[thirdparty/systemd.git] / src / nss-mymachines / nss-mymachines.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2014 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <nss.h>
#include <netdb.h>

#include "sd-bus.h"
#include "sd-login.h"
#include "macro.h"
#include "util.h"
#include "nss-util.h"
#include "bus-util.h"
#include "bus-common-errors.h"
#include "in-addr-util.h"
#include "hostname-util.h"

NSS_GETHOSTBYNAME_PROTOTYPES(mymachines);
NSS_GETPW_PROTOTYPES(mymachines);
NSS_GETGR_PROTOTYPES(mymachines);

static int count_addresses(sd_bus_message *m, int af, unsigned *ret) {
        unsigned c = 0;
        int r;

        assert(m);
        assert(ret);

        while ((r = sd_bus_message_enter_container(m, 'r', "iay")) > 0) {
                int family;

                r = sd_bus_message_read(m, "i", &family);
                if (r < 0)
                        return r;

                r = sd_bus_message_skip(m, "ay");
                if (r < 0)
                        return r;

                r = sd_bus_message_exit_container(m);
                if (r < 0)
                        return r;

                if (af != AF_UNSPEC && family != af)
                        continue;

                c ++;
        }
        if (r < 0)
                return r;

        r = sd_bus_message_rewind(m, false);
        if (r < 0)
                return r;

        *ret = c;
        return 0;
}

enum nss_status _nss_mymachines_gethostbyname4_r(
                const char *name,
                struct gaih_addrtuple **pat,
                char *buffer, size_t buflen,
                int *errnop, int *h_errnop,
                int32_t *ttlp) {

        struct gaih_addrtuple *r_tuple, *r_tuple_first = NULL;
        _cleanup_bus_message_unref_ sd_bus_message* reply = NULL;
        _cleanup_bus_flush_close_unref_ sd_bus *bus = NULL;
        _cleanup_free_ int *ifindices = NULL;
        _cleanup_free_ char *class = NULL;
        size_t l, ms, idx;
        unsigned i = 0, c = 0;
        char *r_name;
        int n_ifindices, r;

        assert(name);
        assert(pat);
        assert(buffer);
        assert(errnop);
        assert(h_errnop);

        r = sd_machine_get_class(name, &class);
        if (r < 0)
                goto fail;
        if (!streq(class, "container")) {
                r = -ENOTTY;
                goto fail;
        }

        n_ifindices = sd_machine_get_ifindices(name, &ifindices);
        if (n_ifindices < 0) {
                r = n_ifindices;
                goto fail;
        }

        r = sd_bus_open_system(&bus);
        if (r < 0)
                goto fail;

        r = sd_bus_call_method(bus,
                               "org.freedesktop.machine1",
                               "/org/freedesktop/machine1",
                               "org.freedesktop.machine1.Manager",
                               "GetMachineAddresses",
                               NULL,
                               &reply,
                               "s", name);
        if (r < 0)
                goto fail;

        r = sd_bus_message_enter_container(reply, 'a', "(iay)");
        if (r < 0)
                goto fail;

        r = count_addresses(reply, AF_UNSPEC, &c);
        if (r < 0)
                goto fail;

        if (c <= 0) {
                *errnop = ESRCH;
                *h_errnop = HOST_NOT_FOUND;
                return NSS_STATUS_NOTFOUND;
        }

        l = strlen(name);
        ms = ALIGN(l+1) + ALIGN(sizeof(struct gaih_addrtuple)) * c;
        if (buflen < ms) {
                *errnop = ENOMEM;
                *h_errnop = TRY_AGAIN;
                return NSS_STATUS_TRYAGAIN;
        }

        /* First, append name */
        r_name = buffer;
        memcpy(r_name, name, l+1);
        idx = ALIGN(l+1);

        /* Second, append addresses */
        r_tuple_first = (struct gaih_addrtuple*) (buffer + idx);
        while ((r = sd_bus_message_enter_container(reply, 'r', "iay")) > 0) {
                int family;
                const void *a;
                size_t sz;

                r = sd_bus_message_read(reply, "i", &family);
                if (r < 0)
                        goto fail;

                r = sd_bus_message_read_array(reply, 'y', &a, &sz);
                if (r < 0)
                        goto fail;

                r = sd_bus_message_exit_container(reply);
                if (r < 0)
                        goto fail;

                if (!IN_SET(family, AF_INET, AF_INET6)) {
                        r = -EAFNOSUPPORT;
                        goto fail;
                }

                if (sz != FAMILY_ADDRESS_SIZE(family)) {
                        r = -EINVAL;
                        goto fail;
                }

                r_tuple = (struct gaih_addrtuple*) (buffer + idx);
                r_tuple->next = i == c-1 ? NULL : (struct gaih_addrtuple*) ((char*) r_tuple + ALIGN(sizeof(struct gaih_addrtuple)));
                r_tuple->name = r_name;
                r_tuple->family = family;
                r_tuple->scopeid = n_ifindices == 1 ? ifindices[0] : 0;
                memcpy(r_tuple->addr, a, sz);

                idx += ALIGN(sizeof(struct gaih_addrtuple));
                i++;
        }

        assert(i == c);

        r = sd_bus_message_exit_container(reply);
        if (r < 0)
                goto fail;

        assert(idx == ms);

        if (*pat)
                **pat = *r_tuple_first;
        else
                *pat = r_tuple_first;

        if (ttlp)
                *ttlp = 0;

        /* Explicitly reset all error variables */
        *errnop = 0;
        *h_errnop = NETDB_SUCCESS;
        h_errno = 0;

        return NSS_STATUS_SUCCESS;

fail:
        *errnop = -r;
        *h_errnop = NO_DATA;
        return NSS_STATUS_UNAVAIL;
}

enum nss_status _nss_mymachines_gethostbyname3_r(
                const char *name,
                int af,
                struct hostent *result,
                char *buffer, size_t buflen,
                int *errnop, int *h_errnop,
                int32_t *ttlp,
                char **canonp) {

        _cleanup_bus_message_unref_ sd_bus_message* reply = NULL;
        _cleanup_bus_flush_close_unref_ sd_bus *bus = NULL;
        _cleanup_free_ char *class = NULL;
        unsigned c = 0, i = 0;
        char *r_name, *r_aliases, *r_addr, *r_addr_list;
        size_t l, idx, ms, alen;
        int r;

        assert(name);
        assert(result);
        assert(buffer);
        assert(errnop);
        assert(h_errnop);

        if (af == AF_UNSPEC)
                af = AF_INET;

        if (af != AF_INET && af != AF_INET6) {
                r = -EAFNOSUPPORT;
                goto fail;
        }

        r = sd_machine_get_class(name, &class);
        if (r < 0)
                goto fail;
        if (!streq(class, "container")) {
                r = -ENOTTY;
                goto fail;
        }

        r = sd_bus_open_system(&bus);
        if (r < 0)
                goto fail;

        r = sd_bus_call_method(bus,
                               "org.freedesktop.machine1",
                               "/org/freedesktop/machine1",
                               "org.freedesktop.machine1.Manager",
                               "GetMachineAddresses",
                               NULL,
                               &reply,
                               "s", name);
        if (r < 0)
                goto fail;

        r = sd_bus_message_enter_container(reply, 'a', "(iay)");
        if (r < 0)
                goto fail;

        r = count_addresses(reply, af, &c);
        if (r < 0)
                goto fail;

        if (c <= 0) {
                *errnop = ENOENT;
                *h_errnop = HOST_NOT_FOUND;
                return NSS_STATUS_NOTFOUND;
        }

        alen = FAMILY_ADDRESS_SIZE(af);
        l = strlen(name);

        ms = ALIGN(l+1) + c * ALIGN(alen) + (c+2) * sizeof(char*);

        if (buflen < ms) {
                *errnop = ENOMEM;
                *h_errnop = NO_RECOVERY;
                return NSS_STATUS_TRYAGAIN;
        }

        /* First, append name */
        r_name = buffer;
        memcpy(r_name, name, l+1);
        idx = ALIGN(l+1);

        /* Second, create aliases array */
        r_aliases = buffer + idx;
        ((char**) r_aliases)[0] = NULL;
        idx += sizeof(char*);

        /* Third, append addresses */
        r_addr = buffer + idx;
        while ((r = sd_bus_message_enter_container(reply, 'r', "iay")) > 0) {
                int family;
                const void *a;
                size_t sz;

                r = sd_bus_message_read(reply, "i", &family);
                if (r < 0)
                        goto fail;

                r = sd_bus_message_read_array(reply, 'y', &a, &sz);
                if (r < 0)
                        goto fail;

                r = sd_bus_message_exit_container(reply);
                if (r < 0)
                        goto fail;

                if (family != af)
                        continue;

                if (sz != alen) {
                        r = -EINVAL;
                        goto fail;
                }

                memcpy(r_addr + i*ALIGN(alen), a, alen);
                i++;
        }

        assert(i == c);
        idx += c * ALIGN(alen);

        r = sd_bus_message_exit_container(reply);
        if (r < 0)
                goto fail;

        /* Third, append address pointer array */
        r_addr_list = buffer + idx;
        for (i = 0; i < c; i++)
                ((char**) r_addr_list)[i] = r_addr + i*ALIGN(alen);

        ((char**) r_addr_list)[i] = NULL;
        idx += (c+1) * sizeof(char*);

        assert(idx == ms);

        result->h_name = r_name;
        result->h_aliases = (char**) r_aliases;
        result->h_addrtype = af;
        result->h_length = alen;
        result->h_addr_list = (char**) r_addr_list;

        if (ttlp)
                *ttlp = 0;

        if (canonp)
                *canonp = r_name;

        /* Explicitly reset all error variables */
        *errnop = 0;
        *h_errnop = NETDB_SUCCESS;
        h_errno = 0;

        return NSS_STATUS_SUCCESS;

fail:
        *errnop = -r;
        *h_errnop = NO_DATA;
        return NSS_STATUS_UNAVAIL;
}

NSS_GETHOSTBYNAME_FALLBACKS(mymachines);

enum nss_status _nss_mymachines_getpwnam_r(
                const char *name,
                struct passwd *pwd,
                char *buffer, size_t buflen,
                int *errnop) {

        _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
        _cleanup_bus_message_unref_ sd_bus_message* reply = NULL;
        _cleanup_bus_flush_close_unref_ sd_bus *bus = NULL;
        const char *p, *e, *machine;
        uint32_t mapped;
        uid_t uid;
        size_t l;
        int r;

        assert(name);
        assert(pwd);

        p = startswith(name, "vu-");
        if (!p)
                goto not_found;

        e = strrchr(p, '-');
        if (!e || e == p)
                goto not_found;

        r = parse_uid(e + 1, &uid);
        if (r < 0)
                goto not_found;

        machine = strndupa(p, e - p);
        if (!machine_name_is_valid(machine))
                goto not_found;

        r = sd_bus_open_system(&bus);
        if (r < 0)
                goto fail;

        r = sd_bus_call_method(bus,
                               "org.freedesktop.machine1",
                               "/org/freedesktop/machine1",
                               "org.freedesktop.machine1.Manager",
                               "MapFromMachineUser",
                               &error,
                               &reply,
                               "su",
                               machine, (uint32_t) uid);
        if (r < 0) {
                if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_USER_MAPPING))
                        goto not_found;

                goto fail;
        }

        r = sd_bus_message_read(reply, "u", &mapped);
        if (r < 0)
                goto fail;

        l = strlen(name);
        if (buflen < l+1) {
                *errnop = ENOMEM;
                return NSS_STATUS_TRYAGAIN;
        }

        memcpy(buffer, name, l+1);

        pwd->pw_name = buffer;
        pwd->pw_uid = mapped;
        pwd->pw_gid = 65534; /* nobody */
        pwd->pw_gecos = buffer;
        pwd->pw_passwd = (char*) "*"; /* locked */
        pwd->pw_dir = (char*) "/";
        pwd->pw_shell = (char*) "/sbin/nologin";

        *errnop = 0;
        return NSS_STATUS_SUCCESS;

not_found:
        *errnop = 0;
        return NSS_STATUS_NOTFOUND;

fail:
        *errnop = -r;
        return NSS_STATUS_UNAVAIL;
}

enum nss_status _nss_mymachines_getpwuid_r(
                uid_t uid,
                struct passwd *pwd,
                char *buffer, size_t buflen,
                int *errnop) {

        _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
        _cleanup_bus_message_unref_ sd_bus_message* reply = NULL;
        _cleanup_bus_flush_close_unref_ sd_bus *bus = NULL;
        const char *machine, *object;
        uint32_t mapped;
        int r;

        if (UID_IS_INVALID(uid)) {
                r = -EINVAL;
                goto fail;
        }

        /* We consider all uids < 65536 host uids */
        if (uid < 0x10000)
                goto not_found;

        r = sd_bus_open_system(&bus);
        if (r < 0)
                goto fail;

        r = sd_bus_call_method(bus,
                               "org.freedesktop.machine1",
                               "/org/freedesktop/machine1",
                               "org.freedesktop.machine1.Manager",
                               "MapToMachineUser",
                               &error,
                               &reply,
                               "u",
                               (uint32_t) uid);
        if (r < 0) {
                if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_USER_MAPPING))
                        goto not_found;

                goto fail;
        }

        r = sd_bus_message_read(reply, "sou", &machine, &object, &mapped);
        if (r < 0)
                goto fail;

        if (snprintf(buffer, buflen, "vu-%s-" UID_FMT, machine, (uid_t) mapped) >= (int) buflen) {
                *errnop = ENOMEM;
                return NSS_STATUS_TRYAGAIN;
        }

        pwd->pw_name = buffer;
        pwd->pw_uid = uid;
        pwd->pw_gid = 65534; /* nobody */
        pwd->pw_gecos = buffer;
        pwd->pw_passwd = (char*) "*"; /* locked */
        pwd->pw_dir = (char*) "/";
        pwd->pw_shell = (char*) "/sbin/nologin";

        *errnop = 0;
        return NSS_STATUS_SUCCESS;

not_found:
        *errnop = 0;
        return NSS_STATUS_NOTFOUND;

fail:
        *errnop = -r;
        return NSS_STATUS_UNAVAIL;
}

enum nss_status _nss_mymachines_getgrnam_r(
                const char *name,
                struct group *gr,
                char *buffer, size_t buflen,
                int *errnop) {

        _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
        _cleanup_bus_message_unref_ sd_bus_message* reply = NULL;
        _cleanup_bus_flush_close_unref_ sd_bus *bus = NULL;
        const char *p, *e, *machine;
        uint32_t mapped;
        uid_t gid;
        size_t l;
        int r;

        assert(name);
        assert(gr);

        p = startswith(name, "vg-");
        if (!p)
                goto not_found;

        e = strrchr(p, '-');
        if (!e || e == p)
                goto not_found;

        r = parse_gid(e + 1, &gid);
        if (r < 0)
                goto not_found;

        machine = strndupa(p, e - p);
        if (!machine_name_is_valid(machine))
                goto not_found;

        r = sd_bus_open_system(&bus);
        if (r < 0)
                goto fail;

        r = sd_bus_call_method(bus,
                               "org.freedesktop.machine1",
                               "/org/freedesktop/machine1",
                               "org.freedesktop.machine1.Manager",
                               "MapFromMachineGroup",
                               &error,
                               &reply,
                               "su",
                               machine, (uint32_t) gid);
        if (r < 0) {
                if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_GROUP_MAPPING))
                        goto not_found;

                goto fail;
        }

        r = sd_bus_message_read(reply, "u", &mapped);
        if (r < 0)
                goto fail;

        l = sizeof(char*) + strlen(name) + 1;
        if (buflen < l) {
                *errnop = ENOMEM;
                return NSS_STATUS_TRYAGAIN;
        }

        memzero(buffer, sizeof(char*));
        strcpy(buffer + sizeof(char*), name);

        gr->gr_name = buffer + sizeof(char*);
        gr->gr_gid = gid;
        gr->gr_passwd = (char*) "*"; /* locked */
        gr->gr_mem = (char**) buffer;

        *errnop = 0;
        return NSS_STATUS_SUCCESS;

not_found:
        *errnop = 0;
        return NSS_STATUS_NOTFOUND;

fail:
        *errnop = -r;
        return NSS_STATUS_UNAVAIL;
}

enum nss_status _nss_mymachines_getgrgid_r(
                gid_t gid,
                struct group *gr,
                char *buffer, size_t buflen,
                int *errnop) {

        _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
        _cleanup_bus_message_unref_ sd_bus_message* reply = NULL;
        _cleanup_bus_flush_close_unref_ sd_bus *bus = NULL;
        const char *machine, *object;
        uint32_t mapped;
        int r;

        if (GID_IS_INVALID(gid)) {
                r = -EINVAL;
                goto fail;
        }

        /* We consider all gids < 65536 host gids */
        if (gid < 0x10000)
                goto not_found;

        r = sd_bus_open_system(&bus);
        if (r < 0)
                goto fail;

        r = sd_bus_call_method(bus,
                               "org.freedesktop.machine1",
                               "/org/freedesktop/machine1",
                               "org.freedesktop.machine1.Manager",
                               "MapToMachineGroup",
                               &error,
                               &reply,
                               "u",
                               (uint32_t) gid);
        if (r < 0) {
                if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_GROUP_MAPPING))
                        goto not_found;

                goto fail;
        }

        r = sd_bus_message_read(reply, "sou", &machine, &object, &mapped);
        if (r < 0)
                goto fail;

        if (buflen < sizeof(char*) + 1) {
                *errnop = ENOMEM;
                return NSS_STATUS_TRYAGAIN;
        }

        memzero(buffer, sizeof(char*));
        if (snprintf(buffer + sizeof(char*), buflen - sizeof(char*), "vg-%s-" GID_FMT, machine, (gid_t) mapped) >= (int) buflen) {
                *errnop = ENOMEM;
                return NSS_STATUS_TRYAGAIN;
        }

        gr->gr_name = buffer + sizeof(char*);
        gr->gr_gid = gid;
        gr->gr_passwd = (char*) "*"; /* locked */
        gr->gr_mem = (char**) buffer;

        *errnop = 0;
        return NSS_STATUS_SUCCESS;

not_found:
        *errnop = 0;
        return NSS_STATUS_NOTFOUND;

fail:
        *errnop = -r;
        return NSS_STATUS_UNAVAIL;
}
Commit	Line	Data
cabb0bc6 LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2014 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU Lesser General Public License as published by
	10	the Free Software Foundation; either version 2.1 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	Lesser General Public License for more details.
	17
	18	You should have received a copy of the GNU Lesser General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <nss.h>
	23	#include <netdb.h>
	24
	25	#include "sd-bus.h"
	26	#include "sd-login.h"
	27	#include "macro.h"
	28	#include "util.h"
	29	#include "nss-util.h"
	30	#include "bus-util.h"
c01ff965	31	#include "bus-common-errors.h"
cabb0bc6	32	#include "in-addr-util.h"
25300b5a	33	#include "hostname-util.h"
cabb0bc6 LP	34
cabb0bc6 LP	35	NSS_GETHOSTBYNAME_PROTOTYPES(mymachines);
c01ff965 LP	36	NSS_GETPW_PROTOTYPES(mymachines);
c01ff965 LP	37	NSS_GETGR_PROTOTYPES(mymachines);
cabb0bc6	38
0dd25fb9	39	static int count_addresses(sd_bus_message m, int af, unsigned ret) {
cabb0bc6 LP	40	unsigned c = 0;
	41	int r;
	42
	43	assert(m);
	44	assert(ret);
	45
3a6fb33c	46	while ((r = sd_bus_message_enter_container(m, 'r', "iay")) > 0) {
0dd25fb9	47	int family;
cabb0bc6	48
0dd25fb9	49	r = sd_bus_message_read(m, "i", &family);
cabb0bc6 LP	50	if (r < 0)
	51	return r;
	52
	53	r = sd_bus_message_skip(m, "ay");
	54	if (r < 0)
	55	return r;
	56
	57	r = sd_bus_message_exit_container(m);
	58	if (r < 0)
	59	return r;
	60
	61	if (af != AF_UNSPEC && family != af)
	62	continue;
	63
	64	c ++;
	65	}
	66	if (r < 0)
	67	return r;
	68
	69	r = sd_bus_message_rewind(m, false);
	70	if (r < 0)
	71	return r;
	72
	73	*ret = c;
	74	return 0;
	75	}
	76
	77	enum nss_status _nss_mymachines_gethostbyname4_r(
	78	const char *name,
	79	struct gaih_addrtuple **pat,
	80	char *buffer, size_t buflen,
	81	int errnop, int h_errnop,
	82	int32_t *ttlp) {
	83
	84	struct gaih_addrtuple r_tuple, r_tuple_first = NULL;
	85	_cleanup_bus_message_unref_ sd_bus_message* reply = NULL;
03976f7b	86	_cleanup_bus_flush_close_unref_ sd_bus *bus = NULL;
634af566	87	_cleanup_free_ int *ifindices = NULL;
cabb0bc6 LP	88	_cleanup_free_ char *class = NULL;
	89	size_t l, ms, idx;
	90	unsigned i = 0, c = 0;
	91	char *r_name;
634af566	92	int n_ifindices, r;
cabb0bc6 LP	93
	94	assert(name);
	95	assert(pat);
	96	assert(buffer);
	97	assert(errnop);
	98	assert(h_errnop);
	99
	100	r = sd_machine_get_class(name, &class);
	101	if (r < 0)
	102	goto fail;
	103	if (!streq(class, "container")) {
	104	r = -ENOTTY;
	105	goto fail;
	106	}
	107
634af566 LP	108	n_ifindices = sd_machine_get_ifindices(name, &ifindices);
	109	if (n_ifindices < 0) {
	110	r = n_ifindices;
cabb0bc6 LP	111	goto fail;
	112	}
	113
	114	r = sd_bus_open_system(&bus);
	115	if (r < 0)
	116	goto fail;
	117
	118	r = sd_bus_call_method(bus,
	119	"org.freedesktop.machine1",
	120	"/org/freedesktop/machine1",
	121	"org.freedesktop.machine1.Manager",
	122	"GetMachineAddresses",
	123	NULL,
	124	&reply,
	125	"s", name);
	126	if (r < 0)
	127	goto fail;
	128
0dd25fb9	129	r = sd_bus_message_enter_container(reply, 'a', "(iay)");
cabb0bc6 LP	130	if (r < 0)
	131	goto fail;
	132
	133	r = count_addresses(reply, AF_UNSPEC, &c);
	134	if (r < 0)
	135	goto fail;
	136
	137	if (c <= 0) {
555bd6e9	138	*errnop = ESRCH;
cabb0bc6 LP	139	*h_errnop = HOST_NOT_FOUND;
	140	return NSS_STATUS_NOTFOUND;
	141	}
	142
	143	l = strlen(name);
	144	ms = ALIGN(l+1) + ALIGN(sizeof(struct gaih_addrtuple)) * c;
	145	if (buflen < ms) {
	146	*errnop = ENOMEM;
555bd6e9	147	*h_errnop = TRY_AGAIN;
cabb0bc6 LP	148	return NSS_STATUS_TRYAGAIN;
	149	}
	150
	151	/* First, append name */
	152	r_name = buffer;
	153	memcpy(r_name, name, l+1);
	154	idx = ALIGN(l+1);
	155
	156	/* Second, append addresses */
	157	r_tuple_first = (struct gaih_addrtuple*) (buffer + idx);
0dd25fb9 LP	158	while ((r = sd_bus_message_enter_container(reply, 'r', "iay")) > 0) {
0dd25fb9 LP	159	int family;
cabb0bc6 LP	160	const void *a;
	161	size_t sz;
	162
0dd25fb9	163	r = sd_bus_message_read(reply, "i", &family);
cabb0bc6 LP	164	if (r < 0)
	165	goto fail;
	166
	167	r = sd_bus_message_read_array(reply, 'y', &a, &sz);
	168	if (r < 0)
	169	goto fail;
	170
	171	r = sd_bus_message_exit_container(reply);
	172	if (r < 0)
	173	goto fail;
	174
555bd6e9 LP	175	if (!IN_SET(family, AF_INET, AF_INET6)) {
	176	r = -EAFNOSUPPORT;
	177	goto fail;
	178	}
	179
9d485985	180	if (sz != FAMILY_ADDRESS_SIZE(family)) {
cabb0bc6 LP	181	r = -EINVAL;
	182	goto fail;
	183	}
	184
	185	r_tuple = (struct gaih_addrtuple*) (buffer + idx);
	186	r_tuple->next = i == c-1 ? NULL : (struct gaih_addrtuple) ((char) r_tuple + ALIGN(sizeof(struct gaih_addrtuple)));
	187	r_tuple->name = r_name;
	188	r_tuple->family = family;
634af566	189	r_tuple->scopeid = n_ifindices == 1 ? ifindices[0] : 0;
cabb0bc6 LP	190	memcpy(r_tuple->addr, a, sz);
	191
	192	idx += ALIGN(sizeof(struct gaih_addrtuple));
	193	i++;
	194	}
	195
	196	assert(i == c);
	197
	198	r = sd_bus_message_exit_container(reply);
	199	if (r < 0)
	200	goto fail;
	201
	202	assert(idx == ms);
	203
	204	if (*pat)
	205	*pat = r_tuple_first;
	206	else
	207	*pat = r_tuple_first;
	208
	209	if (ttlp)
	210	*ttlp = 0;
	211
e70df46b LP	212	/* Explicitly reset all error variables */
	213	*errnop = 0;
	214	*h_errnop = NETDB_SUCCESS;
	215	h_errno = 0;
	216
cabb0bc6 LP	217	return NSS_STATUS_SUCCESS;
	218
	219	fail:
	220	*errnop = -r;
	221	*h_errnop = NO_DATA;
	222	return NSS_STATUS_UNAVAIL;
	223	}
	224
	225	enum nss_status _nss_mymachines_gethostbyname3_r(
	226	const char *name,
	227	int af,
	228	struct hostent *result,
	229	char *buffer, size_t buflen,
	230	int errnop, int h_errnop,
	231	int32_t *ttlp,
	232	char **canonp) {
	233
	234	_cleanup_bus_message_unref_ sd_bus_message* reply = NULL;
03976f7b	235	_cleanup_bus_flush_close_unref_ sd_bus *bus = NULL;
cabb0bc6 LP	236	_cleanup_free_ char *class = NULL;
	237	unsigned c = 0, i = 0;
	238	char r_name, r_aliases, r_addr, r_addr_list;
	239	size_t l, idx, ms, alen;
	240	int r;
	241
	242	assert(name);
	243	assert(result);
	244	assert(buffer);
	245	assert(errnop);
	246	assert(h_errnop);
	247
	248	if (af == AF_UNSPEC)
	249	af = AF_INET;
	250
	251	if (af != AF_INET && af != AF_INET6) {
	252	r = -EAFNOSUPPORT;
	253	goto fail;
	254	}
	255
	256	r = sd_machine_get_class(name, &class);
	257	if (r < 0)
	258	goto fail;
	259	if (!streq(class, "container")) {
	260	r = -ENOTTY;
	261	goto fail;
	262	}
	263
	264	r = sd_bus_open_system(&bus);
	265	if (r < 0)
	266	goto fail;
	267
	268	r = sd_bus_call_method(bus,
	269	"org.freedesktop.machine1",
	270	"/org/freedesktop/machine1",
	271	"org.freedesktop.machine1.Manager",
	272	"GetMachineAddresses",
	273	NULL,
	274	&reply,
	275	"s", name);
	276	if (r < 0)
	277	goto fail;
	278
0dd25fb9	279	r = sd_bus_message_enter_container(reply, 'a', "(iay)");
cabb0bc6 LP	280	if (r < 0)
	281	goto fail;
	282
	283	r = count_addresses(reply, af, &c);
	284	if (r < 0)
	285	goto fail;
	286
	287	if (c <= 0) {
	288	*errnop = ENOENT;
	289	*h_errnop = HOST_NOT_FOUND;
	290	return NSS_STATUS_NOTFOUND;
	291	}
	292
9d485985	293	alen = FAMILY_ADDRESS_SIZE(af);
cabb0bc6 LP	294	l = strlen(name);
cabb0bc6 LP	295
66a16e7e	296	ms = ALIGN(l+1) + c * ALIGN(alen) + (c+2) * sizeof(char*);
cabb0bc6 LP	297
	298	if (buflen < ms) {
	299	*errnop = ENOMEM;
	300	*h_errnop = NO_RECOVERY;
	301	return NSS_STATUS_TRYAGAIN;
	302	}
	303
	304	/* First, append name */
	305	r_name = buffer;
	306	memcpy(r_name, name, l+1);
	307	idx = ALIGN(l+1);
	308
	309	/* Second, create aliases array */
	310	r_aliases = buffer + idx;
	311	((char**) r_aliases)[0] = NULL;
	312	idx += sizeof(char*);
	313
	314	/* Third, append addresses */
	315	r_addr = buffer + idx;
0dd25fb9 LP	316	while ((r = sd_bus_message_enter_container(reply, 'r', "iay")) > 0) {
0dd25fb9 LP	317	int family;
cabb0bc6 LP	318	const void *a;
	319	size_t sz;
	320
0dd25fb9	321	r = sd_bus_message_read(reply, "i", &family);
cabb0bc6 LP	322	if (r < 0)
	323	goto fail;
	324
	325	r = sd_bus_message_read_array(reply, 'y', &a, &sz);
	326	if (r < 0)
	327	goto fail;
	328
	329	r = sd_bus_message_exit_container(reply);
	330	if (r < 0)
	331	goto fail;
	332
	333	if (family != af)
	334	continue;
	335
	336	if (sz != alen) {
	337	r = -EINVAL;
	338	goto fail;
	339	}
	340
	341	memcpy(r_addr + i*ALIGN(alen), a, alen);
	342	i++;
	343	}
	344
	345	assert(i == c);
	346	idx += c * ALIGN(alen);
	347
	348	r = sd_bus_message_exit_container(reply);
	349	if (r < 0)
	350	goto fail;
	351
	352	/* Third, append address pointer array */
	353	r_addr_list = buffer + idx;
	354	for (i = 0; i < c; i++)
	355	((char*) r_addr_list)[i] = r_addr + iALIGN(alen);
	356
	357	((char**) r_addr_list)[i] = NULL;
	358	idx += (c+1) * sizeof(char*);
	359
	360	assert(idx == ms);
	361
	362	result->h_name = r_name;
	363	result->h_aliases = (char**) r_aliases;
	364	result->h_addrtype = af;
	365	result->h_length = alen;
	366	result->h_addr_list = (char**) r_addr_list;
	367
	368	if (ttlp)
	369	*ttlp = 0;
	370
	371	if (canonp)
	372	*canonp = r_name;
	373
e70df46b LP	374	/* Explicitly reset all error variables */
	375	*errnop = 0;
	376	*h_errnop = NETDB_SUCCESS;
	377	h_errno = 0;
	378
cabb0bc6 LP	379	return NSS_STATUS_SUCCESS;
	380
	381	fail:
	382	*errnop = -r;
	383	*h_errnop = NO_DATA;
	384	return NSS_STATUS_UNAVAIL;
	385	}
	386
c01ff965 LP	387	NSS_GETHOSTBYNAME_FALLBACKS(mymachines);
	388
	389	enum nss_status _nss_mymachines_getpwnam_r(
	390	const char *name,
	391	struct passwd *pwd,
	392	char *buffer, size_t buflen,
	393	int *errnop) {
	394
	395	_cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
	396	_cleanup_bus_message_unref_ sd_bus_message* reply = NULL;
	397	_cleanup_bus_flush_close_unref_ sd_bus *bus = NULL;
	398	const char p, e, *machine;
	399	uint32_t mapped;
	400	uid_t uid;
	401	size_t l;
	402	int r;
	403
	404	assert(name);
	405	assert(pwd);
	406
	407	p = startswith(name, "vu-");
	408	if (!p)
	409	goto not_found;
	410
	411	e = strrchr(p, '-');
	412	if (!e \|\| e == p)
	413	goto not_found;
	414
	415	r = parse_uid(e + 1, &uid);
	416	if (r < 0)
	417	goto not_found;
	418
	419	machine = strndupa(p, e - p);
	420	if (!machine_name_is_valid(machine))
	421	goto not_found;
	422
	423	r = sd_bus_open_system(&bus);
	424	if (r < 0)
	425	goto fail;
	426
	427	r = sd_bus_call_method(bus,
	428	"org.freedesktop.machine1",
	429	"/org/freedesktop/machine1",
	430	"org.freedesktop.machine1.Manager",
	431	"MapFromMachineUser",
	432	&error,
	433	&reply,
	434	"su",
	435	machine, (uint32_t) uid);
	436	if (r < 0) {
	437	if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_USER_MAPPING))
	438	goto not_found;
	439
	440	goto fail;
	441	}
	442
	443	r = sd_bus_message_read(reply, "u", &mapped);
	444	if (r < 0)
	445	goto fail;
	446
	447	l = strlen(name);
	448	if (buflen < l+1) {
	449	*errnop = ENOMEM;
	450	return NSS_STATUS_TRYAGAIN;
451	}
452
453	memcpy(buffer, name, l+1);
454
455	pwd->pw_name = buffer;
456	pwd->pw_uid = mapped;
457	pwd->pw_gid = 65534; /* nobody */
458	pwd->pw_gecos = buffer;
459	pwd->pw_passwd = (char) ""; /* locked */
460	pwd->pw_dir = (char*) "/";
461	pwd->pw_shell = (char*) "/sbin/nologin";
462
463	*errnop = 0;
464	return NSS_STATUS_SUCCESS;
465
466	not_found:
467	*errnop = 0;
468	return NSS_STATUS_NOTFOUND;
469
470	fail:
471	*errnop = -r;
472	return NSS_STATUS_UNAVAIL;
473	}
474
475	enum nss_status _nss_mymachines_getpwuid_r(
476	uid_t uid,
477	struct passwd *pwd,
478	char *buffer, size_t buflen,
479	int *errnop) {
480
481	_cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
482	_cleanup_bus_message_unref_ sd_bus_message* reply = NULL;
483	_cleanup_bus_flush_close_unref_ sd_bus *bus = NULL;
484	const char machine, object;
485	uint32_t mapped;
486	int r;
487
488	if (UID_IS_INVALID(uid)) {
489	r = -EINVAL;
490	goto fail;
491	}
492
493	/* We consider all uids < 65536 host uids */
494	if (uid < 0x10000)
495	goto not_found;
496
497	r = sd_bus_open_system(&bus);
498	if (r < 0)
499	goto fail;
500
501	r = sd_bus_call_method(bus,
502	"org.freedesktop.machine1",
503	"/org/freedesktop/machine1",
504	"org.freedesktop.machine1.Manager",
505	"MapToMachineUser",
506	&error,
507	&reply,
508	"u",
509	(uint32_t) uid);
510	if (r < 0) {
511	if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_USER_MAPPING))
512	goto not_found;
513
514	goto fail;
515	}
516
517	r = sd_bus_message_read(reply, "sou", &machine, &object, &mapped);
518	if (r < 0)
519	goto fail;
520
521	if (snprintf(buffer, buflen, "vu-%s-" UID_FMT, machine, (uid_t) mapped) >= (int) buflen) {
522	*errnop = ENOMEM;
523	return NSS_STATUS_TRYAGAIN;
524	}
525
526	pwd->pw_name = buffer;
527	pwd->pw_uid = uid;
528	pwd->pw_gid = 65534; /* nobody */
529	pwd->pw_gecos = buffer;
530	pwd->pw_passwd = (char) ""; /* locked */
531	pwd->pw_dir = (char*) "/";
532	pwd->pw_shell = (char*) "/sbin/nologin";
533
534	*errnop = 0;
535	return NSS_STATUS_SUCCESS;
536
537	not_found:
538	*errnop = 0;
539	return NSS_STATUS_NOTFOUND;
540
541	fail:
542	*errnop = -r;
543	return NSS_STATUS_UNAVAIL;
544	}
545
546	enum nss_status _nss_mymachines_getgrnam_r(
547	const char *name,
548	struct group *gr,
549	char *buffer, size_t buflen,
550	int *errnop) {
551
552	_cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
553	_cleanup_bus_message_unref_ sd_bus_message* reply = NULL;
554	_cleanup_bus_flush_close_unref_ sd_bus *bus = NULL;
555	const char p, e, *machine;
556	uint32_t mapped;
557	uid_t gid;
558	size_t l;
559	int r;
560
561	assert(name);
562	assert(gr);
563
564	p = startswith(name, "vg-");
565	if (!p)
566	goto not_found;
567
568	e = strrchr(p, '-');
569	if (!e \|\| e == p)
570	goto not_found;
571
572	r = parse_gid(e + 1, &gid);
573	if (r < 0)
574	goto not_found;
575
576	machine = strndupa(p, e - p);
577	if (!machine_name_is_valid(machine))
578	goto not_found;
579
580	r = sd_bus_open_system(&bus);
581	if (r < 0)
582	goto fail;
583
584	r = sd_bus_call_method(bus,
585	"org.freedesktop.machine1",
586	"/org/freedesktop/machine1",
587	"org.freedesktop.machine1.Manager",
588	"MapFromMachineGroup",
589	&error,
590	&reply,
591	"su",
592	machine, (uint32_t) gid);
593	if (r < 0) {
594	if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_GROUP_MAPPING))
595	goto not_found;
596
597	goto fail;
598	}
599
600	r = sd_bus_message_read(reply, "u", &mapped);
601	if (r < 0)
602	goto fail;
603
604	l = sizeof(char*) + strlen(name) + 1;
605	if (buflen < l) {
606	*errnop = ENOMEM;
607	return NSS_STATUS_TRYAGAIN;
608	}
609
610	memzero(buffer, sizeof(char*));
611	strcpy(buffer + sizeof(char*), name);
612
613	gr->gr_name = buffer + sizeof(char*);
614	gr->gr_gid = gid;
615	gr->gr_passwd = (char) ""; /* locked */
616	gr->gr_mem = (char**) buffer;
617
618	*errnop = 0;
619	return NSS_STATUS_SUCCESS;
620
621	not_found:
622	*errnop = 0;
623	return NSS_STATUS_NOTFOUND;
624
625	fail:
626	*errnop = -r;
627	return NSS_STATUS_UNAVAIL;
628	}
629
630	enum nss_status _nss_mymachines_getgrgid_r(
631	gid_t gid,
632	struct group *gr,
633	char *buffer, size_t buflen,
634	int *errnop) {
635
636	_cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
637	_cleanup_bus_message_unref_ sd_bus_message* reply = NULL;
638	_cleanup_bus_flush_close_unref_ sd_bus *bus = NULL;
639	const char machine, object;
640	uint32_t mapped;
641	int r;
642
643	if (GID_IS_INVALID(gid)) {
644	r = -EINVAL;
645	goto fail;
646	}
647
648	/* We consider all gids < 65536 host gids */
649	if (gid < 0x10000)
650	goto not_found;
651
652	r = sd_bus_open_system(&bus);
653	if (r < 0)
654	goto fail;
655
656	r = sd_bus_call_method(bus,
657	"org.freedesktop.machine1",
658	"/org/freedesktop/machine1",
659	"org.freedesktop.machine1.Manager",
660	"MapToMachineGroup",
661	&error,
662	&reply,
663	"u",
664	(uint32_t) gid);
665	if (r < 0) {
666	if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_GROUP_MAPPING))
667	goto not_found;
668
669	goto fail;
670	}
671
672	r = sd_bus_message_read(reply, "sou", &machine, &object, &mapped);
673	if (r < 0)
674	goto fail;
675
676	if (buflen < sizeof(char*) + 1) {
677	*errnop = ENOMEM;
678	return NSS_STATUS_TRYAGAIN;
679	}
680
681	memzero(buffer, sizeof(char*));
682	if (snprintf(buffer + sizeof(char), buflen - sizeof(char), "vg-%s-" GID_FMT, machine, (gid_t) mapped) >= (int) buflen) {
683	*errnop = ENOMEM;
684	return NSS_STATUS_TRYAGAIN;
685	}
686
687	gr->gr_name = buffer + sizeof(char*);
688	gr->gr_gid = gid;
689	gr->gr_passwd = (char) ""; /* locked */
690	gr->gr_mem = (char**) buffer;
691
692	*errnop = 0;
693	return NSS_STATUS_SUCCESS;
694
695	not_found:
696	*errnop = 0;
697	return NSS_STATUS_NOTFOUND;
698
699	fail:
700	*errnop = -r;
701	return NSS_STATUS_UNAVAIL;
702	}