summaryrefslogtreecommitdiffstats
path: root/src/core/dynamic-user.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/core/dynamic-user.c')
-rw-r--r--src/core/dynamic-user.c49
1 files changed, 18 insertions, 31 deletions
diff --git a/src/core/dynamic-user.c b/src/core/dynamic-user.c
index 2bf9094..11de2ba 100644
--- a/src/core/dynamic-user.c
+++ b/src/core/dynamic-user.c
@@ -20,7 +20,7 @@
#include "stdio-util.h"
#include "string-util.h"
#include "strv.h"
-#include "uid-alloc-range.h"
+#include "uid-classification.h"
#include "user-util.h"
/* Takes a value generated randomly or by hashing and turns it into a UID in the right range */
@@ -143,7 +143,6 @@ static int dynamic_user_acquire(Manager *m, const char *name, DynamicUser** ret)
}
static int make_uid_symlinks(uid_t uid, const char *name, bool b) {
-
char path1[STRLEN("/run/systemd/dynamic-uid/direct:") + DECIMAL_STR_MAX(uid_t) + 1];
const char *path2;
int r = 0, k;
@@ -293,8 +292,8 @@ static int pick_uid(char **suggested_paths, const char *name, uid_t *ret_uid) {
}
/* Some superficial check whether this UID/GID might already be taken by some static user */
- if (getpwuid(candidate) ||
- getgrgid((gid_t) candidate) ||
+ if (getpwuid_malloc(candidate, /* ret= */ NULL) >= 0 ||
+ getgrgid_malloc((gid_t) candidate, /* ret= */ NULL) >= 0 ||
search_ipc(candidate, (gid_t) candidate) != 0) {
(void) unlink(lock_path);
continue;
@@ -419,30 +418,26 @@ static int dynamic_user_realize(
/* First, let's parse this as numeric UID */
r = parse_uid(d->name, &num);
if (r < 0) {
- struct passwd *p;
- struct group *g;
+ _cleanup_free_ struct passwd *p = NULL;
+ _cleanup_free_ struct group *g = NULL;
if (is_user) {
/* OK, this is not a numeric UID. Let's see if there's a user by this name */
- p = getpwnam(d->name);
- if (p) {
+ if (getpwnam_malloc(d->name, &p) >= 0) {
num = p->pw_uid;
gid = p->pw_gid;
} else {
/* if the user does not exist but the group with the same name exists, refuse operation */
- g = getgrnam(d->name);
- if (g)
+ if (getgrnam_malloc(d->name, /* ret= */ NULL) >= 0)
return -EILSEQ;
}
} else {
/* Let's see if there's a group by this name */
- g = getgrnam(d->name);
- if (g)
+ if (getgrnam_malloc(d->name, &g) >= 0)
num = (uid_t) g->gr_gid;
else {
/* if the group does not exist but the user with the same name exists, refuse operation */
- p = getpwnam(d->name);
- if (p)
+ if (getpwnam_malloc(d->name, /* ret= */ NULL) >= 0)
return -EILSEQ;
}
}
@@ -484,13 +479,12 @@ static int dynamic_user_realize(
uid_lock_fd = new_uid_lock_fd;
}
} else if (is_user && !uid_is_dynamic(num)) {
- struct passwd *p;
+ _cleanup_free_ struct passwd *p = NULL;
/* Statically allocated user may have different uid and gid. So, let's obtain the gid. */
- errno = 0;
- p = getpwuid(num);
- if (!p)
- return errno_or_else(ESRCH);
+ r = getpwuid_malloc(num, &p);
+ if (r < 0)
+ return r;
gid = p->pw_gid;
}
@@ -658,7 +652,7 @@ void dynamic_user_deserialize_one(Manager *m, const char *value, FDSet *fds, Dyn
/* Parse the serialization again, after a daemon reload */
- r = extract_many_words(&value, NULL, 0, &name, &s0, &s1, NULL);
+ r = extract_many_words(&value, NULL, 0, &name, &s0, &s1);
if (r != 3 || !isempty(value)) {
log_debug("Unable to parse dynamic user line.");
return;
@@ -761,7 +755,6 @@ int dynamic_user_lookup_name(Manager *m, const char *name, uid_t *ret) {
int dynamic_creds_make(Manager *m, const char *user, const char *group, DynamicCreds **ret) {
_cleanup_(dynamic_creds_unrefp) DynamicCreds *creds = NULL;
- bool acquired = false;
int r;
assert(m);
@@ -784,20 +777,14 @@ int dynamic_creds_make(Manager *m, const char *user, const char *group, DynamicC
r = dynamic_user_acquire(m, user, &creds->user);
if (r < 0)
return r;
-
- acquired = true;
}
- if (creds->user && (!group || streq_ptr(user, group)))
- creds->group = dynamic_user_ref(creds->user);
- else if (group) {
+ if (group && !streq_ptr(user, group)) {
r = dynamic_user_acquire(m, group, &creds->group);
- if (r < 0) {
- if (acquired)
- creds->user = dynamic_user_unref(creds->user);
+ if (r < 0)
return r;
- }
- }
+ } else
+ creds->group = ASSERT_PTR(dynamic_user_ref(creds->user));
*ret = TAKE_PTR(creds);