Closed DanielVoogsgerd closed 2 months ago
When you're done with this PR, would you mind taking the trouble of merging it with clippy-fixes
? :upside_down_face:
I can also just push it to main
, but I figured it may be easier to tackle the merge separately.
Will do
Okay, we decided to build all checkers as separate images and specify in node.yml which one we will use.
When you're done with this PR, would you mind taking the trouble of merging it with
clippy-fixes
? 🙃I can also just push it to
main
, but I figured it may be easier to tackle the merge separately.
~Feel free to push the clippy fixes to main (or take the rebased branch on my GH repo). Once that is done we can merge this branch as well (all conflicts have been resolved already)~
I completely linearized the upcoming fixes as they are quite Cargo.toml
heavy.
Note I also included the minimal versions commits as it would conflict otherwise.
You can: Merge the mentioned branches below in the (reverse) order they are mentioned below.
Or (probably easier): Use the rebase merge strategy below.
Current commits ahead of main:
clippy
warningsOK! Thanks! Let's see if I can merge this... hold on...
Oh no, I messed up :joy: I thought I was supposed to merge these myself :#
One job...
Haha, no worries, I can probably get them conflict free again
Oh, are you looking into it? I was already trying to merge it myself, but that's maybe easier :)
They are conflict free again, I recommend a rebase merge strategy right now, that should suffice.
:D
Moves the main.rs eflint reasoner to a separate binary and splits the implementation side from the policy reasoner binary.
Also adds a no_op reasoner which will always grant requests.
Additionally a posix reasoner is added which looks at the posix file permissions of a file and determines using a map structure if the user has the required permissions.
Feel free to check the current implementation, it will need some TLC.
To do:
The main rought edge right now is the mapping between uids and the users in Brane. Ideally, we inject some adapter for different mapping backends e.g. File based (yaml) or LDAP/AD.