diff options
| author | Mike Yuan <me@yhndnzj.com> | 2024-11-18 19:30:02 +0100 |
|---|---|---|
| committer | Mike Yuan <me@yhndnzj.com> | 2024-11-19 00:38:18 +0100 |
| commit | eea9d3eb106a91d4479d859603463bdfe3d262eb (patch) | |
| tree | 8fe1e9a0e146948d54640b1f8ee2569bc64b5155 /src/basic | |
| parent | basic/user-util: introduce shell_is_placeholder() helper (diff) | |
| download | systemd-eea9d3eb106a91d4479d859603463bdfe3d262eb.tar.xz systemd-eea9d3eb106a91d4479d859603463bdfe3d262eb.zip | |
basic/user-util: split out placeholder suppression from USER_CREDS_CLEAN into its own flag
No functional change, preparation for later commits.
Diffstat (limited to 'src/basic')
| -rw-r--r-- | src/basic/user-util.c | 19 | ||||
| -rw-r--r-- | src/basic/user-util.h | 7 |
2 files changed, 13 insertions, 13 deletions
diff --git a/src/basic/user-util.c b/src/basic/user-util.c index 632f1b6281..2b7c923b5e 100644 --- a/src/basic/user-util.c +++ b/src/basic/user-util.c @@ -220,9 +220,9 @@ static int synthesize_user_creds( if (ret_gid) *ret_gid = GID_NOBODY; if (ret_home) - *ret_home = FLAGS_SET(flags, USER_CREDS_CLEAN) ? NULL : "/"; + *ret_home = FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) ? NULL : "/"; if (ret_shell) - *ret_shell = FLAGS_SET(flags, USER_CREDS_CLEAN) ? NULL : NOLOGIN; + *ret_shell = FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) ? NULL : NOLOGIN; return 0; } @@ -244,6 +244,7 @@ int get_user_creds( assert(username); assert(*username); + assert((ret_home || ret_shell) || !(flags & (USER_CREDS_SUPPRESS_PLACEHOLDER|USER_CREDS_CLEAN))); if (!FLAGS_SET(flags, USER_CREDS_PREFER_NSS) || (!ret_home && !ret_shell)) { @@ -315,16 +316,14 @@ int get_user_creds( if (ret_home) /* Note: we don't insist on normalized paths, since there are setups that have /./ in the path */ - *ret_home = (FLAGS_SET(flags, USER_CREDS_CLEAN) && - (empty_or_root(p->pw_dir) || - !path_is_valid(p->pw_dir) || - !path_is_absolute(p->pw_dir))) ? NULL : p->pw_dir; + *ret_home = (FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) && empty_or_root(p->pw_dir)) || + (FLAGS_SET(flags, USER_CREDS_CLEAN) && (!path_is_valid(p->pw_dir) || !path_is_absolute(p->pw_dir))) + ? NULL : p->pw_dir; if (ret_shell) - *ret_shell = (FLAGS_SET(flags, USER_CREDS_CLEAN) && - (shell_is_placeholder(p->pw_shell) || - !path_is_valid(p->pw_shell) || - !path_is_absolute(p->pw_shell))) ? NULL : p->pw_shell; + *ret_shell = (FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) && shell_is_placeholder(p->pw_shell)) || + (FLAGS_SET(flags, USER_CREDS_CLEAN) && (!path_is_valid(p->pw_shell) || !path_is_absolute(p->pw_shell))) + ? NULL : p->pw_shell; if (patch_username) *username = p->pw_name; diff --git a/src/basic/user-util.h b/src/basic/user-util.h index 4858a9cb58..6f221ebfb0 100644 --- a/src/basic/user-util.h +++ b/src/basic/user-util.h @@ -48,9 +48,10 @@ static inline bool shell_is_placeholder(const char *shell) { } typedef enum UserCredsFlags { - USER_CREDS_PREFER_NSS = 1 << 0, /* if set, only synthesize user records if database lacks them. Normally we bypass the userdb entirely for the records we can synthesize */ - USER_CREDS_ALLOW_MISSING = 1 << 1, /* if a numeric UID string is resolved, be OK if there's no record for it */ - USER_CREDS_CLEAN = 1 << 2, /* try to clean up shell and home fields with invalid data */ + USER_CREDS_PREFER_NSS = 1 << 0, /* if set, only synthesize user records if database lacks them. Normally we bypass the userdb entirely for the records we can synthesize */ + USER_CREDS_ALLOW_MISSING = 1 << 1, /* if a numeric UID string is resolved, be OK if there's no record for it */ + USER_CREDS_CLEAN = 1 << 2, /* try to clean up shell and home fields with invalid data */ + USER_CREDS_SUPPRESS_PLACEHOLDER = 1 << 3, /* suppress home and/or shell fields if value is placeholder (root/empty/nologin) */ } UserCredsFlags; int get_user_creds(const char **username, uid_t *ret_uid, gid_t *ret_gid, const char **ret_home, const char **ret_shell, UserCredsFlags flags); |