Enum AccessFs

#[non_exhaustive]
#[repr(u64)]
pub enum AccessFs {
    Execute = 1,
    WriteFile = 2,
    ReadFile = 4,
    ReadDir = 8,
    RemoveDir = 16,
    RemoveFile = 32,
    MakeChar = 64,
    MakeDir = 128,
    MakeReg = 256,
    MakeSock = 512,
    MakeFifo = 1_024,
    MakeBlock = 2_048,
    MakeSym = 4_096,
    Refer = 8_192,
    Truncate = 16_384,
    IoctlDev = 32_768,
}

File system access right.

Each variant of AccessFs is an access right for the file system. A set of access rights can be created with BitFlags<AccessFs>.

Example

use landlock::{ABI, Access, AccessFs, BitFlags, make_bitflags};

let exec = AccessFs::Execute;

let exec_set: BitFlags<AccessFs> = exec.into();

let file_content = make_bitflags!(AccessFs::{Execute | WriteFile | ReadFile});

let fs_v1 = AccessFs::from_all(ABI::V1);

let without_exec = fs_v1 & !AccessFs::Execute;

assert_eq!(fs_v1 | AccessFs::Refer, AccessFs::from_all(ABI::V2));

Warning

To avoid unknown restrictions don’t use BitFlags::<AccessFs>::all() nor BitFlags::ALL, but use a version you tested and vetted instead, for instance AccessFs::from_all(ABI::V1). Direct use of the BitFlags API is deprecated. See ABI for the rationale and help to test it.

Variants (Non-exhaustive)

Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.

Execute = 1

Execute a file.

WriteFile = 2

Open a file with write access.

Note

Certain operations (such as std::fs::write) may also require AccessFs::Truncate since ABI::V3.

ReadFile = 4

Open a file with read access.

ReadDir = 8

Open a directory or list its content.

RemoveDir = 16

Remove an empty directory or rename one.

RemoveFile = 32

Unlink (or rename) a file.

MakeChar = 64

Create (or rename or link) a character device.

MakeDir = 128

Create (or rename) a directory.

MakeReg = 256

Create (or rename or link) a regular file.

MakeSock = 512

Create (or rename or link) a UNIX domain socket.

MakeFifo = 1_024

Create (or rename or link) a named pipe.

MakeBlock = 2_048

Create (or rename or link) a block device.

MakeSym = 4_096

Create (or rename or link) a symbolic link.

Refer = 8_192

Link or rename a file from or to a different directory.

Truncate = 16_384

Truncate a file with truncate(2), ftruncate(2), creat(2), or open(2) with O_TRUNC.

IoctlDev = 32_768

Send IOCL commands to a device file.

Implementations

impl AccessFs

pub fn from_read(abi: ABI) -> BitFlags<Self>

Gets the access rights identified as read-only according to a specific ABI. Exclusive with from_write().

pub fn from_write(abi: ABI) -> BitFlags<Self>

Gets the access rights identified as write-only according to a specific ABI. Exclusive with from_read().

pub fn from_file(abi: ABI) -> BitFlags<Self>

Gets the access rights legitimate for non-directory files.

Trait Implementations

impl Access for AccessFs

fn from_all(abi: ABI) -> BitFlags<Self>

Union of from_read() and from_write().

impl BitAnd for AccessFs

type Output = BitFlags<AccessFs>

The resulting type after applying the & operator.

fn bitand(self, other: Self) -> Self::Output

Performs the & operation.

impl BitFlag for AccessFs

fn empty() -> BitFlags<Self>

Create a BitFlags with no flags set (in other words, with a value of 0).

fn all() -> BitFlags<Self>

Create a BitFlags with all flags set.

fn from_bits(bits: Self::Numeric) -> Result<BitFlags<Self>, FromBitsError<Self>>

Create a BitFlags if the raw value provided does not contain any illegal flags.

fn from_bits_truncate(bits: Self::Numeric) -> BitFlags<Self>

Create a BitFlags from an underlying bitwise value. If any invalid bits are set, ignore them.

unsafe fn from_bits_unchecked(bits: Self::Numeric) -> BitFlags<Self>

Create a BitFlags unsafely, without checking if the bits form a valid bit pattern for the type.

impl BitOr for AccessFs

type Output = BitFlags<AccessFs>

The resulting type after applying the | operator.

fn bitor(self, other: Self) -> Self::Output

Performs the | operation.

impl BitXor for AccessFs

type Output = BitFlags<AccessFs>

The resulting type after applying the ^ operator.

fn bitxor(self, other: Self) -> Self::Output

Performs the ^ operation.

impl Clone for AccessFs

fn clone(&self) -> AccessFs

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for AccessFs

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Not for AccessFs

type Output = BitFlags<AccessFs>

The resulting type after applying the ! operator.

fn not(self) -> Self::Output

Performs the unary ! operation.

impl PartialEq for AccessFs

fn eq(&self, other: &AccessFs) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl RawBitFlags for AccessFs

const EMPTY: <Self as RawBitFlags>::Numeric = {transmute(0x0000000000000000): <fs::AccessFs as enumflags2::_internal::RawBitFlags>::Numeric}

A value with no bits set.

const DEFAULT: <Self as RawBitFlags>::Numeric = {transmute(0x0000000000000000): <fs::AccessFs as enumflags2::_internal::RawBitFlags>::Numeric}

The value used by the Default implementation. Equivalent to EMPTY, unless customized.

const ALL_BITS: <Self as RawBitFlags>::Numeric = {transmute(0x000000000000ffff): <fs::AccessFs as enumflags2::_internal::RawBitFlags>::Numeric}

A value with all flag bits set.

const BITFLAGS_TYPE_NAME: &'static str = "BitFlags<AccessFs>"

The name of the type for debug formatting purposes.

type Numeric = u64

The underlying integer type.

fn bits(self) -> <Self as RawBitFlags>::Numeric

Return the bits as a number type.

impl Copy for AccessFs

impl Eq for AccessFs

impl HandledAccess for AccessFs

impl<F> Rule<AccessFs> for PathBeneath<F>

where F: AsFd,

impl StructuralPartialEq for AccessFs