Skip to content

Locking Mechanism#335

Merged
RiSKeD merged 6 commits into
mainfrom
feat/locking-mechanics
Jun 3, 2026
Merged

Locking Mechanism#335
RiSKeD merged 6 commits into
mainfrom
feat/locking-mechanics

Conversation

@RiSKeD

@RiSKeD RiSKeD commented May 19, 2026

Copy link
Copy Markdown
Contributor

resolves #319

@RiSKeD RiSKeD force-pushed the feat/locking-mechanics branch 5 times, most recently from cb8bc7d to 8f3f686 Compare May 21, 2026 14:15
@RiSKeD RiSKeD requested a review from jenstopp May 27, 2026 06:12
jenstopp
jenstopp requested changes May 27, 2026
View reviewed changes

@jenstopp jenstopp left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left a couple of comments. However, only two or three of them I'd like to see addressed before merging.
The rest can be part of refactoring. I'll mark the relevant ones.

Comment thread internal/dutagent/locker.go Outdated
Comment thread internal/dutagent/locker.go Outdated
Comment thread internal/dutagent/locker.go Outdated
Comment thread internal/dutagent/locker.go Outdated
Comment thread internal/dutagent/locker.go Outdated
Comment thread internal/output/text.go
Comment thread internal/output/text.go
Comment thread cmds/dutctl/dutctl.go Outdated
Comment thread cmds/dutctl/dutctl.go Outdated
Comment thread cmds/dutctl/dutctl.go Outdated
@RiSKeD RiSKeD force-pushed the feat/locking-mechanics branch from 8f3f686 to 7dbf101 Compare May 28, 2026 08:31
@RiSKeD

RiSKeD commented Jun 1, 2026
edited
Loading

Copy link
Copy Markdown
Contributor Author

Some testing output of the mechanism

➜ /tmp/dutctl -s $SRV list
- hermes

dutctl [ feat/locking-mechanics][$?][🐹 v1.25.0][☁️  (eu-central-1)][☁️  fabian.wienand@9elements.com]
➜ /tmp/dutctl -s $SRV hermes lock 5m
Device "hermes" locked by "l1x0r@l1x0r" for 5m

dutctl [ feat/locking-mechanics][$?][🐹 v1.25.0][☁️  (eu-central-1)][☁️  fabian.wienand@9elements.com]
➜ /tmp/dutctl -s $SRV list
- hermes [locked by "l1x0r@l1x0r" for 5m]

dutctl [ feat/locking-mechanics][$?][🐹 v1.25.0][☁️  (eu-central-1)][☁️  fabian.wienand@9elements.com]
➜ /tmp/dutctl -s $SRV hermes unlock
Device "hermes" unlocked

dutctl [ feat/locking-mechanics][$?][🐹 v1.25.0][☁️  (eu-central-1)][☁️  fabian.wienand@9elements.com]
➜ /tmp/dutctl -s $SRV hermes lock 5m
Device "hermes" locked by "l1x0r@l1x0r" for 5m

dutctl [ feat/locking-mechanics][$?][🐹 v1.25.0][☁️  (eu-central-1)][☁️  fabian.wienand@9elements.com]
➜ /tmp/dutctl -s $SRV -u "bob@lab" hermes unlock        # permission_denied

2026/06/01 10:07:35 permission_denied: device "hermes" is locked by "l1x0r@l1x0r" for 5m
[ble: exit 1]

dutctl [ feat/locking-mechanics][$?][🐹 v1.25.0][☁️  (eu-central-1)][☁️  fabian.wienand@9elements.com]
❯ /tmp/dutctl -s $SRV -u "bob@lab" -force hermes unlock # OK

Device "hermes" unlocked

dutctl [ feat/locking-mechanics][$?][🐹 v1.25.0][☁️  (eu-central-1)][☁️  fabian.wienand@9elements.com]
➜ /tmp/dutctl -s $SRV list

- hermes

dutctl [ feat/locking-mechanics][$?][🐹 v1.25.0][☁️  (eu-central-1)][☁️  fabian.wienand@9elements.com]
➜ /tmp/dutctl -s $SRV hermes lock 1m

Device "hermes" locked by "l1x0r@l1x0r" for 1m

dutctl [ feat/locking-mechanics][$?][🐹 v1.25.0][☁️  (eu-central-1)][☁️  fabian.wienand@9elements.com]
➜ /tmp/dutctl -s $SRV hermes lock 30m
Device "hermes" locked by "l1x0r@l1x0r" for 30m

dutctl [ feat/locking-mechanics][$?][🐹 v1.25.0][☁️  (eu-central-1)][☁️  fabian.wienand@9elements.com]
➜ /tmp/dutctl -s $SRV list
- hermes [locked by "l1x0r@l1x0r" for 30m]

dutctl [ feat/locking-mechanics][$?][🐹 v1.25.0][☁️  (eu-central-1)][☁️  fabian.wienand@9elements.com]
➜ /tmp/dutctl -s $SRV hermes unlock
Device "hermes" unlocked

@RiSKeD RiSKeD force-pushed the feat/locking-mechanics branch from 7dbf101 to 6e45232 Compare June 1, 2026 08:06
RiSKeD added 6 commits June 1, 2026 10:11
@RiSKeD
feat: add per-device Locker engine
de9ee16 
Add an in-memory Locker tracking two independent slots per device: an
explicit slot (Lock/ClearLock, requires a positive expiry) and an auto
slot (AutoLock/ClearAutoLock, command-scoped, no expiry). ClearLock and
ClearAutoLock share the same signature and error contract so callers can
reason about them as one pattern. ForceClearLock wipes both slots as an
admin escape hatch. Lock rejects non-positive durations with
ErrInvalidDuration. Add the shared OwnerHeader const used to carry owner
identity over HTTP.

Signed-off-by: Fabian Wienand <fabian.wienand@blindspot.software>
@RiSKeD
feat: reject reserved command names in device config
c301fb1 
The "lock" and "unlock" command names are now reserved for the per-device
locking RPCs. decodeCmds rejects them with a new ErrReservedCommand sentinel.

Signed-off-by: Fabian Wienand <fabian.wienand@blindspot.software>
@RiSKeD
feat: add Lock and Unlock RPCs with agent handlers
78b09fa 
Add Lock/Unlock to the DeviceService proto and implement them on the
dutagent: Lock acquires or extends a per-device lock, Unlock releases it
(with a force option that releases regardless of owner). Owner identity
is read from the OwnerHeader. Non-positive lock durations are rejected
with InvalidArgument. dutserver embeds the Unimplemented handler since
it does not forward these RPCs.

Signed-off-by: Fabian Wienand <fabian.wienand@blindspot.software>
@RiSKeD
feat: enforce per-device locking on Run
6b0f9bb 
Add three FSM states for per-device locking on Run: checkDeviceAccess
rejects Runs by non-owners with FailedPrecondition; acquireAutoLock
takes a command-scoped auto-lock; releaseAutoLock clears it once the
command finishes. The Run RPC handler also delegates to releaseAutoLock
as a safety net so auto-locks are not leaked on FSM error paths.
dutserver forwards the owner header to the upstream agent.

Signed-off-by: Fabian Wienand <fabian.wienand@blindspot.software>
@RiSKeD
feat: show device lock state in list output
b4145db 
ListResponse now carries structured DeviceInfo with per-device lock state
instead of bare device names. The dutctl client renders locked devices with
a "[locked by ...]" annotation and adds a lock-result output type for the
upcoming lock/unlock commands.

Signed-off-by: Fabian Wienand <fabian.wienand@blindspot.software>
@RiSKeD
feat: add lock and unlock client commands
839d541 
Add "dutctl <device> lock [duration]" and "dutctl <device> unlock
[--force]" subcommands, plus a -u flag to set the lock owner identity
(defaults to user@host). The owner is sent on Run, Lock and Unlock via
the OwnerHeader. Lock duration defaults to 30m and must be positive.

Signed-off-by: Fabian Wienand <fabian.wienand@blindspot.software>
@RiSKeD RiSKeD force-pushed the feat/locking-mechanics branch from 6e45232 to 839d541 Compare June 1, 2026 08:12
@RiSKeD RiSKeD merged commit f2b5ea8 into main Jun 3, 2026
18 checks passed
@RiSKeD RiSKeD deleted the feat/locking-mechanics branch June 3, 2026 09:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jenstopp jenstopp jenstopp approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add lock/unlock mechansim

2 participants

@RiSKeD @jenstopp