GitLab

[ci] activate repoquality on CI

See merge request !1

Note: the previous steps work because our only untagged runner has rust
properly installed. We should be careful with that.

In line with rest of the project.
Consider all authors as Argonne employees up to this commit. We will
follow the DCO (https://developercertificate.org/) process from now on.

Decrease the amount of logging.
Warnings changed:
- CreateDir: already exists, does not exist (rollback)
- RemoveDir: does not exist, already exists (rollback)
- GetSetValue: does not exist
These warnings were very frequent, and cluttered logs

Was done manually for a lot of errors before:
```
err: Error;
return Err(Error::from(format!("Prepended context message: {}",
				err.to_string())));
```
Now:
```
return err.prepend("Prepended context message");
```
It appears much cleaner, and is easier to understand to: we are
_prepending_ an error message to the one we received.

Change in the check_path interface: there are now two different methods,
check_file and check_dir.
check_dir is the previous check_path.
check_file checks that the file is not inside a root cgroup and it also
checks that it is not in one of cuttr's cgroups. This is to make sure
that a user cannot make any changes to the values which are not his.

Changed `return match { Ok(_) => no_error_code, err => err }`
to `if let Err(err) { return Err(err) }; no_error_code`
This may be less idiomatic (not sure) but is much nicer to read and
understand (at least to me)

This reverts commit 9938ff7f.
There was an attempt to bring CI to this repo, but it failed.
To make sure no problem will exist to CI runner before this gets solved,
revert the configuration: this should stop CI.

The user should not have the right to execute as any user, therefore
this changes the execution back to the real ids.

Was displaying an Option<PathBuf> with a debug print. However, at that
point this option is necessarily None, therefore the error did not add
much more information. It now prints the key and slice name.

Much cleaner, and more robust as the output should not change (the debug
output may evolve depending on the needs of the upstream developers)

Checks that a given path is authorized by first resolving any references
to parent directories, and then checking if the path starts with the
path to a controller. This basically creates an absolute path (but not
necessarily canonical!)
More precisely, starting from the root, on each element of the path:
- if it is a 'normal' element: push it at the end of the current
built path
- it if is a 'parent dir' (..): pop the last element of the current path
(i.e. go up a level)
After processing all components of a path, we get an absolute path.
This is then checked against the controllers paths.
For now, this algorithm seems to work pretty well on simple and more
complex examples. It ignores references to the root dir in the input
path (because that is the starting point of the algorithm). In
addition, it also ignores references to the current directory (.)
There is currently no symlink resolution, nor is there a check to ensure
the user is not trying to write in the root cgroup controller, or in the
controller of cuttr (if there is one). This will probably be added in
the future by parsing /proc/self/cgroup which contains the list of
cgroup the current process belongs to.

Will be used to ensure that all filesystem operations are done in
authorized paths (i.e. paths with mounted controllers)

If the "name" field is not present, it will generate one for the spawn
command. Other commands do not generate random names if the field is
missing: this may change in the future, and cuttr may then return a
generated name for the "create" command for instance.

Uses the "rand" crate. The generated ascii string is made of
alphanumeric characters up to the given size.

Replace slice name constant with the expected one.

- Create slice with a restricted list of controllers
- Spawn command with verification of the result of the command itself

Now contains a constant json command correctly escaped, and has no
unused code or return values.

It might not be needed to run as root: we only need to be able to write
in the cgroup sysfs, or have our own cgroup.

Forgot to refactor module references after the module name change

Reflects the name change

Reflects the subcommand names more closely