homectl: also acquire "cheap" passwords for homectl update/passwd

In 57bb9bcba5563c040ee0c41f58e3730a006a8de2 support was added to read
"cheap" passwords from env vars and stuff before issuing the first
operation, instead of waiting for it until the first operation failed.

This was added for most verbs of "homectl", but two were left out:
update + passwd. Add it there too.

1 files changed, 13 insertions, 4 deletions

diff --git a/src/home/homectl.c b/src/home/homectl.c
index cc2b9c8f31..706ce75dfb 100644
--- a/src/home/homectl.c
+++ b/src/home/homectl.c
@@ -1535,7 +1535,7 @@ static int home_record_reset_human_interaction_permission(UserRecord *hr) {
 
 static int update_home(int argc, char *argv[], void *userdata) {
         _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
-        _cleanup_(user_record_unrefp) UserRecord *hr = NULL;
+        _cleanup_(user_record_unrefp) UserRecord *hr = NULL, *secret = NULL;
         _cleanup_free_ char *buffer = NULL;
         const char *username;
         int r;
@@ -1561,6 +1561,15 @@ static int update_home(int argc, char *argv[], void *userdata) {
         if (r < 0)
                 return r;
 
+        /* Add in all secrets we can acquire cheaply */
+        r = acquire_passed_secrets(username, &secret);
+        if (r < 0)
+                return r;
+
+        r = user_record_merge_secret(hr, secret);
+        if (r < 0)
+                return r;
+
         /* If we do multiple operations, let's output things more verbosely, since otherwise the repeated
          * authentication might be confusing. */
 
@@ -1706,9 +1715,9 @@ static int passwd_home(int argc, char *argv[], void *userdata) {
 
         (void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
 
-        old_secret = user_record_new();
-        if (!old_secret)
-                return log_oom();
+        r = acquire_passed_secrets(username, &old_secret);
+        if (r < 0)
+                return r;
 
         new_secret = user_record_new();
         if (!new_secret)