X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fsysusers%2Fsysusers.c;h=eedc1e067ec505028e104e5765a2f568784eb40d;hb=7629889c86005017eb1a7f1f803c0d8e7a5bef08;hp=446b36eb2bd3fea04b509411787aafd7c2829054;hpb=24fb7c1fa633e90e4297e0715546c0bc47118ba9;p=elogind.git diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c index 446b36eb2..eedc1e067 100644 --- a/src/sysusers/sysusers.c +++ b/src/sysusers/sysusers.c @@ -23,6 +23,7 @@ #include #include #include +#include #include #include @@ -50,6 +51,7 @@ typedef struct Item { char *uid_path; char *gid_path; char *description; + char *home; gid_t gid; uid_t uid; @@ -298,22 +300,70 @@ static int putgrent_with_members(const struct group *gr, FILE *group) { return 0; } +static int putsgent_with_members(const struct sgrp *sg, FILE *gshadow) { + char **a; + + assert(sg); + assert(gshadow); + + a = hashmap_get(members, sg->sg_namp); + if (a) { + _cleanup_strv_free_ char **l = NULL; + bool added = false; + char **i; + + l = strv_copy(sg->sg_mem); + if (!l) + return -ENOMEM; + + STRV_FOREACH(i, a) { + if (strv_find(l, *i)) + continue; + + if (strv_extend(&l, *i) < 0) + return -ENOMEM; + + added = true; + } + + if (added) { + struct sgrp t; + + strv_uniq(l); + strv_sort(l); + + t = *sg; + t.sg_mem = l; + + errno = 0; + if (putsgent(&t, gshadow) != 0) + return errno ? -errno : -EIO; + + return 1; + } + } + + errno = 0; + if (putsgent(sg, gshadow) != 0) + return errno ? -errno : -EIO; + + return 0; +} + static int write_files(void) { - _cleanup_fclose_ FILE *passwd = NULL, *group = NULL; - _cleanup_free_ char *passwd_tmp = NULL, *group_tmp = NULL; - const char *passwd_path = NULL, *group_path = NULL; + _cleanup_fclose_ FILE *passwd = NULL, *group = NULL, *shadow = NULL, *gshadow = NULL; + _cleanup_free_ char *passwd_tmp = NULL, *group_tmp = NULL, *shadow_tmp = NULL, *gshadow_tmp = NULL; + const char *passwd_path = NULL, *group_path = NULL, *shadow_path = NULL, *gshadow_path = NULL; bool group_changed = false; Iterator iterator; Item *i; int r; - /* We don't patch /etc/shadow or /etc/gshadow here, since we - * only create user accounts without passwords anyway. */ - if (hashmap_size(todo_gids) > 0 || hashmap_size(members) > 0) { _cleanup_fclose_ FILE *original = NULL; + /* First we update the actual group list file */ group_path = fix_root("/etc/group"); r = fopen_temporary_label("/etc/group", group_path, &group, &group_tmp); if (r < 0) @@ -352,7 +402,6 @@ static int write_files(void) { r = putgrent_with_members(gr, group); if (r < 0) goto finish; - if (r > 0) group_changed = true; @@ -385,11 +434,77 @@ static int write_files(void) { r = fflush_and_check(group); if (r < 0) goto finish; + + if (original) { + fclose(original); + original = NULL; + } + + /* OK, now also update the shadow file for the group list */ + gshadow_path = fix_root("/etc/gshadow"); + r = fopen_temporary_label("/etc/gshadow", gshadow_path, &gshadow, &gshadow_tmp); + if (r < 0) + goto finish; + + if (fchmod(fileno(gshadow), 0000) < 0) { + r = -errno; + goto finish; + } + + original = fopen(gshadow_path, "re"); + if (original) { + struct sgrp *sg; + + errno = 0; + while ((sg = fgetsgent(original))) { + + i = hashmap_get(groups, sg->sg_namp); + if (i && i->todo_group) { + r = -EEXIST; + goto finish; + } + + r = putsgent_with_members(sg, gshadow); + if (r < 0) + goto finish; + if (r > 0) + group_changed = true; + + errno = 0; + } + if (!IN_SET(errno, 0, ENOENT)) { + r = -errno; + goto finish; + } + + } else if (errno != ENOENT) { + r = -errno; + goto finish; + } + + HASHMAP_FOREACH(i, todo_gids, iterator) { + struct sgrp n = { + .sg_namp = i->name, + .sg_passwd = (char*) "!!", + }; + + r = putsgent_with_members(&n, gshadow); + if (r < 0) + goto finish; + + group_changed = true; + } + + r = fflush_and_check(gshadow); + if (r < 0) + goto finish; } if (hashmap_size(todo_uids) > 0) { _cleanup_fclose_ FILE *original = NULL; + long lstchg; + /* First we update the user database itself */ passwd_path = fix_root("/etc/passwd"); r = fopen_temporary_label("/etc/passwd", passwd_path, &passwd, &passwd_tmp); if (r < 0) @@ -442,19 +557,19 @@ static int write_files(void) { .pw_uid = i->uid, .pw_gid = i->gid, .pw_gecos = i->description, + + /* "x" means the password is stored in + * the shadow file */ .pw_passwd = (char*) "x", - }; - /* Initialize the home directory and the shell - * to nologin, with one exception: for root we - * patch in something special */ - if (i->uid == 0) { - n.pw_shell = (char*) "/bin/sh"; - n.pw_dir = (char*) "/root"; - } else { - n.pw_shell = (char*) "/sbin/nologin"; - n.pw_dir = (char*) "/"; - } + /* We default to the root directory as home */ + .pw_dir = i->home ? i->home : (char*) "/", + + /* Initialize the shell to nologin, + * with one exception: for root we + * patch in something special */ + .pw_shell = i->uid == 0 ? (char*) "/bin/sh" : (char*) "/sbin/nologin", + }; errno = 0; if (putpwent(&n, passwd) != 0) { @@ -466,30 +581,124 @@ static int write_files(void) { r = fflush_and_check(passwd); if (r < 0) goto finish; - } - /* Make a backup of the old files */ - if (group && group_changed) { - r = make_backup("/etc/group", group_path); + if (original) { + fclose(original); + original = NULL; + } + + /* The we update the shadow database */ + shadow_path = fix_root("/etc/shadow"); + r = fopen_temporary_label("/etc/shadow", shadow_path, &shadow, &shadow_tmp); + if (r < 0) + goto finish; + + if (fchmod(fileno(shadow), 0000) < 0) { + r = -errno; + goto finish; + } + + original = fopen(shadow_path, "re"); + if (original) { + struct spwd *sp; + + errno = 0; + while ((sp = fgetspent(original))) { + + i = hashmap_get(users, sp->sp_namp); + if (i && i->todo_user) { + r = -EEXIST; + goto finish; + } + + errno = 0; + if (putspent(sp, shadow) < 0) { + r = errno ? -errno : -EIO; + goto finish; + } + + errno = 0; + } + if (!IN_SET(errno, 0, ENOENT)) { + r = -errno; + goto finish; + } + } else if (errno != ENOENT) { + r = -errno; + goto finish; + } + + lstchg = (long) (now(CLOCK_REALTIME) / USEC_PER_DAY); + HASHMAP_FOREACH(i, todo_uids, iterator) { + struct spwd n = { + .sp_namp = i->name, + .sp_pwdp = (char*) "!!", + .sp_lstchg = lstchg, + .sp_min = -1, + .sp_max = -1, + .sp_warn = -1, + .sp_inact = -1, + .sp_expire = -1, + .sp_flag = (unsigned long) -1, /* this appears to be what everybody does ... */ + }; + + errno = 0; + if (putspent(&n, shadow) != 0) { + r = errno ? -errno : -EIO; + goto finish; + } + } + + r = fflush_and_check(shadow); if (r < 0) goto finish; } + /* Make a backup of the old files */ + if (group_changed) { + if (group) { + r = make_backup("/etc/group", group_path); + if (r < 0) + goto finish; + } + if (gshadow) { + r = make_backup("/etc/gshadow", gshadow_path); + if (r < 0) + goto finish; + } + } + if (passwd) { r = make_backup("/etc/passwd", passwd_path); if (r < 0) goto finish; } + if (shadow) { + r = make_backup("/etc/shadow", shadow_path); + if (r < 0) + goto finish; + } /* And make the new files count */ - if (group && group_changed) { - if (rename(group_tmp, group_path) < 0) { - r = -errno; - goto finish; + if (group_changed) { + if (group) { + if (rename(group_tmp, group_path) < 0) { + r = -errno; + goto finish; + } + + free(group_tmp); + group_tmp = NULL; } + if (gshadow) { + if (rename(gshadow_tmp, gshadow_path) < 0) { + r = -errno; + goto finish; + } - free(group_tmp); - group_tmp = NULL; + free(gshadow_tmp); + gshadow_tmp = NULL; + } } if (passwd) { @@ -501,14 +710,27 @@ static int write_files(void) { free(passwd_tmp); passwd_tmp = NULL; } + if (shadow) { + if (rename(shadow_tmp, shadow_path) < 0) { + r = -errno; + goto finish; + } + + free(shadow_tmp); + shadow_tmp = NULL; + } r = 0; finish: if (passwd_tmp) unlink(passwd_tmp); + if (shadow_tmp) + unlink(shadow_tmp); if (group_tmp) unlink(group_tmp); + if (gshadow_tmp) + unlink(gshadow_tmp); return r; } @@ -1071,6 +1293,9 @@ static bool item_equal(Item *a, Item *b) { if (a->gid_set && a->gid != b->gid) return false; + if (!streq_ptr(a->home, b->home)) + return false; + return true; } @@ -1109,6 +1334,9 @@ static bool valid_user_group_name(const char *u) { static bool valid_gecos(const char *d) { + if (!d) + return false; + if (!utf8_is_valid(d)) return false; @@ -1122,6 +1350,30 @@ static bool valid_gecos(const char *d) { return true; } +static bool valid_home(const char *p) { + + if (isempty(p)) + return false; + + if (!utf8_is_valid(p)) + return false; + + if (string_has_cc(p, NULL)) + return false; + + if (!path_is_absolute(p)) + return false; + + if (!path_is_safe(p)) + return false; + + /* Colons are used as field separators, and hence not OK */ + if (strchr(p, ':')) + return false; + + return true; +} + static int parse_line(const char *fname, unsigned line, const char *buffer) { static const Specifier specifier_table[] = { @@ -1132,27 +1384,34 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { {} }; - _cleanup_free_ char *action = NULL, *name = NULL, *id = NULL, *resolved_name = NULL; + _cleanup_free_ char *action = NULL, *name = NULL, *id = NULL, *resolved_name = NULL, *description = NULL, *home = NULL; _cleanup_(item_freep) Item *i = NULL; Item *existing; Hashmap *h; - int r, n = -1; + int r; + const char *p; assert(fname); assert(line >= 1); assert(buffer); - r = sscanf(buffer, - "%ms %ms %ms %n", - &action, - &name, - &id, - &n); - if (r < 2) { + /* Parse columns */ + p = buffer; + r = unquote_many_words(&p, &action, &name, &id, &description, &home, NULL); + if (r < 0) { log_error("[%s:%u] Syntax error.", fname, line); - return -EIO; + return r; + } + if (r < 2) { + log_error("[%s:%u] Missing action and name columns.", fname, line); + return -EINVAL; + } + if (*p != 0) { + log_error("[%s:%u] Trailing garbage.", fname, line); + return -EINVAL; } + /* Verify action */ if (strlen(action) != 1) { log_error("[%s:%u] Unknown modifier '%s'", fname, line, action); return -EINVAL; @@ -1163,6 +1422,7 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { return -EBADMSG; } + /* Verify name */ r = specifier_printf(name, specifier_table, NULL, &resolved_name); if (r < 0) { log_error("[%s:%u] Failed to replace specifiers: %s", fname, line, name); @@ -1174,11 +1434,20 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { return -EINVAL; } - if (n >= 0) { - n += strspn(buffer+n, WHITESPACE); + /* Simplify remaining columns */ + if (isempty(id) || streq(id, "-")) { + free(id); + id = NULL; + } + + if (isempty(description) || streq(description, "-")) { + free(description); + description = NULL; + } - if (STR_IN_SET(buffer + n, "", "-")) - n = -1; + if (isempty(home) || streq(home, "-")) { + free(home); + home = NULL; } switch (action[0]) { @@ -1187,13 +1456,19 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { _cleanup_free_ char *resolved_id = NULL; char **l; - r = hashmap_ensure_allocated(&members, string_hash_func, string_compare_func); - if (r < 0) - return log_oom(); - /* Try to extend an existing member or group item */ - if (!id || streq(id, "-")) { + if (description) { + log_error("[%s:%u] Lines of type 'm' don't take a GECOS field.", fname, line); + return -EINVAL; + } + + if (home) { + log_error("[%s:%u] Lines of type 'm' don't take a home directory field.", fname, line); + return -EINVAL; + } + + if (!id) { log_error("[%s:%u] Lines of type 'm' require a group name in the third field.", fname, line); return -EINVAL; } @@ -1209,10 +1484,9 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { return -EINVAL; } - if (n >= 0) { - log_error("[%s:%u] Lines of type 'm' don't take a GECOS field.", fname, line); - return -EINVAL; - } + r = hashmap_ensure_allocated(&members, string_hash_func, string_compare_func); + if (r < 0) + return log_oom(); l = hashmap_get(members, resolved_id); if (l) { @@ -1255,15 +1529,12 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { if (!i) return log_oom(); - if (id && !streq(id, "-")) { - + if (id) { if (path_is_absolute(id)) { - i->uid_path = strdup(id); - if (!i->uid_path) - return log_oom(); + i->uid_path = id; + id = NULL; path_kill_slashes(i->uid_path); - } else { r = parse_uid(id, &i->uid); if (r < 0) { @@ -1275,40 +1546,53 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { } } - if (n >= 0) { - i->description = unquote(buffer+n, "\""); - if (!i->description) - return log_oom(); + if (description) { + if (!valid_gecos(description)) { + log_error("[%s:%u] '%s' is not a valid GECOS field.", fname, line, description); + return -EINVAL; + } + + i->description = description; + description = NULL; + } - if (!valid_gecos(i->description)) { - log_error("[%s:%u] '%s' is not a valid GECOS field.", fname, line, i->description); + if (home) { + if (!valid_home(home)) { + log_error("[%s:%u] '%s' is not a valid home directory field.", fname, line, home); return -EINVAL; } + + i->home = home; + home = NULL; } h = users; break; case ADD_GROUP: - r = hashmap_ensure_allocated(&groups, string_hash_func, string_compare_func); - if (r < 0) - return log_oom(); - if (n >= 0) { + if (description) { log_error("[%s:%u] Lines of type 'g' don't take a GECOS field.", fname, line); return -EINVAL; } + if (home) { + log_error("[%s:%u] Lines of type 'g' don't take a home directory field.", fname, line); + return -EINVAL; + } + + r = hashmap_ensure_allocated(&groups, string_hash_func, string_compare_func); + if (r < 0) + return log_oom(); + i = new0(Item, 1); if (!i) return log_oom(); - if (id && !streq(id, "-")) { - + if (id) { if (path_is_absolute(id)) { - i->gid_path = strdup(id); - if (!i->gid_path) - return log_oom(); + i->gid_path = id; + id = NULL; path_kill_slashes(i->gid_path); } else { @@ -1322,7 +1606,6 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { } } - h = groups; break; default: @@ -1352,20 +1635,27 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { } static int read_config_file(const char *fn, bool ignore_enoent) { - _cleanup_fclose_ FILE *f = NULL; + _cleanup_fclose_ FILE *rf = NULL; + FILE *f = NULL; char line[LINE_MAX]; unsigned v = 0; int r; assert(fn); - r = search_and_fopen_nulstr(fn, "re", arg_root, conf_file_dirs, &f); - if (r < 0) { - if (ignore_enoent && r == -ENOENT) - return 0; + if (streq(fn, "-")) + f = stdin; + else { + r = search_and_fopen_nulstr(fn, "re", arg_root, conf_file_dirs, &rf); + if (r < 0) { + if (ignore_enoent && r == -ENOENT) + return 0; - log_error("Failed to open '%s', ignoring: %s", fn, strerror(-r)); - return r; + log_error("Failed to open '%s', ignoring: %s", fn, strerror(-r)); + return r; + } + + f = rf; } FOREACH_LINE(line, f, break) {