {
-    let sudoers_path = Path::new(file_arg.unwrap_or("/etc/sudoers"));
+    let sudoers_path = file_arg
+        .map(Path::new)
+        .unwrap_or_else(|| candidate_sudoers_file());
 
     let sudoers_file = File::open(sudoers_path)
         .map_err(|err| io_msg!(err, "unable to open {}", sudoers_path.display()))?;
@@ -121,7 +123,9 @@ fn check(file_arg: Option<&str>, perms: bool, owner: bool) -> io::Result<()> {
 }
 
 fn run(file_arg: Option<&str>, perms: bool, owner: bool) -> io::Result<()> {
-    let sudoers_path = Path::new(file_arg.unwrap_or("/etc/sudoers"));
+    let sudoers_path = file_arg
+        .map(Path::new)
+        .unwrap_or_else(|| candidate_sudoers_file());
 
     let (sudoers_file, existed) = if sudoers_path.exists() {
         let file = File::options().read(true).write(true).open(sudoers_path)?;