fmt: cargo fmt

LeChatP · LeChatP · commit 9245db3e628f · 2025-12-24T12:57:15.000+01:00
diff --git a/src/sr/finder/api/landlock.rs b/src/sr/finder/api/landlock.rs
@@ -1,8 +1,10 @@
 use std::{collections::HashMap, path::PathBuf};
 
-use landlock::{Access, AccessFs, PathBeneath, PathFd, Ruleset, RulesetAttr, RulesetCreatedAttr, ABI};
-use serde::{Deserialize, Serialize};
 use bitflags::bitflags;
+use landlock::{
+    Access, AccessFs, PathBeneath, PathFd, Ruleset, RulesetAttr, RulesetCreatedAttr, ABI,
+};
+use serde::{Deserialize, Serialize};
 
 use crate::{
     error::{SrError, SrResult},
@@ -81,7 +83,8 @@ impl<'de> Deserialize<'de> for FAccess {
             where
                 E: serde::de::Error,
             {
-                FAccess::from_bits(v).ok_or_else(|| E::custom(format!("invalid access bitmask: {}", v)))
+                FAccess::from_bits(v)
+                    .ok_or_else(|| E::custom(format!("invalid access bitmask: {}", v)))
             }
         }
 
@@ -104,29 +107,35 @@ fn pre_exec(event: &mut ApiEvent) -> SrResult<()> {
                     whitelist.insert(PathBuf::from(key), access);
                 }
             }
-            
+
             let mut ruleset = Ruleset::default()
                 .handle_access(AccessFs::from_all(VERSION))
                 .map_err(|_| SrError::ConfigurationError)?
                 .create()
                 .map_err(|_| SrError::ConfigurationError)?;
-            
+
             for (path, access) in whitelist.iter() {
                 let landlock_access = match *access {
                     FAccess::RWX | FAccess::RX => AccessFs::from_all(VERSION),
                     FAccess::WX => AccessFs::from_write(VERSION) | AccessFs::Execute,
-                    FAccess::RW => AccessFs::from_read(VERSION) | AccessFs::from_write(VERSION) & !AccessFs::Execute,
+                    FAccess::RW => {
+                        AccessFs::from_read(VERSION)
+                            | AccessFs::from_write(VERSION) & !AccessFs::Execute
+                    }
                     FAccess::R => AccessFs::from_read(VERSION) & !AccessFs::Execute,
                     FAccess::W => AccessFs::from_write(VERSION),
                     FAccess::X => AccessFs::from_read(VERSION),
                     _ => !AccessFs::from_all(VERSION),
                 };
                 let path_fd = PathFd::new(path).map_err(|_| SrError::ConfigurationError)?;
-                ruleset = ruleset.add_rule(PathBeneath::new(path_fd, landlock_access))
+                ruleset = ruleset
+                    .add_rule(PathBeneath::new(path_fd, landlock_access))
                     .map_err(|_| SrError::ConfigurationError)?;
             }
-            
-            ruleset.restrict_self().map_err(|_| SrError::ConfigurationError)?;
+
+            ruleset
+                .restrict_self()
+                .map_err(|_| SrError::ConfigurationError)?;
         }
     }
     Ok(())
diff --git a/src/sr/finder/api/mod.rs b/src/sr/finder/api/mod.rs
@@ -17,10 +17,10 @@ use super::{
 mod hashchecker;
 #[cfg(feature = "hierarchy")]
 mod hierarchy;
-#[cfg(feature = "ssd")]
-mod ssd;
 #[cfg(feature = "landlock")]
 mod landlock;
+#[cfg(feature = "ssd")]
+mod ssd;
 
 thread_local! {
     static API: Lazy<UnsafeCell<Api>> = Lazy::new(|| UnsafeCell::new(Api::new()));
@@ -80,10 +80,7 @@ pub enum ApiEvent<'a, 't, 'c, 'f, 'g, 'h, 'i, 'j, 'k> {
         &'g mut BestExecSettings,
         &'h mut bool,
     ),
-    PreExec(
-        &'f Cli,
-        &'h BestExecSettings,
-    ),
+    PreExec(&'f Cli, &'h BestExecSettings),
 }
 
 impl ApiEvent<'_, '_, '_, '_, '_, '_, '_, '_, '_> {
diff --git a/src/sr/finder/de.rs b/src/sr/finder/de.rs
@@ -786,7 +786,16 @@ impl<'de: 'a, 'a> DeserializeSeed<'de> for CredFinderDeserializerReturn<'a> {
                     }
                 }
                 debug!("CredFinderVisitor: end");
-                Ok(CredResult{cred: CredData {setuid, setgroups, caps, extra_values}, score, ok})
+                Ok(CredResult {
+                    cred: CredData {
+                        setuid,
+                        setgroups,
+                        caps,
+                        extra_values,
+                    },
+                    score,
+                    ok,
+                })
             }
         }
         const FIELDS: &[&str] = &["setuid", "setgroups", "capabilities", "0", "1", "2"];
@@ -2108,9 +2117,18 @@ mod tests {
         let result = result.unwrap();
         assert!(result.ok);
         assert_eq!(result.cred.setuid, Some("root".into()));
-        assert_eq!(result.cred.setgroups, Some(DGroups::from(vec!["root".into()])));
-        assert_eq!(result.cred.caps, Some(CapSet::from_iter(vec![Cap::SYS_ADMIN])));
-        assert_eq!(result.score.setuser_min.uid, Some(SetuidMin::from(&"root".into())));
+        assert_eq!(
+            result.cred.setgroups,
+            Some(DGroups::from(vec!["root".into()]))
+        );
+        assert_eq!(
+            result.cred.caps,
+            Some(CapSet::from_iter(vec![Cap::SYS_ADMIN]))
+        );
+        assert_eq!(
+            result.score.setuser_min.uid,
+            Some(SetuidMin::from(&"root".into()))
+        );
         assert_eq!(
             result.score.setuser_min.gid,
             Some(SetgidMin::from(&Into::<DGroupType<'_>>::into("root")))
@@ -2129,7 +2147,10 @@ mod tests {
         assert_eq!(result.cred.setuid, Some(uid.into()));
         assert_eq!(result.cred.setgroups, Some(DGroups::from(vec![gid.into()])));
         assert_eq!(result.cred.caps, None);
-        assert_eq!(result.score.setuser_min.uid, Some(SetuidMin::from(&uid.into())));
+        assert_eq!(
+            result.score.setuser_min.uid,
+            Some(SetuidMin::from(&uid.into()))
+        );
         assert_eq!(
             result.score.setuser_min.gid,
             Some(SetgidMin::from(&Into::<DGroupType<'_>>::into(uid)))
@@ -2148,7 +2169,10 @@ mod tests {
         assert_eq!(result.cred.setuid, Some(uid.into()));
         assert_eq!(result.cred.setgroups, Some(DGroups::from(vec![gid.into()])));
         assert_eq!(result.cred.caps, None);
-        assert_eq!(result.score.setuser_min.uid, Some(SetuidMin::from(&uid.into())));
+        assert_eq!(
+            result.score.setuser_min.uid,
+            Some(SetuidMin::from(&uid.into()))
+        );
         assert_eq!(
             result.score.setuser_min.gid,
             Some(SetgidMin::from(&Into::<DGroupType<'_>>::into(uid)))
diff --git a/src/sr/finder/mod.rs b/src/sr/finder/mod.rs
@@ -24,7 +24,9 @@ use rar_common::{
 use serde::de::DeserializeSeed;
 
 use crate::{
-    error::{SrError, SrResult}, finder::de::{CredOwnedData}, Cli
+    error::{SrError, SrResult},
+    finder::de::CredOwnedData,
+    Cli,
 };
 
 pub(crate) mod api;
@@ -64,7 +66,7 @@ pub fn find_best_exec_settings<'de: 'a, 'a, P>(
     cred: &'a Cred,
     path: &'a P,
     env_vars: impl IntoIterator<Item = (impl Into<String>, impl Into<String>)>,
-    env_path: & [&str],
+    env_path: &[&str],
 ) -> SrResult<BestExecSettings>
 where
     P: AsRef<Path>,
@@ -160,8 +162,7 @@ impl BestExecSettings {
                 env_vars,
                 opt_stack.calc_path(env_path),
                 cred,
-                &result
-                    .cred.setuid,
+                &result.cred.setuid,
                 format!(
                     "{}{}",
                     cli.cmd_path.display(),
diff --git a/src/sr/main.rs b/src/sr/main.rs
@@ -356,13 +356,7 @@ fn main_inner() -> SrResult<()> {
             print!(" and group(s): ");
             let groups = gids
                 .iter()
-                .map(|g| {
-                    format!(
-                        "{} ({})",
-                        g.name,
-                        g.gid
-                    )
-                })
+                .map(|g| format!("{} ({})", g.name, g.gid))
                 .collect::<Vec<_>>()
                 .join(", ");
             println!("{}", groups);
@@ -413,22 +407,24 @@ fn main_inner() -> SrResult<()> {
     let cargs = args.cmd_args.clone();
     let cfinal_path = execcfg.final_path.clone();
     let cfinal_env = execcfg.env.clone();
-    let command = unsafe { Command::new(&execcfg.final_path)
-        .pre_exec(move || {
-            use crate::finder::api::{Api, ApiEvent};
-            Api::notify(ApiEvent::PreExec(&args, &execcfg)).map_err(|e| {
-                error!("Failed to notify pre-exec event: {}", e);
-                std::io::Error::new(std::io::ErrorKind::Other, "Failed to notify pre-exec")
-            })?;
-            Ok(())
-        })
-        .args(cargs.iter())
-        .env_clear()
-        .envs(cfinal_env)
-        .stdin(std::process::Stdio::inherit())
-        .stdout(std::process::Stdio::inherit())
-        .stderr(std::process::Stdio::inherit())
-        .spawn(&pty.pts().expect("Failed to get pts")) };
+    let command = unsafe {
+        Command::new(&execcfg.final_path)
+            .pre_exec(move || {
+                use crate::finder::api::{Api, ApiEvent};
+                Api::notify(ApiEvent::PreExec(&args, &execcfg)).map_err(|e| {
+                    error!("Failed to notify pre-exec event: {}", e);
+                    std::io::Error::new(std::io::ErrorKind::Other, "Failed to notify pre-exec")
+                })?;
+                Ok(())
+            })
+            .args(cargs.iter())
+            .env_clear()
+            .envs(cfinal_env)
+            .stdin(std::process::Stdio::inherit())
+            .stdout(std::process::Stdio::inherit())
+            .stderr(std::process::Stdio::inherit())
+            .spawn(&pty.pts().expect("Failed to get pts"))
+    };
     let mut command = match command {
         Ok(command) => command,
         Err(e) => {
@@ -482,11 +478,23 @@ fn set_capabilities(execcfg: &BestExecSettings) -> SrResult<()> {
 }
 
 fn setuid_setgid(execcfg: &BestExecSettings) -> SrResult<()> {
-    let gid = execcfg.cred.setgroups.as_ref().and_then(|g| g.first().cloned()).map(|g| g.gid.as_raw());
+    let gid = execcfg
+        .cred
+        .setgroups
+        .as_ref()
+        .and_then(|g| g.first().cloned())
+        .map(|g| g.gid.as_raw());
     with_privileges(&[Cap::SETUID, Cap::SETGID], || {
-        capctl::cap_set_ids(execcfg.cred.setuid.as_ref().map(|u| u.uid.as_raw()), gid, execcfg.cred.setgroups.as_ref().map(
-            |g| g.iter().map(|g| g.gid.as_raw()).collect::<Vec<_>>(),
-        ).as_deref())?;
+        capctl::cap_set_ids(
+            execcfg.cred.setuid.as_ref().map(|u| u.uid.as_raw()),
+            gid,
+            execcfg
+                .cred
+                .setgroups
+                .as_ref()
+                .map(|g| g.iter().map(|g| g.gid.as_raw()).collect::<Vec<_>>())
+                .as_deref(),
+        )?;
         Ok(())
     })
     .map_err(|e| {
@@ -497,11 +505,11 @@ fn setuid_setgid(execcfg: &BestExecSettings) -> SrResult<()> {
 
 #[cfg(test)]
 mod tests {
+    use super::finder::de::CredOwnedData;
     use capctl::{Cap, CapSet};
     use libc::getgid;
     use nix::unistd::{getgroups, getuid, Group, Pid, User};
     use rar_common::database::options::SBounding;
-    use super::finder::de::CredOwnedData;
 
     use super::*;
 
@@ -563,7 +571,12 @@ mod tests {
             capset.effective.add(Cap::SETGID);
             capset.set_current().unwrap();
             let execcfg = BestExecSettings::builder()
-                .cred(CredOwnedData::builder().setuid(User::from_uid(1000.into()).unwrap().unwrap()).setgroups(vec![Group::from_gid(1000.into()).unwrap().unwrap()]).build())
+                .cred(
+                    CredOwnedData::builder()
+                        .setuid(User::from_uid(1000.into()).unwrap().unwrap())
+                        .setgroups(vec![Group::from_gid(1000.into()).unwrap().unwrap()])
+                        .build(),
+                )
                 .build();
             setuid_setgid(&execcfg).unwrap();
             assert_eq!(getuid(), execcfg.cred.setuid.unwrap().uid);
