Skip to content

apply bounding for containers #156

apply bounding for containers

apply bounding for containers #156

Triggered via push March 14, 2024 10:41
Status Success
Total duration 3m 22s
Artifacts

build.yml

on: push
Fit to window
Zoom out
Zoom in

Annotations

102 warnings
use of `expect` followed by a function call: src/sr/main.rs#L378
warning: use of `expect` followed by a function call --> src/sr/main.rs:378:34 | 378 | setpcap_effective(false).expect(&cap_effective_error("setpcap")); | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try: `unwrap_or_else(|_| { panic!("{}", cap_effective_error("setpcap")) })` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#expect_fun_call
use of `expect` followed by a function call: src/sr/main.rs#L374
warning: use of `expect` followed by a function call --> src/sr/main.rs:374:39 | 374 | capctl::bounding::clear().expect(&cap_effective_error("setpcap")); | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try: `unwrap_or_else(|_| { panic!("{}", cap_effective_error("setpcap")) })` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#expect_fun_call
use of `expect` followed by a function call: src/sr/main.rs#L370
warning: use of `expect` followed by a function call --> src/sr/main.rs:370:34 | 370 | setpcap_effective(false).expect(&cap_effective_error("setpcap")); | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try: `unwrap_or_else(|_| { panic!("{}", cap_effective_error("setpcap")) })` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#expect_fun_call
use of `expect` followed by a function call: src/sr/main.rs#L353
warning: use of `expect` followed by a function call --> src/sr/main.rs:353:29 | 353 | setuid_effective(false).expect(&cap_effective_error("setuid")); | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try: `unwrap_or_else(|_| { panic!("{}", cap_effective_error("setuid")) })` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#expect_fun_call
called `.as_ref().map(|g| g.as_slice())` on an `Option` value: src/sr/main.rs#L351
warning: called `.as_ref().map(|g| g.as_slice())` on an `Option` value --> src/sr/main.rs:351:35 | 351 | capctl::cap_set_ids(uid, gid, groups.as_ref().map(|g| g.as_slice())) | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try using as_deref instead: `groups.as_deref()` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#option_as_ref_deref = note: `#[warn(clippy::option_as_ref_deref)]` on by default
use of `expect` followed by a function call: src/sr/main.rs#L350
warning: use of `expect` followed by a function call --> src/sr/main.rs:350:28 | 350 | setuid_effective(true).expect(&cap_effective_error("setuid")); | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try: `unwrap_or_else(|_| { panic!("{}", cap_effective_error("setuid")) })` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#expect_fun_call
this expression creates a reference which is immediately dereferenced by the compiler: src/sr/main.rs#L324
warning: this expression creates a reference which is immediately dereferenced by the compiler --> src/sr/main.rs:324:25 | 324 | User::from_name(&u) | ^^ help: change this to: `u` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow = note: `#[warn(clippy::needless_borrow)]` on by default
use of `expect` followed by a function call: src/sr/main.rs#L274
warning: use of `expect` followed by a function call --> src/sr/main.rs:274:35 | 274 | dac_override_effective(false).expect(&cap_effective_error("dac_override")); | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try: `unwrap_or_else(|_| { panic!("{}", cap_effective_error("dac_override")) })` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#expect_fun_call
use of `expect` followed by a function call: src/sr/main.rs#L263
warning: use of `expect` followed by a function call --> src/sr/main.rs:263:34 | 263 | dac_override_effective(true).expect(&cap_effective_error("dac_override")); | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try: `unwrap_or_else(|_| { panic!("{}", cap_effective_error("dac_override")) })` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#expect_fun_call
use of `expect` followed by a function call: src/sr/main.rs#L224
warning: use of `expect` followed by a function call --> src/sr/main.rs:224:10 | 224 | .expect(&cap_effective_error("dac_read_search or dac_override")); | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try: `unwrap_or_else(|_| { panic!("{}", cap_effective_error("dac_read_search or dac_override")) })` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#expect_fun_call
use of `expect` followed by a function call: src/sr/main.rs#L220
warning: use of `expect` followed by a function call --> src/sr/main.rs:220:10 | 220 | .expect(&cap_effective_error("dac_read_search or dac_override")); | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try: `unwrap_or_else(|_| { panic!("{}", cap_effective_error("dac_read_search or dac_override")) })` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#expect_fun_call = note: `#[warn(clippy::expect_fun_call)]` on by default
accessing first element with `manager .roles .as_ref() .borrow() .roles.get(0)`: src/chsr/state/role.rs#L135
warning: accessing first element with `manager .roles .as_ref() .borrow() .roles.get(0)` --> src/chsr/state/role.rs:135:17 | 135 | / manager 136 | | .roles 137 | | .as_ref() 138 | | .borrow() 139 | | .roles 140 | | .get(0) | |___________________________^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#get_first = note: `#[warn(clippy::get_first)]` on by default help: try | 135 ~ manager 136 + .roles 137 + .as_ref() 138 + .borrow() 139 + .roles.first() |
stripping a prefix manually: src/sr/main.rs#L80
warning: stripping a prefix manually --> src/sr/main.rs:80:9 | 80 | &tzval[1..] | ^^^^^^^^^^^ | note: the prefix was tested here --> src/sr/main.rs:79:17 | 79 | let tzval = if tzval.starts_with(':') { | ^^^^^^^^^^^^^^^^^^^^^^^^^^ = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#manual_strip = note: `#[warn(clippy::manual_strip)]` on by default help: try using the `strip_prefix` method | 79 ~ let tzval = if let Some(<stripped>) = tzval.strip_prefix(':') { 80 ~ <stripped> |
name `PPID` contains a capitalized acronym: src/sr/timeout.rs#L58
warning: name `PPID` contains a capitalized acronym --> src/sr/timeout.rs:58:5 | 58 | PPID(pid_t), | ^^^^ help: consider making the acronym lowercase, except the initial letter: `Ppid` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#upper_case_acronyms
name `TTY` contains a capitalized acronym: src/sr/timeout.rs#L57
warning: name `TTY` contains a capitalized acronym --> src/sr/timeout.rs:57:5 | 57 | TTY(dev_t), | ^^^ help: consider making the acronym lowercase, except the initial letter: `Tty` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#upper_case_acronyms
useless conversion to the same type: `sxd_document::dom::Element<'_>`: src/chsr/../config/mod.rs#L131
warning: useless conversion to the same type: `sxd_document::dom::Element<'_>` --> src/chsr/../config/mod.rs:131:15 | 131 | f(element.into())?; | ^^^^^^^^^^^^^^ help: consider removing `.into()`: `element` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#useless_conversion = note: `#[warn(clippy::useless_conversion)]` on by default
name `PPID` contains a capitalized acronym: src/sr/timeout.rs#L29
warning: name `PPID` contains a capitalized acronym --> src/sr/timeout.rs:29:5 | 29 | PPID, | ^^^^ help: consider making the acronym lowercase, except the initial letter: `Ppid` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#upper_case_acronyms
name `TTY` contains a capitalized acronym: src/sr/timeout.rs#L27
warning: name `TTY` contains a capitalized acronym --> src/sr/timeout.rs:27:5 | 27 | TTY, | ^^^ help: consider making the acronym lowercase, except the initial letter: `Tty` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#upper_case_acronyms = note: `#[warn(clippy::upper_case_acronyms)]` on by default
`if` chain can be rewritten with `match`: src/sr/finder.rs#L624
warning: `if` chain can be rewritten with `match` --> src/sr/finder.rs:624:9 | 624 | / if nmatch == 1 { 625 | | Ok(min_task) 626 | | } else if nmatch > 1 { 627 | | Err(MatchError::Conflict) 628 | | } else { 629 | | Err(MatchError::NoMatch) 630 | | } | |_________^ | = help: consider rewriting the `if` chain to use `cmp` and `match` = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#comparison_chain = note: `#[warn(clippy::comparison_chain)]` on by default
very complex type used. Consider factoring parts into `type` definitions: src/chsr/../config/version.rs#L16
warning: very complex type used. Consider factoring parts into `type` definitions --> src/chsr/../config/version.rs:16:11 | 16 | down: fn(&Self, &Document) -> Result<(), Box<dyn Error>>, | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#type_complexity
very complex type used. Consider factoring parts into `type` definitions: src/chsr/../config/version.rs#L15
warning: very complex type used. Consider factoring parts into `type` definitions --> src/chsr/../config/version.rs:15:9 | 15 | up: fn(&Self, &Document) -> Result<(), Box<dyn Error>>, | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#type_complexity = note: `#[warn(clippy::type_complexity)]` on by default
using `clone` on type `CapSet` which implements the `Copy` trait: src/chsr/../config/structs.rs#L413
warning: using `clone` on type `CapSet` which implements the `Copy` trait --> src/chsr/../config/structs.rs:413:13 | 413 | self.denied_caps.as_ref().unwrap().clone() | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try dereferencing it: `*self.denied_caps.as_ref().unwrap()` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#clone_on_copy = note: `#[warn(clippy::clone_on_copy)]` on by default
you seem to be trying to use `match` for destructuring a single pattern. Consider using `if let`: src/chsr/../config/structs.rs#L345
warning: you seem to be trying to use `match` for destructuring a single pattern. Consider using `if let` --> src/chsr/../config/structs.rs:345:21 | 345 | / match nix::unistd::Group::from_name(group) { 346 | | Ok(Some(nixgroup)) => { 347 | | vgroups.push(nixgroup); 348 | | } 349 | | _ => (), 350 | | }; | |_____________________^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#single_match = note: `#[warn(clippy::single_match)]` on by default help: try | 345 ~ if let Ok(Some(nixgroup)) = nix::unistd::Group::from_name(group) { 346 + vgroups.push(nixgroup); 347 ~ }; |
this creates an owned instance just for comparison: src/chsr/../config/save.rs#L608
warning: this creates an owned instance just for comparison --> src/chsr/../config/save.rs:608:35 | 608 | } else if *child.text().unwrap().text() | ___________________________________^ 609 | | != self.wildcard_denied.as_ref().unwrap().to_string() | |_________________________________________________________________________________^ try implementing the comparison without allocating | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#cmp_owned
this creates an owned instance just for comparison: src/chsr/../config/save.rs#L553
warning: this creates an owned instance just for comparison --> src/chsr/../config/save.rs:553:35 | 553 | } else if *child | ___________________________________^ 554 | | .text() 555 | | .ok_or::<Box<dyn Error>>( 556 | | "Unable to retrieve env_checklist Text".into(), 557 | | )? 558 | | .text() 559 | | != self.env_checklist.as_ref().unwrap().to_string() | |_______________________________________________________________________________^ try implementing the comparison without allocating | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#cmp_owned
this creates an owned instance just for comparison: src/chsr/../config/save.rs#L536
warning: this creates an owned instance just for comparison --> src/chsr/../config/save.rs:536:35 | 536 | } else if *child | ___________________________________^ 537 | | .text() 538 | | .ok_or::<Box<dyn Error>>( 539 | | "Unable to retrieve env_whitelist Text".into(), 540 | | )? 541 | | .text() 542 | | != self.env_whitelist.as_ref().unwrap().to_string() | |_______________________________________________________________________________^ try implementing the comparison without allocating | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#cmp_owned = note: `#[warn(clippy::cmp_owned)]` on by default
this lifetime isn't used in the impl: src/sr/finder.rs#L167
warning: this lifetime isn't used in the impl --> src/sr/finder.rs:167:6 | 167 | impl<'a> Ord for Score { | ^^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#extra_unused_lifetimes
this lifetime isn't used in the impl: src/sr/finder.rs#L161
warning: this lifetime isn't used in the impl --> src/sr/finder.rs:161:6 | 161 | impl<'a> PartialOrd for Score { | ^^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#extra_unused_lifetimes
all variants have the same postfix: `Match`: src/sr/finder.rs#L88
warning: all variants have the same postfix: `Match` --> src/sr/finder.rs:88:1 | 88 | / enum UserMin { 89 | | UserMatch, 90 | | GroupMatch(usize), 91 | | NoMatch, 92 | | } | |_^ | = help: remove the postfixes and use full paths to the variants instead of glob imports = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#enum_variant_names = note: `#[warn(clippy::enum_variant_names)]` on by default
this lifetime isn't used in the impl: src/sr/finder.rs#L44
warning: this lifetime isn't used in the impl --> src/sr/finder.rs:44:6 | 44 | impl<'a> Error for MatchError { | ^^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#extra_unused_lifetimes
this lifetime isn't used in the impl: src/sr/finder.rs#L35
warning: this lifetime isn't used in the impl --> src/sr/finder.rs:35:6 | 35 | impl<'a> Display for MatchError { | ^^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#extra_unused_lifetimes
useless conversion to the same type: `sxd_document::dom::Element<'_>`: src/sr/../config/mod.rs#L131
warning: useless conversion to the same type: `sxd_document::dom::Element<'_>` --> src/sr/../config/mod.rs:131:15 | 131 | f(element.into())?; | ^^^^^^^^^^^^^^ help: consider removing `.into()`: `element` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#useless_conversion = note: `#[warn(clippy::useless_conversion)]` on by default
this lifetime isn't used in the function definition: src/chsr/../config/load.rs#L257
warning: this lifetime isn't used in the function definition --> src/chsr/../config/load.rs:257:22 | 257 | pub fn load_document<'a, P>(filename: &P, validate: bool) -> Result<Package, Box<dyn Error>> | ^^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#extra_unused_lifetimes = note: `#[warn(clippy::extra_unused_lifetimes)]` on by default
very complex type used. Consider factoring parts into `type` definitions: src/sr/../config/version.rs#L16
warning: very complex type used. Consider factoring parts into `type` definitions --> src/sr/../config/version.rs:16:11 | 16 | down: fn(&Self, &Document) -> Result<(), Box<dyn Error>>, | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#type_complexity
very complex type used. Consider factoring parts into `type` definitions: src/sr/../config/version.rs#L15
warning: very complex type used. Consider factoring parts into `type` definitions --> src/sr/../config/version.rs:15:9 | 15 | up: fn(&Self, &Document) -> Result<(), Box<dyn Error>>, | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#type_complexity = note: `#[warn(clippy::type_complexity)]` on by default
using `clone` on type `CapSet` which implements the `Copy` trait: src/sr/../config/structs.rs#L413
warning: using `clone` on type `CapSet` which implements the `Copy` trait --> src/sr/../config/structs.rs:413:13 | 413 | self.denied_caps.as_ref().unwrap().clone() | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try dereferencing it: `*self.denied_caps.as_ref().unwrap()` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#clone_on_copy = note: `#[warn(clippy::clone_on_copy)]` on by default
you seem to be trying to use `match` for destructuring a single pattern. Consider using `if let`: src/sr/../config/structs.rs#L345
warning: you seem to be trying to use `match` for destructuring a single pattern. Consider using `if let` --> src/sr/../config/structs.rs:345:21 | 345 | / match nix::unistd::Group::from_name(group) { 346 | | Ok(Some(nixgroup)) => { 347 | | vgroups.push(nixgroup); 348 | | } 349 | | _ => (), 350 | | }; | |_____________________^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#single_match = note: `#[warn(clippy::single_match)]` on by default help: try | 345 ~ if let Ok(Some(nixgroup)) = nix::unistd::Group::from_name(group) { 346 + vgroups.push(nixgroup); 347 ~ }; |
this creates an owned instance just for comparison: src/sr/../config/save.rs#L608
warning: this creates an owned instance just for comparison --> src/sr/../config/save.rs:608:35 | 608 | } else if *child.text().unwrap().text() | ___________________________________^ 609 | | != self.wildcard_denied.as_ref().unwrap().to_string() | |_________________________________________________________________________________^ try implementing the comparison without allocating | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#cmp_owned
this creates an owned instance just for comparison: src/sr/../config/save.rs#L553
warning: this creates an owned instance just for comparison --> src/sr/../config/save.rs:553:35 | 553 | } else if *child | ___________________________________^ 554 | | .text() 555 | | .ok_or::<Box<dyn Error>>( 556 | | "Unable to retrieve env_checklist Text".into(), 557 | | )? 558 | | .text() 559 | | != self.env_checklist.as_ref().unwrap().to_string() | |_______________________________________________________________________________^ try implementing the comparison without allocating | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#cmp_owned
this creates an owned instance just for comparison: src/sr/../config/save.rs#L536
warning: this creates an owned instance just for comparison --> src/sr/../config/save.rs:536:35 | 536 | } else if *child | ___________________________________^ 537 | | .text() 538 | | .ok_or::<Box<dyn Error>>( 539 | | "Unable to retrieve env_whitelist Text".into(), 540 | | )? 541 | | .text() 542 | | != self.env_whitelist.as_ref().unwrap().to_string() | |_______________________________________________________________________________^ try implementing the comparison without allocating | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#cmp_owned = note: `#[warn(clippy::cmp_owned)]` on by default
this lifetime isn't used in the function definition: src/sr/../config/load.rs#L257
warning: this lifetime isn't used in the function definition --> src/sr/../config/load.rs:257:22 | 257 | pub fn load_document<'a, P>(filename: &P, validate: bool) -> Result<Package, Box<dyn Error>> | ^^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#extra_unused_lifetimes = note: `#[warn(clippy::extra_unused_lifetimes)]` on by default
function `capabilities_are_exploitable` is never used: src/chsr/../util.rs#L45
warning: function `capabilities_are_exploitable` is never used --> src/chsr/../util.rs:45:8 | 45 | pub fn capabilities_are_exploitable(caps: &CapSet) -> bool { | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
associated function `complete_list` is never used: src/chsr/state/actor.rs#L97
warning: associated function `complete_list` is never used --> src/chsr/state/actor.rs:97:8 | 89 | / impl<T, V> SelectUserState<T, V> 90 | | where 91 | | T: State + Clone + PushableItemState<Users> + 'static, 92 | | V: State + Clone + 'static, | |_______________________________- associated function in this implementation ... 97 | fn complete_list(selected: Option<Vec<String>>) -> Vec<String> { | ^^^^^^^^^^^^^
methods `save_state`, `restore_state`, and `list_roles` are never used: src/chsr/rolemanager.rs#L109
warning: methods `save_state`, `restore_state`, and `list_roles` are never used --> src/chsr/rolemanager.rs:109:12 | 81 | impl RoleContext { | ---------------- methods in this implementation ... 109 | pub fn save_state(&self) { | ^^^^^^^^^^ ... 117 | pub fn restore_state(&mut self) { | ^^^^^^^^^^^^^ ... 127 | pub fn list_roles(&self) { | ^^^^^^^^^^
methods `save` and `restore` are never used: src/chsr/rolemanager.rs#L29
warning: methods `save` and `restore` are never used --> src/chsr/rolemanager.rs:29:12 | 22 | impl RoleContextHistory { | ----------------------- methods in this implementation ... 29 | pub fn save(&mut self, memento: RoleContext) { | ^^^^ ... 33 | pub fn restore(&mut self) -> Option<RoleContext> { | ^^^^^^^
field `mementos` is never read: src/chsr/rolemanager.rs#L19
warning: field `mementos` is never read --> src/chsr/rolemanager.rs:19:5 | 18 | pub struct RoleContextHistory { | ------------------ field in this struct 19 | mementos: Vec<RoleContext>, | ^^^^^^^^ | = note: `RoleContextHistory` has a derived impl for the trait `Debug`, but this is intentionally ignored during dead code analysis
method `in_config` is never used: src/chsr/../config/structs.rs#L270
warning: method `in_config` is never used --> src/chsr/../config/structs.rs:270:12 | 253 | impl<'a> Role<'a> { | ----------------- method in this implementation ... 270 | pub fn in_config(&self) -> bool { | ^^^^^^^^^
function `sxd_sanitize` is never used: src/chsr/../config/save.rs#L46
warning: function `sxd_sanitize` is never used --> src/chsr/../config/save.rs:46:8 | 46 | pub fn sxd_sanitize(element: &mut str) -> String { | ^^^^^^^^^^^^
method `get_from_level` is never used: src/chsr/../config/options.rs#L343
warning: method `get_from_level` is never used --> src/chsr/../config/options.rs:343:12 | 223 | impl<'a> OptStack<'a> { | --------------------- method in this implementation ... 343 | pub fn get_from_level(&self, level: Level, opttype: OptType) -> Option<OptValue> { | ^^^^^^^^^^^^^^
function `capabilities_are_exploitable` is never used: src/chsr/../config/mod.rs#L176
warning: function `capabilities_are_exploitable` is never used --> src/chsr/../config/mod.rs:176:8 | 176 | pub fn capabilities_are_exploitable(caps: &CapSet) -> bool { | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | = note: `#[warn(dead_code)]` on by default
constant `DTD` is never used: src/sr/../xml_version.rs#L5
warning: constant `DTD` is never used --> src/sr/../xml_version.rs:5:11 | 5 | pub const DTD: &'static str = " | ^^^
function `parse_capset` is never used: src/sr/../util.rs#L36
warning: function `parse_capset` is never used --> src/sr/../util.rs:36:8 | 36 | pub fn parse_capset(s: &str) -> Result<CapSet, ParseCapError> { | ^^^^^^^^^^^^
function `parse_capset_iter` is never used: src/sr/../util.rs#L19
warning: function `parse_capset_iter` is never used --> src/sr/../util.rs:19:8 | 19 | pub fn parse_capset_iter<'a, I>(iter: I) -> Result<CapSet, ParseCapError> | ^^^^^^^^^^^^^^^^^
function `capset_to_vec` is never used: src/sr/../util.rs#L14
warning: function `capset_to_vec` is never used --> src/sr/../util.rs:14:8 | 14 | pub fn capset_to_vec(set: &CapSet) -> Vec<String> { | ^^^^^^^^^^^^^
function `capset_to_string` is never used: src/sr/../util.rs#L4
warning: function `capset_to_string` is never used --> src/sr/../util.rs:4:8 | 4 | pub fn capset_to_string(set: &CapSet) -> String { | ^^^^^^^^^^^^^^^^
method `get_description` is never used: src/sr/../config/structs.rs#L451
warning: method `get_description` is never used --> src/sr/../config/structs.rs:451:12 | 430 | impl<'a> Task<'a> { | ----------------- method in this implementation ... 451 | pub fn get_description(&self) -> String { | ^^^^^^^^^^^^^^^
multiple methods are never used: src/sr/../config/structs.rs#L270
warning: multiple methods are never used --> src/sr/../config/structs.rs:270:12 | 253 | impl<'a> Role<'a> { | ----------------- methods in this implementation ... 270 | pub fn in_config(&self) -> bool { | ^^^^^^^^^ ... 279 | pub fn get_task_from_index(&self, index: &usize) -> Option<Rc<RefCell<Task<'a>>>> { | ^^^^^^^^^^^^^^^^^^^ ... 285 | pub fn get_users_info(&self) -> String { | ^^^^^^^^^^^^^^ ... 290 | pub fn get_groups_info(&self) -> String { | ^^^^^^^^^^^^^^^ ... 303 | pub fn get_tasks_info(&self) -> String { | ^^^^^^^^^^^^^^ ... 316 | pub fn get_options_info(&self) -> String { | ^^^^^^^^^^^^^^^^ ... 327 | pub fn get_description(&self) -> String { | ^^^^^^^^^^^^^^^ ... 336 | pub fn remove_task(&mut self, id: IdTask) { | ^^^^^^^^^^^ ... 407 | pub fn capabilities_are_denied(&self, caps: CapSet) -> bool { | ^^^^^^^^^^^^^^^^^^^^^^^ ... 411 | pub fn denied_capabilities(&self) -> CapSet { | ^^^^^^^^^^^^^^^^^^^
field `denied_caps` is never read: src/sr/../config/structs.rs#L184
warning: field `denied_caps` is never read --> src/sr/../config/structs.rs:184:5 | 181 | pub struct Role<'a> { | ---- field in this struct ... 184 | denied_caps: Option<CapSet>, | ^^^^^^^^^^^ | = note: `Role` has derived impls for the traits `Clone` and `Debug`, but these are intentionally ignored during dead code analysis
function `save_config` is never used: src/sr/../config/save.rs#L72
warning: function `save_config` is never used --> src/sr/../config/save.rs:72:8 | 72 | pub fn save_config(filename: &str, config: &Config, lock: bool) -> Result<(), Box<dyn Error>> { | ^^^^^^^^^^^
function `write_xml_config` is never used: src/sr/../config/save.rs#L55
warning: function `write_xml_config` is never used --> src/sr/../config/save.rs:55:4 | 55 | fn write_xml_config(file: &str, content: Option<&[u8]>) -> Result<(), Box<dyn Error>> { | ^^^^^^^^^^^^^^^^
function `sxd_sanitize` is never used: src/sr/../config/save.rs#L46
warning: function `sxd_sanitize` is never used --> src/sr/../config/save.rs:46:8 | 46 | pub fn sxd_sanitize(element: &mut str) -> String { | ^^^^^^^^^^^^
function `toggle_lock_config` is never used: src/sr/../config/save.rs#L25
warning: function `toggle_lock_config` is never used --> src/sr/../config/save.rs:25:4 | 25 | fn toggle_lock_config(file: &str, lock: bool) -> Result<(), String> { | ^^^^^^^^^^^^^^^^^^
constant `FS_IOC_SETFLAGS` is never used: src/sr/../config/save.rs#L23
warning: constant `FS_IOC_SETFLAGS` is never used --> src/sr/../config/save.rs:23:7 | 23 | const FS_IOC_SETFLAGS: u64 = 0x40086602; | ^^^^^^^^^^^^^^^
constant `FS_IOC_GETFLAGS` is never used: src/sr/../config/save.rs#L22
warning: constant `FS_IOC_GETFLAGS` is never used --> src/sr/../config/save.rs:22:7 | 22 | const FS_IOC_GETFLAGS: u64 = 0x80086601; | ^^^^^^^^^^^^^^^
constant `FS_IMMUTABLE_FL` is never used: src/sr/../config/save.rs#L21
warning: constant `FS_IMMUTABLE_FL` is never used --> src/sr/../config/save.rs:21:7 | 21 | const FS_IMMUTABLE_FL: u32 = 0x00000010; | ^^^^^^^^^^^^^^^
multiple methods are never used: src/sr/../config/options.rs#L258
warning: multiple methods are never used --> src/sr/../config/options.rs:258:8 | 223 | impl<'a> OptStack<'a> { | --------------------- methods in this implementation ... 258 | fn save(&mut self) { | ^^^^ ... 277 | pub fn get_level(&self) -> Level { | ^^^^^^^^^ ... 297 | fn get_opt(&self, level: Level) -> Option<Rc<RefCell<Opt>>> { | ^^^^^^^ ... 314 | pub fn get_from_type(&self, opttype: OptType) -> (Level, OptValue) { | ^^^^^^^^^^^^^ ... 343 | pub fn get_from_level(&self, level: Level, opttype: OptType) -> Option<OptValue> { | ^^^^^^^^^^^^^^ ... 385 | pub fn get_path(&self) -> (Level, String) { | ^^^^^^^^ ... 430 | pub fn get_wildcard(&self) -> (Level, String) { | ^^^^^^^^^^^^ ... 440 | fn set_at_level(&mut self, opttype: OptType, value: Option<OptValue>, level: Level) { | ^^^^^^^^^^^^ ... 486 | pub fn set_value(&mut self, opttype: OptType, value: Option<OptValue>) { | ^^^^^^^^^ ... 491 | pub fn get_description(&self, current_level: Level, opttype: OptType) -> String { | ^^^^^^^^^^^^^^^
method `get_description` is never used: src/sr/../config/options.rs#L191
warning: method `get_description` is never used --> src/sr/../config/options.rs:191:12 | 178 | impl Opt { | -------- method in this implementation ... 191 | pub fn get_description(&self) -> String { | ^^^^^^^^^^^^^^^
associated function `item_list_str` is never used: src/sr/../config/options.rs#L111
warning: associated function `item_list_str` is never used --> src/sr/../config/options.rs:111:12 | 110 | impl OptType { | ------------ associated function in this implementation 111 | pub fn item_list_str() -> Vec<(OptType, String)> { | ^^^^^^^^^^^^^
method `get_description` is never used: src/sr/../config/options.rs#L74
warning: method `get_description` is never used --> src/sr/../config/options.rs:74:12 | 73 | impl OptValue { | ------------- method in this implementation 74 | pub fn get_description(&self, opttype: OptType) -> String { | ^^^^^^^^^^^^^^^
method `as_bool` is never used: src/sr/../config/options.rs#L65
warning: method `as_bool` is never used --> src/sr/../config/options.rs:65:12 | 64 | impl OptValue { | ------------- method in this implementation 65 | pub fn as_bool(&self) -> bool { | ^^^^^^^
variants `String` and `Bool` are never constructed: src/sr/../config/options.rs#L51
warning: variants `String` and `Bool` are never constructed --> src/sr/../config/options.rs:51:5 | 50 | pub enum OptValue { | -------- variants in this enum 51 | String(String), | ^^^^^^ 52 | Bool(bool), | ^^^^ | = note: `OptValue` has a derived impl for the trait `Debug`, but this is intentionally ignored during dead code analysis
associated items `from_index` and `as_index` are never used: src/sr/../config/options.rs#L27
warning: associated items `from_index` and `as_index` are never used --> src/sr/../config/options.rs:27:12 | 26 | impl OptType { | ------------ associated items in this implementation 27 | pub fn from_index(index: usize) -> OptType { | ^^^^^^^^^^ ... 37 | pub fn as_index(&self) -> usize { | ^^^^^^^^
variants `Path`, `EnvWhitelist`, `EnvChecklist`, `NoRoot`, `Bounding`, and `Wildcard` are never constructed: src/sr/../config/options.rs#L18
warning: variants `Path`, `EnvWhitelist`, `EnvChecklist`, `NoRoot`, `Bounding`, and `Wildcard` are never constructed --> src/sr/../config/options.rs:18:5 | 17 | pub enum OptType { | ------- variants in this enum 18 | Path, | ^^^^ 19 | EnvWhitelist, | ^^^^^^^^^^^^ 20 | EnvChecklist, | ^^^^^^^^^^^^ 21 | NoRoot, | ^^^^^^ 22 | Bounding, | ^^^^^^^^ 23 | Wildcard, | ^^^^^^^^ | = note: `OptType` has derived impls for the traits `Clone` and `Debug`, but these are intentionally ignored during dead code analysis
function `capabilities_are_exploitable` is never used: src/sr/../config/mod.rs#L176
warning: function `capabilities_are_exploitable` is never used --> src/sr/../config/mod.rs:176:8 | 176 | pub fn capabilities_are_exploitable(caps: &CapSet) -> bool { | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
function `find_executable_in_path` is never used: src/sr/command.rs#L12
warning: function `find_executable_in_path` is never used --> src/sr/command.rs:12:4 | 12 | fn find_executable_in_path(executable: &str) -> Option<PathBuf> { | ^^^^^^^^^^^^^^^^^^^^^^^
function `get_command_abspath_and_args` is never used: src/sr/command.rs#L8
warning: function `get_command_abspath_and_args` is never used --> src/sr/command.rs:8:4 | 8 | fn get_command_abspath_and_args(content: &str) -> Result<Vec<String>, ParseError> { | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
function `setgid_effective` is never used: src/sr/main.rs#L61
warning: function `setgid_effective` is never used --> src/sr/main.rs:61:4 | 61 | fn setgid_effective(enable: bool) -> Result<(), capctl::Error> { | ^^^^^^^^^^^^^^^^ | = note: `#[warn(dead_code)]` on by default
variable does not need to be mutable: src/sr/main.rs#L386
warning: variable does not need to be mutable --> src/sr/main.rs:386:9 | 386 | let mut command = std::process::Command::new(matching.file_exec_path()) | ----^^^^^^^ | | | help: remove this `mut`
unused variable: `err`: src/sr/main.rs#L277
warning: unused variable: `err` --> src/sr/main.rs:277:17 | 277 | Err(err) => { | ^^^ help: if this is intentional, prefix it with an underscore: `_err` | = note: `#[warn(unused_variables)]` on by default
variable does not need to be mutable: src/chsr/../config/load.rs#L55
warning: variable does not need to be mutable --> src/chsr/../config/load.rs:55:13 | 55 | let mut options = rc_options.borrow_mut(); | ----^^^^^^^ | | | help: remove this `mut` | = note: `#[warn(unused_mut)]` on by default
unused import: `borrow::Borrow`: src/chsr/../config/save.rs#L2
warning: unused import: `borrow::Borrow` --> src/chsr/../config/save.rs:2:5 | 2 | borrow::Borrow, collections::HashSet, error::Error, fs::File, io::Write, os::fd::AsRawFd, | ^^^^^^^^^^^^^^
variable does not need to be mutable: src/sr/../config/load.rs#L55
warning: variable does not need to be mutable --> src/sr/../config/load.rs:55:13 | 55 | let mut options = rc_options.borrow_mut(); | ----^^^^^^^ | | | help: remove this `mut` | = note: `#[warn(unused_mut)]` on by default
unused import: `TimeZone`: src/sr/timeout.rs#L10
warning: unused import: `TimeZone` --> src/sr/timeout.rs:10:14 | 10 | use chrono::{TimeZone, Utc}; | ^^^^^^^^
unused import: `borrow::Borrow`: src/sr/../config/save.rs#L2
warning: unused import: `borrow::Borrow` --> src/sr/../config/save.rs:2:5 | 2 | borrow::Borrow, collections::HashSet, error::Error, fs::File, io::Write, os::fd::AsRawFd, | ^^^^^^^^^^^^^^
use of deprecated associated function `chrono::TimeDelta::seconds`: Use `TimeDelta::try_seconds` instead: src/chsr/../config/structs.rs#L213
warning: use of deprecated associated function `chrono::TimeDelta::seconds`: Use `TimeDelta::try_seconds` instead --> src/chsr/../config/structs.rs:213:31 | 213 | offset: Duration::seconds(0), | ^^^^^^^
use of deprecated associated function `chrono::TimeDelta::seconds`: Use `TimeDelta::try_seconds` instead: src/sr/../config/structs.rs#L213
warning: use of deprecated associated function `chrono::TimeDelta::seconds`: Use `TimeDelta::try_seconds` instead --> src/sr/../config/structs.rs:213:31 | 213 | offset: Duration::seconds(0), | ^^^^^^^
use of deprecated associated function `chrono::TimeDelta::seconds`: Use `TimeDelta::try_seconds` instead: src/chsr/../config/load.rs#L219
warning: use of deprecated associated function `chrono::TimeDelta::seconds`: Use `TimeDelta::try_seconds` instead --> src/chsr/../config/load.rs:219:27 | 219 | Duration::seconds(timestamp.parse::<i64>()?); | ^^^^^^^ | = note: `#[warn(deprecated)]` on by default
use of deprecated associated function `chrono::TimeDelta::seconds`: Use `TimeDelta::try_seconds` instead: src/sr/../config/load.rs#L219
warning: use of deprecated associated function `chrono::TimeDelta::seconds`: Use `TimeDelta::try_seconds` instead --> src/sr/../config/load.rs:219:27 | 219 | Duration::seconds(timestamp.parse::<i64>()?); | ^^^^^^^ | = note: `#[warn(deprecated)]` on by default
unused imports: `setegid`, `seteuid`, `setgroups`: src/sr/main.rs#L20
warning: unused imports: `setegid`, `seteuid`, `setgroups` --> src/sr/main.rs:20:41 | 20 | unistd::{getgroups, getuid, isatty, setegid, seteuid, setgroups, Group, User}, | ^^^^^^^ ^^^^^^^ ^^^^^^^^^
constants have by default a `'static` lifetime: src/sr/../xml_version.rs#L5
warning: constants have by default a `'static` lifetime --> src/sr/../xml_version.rs:5:17 | 5 | pub const DTD: &'static str = " | -^^^^^^^---- help: consider removing `'static`: `&str` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#redundant_static_lifetimes
constants have by default a `'static` lifetime: src/sr/../xml_version.rs#L4
warning: constants have by default a `'static` lifetime --> src/sr/../xml_version.rs:4:29 | 4 | pub const PACKAGE_VERSION: &'static str = "3.0.0-alpha.3"; | -^^^^^^^---- help: consider removing `'static`: `&str` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#redundant_static_lifetimes = note: `#[warn(clippy::redundant_static_lifetimes)]` on by default
unused import: `tracing::warn`: src/sr/../util.rs#L2
warning: unused import: `tracing::warn` --> src/sr/../util.rs:2:5 | 2 | use tracing::warn; | ^^^^^^^^^^^^^ | = note: `#[warn(unused_imports)]` on by default
constants have by default a `'static` lifetime: src/chsr/../xml_version.rs#L5
warning: constants have by default a `'static` lifetime --> src/chsr/../xml_version.rs:5:17 | 5 | pub const DTD: &'static str = " | -^^^^^^^---- help: consider removing `'static`: `&str` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#redundant_static_lifetimes
constants have by default a `'static` lifetime: src/chsr/../xml_version.rs#L4
warning: constants have by default a `'static` lifetime --> src/chsr/../xml_version.rs:4:29 | 4 | pub const PACKAGE_VERSION: &'static str = "3.0.0-alpha.3"; | -^^^^^^^---- help: consider removing `'static`: `&str` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#redundant_static_lifetimes = note: `#[warn(clippy::redundant_static_lifetimes)]` on by default
unused import: `tracing::warn`: src/chsr/../util.rs#L2
warning: unused import: `tracing::warn` --> src/chsr/../util.rs:2:5 | 2 | use tracing::warn; | ^^^^^^^^^^^^^ | = note: `#[warn(unused_imports)]` on by default
this `else` branch is empty: src/chsr/state/actor.rs#L194
warning: this `else` branch is empty --> src/chsr/state/actor.rs:194:7 | 194 | } else { | _______^ 195 | | } | |_____^ help: you can remove it | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#needless_else = note: `#[warn(clippy::needless_else)]` on by default
unused doc comment: src/chsr/../config/version.rs#L166
warning: unused doc comment --> src/chsr/../config/version.rs:166:9 | 166 | / /// Downgrade from 3.0.0-alpha.3 to 3.0.0-alpha.2 167 | | /// The timestamp-timeout attribute is removed from the root element. 168 | | /// The version attribute is set to 3.0.0-alpha.2 169 | | /// The parents, denied-capabilities and incompatible-with attributes are removed from the role element. | |________________________________________________________________________________________________________________^ 170 | / down: |s: &Migration, doc| { 171 | | do_in_main_element(doc, "rootasrole", |main| { 172 | | set_to_version(&main, &s.from()); 173 | | if let Some(a) = main.attribute("timestamp-timeout") { ... | 189 | | Ok(()) 190 | | }, | |_________- rustdoc does not generate documentation for expression fields | = help: use `//` for a plain comment
unused doc comment: src/chsr/../config/version.rs#L149
warning: unused doc comment --> src/chsr/../config/version.rs:149:9 | 149 | / /// Upgrade from 3.0.0-alpha.2 to 3.0.0-alpha.3 150 | | /// The version attribute is set to 3.0.0-alpha.3 | |_________________________________________________________^ 151 | / up: |m, doc| { 152 | | do_in_main_element(doc, "rootasrole", |main| { 153 | | set_to_version(&main, &m.to()); 154 | | foreach_inner_elements_names( ... | 164 | | Ok(()) 165 | | }, | |_________- rustdoc does not generate documentation for expression fields | = help: use `//` for a plain comment = note: `#[warn(unused_doc_comments)]` on by default
unused doc comment: src/sr/../config/version.rs#L166
warning: unused doc comment --> src/sr/../config/version.rs:166:9 | 166 | / /// Downgrade from 3.0.0-alpha.3 to 3.0.0-alpha.2 167 | | /// The timestamp-timeout attribute is removed from the root element. 168 | | /// The version attribute is set to 3.0.0-alpha.2 169 | | /// The parents, denied-capabilities and incompatible-with attributes are removed from the role element. | |________________________________________________________________________________________________________________^ 170 | / down: |s: &Migration, doc| { 171 | | do_in_main_element(doc, "rootasrole", |main| { 172 | | set_to_version(&main, &s.from()); 173 | | if let Some(a) = main.attribute("timestamp-timeout") { ... | 189 | | Ok(()) 190 | | }, | |_________- rustdoc does not generate documentation for expression fields | = help: use `//` for a plain comment
unused doc comment: src/sr/../config/version.rs#L149
warning: unused doc comment --> src/sr/../config/version.rs:149:9 | 149 | / /// Upgrade from 3.0.0-alpha.2 to 3.0.0-alpha.3 150 | | /// The version attribute is set to 3.0.0-alpha.3 | |_________________________________________________________^ 151 | / up: |m, doc| { 152 | | do_in_main_element(doc, "rootasrole", |main| { 153 | | set_to_version(&main, &m.to()); 154 | | foreach_inner_elements_names( ... | 164 | | Ok(()) 165 | | }, | |_________- rustdoc does not generate documentation for expression fields | = help: use `//` for a plain comment = note: `#[warn(unused_doc_comments)]` on by default
called `.nth(0)` on a `std::iter::Iterator`, when `.next()` is equivalent: build.rs#L137
warning: called `.nth(0)` on a `std::iter::Iterator`, when `.next()` is equivalent --> build.rs:137:25 | 137 | let mut s = line.split("(V").nth(0).unwrap().to_string(); | ^^^^^^^^^^^^^^^^^^^^^^^ help: try calling `.next()` instead of `.nth(0)`: `line.split("(V").next()` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#iter_nth_zero = note: `#[warn(clippy::iter_nth_zero)]` on by default
build
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.