Add permissions on global console (#1011)

android/northstar.toml

@@ -3,9 +3,9 @@ data_dir = "/data/northstar/data"
 socket_dir = "/dev/socket/northstar"
 cgroup = "northstar"
 
-# Debug TCP console on localhost with full access
-[debug]
-console = "tcp://localhost:4200"
+[console.global]
+bind = "tcp://localhost:4200"
+permissions = "full"
 
 [repositories.system]
 key = "/system/etc/northstar/system.pub"

northstar-runtime/Cargo.toml

@@ -24,6 +24,7 @@ caps = { version = "0.5.5", optional = true }
 cgroups-rs = { version = "0.3.2", features = ["serde"], optional = true }
 ed25519-dalek = { version = "1.0.1", optional = true }
 futures = { version = "0.3.27", default-features = true, optional = true }
+heck = { version = "0.4.1", optional = true }
 hex = { version = "0.4.3", optional = true }
 hmac = { version = "0.12.1", features = ["reset"], optional = true }
 humanize-rs = { version = "0.1.5", optional = true }
@@ -69,7 +70,7 @@ zip = { version = "0.6.6", default-features = false, optional = true }
 api = ["bytes", "futures", "npk", "pkg-version", "serde_json", "tokio", "tokio-util"]
 npk = ["base64", "byteorder", "ed25519-dalek", "hex", "humanize-rs", "itertools", "pkg-version", "rand_core", "seccomp", "serde_json", "serde_plain", "serde_with", "serde_yaml", "sha2", "strum", "strum_macros", "tempfile", "toml", "uuid", "zeroize", "zip"]
 rexec = ["nix", "memfd"]
-runtime = ["api", "async-stream", "async-trait", "bincode", "bytesize", "caps", "cgroups-rs", "ed25519-dalek", "futures", "hex", "hmac", "humantime", "humantime-serde", "inotify", "itertools", "lazy_static", "libc", "loopdev", "memfd", "memoffset", "nanoid", "nix", "npk", "rlimit", "serde_plain", "tempfile", "tokio", "tokio-eventfd", "tokio-util", "url", "umask"]
+runtime = ["api", "async-stream", "async-trait", "bincode", "bytesize", "caps", "cgroups-rs", "ed25519-dalek", "futures", "heck", "hex", "hmac", "humantime", "humantime-serde", "inotify", "itertools", "lazy_static", "libc", "loopdev", "memfd", "memoffset", "nanoid", "nix", "npk", "rlimit", "serde_plain", "tempfile", "tokio", "tokio-eventfd", "tokio-util", "url", "umask"]
 seccomp = ["bindgen", "caps", "lazy_static", "memoffset", "nix", "npk"]
 
 [dev-dependencies]

northstar-runtime/src/api/model.rs

@@ -3,10 +3,6 @@ use std::collections::{HashMap, HashSet};
 
 /// Container name
 pub type Name = crate::common::name::Name;
-/// Console configuration
-pub type ConsoleConfiguration = crate::npk::manifest::console::Configuration;
-/// Console permission entity
-pub type ConsolePermission = crate::npk::manifest::console::Permission;
 /// Container identification
 pub type Container = crate::common::container::Container;
 /// Container exit code
@@ -87,9 +83,7 @@ pub struct Connect {
 #[derive(Clone, Eq, PartialEq, Debug, Serialize, Deserialize)]
 #[serde(rename_all = "snake_case")]
 #[allow(missing_docs)]
-pub struct ConnectAck {
-    pub configuration: ConsoleConfiguration,
-}
+pub struct ConnectAck;
 
 /// Connection nack
 #[derive(Clone, Eq, PartialEq, Debug, Serialize, Deserialize)]

northstar-runtime/src/npk/manifest/console.rs

@@ -9,11 +9,11 @@ use std::{collections::HashSet, fmt};
 use strum::{EnumCount as _, IntoEnumIterator};
 use strum_macros::{EnumCount, EnumIter};
 
-/// Console Quality of Service
+/// Console permissions.
 #[skip_serializing_none]
 #[derive(Clone, PartialEq, Eq, Debug, Default, Serialize, Deserialize)]
 #[serde(deny_unknown_fields)]
-pub struct Configuration {
+pub struct Console {
     /// Permissions
     pub permissions: Permissions,
 }
@@ -75,10 +75,15 @@ impl fmt::Display for Permission {
 pub struct Permissions(HashSet<Permission>);
 
 impl Permissions {
-    /// Create a new `Console` with all permissions given
+    /// Create a new `Console` with all permissions.
     pub fn full() -> Permissions {
         Permissions(HashSet::from_iter(Permission::iter()))
     }
+
+    /// Create a new `Console` without permissions.
+    pub fn empty() -> Permissions {
+        Permissions(HashSet::new())
+    }
 }
 
 impl std::ops::Deref for Permissions {

northstar-runtime/src/npk/manifest/mod.rs

@@ -92,7 +92,7 @@ pub struct Manifest {
     /// Container version
     pub version: Version,
     /// Pass a console fd number in NORTHSTAR_CONSOLE
-    pub console: Option<console::Configuration>,
+    pub console: Option<console::Console>,
     /// Path to init
     #[validate(length(min = 1, max = 4096))]
     pub init: Option<NonNulString>,

northstar-runtime/src/runtime/config.rs

@@ -11,7 +11,10 @@ use nix::{sys::stat, unistd};
 use serde::{de::Error as SerdeError, Deserialize, Deserializer};
 use url::Url;
 
-use crate::{common::non_nul_string::NonNulString, runtime::repository::RepositoryId};
+use crate::{
+    common::non_nul_string::NonNulString, npk::manifest::console::Permissions,
+    runtime::repository::RepositoryId,
+};
 
 /// Runtime configuration
 #[derive(Clone, Debug, Deserialize)]
@@ -44,10 +47,22 @@ pub struct Config {
     pub debug: Option<Debug>,
 }
 
+/// Globally accessible console.
+#[derive(Clone, Debug, Deserialize)]
+pub struct ConsoleGlobal {
+    /// Bind globally accesible console to this address.
+    #[serde(deserialize_with = "console_url")]
+    pub bind: Url,
+    /// Permissions
+    pub permissions: Permissions,
+    /// Console options
+    pub options: Option<ConsoleOptions>,
+}
+
 /// Console Quality of Service
 #[derive(Clone, Debug, Deserialize)]
 #[serde(deny_unknown_fields)]
-pub struct Console {
+pub struct ConsoleOptions {
     /// Token validity duration.
     #[serde(with = "humantime_serde", default = "default_token_validity")]
     pub token_validity: time::Duration,
@@ -68,7 +83,7 @@ pub struct Console {
     pub npk_stream_timeout: time::Duration,
 }
 
-impl Default for Console {
+impl Default for ConsoleOptions {
     fn default() -> Self {
         Self {
             token_validity: default_token_validity(),
@@ -80,6 +95,16 @@ impl Default for Console {
     }
 }
 
+/// Console Quality of Service
+#[derive(Clone, Default, Debug, Deserialize)]
+#[serde(deny_unknown_fields)]
+pub struct Console {
+    /// Globally accessible console.
+    pub global: Option<ConsoleGlobal>,
+    /// Options for console connections with containers.
+    pub options: Option<ConsoleOptions>,
+}
+
 /// Repository type
 #[derive(Clone, Debug, Deserialize)]
 pub enum RepositoryType {
@@ -116,10 +141,6 @@ pub struct Repository {
 #[derive(Clone, Debug, Deserialize)]
 #[serde(deny_unknown_fields)]
 pub struct Debug {
-    /// Console configuration
-    #[serde(deserialize_with = "console")]
-    pub console: Url,
-
     /// Commands to run before the container is started.
     //  <CONTAINER> is replaced with the container name.
     //  <PID> is replaced with the container init pid.
@@ -170,7 +191,7 @@ fn is_rw(path: &Path) -> bool {
 }
 
 /// Validate the console url schemes are all "tcp" or "unix"
-fn console<'de, D>(deserializer: D) -> Result<Url, D::Error>
+fn console_url<'de, D>(deserializer: D) -> Result<Url, D::Error>
 where
     D: Deserializer<'de>,
 {
@@ -234,15 +255,15 @@ const fn default_max_request_size() -> u64 {
 
 #[test]
 #[allow(clippy::unwrap_used)]
-fn console_url() {
+fn validate_console_url() {
     let config = r#"
 data_dir = "target/northstar/data"
 run_dir = "target/northstar/run"
 socket_dir = "target/northstar/sockets"
 cgroup = "northstar"
-
-[debug]
-console = "tcp://localhost:4200"
+[console.global]
+bind = "tcp://localhost:4200"
+permissions = "full"
 "#;
 
     toml::from_str::<Config>(config).unwrap();
@@ -253,9 +274,9 @@ data_dir = "target/northstar/data"
 run_dir = "target/northstar/run"
 socket_dir = "target/northstar/sockets"
 cgroup = "northstar"
-
-[debug]
-console = "http://localhost:4200"
+[console.global]
+bind = "http://localhost:4200"
+permissions = "full"
 "#;
 
     assert!(toml::from_str::<Config>(config).is_err());