1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25 #include "alloc-util.h"
28 #include "parse-util.h"
29 #include "path-util.h"
30 #include "string-util.h"
31 #include "user-util.h"
34 bool uid_is_valid(uid_t uid) {
36 /* Some libc APIs use UID_INVALID as special placeholder */
37 if (uid == (uid_t) UINT32_C(0xFFFFFFFF))
40 /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
41 if (uid == (uid_t) UINT32_C(0xFFFF))
47 int parse_uid(const char *s, uid_t *ret) {
53 assert_cc(sizeof(uid_t) == sizeof(uint32_t));
54 r = safe_atou32(s, &uid);
58 if (!uid_is_valid(uid))
59 return -ENXIO; /* we return ENXIO instead of EINVAL
60 * here, to make it easy to distuingish
61 * invalid numeric uids invalid
70 char* getlogname_malloc(void) {
74 if (isatty(STDIN_FILENO) && fstat(STDIN_FILENO, &st) >= 0)
79 return uid_to_name(uid);
82 char *getusername_malloc(void) {
89 return uid_to_name(getuid());
93 const char **username,
94 uid_t *uid, gid_t *gid,
104 /* We enforce some special rules for uid=0: in order to avoid
105 * NSS lookups for root we hardcode its data. */
107 if (streq(*username, "root") || streq(*username, "0")) {
125 if (parse_uid(*username, &u) >= 0) {
129 /* If there are multiple users with the same id, make
130 * sure to leave $USER to the configured value instead
131 * of the first occurrence in the database. However if
132 * the uid was configured by a numeric uid, then let's
133 * pick the real username from /etc/passwd. */
135 *username = p->pw_name;
138 p = getpwnam(*username);
142 return errno > 0 ? -errno : -ESRCH;
145 if (!uid_is_valid(p->pw_uid))
152 if (!gid_is_valid(p->pw_gid))
162 *shell = p->pw_shell;
167 int get_group_creds(const char **groupname, gid_t *gid) {
173 /* We enforce some special rules for gid=0: in order to avoid
174 * NSS lookups for root we hardcode its data. */
176 if (streq(*groupname, "root") || streq(*groupname, "0")) {
185 if (parse_gid(*groupname, &id) >= 0) {
190 *groupname = g->gr_name;
193 g = getgrnam(*groupname);
197 return errno > 0 ? -errno : -ESRCH;
200 if (!gid_is_valid(g->gr_gid))
209 char* uid_to_name(uid_t uid) {
213 /* Shortcut things to avoid NSS lookups */
215 return strdup("root");
217 if (uid_is_valid(uid)) {
220 bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
225 struct passwd pwbuf, *pw = NULL;
226 _cleanup_free_ char *buf = NULL;
228 buf = malloc(bufsize);
232 r = getpwuid_r(uid, &pwbuf, buf, (size_t) bufsize, &pw);
234 return strdup(pw->pw_name);
242 if (asprintf(&ret, UID_FMT, uid) < 0)
248 char* gid_to_name(gid_t gid) {
253 return strdup("root");
255 if (gid_is_valid(gid)) {
258 bufsize = sysconf(_SC_GETGR_R_SIZE_MAX);
263 struct group grbuf, *gr = NULL;
264 _cleanup_free_ char *buf = NULL;
266 buf = malloc(bufsize);
270 r = getgrgid_r(gid, &grbuf, buf, (size_t) bufsize, &gr);
272 return strdup(gr->gr_name);
280 if (asprintf(&ret, GID_FMT, gid) < 0)
286 int in_gid(gid_t gid) {
288 int ngroups_max, r, i;
293 if (getegid() == gid)
296 if (!gid_is_valid(gid))
299 ngroups_max = sysconf(_SC_NGROUPS_MAX);
300 assert(ngroups_max > 0);
302 gids = alloca(sizeof(gid_t) * ngroups_max);
304 r = getgroups(ngroups_max, gids);
308 for (i = 0; i < r; i++)
315 int in_group(const char *name) {
319 r = get_group_creds(&name, &gid);
326 int get_home_dir(char **_h) {
334 /* Take the user specified one */
335 e = secure_getenv("HOME");
336 if (e && path_is_absolute(e)) {
345 /* Hardcode home directory for root to avoid NSS */
356 /* Check the database... */
360 return errno > 0 ? -errno : -ESRCH;
362 if (!path_is_absolute(p->pw_dir))
365 h = strdup(p->pw_dir);
373 int get_shell(char **_s) {
381 /* Take the user specified one */
392 /* Hardcode home directory for root to avoid NSS */
395 s = strdup("/bin/sh");
403 /* Check the database... */
407 return errno > 0 ? -errno : -ESRCH;
409 if (!path_is_absolute(p->pw_shell))
412 s = strdup(p->pw_shell);
420 int reset_uid_gid(void) {
422 if (setgroups(0, NULL) < 0)
425 if (setresgid(0, 0, 0) < 0)
428 if (setresuid(0, 0, 0) < 0)
434 int take_etc_passwd_lock(const char *root) {
436 struct flock flock = {
438 .l_whence = SEEK_SET,
446 /* This is roughly the same as lckpwdf(), but not as awful. We
447 * don't want to use alarm() and signals, hence we implement
448 * our own trivial version of this.
450 * Note that shadow-utils also takes per-database locks in
451 * addition to lckpwdf(). However, we don't given that they
452 * are redundant as they they invoke lckpwdf() first and keep
453 * it during everything they do. The per-database locks are
454 * awfully racy, and thus we just won't do them. */
457 path = prefix_roota(root, "/etc/.pwd.lock");
459 path = "/etc/.pwd.lock";
461 fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0600);
465 r = fcntl(fd, F_SETLKW, &flock);
~ianmdlvl / elogind.git / blob