X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fsysusers%2Fsysusers.c;h=88111029060af27df99839122f27d8523efb05de;hb=23bbb0de4e3f85d9704a5c12a5afa2dfa0159e41;hp=5f5b49dc7722efee33d82be37d14cae540c6588b;hpb=f06863bde5de49a503cb8028e89d4b30790f2cbf;p=elogind.git diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c index 5f5b49dc7..881110290 100644 --- a/src/sysusers/sysusers.c +++ b/src/sysusers/sysusers.c @@ -67,15 +67,7 @@ typedef struct Item { static char *arg_root = NULL; -static const char conf_file_dirs[] = - "/etc/sysusers.d\0" - "/run/sysusers.d\0" - "/usr/local/lib/sysusers.d\0" - "/usr/lib/sysusers.d\0" -#ifdef HAVE_SPLIT_USR - "/lib/sysusers.d\0" -#endif - ; +static const char conf_file_dirs[] = CONF_DIRS_NULSTR("sysusers"); static Hashmap *users = NULL, *groups = NULL; static Hashmap *todo_uids = NULL, *todo_gids = NULL; @@ -354,12 +346,26 @@ static int putsgent_with_members(const struct sgrp *sg, FILE *gshadow) { return 0; } +static int sync_rights(FILE *from, FILE *to) { + struct stat st; + + if (fstat(fileno(from), &st) < 0) + return -errno; + + if (fchmod(fileno(to), st.st_mode & 07777) < 0) + return -errno; + + if (fchown(fileno(to), st.st_uid, st.st_gid) < 0) + return -errno; + + return 0; +} + static int write_files(void) { _cleanup_fclose_ FILE *passwd = NULL, *group = NULL, *shadow = NULL, *gshadow = NULL; _cleanup_free_ char *passwd_tmp = NULL, *group_tmp = NULL, *shadow_tmp = NULL, *gshadow_tmp = NULL; const char *passwd_path = NULL, *group_path = NULL, *shadow_path = NULL, *gshadow_path = NULL; - struct stat st; bool group_changed = false; Iterator iterator; Item *i; @@ -378,12 +384,9 @@ static int write_files(void) { if (original) { struct group *gr; - if (fstat(fileno(original), &st) < 0 || - fchmod(fileno(group), st.st_mode & 07777) < 0 || - fchown(fileno(group), st.st_uid, st.st_gid) < 0) { - r = -errno; + r = sync_rights(original, group); + if (r < 0) goto finish; - } errno = 0; while ((gr = fgetgrent(original))) { @@ -460,12 +463,9 @@ static int write_files(void) { if (original) { struct sgrp *sg; - if (fstat(fileno(original), &st) < 0 || - fchmod(fileno(gshadow), st.st_mode & 07777) < 0 || - fchown(fileno(gshadow), st.st_uid, st.st_gid) < 0) { - r = -errno; + r = sync_rights(original, gshadow); + if (r < 0) goto finish; - } errno = 0; while ((sg = fgetsgent(original))) { @@ -529,12 +529,9 @@ static int write_files(void) { if (original) { struct passwd *pw; - if (fstat(fileno(original), &st) < 0 || - fchmod(fileno(passwd), st.st_mode & 07777) < 0 || - fchown(fileno(passwd), st.st_uid, st.st_gid) < 0) { - r = -errno; + r = sync_rights(original, passwd); + if (r < 0) goto finish; - } errno = 0; while ((pw = fgetpwent(original))) { @@ -617,12 +614,9 @@ static int write_files(void) { if (original) { struct spwd *sp; - if (fstat(fileno(original), &st) < 0 || - fchmod(fileno(shadow), st.st_mode & 07777) < 0 || - fchown(fileno(shadow), st.st_uid, st.st_gid) < 0) { - r = -errno; + r = sync_rights(original, shadow); + if (r < 0) goto finish; - } errno = 0; while ((sp = fgetspent(original))) { @@ -926,7 +920,7 @@ static int add_user(Item *i) { if (i->uid_set) { r = uid_is_ok(i->uid, i->name); if (r < 0) { - log_error("Failed to verify uid " UID_FMT ": %s", i->uid, strerror(-r)); + log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid); return r; } if (r == 0) { @@ -946,7 +940,7 @@ static int add_user(Item *i) { else { r = uid_is_ok(c, i->name); if (r < 0) { - log_error("Failed to verify uid " UID_FMT ": %s", i->uid, strerror(-r)); + log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid); return r; } else if (r > 0) { i->uid = c; @@ -961,7 +955,7 @@ static int add_user(Item *i) { if (!i->uid_set && i->gid_set) { r = uid_is_ok((uid_t) i->gid, i->name); if (r < 0) { - log_error("Failed to verify uid " UID_FMT ": %s", i->uid, strerror(-r)); + log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid); return r; } if (r > 0) { @@ -981,7 +975,7 @@ static int add_user(Item *i) { r = uid_is_ok(search_uid, i->name); if (r < 0) { - log_error("Failed to verify uid " UID_FMT ": %s", i->uid, strerror(-r)); + log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid); return r; } else if (r > 0) break; @@ -1078,7 +1072,7 @@ static int add_group(Item *i) { if (i->gid_set) { r = gid_is_ok(i->gid); if (r < 0) { - log_error("Failed to verify gid " GID_FMT ": %s", i->gid, strerror(-r)); + log_error_errno(r, "Failed to verify gid " GID_FMT ": %m", i->gid); return r; } if (r == 0) { @@ -1091,7 +1085,7 @@ static int add_group(Item *i) { if (!i->gid_set && i->uid_set) { r = gid_is_ok((gid_t) i->uid); if (r < 0) { - log_error("Failed to verify gid " GID_FMT ": %s", i->gid, strerror(-r)); + log_error_errno(r, "Failed to verify gid " GID_FMT ": %m", i->gid); return r; } if (r > 0) { @@ -1111,7 +1105,7 @@ static int add_group(Item *i) { else { r = gid_is_ok(c); if (r < 0) { - log_error("Failed to verify gid " GID_FMT ": %s", i->gid, strerror(-r)); + log_error_errno(r, "Failed to verify gid " GID_FMT ": %m", i->gid); return r; } else if (r > 0) { i->gid = c; @@ -1134,7 +1128,7 @@ static int add_group(Item *i) { r = gid_is_ok(search_uid); if (r < 0) { - log_error("Failed to verify gid " GID_FMT ": %s", i->gid, strerror(-r)); + log_error_errno(r, "Failed to verify gid " GID_FMT ": %m", i->gid); return r; } else if (r > 0) break; @@ -1727,7 +1721,7 @@ static int read_config_file(const char *fn, bool ignore_enoent) { if (ignore_enoent && r == -ENOENT) return 0; - log_error("Failed to open '%s', ignoring: %s", fn, strerror(-r)); + log_error_errno(r, "Failed to open '%s', ignoring: %m", fn); return r; } @@ -1859,7 +1853,7 @@ int main(int argc, char *argv[]) { r = mac_selinux_init(NULL); if (r < 0) { - log_error("SELinux setup failed: %s", strerror(-r)); + log_error_errno(r, "SELinux setup failed: %m"); goto finish; } @@ -1877,7 +1871,7 @@ int main(int argc, char *argv[]) { r = conf_files_list_nulstr(&files, ".conf", arg_root, conf_file_dirs); if (r < 0) { - log_error("Failed to enumerate sysusers.d files: %s", strerror(-r)); + log_error_errno(r, "Failed to enumerate sysusers.d files: %m"); goto finish; } @@ -1903,19 +1897,19 @@ int main(int argc, char *argv[]) { lock = take_password_lock(arg_root); if (lock < 0) { - log_error("Failed to take lock: %s", strerror(-lock)); + log_error_errno(lock, "Failed to take lock: %m"); goto finish; } r = load_user_database(); if (r < 0) { - log_error("Failed to load user database: %s", strerror(-r)); + log_error_errno(r, "Failed to load user database: %m"); goto finish; } r = load_group_database(); if (r < 0) { - log_error("Failed to read group database: %s", strerror(-r)); + log_error_errno(r, "Failed to read group database: %m"); goto finish; } @@ -1927,7 +1921,7 @@ int main(int argc, char *argv[]) { r = write_files(); if (r < 0) - log_error("Failed to write files: %s", strerror(-r)); + log_error_errno(r, "Failed to write files: %m"); finish: while ((i = hashmap_steal_first(groups)))