bsdcontrol.rb/lib/bsd/control/feature.rb

# frozen_string_literal: true

module BSD::Control
  class Feature < Struct.new(:name, :context)
    ##
    # @return [Array<BSD::Control::Feature>]
    #  Returns an array of available features
    def self.available
      BSD::Control.available_features
    end

    ##
    # @group Actions

    ##
    # Enables a feature for a given file
    #
    # @param [String] path
    #  The path to a file
    #
    # @raise [SystemCallError]
    #  Might raise a number of Errno exceptions
    #
    # @return [Boolean]
    #  Returns true on success
    def enable!(path)
      set!(path, ENABLED)
    end

    ##
    # Disables a feature for a given file
    #
    # @param [String] path
    #  The path to a file
    #
    # @raise [SystemCallError]
    #  Might raise a number of Errno exceptions
    #
    # @return [Boolean]
    #  Returns true on success
    def disable!(path)
      set!(path, DISABLED)
    end

    ##
    # @!method sysdef!(path)
    #   Restores the system default for a given file
    #
    #   @param [String] path
    #     The path to a file
    #
    #   @raise [SystemCallError]
    #     Might raise a number of Errno exceptions
    #
    #   @return [Boolean]
    #     Returns true on success

    # @endgroup

    ##
    # @group Queries

    ##
    # @param [String] path
    #  The path to a file
    #
    # @return [Boolean]
    #  Returns true when a feature is enabled
    def enabled?(path)
      status(path) == :enabled
    end

    ##
    # @param [String] path
    #  The path to a file.
    #
    # @return [Boolean]
    #  Returns true when a feature is disabled
    def disabled?(path)
      status(path) == :disabled
    end

    ##
    # @param [String] path
    #  The path to a file
    #
    # @return [Boolean]
    #  Returns true when the system default setting is used
    def sysdef?(path)
      status(path) == :sysdef
    end

    ##
    # @param [String] path
    #  The path to a file
    #
    # @return [Boolean]
    #  Returns true when a feature is in an invalid state
    #  (eg: the feature is both enabled and disabled at the same time)
    def invalid?(path)
      status(path) == :invalid
    end

    ##
    # @!method status(path)
    #   @param [String] path
    #     The path to a file
    #
    #   @raise [SystemCallError]
    #     Might raise a number of Errno exceptions
    #
    #   @return [Symbol]
    #     Returns the status of a feature for a given file.
    #     Status could be: `:unknown`, `:enabled`, `:disabled`,
    #     `:sysdef`, or `:invalid`.

    # @endgroup

    ##
    # @group Predicates

    ##
    # @return [Boolean]
    #  Returns true for `pageexec`
    def pageexec?
      name == "pageexec"
    end

    ##
    # @return [Boolean]
    #  Returns true for `mprotect`
    def mprotect?
      name == "mprotect"
    end

    ##
    # @return [Boolean]
    #  Returns true for `segvguard`
    def segvguard?
      name == "segvguard"
    end

    ##
    # @return [Boolean]
    #  Returns true for `aslr`
    def aslr?
      name == "aslr"
    end

    ##
    # @return [Boolean]
    #  Returns true for `shlibrandom`
    def shlibrandom?
      name == "shlibrandom"
    end

    ##
    # @return [Boolean]
    #  Returns true for `disallow_map32bit`
    def disallow_map32bit?
      name == "disallow_map32bit"
    end

    ##
    # @return [Boolean]
    #  Returns true for `insecure_kmod`
    def insecure_kmod?
      name == "insecure_kmod"
    end

    ##
    # @return [Boolean]
    #  Returns true for `harden_shm`
    def harden_shm?
      name == "harden_shm"
    end

    ##
    # @return [Boolean]
    #  Returns true for `prohibit_ptrace_capsicum`
    def prohibit_ptrace_capsicum?
      name == "prohibit_ptrace_capsicum"
    end

    # @endgroup
  end
end
Add standard 2024-05-12 05:59:38 +02:00			`# frozen_string_literal: true`

First commit 2024-03-01 02:29:43 +01:00			`module BSD::Control`
Reimplement on top of libhbsdcontrol v2 2024-03-20 20:25:20 +01:00			`class Feature < Struct.new(:name, :context)`
First commit 2024-03-01 02:29:43 +01:00			`##`
			`# @return [Array<BSD::Control::Feature>]`
Update docs 2024-05-13 01:01:03 +02:00			`# Returns an array of available features`
First commit 2024-03-01 02:29:43 +01:00			`def self.available`
Reimplement on top of libhbsdcontrol v2 2024-03-20 20:25:20 +01:00			`BSD::Control.available_features`
First commit 2024-03-01 02:29:43 +01:00			`end`

Add "Actions" group 2024-03-01 03:46:08 +01:00			`##`
			`# @group Actions`

First commit 2024-03-01 02:29:43 +01:00			`##`
Update docs 2024-05-13 01:01:03 +02:00			`# Enables a feature for a given file`
First commit 2024-03-01 02:29:43 +01:00			`#`
			`# @param [String] path`
Update docs 2024-05-13 01:01:03 +02:00			`# The path to a file`
Raise an error when hbsdcontrol_set_feature_state failes 2024-03-01 02:46:47 +01:00			`#`
Apply diff for patch 2024-03-09 23:40:42 +01:00			`# @raise [SystemCallError]`
Update docs 2024-05-13 01:01:03 +02:00			`# Might raise a number of Errno exceptions`
First commit 2024-03-01 02:29:43 +01:00			`#`
			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			`# Returns true on success`
First commit 2024-03-01 02:29:43 +01:00			`def enable!(path)`
Map HBSDCTRL_STATE_(ENABLED\|DISABLED) into Ruby And fix `BSD::Control::Feature#disable!`. 2024-03-21 01:58:18 +01:00			`set!(path, ENABLED)`
First commit 2024-03-01 02:29:43 +01:00			`end`

			`##`
Update docs 2024-05-13 01:01:03 +02:00			`# Disables a feature for a given file`
First commit 2024-03-01 02:29:43 +01:00			`#`
			`# @param [String] path`
Update docs 2024-05-13 01:01:03 +02:00			`# The path to a file`
Raise an error when hbsdcontrol_set_feature_state failes 2024-03-01 02:46:47 +01:00			`#`
Apply diff for patch 2024-03-09 23:40:42 +01:00			`# @raise [SystemCallError]`
Update docs 2024-05-13 01:01:03 +02:00			`# Might raise a number of Errno exceptions`
First commit 2024-03-01 02:29:43 +01:00			`#`
			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			`# Returns true on success`
First commit 2024-03-01 02:29:43 +01:00			`def disable!(path)`
Map HBSDCTRL_STATE_(ENABLED\|DISABLED) into Ruby And fix `BSD::Control::Feature#disable!`. 2024-03-21 01:58:18 +01:00			`set!(path, DISABLED)`
First commit 2024-03-01 02:29:43 +01:00			`end`

Re-add Feature#sysdef! 2024-03-07 00:59:54 +01:00			`##`
Add BSD::Control::Feature#sysdef! 2024-03-20 22:34:15 +01:00			`# @!method sysdef!(path)`
Update docs 2024-05-13 01:01:03 +02:00			`# Restores the system default for a given file`
Re-add Feature#sysdef! 2024-03-07 00:59:54 +01:00			`#`
Add BSD::Control::Feature#sysdef! 2024-03-20 22:34:15 +01:00			`# @param [String] path`
Update docs 2024-05-13 01:01:03 +02:00			`# The path to a file`
Re-add Feature#sysdef! 2024-03-07 00:59:54 +01:00			`#`
Add BSD::Control::Feature#sysdef! 2024-03-20 22:34:15 +01:00			`# @raise [SystemCallError]`
Update docs 2024-05-13 01:01:03 +02:00			`# Might raise a number of Errno exceptions`
Re-add Feature#sysdef! 2024-03-07 00:59:54 +01:00			`#`
Add BSD::Control::Feature#sysdef! 2024-03-20 22:34:15 +01:00			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			`# Returns true on success`
Re-add Feature#sysdef! 2024-03-07 00:59:54 +01:00
Update API docs 2024-03-08 06:21:24 +01:00			`# @endgroup`

Add BSD::Control::Feature#status 2024-03-08 03:41:45 +01:00			`##`
Update API docs 2024-03-08 06:21:24 +01:00			`# @group Queries`

			`##`
			`# @param [String] path`
Update docs 2024-05-13 01:01:03 +02:00			`# The path to a file`
Update API docs 2024-03-08 06:21:24 +01:00			`#`
Add BSD::Control::Feature#status 2024-03-08 03:41:45 +01:00			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			`# Returns true when a feature is enabled`
Add BSD::Control::Feature#status 2024-03-08 03:41:45 +01:00			`def enabled?(path)`
			`status(path) == :enabled`
			`end`

			`##`
Update API docs 2024-03-08 06:21:24 +01:00			`# @param [String] path`
			`# The path to a file.`
			`#`
Add BSD::Control::Feature#status 2024-03-08 03:41:45 +01:00			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			`# Returns true when a feature is disabled`
Add BSD::Control::Feature#status 2024-03-08 03:41:45 +01:00			`def disabled?(path)`
			`status(path) == :disabled`
			`end`

			`##`
Update API docs 2024-03-08 06:21:24 +01:00			`# @param [String] path`
Update docs 2024-05-13 01:01:03 +02:00			`# The path to a file`
Update API docs 2024-03-08 06:21:24 +01:00			`#`
Add BSD::Control::Feature#status 2024-03-08 03:41:45 +01:00			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			`# Returns true when the system default setting is used`
Add BSD::Control::Feature#status 2024-03-08 03:41:45 +01:00			`def sysdef?(path)`
			`status(path) == :sysdef`
			`end`

			`##`
Update API docs 2024-03-08 06:21:24 +01:00			`# @param [String] path`
Update docs 2024-05-13 01:01:03 +02:00			`# The path to a file`
Update API docs 2024-03-08 06:21:24 +01:00			`#`
Add BSD::Control::Feature#status 2024-03-08 03:41:45 +01:00			`# @return [Boolean]`
Feature#conflict? -> Feature#invalid? 2024-03-20 23:10:35 +01:00			`# Returns true when a feature is in an invalid state`
Update docs 2024-05-13 01:01:03 +02:00			`# (eg: the feature is both enabled and disabled at the same time)`
Feature#conflict? -> Feature#invalid? 2024-03-20 23:10:35 +01:00			`def invalid?(path)`
			`status(path) == :invalid`
Add BSD::Control::Feature#status 2024-03-08 03:41:45 +01:00			`end`

			`##`
Remove stale references to 'FFI' module. 2024-03-20 21:19:15 +01:00			`# @!method status(path)`
			`# @param [String] path`
Update docs 2024-05-13 01:01:03 +02:00			`# The path to a file`
Update API docs 2024-03-08 06:21:24 +01:00			`#`
Remove stale references to 'FFI' module. 2024-03-20 21:19:15 +01:00			`# @raise [SystemCallError]`
Update docs 2024-05-13 01:01:03 +02:00			`# Might raise a number of Errno exceptions`
Update API docs 2024-03-08 06:21:24 +01:00			`#`
Remove stale references to 'FFI' module. 2024-03-20 21:19:15 +01:00			`# @return [Symbol]`
			`# Returns the status of a feature for a given file.`
			# Status could be: `:unknown`, `:enabled`, `:disabled`,
			# `:sysdef`, or `:invalid`.
Add BSD::Control::Feature#status 2024-03-08 03:41:45 +01:00
Add "Actions" group 2024-03-01 03:46:08 +01:00			`# @endgroup`

First commit 2024-03-01 02:29:43 +01:00			`##`
			`# @group Predicates`

			`##`
			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			# Returns true for `pageexec`
First commit 2024-03-01 02:29:43 +01:00			`def pageexec?`
			`name == "pageexec"`
			`end`

			`##`
			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			# Returns true for `mprotect`
First commit 2024-03-01 02:29:43 +01:00			`def mprotect?`
			`name == "mprotect"`
			`end`

			`##`
			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			# Returns true for `segvguard`
First commit 2024-03-01 02:29:43 +01:00			`def segvguard?`
			`name == "segvguard"`
			`end`

			`##`
			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			# Returns true for `aslr`
First commit 2024-03-01 02:29:43 +01:00			`def aslr?`
			`name == "aslr"`
			`end`

			`##`
			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			# Returns true for `shlibrandom`
First commit 2024-03-01 02:29:43 +01:00			`def shlibrandom?`
			`name == "shlibrandom"`
			`end`

			`##`
			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			# Returns true for `disallow_map32bit`
First commit 2024-03-01 02:29:43 +01:00			`def disallow_map32bit?`
			`name == "disallow_map32bit"`
			`end`

			`##`
			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			# Returns true for `insecure_kmod`
First commit 2024-03-01 02:29:43 +01:00			`def insecure_kmod?`
			`name == "insecure_kmod"`
			`end`

			`##`
			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			# Returns true for `harden_shm`
First commit 2024-03-01 02:29:43 +01:00			`def harden_shm?`
			`name == "harden_shm"`
			`end`

			`##`
			`# @return [Boolean]`
Update docs 2024-05-13 01:01:03 +02:00			# Returns true for `prohibit_ptrace_capsicum`
First commit 2024-03-01 02:29:43 +01:00			`def prohibit_ptrace_capsicum?`
			`name == "prohibit_ptrace_capsicum"`
			`end`

			`# @endgroup`
			`end`
			`end`