| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is preparation for making our Varlink API a public API. Since our
Varlink API is built on top of our JSON API we need to make that public
first (it's a nice API, but JSON APIs there are already enough, this is
purely about the Varlink angle).
I made most of the json.h APIs public, and just placed them in
sd-json.h. Sometimes I wasn't so sure however, since the underlying data
structures would have to be made public too. If in doubt I didn#t risk
it, and moved the relevant API to src/libsystemd/sd-json/json-util.h
instead (without any sd_* symbol prefixes).
This is mostly a giant search/replace patch.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduces new extended variants of the various incarnations of
Create and Update, which take a map of filenames to FDs. This map is
then used to populate the bulk directory.
FDs are used to prevent the client from abusing homed's blob directory
permissions (everything is made world-readable by homed) to open files
that they normally aren't allowed to open. Passing along an FD ensures
that the client has read access to the file it wants homed to make
world-readable.
Internally, homework uses the map to overwrite the system blob dir.
Later, homework's existing blob dir reconciliation logic will propagate
the new contents from the system blob dir into the embedded blob
dir
|
| |
|
|
|
|
|
|
|
| |
This ensures that a user-specific blob directory exists in
/var/cache/systemd/homed for as long as the user exists, and gets
deleted if the user gets deleted.
It also advertises this blob directory via the user record, so that
clients can find and use it.
|
| |
|
|
|
|
|
| |
This adds an env var which we can use to redirect where homed stores and
looks for user records kept on the host. This is useful for debugging
purposes so that one can easily run another homed instnce that doesn't
interfere with the main instance.
|
| | |
|
| |
|
|
|
| |
They are only used under src/home/, but I want to add tests in test-libcrypt-util.c.
And the functions are almost trivial, so I think it is OK to move them to shared.
|
| |
|
|
|
| |
That way we can use it from other modules too. Just some shifting
around, no change in behaviour.
|
| |
|
|
|
| |
let's make sure that when we append potentially sensitive data to a bus
message we set the sensitive flag on the message object.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reworks the user validation infrastructure. There are now two
modes. In regular mode we are strict and test against a strict set of
valid chars. And in "relaxed" mode we just filter out some really
obvious, dangerous stuff. i.e. strict is whitelisting what is OK, but
"relaxed" is blacklisting what is really not OK.
The idea is that we use strict mode whenver we allocate a new user
(i.e. in sysusers.d or homed), while "relaxed" mode is when we process
users registered elsewhere, (i.e. userdb, logind, …)
The requirements on user name validity vary wildly. SSSD thinks its fine
to embedd "@" for example, while the suggested NAME_REGEX field on
Debian does not even allow uppercase chars…
This effectively liberaralizes a lot what we expect from usernames.
The code that warns about questionnable user names is now optional and
only used at places such as unit file parsing, so that it doesn't show
up on every userdb query, but only when processing configuration files
that know better.
Fixes: #15149 #15090
|
| | |
|
| |
|
|
|
|
|
|
| |
"home" is okay-ish in English, but rather awkward in many other languages.
For example, even before this change, in fr.po we had "un espace personnel"
as the translation everywhere. Let's use a less overloaded term.
Fixes #14789.
|
| | |
|
|
|
Fixes more or less: https://bugs.freedesktop.org/show_bug.cgi?id=67474
|
