v3.0.0-alpha.4

.github/workflows/build.yml

@@ -16,6 +16,7 @@ jobs:
       run: sudo apt-get update
     - name: Install Dependencies
       run: |
+        sudo ./dependencies.sh -yd
         sudo ./configure.sh -yd
         echo "/home/runner/.cargo/bin" >> $GITHUB_PATH
     - name: Configure PAM
@@ -31,14 +32,14 @@ jobs:
         session requisite                   pam_permit.so
         session required                    pam_permit.so" | tee /etc/pam.d/sr'
     - name: Add read access on config on rootasrole... Because Github Actions...
-      run: sudo chmod a+r /etc/security/rootasrole.xml
+      run: sudo chmod a+r /etc/security/rootasrole.json
     - name: print config
-      run: cat /etc/security/rootasrole.xml
+      run: cat /etc/security/rootasrole.json
     - name: getenv
       run: env
     - name: Install Project
       run: sudo -E make -e install
     - name: Run Sr
       run: /usr/bin/sr -h
-    - name: Run Chsr
-      run: /usr/bin/chsr -h
+    - name: Run Chsr with sr
+      run: sr /usr/bin/chsr -h

.github/workflows/quality.yml

@@ -38,8 +38,11 @@ jobs:
           toolchain: stable
           components: clippy
           override: true
-      
+
       - name: Install Dependencies
+        run: sudo ./dependencies.sh -yd
+
+      - name: Configure
         run: sudo ./configure.sh -yd
 
       # if pull request review only

.github/workflows/tests.yml

@@ -26,6 +26,9 @@ jobs:
       run: cargo install grcov
 
     - name: Install Dependencies
+      run: sudo ./dependencies.sh -yd
+
+    - name: Install file configuration
       run: sudo ./configure.sh -yd
 
     - name: run tests with coverage

.gitignore

@@ -8,6 +8,7 @@
 *.elf
 *.ll
 *.pyc
+*.profraw
 
 # Linker output
 *.ilk

.vscode/settings.json

@@ -27,7 +27,7 @@
         "typeinfo": "c"
     },
     "rust-analyzer.linkedProjects": [
-        "sudoers-reader/Cargo.toml",
+        //"sudoers-reader/Cargo.toml",
         "Cargo.toml",
         "./capable/Cargo.toml"
     ],

Cargo.toml

@@ -3,10 +3,20 @@ members = ["xtask", "capable", "capable-common"]
 
 [package]
 name = "RootAsRole"
-version = "3.0.0-alpha.3"
+version = "3.0.0-alpha.4"
+rust-version = "1.74.1"
 authors = ["Eddie Billoir <[email protected]>"]
 edition = "2021"
 default-run = "sr"
+description = "RootAsRole is an alternative to sudo that uses Linux capabilities and RBAC for scalability."
+license-file = "LICENSE"
+repository = "https://github.com/LeChatP/RootAsRole"
+keywords = ["sudo", "capabilities", "rbac", "linux", "security"]
+categories = ["command-line-utilities", "os::linux-apis", "config"]
+
+[badges]
+maintainance ={ status = "actively-maintained", badge = "https://img.shields.io/badge/maintenance-actively%20maintained-brightgreen.svg" }
+
 
 #[features]
 #cursive_lib = [ "cursive" ]
@@ -22,34 +32,51 @@ name = "chsr"
 path = "src/chsr/main.rs"
 
 [build-dependencies]
-reqwest = { version = "0.11.18", features = ["blocking", "json"] }
+reqwest = { version = "0.12.4", features = ["blocking", "json"] }
 pcre2 = "0.2.4"
 regex = "1.9.1"
+serde = { version = "1.0.185" }
+serde_json = "1.0.113"
 
 [dependencies]
-tracing = "0.1.37"
-tracing-subscriber = "0.3.16"
-libc = "0.2.139"
-semver = "1.0.18"
-nix = { version = "0.26.2", features = ["user"] }
+tracing = "0.1.40"
+tracing-subscriber = "0.3.18"
+libc = "0.2.153"
+strum = { version = "0.26.2", features = ["derive"] }
+semver = { version = "1.0.22", features = ["serde"] }
+nix = { version = "0.28.0", features = ["user","process", "signal", "fs"] } 
 #sudoers-reader = { path = "sudoers-reader" }
-clap = { version = "4.3.0", features = ["derive"] }
-cursive = { version = "0.20.0", default-features = false, features = ["termion-backend"] }
-capctl = "0.2.3"
-pcre2 = "0.2.4"
-chrono = "0.4.26"
-sxd-document = "0.3.2"
-sxd-xpath = "0.4.2"
-serde = "1.0.185"
-ciborium = "0.2.1"
+clap = { version = "4.5.3", features = ["derive"] }
+capctl = "0.2.4"
+pcre2 = "0.2.6"
+serde = { version = "1.0.197", features=["rc"] }
+serde_json = "1.0.114"
+ciborium = "0.2.2"
 glob = "0.3.1"
-pam-client = { version = "0.5.0" }
-bitflags = { version = "2.4.0" }
+pam-client = { version = "0.5.0", git = "https://gitlab.com/LeChatP/rust-pam-client.git" }
+bitflags = { version = "2.5.0" }
 shell-words = "1.1.0"
-syslog-tracing = "0.2.0"
+syslog-tracing = "0.3.0"
+linked_hash_set = { version = "0.1.4" }
+derivative = "2.2.0"
+sha2 = "0.10.8"
+sha1 = "0.10.6"
+md5 = "0.7.0"
+chrono = "0.4.37"
+pty-process = "0.4.0"
+once_cell = "1.19.0"
+crossterm = "0.27.0"
+pest = "2.7.8"
+pest_derive = "2.7.8"
+phf = { version = "0.11.2", features = ["macros"] }
+const_format = "0.2.32"
+rpassword = "7.3.1"
 
 [dev-dependencies]
 env_logger = "*"
 test-log = { version = "0.2.12", features = ["trace"] }
 tracing = "0.1.37"
 tracing-subscriber = { version = "0.3.16", default-features = false, features = ["env-filter", "fmt"] }
+pest-test-gen = "0.1.7"
+pest-test = "0.1.6"
+lazy_static = "1.4.0"

Makefile

@@ -2,18 +2,17 @@ CARGO ?= /usr/bin/cargo
 PROFILE ?= release
 RELEASE = $(if $(filter $(PROFILE),release),--release,)
 BIN_DIR := target/$(PROFILE)
-SR_VERSION = $(shell xmllint --xpath "string(/rootasrole/@version)" resources/rootasrole.xml)
 BINS := $(addprefix $(BIN_DIR)/,sr chsr capable)
-.PHONY: $(BIN_DIR)/sr $(BIN_DIR)/chsr
+.PHONY: $(BIN_DIR)/sr $(BIN_DIR)/chsr $(BIN_DIR)/capable
 $(BIN_DIR)/sr:
-	cargo build $(RELEASE) --bin sr
+	cargo build $(RELEASE) --bin sr || true
 
 $(BIN_DIR)/chsr:
-	cargo build $(RELEASE) --bin chsr
+	cargo build $(RELEASE) --bin chsr || true
 
 $(BIN_DIR)/capable:
-	cargo xtask build-ebpf $(RELEASE)
-	cargo build --package capable $(RELEASE)
+	cargo xtask build-ebpf $(RELEASE) || true
+	cargo build --package capable $(RELEASE) || true
 
 $(BINS): | $(BIN_DIR)
 
@@ -25,6 +24,7 @@ build: $(BINS)
 install: build
 	cp -f $(BINS) /usr/bin
 	setcap "=p" /usr/bin/sr
+	setcap cap_dac_override,cap_sys_admin,cap_sys_ptrace+ep /usr/bin/capable
 
 test:
 	cargo test

README.md

@@ -15,7 +15,7 @@
 </p>
 <!-- markdownlint-restore -->
 
-# RootAsRole (V3.0.0-alpha.3) : a secure alternative to sudo/su on Linux systems
+# RootAsRole (V3.0.0-alpha.4) : a secure alternative to sudo/su on Linux systems
 
 This tool allows you to configure your privilege access management more securely on a single operating system. 
 
@@ -29,10 +29,11 @@ By using a role-based access control model, this project allows us to better man
 
 Requirement: rustc >= 1.70.0
 
-  1. git clone <https://github.com/SamerW/RootAsRole>
-  2. cd RootAsRole
-  3. sudo ./configure.sh
-  4. sudo make install
+  1. git clone <https://github.com/LeChatP/RootAsRole>
+  1. cd RootAsRole
+  1. sudo ./dependencies.sh
+  1. sudo ./configure.sh
+  1. sudo make install
 
 Note: The `configure.sh` installs `cargo` and `bpf-linker` rust programs manually into `/usr/local/bin`. You can refuse to install it this way, but these are mandatory to build the program. Depending on your distribution or how you want to install this software, you may know that most rust binaries are installed to `$HOME/.cargo/bin`. When you use sudo to configure, these binaries are installed in the effective user home directory. You may need to move these binaries to a known-user path. 
 
@@ -52,6 +53,8 @@ Execute privileged commands with a role-based access control system
 
 <u><b>Options</b></u>:
   <b>-r, --role</b> &lt;ROLE&gt;  Role to select
+  <b>-t, --task</b> &lt;TASK&gt;  Task to select (--role required)
+  <b>-p, --prompt</b> &lt;PROMPT&gt; Prompt to display
   <b>-i, --info</b>         Display rights of executor
   <b>-h, --help</b>         Print help (see more with '--help')
   <b>-V, --version</b>      Print version
@@ -62,38 +65,6 @@ If you're accustomed to utilizing the sudo tool and find it difficult to break t
 alias sudo="sr"
 ```
 
-### How to Configure
-
-To configure this program you could use the `chsr` command.
-
-<pre>
-Configure Roles for RootAsRole
-
-<u><b>Usage</b></u>: <b>chsr</b> [COMMAND]
-
-<u><b>Commands</b></u>:
-  <b>list</b>     List all roles
-  <b>newrole</b>  Create a new role, you can add users, groups, tasks. You can assign tasks through the command "addtask"
-  <b>grant</b>    You can grant users/groups to role
-  <b>revoke</b>   You can revoke users/groups from role
-  <b>addtask</b>  Add a task to a role, you can add commands and capabilities
-  <b>deltask</b>  Delete a task from a role
-  <b>delrole</b>  Delete a role, this is not reversible
-  <b>config</b>   You could configure options for all roles, specific role, or specific task
-  <b>import</b>   NOT IMPLEMENTED: Import sudoers file
-  <b>help</b>     Print this message or the help of the given subcommand(s)
-
-<u><b>Options</b></u>:
-  <b>-h, --help</b>     Print help (see more with '--help')
-  <b>-V, --version</b>  Print version
-</pre>
-
-You could also use the fancy TUI configuration manager : 
-
-![Chsr TUI](assets/chsr-tui.png)
-
-This role manager is currently under development and does not provide entire configuration edition. So you can manually execute these commands :
-
 ```sh
 sr chattr -i /etc/security/rootasrole.xml
 sr nano /etc/security/rootasrole.xml
@@ -150,8 +121,6 @@ As you may know with this RBAC model, it is possible for multiple roles to refer
 
 After these step, if two roles are conflicting, these roles are considered equal (only the environment variables are different), so configurator is being warned that roles could be in conflict and these could not be reached without specifing precisely the role to choose (with `--role` option). In such cases, we highly recommend to review the design of the configured access control.
 
-Regarding the (vii),(viii), and (ix) points, the insecure criteria is somewhat arbitrary. We are working on a explaination on a paper.
-
 ## Tested Platforms
 
 Our module has been tested on:

book/src/README.md

@@ -4,14 +4,16 @@
 
 Unlike sudo, this project sets the principle least privilege on its core features. Like sudo, this project wants to be usable. More than sudo, we care about configurators, and we try to warn configurators about dangerous manipulations.
 
-By using a role-based access control model, this project allows us to better manage administrative tasks. With this project, you could distribute privileges and prevent them from escalating directly. Unlike sudo does, we don't want to give entire privileges for any insignificant administrative task, so you could configure it easily with `chsr` command. To find out which capability is needed for a administrative command, we provide the `capable` command. With these two tools, administrators could respect the least privilege principle on their system.
+By using a role-based access control model, this project allows us to better manage administrative tasks. With this project, you could distribute privileges and prevent them from escalating directly. Unlike sudo does, we don't want to give entire privileges for any insignificant administrative task. You can configure our tool easily with `chsr` command. To find out which capability is needed for a administrative command, we provide the `capable` command. With these two tools, administrators could respect the least privilege principle on their system.
 
 What we offer that sudo don't : 
-* [Linux Capabilities](https://man7.org/linux/man-pages/man7/capabilities.7.html) managed and simplified
+* [Linux Capabilities](https://man7.org/linux/man-pages/man7/capabilities.7.html) support
 * [A structured access control model based on Roles](https://dl.acm.org/doi/10.1145/501978.501980)
 * Command matching based on commonly-used open-source libraries 
   * [glob](https://docs.rs/glob/latest/glob/) for binary path
   * [PCRE2](https://www.pcre.org/) for command arguments
+* Standardized file configuration with [JSON](https://www.json.org/)
 * Separation of duties.
-* Configuration file formatted in XML and with DTD Schema Validation.
+* Multi-layered configuration.
+* A simple and easy-to-use configuration command line interface.
 

book/src/SUMMARY.md

@@ -5,8 +5,7 @@
 # User Guide
 
 - [Installation](guide/installation.md)
-- [Use RootAsRole](guide/use.md)
-- [Configure RootAsRole](guide/configure.md)
+- [Configure RootAsRole](chsr/README.md)
 
 # Knowledge Guide
 
@@ -20,19 +19,11 @@
 # Reference Guide
 
 - [`sr` Command Line Tool](sr/README.md)
-- [`chsr` Terminal User Interface](chsr/tui.md)
 - [`chsr` Command Line Tool](chsr/README.md)
-    - [newrole](chsr/newrole.md)
-    - [grant](chsr/grant.md)
-    - [revoke](chsr/revoke.md)
-    - [addtask](chsr/addtask.md)
-    - [deltask](chsr/deltask.md)
-    - [delrole](chsr/delrole.md)
-    - [config](chsr/config.md)
-    - [import](chsr/import.md)
 
 - [Continuous Integration](continuous-integration.md)
 - [How to contribute](dev/CONTRIBUTE.md)
+- [Code of Conduct](dev/CODE_OF_CONDUCT.md)
 
 -----------