#include "label.h"
#include "fileio-label.h"
#include "uid-range.h"
+#include "selinux-util.h"
typedef enum ItemType {
ADD_USER = 'u',
static Hashmap *database_uid = NULL, *database_user = NULL;
static Hashmap *database_gid = NULL, *database_group = NULL;
-static uid_t search_uid = (uid_t) -1;
+static uid_t search_uid = UID_INVALID;
static UidRange *uid_range = NULL;
static unsigned n_uid_range = 0;
-#define UID_TO_PTR(u) (ULONG_TO_PTR(u+1))
-#define PTR_TO_UID(u) ((uid_t) (PTR_TO_ULONG(u)-1))
-
-#define GID_TO_PTR(g) (ULONG_TO_PTR(g+1))
-#define PTR_TO_GID(g) ((gid_t) (PTR_TO_ULONG(g)-1))
-
-#define fix_root(x) (arg_root ? strappenda(arg_root, x) : x)
+#define fix_root(x) (arg_root ? strjoina(arg_root, x) : x)
static int load_user_database(void) {
_cleanup_fclose_ FILE *f = NULL;
if (r < 0)
return r;
- r = copy_bytes(src, fileno(dst), (off_t) -1);
+ r = copy_bytes(src, fileno(dst), (off_t) -1, true);
if (r < 0)
goto fail;
/* Don't fail on chmod() or chown(). If it stays owned by us
* and/or unreadable by others, then it isn't too bad... */
- backup = strappenda(x, "-");
+ backup = strjoina(x, "-");
/* Copy over the access mask */
if (fchmod(fileno(dst), st.st_mode & 07777) < 0)
- log_warning("Failed to change mode on %s: %m", backup);
+ log_warning_errno(errno, "Failed to change mode on %s: %m", backup);
if (fchown(fileno(dst), st.st_uid, st.st_gid)< 0)
- log_warning("Failed to change ownership of %s: %m", backup);
+ log_warning_errno(errno, "Failed to change ownership of %s: %m", backup);
ts[0] = st.st_atim;
ts[1] = st.st_mtim;
if (futimens(fileno(dst), ts) < 0)
- log_warning("Failed to fix access and modification time of %s: %m", backup);
+ log_warning_errno(errno, "Failed to fix access and modification time of %s: %m", backup);
if (rename(temp, backup) < 0)
goto fail;
i->description = strdup(p->pw_gecos);
return 0;
}
- if (!IN_SET(errno, 0, ENOENT)) {
- log_error("Failed to check if user %s already exists: %m", i->name);
- return -errno;
- }
+ if (!IN_SET(errno, 0, ENOENT))
+ return log_error_errno(errno, "Failed to check if user %s already exists: %m", i->name);
/* And shadow too, just to be sure */
errno = 0;
log_error("User %s already exists in shadow database, but not in user database.", i->name);
return -EBADMSG;
}
- if (!IN_SET(errno, 0, ENOENT)) {
- log_error("Failed to check if user %s already exists in shadow database: %m", i->name);
- return -errno;
- }
+ if (!IN_SET(errno, 0, ENOENT))
+ return log_error_errno(errno, "Failed to check if user %s already exists in shadow database: %m", i->name);
}
/* Try to use the suggested numeric uid */
if (i->uid_set) {
r = uid_is_ok(i->uid, i->name);
- if (r < 0) {
- log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid);
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid);
if (r == 0) {
log_debug("Suggested user ID " UID_FMT " for %s already used.", i->uid, i->name);
i->uid_set = false;
log_debug("User ID " UID_FMT " of file not suitable for %s.", c, i->name);
else {
r = uid_is_ok(c, i->name);
- if (r < 0) {
- log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid);
- return r;
- } else if (r > 0) {
+ if (r < 0)
+ return log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid);
+ else if (r > 0) {
i->uid = c;
i->uid_set = true;
} else
/* Otherwise try to reuse the group ID */
if (!i->uid_set && i->gid_set) {
r = uid_is_ok((uid_t) i->gid, i->name);
- if (r < 0) {
- log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid);
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid);
if (r > 0) {
i->uid = (uid_t) i->gid;
i->uid_set = true;
}
r = uid_is_ok(search_uid, i->name);
- if (r < 0) {
- log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid);
- return r;
- } else if (r > 0)
+ if (r < 0)
+ return log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid);
+ else if (r > 0)
break;
}
i->gid_set = true;
return 0;
}
- if (!IN_SET(errno, 0, ENOENT)) {
- log_error("Failed to check if group %s already exists: %m", i->name);
- return -errno;
- }
+ if (!IN_SET(errno, 0, ENOENT))
+ return log_error_errno(errno, "Failed to check if group %s already exists: %m", i->name);
}
/* Try to use the suggested numeric gid */
if (i->gid_set) {
r = gid_is_ok(i->gid);
- if (r < 0) {
- log_error_errno(r, "Failed to verify gid " GID_FMT ": %m", i->gid);
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "Failed to verify gid " GID_FMT ": %m", i->gid);
if (r == 0) {
log_debug("Suggested group ID " GID_FMT " for %s already used.", i->gid, i->name);
i->gid_set = false;
/* Try to reuse the numeric uid, if there's one */
if (!i->gid_set && i->uid_set) {
r = gid_is_ok((gid_t) i->uid);
- if (r < 0) {
- log_error_errno(r, "Failed to verify gid " GID_FMT ": %m", i->gid);
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "Failed to verify gid " GID_FMT ": %m", i->gid);
if (r > 0) {
i->gid = (gid_t) i->uid;
i->gid_set = true;
log_debug("Group ID " GID_FMT " of file not suitable for %s.", c, i->name);
else {
r = gid_is_ok(c);
- if (r < 0) {
- log_error_errno(r, "Failed to verify gid " GID_FMT ": %m", i->gid);
- return r;
- } else if (r > 0) {
+ if (r < 0)
+ return log_error_errno(r, "Failed to verify gid " GID_FMT ": %m", i->gid);
+ else if (r > 0) {
i->gid = c;
i->gid_set = true;
} else
}
r = gid_is_ok(search_uid);
- if (r < 0) {
- log_error_errno(r, "Failed to verify gid " GID_FMT ": %m", i->gid);
- return r;
- } else if (r > 0)
+ if (r < 0)
+ return log_error_errno(r, "Failed to verify gid " GID_FMT ": %m", i->gid);
+ else if (r > 0)
break;
}
if (ignore_enoent && r == -ENOENT)
return 0;
- log_error_errno(r, "Failed to open '%s', ignoring: %m", fn);
- return r;
+ return log_error_errno(r, "Failed to open '%s', ignoring: %m", fn);
}
f = rf;
}
if (ferror(f)) {
- log_error("Failed to read from file %s: %m", fn);
+ log_error_errno(errno, "Failed to read from file %s: %m", fn);
if (r == 0)
r = -EIO;
}