Projects/muscl
12
5
Fork 0
Code Issues 76 Pull Requests Actions Packages Releases 1 Activity
211 Commits 6 Branches 1 Tag
bb768c393f12299bfe0639b82f4e56da5172aeb7
Commit Graph

132 Commits

Author SHA1 Message Date
oysteikt 30d02775c2 Make compile-time feature for SUID/SGID mode
Build / check (push) Successful in 1m27s
Details
Build / build (push) Successful in 2m46s
Details
Build / docs (push) Successful in 6m33s
Details
2025-11-11 00:28:34 +09:00
oysteikt c2dcd40442 cargo fmt
Build / check (push) Successful in 11m49s
Details
Build / build (push) Successful in 12m51s
Details
Build / docs (push) Has been cancelled
Details
2025-11-10 23:50:55 +09:00
oysteikt c6d3bbca6f Add warning comments for functions running as SUID/SGID
Build / check (push) Failing after 5m22s
Details
Build / build (push) Successful in 14m47s
Details
Build / docs (push) Successful in 15m41s
Details
2025-11-10 12:11:24 +09:00
oysteikt d932b57aaa Use multithreaded tokio runtime for external server
Build / check (push) Failing after 5m19s
Details
Build / build (push) Successful in 13m21s
Details
Build / docs (push) Successful in 18m22s
Details
2025-11-10 01:28:01 +09:00
oysteikt f90e60d856 server: don't unset NOTIFY_SOCKET on enabling watchdog 2025-11-10 01:06:37 +09:00
oysteikt 46c5d372b2 Deduplicate common username/group prefixes in error msg
Build / check (push) Failing after 5m20s
Details
Build / build (push) Successful in 12m54s
Details
Build / docs (push) Successful in 16m35s
Details
2025-11-10 00:50:36 +09:00
oysteikt 9e23f03ca2 Use non-templated systemd service 
The previous setup was broken

This commit also adds some code to check that the database connection is
valid before it starts, as well as refactors the code that splits
between starting and external or internal server.
 2025-11-10 00:38:26 +09:00
oysteikt bd4791dc17 Check that executable is not SUID/SGID for unrelated subcommands 2025-11-10 00:33:53 +09:00
oysteikt c2d22ee7f8 flake.lock: bump, Cargo.lock: bump, Cargo.toml: update inputs, format, etc
Build / build (push) Has been cancelled
Details
Build / check (push) Has been cancelled
Details
Build / docs (push) Has been cancelled
Details
2025-05-07 10:39:10 +02:00
oysteikt a0be0d3b92 Wrap database users and database names in newtypes 
Also, use less cloning where possible
 2024-08-20 17:46:43 +02:00
oysteikt 338694a64e Add more --json flags 2024-08-20 17:46:43 +02:00
oysteikt cdb1fb4181 Integrate better with systemd + better logs and protocol usage 
This commits adds the following:

- Better systemd integration and usage:
  - More hardening
  - A watchdog thread
  - Journald native logging

as well as

- Better logs
- Some protocol usage fixes
 2024-08-20 17:46:40 +02:00
oysteikt e993644844 core/database_privileges: test edit-db-privs -p parser 2024-08-19 19:26:27 +02:00
oysteikt 0ce90ab42a list-db -> show-db 2024-08-19 18:58:26 +02:00
oysteikt 51302d75f0 create-users: default to setting no password in prompt 2024-08-19 18:06:47 +02:00
oysteikt b21aa0eece Fix sql regex to work like ownership validation 2024-08-19 17:59:13 +02:00
oysteikt d1d06514a9 cargo fmt + clippy 2024-08-19 17:52:16 +02:00
oysteikt 3556eb37ea Dont drop privs as server 2024-08-19 17:46:08 +02:00
oysteikt 20669569f3 Fix binary collation issues for privs as well 
Ref #66
 2024-08-19 17:44:21 +02:00
oysteikt ed12a3153b server/config: revamp 
- Adds options `socket_path` and `password_file`
 2024-08-19 16:57:25 +02:00
oysteikt 48240489a7 Have server notify the client about db connection errors 2024-08-19 16:57:24 +02:00
oysteikt 8fdfe457ac Remove a few TODOs, either solved or converted to issue 2024-08-19 02:43:05 +02:00
oysteikt 807017ea70 add shell completion 2024-08-19 02:23:31 +02:00
oysteikt 5d049390b8 passwd-user: check for user existence before password input 2024-08-19 00:49:20 +02:00
oysteikt a6f00d4313 Ensure user/db prefix has a _ behind it 2024-08-19 00:48:13 +02:00
oysteikt cd0b2c3e6d sd_notify(ready) 2024-08-19 00:13:22 +02:00
oysteikt 93469a6e84 Add more serverside logging 2024-08-19 00:11:11 +02:00
oysteikt e4da639d5c Fix sqlx parse error 2024-08-19 00:09:27 +02:00
oysteikt daa8e069d3 Fix sql statement for show-user 2024-08-18 22:57:01 +02:00
oysteikt 86b5b47f1e Add some logging 2024-08-18 22:26:00 +02:00
oysteikt 9d88c95f33 Fix systemd socket activation 2024-08-18 22:24:28 +02:00
oysteikt 53f19b3d05 Replace socket authentication mechanism with SO_PEERCRED 2024-08-18 22:22:58 +02:00
oysteikt 94c9a54c14 Bump all deps, fix db connection closing issues 2024-08-18 01:33:55 +02:00
oysteikt 168f832aec Readd "databases where user has privileges" to show-user 2024-08-18 00:17:55 +02:00
oysteikt f957bbd9da Don't validate prefixes and postfixes for db item ownership 2024-08-17 22:30:30 +02:00
oysteikt 54a38255e6 privs editor: "New user" ->"Previously unprivileged" 2024-08-17 21:27:46 +02:00
oysteikt 466d4a8b96 Use db name as example for privs editor 2024-08-17 21:24:59 +02:00
oysteikt af86893acf Rewrite entire codebase to split into client and server 2024-08-17 20:21:05 +02:00
oysteikt 20e60ca5c7 Add protocol for authenticating a unix socket 2024-08-09 19:09:04 +02:00
oysteikt e420c1f4d5 edit-db-privs: display diffs and ask before commiting 2024-08-08 21:48:41 +02:00
oysteikt 7ee60dacdc Misc fixups to priv diff logic, add tests 2024-08-08 21:02:25 +02:00
oysteikt 8a91e9a3d0 core/database_operations: replace single field struct with sqlx unwrap 2024-08-08 19:45:28 +02:00
oysteikt e2193f47c1 Only pass the mysql config portion when connecting 2024-08-08 19:40:57 +02:00
oysteikt 39a3f8ffd1 core/common: make testable, fix some status messages 2024-08-08 19:30:42 +02:00
oysteikt 69870147f5 Add a few more status prints to the commands 2024-08-08 00:56:30 +02:00
oysteikt f78c88517f Add lock-user and unlock-user 2024-08-08 00:53:26 +02:00
oysteikt 7e71b5071f Report back more detailed results from commands 2024-08-07 23:33:07 +02:00
oysteikt 21c1f8cc87 Fix clippy warnings 2024-08-07 23:10:37 +02:00
oysteikt 011bcf9edc More spring cleaning for privs, add test 2024-08-07 23:00:38 +02:00
oysteikt 1bb1c133e8 Consistently name db connection connection 2024-08-07 21:54:13 +02:00