allow embassy-cli not as root (#1501)

* allow embassy-cli not as root * clean up merge
2026-03-30 04:01:58 +00:00 · 2022-06-07 11:11:01 -06:00
parent 334437f677
commit 4286edd78f
22 changed files with 242 additions and 89 deletions
--- a/backend/src/context/cli.rs
+++ b/backend/src/context/cli.rs
@@ -15,6 +15,7 @@ use rpc_toolkit::Context;
 use serde::Deserialize;
 use tracing::instrument;

+use crate::util::config::{load_config_from_paths, local_config_path};
 use crate::ResultExt;

 #[derive(Debug, Default, Deserialize)]
@@ -60,16 +61,16 @@ impl CliContext {
    /// BLOCKING
    #[instrument(skip(matches))]
    pub fn init(matches: &ArgMatches) -> Result<Self, crate::Error> {
-        let cfg_path = Path::new(matches.value_of("config").unwrap_or(crate::CONFIG_PATH));
-        let base = if cfg_path.exists() {
-            serde_yaml::from_reader(
-                File::open(cfg_path)
-                    .with_ctx(|_| (crate::ErrorKind::Filesystem, cfg_path.display().to_string()))?,
-            )
-            .with_kind(crate::ErrorKind::Deserialization)?
-        } else {
-            CliContextConfig::default()
-        };
+        let local_config_path = local_config_path();
+        let base: CliContextConfig = load_config_from_paths(
+            matches
+                .values_of("config")
+                .into_iter()
+                .flatten()
+                .map(|p| Path::new(p))
+                .chain(local_config_path.as_deref().into_iter())
+                .chain(std::iter::once(Path::new(crate::util::config::CONFIG_PATH))),
+        )?;
        let mut url = if let Some(host) = matches.value_of("host") {
            host.parse()?
        } else if let Some(host) = base.host {
@@ -88,7 +89,9 @@ impl CliContext {
        };

        let cookie_path = base.cookie_path.unwrap_or_else(|| {
-            cfg_path
+            local_config_path
+                .as_deref()
+                .unwrap_or_else(|| Path::new(crate::util::config::CONFIG_PATH))
                .parent()
                .unwrap_or(Path::new("/"))
                .join(".cookies.json")
--- a/backend/src/context/diagnostic.rs
+++ b/backend/src/context/diagnostic.rs
@@ -28,7 +28,7 @@ impl DiagnosticContextConfig {
        let cfg_path = path
            .as_ref()
            .map(|p| p.as_ref())
-            .unwrap_or(Path::new(crate::CONFIG_PATH));
+            .unwrap_or(Path::new(crate::util::config::CONFIG_PATH));
        if let Some(f) = File::maybe_open(cfg_path)
            .await
            .with_ctx(|_| (crate::ErrorKind::Filesystem, cfg_path.display().to_string()))?
--- a/backend/src/context/rpc.rs
+++ b/backend/src/context/rpc.rs
@@ -7,8 +7,8 @@ use std::sync::Arc;
 use std::time::Duration;

 use bollard::Docker;
-use patch_db::{json_ptr::JsonPointer, LockReceipt};
-use patch_db::{DbHandle, LockType, PatchDb, Revision};
+use patch_db::json_ptr::JsonPointer;
+use patch_db::{DbHandle, LockReceipt, LockType, PatchDb, Revision};
 use reqwest::Url;
 use rpc_toolkit::url::Host;
 use rpc_toolkit::Context;
@@ -20,9 +20,10 @@ use tokio::process::Command;
 use tokio::sync::{broadcast, oneshot, Mutex, RwLock};
 use tracing::instrument;

+use crate::core::rpc_continuations::{RequestGuid, RpcContinuation};
 use crate::db::model::{Database, InstalledPackageDataEntry, PackageDataEntry};
 use crate::hostname::{derive_hostname, derive_id, get_product_key};
-use crate::install::cleanup::{cleanup_failed, uninstall};
+use crate::install::cleanup::{cleanup_failed, uninstall, CleanupFailedReceipts};
 use crate::manager::ManagerMap;
 use crate::middleware::auth::HashSessionToken;
 use crate::net::tor::os_key;
@@ -34,10 +35,6 @@ use crate::shutdown::Shutdown;
 use crate::status::{MainStatus, Status};
 use crate::util::io::from_yaml_async_reader;
 use crate::util::{AsyncFileExt, Invoke};
-use crate::{
-    core::rpc_continuations::{RequestGuid, RpcContinuation},
-    install::cleanup::CleanupFailedReceipts,
-};
 use crate::{Error, ResultExt};

 #[derive(Debug, Default, Deserialize)]
@@ -57,7 +54,7 @@ impl RpcContextConfig {
        let cfg_path = path
            .as_ref()
            .map(|p| p.as_ref())
-            .unwrap_or(Path::new(crate::CONFIG_PATH));
+            .unwrap_or(Path::new(crate::util::config::CONFIG_PATH));
        if let Some(f) = File::maybe_open(cfg_path)
            .await
            .with_ctx(|_| (crate::ErrorKind::Filesystem, cfg_path.display().to_string()))?
--- a/backend/src/context/sdk.rs
+++ b/backend/src/context/sdk.rs
@@ -1,5 +1,3 @@
-use std::fs::File;
-use std::io::Read;
 use std::path::{Path, PathBuf};
 use std::sync::Arc;

@@ -9,6 +7,7 @@ use rpc_toolkit::Context;
 use serde::Deserialize;
 use tracing::instrument;

+use crate::util::config::{load_config_from_paths, local_config_path};
 use crate::{Error, ResultExt};

 #[derive(Debug, Default, Deserialize)]
@@ -28,22 +27,24 @@ impl SdkContext {
    /// BLOCKING
    #[instrument(skip(matches))]
    pub fn init(matches: &ArgMatches) -> Result<Self, crate::Error> {
-        let cfg_path = Path::new(matches.value_of("config").unwrap_or(crate::CONFIG_PATH));
-        let base = if cfg_path.exists() {
-            serde_yaml::from_reader(
-                File::open(cfg_path)
-                    .with_ctx(|_| (crate::ErrorKind::Filesystem, cfg_path.display().to_string()))?,
-            )
-            .with_kind(crate::ErrorKind::Deserialization)?
-        } else {
-            SdkContextConfig::default()
-        };
+        let local_config_path = local_config_path();
+        let base: SdkContextConfig = load_config_from_paths(
+            matches
+                .values_of("config")
+                .into_iter()
+                .flatten()
+                .map(|p| Path::new(p))
+                .chain(local_config_path.as_deref().into_iter())
+                .chain(std::iter::once(Path::new(crate::util::config::CONFIG_PATH))),
+        )?;
        Ok(SdkContext(Arc::new(SdkContextSeed {
            developer_key_path: base.developer_key_path.unwrap_or_else(|| {
-                cfg_path
+                local_config_path
+                    .as_deref()
+                    .unwrap_or_else(|| Path::new(crate::util::config::CONFIG_PATH))
                    .parent()
                    .unwrap_or(Path::new("/"))
-                    .join(".developer_key")
+                    .join("developer.key.pem")
            }),
        })))
    }
@@ -53,9 +54,17 @@ impl SdkContext {
        if !self.developer_key_path.exists() {
            return Err(Error::new(eyre!("Developer Key does not exist! Please run `embassy-sdk init` before running this command."), crate::ErrorKind::Uninitialized));
        }
-        let mut keypair_buf = [0; ed25519_dalek::KEYPAIR_LENGTH];
-        File::open(&self.developer_key_path)?.read_exact(&mut keypair_buf)?;
-        Ok(ed25519_dalek::Keypair::from_bytes(&keypair_buf)?)
+        let pair = <ed25519::KeypairBytes as ed25519::pkcs8::DecodePrivateKey>::from_pkcs8_pem(
+            &std::fs::read_to_string(&self.developer_key_path)?,
+        )
+        .with_kind(crate::ErrorKind::Pem)?;
+        let secret = ed25519_dalek::SecretKey::from_bytes(&pair.secret_key[..])?;
+        let public = if let Some(public) = pair.public_key {
+            ed25519_dalek::PublicKey::from_bytes(&public[..])?
+        } else {
+            (&secret).into()
+        };
+        Ok(ed25519_dalek::Keypair { secret, public })
    }
 }
 impl std::ops::Deref for SdkContext {
--- a/backend/src/context/setup.rs
+++ b/backend/src/context/setup.rs
@@ -45,7 +45,7 @@ impl SetupContextConfig {
        let cfg_path = path
            .as_ref()
            .map(|p| p.as_ref())
-            .unwrap_or(Path::new(crate::CONFIG_PATH));
+            .unwrap_or(Path::new(crate::util::config::CONFIG_PATH));
        if let Some(f) = File::maybe_open(cfg_path)
            .await
            .with_ctx(|_| (crate::ErrorKind::Filesystem, cfg_path.display().to_string()))?