Security on Ros2 requires the user to specify the enclave so it can find the security keys needed for the communication at the DDS level. The usual way to specify this is passing --enclave <enclave_info> as an argument to ros on the command line when executing a ros node, however this doesn't seem to be trivial when ros nodes are created by plugins on gzclient.
Using --ros-args --enclave <enclave_info> seems to work for plugins in gzserver but not for gzclient. It would be good to figure out a way to pass the--enclave to ros when usinggzclient.
It seems that libgazebo_ros_init.so might be in charge of this, so it would be good to digg into the code here to see what code path it's taking:
Security on Ros2 requires the user to specify the
enclave
so it can find the security keys needed for the communication at the DDS level. The usual way to specify this is passing--enclave <enclave_info>
as an argument to ros on the command line when executing a ros node, however this doesn't seem to be trivial when ros nodes are created by plugins ongzclient
.Using
--ros-args --enclave <enclave_info>
seems to work for plugins ingzserver
but not forgzclient
. It would be good to figure out a way to pass the--enclave
to ros when usinggzclient
.It seems that
libgazebo_ros_init.so
might be in charge of this, so it would be good to digg into the code here to see what code path it's taking:https://github.com/ros-simulation/gazebo_ros_pkgs/blob/8e3f7d7622fa7422d601010ac34cf4aaf06d4c3c/gazebo_ros/src/gazebo_ros_init.cpp#L140-L146