summaryrefslogtreecommitdiffstats
path: root/src/home/homectl.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* process-util: add new FORK_DEATHSIG_SIGKILL flag, rename FORK_DEATHSIG → ↵Lennart Poettering2023-11-021-1/+1
| | | | | | | | | | | | | | | | | | FORK_DEATHSIG_SIGTERM Sometimes it makes sense to hard kill a client if we die. Let's hence add a third FORK_DEATHSIG flag for this purpose: FORK_DEATHSIG_SIGKILL. To make things less confusing this also renames FORK_DEATHSIG to FORK_DEATHSIG_SIGTERM to make clear it sends SIGTERM. We already had FORK_DEATHSIG_SIGINT, hence this makes things nicely symmetric. A bunch of users are switched over for FORK_DEATHSIG_SIGKILL where we know it's safe to abort things abruptly. This should make some kernel cases more robust, since we cannot get confused by signal masks or such. While we are at it, also fix a bunch of bugs where we didn't take FORK_DEATHSIG_SIGINT into account in safe_fork()
* json: add json_variant_set_fieldb() helperLennart Poettering2023-08-241-9/+6
| | | | | | Let's a "b" helper for json_variant_set_field() that combines json_build() with json_variant_set_field(), similar to the json_variant_merge_objectb(), json_variant_append_arrayb().
* json: rename json_append() → json_variant_merge_objectb()Lennart Poettering2023-08-241-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | json_append() is a useful wrapper around json_variant_merge(). However, I think the naming sould be cleaned up a bit of both functions. I thinker "merge" is the better word than "append", since it does decidedly more than just append: it replaces existing fields of the same name, hence "merge" sounds more appropriate. This is as opposed to the similar operations for arrays, where no such override logic is applied and we really just append, hence those functions are called "append" already. To make clearer that "merge" is about objects, and "append" about arrays, also include "object" in the name. Also, include "json_variant" in the name, like we do for almost all other functions in the JSON API that take a JSON object as primary input, and hence are kinda object methods. Finally, let's follow the logic that helpers that combine json_build() with some other operation get suffixed with "b" like we already have in some cases. Hence: json_variant_merge() → json_variant_merge_object() json_append() → json_variant_merge_objectb() This mirrors nicely the existing: json_variant_append_array() json_vairant_append_arrayb() This also drops the variant of json_append() that takes a va_arg parameter (i.e. json_appendv()). We have no user of that so far, and given the nature as a helper function only I don#t see that happening, and if it happens after all it's trivial to bring back.
* shared: add password quality check abstraction layer to support both ↵Egor Ignatov2023-07-061-3/+3
| | | | | | pwquality and passwdqc Co-authored-by: Dmitry V. Levin <ldv@altlinux.org>
* tree-wide: use _cleanup_set_free_ and friendsYu Watanabe2023-05-311-7/+7
| | | | Instead of _cleanup_(set_freep) or so.
* various: simplify calls to parse_boolean_argument()Zbigniew Jędrzejewski-Szmek2023-04-051-21/+10
| | | | | parse_boolean_argument() returns the same information via both the output argument and normal return.
* basic: add RuntimeScope enumLennart Poettering2023-03-101-1/+1
| | | | | | | | | | | | In various tools and services we have a per-system and per-user concept. So far we sometimes used a boolean indicating whether we are in system mode, or a reversed boolean indicating whether we are in user mode, or the LookupScope enum used by the lookup path logic. Let's address that, in introduce a common enum for this, we can use all across the board. This is mostly just search/replace, no actual code changes.
* homectl: make the new caps field configurable via homectlLennart Poettering2023-02-281-1/+68
|
* homectl: add missing breakLennart Poettering2023-02-211-0/+2
|
* repart: Allow configuring sector sizeDaan De Meyer2023-01-171-20/+0
| | | | | | Let's allow users to configure the (logical) sector size of their image. This is required when building images for a 4k sector size disk on a 512b sector size host or vice-versa.
* tree-wide: use -EBADF for fd initializationZbigniew Jędrzejewski-Szmek2022-12-191-1/+1
| | | | | | | | | | | | | | | | -1 was used everywhere, but -EBADF or -EBADFD started being used in various places. Let's make things consistent in the new style. Note that there are two candidates: EBADF 9 Bad file descriptor EBADFD 77 File descriptor in bad state Since we're initializating the fd, we're just assigning a value that means "no fd yet", so it's just a bad file descriptor, and the first errno fits better. If instead we had a valid file descriptor that became invalid because of some operation or state change, the other errno would fit better. In some places, initialization is dropped if unnecessary.
* Implement --luks-pbkdf-force-iterations for homedAidan Dang2022-12-061-0/+4
|
* basic: move version() to build.h+cZbigniew Jędrzejewski-Szmek2022-11-081-0/+1
|
* Implement --luks-sector-size for homedAidan Dang2022-10-071-0/+46
|
* tree-wide: allow ASCII fallback for … in logsDavid Tardon2022-06-281-4/+8
|
* cryptenroll,homectl: Introduce --fido2-credential-algorithm optionMkfsSion2022-04-221-2/+15
| | | | | * Some authenticators(like Yubikey) support credential algorithm other than ES256 * Introduce a new option so users can make use of it
* strv: declare iterator of FOREACH_STRING() in the loopZbigniew Jędrzejewski-Szmek2022-03-231-14/+3
| | | | | | | | | | | Same idea as 03677889f0ef42cdc534bf3b31265a054b20a354. No functional change intended. The type of the iterator is generally changed to be 'const char*' instead of 'char*'. Despite the type commonly used, modifying the string was not allowed. I adjusted the naming of some short variables for clarity and reduced the scope of some variable declarations in code that was being touched anyway.
* strv: make iterator in STRV_FOREACH() declaread in the loopYu Watanabe2022-03-191-9/+2
| | | | This also avoids multiple evaluations in STRV_FOREACH_BACKWARDS()
* env-util: replace unsetenv_erase() by new getenv_steal_erase() helperLennart Poettering2022-02-201-30/+25
| | | | | | | | The new helper combines a bunch of steps every invocation of unsetenv_erase() did so far: getenv() + strdup() + unsetenv_erase(). Let's unify this into one helper that is harder to use incorrectly. It's in inspired by TAKE_PTR() in a way: get the env var out and invalidate where it was before.
* home: update log messageYu Watanabe2021-12-221-1/+1
| | | | The ratelimit hits even when the all previous attempts are successfull.
* homectl: add new "homectl rebalance" commandLennart Poettering2021-11-251-0/+28
| | | | | Let's add an explicit, synchronous command to request immediate rebalancing and wait for it.
* homectl: expose new rebalanceWeight JSON use record fieldLennart Poettering2021-11-251-6/+48
|
* homectl: also acquire "cheap" passwords for homectl update/passwdLennart Poettering2021-11-241-4/+13
| | | | | | | | | In 57bb9bcba5563c040ee0c41f58e3730a006a8de2 support was added to read "cheap" passwords from env vars and stuff before issuing the first operation, instead of waiting for it until the first operation failed. This was added for most verbs of "homectl", but two were left out: update + passwd. Add it there too.
* homectl: expose new autoResizeMode JSON user record propertyLennart Poettering2021-11-231-0/+22
|
* homectl: parse "min" and "max" as special disk size valuesLennart Poettering2021-11-191-4/+30
|
* Merge pull request #21424 from keszybz/json-doubleLuca Boccassi2021-11-181-2/+2
|\ | | | | Use double and int64_t types in json
| * shared/json: use int64_t instead of intmax_tZbigniew Jędrzejewski-Szmek2021-11-181-2/+2
| | | | | | | | | | | | | | | | | | | | | | We were already asserting that the intmax_t and uintmax_t types are the same as int64_t and uint64_t. Pretty much everywhere in the code base we use the latter types. In principle intmax_t could be something different on some new architecture, and then the code would fail to compile or behave differently. We actually do not want the code to behave differently on those architectures, because that'd break interoperability. So let's just use int64_t/uint64_t since that's what we indend to use.
* | homectl: if homed asks for the recovery key to be supplied, query the user ↵Lennart Poettering2021-11-171-0/+78
|/ | | | | | for it Fixes: #21103
* shared: split out UID allocation range stuff from user-record.hLennart Poettering2021-11-131-0/+1
| | | | | | | | user-record.[ch] are about the UserRecord JSON stuff, and the UID allocation range stuff (i.e. login.defs handling) is a very different thing, and complex enough on its own, let's give it its own c/h files. No code changes, just some splitting out of code.
* homectl: make new LUKS extra mount option field settableLennart Poettering2021-11-121-1/+7
|
* Merge pull request #20138 from keszybz/coding-style-variable-declsLuca Boccassi2021-11-051-2/+2
|\ | | | | A coding style tweak and checking of sd_notify() calls and voidification of pager_open()
| * Make pager_open() return voidZbigniew Jędrzejewski-Szmek2021-11-031-2/+2
| |
* | tree-wide: do not print hint about -M if -M is already usedZbigniew Jędrzejewski-Szmek2021-11-041-1/+1
|/ | | | | | | | (Or when -H is used, since -H and -M are incompatible.) Note that the slightly unusual form with separate boolean variables (hint_vars, hint_addr) instead of e.g. a const char* variable to hold the message, because this way we don't trigger the warning about non-literal format.
* homework: allow specifying explicit additional mount options when using CIFS ↵Lennart Poettering2021-10-271-7/+13
| | | | | | | | backend This is useful since certain shares can only be mounted with additional mount flags. For example the SMB share in modern AVM Fritz!Boxes requires "noserverino" to be set to work from Linux.
* homectl: validate CIFS service name before accepting itLennart Poettering2021-10-271-3/+21
|
* homed: optionally, drop caches on logoutLennart Poettering2021-10-111-0/+23
| | | | Fixes: #20857
* basic: split out glyph/emoji related calls from locale-util.[ch] into ↵Lennart Poettering2021-10-051-0/+1
| | | | | | | | glyph-util.[ch] These functions are used pretty much independently of locale, i.e. the only info relevant is whether th locale is UTF-8 or not. Hence let's give this its own pair of .c/.h files.
* tree-wide: port everything over to new sd-id128 compund literal blissLennart Poettering2021-08-201-2/+1
|
* env-util: add unsetenv_erase() helperLennart Poettering2021-08-171-8/+3
| | | | Let's unify how we remove secrets from the env block.
* homectl: allow --setenv=FOOZbigniew Jędrzejewski-Szmek2021-08-111-115/+111
|
* Drop the text argument from assert_not_reached()Zbigniew Jędrzejewski-Szmek2021-08-031-1/+1
| | | | | | | | | | | | | | | | | In general we almost never hit those asserts in production code, so users see them very rarely, if ever. But either way, we just need something that users can pass to the developers. We have quite a few of those asserts, and some have fairly nice messages, but many are like "WTF?" or "???" or "unexpected something". The error that is printed includes the file location, and function name. In almost all functions there's at most one assert, so the function name alone is enough to identify the failure for a developer. So we don't get much extra from the message, and we might just as well drop them. Dropping them makes our code a tiny bit smaller, and most importantly, improves development experience by making it easy to insert such an assert in the code without thinking how to phrase the argument.
* userdb: make most loading of JSON user record data "permissive"Lennart Poettering2021-06-011-5/+5
| | | | | | | | | | | | | We want user records to be extensible, hence we shouldn't complain about fields we can't parse. In particular we want them to be extensible for our own future extensions. Some code already turned the permissive flag when parsing the JSON data, but most did not. Fix that. A few select cases remain where the bit is not set: where we just gnerated the JSON data ourselves, and thus can be reasonably sure that if we can't parse it it's our immediate programming error and not just us processing a user record from some other tool or a newer version of ourselves.
* homectl: store FIDO2 up/uv/clientPin fields in user records tooLennart Poettering2021-06-011-4/+66
| | | | | | | | | | | | This catches up homed's FIDO2 support with cryptsetup's: we'll now store the uv/up/clientPin configuration at enrollment in the user record JSON data, and use it when authenticating with it. This also adds explicit "uv" support: we'll only allow it to happen when the client explicity said it's OK. This is then used by clients to print a nice message suggesting "uv" has to take place before retrying allowing it this time. This is modelled after the existing handling for "up".
* homectl: pick up cached/credential store/env var passwords *before* issuing ↵Lennart Poettering2021-04-231-15/+58
| | | | | | | | | | | | | | | | | first request Previously, we'd generally attempt the operation first, without any passwords, and only query for a password if that operation then fails and asks for one. This is done to improve compatibility with password-less authentication schemes, such as security tokens and similar. This patch modifies this slightly: if a password can be acquired cheaply via the keyring password cache, the $CREDENTIALS_PATH credential store, or the $PASSWORD/$PIN environment variables, acquire it *before* issuing the first requested. This should save us a pointless roundtrip, and should never hurt.
* homectl: don't use password cache if we operate on other userLennart Poettering2021-04-231-0/+8
|
* homectl: don't use cached passwords when re-requesting password because wrongLennart Poettering2021-04-231-19/+86
| | | | | | Asking repeatedly for a password is pointless if we always use the same cached one. Let's thus disable cache use whenever we failed already once.
* homectl,TEST-46: fix test and fix homectl return value, update docsZbigniew Jędrzejewski-Szmek2021-04-081-1/+1
| | | | | The usual: the test wasn't testing, so we didn't notice that the command wasn't returning as expected.
* ask-password: when querying for a password, try to read from credential ↵Lennart Poettering2021-03-261-4/+4
| | | | | | | | | | | | store first This adds generic support for the SetCredential=/LoadCredential= logic to our password querying infrastructure: if a password is requested by a program that has a credential store configured via $CREDENTIALS_DIRECTORY we'll look in it for a password. The "systemd-ask-password" tool is updated with an option to specify the credential to look for.
* table: drop last SIZE_MAX from table_set_sort() and table_set_display()Yu Watanabe2021-03-041-1/+1
|
* tree-wide: port various pieces of code over to UINT32_SCALE_FROM_PERMYRIAD()Lennart Poettering2021-02-181-1/+1
|