1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25 #include "alloc-util.h"
28 #include "parse-util.h"
29 #include "path-util.h"
30 #include "string-util.h"
31 #include "user-util.h"
34 bool uid_is_valid(uid_t uid) {
36 /* Some libc APIs use UID_INVALID as special placeholder */
37 if (uid == (uid_t) UINT32_C(0xFFFFFFFF))
40 /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
41 if (uid == (uid_t) UINT32_C(0xFFFF))
47 int parse_uid(const char *s, uid_t *ret) {
53 assert_cc(sizeof(uid_t) == sizeof(uint32_t));
54 r = safe_atou32(s, &uid);
58 if (!uid_is_valid(uid))
59 return -ENXIO; /* we return ENXIO instead of EINVAL
60 * here, to make it easy to distuingish
61 * invalid numeric uids invalid
70 /// UNNEEDED by elogind
72 char* getlogname_malloc(void) {
76 if (isatty(STDIN_FILENO) && fstat(STDIN_FILENO, &st) >= 0)
81 return uid_to_name(uid);
84 char *getusername_malloc(void) {
91 return uid_to_name(getuid());
96 const char **username,
97 uid_t *uid, gid_t *gid,
107 /* We enforce some special rules for uid=0: in order to avoid
108 * NSS lookups for root we hardcode its data. */
110 if (streq(*username, "root") || streq(*username, "0")) {
128 if (parse_uid(*username, &u) >= 0) {
132 /* If there are multiple users with the same id, make
133 * sure to leave $USER to the configured value instead
134 * of the first occurrence in the database. However if
135 * the uid was configured by a numeric uid, then let's
136 * pick the real username from /etc/passwd. */
138 *username = p->pw_name;
141 p = getpwnam(*username);
145 return errno > 0 ? -errno : -ESRCH;
148 if (!uid_is_valid(p->pw_uid))
155 if (!gid_is_valid(p->pw_gid))
165 *shell = p->pw_shell;
170 int get_group_creds(const char **groupname, gid_t *gid) {
176 /* We enforce some special rules for gid=0: in order to avoid
177 * NSS lookups for root we hardcode its data. */
179 if (streq(*groupname, "root") || streq(*groupname, "0")) {
188 if (parse_gid(*groupname, &id) >= 0) {
193 *groupname = g->gr_name;
196 g = getgrnam(*groupname);
200 return errno > 0 ? -errno : -ESRCH;
203 if (!gid_is_valid(g->gr_gid))
212 char* uid_to_name(uid_t uid) {
216 /* Shortcut things to avoid NSS lookups */
218 return strdup("root");
220 if (uid_is_valid(uid)) {
223 bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
228 struct passwd pwbuf, *pw = NULL;
229 _cleanup_free_ char *buf = NULL;
231 buf = malloc(bufsize);
235 r = getpwuid_r(uid, &pwbuf, buf, (size_t) bufsize, &pw);
237 return strdup(pw->pw_name);
245 if (asprintf(&ret, UID_FMT, uid) < 0)
251 char* gid_to_name(gid_t gid) {
256 return strdup("root");
258 if (gid_is_valid(gid)) {
261 bufsize = sysconf(_SC_GETGR_R_SIZE_MAX);
266 struct group grbuf, *gr = NULL;
267 _cleanup_free_ char *buf = NULL;
269 buf = malloc(bufsize);
273 r = getgrgid_r(gid, &grbuf, buf, (size_t) bufsize, &gr);
275 return strdup(gr->gr_name);
283 if (asprintf(&ret, GID_FMT, gid) < 0)
289 /// UNNEEDED by elogind
291 int in_gid(gid_t gid) {
293 int ngroups_max, r, i;
298 if (getegid() == gid)
301 if (!gid_is_valid(gid))
304 ngroups_max = sysconf(_SC_NGROUPS_MAX);
305 assert(ngroups_max > 0);
307 gids = alloca(sizeof(gid_t) * ngroups_max);
309 r = getgroups(ngroups_max, gids);
313 for (i = 0; i < r; i++)
320 int in_group(const char *name) {
324 r = get_group_creds(&name, &gid);
331 int get_home_dir(char **_h) {
339 /* Take the user specified one */
340 e = secure_getenv("HOME");
341 if (e && path_is_absolute(e)) {
350 /* Hardcode home directory for root to avoid NSS */
361 /* Check the database... */
365 return errno > 0 ? -errno : -ESRCH;
367 if (!path_is_absolute(p->pw_dir))
370 h = strdup(p->pw_dir);
378 int get_shell(char **_s) {
386 /* Take the user specified one */
397 /* Hardcode home directory for root to avoid NSS */
400 s = strdup("/bin/sh");
408 /* Check the database... */
412 return errno > 0 ? -errno : -ESRCH;
414 if (!path_is_absolute(p->pw_shell))
417 s = strdup(p->pw_shell);
426 int reset_uid_gid(void) {
428 if (setgroups(0, NULL) < 0)
431 if (setresgid(0, 0, 0) < 0)
434 if (setresuid(0, 0, 0) < 0)
440 /// UNNEEDED by elogind
442 int take_etc_passwd_lock(const char *root) {
444 struct flock flock = {
446 .l_whence = SEEK_SET,
454 /* This is roughly the same as lckpwdf(), but not as awful. We
455 * don't want to use alarm() and signals, hence we implement
456 * our own trivial version of this.
458 * Note that shadow-utils also takes per-database locks in
459 * addition to lckpwdf(). However, we don't given that they
460 * are redundant as they they invoke lckpwdf() first and keep
461 * it during everything they do. The per-database locks are
462 * awfully racy, and thus we just won't do them. */
465 path = prefix_roota(root, "/etc/.pwd.lock");
467 path = "/etc/.pwd.lock";
469 fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0600);
473 r = fcntl(fd, F_SETLKW, &flock);