Running generate_policy fails with "couldn't find all security files!"

[nnmm]

Bug report

Required Info:

• Operating System:
  • Ubuntu 22.04
• Installation type:
  • Compiled from source
• Version or commit hash:
  • ROS 2 rolling, sros2 version is cfd25e7eaf3c8facc3b6b42e84e278b38e8b5eed
• DDS implementation:
  • The default (FastRTPS)
• Client library (if applicable):
  • N/A

Steps to reproduce issue

First, follow the steps from https://github.com/ros2/sros2/blob/rolling/SROS2_Linux.md. With the talker and listener still running (locally), run

export ROS_SECURITY_KEYSTORE=~/sros2_demo/demo_keystore
export ROS_SECURITY_ENABLE=true
export ROS_SECURITY_STRATEGY=Enforce
ros2 security generate_policy --no-daemon policy.xml

Expected behavior

policy.xml is generated successfully.

Actual behavior

The ros2 command prints

[INFO] [1657718034.789617476] [rcl]: Found security directory: /home/user/sros2_demo/demo_keystore/enclaves

>>> [rcutils|error_handling.c:108] rcutils_set_error_state()
This error state is being overwritten:

  'couldn't find all security files!, at /home/user/ros2_rolling/src/ros2/rmw_fastrtps/rmw_fastrtps_shared_cpp/src/participant.cpp:274, at /home/user/ros2_rolling/src/ros2/rcl/rcl/src/rcl/node.c:263'

with this new error message:

  'rcl node's rmw handle is invalid, at /home/user/ros2_rolling/src/ros2/rcl/rcl/src/rcl/node.c:415'

rcutils_reset_error() should be called after error handling to avoid this.
<<<
[ERROR] [1657718034.791679678] [rcl]: Failed to fini publisher for node: 1
error creating node: rcl node's rmw handle is invalid, at /home/user/ros2_rolling/src/ros2/rcl/rcl/src/rcl/node.c:415

I'm not sure if this should be required, but if I create a new enclave ros2cli and export ROS_SECURITY_ENCLAVE_OVERRIDE=/ros2cli, I get

[INFO] [1657718177.218017161] [rcl]: Found security directory: /home/nikolai.morin/sros2_demo/demo_keystore/enclaves/ros2cli
No nodes detected in the ROS graph. No policy file was generated.

and the talker and listener print

2022-07-13 15:16:17.239 [RTPS_EDP Error] Security manager returns an error for writer da.f7.10.ce.d9.77.9f.18.65.1e.f3.b1|ff.0.3.c7 -> Function assignRemoteEndpoints
2022-07-13 15:16:17.239 [RTPS_EDP Error] Security manager returns an error for writer da.f7.10.ce.d9.77.9f.18.65.1e.f3.b1|ff.0.4.c7 -> Function assignRemoteEndpoints

implemented and pros and cons of the different solutions -->

[mikaelarguedas]

Almost 2 years after but https://github.com/ros2/sros2/pull/295 provides a use case for providing enclave to ros2cli