diff options
| author | Lennart Poettering <lennart@poettering.net> | 2024-10-15 13:59:57 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2024-10-15 14:15:21 +0200 |
| commit | 69cc4ee134f420dcdd6aac08446bd852d8739694 (patch) | |
| tree | 7883ffbc4bcf748f45d9b96fc3523e78054b159c /src/shared/userdb.c | |
| parent | sd-varlink: add new sd_varlink_error_is_invalid_parameter() helper (diff) | |
| download | systemd-69cc4ee134f420dcdd6aac08446bd852d8739694.tar.xz systemd-69cc4ee134f420dcdd6aac08446bd852d8739694.zip | |
userdb: return ESRCH if userdb service refuses a user/group name as invalid
if a userdb service refuse a user/group name as invalid, let's turn this
into ESRCH client-side following that there definitely is no user/group
record for a completely invalid user/group name.
Replaces: #34558
Diffstat (limited to '')
| -rw-r--r-- | src/shared/userdb.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/shared/userdb.c b/src/shared/userdb.c index 557de70ea8..ff83d4bf90 100644 --- a/src/shared/userdb.c +++ b/src/shared/userdb.c @@ -171,9 +171,15 @@ static int userdb_on_query_reply( if (error_id) { log_debug("Got lookup error: %s", error_id); + /* Convert various forms of record not found into -ESRCH, since NSS typically doesn't care, + * about the details. Note that if a userName specification is refused as invalid parameter, + * we also turn this into -ESRCH following the logic that there cannot be a user record for a + * completely invalid user name. */ if (STR_IN_SET(error_id, "io.systemd.UserDatabase.NoRecordFound", - "io.systemd.UserDatabase.ConflictingRecordFound")) + "io.systemd.UserDatabase.ConflictingRecordFound") || + sd_varlink_error_is_invalid_parameter(error_id, parameters, "userName") || + sd_varlink_error_is_invalid_parameter(error_id, parameters, "groupName")) r = -ESRCH; else if (streq(error_id, "io.systemd.UserDatabase.ServiceNotAvailable")) r = -EHOSTDOWN; |