summaryrefslogtreecommitdiffstats
path: root/src/userdb
diff options
context:
space:
mode:
Diffstat (limited to 'src/userdb')
-rw-r--r--src/userdb/meson.build25
-rw-r--r--src/userdb/userdbctl.c1334
-rw-r--r--src/userdb/userdbd-manager.c321
-rw-r--r--src/userdb/userdbd-manager.h32
-rw-r--r--src/userdb/userdbd.c59
-rw-r--r--src/userdb/userwork.c575
6 files changed, 2346 insertions, 0 deletions
diff --git a/src/userdb/meson.build b/src/userdb/meson.build
new file mode 100644
index 0000000..2d701c8
--- /dev/null
+++ b/src/userdb/meson.build
@@ -0,0 +1,25 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+executables += [
+ libexec_template + {
+ 'name' : 'systemd-userwork',
+ 'conditions' : ['ENABLE_USERDB'],
+ 'sources' : files('userwork.c'),
+ 'dependencies' : threads,
+ },
+ libexec_template + {
+ 'name' : 'systemd-userdbd',
+ 'conditions' : ['ENABLE_USERDB'],
+ 'sources' : files(
+ 'userdbd-manager.c',
+ 'userdbd.c',
+ ),
+ 'dependencies' : threads,
+ },
+ executable_template + {
+ 'name' : 'userdbctl',
+ 'conditions' : ['ENABLE_USERDB'],
+ 'sources' : files('userdbctl.c'),
+ 'dependencies' : threads,
+ },
+]
diff --git a/src/userdb/userdbctl.c b/src/userdb/userdbctl.c
new file mode 100644
index 0000000..a7db3fb
--- /dev/null
+++ b/src/userdb/userdbctl.c
@@ -0,0 +1,1334 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <getopt.h>
+#include <utmp.h>
+
+#include "build.h"
+#include "dirent-util.h"
+#include "errno-list.h"
+#include "escape.h"
+#include "fd-util.h"
+#include "format-table.h"
+#include "format-util.h"
+#include "main-func.h"
+#include "pager.h"
+#include "parse-argument.h"
+#include "parse-util.h"
+#include "pretty-print.h"
+#include "socket-util.h"
+#include "strv.h"
+#include "terminal-util.h"
+#include "uid-range.h"
+#include "user-record-show.h"
+#include "user-util.h"
+#include "userdb.h"
+#include "verbs.h"
+
+static enum {
+ OUTPUT_CLASSIC,
+ OUTPUT_TABLE,
+ OUTPUT_FRIENDLY,
+ OUTPUT_JSON,
+ _OUTPUT_INVALID = -EINVAL,
+} arg_output = _OUTPUT_INVALID;
+
+static PagerFlags arg_pager_flags = 0;
+static bool arg_legend = true;
+static char** arg_services = NULL;
+static UserDBFlags arg_userdb_flags = 0;
+static JsonFormatFlags arg_json_format_flags = JSON_FORMAT_OFF;
+static bool arg_chain = false;
+
+STATIC_DESTRUCTOR_REGISTER(arg_services, strv_freep);
+
+static const char *user_disposition_to_color(UserDisposition d) {
+ assert(d >= 0);
+ assert(d < _USER_DISPOSITION_MAX);
+
+ switch (d) {
+ case USER_INTRINSIC:
+ return ansi_red();
+
+ case USER_SYSTEM:
+ case USER_DYNAMIC:
+ return ansi_green();
+
+ case USER_CONTAINER:
+ return ansi_cyan();
+
+ case USER_RESERVED:
+ return ansi_red();
+
+ default:
+ return NULL;
+ }
+}
+
+static int show_user(UserRecord *ur, Table *table) {
+ int r;
+
+ assert(ur);
+
+ switch (arg_output) {
+
+ case OUTPUT_CLASSIC:
+ if (!uid_is_valid(ur->uid))
+ break;
+
+ printf("%s:x:" UID_FMT ":" GID_FMT ":%s:%s:%s\n",
+ ur->user_name,
+ ur->uid,
+ user_record_gid(ur),
+ strempty(user_record_real_name(ur)),
+ user_record_home_directory(ur),
+ user_record_shell(ur));
+
+ break;
+
+ case OUTPUT_JSON:
+ json_variant_dump(ur->json, arg_json_format_flags, NULL, 0);
+ break;
+
+ case OUTPUT_FRIENDLY:
+ user_record_show(ur, true);
+
+ if (ur->incomplete) {
+ fflush(stdout);
+ log_warning("Warning: lacking rights to acquire privileged fields of user record of '%s', output incomplete.", ur->user_name);
+ }
+
+ break;
+
+ case OUTPUT_TABLE: {
+ UserDisposition d;
+
+ assert(table);
+ d = user_record_disposition(ur);
+
+ r = table_add_many(
+ table,
+ TABLE_STRING, "",
+ TABLE_STRING, ur->user_name,
+ TABLE_SET_COLOR, user_disposition_to_color(d),
+ TABLE_STRING, user_disposition_to_string(d),
+ TABLE_UID, ur->uid,
+ TABLE_GID, user_record_gid(ur),
+ TABLE_STRING, empty_to_null(ur->real_name),
+ TABLE_STRING, user_record_home_directory(ur),
+ TABLE_STRING, user_record_shell(ur),
+ TABLE_INT, 0);
+ if (r < 0)
+ return table_log_add_error(r);
+
+ break;
+ }
+
+ default:
+ assert_not_reached();
+ }
+
+ return 0;
+}
+
+static const struct {
+ uid_t first, last;
+ const char *name;
+ UserDisposition disposition;
+} uid_range_table[] = {
+ {
+ .first = 1,
+ .last = SYSTEM_UID_MAX,
+ .name = "system",
+ .disposition = USER_SYSTEM,
+ },
+ {
+ .first = DYNAMIC_UID_MIN,
+ .last = DYNAMIC_UID_MAX,
+ .name = "dynamic system",
+ .disposition = USER_DYNAMIC,
+ },
+ {
+ .first = CONTAINER_UID_BASE_MIN,
+ .last = CONTAINER_UID_BASE_MAX,
+ .name = "container",
+ .disposition = USER_CONTAINER,
+ },
+#if ENABLE_HOMED
+ {
+ .first = HOME_UID_MIN,
+ .last = HOME_UID_MAX,
+ .name = "systemd-homed",
+ .disposition = USER_REGULAR,
+ },
+#endif
+ {
+ .first = MAP_UID_MIN,
+ .last = MAP_UID_MAX,
+ .name = "mapped",
+ .disposition = USER_REGULAR,
+ },
+};
+
+static int table_add_uid_boundaries(Table *table, const UidRange *p) {
+ int r;
+
+ assert(table);
+
+ for (size_t i = 0; i < ELEMENTSOF(uid_range_table); i++) {
+ _cleanup_free_ char *name = NULL, *comment = NULL;
+
+ if (!uid_range_covers(p, uid_range_table[i].first, uid_range_table[i].last - uid_range_table[i].first + 1))
+ continue;
+
+ name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_DOWN),
+ " begin ", uid_range_table[i].name, " users ",
+ special_glyph(SPECIAL_GLYPH_ARROW_DOWN));
+ if (!name)
+ return log_oom();
+
+ comment = strjoin("First ", uid_range_table[i].name, " user");
+ if (!comment)
+ return log_oom();
+
+ r = table_add_many(
+ table,
+ TABLE_STRING, special_glyph(SPECIAL_GLYPH_TREE_TOP),
+ TABLE_STRING, name,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_STRING, user_disposition_to_string(uid_range_table[i].disposition),
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_UID, uid_range_table[i].first,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_EMPTY,
+ TABLE_STRING, comment,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_EMPTY,
+ TABLE_EMPTY,
+ TABLE_INT, -1); /* sort before any other entry with the same UID */
+ if (r < 0)
+ return table_log_add_error(r);
+
+ free(name);
+ name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_UP),
+ " end ", uid_range_table[i].name, " users ",
+ special_glyph(SPECIAL_GLYPH_ARROW_UP));
+ if (!name)
+ return log_oom();
+
+ free(comment);
+ comment = strjoin("Last ", uid_range_table[i].name, " user");
+ if (!comment)
+ return log_oom();
+
+ r = table_add_many(
+ table,
+ TABLE_STRING, special_glyph(SPECIAL_GLYPH_TREE_RIGHT),
+ TABLE_STRING, name,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_STRING, user_disposition_to_string(uid_range_table[i].disposition),
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_UID, uid_range_table[i].last,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_EMPTY,
+ TABLE_STRING, comment,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_EMPTY,
+ TABLE_EMPTY,
+ TABLE_INT, 1); /* sort after any other entry with the same UID */
+ if (r < 0)
+ return table_log_add_error(r);
+ }
+
+ return ELEMENTSOF(uid_range_table) * 2;
+}
+
+static int add_unavailable_uid(Table *table, uid_t start, uid_t end) {
+ _cleanup_free_ char *name = NULL;
+ int r;
+
+ assert(table);
+ assert(start <= end);
+
+ name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_DOWN),
+ " begin unavailable users ",
+ special_glyph(SPECIAL_GLYPH_ARROW_DOWN));
+ if (!name)
+ return log_oom();
+
+ r = table_add_many(
+ table,
+ TABLE_STRING, special_glyph(SPECIAL_GLYPH_TREE_TOP),
+ TABLE_STRING, name,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_EMPTY,
+ TABLE_UID, start,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_EMPTY,
+ TABLE_STRING, "First unavailable user",
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_EMPTY,
+ TABLE_EMPTY,
+ TABLE_INT, -1); /* sort before an other entry with the same UID */
+ if (r < 0)
+ return table_log_add_error(r);
+
+ free(name);
+ name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_UP),
+ " end unavailable users ",
+ special_glyph(SPECIAL_GLYPH_ARROW_UP));
+ if (!name)
+ return log_oom();
+
+ r = table_add_many(
+ table,
+ TABLE_STRING, special_glyph(SPECIAL_GLYPH_TREE_RIGHT),
+ TABLE_STRING, name,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_EMPTY,
+ TABLE_UID, end,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_EMPTY,
+ TABLE_STRING, "Last unavailable user",
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_EMPTY,
+ TABLE_EMPTY,
+ TABLE_INT, 1); /* sort after any other entry with the same UID */
+ if (r < 0)
+ return table_log_add_error(r);
+
+ return 2;
+}
+
+static int table_add_uid_map(
+ Table *table,
+ const UidRange *p,
+ int (*add_unavailable)(Table *t, uid_t start, uid_t end)) {
+
+ uid_t focus = 0;
+ int n_added = 0, r;
+
+ assert(table);
+ assert(add_unavailable);
+
+ for (size_t i = 0; p && i < p->n_entries; i++) {
+ UidRangeEntry *x = p->entries + i;
+
+ if (focus < x->start) {
+ r = add_unavailable(table, focus, x->start-1);
+ if (r < 0)
+ return r;
+
+ n_added += r;
+ }
+
+ if (x->start > UINT32_MAX - x->nr) { /* overflow check */
+ focus = UINT32_MAX;
+ break;
+ }
+
+ focus = x->start + x->nr;
+ }
+
+ if (focus < UINT32_MAX-1) {
+ r = add_unavailable(table, focus, UINT32_MAX-1);
+ if (r < 0)
+ return r;
+
+ n_added += r;
+ }
+
+ return n_added;
+}
+
+static int display_user(int argc, char *argv[], void *userdata) {
+ _cleanup_(table_unrefp) Table *table = NULL;
+ bool draw_separator = false;
+ int ret = 0, r;
+
+ if (arg_output < 0)
+ arg_output = argc > 1 ? OUTPUT_FRIENDLY : OUTPUT_TABLE;
+
+ if (arg_output == OUTPUT_TABLE) {
+ table = table_new(" ", "name", "disposition", "uid", "gid", "realname", "home", "shell", "order");
+ if (!table)
+ return log_oom();
+
+ (void) table_set_align_percent(table, table_get_cell(table, 0, 3), 100);
+ (void) table_set_align_percent(table, table_get_cell(table, 0, 4), 100);
+ table_set_ersatz_string(table, TABLE_ERSATZ_DASH);
+ (void) table_set_sort(table, (size_t) 3, (size_t) 8);
+ (void) table_set_display(table, (size_t) 0, (size_t) 1, (size_t) 2, (size_t) 3, (size_t) 4, (size_t) 5, (size_t) 6, (size_t) 7);
+ }
+
+ if (argc > 1)
+ STRV_FOREACH(i, argv + 1) {
+ _cleanup_(user_record_unrefp) UserRecord *ur = NULL;
+ uid_t uid;
+
+ if (parse_uid(*i, &uid) >= 0)
+ r = userdb_by_uid(uid, arg_userdb_flags, &ur);
+ else
+ r = userdb_by_name(*i, arg_userdb_flags, &ur);
+ if (r < 0) {
+ if (r == -ESRCH)
+ log_error_errno(r, "User %s does not exist.", *i);
+ else if (r == -EHOSTDOWN)
+ log_error_errno(r, "Selected user database service is not available for this request.");
+ else
+ log_error_errno(r, "Failed to find user %s: %m", *i);
+
+ if (ret >= 0)
+ ret = r;
+ } else {
+ if (draw_separator && arg_output == OUTPUT_FRIENDLY)
+ putchar('\n');
+
+ r = show_user(ur, table);
+ if (r < 0)
+ return r;
+
+ draw_separator = true;
+ }
+ }
+ else {
+ _cleanup_(userdb_iterator_freep) UserDBIterator *iterator = NULL;
+
+ r = userdb_all(arg_userdb_flags, &iterator);
+ if (r == -ENOLINK) /* ENOLINK → Didn't find answer without Varlink, and didn't try Varlink because was configured to off. */
+ log_debug_errno(r, "No entries found. (Didn't check via Varlink.)");
+ else if (r == -ESRCH) /* ESRCH → Couldn't find any suitable entry, but we checked all sources */
+ log_debug_errno(r, "No entries found.");
+ else if (r < 0)
+ return log_error_errno(r, "Failed to enumerate users: %m");
+ else {
+ for (;;) {
+ _cleanup_(user_record_unrefp) UserRecord *ur = NULL;
+
+ r = userdb_iterator_get(iterator, &ur);
+ if (r == -ESRCH)
+ break;
+ if (r == -EHOSTDOWN)
+ return log_error_errno(r, "Selected user database service is not available for this request.");
+ if (r < 0)
+ return log_error_errno(r, "Failed acquire next user: %m");
+
+ if (draw_separator && arg_output == OUTPUT_FRIENDLY)
+ putchar('\n');
+
+ r = show_user(ur, table);
+ if (r < 0)
+ return r;
+
+ draw_separator = true;
+ }
+ }
+ }
+
+ if (table) {
+ _cleanup_(uid_range_freep) UidRange *uid_range = NULL;
+ int boundary_lines, uid_map_lines;
+
+ r = uid_range_load_userns(&uid_range, "/proc/self/uid_map");
+ if (r < 0)
+ log_debug_errno(r, "Failed to load /proc/self/uid_map, ignoring: %m");
+
+ boundary_lines = table_add_uid_boundaries(table, uid_range);
+ if (boundary_lines < 0)
+ return boundary_lines;
+
+ uid_map_lines = table_add_uid_map(table, uid_range, add_unavailable_uid);
+ if (uid_map_lines < 0)
+ return uid_map_lines;
+
+ if (table_get_rows(table) > 1) {
+ r = table_print_with_pager(table, arg_json_format_flags, arg_pager_flags, arg_legend);
+ if (r < 0)
+ return table_log_print_error(r);
+ }
+
+ if (arg_legend) {
+ size_t k;
+
+ k = table_get_rows(table) - 1 - boundary_lines - uid_map_lines;
+ if (k > 0)
+ printf("\n%zu users listed.\n", k);
+ else
+ printf("No users.\n");
+ }
+ }
+
+ return ret;
+}
+
+static int show_group(GroupRecord *gr, Table *table) {
+ int r;
+
+ assert(gr);
+
+ switch (arg_output) {
+
+ case OUTPUT_CLASSIC: {
+ _cleanup_free_ char *m = NULL;
+
+ if (!gid_is_valid(gr->gid))
+ break;
+
+ m = strv_join(gr->members, ",");
+ if (!m)
+ return log_oom();
+
+ printf("%s:x:" GID_FMT ":%s\n",
+ gr->group_name,
+ gr->gid,
+ m);
+ break;
+ }
+
+ case OUTPUT_JSON:
+ json_variant_dump(gr->json, arg_json_format_flags, NULL, 0);
+ break;
+
+ case OUTPUT_FRIENDLY:
+ group_record_show(gr, true);
+
+ if (gr->incomplete) {
+ fflush(stdout);
+ log_warning("Warning: lacking rights to acquire privileged fields of group record of '%s', output incomplete.", gr->group_name);
+ }
+
+ break;
+
+ case OUTPUT_TABLE: {
+ UserDisposition d;
+
+ assert(table);
+ d = group_record_disposition(gr);
+
+ r = table_add_many(
+ table,
+ TABLE_STRING, "",
+ TABLE_STRING, gr->group_name,
+ TABLE_SET_COLOR, user_disposition_to_color(d),
+ TABLE_STRING, user_disposition_to_string(d),
+ TABLE_GID, gr->gid,
+ TABLE_STRING, gr->description,
+ TABLE_INT, 0);
+ if (r < 0)
+ return table_log_add_error(r);
+
+ break;
+ }
+
+ default:
+ assert_not_reached();
+ }
+
+ return 0;
+}
+
+static int table_add_gid_boundaries(Table *table, const UidRange *p) {
+ int r;
+
+ assert(table);
+
+ for (size_t i = 0; i < ELEMENTSOF(uid_range_table); i++) {
+ _cleanup_free_ char *name = NULL, *comment = NULL;
+
+ if (!uid_range_covers(p, uid_range_table[i].first, uid_range_table[i].last))
+ continue;
+
+ name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_DOWN),
+ " begin ", uid_range_table[i].name, " groups ",
+ special_glyph(SPECIAL_GLYPH_ARROW_DOWN));
+ if (!name)
+ return log_oom();
+
+ comment = strjoin("First ", uid_range_table[i].name, " group");
+ if (!comment)
+ return log_oom();
+
+ r = table_add_many(
+ table,
+ TABLE_STRING, special_glyph(SPECIAL_GLYPH_TREE_TOP),
+ TABLE_STRING, name,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_STRING, user_disposition_to_string(uid_range_table[i].disposition),
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_GID, uid_range_table[i].first,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_STRING, comment,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_INT, -1); /* sort before any other entry with the same GID */
+ if (r < 0)
+ return table_log_add_error(r);
+
+ free(name);
+ name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_UP),
+ " end ", uid_range_table[i].name, " groups ",
+ special_glyph(SPECIAL_GLYPH_ARROW_UP));
+ if (!name)
+ return log_oom();
+
+ free(comment);
+ comment = strjoin("Last ", uid_range_table[i].name, " group");
+ if (!comment)
+ return log_oom();
+
+ r = table_add_many(
+ table,
+ TABLE_STRING, special_glyph(SPECIAL_GLYPH_TREE_RIGHT),
+ TABLE_STRING, name,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_STRING, user_disposition_to_string(uid_range_table[i].disposition),
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_GID, uid_range_table[i].last,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_STRING, comment,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_INT, 1); /* sort after any other entry with the same GID */
+ if (r < 0)
+ return table_log_add_error(r);
+ }
+
+ return ELEMENTSOF(uid_range_table) * 2;
+}
+
+static int add_unavailable_gid(Table *table, uid_t start, uid_t end) {
+ _cleanup_free_ char *name = NULL;
+ int r;
+
+ assert(table);
+ assert(start <= end);
+
+ name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_DOWN),
+ " begin unavailable groups ",
+ special_glyph(SPECIAL_GLYPH_ARROW_DOWN));
+ if (!name)
+ return log_oom();
+
+ r = table_add_many(
+ table,
+ TABLE_STRING, special_glyph(SPECIAL_GLYPH_TREE_TOP),
+ TABLE_STRING, name,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_EMPTY,
+ TABLE_GID, start,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_STRING, "First unavailable group",
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_INT, -1); /* sort before any other entry with the same GID */
+ if (r < 0)
+ return table_log_add_error(r);
+
+ free(name);
+ name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_UP),
+ " end unavailable groups ",
+ special_glyph(SPECIAL_GLYPH_ARROW_UP));
+ if (!name)
+ return log_oom();
+
+ r = table_add_many(
+ table,
+ TABLE_STRING, special_glyph(SPECIAL_GLYPH_TREE_RIGHT),
+ TABLE_STRING, name,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_EMPTY,
+ TABLE_GID, end,
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_STRING, "Last unavailable group",
+ TABLE_SET_COLOR, ansi_grey(),
+ TABLE_INT, 1); /* sort after any other entry with the same GID */
+ if (r < 0)
+ return table_log_add_error(r);
+
+ return 2;
+}
+
+static int display_group(int argc, char *argv[], void *userdata) {
+ _cleanup_(table_unrefp) Table *table = NULL;
+ bool draw_separator = false;
+ int ret = 0, r;
+
+ if (arg_output < 0)
+ arg_output = argc > 1 ? OUTPUT_FRIENDLY : OUTPUT_TABLE;
+
+ if (arg_output == OUTPUT_TABLE) {
+ table = table_new(" ", "name", "disposition", "gid", "description", "order");
+ if (!table)
+ return log_oom();
+
+ (void) table_set_align_percent(table, table_get_cell(table, 0, 3), 100);
+ table_set_ersatz_string(table, TABLE_ERSATZ_DASH);
+ (void) table_set_sort(table, (size_t) 3, (size_t) 5);
+ (void) table_set_display(table, (size_t) 0, (size_t) 1, (size_t) 2, (size_t) 3, (size_t) 4);
+ }
+
+ if (argc > 1)
+ STRV_FOREACH(i, argv + 1) {
+ _cleanup_(group_record_unrefp) GroupRecord *gr = NULL;
+ gid_t gid;
+
+ if (parse_gid(*i, &gid) >= 0)
+ r = groupdb_by_gid(gid, arg_userdb_flags, &gr);
+ else
+ r = groupdb_by_name(*i, arg_userdb_flags, &gr);
+ if (r < 0) {
+ if (r == -ESRCH)
+ log_error_errno(r, "Group %s does not exist.", *i);
+ else if (r == -EHOSTDOWN)
+ log_error_errno(r, "Selected group database service is not available for this request.");
+ else
+ log_error_errno(r, "Failed to find group %s: %m", *i);
+
+ if (ret >= 0)
+ ret = r;
+ } else {
+ if (draw_separator && arg_output == OUTPUT_FRIENDLY)
+ putchar('\n');
+
+ r = show_group(gr, table);
+ if (r < 0)
+ return r;
+
+ draw_separator = true;
+ }
+ }
+ else {
+ _cleanup_(userdb_iterator_freep) UserDBIterator *iterator = NULL;
+
+ r = groupdb_all(arg_userdb_flags, &iterator);
+ if (r == -ENOLINK)
+ log_debug_errno(r, "No entries found. (Didn't check via Varlink.)");
+ else if (r == -ESRCH)
+ log_debug_errno(r, "No entries found.");
+ else if (r < 0)
+ return log_error_errno(r, "Failed to enumerate groups: %m");
+ else {
+ for (;;) {
+ _cleanup_(group_record_unrefp) GroupRecord *gr = NULL;
+
+ r = groupdb_iterator_get(iterator, &gr);
+ if (r == -ESRCH)
+ break;
+ if (r == -EHOSTDOWN)
+ return log_error_errno(r, "Selected group database service is not available for this request.");
+ if (r < 0)
+ return log_error_errno(r, "Failed acquire next group: %m");
+
+ if (draw_separator && arg_output == OUTPUT_FRIENDLY)
+ putchar('\n');
+
+ r = show_group(gr, table);
+ if (r < 0)
+ return r;
+
+ draw_separator = true;
+ }
+ }
+ }
+
+ if (table) {
+ _cleanup_(uid_range_freep) UidRange *gid_range = NULL;
+ int boundary_lines, gid_map_lines;
+
+ r = uid_range_load_userns(&gid_range, "/proc/self/gid_map");
+ if (r < 0)
+ log_debug_errno(r, "Failed to load /proc/self/gid_map, ignoring: %m");
+
+ boundary_lines = table_add_gid_boundaries(table, gid_range);
+ if (boundary_lines < 0)
+ return boundary_lines;
+
+ gid_map_lines = table_add_uid_map(table, gid_range, add_unavailable_gid);
+ if (gid_map_lines < 0)
+ return gid_map_lines;
+
+ if (table_get_rows(table) > 1) {
+ r = table_print_with_pager(table, arg_json_format_flags, arg_pager_flags, arg_legend);
+ if (r < 0)
+ return table_log_print_error(r);
+ }
+
+ if (arg_legend) {
+ size_t k;
+
+ k = table_get_rows(table) - 1 - boundary_lines - gid_map_lines;
+ if (k > 0)
+ printf("\n%zu groups listed.\n", k);
+ else
+ printf("No groups.\n");
+ }
+ }
+
+ return ret;
+}
+
+static int show_membership(const char *user, const char *group, Table *table) {
+ int r;
+
+ assert(user);
+ assert(group);
+
+ switch (arg_output) {
+
+ case OUTPUT_CLASSIC:
+ /* Strictly speaking there's no 'classic' output for this concept, but let's output it in
+ * similar style to the classic output for user/group info */
+
+ printf("%s:%s\n", user, group);
+ break;
+
+ case OUTPUT_JSON: {
+ _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
+
+ r = json_build(&v, JSON_BUILD_OBJECT(
+ JSON_BUILD_PAIR("user", JSON_BUILD_STRING(user)),
+ JSON_BUILD_PAIR("group", JSON_BUILD_STRING(group))));
+ if (r < 0)
+ return log_error_errno(r, "Failed to build JSON object: %m");
+
+ json_variant_dump(v, arg_json_format_flags, NULL, NULL);
+ break;
+ }
+
+ case OUTPUT_FRIENDLY:
+ /* Hmm, this is not particularly friendly, but not sure how we could do this better */
+ printf("%s: %s\n", group, user);
+ break;
+
+ case OUTPUT_TABLE:
+ assert(table);
+
+ r = table_add_many(
+ table,
+ TABLE_STRING, user,
+ TABLE_STRING, group);
+ if (r < 0)
+ return table_log_add_error(r);
+
+ break;
+
+ default:
+ assert_not_reached();
+ }
+
+ return 0;
+}
+
+static int display_memberships(int argc, char *argv[], void *userdata) {
+ _cleanup_(table_unrefp) Table *table = NULL;
+ int ret = 0, r;
+
+ if (arg_output < 0)
+ arg_output = OUTPUT_TABLE;
+
+ if (arg_output == OUTPUT_TABLE) {
+ table = table_new("user", "group");
+ if (!table)
+ return log_oom();
+
+ (void) table_set_sort(table, (size_t) 0, (size_t) 1);
+ }
+
+ if (argc > 1)
+ STRV_FOREACH(i, argv + 1) {
+ _cleanup_(userdb_iterator_freep) UserDBIterator *iterator = NULL;
+
+ if (streq(argv[0], "users-in-group")) {
+ r = membershipdb_by_group(*i, arg_userdb_flags, &iterator);
+ if (r < 0)
+ return log_error_errno(r, "Failed to enumerate users in group: %m");
+ } else if (streq(argv[0], "groups-of-user")) {
+ r = membershipdb_by_user(*i, arg_userdb_flags, &iterator);
+ if (r < 0)
+ return log_error_errno(r, "Failed to enumerate groups of user: %m");
+ } else
+ assert_not_reached();
+
+ for (;;) {
+ _cleanup_free_ char *user = NULL, *group = NULL;
+
+ r = membershipdb_iterator_get(iterator, &user, &group);
+ if (r == -ESRCH)
+ break;
+ if (r == -EHOSTDOWN)
+ return log_error_errno(r, "Selected membership database service is not available for this request.");
+ if (r < 0)
+ return log_error_errno(r, "Failed acquire next membership: %m");
+
+ r = show_membership(user, group, table);
+ if (r < 0)
+ return r;
+ }
+ }
+ else {
+ _cleanup_(userdb_iterator_freep) UserDBIterator *iterator = NULL;
+
+ r = membershipdb_all(arg_userdb_flags, &iterator);
+ if (r == -ENOLINK)
+ log_debug_errno(r, "No entries found. (Didn't check via Varlink.)");
+ else if (r == -ESRCH)
+ log_debug_errno(r, "No entries found.");
+ else if (r < 0)
+ return log_error_errno(r, "Failed to enumerate memberships: %m");
+ else {
+ for (;;) {
+ _cleanup_free_ char *user = NULL, *group = NULL;
+
+ r = membershipdb_iterator_get(iterator, &user, &group);
+ if (r == -ESRCH)
+ break;
+ if (r == -EHOSTDOWN)
+ return log_error_errno(r, "Selected membership database service is not available for this request.");
+ if (r < 0)
+ return log_error_errno(r, "Failed acquire next membership: %m");
+
+ r = show_membership(user, group, table);
+ if (r < 0)
+ return r;
+ }
+ }
+ }
+
+ if (table) {
+ if (table_get_rows(table) > 1) {
+ r = table_print_with_pager(table, arg_json_format_flags, arg_pager_flags, arg_legend);
+ if (r < 0)
+ return table_log_print_error(r);
+ }
+
+ if (arg_legend) {
+ if (table_get_rows(table) > 1)
+ printf("\n%zu memberships listed.\n", table_get_rows(table) - 1);
+ else
+ printf("No memberships.\n");
+ }
+ }
+
+ return ret;
+}
+
+static int display_services(int argc, char *argv[], void *userdata) {
+ _cleanup_(table_unrefp) Table *t = NULL;
+ _cleanup_closedir_ DIR *d = NULL;
+ int r;
+
+ d = opendir("/run/systemd/userdb/");
+ if (!d) {
+ if (errno == ENOENT) {
+ log_info("No services.");
+ return 0;
+ }
+
+ return log_error_errno(errno, "Failed to open /run/systemd/userdb/: %m");
+ }
+
+ t = table_new("service", "listening");
+ if (!t)
+ return log_oom();
+
+ (void) table_set_sort(t, (size_t) 0);
+
+ FOREACH_DIRENT(de, d, return -errno) {
+ _cleanup_free_ char *j = NULL, *no = NULL;
+ _cleanup_close_ int fd = -EBADF;
+
+ j = path_join("/run/systemd/userdb/", de->d_name);
+ if (!j)
+ return log_oom();
+
+ fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
+ if (fd < 0)
+ return log_error_errno(errno, "Failed to allocate AF_UNIX/SOCK_STREAM socket: %m");
+
+ r = connect_unix_path(fd, dirfd(d), de->d_name);
+ if (r < 0) {
+ no = strjoin("No (", errno_to_name(r), ")");
+ if (!no)
+ return log_oom();
+ }
+
+ r = table_add_many(t,
+ TABLE_STRING, de->d_name,
+ TABLE_STRING, no ?: "yes",
+ TABLE_SET_COLOR, no ? ansi_highlight_red() : ansi_highlight_green());
+ if (r < 0)
+ return table_log_add_error(r);
+ }
+
+ if (table_get_rows(t) > 1) {
+ r = table_print_with_pager(t, arg_json_format_flags, arg_pager_flags, arg_legend);
+ if (r < 0)
+ return table_log_print_error(r);
+ }
+
+ if (arg_legend && arg_output != OUTPUT_JSON) {
+ if (table_get_rows(t) > 1)
+ printf("\n%zu services listed.\n", table_get_rows(t) - 1);
+ else
+ printf("No services.\n");
+ }
+
+ return 0;
+}
+
+static int ssh_authorized_keys(int argc, char *argv[], void *userdata) {
+ _cleanup_(user_record_unrefp) UserRecord *ur = NULL;
+ char **chain_invocation;
+ int r;
+
+ assert(argc >= 2);
+
+ if (arg_chain) {
+ /* If --chain is specified, the rest of the command line is the chain command */
+
+ if (argc < 3)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
+ "No chain command line specified, refusing.");
+
+ /* Make similar restrictions on the chain command as OpenSSH itself makes on the primary command. */
+ if (!path_is_absolute(argv[2]))
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
+ "Chain invocation of ssh-authorized-keys commands requires an absolute binary path argument.");
+
+ if (!path_is_normalized(argv[2]))
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
+ "Chain invocation of ssh-authorized-keys commands requires an normalized binary path argument.");
+
+ chain_invocation = argv + 2;
+ } else {
+ /* If --chain is not specified, then refuse any further arguments */
+
+ if (argc > 2)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Too many arguments.");
+
+ chain_invocation = NULL;
+ }
+
+ r = userdb_by_name(argv[1], arg_userdb_flags, &ur);
+ if (r == -ESRCH)
+ log_error_errno(r, "User %s does not exist.", argv[1]);
+ else if (r == -EHOSTDOWN)
+ log_error_errno(r, "Selected user database service is not available for this request.");
+ else if (r == -EINVAL)
+ log_error_errno(r, "Failed to find user %s: %m (Invalid user name?)", argv[1]);
+ else if (r < 0)
+ log_error_errno(r, "Failed to find user %s: %m", argv[1]);
+ else {
+ if (strv_isempty(ur->ssh_authorized_keys))
+ log_debug("User record for %s has no public SSH keys.", argv[1]);
+ else
+ STRV_FOREACH(i, ur->ssh_authorized_keys)
+ printf("%s\n", *i);
+
+ if (ur->incomplete) {
+ fflush(stdout);
+ log_warning("Warning: lacking rights to acquire privileged fields of user record of '%s', output incomplete.", ur->user_name);
+ }
+ }
+
+ if (chain_invocation) {
+ if (DEBUG_LOGGING) {
+ _cleanup_free_ char *s = NULL;
+
+ s = quote_command_line(chain_invocation, SHELL_ESCAPE_EMPTY);
+ if (!s)
+ return log_oom();
+
+ log_debug("Chain invoking: %s", s);
+ }
+
+ fflush(stdout);
+ execv(chain_invocation[0], chain_invocation);
+ if (errno == ENOENT) /* Let's handle ENOENT gracefully */
+ log_warning_errno(errno, "Chain executable '%s' does not exist, ignoring chain invocation.", chain_invocation[0]);
+ else {
+ log_error_errno(errno, "Failed to invoke chain executable '%s': %m", chain_invocation[0]);
+ if (r >= 0)
+ r = -errno;
+ }
+ }
+
+ return r;
+}
+
+static int help(int argc, char *argv[], void *userdata) {
+ _cleanup_free_ char *link = NULL;
+ int r;
+
+ pager_open(arg_pager_flags);
+
+ r = terminal_urlify_man("userdbctl", "1", &link);
+ if (r < 0)
+ return log_oom();
+
+ printf("%s [OPTIONS...] COMMAND ...\n\n"
+ "%sShow user and group information.%s\n"
+ "\nCommands:\n"
+ " user [USER…] Inspect user\n"
+ " group [GROUP…] Inspect group\n"
+ " users-in-group [GROUP…] Show users that are members of specified groups\n"
+ " groups-of-user [USER…] Show groups the specified users are members of\n"
+ " services Show enabled database services\n"
+ " ssh-authorized-keys USER Show SSH authorized keys for user\n"
+ "\nOptions:\n"
+ " -h --help Show this help\n"
+ " --version Show package version\n"
+ " --no-pager Do not pipe output into a pager\n"
+ " --no-legend Do not show the headers and footers\n"
+ " --output=MODE Select output mode (classic, friendly, table, json)\n"
+ " -j Equivalent to --output=json\n"
+ " -s --service=SERVICE[:SERVICE…]\n"
+ " Query the specified service\n"
+ " --with-nss=BOOL Control whether to include glibc NSS data\n"
+ " -N Do not synthesize or include glibc NSS data\n"
+ " (Same as --synthesize=no --with-nss=no)\n"
+ " --synthesize=BOOL Synthesize root/nobody user\n"
+ " --with-dropin=BOOL Control whether to include drop-in records\n"
+ " --with-varlink=BOOL Control whether to talk to services at all\n"
+ " --multiplexer=BOOL Control whether to use the multiplexer\n"
+ " --json=pretty|short JSON output mode\n"
+ " --chain Chain another command\n"
+ "\nSee the %s for details.\n",
+ program_invocation_short_name,
+ ansi_highlight(),
+ ansi_normal(),
+ link);
+
+ return 0;
+}
+
+static int parse_argv(int argc, char *argv[]) {
+
+ enum {
+ ARG_VERSION = 0x100,
+ ARG_NO_PAGER,
+ ARG_NO_LEGEND,
+ ARG_OUTPUT,
+ ARG_WITH_NSS,
+ ARG_WITH_DROPIN,
+ ARG_WITH_VARLINK,
+ ARG_SYNTHESIZE,
+ ARG_MULTIPLEXER,
+ ARG_JSON,
+ ARG_CHAIN,
+ };
+
+ static const struct option options[] = {
+ { "help", no_argument, NULL, 'h' },
+ { "version", no_argument, NULL, ARG_VERSION },
+ { "no-pager", no_argument, NULL, ARG_NO_PAGER },
+ { "no-legend", no_argument, NULL, ARG_NO_LEGEND },
+ { "output", required_argument, NULL, ARG_OUTPUT },
+ { "service", required_argument, NULL, 's' },
+ { "with-nss", required_argument, NULL, ARG_WITH_NSS },
+ { "with-dropin", required_argument, NULL, ARG_WITH_DROPIN },
+ { "with-varlink", required_argument, NULL, ARG_WITH_VARLINK },
+ { "synthesize", required_argument, NULL, ARG_SYNTHESIZE },
+ { "multiplexer", required_argument, NULL, ARG_MULTIPLEXER },
+ { "json", required_argument, NULL, ARG_JSON },
+ { "chain", no_argument, NULL, ARG_CHAIN },
+ {}
+ };
+
+ const char *e;
+ int r;
+
+ assert(argc >= 0);
+ assert(argv);
+
+ /* We are going to update this environment variable with our own, hence let's first read what is already set */
+ e = getenv("SYSTEMD_ONLY_USERDB");
+ if (e) {
+ char **l;
+
+ l = strv_split(e, ":");
+ if (!l)
+ return log_oom();
+
+ strv_free(arg_services);
+ arg_services = l;
+ }
+
+ /* Resetting to 0 forces the invocation of an internal initialization routine of getopt_long()
+ * that checks for GNU extensions in optstring ('-' or '+' at the beginning). */
+ optind = 0;
+
+ for (;;) {
+ int c;
+
+ c = getopt_long(argc, argv,
+ arg_chain ? "+hjs:N" : "hjs:N", /* When --chain was used disable parsing of further switches */
+ options, NULL);
+ if (c < 0)
+ break;
+
+ switch (c) {
+
+ case 'h':
+ return help(0, NULL, NULL);
+
+ case ARG_VERSION:
+ return version();
+
+ case ARG_NO_PAGER:
+ arg_pager_flags |= PAGER_DISABLE;
+ break;
+
+ case ARG_NO_LEGEND:
+ arg_legend = false;
+ break;
+
+ case ARG_OUTPUT:
+ if (isempty(optarg))
+ arg_output = _OUTPUT_INVALID;
+ else if (streq(optarg, "classic"))
+ arg_output = OUTPUT_CLASSIC;
+ else if (streq(optarg, "friendly"))
+ arg_output = OUTPUT_FRIENDLY;
+ else if (streq(optarg, "json"))
+ arg_output = OUTPUT_JSON;
+ else if (streq(optarg, "table"))
+ arg_output = OUTPUT_TABLE;
+ else if (streq(optarg, "help")) {
+ puts("classic\n"
+ "friendly\n"
+ "json\n"
+ "table");
+ return 0;
+ } else
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid --output= mode: %s", optarg);
+
+ arg_json_format_flags = arg_output == OUTPUT_JSON ? JSON_FORMAT_PRETTY|JSON_FORMAT_COLOR_AUTO : JSON_FORMAT_OFF;
+ break;
+
+ case ARG_JSON:
+ r = parse_json_argument(optarg, &arg_json_format_flags);
+ if (r <= 0)
+ return r;
+
+ arg_output = FLAGS_SET(arg_json_format_flags, JSON_FORMAT_OFF) ? _OUTPUT_INVALID : OUTPUT_JSON;
+ break;
+
+ case 'j':
+ arg_json_format_flags = JSON_FORMAT_PRETTY|JSON_FORMAT_COLOR_AUTO;
+ arg_output = OUTPUT_JSON;
+ break;
+
+ case 's':
+ if (isempty(optarg))
+ arg_services = strv_free(arg_services);
+ else {
+ _cleanup_strv_free_ char **l = NULL;
+
+ l = strv_split(optarg, ":");
+ if (!l)
+ return log_oom();
+
+ r = strv_extend_strv(&arg_services, l, true);
+ if (r < 0)
+ return log_oom();
+ }
+
+ break;
+
+ case 'N':
+ arg_userdb_flags |= USERDB_EXCLUDE_NSS|USERDB_DONT_SYNTHESIZE;
+ break;
+
+ case ARG_WITH_NSS:
+ r = parse_boolean_argument("--with-nss=", optarg, NULL);
+ if (r < 0)
+ return r;
+
+ SET_FLAG(arg_userdb_flags, USERDB_EXCLUDE_NSS, !r);
+ break;
+
+ case ARG_WITH_DROPIN:
+ r = parse_boolean_argument("--with-dropin=", optarg, NULL);
+ if (r < 0)
+ return r;
+
+ SET_FLAG(arg_userdb_flags, USERDB_EXCLUDE_DROPIN, !r);
+ break;
+
+ case ARG_WITH_VARLINK:
+ r = parse_boolean_argument("--with-varlink=", optarg, NULL);
+ if (r < 0)
+ return r;
+
+ SET_FLAG(arg_userdb_flags, USERDB_EXCLUDE_VARLINK, !r);
+ break;
+
+ case ARG_SYNTHESIZE:
+ r = parse_boolean_argument("--synthesize=", optarg, NULL);
+ if (r < 0)
+ return r;
+
+ SET_FLAG(arg_userdb_flags, USERDB_DONT_SYNTHESIZE, !r);
+ break;
+
+ case ARG_MULTIPLEXER:
+ r = parse_boolean_argument("--multiplexer=", optarg, NULL);
+ if (r < 0)
+ return r;
+
+ SET_FLAG(arg_userdb_flags, USERDB_AVOID_MULTIPLEXER, !r);
+ break;
+
+ case ARG_CHAIN:
+ arg_chain = true;
+ break;
+
+ case '?':
+ return -EINVAL;
+
+ default:
+ assert_not_reached();
+ }
+ }
+
+ return 1;
+}
+
+static int run(int argc, char *argv[]) {
+ static const Verb verbs[] = {
+ { "help", VERB_ANY, VERB_ANY, 0, help },
+ { "user", VERB_ANY, VERB_ANY, VERB_DEFAULT, display_user },
+ { "group", VERB_ANY, VERB_ANY, 0, display_group },
+ { "users-in-group", VERB_ANY, VERB_ANY, 0, display_memberships },
+ { "groups-of-user", VERB_ANY, VERB_ANY, 0, display_memberships },
+ { "services", VERB_ANY, 1, 0, display_services },
+
+ /* This one is a helper for sshd_config's AuthorizedKeysCommand= setting, it's not a
+ * user-facing verb and thus should not appear in man pages or --help texts. */
+ { "ssh-authorized-keys", 2, VERB_ANY, 0, ssh_authorized_keys },
+ {}
+ };
+
+ int r;
+
+ log_setup();
+
+ r = parse_argv(argc, argv);
+ if (r <= 0)
+ return r;
+
+ if (arg_services) {
+ _cleanup_free_ char *e = NULL;
+
+ e = strv_join(arg_services, ":");
+ if (!e)
+ return log_oom();
+
+ if (setenv("SYSTEMD_ONLY_USERDB", e, true) < 0)
+ return log_error_errno(r, "Failed to set $SYSTEMD_ONLY_USERDB: %m");
+
+ log_info("Enabled services: %s", e);
+ } else
+ assert_se(unsetenv("SYSTEMD_ONLY_USERDB") == 0);
+
+ return dispatch_verb(argc, argv, verbs, NULL);
+}
+
+DEFINE_MAIN_FUNCTION(run);
diff --git a/src/userdb/userdbd-manager.c b/src/userdb/userdbd-manager.c
new file mode 100644
index 0000000..c1dfe47
--- /dev/null
+++ b/src/userdb/userdbd-manager.c
@@ -0,0 +1,321 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <sys/wait.h>
+
+#include "sd-daemon.h"
+
+#include "common-signal.h"
+#include "fd-util.h"
+#include "fs-util.h"
+#include "mkdir.h"
+#include "process-util.h"
+#include "set.h"
+#include "signal-util.h"
+#include "socket-util.h"
+#include "stdio-util.h"
+#include "umask-util.h"
+#include "userdbd-manager.h"
+
+#define LISTEN_TIMEOUT_USEC (25 * USEC_PER_SEC)
+
+static int start_workers(Manager *m, bool explicit_request);
+
+static int on_worker_exit(sd_event_source *s, const siginfo_t *si, void *userdata) {
+ Manager *m = ASSERT_PTR(userdata);
+
+ assert(s);
+
+ assert_se(!set_remove(m->workers_dynamic, s) != !set_remove(m->workers_fixed, s));
+ sd_event_source_disable_unref(s);
+
+ if (si->si_code == CLD_EXITED) {
+ if (si->si_status == EXIT_SUCCESS)
+ log_debug("Worker " PID_FMT " exited successfully.", si->si_pid);
+ else
+ log_warning("Worker " PID_FMT " died with a failure exit status %i, ignoring.", si->si_pid, si->si_status);
+ } else if (si->si_code == CLD_KILLED)
+ log_warning("Worker " PID_FMT " was killed by signal %s, ignoring.", si->si_pid, signal_to_string(si->si_status));
+ else if (si->si_code == CLD_DUMPED)
+ log_warning("Worker " PID_FMT " dumped core by signal %s, ignoring.", si->si_pid, signal_to_string(si->si_status));
+ else
+ log_warning("Can't handle SIGCHLD of this type");
+
+ (void) start_workers(m, /* explicit_request= */ false); /* Fill up workers again if we fell below the low watermark */
+ return 0;
+}
+
+static int on_sigusr2(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
+ Manager *m = ASSERT_PTR(userdata);
+
+ assert(s);
+
+ (void) start_workers(m, /* explicit_request=*/ true); /* Workers told us there's more work, let's add one more worker as long as we are below the high watermark */
+ return 0;
+}
+
+static int on_deferred_start_worker(sd_event_source *s, uint64_t usec, void *userdata) {
+ Manager *m = ASSERT_PTR(userdata);
+
+ assert(s);
+
+ m->deferred_start_worker_event_source = sd_event_source_unref(m->deferred_start_worker_event_source);
+
+ (void) start_workers(m, /* explicit_request=*/ false);
+ return 0;
+}
+
+DEFINE_HASH_OPS_WITH_KEY_DESTRUCTOR(
+ event_source_hash_ops,
+ sd_event_source,
+ (void (*)(const sd_event_source*, struct siphash*)) trivial_hash_func,
+ (int (*)(const sd_event_source*, const sd_event_source*)) trivial_compare_func,
+ sd_event_source_disable_unref);
+
+int manager_new(Manager **ret) {
+ _cleanup_(manager_freep) Manager *m = NULL;
+ int r;
+
+ m = new(Manager, 1);
+ if (!m)
+ return -ENOMEM;
+
+ *m = (Manager) {
+ .listen_fd = -EBADF,
+ .worker_ratelimit = {
+ .interval = 2 * USEC_PER_SEC,
+ .burst = 2500,
+ },
+ };
+
+ r = sd_event_new(&m->event);
+ if (r < 0)
+ return r;
+
+ r = sd_event_set_signal_exit(m->event, true);
+ if (r < 0)
+ return r;
+
+ r = sd_event_add_signal(m->event, NULL, (SIGRTMIN+18)|SD_EVENT_SIGNAL_PROCMASK, sigrtmin18_handler, NULL);
+ if (r < 0)
+ return r;
+
+ r = sd_event_add_memory_pressure(m->event, NULL, NULL, NULL);
+ if (r < 0)
+ log_debug_errno(r, "Failed allocate memory pressure event source, ignoring: %m");
+
+ r = sd_event_set_watchdog(m->event, true);
+ if (r < 0)
+ log_debug_errno(r, "Failed to enable watchdog handling, ignoring: %m");
+
+ r = sd_event_add_signal(m->event, NULL, SIGUSR2|SD_EVENT_SIGNAL_PROCMASK, on_sigusr2, m);
+ if (r < 0)
+ return r;
+
+ *ret = TAKE_PTR(m);
+ return 0;
+}
+
+Manager* manager_free(Manager *m) {
+ if (!m)
+ return NULL;
+
+ set_free(m->workers_fixed);
+ set_free(m->workers_dynamic);
+
+ m->deferred_start_worker_event_source = sd_event_source_unref(m->deferred_start_worker_event_source);
+
+ safe_close(m->listen_fd);
+
+ sd_event_unref(m->event);
+
+ return mfree(m);
+}
+
+static size_t manager_current_workers(Manager *m) {
+ assert(m);
+
+ return set_size(m->workers_fixed) + set_size(m->workers_dynamic);
+}
+
+static int start_one_worker(Manager *m) {
+ _cleanup_(sd_event_source_disable_unrefp) sd_event_source *source = NULL;
+ bool fixed;
+ pid_t pid;
+ int r;
+
+ assert(m);
+
+ fixed = set_size(m->workers_fixed) < USERDB_WORKERS_MIN;
+
+ r = safe_fork_full(
+ "(sd-worker)",
+ /* stdio_fds= */ NULL,
+ &m->listen_fd, 1,
+ FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_REOPEN_LOG|FORK_LOG|FORK_CLOSE_ALL_FDS,
+ &pid);
+ if (r < 0)
+ return log_error_errno(r, "Failed to fork new worker child: %m");
+ if (r == 0) {
+ char pids[DECIMAL_STR_MAX(pid_t)];
+ /* Child */
+
+ if (m->listen_fd == 3) {
+ r = fd_cloexec(3, false);
+ if (r < 0) {
+ log_error_errno(r, "Failed to turn off O_CLOEXEC for fd 3: %m");
+ _exit(EXIT_FAILURE);
+ }
+ } else {
+ if (dup2(m->listen_fd, 3) < 0) { /* dup2() creates with O_CLOEXEC off */
+ log_error_errno(errno, "Failed to move listen fd to 3: %m");
+ _exit(EXIT_FAILURE);
+ }
+
+ safe_close(m->listen_fd);
+ }
+
+ xsprintf(pids, PID_FMT, pid);
+ if (setenv("LISTEN_PID", pids, 1) < 0) {
+ log_error_errno(errno, "Failed to set $LISTEN_PID: %m");
+ _exit(EXIT_FAILURE);
+ }
+
+ if (setenv("LISTEN_FDS", "1", 1) < 0) {
+ log_error_errno(errno, "Failed to set $LISTEN_FDS: %m");
+ _exit(EXIT_FAILURE);
+ }
+
+
+ if (setenv("USERDB_FIXED_WORKER", one_zero(fixed), 1) < 0) {
+ log_error_errno(errno, "Failed to set $USERDB_FIXED_WORKER: %m");
+ _exit(EXIT_FAILURE);
+ }
+
+ /* execl("/home/lennart/projects/systemd/build/systemd-userwork", "systemd-userwork", "xxxxxxxxxxxxxxxx", NULL); /\* With some extra space rename_process() can make use of *\/ */
+ /* execl("/usr/bin/valgrind", "valgrind", "/home/lennart/projects/systemd/build/systemd-userwork", "systemd-userwork", "xxxxxxxxxxxxxxxx", NULL); /\* With some extra space rename_process() can make use of *\/ */
+
+ execl(SYSTEMD_USERWORK_PATH, "systemd-userwork", "xxxxxxxxxxxxxxxx", NULL); /* With some extra space rename_process() can make use of */
+ log_error_errno(errno, "Failed start worker process: %m");
+ _exit(EXIT_FAILURE);
+ }
+
+ r = sd_event_add_child(m->event, &source, pid, WEXITED, on_worker_exit, m);
+ if (r < 0)
+ return log_error_errno(r, "Failed to watch child " PID_FMT ": %m", pid);
+
+ r = set_ensure_put(
+ fixed ? &m->workers_fixed : &m->workers_dynamic,
+ &event_source_hash_ops,
+ source);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add child process to set: %m");
+
+ TAKE_PTR(source);
+
+ return 0;
+}
+
+static int start_workers(Manager *m, bool explicit_request) {
+ int r;
+
+ assert(m);
+
+ for (;;) {
+ size_t n;
+
+ n = manager_current_workers(m);
+ if (n >= USERDB_WORKERS_MIN && (!explicit_request || n >= USERDB_WORKERS_MAX))
+ break;
+
+ if (!ratelimit_below(&m->worker_ratelimit)) {
+
+ /* If we keep starting workers too often but none sticks, let's fail the whole
+ * daemon, something is wrong */
+ if (n == 0) {
+ sd_event_exit(m->event, EXIT_FAILURE);
+ return log_error_errno(SYNTHETIC_ERRNO(EUCLEAN), "Worker threads requested too frequently, but worker count is zero, something is wrong.");
+ }
+
+ /* Otherwise, let's stop spawning more for a while. */
+ log_warning("Worker threads requested too frequently, not starting new ones for a while.");
+
+ if (!m->deferred_start_worker_event_source) {
+ r = sd_event_add_time(
+ m->event,
+ &m->deferred_start_worker_event_source,
+ CLOCK_MONOTONIC,
+ ratelimit_end(&m->worker_ratelimit),
+ /* accuracy_usec= */ 0,
+ on_deferred_start_worker,
+ m);
+ if (r < 0)
+ return log_error_errno(r, "Failed to allocate deferred start worker event source: %m");
+ }
+
+ break;
+ }
+
+ r = start_one_worker(m);
+ if (r < 0)
+ return r;
+
+ explicit_request = false;
+ }
+
+ return 0;
+}
+
+int manager_startup(Manager *m) {
+ int n, r;
+
+ assert(m);
+ assert(m->listen_fd < 0);
+
+ n = sd_listen_fds(false);
+ if (n < 0)
+ return log_error_errno(n, "Failed to determine number of passed file descriptors: %m");
+ if (n > 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Expected one listening fd, got %i.", n);
+ if (n == 1)
+ m->listen_fd = SD_LISTEN_FDS_START;
+ else {
+ static const union sockaddr_union sockaddr = {
+ .un.sun_family = AF_UNIX,
+ .un.sun_path = "/run/systemd/userdb/io.systemd.Multiplexer",
+ };
+
+ r = mkdir_p("/run/systemd/userdb", 0755);
+ if (r < 0)
+ return log_error_errno(r, "Failed to create /run/systemd/userdb: %m");
+
+ m->listen_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0);
+ if (m->listen_fd < 0)
+ return log_error_errno(errno, "Failed to bind on socket: %m");
+
+ (void) sockaddr_un_unlink(&sockaddr.un);
+
+ WITH_UMASK(0000)
+ if (bind(m->listen_fd, &sockaddr.sa, SOCKADDR_UN_LEN(sockaddr.un)) < 0)
+ return log_error_errno(errno, "Failed to bind socket: %m");
+
+ r = symlink_idempotent("io.systemd.Multiplexer",
+ "/run/systemd/userdb/io.systemd.NameServiceSwitch", false);
+ if (r < 0)
+ return log_error_errno(r, "Failed to bind io.systemd.Multiplexer: %m");
+
+ r = symlink_idempotent("io.systemd.Multiplexer",
+ "/run/systemd/userdb/io.systemd.DropIn", false);
+ if (r < 0)
+ return log_error_errno(r, "Failed to bind io.systemd.Multiplexer: %m");
+
+ if (listen(m->listen_fd, SOMAXCONN_DELUXE) < 0)
+ return log_error_errno(errno, "Failed to listen on socket: %m");
+ }
+
+ /* Let's make sure every accept() call on this socket times out after 25s. This allows workers to be
+ * GC'ed on idle */
+ if (setsockopt(m->listen_fd, SOL_SOCKET, SO_RCVTIMEO, TIMEVAL_STORE(LISTEN_TIMEOUT_USEC), sizeof(struct timeval)) < 0)
+ return log_error_errno(errno, "Failed to se SO_RCVTIMEO: %m");
+
+ return start_workers(m, /* explicit_request= */ false);
+}
diff --git a/src/userdb/userdbd-manager.h b/src/userdb/userdbd-manager.h
new file mode 100644
index 0000000..c39f79d
--- /dev/null
+++ b/src/userdb/userdbd-manager.h
@@ -0,0 +1,32 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+#include "sd-bus.h"
+#include "sd-event.h"
+
+typedef struct Manager Manager;
+
+#include "hashmap.h"
+#include "ratelimit.h"
+
+#define USERDB_WORKERS_MIN 3
+#define USERDB_WORKERS_MAX 4096
+
+struct Manager {
+ sd_event *event;
+
+ Set *workers_fixed; /* Workers 0…USERDB_WORKERS_MIN */
+ Set *workers_dynamic; /* Workers USERD_WORKERS_MIN+1…USERDB_WORKERS_MAX */
+
+ int listen_fd;
+
+ RateLimit worker_ratelimit;
+
+ sd_event_source *deferred_start_worker_event_source;
+};
+
+int manager_new(Manager **ret);
+Manager* manager_free(Manager *m);
+DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free);
+
+int manager_startup(Manager *m);
diff --git a/src/userdb/userdbd.c b/src/userdb/userdbd.c
new file mode 100644
index 0000000..89ac9c7
--- /dev/null
+++ b/src/userdb/userdbd.c
@@ -0,0 +1,59 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <sys/stat.h>
+#include <sys/types.h>
+
+#include "daemon-util.h"
+#include "userdbd-manager.h"
+#include "log.h"
+#include "main-func.h"
+#include "signal-util.h"
+
+/* This service offers two Varlink services, both implementing io.systemd.UserDatabase:
+ *
+ * → io.systemd.NameServiceSwitch: this is a compatibility interface for glibc NSS: it responds to
+ * name lookups by checking the classic NSS interfaces and responding that.
+ *
+ * → io.systemd.Multiplexer: this multiplexes lookup requests to all Varlink services that have a
+ * socket in /run/systemd/userdb/. It's supposed to simplify clients that don't want to implement
+ * the full iterative logic on their own.
+ *
+ * → io.systemd.DropIn: this makes JSON user/group records dropped into /run/userdb/ available as
+ * regular users.
+ */
+
+static int run(int argc, char *argv[]) {
+ _cleanup_(manager_freep) Manager *m = NULL;
+ _unused_ _cleanup_(notify_on_cleanup) const char *notify_stop = NULL;
+ int r;
+
+ log_setup();
+
+ umask(0022);
+
+ if (argc != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "This program takes no arguments.");
+
+ if (setenv("SYSTEMD_BYPASS_USERDB", "io.systemd.NameServiceSwitch:io.systemd.Multiplexer:io.systemd.DropIn", 1) < 0)
+ return log_error_errno(errno, "Failed to set $SYSTEMD_BYPASS_USERDB: %m");
+
+ assert_se(sigprocmask_many(SIG_BLOCK, NULL, SIGCHLD, -1) >= 0);
+
+ r = manager_new(&m);
+ if (r < 0)
+ return log_error_errno(r, "Could not create manager: %m");
+
+ r = manager_startup(m);
+ if (r < 0)
+ return log_error_errno(r, "Failed to start up daemon: %m");
+
+ notify_stop = notify_start(NOTIFY_READY, NOTIFY_STOPPING);
+
+ r = sd_event_loop(m->event);
+ if (r < 0)
+ return log_error_errno(r, "Event loop failed: %m");
+
+ return 0;
+}
+
+DEFINE_MAIN_FUNCTION(run);
diff --git a/src/userdb/userwork.c b/src/userdb/userwork.c
new file mode 100644
index 0000000..b49dbbd
--- /dev/null
+++ b/src/userdb/userwork.c
@@ -0,0 +1,575 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <poll.h>
+#include <sys/wait.h>
+
+#include "sd-daemon.h"
+
+#include "env-util.h"
+#include "fd-util.h"
+#include "group-record.h"
+#include "io-util.h"
+#include "main-func.h"
+#include "process-util.h"
+#include "strv.h"
+#include "time-util.h"
+#include "user-record-nss.h"
+#include "user-record.h"
+#include "user-util.h"
+#include "userdb.h"
+#include "varlink.h"
+#include "varlink-io.systemd.UserDatabase.h"
+
+#define ITERATIONS_MAX 64U
+#define RUNTIME_MAX_USEC (5 * USEC_PER_MINUTE)
+#define PRESSURE_SLEEP_TIME_USEC (50 * USEC_PER_MSEC)
+#define CONNECTION_IDLE_USEC (15 * USEC_PER_SEC)
+#define LISTEN_IDLE_USEC (90 * USEC_PER_SEC)
+
+typedef struct LookupParameters {
+ const char *user_name;
+ const char *group_name;
+ union {
+ uid_t uid;
+ gid_t gid;
+ };
+ const char *service;
+} LookupParameters;
+
+static int add_nss_service(JsonVariant **v) {
+ _cleanup_(json_variant_unrefp) JsonVariant *status = NULL, *z = NULL;
+ sd_id128_t mid;
+ int r;
+
+ assert(v);
+
+ /* Patch in service field if it's missing. The assumption here is that this field is unset only for
+ * NSS records */
+
+ if (json_variant_by_key(*v, "service"))
+ return 0;
+
+ r = sd_id128_get_machine(&mid);
+ if (r < 0)
+ return r;
+
+ status = json_variant_ref(json_variant_by_key(*v, "status"));
+ z = json_variant_ref(json_variant_by_key(status, SD_ID128_TO_STRING(mid)));
+
+ if (json_variant_by_key(z, "service"))
+ return 0;
+
+ r = json_variant_set_field_string(&z, "service", "io.systemd.NameServiceSwitch");
+ if (r < 0)
+ return r;
+
+ r = json_variant_set_field(&status, SD_ID128_TO_STRING(mid), z);
+ if (r < 0)
+ return r;
+
+ return json_variant_set_field(v, "status", status);
+}
+
+static int build_user_json(Varlink *link, UserRecord *ur, JsonVariant **ret) {
+ _cleanup_(user_record_unrefp) UserRecord *stripped = NULL;
+ _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
+ UserRecordLoadFlags flags;
+ uid_t peer_uid;
+ bool trusted;
+ int r;
+
+ assert(ur);
+ assert(ret);
+
+ r = varlink_get_peer_uid(link, &peer_uid);
+ if (r < 0) {
+ log_debug_errno(r, "Unable to query peer UID, ignoring: %m");
+ trusted = false;
+ } else
+ trusted = peer_uid == 0 || peer_uid == ur->uid;
+
+ flags = USER_RECORD_REQUIRE_REGULAR|USER_RECORD_ALLOW_PER_MACHINE|USER_RECORD_ALLOW_BINDING|USER_RECORD_STRIP_SECRET|USER_RECORD_ALLOW_STATUS|USER_RECORD_ALLOW_SIGNATURE|USER_RECORD_PERMISSIVE;
+ if (trusted)
+ flags |= USER_RECORD_ALLOW_PRIVILEGED;
+ else
+ flags |= USER_RECORD_STRIP_PRIVILEGED;
+
+ r = user_record_clone(ur, flags, &stripped);
+ if (r < 0)
+ return r;
+
+ stripped->incomplete =
+ ur->incomplete ||
+ (FLAGS_SET(ur->mask, USER_RECORD_PRIVILEGED) &&
+ !FLAGS_SET(stripped->mask, USER_RECORD_PRIVILEGED));
+
+ v = json_variant_ref(stripped->json);
+ r = add_nss_service(&v);
+ if (r < 0)
+ return r;
+
+ return json_build(ret, JSON_BUILD_OBJECT(
+ JSON_BUILD_PAIR("record", JSON_BUILD_VARIANT(v)),
+ JSON_BUILD_PAIR("incomplete", JSON_BUILD_BOOLEAN(stripped->incomplete))));
+}
+
+static int userdb_flags_from_service(Varlink *link, const char *service, UserDBFlags *ret) {
+ assert(link);
+ assert(ret);
+
+ if (streq_ptr(service, "io.systemd.NameServiceSwitch"))
+ *ret = USERDB_NSS_ONLY|USERDB_AVOID_MULTIPLEXER;
+ else if (streq_ptr(service, "io.systemd.DropIn"))
+ *ret = USERDB_DROPIN_ONLY|USERDB_AVOID_MULTIPLEXER;
+ else if (streq_ptr(service, "io.systemd.Multiplexer"))
+ *ret = USERDB_AVOID_MULTIPLEXER;
+ else
+ return varlink_error(link, "io.systemd.UserDatabase.BadService", NULL);
+
+ return 0;
+}
+
+static int vl_method_get_user_record(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata) {
+
+ static const JsonDispatch dispatch_table[] = {
+ { "uid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(LookupParameters, uid), 0 },
+ { "userName", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, user_name), 0 },
+ { "service", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, service), 0 },
+ {}
+ };
+
+ _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
+ _cleanup_(user_record_unrefp) UserRecord *hr = NULL;
+ LookupParameters p = {
+ .uid = UID_INVALID,
+ };
+ UserDBFlags userdb_flags;
+ int r;
+
+ assert(parameters);
+
+ r = varlink_dispatch(link, parameters, dispatch_table, &p);
+ if (r != 0)
+ return r;
+
+ r = userdb_flags_from_service(link, p.service, &userdb_flags);
+ if (r != 0) /* return value of < 0 means error (as usual); > 0 means 'already processed and replied,
+ * we are done'; == 0 means 'not processed, caller should process now' */
+ return r;
+
+ if (uid_is_valid(p.uid))
+ r = userdb_by_uid(p.uid, userdb_flags, &hr);
+ else if (p.user_name)
+ r = userdb_by_name(p.user_name, userdb_flags, &hr);
+ else {
+ _cleanup_(userdb_iterator_freep) UserDBIterator *iterator = NULL;
+ _cleanup_(json_variant_unrefp) JsonVariant *last = NULL;
+
+ r = userdb_all(userdb_flags, &iterator);
+ if (IN_SET(r, -ESRCH, -ENOLINK))
+ /* We turn off Varlink lookups in various cases (e.g. in case we only enable DropIn
+ * backend) — this might make userdb_all return ENOLINK (which indicates that varlink
+ * was off and no other suitable source or entries were found). Let's hide this
+ * implementation detail and always return NoRecordFound in this case, since from a
+ * client's perspective it's irrelevant if there was no entry at all or just not on
+ * the service that the query was limited to. */
+ return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
+ if (r < 0)
+ return r;
+
+ for (;;) {
+ _cleanup_(user_record_unrefp) UserRecord *z = NULL;
+
+ r = userdb_iterator_get(iterator, &z);
+ if (r == -ESRCH)
+ break;
+ if (r < 0)
+ return r;
+
+ if (last) {
+ r = varlink_notify(link, last);
+ if (r < 0)
+ return r;
+
+ last = json_variant_unref(last);
+ }
+
+ r = build_user_json(link, z, &last);
+ if (r < 0)
+ return r;
+ }
+
+ if (!last)
+ return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
+
+ return varlink_reply(link, last);
+ }
+ if (r == -ESRCH)
+ return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
+ if (r < 0) {
+ log_debug_errno(r, "User lookup failed abnormally: %m");
+ return varlink_error(link, "io.systemd.UserDatabase.ServiceNotAvailable", NULL);
+ }
+
+ if ((uid_is_valid(p.uid) && hr->uid != p.uid) ||
+ (p.user_name && !streq(hr->user_name, p.user_name)))
+ return varlink_error(link, "io.systemd.UserDatabase.ConflictingRecordFound", NULL);
+
+ r = build_user_json(link, hr, &v);
+ if (r < 0)
+ return r;
+
+ return varlink_reply(link, v);
+}
+
+static int build_group_json(Varlink *link, GroupRecord *gr, JsonVariant **ret) {
+ _cleanup_(group_record_unrefp) GroupRecord *stripped = NULL;
+ _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
+ UserRecordLoadFlags flags;
+ uid_t peer_uid;
+ bool trusted;
+ int r;
+
+ assert(gr);
+ assert(ret);
+
+ r = varlink_get_peer_uid(link, &peer_uid);
+ if (r < 0) {
+ log_debug_errno(r, "Unable to query peer UID, ignoring: %m");
+ trusted = false;
+ } else
+ trusted = peer_uid == 0;
+
+ flags = USER_RECORD_REQUIRE_REGULAR|USER_RECORD_ALLOW_PER_MACHINE|USER_RECORD_ALLOW_BINDING|USER_RECORD_STRIP_SECRET|USER_RECORD_ALLOW_STATUS|USER_RECORD_ALLOW_SIGNATURE|USER_RECORD_PERMISSIVE;
+ if (trusted)
+ flags |= USER_RECORD_ALLOW_PRIVILEGED;
+ else
+ flags |= USER_RECORD_STRIP_PRIVILEGED;
+
+ r = group_record_clone(gr, flags, &stripped);
+ if (r < 0)
+ return r;
+
+ stripped->incomplete =
+ gr->incomplete ||
+ (FLAGS_SET(gr->mask, USER_RECORD_PRIVILEGED) &&
+ !FLAGS_SET(stripped->mask, USER_RECORD_PRIVILEGED));
+
+ v = json_variant_ref(gr->json);
+ r = add_nss_service(&v);
+ if (r < 0)
+ return r;
+
+ return json_build(ret, JSON_BUILD_OBJECT(
+ JSON_BUILD_PAIR("record", JSON_BUILD_VARIANT(v)),
+ JSON_BUILD_PAIR("incomplete", JSON_BUILD_BOOLEAN(stripped->incomplete))));
+}
+
+static int vl_method_get_group_record(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata) {
+
+ static const JsonDispatch dispatch_table[] = {
+ { "gid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(LookupParameters, gid), 0 },
+ { "groupName", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, group_name), 0 },
+ { "service", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, service), 0 },
+ {}
+ };
+
+ _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
+ _cleanup_(group_record_unrefp) GroupRecord *g = NULL;
+ LookupParameters p = {
+ .gid = GID_INVALID,
+ };
+ UserDBFlags userdb_flags;
+ int r;
+
+ assert(parameters);
+
+ r = varlink_dispatch(link, parameters, dispatch_table, &p);
+ if (r != 0)
+ return r;
+
+ r = userdb_flags_from_service(link, p.service, &userdb_flags);
+ if (r != 0)
+ return r;
+
+ if (gid_is_valid(p.gid))
+ r = groupdb_by_gid(p.gid, userdb_flags, &g);
+ else if (p.group_name)
+ r = groupdb_by_name(p.group_name, userdb_flags, &g);
+ else {
+ _cleanup_(userdb_iterator_freep) UserDBIterator *iterator = NULL;
+ _cleanup_(json_variant_unrefp) JsonVariant *last = NULL;
+
+ r = groupdb_all(userdb_flags, &iterator);
+ if (IN_SET(r, -ESRCH, -ENOLINK))
+ return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
+ if (r < 0)
+ return r;
+
+ for (;;) {
+ _cleanup_(group_record_unrefp) GroupRecord *z = NULL;
+
+ r = groupdb_iterator_get(iterator, &z);
+ if (r == -ESRCH)
+ break;
+ if (r < 0)
+ return r;
+
+ if (last) {
+ r = varlink_notify(link, last);
+ if (r < 0)
+ return r;
+
+ last = json_variant_unref(last);
+ }
+
+ r = build_group_json(link, z, &last);
+ if (r < 0)
+ return r;
+ }
+
+ if (!last)
+ return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
+
+ return varlink_reply(link, last);
+ }
+ if (r == -ESRCH)
+ return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
+ if (r < 0) {
+ log_debug_errno(r, "Group lookup failed abnormally: %m");
+ return varlink_error(link, "io.systemd.UserDatabase.ServiceNotAvailable", NULL);
+ }
+
+ if ((uid_is_valid(p.gid) && g->gid != p.gid) ||
+ (p.group_name && !streq(g->group_name, p.group_name)))
+ return varlink_error(link, "io.systemd.UserDatabase.ConflictingRecordFound", NULL);
+
+ r = build_group_json(link, g, &v);
+ if (r < 0)
+ return r;
+
+ return varlink_reply(link, v);
+}
+
+static int vl_method_get_memberships(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata) {
+ static const JsonDispatch dispatch_table[] = {
+ { "userName", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, user_name), 0 },
+ { "groupName", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, group_name), 0 },
+ { "service", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, service), 0 },
+ {}
+ };
+
+ _cleanup_free_ char *last_user_name = NULL, *last_group_name = NULL;
+ _cleanup_(userdb_iterator_freep) UserDBIterator *iterator = NULL;
+ LookupParameters p = {};
+ UserDBFlags userdb_flags;
+ int r;
+
+ assert(parameters);
+
+ r = varlink_dispatch(link, parameters, dispatch_table, &p);
+ if (r != 0)
+ return r;
+
+ r = userdb_flags_from_service(link, p.service, &userdb_flags);
+ if (r != 0)
+ return r;
+
+ if (p.group_name)
+ r = membershipdb_by_group(p.group_name, userdb_flags, &iterator);
+ else if (p.user_name)
+ r = membershipdb_by_user(p.user_name, userdb_flags, &iterator);
+ else
+ r = membershipdb_all(userdb_flags, &iterator);
+ if (IN_SET(r, -ESRCH, -ENOLINK))
+ return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
+ if (r < 0)
+ return r;
+
+ for (;;) {
+ _cleanup_free_ char *user_name = NULL, *group_name = NULL;
+
+ r = membershipdb_iterator_get(iterator, &user_name, &group_name);
+ if (r == -ESRCH)
+ break;
+ if (r < 0)
+ return r;
+
+ /* If both group + user are specified do a-posteriori filtering */
+ if (p.group_name && p.user_name && !streq(group_name, p.group_name))
+ continue;
+
+ if (last_user_name) {
+ assert(last_group_name);
+
+ r = varlink_notifyb(link, JSON_BUILD_OBJECT(
+ JSON_BUILD_PAIR("userName", JSON_BUILD_STRING(last_user_name)),
+ JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING(last_group_name))));
+ if (r < 0)
+ return r;
+ }
+
+ free_and_replace(last_user_name, user_name);
+ free_and_replace(last_group_name, group_name);
+ }
+
+ if (!last_user_name) {
+ assert(!last_group_name);
+ return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
+ }
+
+ assert(last_group_name);
+
+ return varlink_replyb(link, JSON_BUILD_OBJECT(
+ JSON_BUILD_PAIR("userName", JSON_BUILD_STRING(last_user_name)),
+ JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING(last_group_name))));
+}
+
+static int process_connection(VarlinkServer *server, int fd) {
+ _cleanup_(varlink_close_unrefp) Varlink *vl = NULL;
+ int r;
+
+ r = varlink_server_add_connection(server, fd, &vl);
+ if (r < 0) {
+ fd = safe_close(fd);
+ return log_error_errno(r, "Failed to add connection: %m");
+ }
+
+ vl = varlink_ref(vl);
+
+ for (;;) {
+ r = varlink_process(vl);
+ if (r == -ENOTCONN) {
+ log_debug("Connection terminated.");
+ break;
+ }
+ if (r < 0)
+ return log_error_errno(r, "Failed to process connection: %m");
+ if (r > 0)
+ continue;
+
+ r = varlink_wait(vl, CONNECTION_IDLE_USEC);
+ if (r < 0)
+ return log_error_errno(r, "Failed to wait for connection events: %m");
+ if (r == 0)
+ break;
+ }
+
+ return 0;
+}
+
+static int run(int argc, char *argv[]) {
+ usec_t start_time, listen_idle_usec, last_busy_usec = USEC_INFINITY;
+ _cleanup_(varlink_server_unrefp) VarlinkServer *server = NULL;
+ unsigned n_iterations = 0;
+ int m, listen_fd, r;
+
+ log_setup();
+
+ m = sd_listen_fds(false);
+ if (m < 0)
+ return log_error_errno(m, "Failed to determine number of listening fds: %m");
+ if (m == 0)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "No socket to listen on received.");
+ if (m > 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Worker can only listen on a single socket at a time.");
+
+ listen_fd = SD_LISTEN_FDS_START;
+
+ r = fd_nonblock(listen_fd, false);
+ if (r < 0)
+ return log_error_errno(r, "Failed to turn off non-blocking mode for listening socket: %m");
+
+ r = varlink_server_new(&server, 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to allocate server: %m");
+
+ r = varlink_server_add_interface(server, &vl_interface_io_systemd_UserDatabase);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add UserDatabase interface to varlink server: %m");
+
+ r = varlink_server_bind_method_many(
+ server,
+ "io.systemd.UserDatabase.GetUserRecord", vl_method_get_user_record,
+ "io.systemd.UserDatabase.GetGroupRecord", vl_method_get_group_record,
+ "io.systemd.UserDatabase.GetMemberships", vl_method_get_memberships);
+ if (r < 0)
+ return log_error_errno(r, "Failed to bind methods: %m");
+
+ r = getenv_bool("USERDB_FIXED_WORKER");
+ if (r < 0)
+ return log_error_errno(r, "Failed to parse USERDB_FIXED_WORKER: %m");
+ listen_idle_usec = r ? USEC_INFINITY : LISTEN_IDLE_USEC;
+
+ r = userdb_block_nss_systemd(true);
+ if (r < 0)
+ return log_error_errno(r, "Failed to disable userdb NSS compatibility: %m");
+
+ start_time = now(CLOCK_MONOTONIC);
+
+ for (;;) {
+ _cleanup_close_ int fd = -EBADF;
+ usec_t n;
+
+ /* Exit the worker in regular intervals, to flush out all memory use */
+ if (n_iterations++ > ITERATIONS_MAX) {
+ log_debug("Exiting worker, processed %u iterations, that's enough.", n_iterations);
+ break;
+ }
+
+ n = now(CLOCK_MONOTONIC);
+ if (n >= usec_add(start_time, RUNTIME_MAX_USEC)) {
+ log_debug("Exiting worker, ran for %s, that's enough.",
+ FORMAT_TIMESPAN(usec_sub_unsigned(n, start_time), 0));
+ break;
+ }
+
+ if (last_busy_usec == USEC_INFINITY)
+ last_busy_usec = n;
+ else if (listen_idle_usec != USEC_INFINITY && n >= usec_add(last_busy_usec, listen_idle_usec)) {
+ log_debug("Exiting worker, been idle for %s.",
+ FORMAT_TIMESPAN(usec_sub_unsigned(n, last_busy_usec), 0));
+ break;
+ }
+
+ (void) rename_process("systemd-userwork: waiting...");
+ fd = RET_NERRNO(accept4(listen_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC));
+ (void) rename_process("systemd-userwork: processing...");
+
+ if (fd == -EAGAIN)
+ continue; /* The listening socket has SO_RECVTIMEO set, hence a timeout is expected
+ * after a while, let's check if it's time to exit though. */
+ if (fd == -EINTR)
+ continue; /* Might be that somebody attached via strace, let's just continue in that
+ * case */
+ if (fd < 0)
+ return log_error_errno(fd, "Failed to accept() from listening socket: %m");
+
+ if (now(CLOCK_MONOTONIC) <= usec_add(n, PRESSURE_SLEEP_TIME_USEC)) {
+ /* We only slept a very short time? If so, let's see if there are more sockets
+ * pending, and if so, let's ask our parent for more workers */
+
+ r = fd_wait_for_event(listen_fd, POLLIN, 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to test for POLLIN on listening socket: %m");
+
+ if (FLAGS_SET(r, POLLIN)) {
+ pid_t parent;
+
+ parent = getppid();
+ if (parent <= 1)
+ return log_error_errno(SYNTHETIC_ERRNO(ESRCH), "Parent already died?");
+
+ if (kill(parent, SIGUSR2) < 0)
+ return log_error_errno(errno, "Failed to kill our own parent: %m");
+ }
+ }
+
+ (void) process_connection(server, TAKE_FD(fd));
+ last_busy_usec = USEC_INFINITY;
+ }
+
+ return 0;
+}
+
+DEFINE_MAIN_FUNCTION(run);