1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25 #include "alloc-util.h"
28 #include "parse-util.h"
29 #include "path-util.h"
30 #include "string-util.h"
31 #include "user-util.h"
34 bool uid_is_valid(uid_t uid) {
36 /* Some libc APIs use UID_INVALID as special placeholder */
37 if (uid == (uid_t) UINT32_C(0xFFFFFFFF))
40 /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
41 if (uid == (uid_t) UINT32_C(0xFFFF))
47 int parse_uid(const char *s, uid_t *ret) {
53 assert_cc(sizeof(uid_t) == sizeof(uint32_t));
54 r = safe_atou32(s, &uid);
58 if (!uid_is_valid(uid))
59 return -ENXIO; /* we return ENXIO instead of EINVAL
60 * here, to make it easy to distuingish
61 * invalid numeric uids from invalid
70 #if 0 /// UNNEEDED by elogind
71 char* getlogname_malloc(void) {
75 if (isatty(STDIN_FILENO) && fstat(STDIN_FILENO, &st) >= 0)
80 return uid_to_name(uid);
83 char *getusername_malloc(void) {
90 return uid_to_name(getuid());
95 const char **username,
96 uid_t *uid, gid_t *gid,
106 /* We enforce some special rules for uid=0: in order to avoid
107 * NSS lookups for root we hardcode its data. */
109 if (streq(*username, "root") || streq(*username, "0")) {
127 if (parse_uid(*username, &u) >= 0) {
131 /* If there are multiple users with the same id, make
132 * sure to leave $USER to the configured value instead
133 * of the first occurrence in the database. However if
134 * the uid was configured by a numeric uid, then let's
135 * pick the real username from /etc/passwd. */
137 *username = p->pw_name;
140 p = getpwnam(*username);
144 return errno > 0 ? -errno : -ESRCH;
147 if (!uid_is_valid(p->pw_uid))
154 if (!gid_is_valid(p->pw_gid))
164 *shell = p->pw_shell;
169 int get_group_creds(const char **groupname, gid_t *gid) {
175 /* We enforce some special rules for gid=0: in order to avoid
176 * NSS lookups for root we hardcode its data. */
178 if (streq(*groupname, "root") || streq(*groupname, "0")) {
187 if (parse_gid(*groupname, &id) >= 0) {
192 *groupname = g->gr_name;
195 g = getgrnam(*groupname);
199 return errno > 0 ? -errno : -ESRCH;
202 if (!gid_is_valid(g->gr_gid))
211 char* uid_to_name(uid_t uid) {
215 /* Shortcut things to avoid NSS lookups */
217 return strdup("root");
219 if (uid_is_valid(uid)) {
222 bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
227 struct passwd pwbuf, *pw = NULL;
228 _cleanup_free_ char *buf = NULL;
230 buf = malloc(bufsize);
234 r = getpwuid_r(uid, &pwbuf, buf, (size_t) bufsize, &pw);
236 return strdup(pw->pw_name);
244 if (asprintf(&ret, UID_FMT, uid) < 0)
250 char* gid_to_name(gid_t gid) {
255 return strdup("root");
257 if (gid_is_valid(gid)) {
260 bufsize = sysconf(_SC_GETGR_R_SIZE_MAX);
265 struct group grbuf, *gr = NULL;
266 _cleanup_free_ char *buf = NULL;
268 buf = malloc(bufsize);
272 r = getgrgid_r(gid, &grbuf, buf, (size_t) bufsize, &gr);
274 return strdup(gr->gr_name);
282 if (asprintf(&ret, GID_FMT, gid) < 0)
288 #if 0 /// UNNEEDED by elogind
289 int in_gid(gid_t gid) {
291 int ngroups_max, r, i;
296 if (getegid() == gid)
299 if (!gid_is_valid(gid))
302 ngroups_max = sysconf(_SC_NGROUPS_MAX);
303 assert(ngroups_max > 0);
305 gids = alloca(sizeof(gid_t) * ngroups_max);
307 r = getgroups(ngroups_max, gids);
311 for (i = 0; i < r; i++)
318 int in_group(const char *name) {
322 r = get_group_creds(&name, &gid);
329 int get_home_dir(char **_h) {
337 /* Take the user specified one */
338 e = secure_getenv("HOME");
339 if (e && path_is_absolute(e)) {
348 /* Hardcode home directory for root to avoid NSS */
359 /* Check the database... */
363 return errno > 0 ? -errno : -ESRCH;
365 if (!path_is_absolute(p->pw_dir))
368 h = strdup(p->pw_dir);
376 int get_shell(char **_s) {
384 /* Take the user specified one */
395 /* Hardcode home directory for root to avoid NSS */
398 s = strdup("/bin/sh");
406 /* Check the database... */
410 return errno > 0 ? -errno : -ESRCH;
412 if (!path_is_absolute(p->pw_shell))
415 s = strdup(p->pw_shell);
424 int reset_uid_gid(void) {
426 if (setgroups(0, NULL) < 0)
429 if (setresgid(0, 0, 0) < 0)
432 if (setresuid(0, 0, 0) < 0)
438 #if 0 /// UNNEEDED by elogind
439 int take_etc_passwd_lock(const char *root) {
441 struct flock flock = {
443 .l_whence = SEEK_SET,
451 /* This is roughly the same as lckpwdf(), but not as awful. We
452 * don't want to use alarm() and signals, hence we implement
453 * our own trivial version of this.
455 * Note that shadow-utils also takes per-database locks in
456 * addition to lckpwdf(). However, we don't given that they
457 * are redundant as they they invoke lckpwdf() first and keep
458 * it during everything they do. The per-database locks are
459 * awfully racy, and thus we just won't do them. */
462 path = prefix_roota(root, "/etc/.pwd.lock");
464 path = "/etc/.pwd.lock";
466 fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0600);
470 r = fcntl(fd, F_SETLKW, &flock);