]>
Commit | Line | Data |
---|---|---|
71d0b9d4 LP |
1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
2 | ||
3 | #include <sys/mount.h> | |
4 | ||
5 | #include "cgroup-util.h" | |
6 | #include "dns-domain.h" | |
7 | #include "env-util.h" | |
8 | #include "fs-util.h" | |
9 | #include "hexdecoct.h" | |
10 | #include "hostname-util.h" | |
11 | #include "memory-util.h" | |
12 | #include "path-util.h" | |
13 | #include "pkcs11-util.h" | |
14 | #include "rlimit-util.h" | |
15 | #include "stat-util.h" | |
16 | #include "string-table.h" | |
17 | #include "strv.h" | |
18 | #include "user-record.h" | |
19 | #include "user-util.h" | |
20 | ||
21 | #define DEFAULT_RATELIMIT_BURST 30 | |
22 | #define DEFAULT_RATELIMIT_INTERVAL_USEC (1*USEC_PER_MINUTE) | |
23 | ||
24 | UserRecord* user_record_new(void) { | |
25 | UserRecord *h; | |
26 | ||
27 | h = new(UserRecord, 1); | |
28 | if (!h) | |
29 | return NULL; | |
30 | ||
31 | *h = (UserRecord) { | |
32 | .n_ref = 1, | |
33 | .disposition = _USER_DISPOSITION_INVALID, | |
34 | .last_change_usec = UINT64_MAX, | |
35 | .last_password_change_usec = UINT64_MAX, | |
36 | .umask = MODE_INVALID, | |
37 | .nice_level = INT_MAX, | |
38 | .not_before_usec = UINT64_MAX, | |
39 | .not_after_usec = UINT64_MAX, | |
40 | .locked = -1, | |
41 | .storage = _USER_STORAGE_INVALID, | |
42 | .access_mode = MODE_INVALID, | |
43 | .disk_size = UINT64_MAX, | |
44 | .disk_size_relative = UINT64_MAX, | |
45 | .tasks_max = UINT64_MAX, | |
46 | .memory_high = UINT64_MAX, | |
47 | .memory_max = UINT64_MAX, | |
48 | .cpu_weight = UINT64_MAX, | |
49 | .io_weight = UINT64_MAX, | |
50 | .uid = UID_INVALID, | |
51 | .gid = GID_INVALID, | |
52 | .nodev = true, | |
53 | .nosuid = true, | |
54 | .luks_discard = -1, | |
55 | .luks_volume_key_size = UINT64_MAX, | |
56 | .luks_pbkdf_time_cost_usec = UINT64_MAX, | |
57 | .luks_pbkdf_memory_cost = UINT64_MAX, | |
58 | .luks_pbkdf_parallel_threads = UINT64_MAX, | |
59 | .disk_usage = UINT64_MAX, | |
60 | .disk_free = UINT64_MAX, | |
61 | .disk_ceiling = UINT64_MAX, | |
62 | .disk_floor = UINT64_MAX, | |
63 | .signed_locally = -1, | |
64 | .good_authentication_counter = UINT64_MAX, | |
65 | .bad_authentication_counter = UINT64_MAX, | |
66 | .last_good_authentication_usec = UINT64_MAX, | |
67 | .last_bad_authentication_usec = UINT64_MAX, | |
68 | .ratelimit_begin_usec = UINT64_MAX, | |
69 | .ratelimit_count = UINT64_MAX, | |
70 | .ratelimit_interval_usec = UINT64_MAX, | |
71 | .ratelimit_burst = UINT64_MAX, | |
72 | .removable = -1, | |
73 | .enforce_password_policy = -1, | |
74 | .auto_login = -1, | |
75 | .stop_delay_usec = UINT64_MAX, | |
76 | .kill_processes = -1, | |
77 | .password_change_min_usec = UINT64_MAX, | |
78 | .password_change_max_usec = UINT64_MAX, | |
79 | .password_change_warn_usec = UINT64_MAX, | |
80 | .password_change_inactive_usec = UINT64_MAX, | |
81 | .password_change_now = -1, | |
82 | .pkcs11_protected_authentication_path_permitted = -1, | |
83 | }; | |
84 | ||
85 | return h; | |
86 | } | |
87 | ||
88 | static void pkcs11_encrypted_key_done(Pkcs11EncryptedKey *k) { | |
89 | if (!k) | |
90 | return; | |
91 | ||
92 | free(k->uri); | |
93 | erase_and_free(k->data); | |
94 | erase_and_free(k->hashed_password); | |
95 | } | |
96 | ||
97 | static UserRecord* user_record_free(UserRecord *h) { | |
98 | if (!h) | |
99 | return NULL; | |
100 | ||
101 | free(h->user_name); | |
102 | free(h->realm); | |
103 | free(h->user_name_and_realm_auto); | |
104 | free(h->real_name); | |
105 | free(h->email_address); | |
106 | erase_and_free(h->password_hint); | |
107 | free(h->location); | |
108 | free(h->icon_name); | |
109 | ||
110 | free(h->shell); | |
111 | ||
112 | strv_free(h->environment); | |
113 | free(h->time_zone); | |
114 | free(h->preferred_language); | |
115 | rlimit_free_all(h->rlimits); | |
116 | ||
117 | free(h->skeleton_directory); | |
118 | ||
119 | strv_free_erase(h->hashed_password); | |
120 | strv_free_erase(h->ssh_authorized_keys); | |
121 | strv_free_erase(h->password); | |
122 | strv_free_erase(h->pkcs11_pin); | |
123 | ||
124 | free(h->cifs_service); | |
125 | free(h->cifs_user_name); | |
126 | free(h->cifs_domain); | |
127 | ||
128 | free(h->image_path); | |
129 | free(h->image_path_auto); | |
130 | free(h->home_directory); | |
131 | free(h->home_directory_auto); | |
132 | ||
133 | strv_free(h->member_of); | |
134 | ||
135 | free(h->file_system_type); | |
136 | free(h->luks_cipher); | |
137 | free(h->luks_cipher_mode); | |
138 | free(h->luks_pbkdf_hash_algorithm); | |
139 | free(h->luks_pbkdf_type); | |
140 | ||
141 | free(h->state); | |
142 | free(h->service); | |
143 | ||
144 | strv_free(h->pkcs11_token_uri); | |
145 | for (size_t i = 0; i < h->n_pkcs11_encrypted_key; i++) | |
146 | pkcs11_encrypted_key_done(h->pkcs11_encrypted_key + i); | |
147 | free(h->pkcs11_encrypted_key); | |
148 | ||
149 | json_variant_unref(h->json); | |
150 | ||
151 | return mfree(h); | |
152 | } | |
153 | ||
154 | DEFINE_TRIVIAL_REF_UNREF_FUNC(UserRecord, user_record, user_record_free); | |
155 | ||
156 | int json_dispatch_realm(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
157 | char **s = userdata; | |
158 | const char *n; | |
159 | int r; | |
160 | ||
161 | if (json_variant_is_null(variant)) { | |
162 | *s = mfree(*s); | |
163 | return 0; | |
164 | } | |
165 | ||
166 | if (!json_variant_is_string(variant)) | |
167 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
168 | ||
169 | n = json_variant_string(variant); | |
170 | r = dns_name_is_valid(n); | |
171 | if (r < 0) | |
172 | return json_log(variant, flags, r, "Failed to check if JSON field '%s' is a valid DNS domain.", strna(name)); | |
173 | if (r == 0) | |
174 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid DNS domain.", strna(name)); | |
175 | ||
176 | r = free_and_strdup(s, n); | |
177 | if (r < 0) | |
178 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
179 | ||
180 | return 0; | |
181 | } | |
182 | ||
183 | static int json_dispatch_gecos(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
184 | char **s = userdata; | |
185 | const char *n; | |
186 | int r; | |
187 | ||
188 | if (json_variant_is_null(variant)) { | |
189 | *s = mfree(*s); | |
190 | return 0; | |
191 | } | |
192 | ||
193 | if (!json_variant_is_string(variant)) | |
194 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
195 | ||
196 | n = json_variant_string(variant); | |
197 | if (!valid_gecos(n)) | |
198 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid GECOS compatible real name.", strna(name)); | |
199 | ||
200 | r = free_and_strdup(s, n); | |
201 | if (r < 0) | |
202 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
203 | ||
204 | return 0; | |
205 | } | |
206 | ||
207 | static int json_dispatch_nice(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
208 | int *nl = userdata; | |
209 | intmax_t m; | |
210 | ||
211 | if (json_variant_is_null(variant)) { | |
212 | *nl = INT_MAX; | |
213 | return 0; | |
214 | } | |
215 | ||
216 | if (!json_variant_is_integer(variant)) | |
217 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
218 | ||
219 | m = json_variant_integer(variant); | |
220 | if (m < PRIO_MIN || m >= PRIO_MAX) | |
221 | return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), "JSON field '%s' is not a valid nice level.", strna(name)); | |
222 | ||
223 | *nl = m; | |
224 | return 0; | |
225 | } | |
226 | ||
227 | static int json_dispatch_rlimit_value(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
228 | rlim_t *ret = userdata; | |
229 | ||
230 | if (json_variant_is_null(variant)) | |
231 | *ret = RLIM_INFINITY; | |
232 | else if (json_variant_is_unsigned(variant)) { | |
233 | uintmax_t w; | |
234 | ||
235 | w = json_variant_unsigned(variant); | |
236 | if (w == RLIM_INFINITY || (uintmax_t) w != json_variant_unsigned(variant)) | |
237 | return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), "Resource limit value '%s' is out of range.", name); | |
238 | ||
239 | *ret = (rlim_t) w; | |
240 | } else | |
241 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit value '%s' is not an unsigned integer.", name); | |
242 | ||
243 | return 0; | |
244 | } | |
245 | ||
246 | static int json_dispatch_rlimits(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
247 | struct rlimit** limits = userdata; | |
248 | JsonVariant *value; | |
249 | const char *key; | |
250 | int r; | |
251 | ||
252 | assert_se(limits); | |
253 | ||
254 | if (json_variant_is_null(variant)) { | |
255 | rlimit_free_all(limits); | |
256 | return 0; | |
257 | } | |
258 | ||
259 | if (!json_variant_is_object(variant)) | |
260 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an object.", strna(name)); | |
261 | ||
262 | JSON_VARIANT_OBJECT_FOREACH(key, value, variant) { | |
263 | JsonVariant *jcur, *jmax; | |
264 | struct rlimit rl; | |
265 | const char *p; | |
266 | int l; | |
267 | ||
268 | p = startswith(key, "RLIMIT_"); | |
269 | if (!p) | |
270 | l = -1; | |
271 | else | |
272 | l = rlimit_from_string(p); | |
273 | if (l < 0) | |
274 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' not known.", key); | |
275 | ||
276 | if (!json_variant_is_object(value)) | |
277 | return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' has invalid value.", key); | |
278 | ||
279 | if (json_variant_elements(value) != 4) | |
280 | return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' value is does not have two fields as expected.", key); | |
281 | ||
282 | jcur = json_variant_by_key(value, "cur"); | |
283 | if (!jcur) | |
284 | return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' lacks 'cur' field.", key); | |
285 | r = json_dispatch_rlimit_value("cur", jcur, flags, &rl.rlim_cur); | |
286 | if (r < 0) | |
287 | return r; | |
288 | ||
289 | jmax = json_variant_by_key(value, "max"); | |
290 | if (!jmax) | |
291 | return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' lacks 'max' field.", key); | |
292 | r = json_dispatch_rlimit_value("max", jmax, flags, &rl.rlim_max); | |
293 | if (r < 0) | |
294 | return r; | |
295 | ||
296 | if (limits[l]) | |
297 | *(limits[l]) = rl; | |
298 | else { | |
299 | limits[l] = newdup(struct rlimit, &rl, 1); | |
300 | if (!limits[l]) | |
301 | return log_oom(); | |
302 | } | |
303 | } | |
304 | ||
305 | return 0; | |
306 | } | |
307 | ||
308 | static int json_dispatch_filename_or_path(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
309 | char **s = userdata; | |
310 | const char *n; | |
311 | int r; | |
312 | ||
313 | assert(s); | |
314 | ||
315 | if (json_variant_is_null(variant)) { | |
316 | *s = mfree(*s); | |
317 | return 0; | |
318 | } | |
319 | ||
320 | if (!json_variant_is_string(variant)) | |
321 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
322 | ||
323 | n = json_variant_string(variant); | |
324 | if (!filename_is_valid(n) && !path_is_normalized(n)) | |
325 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid file name or normalized path.", strna(name)); | |
326 | ||
327 | r = free_and_strdup(s, n); | |
328 | if (r < 0) | |
329 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
330 | ||
331 | return 0; | |
332 | } | |
333 | ||
334 | static int json_dispatch_path(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
335 | char **s = userdata; | |
336 | const char *n; | |
337 | int r; | |
338 | ||
339 | if (json_variant_is_null(variant)) { | |
340 | *s = mfree(*s); | |
341 | return 0; | |
342 | } | |
343 | ||
344 | if (!json_variant_is_string(variant)) | |
345 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
346 | ||
347 | n = json_variant_string(variant); | |
348 | if (!path_is_normalized(n)) | |
349 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a normalized file system path.", strna(name)); | |
350 | if (!path_is_absolute(n)) | |
351 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an absolute file system path.", strna(name)); | |
352 | ||
353 | r = free_and_strdup(s, n); | |
354 | if (r < 0) | |
355 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
356 | ||
357 | return 0; | |
358 | } | |
359 | ||
360 | static int json_dispatch_home_directory(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
361 | char **s = userdata; | |
362 | const char *n; | |
363 | int r; | |
364 | ||
365 | if (json_variant_is_null(variant)) { | |
366 | *s = mfree(*s); | |
367 | return 0; | |
368 | } | |
369 | ||
370 | if (!json_variant_is_string(variant)) | |
371 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
372 | ||
373 | n = json_variant_string(variant); | |
374 | if (!valid_home(n)) | |
375 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid home directory path.", strna(name)); | |
376 | ||
377 | r = free_and_strdup(s, n); | |
378 | if (r < 0) | |
379 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
380 | ||
381 | return 0; | |
382 | } | |
383 | ||
384 | static int json_dispatch_image_path(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
385 | char **s = userdata; | |
386 | const char *n; | |
387 | int r; | |
388 | ||
389 | if (json_variant_is_null(variant)) { | |
390 | *s = mfree(*s); | |
391 | return 0; | |
392 | } | |
393 | ||
394 | if (!json_variant_is_string(variant)) | |
395 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
396 | ||
397 | n = json_variant_string(variant); | |
398 | if (empty_or_root(n) || !path_is_valid(n) || !path_is_absolute(n)) | |
399 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid image path.", strna(name)); | |
400 | ||
401 | r = free_and_strdup(s, n); | |
402 | if (r < 0) | |
403 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
404 | ||
405 | return 0; | |
406 | } | |
407 | ||
408 | static int json_dispatch_umask(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
409 | mode_t *m = userdata; | |
410 | uintmax_t k; | |
411 | ||
412 | if (json_variant_is_null(variant)) { | |
413 | *m = (mode_t) -1; | |
414 | return 0; | |
415 | } | |
416 | ||
417 | if (!json_variant_is_unsigned(variant)) | |
418 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a number.", strna(name)); | |
419 | ||
420 | k = json_variant_unsigned(variant); | |
421 | if (k > 0777) | |
422 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' outside of valid range 0…0777.", strna(name)); | |
423 | ||
424 | *m = (mode_t) k; | |
425 | return 0; | |
426 | } | |
427 | ||
428 | static int json_dispatch_access_mode(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
429 | mode_t *m = userdata; | |
430 | uintmax_t k; | |
431 | ||
432 | if (json_variant_is_null(variant)) { | |
433 | *m = (mode_t) -1; | |
434 | return 0; | |
435 | } | |
436 | ||
437 | if (!json_variant_is_unsigned(variant)) | |
438 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a number.", strna(name)); | |
439 | ||
440 | k = json_variant_unsigned(variant); | |
441 | if (k > 07777) | |
442 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' outside of valid range 0…07777.", strna(name)); | |
443 | ||
444 | *m = (mode_t) k; | |
445 | return 0; | |
446 | } | |
447 | ||
448 | static int json_dispatch_environment(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
449 | _cleanup_strv_free_ char **n = NULL; | |
450 | char ***l = userdata; | |
451 | size_t i; | |
452 | int r; | |
453 | ||
454 | if (json_variant_is_null(variant)) { | |
455 | *l = strv_free(*l); | |
456 | return 0; | |
457 | } | |
458 | ||
459 | if (!json_variant_is_array(variant)) | |
460 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array.", strna(name)); | |
461 | ||
462 | for (i = 0; i < json_variant_elements(variant); i++) { | |
463 | _cleanup_free_ char *c = NULL; | |
464 | JsonVariant *e; | |
465 | const char *a; | |
466 | ||
467 | e = json_variant_by_index(variant, i); | |
468 | if (!json_variant_is_string(e)) | |
469 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of strings.", strna(name)); | |
470 | ||
471 | assert_se(a = json_variant_string(e)); | |
472 | ||
473 | if (!env_assignment_is_valid(a)) | |
474 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of environment variables.", strna(name)); | |
475 | ||
476 | c = strdup(a); | |
477 | if (!c) | |
478 | return json_log_oom(variant, flags); | |
479 | ||
480 | r = strv_env_replace(&n, c); | |
481 | if (r < 0) | |
482 | return json_log_oom(variant, flags); | |
483 | ||
484 | c = NULL; | |
485 | } | |
486 | ||
487 | strv_free_and_replace(*l, n); | |
488 | return 0; | |
489 | } | |
490 | ||
491 | int json_dispatch_user_disposition(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
492 | UserDisposition *disposition = userdata, k; | |
493 | ||
494 | if (json_variant_is_null(variant)) { | |
495 | *disposition = _USER_DISPOSITION_INVALID; | |
496 | return 0; | |
497 | } | |
498 | ||
499 | if (!json_variant_is_string(variant)) | |
500 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
501 | ||
502 | k = user_disposition_from_string(json_variant_string(variant)); | |
503 | if (k < 0) | |
504 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "Disposition type '%s' not known.", json_variant_string(variant)); | |
505 | ||
506 | *disposition = k; | |
507 | return 0; | |
508 | } | |
509 | ||
510 | static int json_dispatch_storage(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
511 | UserStorage *storage = userdata, k; | |
512 | ||
513 | if (json_variant_is_null(variant)) { | |
514 | *storage = _USER_STORAGE_INVALID; | |
515 | return 0; | |
516 | } | |
517 | ||
518 | if (!json_variant_is_string(variant)) | |
519 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
520 | ||
521 | k = user_storage_from_string(json_variant_string(variant)); | |
522 | if (k < 0) | |
523 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "Storage type '%s' not known.", json_variant_string(variant)); | |
524 | ||
525 | *storage = k; | |
526 | return 0; | |
527 | } | |
528 | ||
529 | static int json_dispatch_disk_size(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
530 | uint64_t *size = userdata; | |
531 | uintmax_t k; | |
532 | ||
533 | if (json_variant_is_null(variant)) { | |
534 | *size = UINT64_MAX; | |
535 | return 0; | |
536 | } | |
537 | ||
538 | if (!json_variant_is_unsigned(variant)) | |
539 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an integer.", strna(name)); | |
540 | ||
541 | k = json_variant_unsigned(variant); | |
542 | if (k < USER_DISK_SIZE_MIN || k > USER_DISK_SIZE_MAX) | |
543 | return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), "JSON field '%s' is not in valid range %" PRIu64 "…%" PRIu64 ".", strna(name), USER_DISK_SIZE_MIN, USER_DISK_SIZE_MAX); | |
544 | ||
545 | *size = k; | |
546 | return 0; | |
547 | } | |
548 | ||
549 | static int json_dispatch_tasks_or_memory_max(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
550 | uint64_t *limit = userdata; | |
551 | uintmax_t k; | |
552 | ||
553 | if (json_variant_is_null(variant)) { | |
554 | *limit = UINT64_MAX; | |
555 | return 0; | |
556 | } | |
557 | ||
558 | if (!json_variant_is_unsigned(variant)) | |
559 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a integer.", strna(name)); | |
560 | ||
561 | k = json_variant_unsigned(variant); | |
562 | if (k <= 0 || k >= UINT64_MAX) | |
563 | return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), "JSON field '%s' is not in valid range %" PRIu64 "…%" PRIu64 ".", strna(name), (uint64_t) 1, UINT64_MAX-1); | |
564 | ||
565 | *limit = k; | |
566 | return 0; | |
567 | } | |
568 | ||
569 | static int json_dispatch_weight(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
570 | uint64_t *weight = userdata; | |
571 | uintmax_t k; | |
572 | ||
573 | if (json_variant_is_null(variant)) { | |
574 | *weight = UINT64_MAX; | |
575 | return 0; | |
576 | } | |
577 | ||
578 | if (!json_variant_is_unsigned(variant)) | |
579 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a integer.", strna(name)); | |
580 | ||
581 | k = json_variant_unsigned(variant); | |
582 | if (k <= CGROUP_WEIGHT_MIN || k >= CGROUP_WEIGHT_MAX) | |
583 | return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), "JSON field '%s' is not in valid range %" PRIu64 "…%" PRIu64 ".", strna(name), (uint64_t) CGROUP_WEIGHT_MIN, (uint64_t) CGROUP_WEIGHT_MAX); | |
584 | ||
585 | *weight = k; | |
586 | return 0; | |
587 | } | |
588 | ||
589 | int json_dispatch_user_group_list(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
590 | _cleanup_strv_free_ char **l = NULL; | |
591 | char ***list = userdata; | |
592 | JsonVariant *e; | |
593 | int r; | |
594 | ||
595 | if (!json_variant_is_array(variant)) | |
596 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of strings.", strna(name)); | |
597 | ||
598 | JSON_VARIANT_ARRAY_FOREACH(e, variant) { | |
599 | ||
600 | if (!json_variant_is_string(e)) | |
601 | return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not a string."); | |
602 | ||
7a8867ab | 603 | if (!valid_user_group_name(json_variant_string(e), FLAGS_SET(flags, JSON_RELAX) ? VALID_USER_RELAX : 0)) |
71d0b9d4 LP |
604 | return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not a valid user/group name: %s", json_variant_string(e)); |
605 | ||
606 | r = strv_extend(&l, json_variant_string(e)); | |
607 | if (r < 0) | |
608 | return json_log(e, flags, r, "Failed to append array element: %m"); | |
609 | } | |
610 | ||
611 | r = strv_extend_strv(list, l, true); | |
612 | if (r < 0) | |
613 | return json_log(variant, flags, r, "Failed to merge user/group arrays: %m"); | |
614 | ||
615 | return 0; | |
616 | } | |
617 | ||
618 | static int dispatch_secret(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
619 | ||
620 | static const JsonDispatch secret_dispatch_table[] = { | |
621 | { "password", _JSON_VARIANT_TYPE_INVALID, json_dispatch_strv, offsetof(UserRecord, password), 0 }, | |
622 | { "pkcs11Pin", _JSON_VARIANT_TYPE_INVALID, json_dispatch_strv, offsetof(UserRecord, pkcs11_pin), 0 }, | |
623 | { "pkcs11ProtectedAuthenticationPathPermitted", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, pkcs11_protected_authentication_path_permitted), 0 }, | |
624 | {}, | |
625 | }; | |
626 | ||
627 | return json_dispatch(variant, secret_dispatch_table, NULL, flags, userdata); | |
628 | } | |
629 | ||
630 | static int dispatch_pkcs11_uri(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
631 | char **s = userdata; | |
632 | const char *n; | |
633 | int r; | |
634 | ||
635 | if (json_variant_is_null(variant)) { | |
636 | *s = mfree(*s); | |
637 | return 0; | |
638 | } | |
639 | ||
640 | if (!json_variant_is_string(variant)) | |
641 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
642 | ||
643 | n = json_variant_string(variant); | |
644 | if (!pkcs11_uri_valid(n)) | |
645 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid RFC7512 PKCS#11 URI.", strna(name)); | |
646 | ||
647 | r = free_and_strdup(s, n); | |
648 | if (r < 0) | |
649 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
650 | ||
651 | return 0; | |
652 | } | |
653 | ||
654 | static int dispatch_pkcs11_uri_array(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
655 | _cleanup_strv_free_ char **z = NULL; | |
656 | char ***l = userdata; | |
657 | JsonVariant *e; | |
658 | int r; | |
659 | ||
660 | if (json_variant_is_null(variant)) { | |
661 | *l = strv_free(*l); | |
662 | return 0; | |
663 | } | |
664 | ||
665 | if (json_variant_is_string(variant)) { | |
666 | const char *n; | |
667 | ||
668 | n = json_variant_string(variant); | |
669 | if (!pkcs11_uri_valid(n)) | |
670 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid RFC7512 PKCS#11 URI.", strna(name)); | |
671 | ||
672 | z = strv_new(n); | |
673 | if (!z) | |
674 | return log_oom(); | |
675 | ||
676 | } else { | |
677 | ||
678 | if (!json_variant_is_array(variant)) | |
679 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string or array of strings.", strna(name)); | |
680 | ||
681 | JSON_VARIANT_ARRAY_FOREACH(e, variant) { | |
682 | const char *n; | |
683 | ||
684 | if (!json_variant_is_string(e)) | |
685 | return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not a string."); | |
686 | ||
687 | n = json_variant_string(e); | |
688 | if (!pkcs11_uri_valid(n)) | |
689 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element in '%s' is not a valid RFC7512 PKCS#11 URI: %s", strna(name), n); | |
690 | ||
691 | r = strv_extend(&z, n); | |
692 | if (r < 0) | |
693 | return log_oom(); | |
694 | } | |
695 | } | |
696 | ||
697 | strv_free_and_replace(*l, z); | |
698 | return 0; | |
699 | } | |
700 | ||
701 | static int dispatch_pkcs11_key_data(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
702 | Pkcs11EncryptedKey *k = userdata; | |
703 | size_t l; | |
704 | void *b; | |
705 | int r; | |
706 | ||
707 | if (json_variant_is_null(variant)) { | |
708 | k->data = mfree(k->data); | |
709 | k->size = 0; | |
710 | return 0; | |
711 | } | |
712 | ||
713 | if (!json_variant_is_string(variant)) | |
714 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
715 | ||
716 | r = unbase64mem(json_variant_string(variant), (size_t) -1, &b, &l); | |
717 | if (r < 0) | |
718 | return json_log(variant, flags, r, "Failed to decode encrypted PKCS#11 key: %m"); | |
719 | ||
720 | erase_and_free(k->data); | |
721 | k->data = b; | |
722 | k->size = l; | |
723 | ||
724 | return 0; | |
725 | } | |
726 | ||
727 | static int dispatch_pkcs11_key(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
728 | UserRecord *h = userdata; | |
729 | JsonVariant *e; | |
730 | int r; | |
731 | ||
732 | if (!json_variant_is_array(variant)) | |
733 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of objects.", strna(name)); | |
734 | ||
735 | JSON_VARIANT_ARRAY_FOREACH(e, variant) { | |
736 | Pkcs11EncryptedKey *array, *k; | |
737 | ||
738 | static const JsonDispatch pkcs11_key_dispatch_table[] = { | |
739 | { "uri", JSON_VARIANT_STRING, dispatch_pkcs11_uri, offsetof(Pkcs11EncryptedKey, uri), JSON_MANDATORY }, | |
740 | { "data", JSON_VARIANT_STRING, dispatch_pkcs11_key_data, 0, JSON_MANDATORY }, | |
741 | { "hashedPassword", JSON_VARIANT_STRING, json_dispatch_string, offsetof(Pkcs11EncryptedKey, hashed_password), JSON_MANDATORY }, | |
742 | {}, | |
743 | }; | |
744 | ||
745 | if (!json_variant_is_object(e)) | |
746 | return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not an object."); | |
747 | ||
748 | array = reallocarray(h->pkcs11_encrypted_key, h->n_pkcs11_encrypted_key + 1, sizeof(Pkcs11EncryptedKey)); | |
749 | if (!array) | |
750 | return log_oom(); | |
751 | ||
752 | h->pkcs11_encrypted_key = array; | |
753 | k = h->pkcs11_encrypted_key + h->n_pkcs11_encrypted_key; | |
754 | *k = (Pkcs11EncryptedKey) {}; | |
755 | ||
756 | r = json_dispatch(e, pkcs11_key_dispatch_table, NULL, flags, k); | |
757 | if (r < 0) { | |
758 | pkcs11_encrypted_key_done(k); | |
759 | return r; | |
760 | } | |
761 | ||
762 | h->n_pkcs11_encrypted_key++; | |
763 | } | |
764 | ||
765 | return 0; | |
766 | } | |
767 | ||
768 | static int dispatch_privileged(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
769 | ||
770 | static const JsonDispatch privileged_dispatch_table[] = { | |
771 | { "passwordHint", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, password_hint), 0 }, | |
772 | { "hashedPassword", _JSON_VARIANT_TYPE_INVALID, json_dispatch_strv, offsetof(UserRecord, hashed_password), JSON_SAFE }, | |
773 | { "sshAuthorizedKeys", _JSON_VARIANT_TYPE_INVALID, json_dispatch_strv, offsetof(UserRecord, ssh_authorized_keys), 0 }, | |
774 | { "pkcs11EncryptedKey", JSON_VARIANT_ARRAY, dispatch_pkcs11_key, 0, 0 }, | |
775 | {}, | |
776 | }; | |
777 | ||
778 | return json_dispatch(variant, privileged_dispatch_table, NULL, flags, userdata); | |
779 | } | |
780 | ||
781 | static int dispatch_binding(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
782 | ||
783 | static const JsonDispatch binding_dispatch_table[] = { | |
784 | { "imagePath", JSON_VARIANT_STRING, json_dispatch_image_path, offsetof(UserRecord, image_path), 0 }, | |
785 | { "homeDirectory", JSON_VARIANT_STRING, json_dispatch_home_directory, offsetof(UserRecord, home_directory), 0 }, | |
786 | { "partitionUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, partition_uuid), 0 }, | |
787 | { "luksUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, luks_uuid), 0 }, | |
788 | { "fileSystemUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, file_system_uuid), 0 }, | |
789 | { "uid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, uid), 0 }, | |
790 | { "gid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, gid), 0 }, | |
791 | { "storage", JSON_VARIANT_STRING, json_dispatch_storage, offsetof(UserRecord, storage), 0 }, | |
792 | { "fileSystemType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, file_system_type), JSON_SAFE }, | |
793 | { "luksCipher", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher), JSON_SAFE }, | |
794 | { "luksCipherMode", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher_mode), JSON_SAFE }, | |
795 | { "luksVolumeKeySize", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_volume_key_size), 0 }, | |
796 | {}, | |
797 | }; | |
798 | ||
799 | char smid[SD_ID128_STRING_MAX]; | |
800 | JsonVariant *m; | |
801 | sd_id128_t mid; | |
802 | int r; | |
803 | ||
804 | if (!variant) | |
805 | return 0; | |
806 | ||
807 | if (!json_variant_is_object(variant)) | |
808 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an object.", strna(name)); | |
809 | ||
810 | r = sd_id128_get_machine(&mid); | |
811 | if (r < 0) | |
812 | return json_log(variant, flags, r, "Failed to determine machine ID: %m"); | |
813 | ||
814 | m = json_variant_by_key(variant, sd_id128_to_string(mid, smid)); | |
815 | if (!m) | |
816 | return 0; | |
817 | ||
818 | return json_dispatch(m, binding_dispatch_table, NULL, flags, userdata); | |
819 | } | |
820 | ||
821 | int per_machine_id_match(JsonVariant *ids, JsonDispatchFlags flags) { | |
822 | sd_id128_t mid; | |
823 | int r; | |
824 | ||
825 | r = sd_id128_get_machine(&mid); | |
826 | if (r < 0) | |
827 | return json_log(ids, flags, r, "Failed to acquire machine ID: %m"); | |
828 | ||
829 | if (json_variant_is_string(ids)) { | |
830 | sd_id128_t k; | |
831 | ||
832 | r = sd_id128_from_string(json_variant_string(ids), &k); | |
833 | if (r < 0) { | |
834 | json_log(ids, flags, r, "%s is not a valid machine ID, ignoring: %m", json_variant_string(ids)); | |
835 | return 0; | |
836 | } | |
837 | ||
838 | return sd_id128_equal(mid, k); | |
839 | } | |
840 | ||
841 | if (json_variant_is_array(ids)) { | |
842 | JsonVariant *e; | |
843 | ||
844 | JSON_VARIANT_ARRAY_FOREACH(e, ids) { | |
845 | sd_id128_t k; | |
846 | ||
847 | if (!json_variant_is_string(e)) { | |
848 | json_log(e, flags, 0, "Machine ID is not a string, ignoring: %m"); | |
849 | continue; | |
850 | } | |
851 | ||
852 | r = sd_id128_from_string(json_variant_string(e), &k); | |
853 | if (r < 0) { | |
854 | json_log(e, flags, r, "%s is not a valid machine ID, ignoring: %m", json_variant_string(e)); | |
855 | continue; | |
856 | } | |
857 | ||
858 | if (sd_id128_equal(mid, k)) | |
859 | return true; | |
860 | } | |
861 | ||
862 | return false; | |
863 | } | |
864 | ||
865 | json_log(ids, flags, 0, "Machine ID is not a string or array of strings, ignoring: %m"); | |
866 | return false; | |
867 | } | |
868 | ||
869 | int per_machine_hostname_match(JsonVariant *hns, JsonDispatchFlags flags) { | |
870 | _cleanup_free_ char *hn = NULL; | |
871 | int r; | |
872 | ||
873 | r = gethostname_strict(&hn); | |
874 | if (r == -ENXIO) { | |
875 | json_log(hns, flags, r, "No hostname set, not matching perMachine hostname record: %m"); | |
876 | return false; | |
877 | } | |
878 | if (r < 0) | |
879 | return json_log(hns, flags, r, "Failed to acquire hostname: %m"); | |
880 | ||
881 | if (json_variant_is_string(hns)) | |
882 | return streq(json_variant_string(hns), hn); | |
883 | ||
884 | if (json_variant_is_array(hns)) { | |
885 | JsonVariant *e; | |
886 | ||
887 | JSON_VARIANT_ARRAY_FOREACH(e, hns) { | |
888 | ||
889 | if (!json_variant_is_string(e)) { | |
890 | json_log(e, flags, 0, "Hostname is not a string, ignoring: %m"); | |
891 | continue; | |
892 | } | |
893 | ||
894 | if (streq(json_variant_string(hns), hn)) | |
895 | return true; | |
896 | } | |
897 | ||
898 | return false; | |
899 | } | |
900 | ||
901 | json_log(hns, flags, 0, "Hostname is not a string or array of strings, ignoring: %m"); | |
902 | return false; | |
903 | } | |
904 | ||
905 | static int dispatch_per_machine(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
906 | ||
907 | static const JsonDispatch per_machine_dispatch_table[] = { | |
908 | { "matchMachineId", _JSON_VARIANT_TYPE_INVALID, NULL, 0, 0 }, | |
909 | { "matchHostname", _JSON_VARIANT_TYPE_INVALID, NULL, 0, 0 }, | |
910 | { "iconName", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, icon_name), JSON_SAFE }, | |
911 | { "location", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, location), 0 }, | |
912 | { "shell", JSON_VARIANT_STRING, json_dispatch_filename_or_path, offsetof(UserRecord, shell), 0 }, | |
913 | { "umask", JSON_VARIANT_UNSIGNED, json_dispatch_umask, offsetof(UserRecord, umask), 0 }, | |
914 | { "environment", JSON_VARIANT_ARRAY, json_dispatch_environment, offsetof(UserRecord, environment), 0 }, | |
915 | { "timeZone", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, time_zone), JSON_SAFE }, | |
916 | { "preferredLanguage", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, preferred_language), JSON_SAFE }, | |
917 | { "niceLevel", _JSON_VARIANT_TYPE_INVALID, json_dispatch_nice, offsetof(UserRecord, nice_level), 0 }, | |
918 | { "resourceLimits", _JSON_VARIANT_TYPE_INVALID, json_dispatch_rlimits, offsetof(UserRecord, rlimits), 0 }, | |
919 | { "locked", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, locked), 0 }, | |
920 | { "notBeforeUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, not_before_usec), 0 }, | |
921 | { "notAfterUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, not_after_usec), 0 }, | |
922 | { "storage", JSON_VARIANT_STRING, json_dispatch_storage, offsetof(UserRecord, storage), 0 }, | |
923 | { "diskSize", JSON_VARIANT_UNSIGNED, json_dispatch_disk_size, offsetof(UserRecord, disk_size), 0 }, | |
924 | { "diskSizeRelative", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_size_relative), 0 }, | |
925 | { "skeletonDirectory", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, skeleton_directory), 0 }, | |
926 | { "accessMode", JSON_VARIANT_UNSIGNED, json_dispatch_access_mode, offsetof(UserRecord, access_mode), 0 }, | |
927 | { "tasksMax", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, tasks_max), 0 }, | |
928 | { "memoryHigh", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, memory_high), 0 }, | |
929 | { "memoryMax", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, memory_max), 0 }, | |
930 | { "cpuWeight", JSON_VARIANT_UNSIGNED, json_dispatch_weight, offsetof(UserRecord, cpu_weight), 0 }, | |
931 | { "ioWeight", JSON_VARIANT_UNSIGNED, json_dispatch_weight, offsetof(UserRecord, io_weight), 0 }, | |
932 | { "mountNoDevices", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, nodev), 0 }, | |
933 | { "mountNoSuid", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, nosuid), 0 }, | |
934 | { "mountNoExecute", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, noexec), 0 }, | |
935 | { "cifsDomain", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_domain), JSON_SAFE }, | |
936 | { "cifsUserName", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_user_name), JSON_SAFE }, | |
937 | { "cifsService", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_service), JSON_SAFE }, | |
938 | { "imagePath", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, image_path), 0 }, | |
939 | { "uid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, uid), 0 }, | |
940 | { "gid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, gid), 0 }, | |
7a8867ab | 941 | { "memberOf", JSON_VARIANT_ARRAY, json_dispatch_user_group_list, offsetof(UserRecord, member_of), JSON_RELAX}, |
71d0b9d4 LP |
942 | { "fileSystemType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, file_system_type), JSON_SAFE }, |
943 | { "partitionUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, partition_uuid), 0 }, | |
944 | { "luksUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, luks_uuid), 0 }, | |
945 | { "fileSystemUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, file_system_uuid), 0 }, | |
946 | { "luksDiscard", _JSON_VARIANT_TYPE_INVALID, json_dispatch_tristate, offsetof(UserRecord, luks_discard), 0, }, | |
947 | { "luksCipher", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher), JSON_SAFE }, | |
948 | { "luksCipherMode", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher_mode), JSON_SAFE }, | |
949 | { "luksVolumeKeySize", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_volume_key_size), 0 }, | |
950 | { "luksPbkdfHashAlgorithm", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_pbkdf_hash_algorithm), JSON_SAFE }, | |
951 | { "luksPbkdfType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_pbkdf_type), JSON_SAFE }, | |
952 | { "luksPbkdfTimeCostUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_time_cost_usec), 0 }, | |
953 | { "luksPbkdfMemoryCost", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_memory_cost), 0 }, | |
954 | { "luksPbkdfParallelThreads", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_parallel_threads), 0 }, | |
955 | { "rateLimitIntervalUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, ratelimit_interval_usec), 0 }, | |
956 | { "rateLimitBurst", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, ratelimit_burst), 0 }, | |
957 | { "enforcePasswordPolicy", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, enforce_password_policy), 0 }, | |
958 | { "autoLogin", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, auto_login), 0 }, | |
959 | { "stopDelayUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, stop_delay_usec), 0 }, | |
960 | { "killProcesses", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, kill_processes), 0 }, | |
961 | { "passwordChangeMinUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_min_usec), 0 }, | |
962 | { "passwordChangeMaxUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_max_usec), 0 }, | |
963 | { "passwordChangeWarnUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_warn_usec), 0 }, | |
964 | { "passwordChangeInactiveUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_inactive_usec), 0 }, | |
965 | { "passwordChangeNow", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, password_change_now), 0 }, | |
966 | { "pkcs11TokenUri", JSON_VARIANT_ARRAY, dispatch_pkcs11_uri_array, offsetof(UserRecord, pkcs11_token_uri), 0 }, | |
967 | {}, | |
968 | }; | |
969 | ||
970 | JsonVariant *e; | |
971 | int r; | |
972 | ||
973 | if (!variant) | |
974 | return 0; | |
975 | ||
976 | if (!json_variant_is_array(variant)) | |
977 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array.", strna(name)); | |
978 | ||
979 | JSON_VARIANT_ARRAY_FOREACH(e, variant) { | |
980 | bool matching = false; | |
981 | JsonVariant *m; | |
982 | ||
983 | if (!json_variant_is_object(e)) | |
984 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of objects.", strna(name)); | |
985 | ||
986 | m = json_variant_by_key(e, "matchMachineId"); | |
987 | if (m) { | |
988 | r = per_machine_id_match(m, flags); | |
989 | if (r < 0) | |
990 | return r; | |
991 | ||
992 | matching = r > 0; | |
993 | } | |
994 | ||
995 | if (!matching) { | |
996 | m = json_variant_by_key(e, "matchHostname"); | |
997 | if (m) { | |
998 | r = per_machine_hostname_match(m, flags); | |
999 | if (r < 0) | |
1000 | return r; | |
1001 | ||
1002 | matching = r > 0; | |
1003 | } | |
1004 | } | |
1005 | ||
1006 | if (!matching) | |
1007 | continue; | |
1008 | ||
1009 | r = json_dispatch(e, per_machine_dispatch_table, NULL, flags, userdata); | |
1010 | if (r < 0) | |
1011 | return r; | |
1012 | } | |
1013 | ||
1014 | return 0; | |
1015 | } | |
1016 | ||
1017 | static int dispatch_status(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
1018 | ||
1019 | static const JsonDispatch status_dispatch_table[] = { | |
1020 | { "diskUsage", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_usage), 0 }, | |
1021 | { "diskFree", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_free), 0 }, | |
1022 | { "diskSize", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_size), 0 }, | |
1023 | { "diskCeiling", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_ceiling), 0 }, | |
1024 | { "diskFloor", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_floor), 0 }, | |
1025 | { "state", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, state), JSON_SAFE }, | |
1026 | { "service", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, service), JSON_SAFE }, | |
1027 | { "signedLocally", _JSON_VARIANT_TYPE_INVALID, json_dispatch_tristate, offsetof(UserRecord, signed_locally), 0 }, | |
1028 | { "goodAuthenticationCounter", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, good_authentication_counter), 0 }, | |
1029 | { "badAuthenticationCounter", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, bad_authentication_counter), 0 }, | |
1030 | { "lastGoodAuthenticationUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, last_good_authentication_usec), 0 }, | |
1031 | { "lastBadAuthenticationUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, last_bad_authentication_usec), 0 }, | |
1032 | { "rateLimitBeginUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, ratelimit_begin_usec), 0 }, | |
1033 | { "rateLimitCount", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, ratelimit_count), 0 }, | |
1034 | { "removable", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, removable), 0 }, | |
1035 | {}, | |
1036 | }; | |
1037 | ||
1038 | char smid[SD_ID128_STRING_MAX]; | |
1039 | JsonVariant *m; | |
1040 | sd_id128_t mid; | |
1041 | int r; | |
1042 | ||
1043 | if (!variant) | |
1044 | return 0; | |
1045 | ||
1046 | if (!json_variant_is_object(variant)) | |
1047 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an object.", strna(name)); | |
1048 | ||
1049 | r = sd_id128_get_machine(&mid); | |
1050 | if (r < 0) | |
1051 | return json_log(variant, flags, r, "Failed to determine machine ID: %m"); | |
1052 | ||
1053 | m = json_variant_by_key(variant, sd_id128_to_string(mid, smid)); | |
1054 | if (!m) | |
1055 | return 0; | |
1056 | ||
1057 | return json_dispatch(m, status_dispatch_table, NULL, flags, userdata); | |
1058 | } | |
1059 | ||
1060 | static int user_record_augment(UserRecord *h, JsonDispatchFlags json_flags) { | |
1061 | assert(h); | |
1062 | ||
1063 | if (!FLAGS_SET(h->mask, USER_RECORD_REGULAR)) | |
1064 | return 0; | |
1065 | ||
1066 | assert(h->user_name); | |
1067 | ||
1068 | if (!h->user_name_and_realm_auto && h->realm) { | |
1069 | h->user_name_and_realm_auto = strjoin(h->user_name, "@", h->realm); | |
1070 | if (!h->user_name_and_realm_auto) | |
1071 | return json_log_oom(h->json, json_flags); | |
1072 | } | |
1073 | ||
1074 | /* Let's add in the following automatisms only for regular users, they dont make sense for any others */ | |
1075 | if (user_record_disposition(h) != USER_REGULAR) | |
1076 | return 0; | |
1077 | ||
1078 | if (!h->home_directory && !h->home_directory_auto) { | |
1079 | h->home_directory_auto = path_join("/home/", h->user_name); | |
1080 | if (!h->home_directory_auto) | |
1081 | return json_log_oom(h->json, json_flags); | |
1082 | } | |
1083 | ||
1084 | if (!h->image_path && !h->image_path_auto) { | |
1085 | const char *suffix; | |
1086 | UserStorage storage; | |
1087 | ||
1088 | storage = user_record_storage(h); | |
1089 | if (storage == USER_LUKS) | |
1090 | suffix = ".home"; | |
1091 | else if (IN_SET(storage, USER_DIRECTORY, USER_SUBVOLUME, USER_FSCRYPT)) | |
1092 | suffix = ".homedir"; | |
1093 | else | |
1094 | suffix = NULL; | |
1095 | ||
1096 | if (suffix) { | |
1097 | h->image_path_auto = strjoin("/home/", user_record_user_name_and_realm(h), suffix); | |
1098 | if (!h->image_path_auto) | |
1099 | return json_log_oom(h->json, json_flags); | |
1100 | } | |
1101 | } | |
1102 | ||
1103 | return 0; | |
1104 | } | |
1105 | ||
1106 | int user_group_record_mangle( | |
1107 | JsonVariant *v, | |
1108 | UserRecordLoadFlags load_flags, | |
1109 | JsonVariant **ret_variant, | |
1110 | UserRecordMask *ret_mask) { | |
1111 | ||
1112 | static const struct { | |
1113 | UserRecordMask mask; | |
1114 | const char *name; | |
1115 | } mask_field[] = { | |
1116 | { USER_RECORD_PRIVILEGED, "privileged" }, | |
1117 | { USER_RECORD_SECRET, "secret" }, | |
1118 | { USER_RECORD_BINDING, "binding" }, | |
1119 | { USER_RECORD_PER_MACHINE, "perMachine" }, | |
1120 | { USER_RECORD_STATUS, "status" }, | |
1121 | { USER_RECORD_SIGNATURE, "signature" }, | |
1122 | }; | |
1123 | ||
1124 | JsonDispatchFlags json_flags = USER_RECORD_LOAD_FLAGS_TO_JSON_DISPATCH_FLAGS(load_flags); | |
1125 | _cleanup_(json_variant_unrefp) JsonVariant *w = NULL; | |
1126 | JsonVariant *array[ELEMENTSOF(mask_field) * 2]; | |
1127 | size_t n_retain = 0, i; | |
1128 | UserRecordMask m = 0; | |
1129 | int r; | |
1130 | ||
1131 | assert((load_flags & _USER_RECORD_MASK_MAX) == 0); /* detect mistakes when accidentally passing | |
1132 | * UserRecordMask bit masks as UserRecordLoadFlags | |
1133 | * value */ | |
1134 | ||
1135 | assert(v); | |
1136 | assert(ret_variant); | |
1137 | assert(ret_mask); | |
1138 | ||
1139 | /* Note that this function is shared with the group record parser, hence we try to be generic in our | |
1140 | * log message wording here, to cover both cases. */ | |
1141 | ||
1142 | if (!json_variant_is_object(v)) | |
1143 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record is not a JSON object, refusing."); | |
1144 | ||
1145 | if (USER_RECORD_ALLOW_MASK(load_flags) == 0) /* allow nothing? */ | |
1146 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EINVAL), "Nothing allowed in record, refusing."); | |
1147 | ||
1148 | if (USER_RECORD_STRIP_MASK(load_flags) == _USER_RECORD_MASK_MAX) /* strip everything? */ | |
1149 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EINVAL), "Stripping everything from record, refusing."); | |
1150 | ||
1151 | /* Check if we have the special sections and if they match our flags set */ | |
1152 | for (i = 0; i < ELEMENTSOF(mask_field); i++) { | |
1153 | JsonVariant *e, *k; | |
1154 | ||
1155 | if (FLAGS_SET(USER_RECORD_STRIP_MASK(load_flags), mask_field[i].mask)) { | |
1156 | if (!w) | |
1157 | w = json_variant_ref(v); | |
1158 | ||
1159 | r = json_variant_filter(&w, STRV_MAKE(mask_field[i].name)); | |
1160 | if (r < 0) | |
1161 | return json_log(w, json_flags, r, "Failed to remove field from variant: %m"); | |
1162 | ||
1163 | continue; | |
1164 | } | |
1165 | ||
1166 | e = json_variant_by_key_full(v, mask_field[i].name, &k); | |
1167 | if (e) { | |
1168 | if (!FLAGS_SET(USER_RECORD_ALLOW_MASK(load_flags), mask_field[i].mask)) | |
1169 | return json_log(e, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record contains '%s' field, which is not allowed.", mask_field[i].name); | |
1170 | ||
1171 | if (FLAGS_SET(load_flags, USER_RECORD_STRIP_REGULAR)) { | |
1172 | array[n_retain++] = k; | |
1173 | array[n_retain++] = e; | |
1174 | } | |
1175 | ||
1176 | m |= mask_field[i].mask; | |
1177 | } else { | |
1178 | if (FLAGS_SET(USER_RECORD_REQUIRE_MASK(load_flags), mask_field[i].mask)) | |
1179 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record lacks '%s' field, which is required.", mask_field[i].name); | |
1180 | } | |
1181 | } | |
1182 | ||
1183 | if (FLAGS_SET(load_flags, USER_RECORD_STRIP_REGULAR)) { | |
1184 | /* If we are supposed to strip regular items, then let's instead just allocate a new object | |
1185 | * with just the stuff we need. */ | |
1186 | ||
1187 | w = json_variant_unref(w); | |
1188 | r = json_variant_new_object(&w, array, n_retain); | |
1189 | if (r < 0) | |
1190 | return json_log(v, json_flags, r, "Failed to allocate new object: %m"); | |
1191 | } else { | |
1192 | /* And now check if there's anything else in the record */ | |
1193 | for (i = 0; i < json_variant_elements(v); i += 2) { | |
1194 | const char *f; | |
1195 | bool special = false; | |
1196 | size_t j; | |
1197 | ||
1198 | assert_se(f = json_variant_string(json_variant_by_index(v, i))); | |
1199 | ||
1200 | for (j = 0; j < ELEMENTSOF(mask_field); j++) | |
1201 | if (streq(f, mask_field[j].name)) { /* already covered in the loop above */ | |
1202 | special = true; | |
1203 | continue; | |
1204 | } | |
1205 | ||
1206 | if (!special) { | |
1207 | if ((load_flags & (USER_RECORD_ALLOW_REGULAR|USER_RECORD_REQUIRE_REGULAR)) == 0) | |
1208 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record contains '%s' field, which is not allowed.", f); | |
1209 | ||
1210 | m |= USER_RECORD_REGULAR; | |
1211 | break; | |
1212 | } | |
1213 | } | |
1214 | } | |
1215 | ||
1216 | if (FLAGS_SET(load_flags, USER_RECORD_REQUIRE_REGULAR) && !FLAGS_SET(m, USER_RECORD_REGULAR)) | |
1217 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record lacks basic identity fields, which are required."); | |
1218 | ||
1219 | if (m == 0) | |
1220 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record is empty."); | |
1221 | ||
1222 | if (w) | |
1223 | *ret_variant = TAKE_PTR(w); | |
1224 | else | |
1225 | *ret_variant = json_variant_ref(v); | |
1226 | ||
1227 | *ret_mask = m; | |
1228 | return 0; | |
1229 | } | |
1230 | ||
1231 | int user_record_load(UserRecord *h, JsonVariant *v, UserRecordLoadFlags load_flags) { | |
1232 | ||
1233 | static const JsonDispatch user_dispatch_table[] = { | |
7a8867ab | 1234 | { "userName", JSON_VARIANT_STRING, json_dispatch_user_group_name, offsetof(UserRecord, user_name), JSON_RELAX}, |
71d0b9d4 LP |
1235 | { "realm", JSON_VARIANT_STRING, json_dispatch_realm, offsetof(UserRecord, realm), 0 }, |
1236 | { "realName", JSON_VARIANT_STRING, json_dispatch_gecos, offsetof(UserRecord, real_name), 0 }, | |
1237 | { "emailAddress", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, email_address), JSON_SAFE }, | |
1238 | { "iconName", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, icon_name), JSON_SAFE }, | |
1239 | { "location", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, location), 0 }, | |
1240 | { "disposition", JSON_VARIANT_STRING, json_dispatch_user_disposition, offsetof(UserRecord, disposition), 0 }, | |
1241 | { "lastChangeUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, last_change_usec), 0 }, | |
1242 | { "lastPasswordChangeUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, last_password_change_usec), 0 }, | |
1243 | { "shell", JSON_VARIANT_STRING, json_dispatch_filename_or_path, offsetof(UserRecord, shell), 0 }, | |
1244 | { "umask", JSON_VARIANT_UNSIGNED, json_dispatch_umask, offsetof(UserRecord, umask), 0 }, | |
1245 | { "environment", JSON_VARIANT_ARRAY, json_dispatch_environment, offsetof(UserRecord, environment), 0 }, | |
1246 | { "timeZone", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, time_zone), JSON_SAFE }, | |
1247 | { "preferredLanguage", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, preferred_language), JSON_SAFE }, | |
1248 | { "niceLevel", _JSON_VARIANT_TYPE_INVALID, json_dispatch_nice, offsetof(UserRecord, nice_level), 0 }, | |
1249 | { "resourceLimits", _JSON_VARIANT_TYPE_INVALID, json_dispatch_rlimits, offsetof(UserRecord, rlimits), 0 }, | |
1250 | { "locked", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, locked), 0 }, | |
1251 | { "notBeforeUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, not_before_usec), 0 }, | |
1252 | { "notAfterUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, not_after_usec), 0 }, | |
1253 | { "storage", JSON_VARIANT_STRING, json_dispatch_storage, offsetof(UserRecord, storage), 0 }, | |
1254 | { "diskSize", JSON_VARIANT_UNSIGNED, json_dispatch_disk_size, offsetof(UserRecord, disk_size), 0 }, | |
1255 | { "diskSizeRelative", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_size_relative), 0 }, | |
1256 | { "skeletonDirectory", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, skeleton_directory), 0 }, | |
1257 | { "accessMode", JSON_VARIANT_UNSIGNED, json_dispatch_access_mode, offsetof(UserRecord, access_mode), 0 }, | |
1258 | { "tasksMax", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, tasks_max), 0 }, | |
1259 | { "memoryHigh", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, memory_high), 0 }, | |
1260 | { "memoryMax", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, memory_max), 0 }, | |
1261 | { "cpuWeight", JSON_VARIANT_UNSIGNED, json_dispatch_weight, offsetof(UserRecord, cpu_weight), 0 }, | |
1262 | { "ioWeight", JSON_VARIANT_UNSIGNED, json_dispatch_weight, offsetof(UserRecord, io_weight), 0 }, | |
1263 | { "mountNoDevices", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, nodev), 0 }, | |
1264 | { "mountNoSuid", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, nosuid), 0 }, | |
1265 | { "mountNoExecute", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, noexec), 0 }, | |
1266 | { "cifsDomain", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_domain), JSON_SAFE }, | |
1267 | { "cifsUserName", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_user_name), JSON_SAFE }, | |
1268 | { "cifsService", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_service), JSON_SAFE }, | |
1269 | { "imagePath", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, image_path), 0 }, | |
1270 | { "homeDirectory", JSON_VARIANT_STRING, json_dispatch_home_directory, offsetof(UserRecord, home_directory), 0 }, | |
1271 | { "uid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, uid), 0 }, | |
1272 | { "gid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, gid), 0 }, | |
7a8867ab | 1273 | { "memberOf", JSON_VARIANT_ARRAY, json_dispatch_user_group_list, offsetof(UserRecord, member_of), JSON_RELAX}, |
71d0b9d4 LP |
1274 | { "fileSystemType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, file_system_type), JSON_SAFE }, |
1275 | { "partitionUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, partition_uuid), 0 }, | |
1276 | { "luksUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, luks_uuid), 0 }, | |
1277 | { "fileSystemUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, file_system_uuid), 0 }, | |
1278 | { "luksDiscard", _JSON_VARIANT_TYPE_INVALID, json_dispatch_tristate, offsetof(UserRecord, luks_discard), 0 }, | |
1279 | { "luksCipher", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher), JSON_SAFE }, | |
1280 | { "luksCipherMode", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher_mode), JSON_SAFE }, | |
1281 | { "luksVolumeKeySize", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_volume_key_size), 0 }, | |
1282 | { "luksPbkdfHashAlgorithm", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_pbkdf_hash_algorithm), JSON_SAFE }, | |
1283 | { "luksPbkdfType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_pbkdf_type), JSON_SAFE }, | |
1284 | { "luksPbkdfTimeCostUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_time_cost_usec), 0 }, | |
1285 | { "luksPbkdfMemoryCost", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_memory_cost), 0 }, | |
1286 | { "luksPbkdfParallelThreads", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_parallel_threads), 0 }, | |
1287 | { "service", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, service), JSON_SAFE }, | |
1288 | { "rateLimitIntervalUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, ratelimit_interval_usec), 0 }, | |
1289 | { "rateLimitBurst", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, ratelimit_burst), 0 }, | |
1290 | { "enforcePasswordPolicy", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, enforce_password_policy), 0 }, | |
1291 | { "autoLogin", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, auto_login), 0 }, | |
1292 | { "stopDelayUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, stop_delay_usec), 0 }, | |
1293 | { "killProcesses", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, kill_processes), 0 }, | |
1294 | { "passwordChangeMinUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_min_usec), 0 }, | |
1295 | { "passwordChangeMaxUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_max_usec), 0 }, | |
1296 | { "passwordChangeWarnUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_warn_usec), 0 }, | |
1297 | { "passwordChangeInactiveUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_inactive_usec), 0 }, | |
1298 | { "passwordChangeNow", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, password_change_now), 0 }, | |
1299 | { "pkcs11TokenUri", JSON_VARIANT_ARRAY, dispatch_pkcs11_uri_array, offsetof(UserRecord, pkcs11_token_uri), 0 }, | |
1300 | ||
1301 | { "secret", JSON_VARIANT_OBJECT, dispatch_secret, 0, 0 }, | |
1302 | { "privileged", JSON_VARIANT_OBJECT, dispatch_privileged, 0, 0 }, | |
1303 | ||
1304 | /* Ignore the perMachine, binding, status stuff here, and process it later, so that it overrides whatever is set above */ | |
1305 | { "perMachine", JSON_VARIANT_ARRAY, NULL, 0, 0 }, | |
1306 | { "binding", JSON_VARIANT_OBJECT, NULL, 0, 0 }, | |
1307 | { "status", JSON_VARIANT_OBJECT, NULL, 0, 0 }, | |
1308 | ||
1309 | /* Ignore 'signature', we check it with explicit accessors instead */ | |
1310 | { "signature", JSON_VARIANT_ARRAY, NULL, 0, 0 }, | |
1311 | {}, | |
1312 | }; | |
1313 | ||
1314 | JsonDispatchFlags json_flags = USER_RECORD_LOAD_FLAGS_TO_JSON_DISPATCH_FLAGS(load_flags); | |
1315 | int r; | |
1316 | ||
1317 | assert(h); | |
1318 | assert(!h->json); | |
1319 | ||
1320 | /* Note that this call will leave a half-initialized record around on failure! */ | |
1321 | ||
1322 | r = user_group_record_mangle(v, load_flags, &h->json, &h->mask); | |
1323 | if (r < 0) | |
1324 | return r; | |
1325 | ||
1326 | r = json_dispatch(h->json, user_dispatch_table, NULL, json_flags, h); | |
1327 | if (r < 0) | |
1328 | return r; | |
1329 | ||
1330 | /* During the parsing operation above we ignored the 'perMachine', 'binding' and 'status' fields, | |
1331 | * since we want them to override the global options. Let's process them now. */ | |
1332 | ||
1333 | r = dispatch_per_machine("perMachine", json_variant_by_key(h->json, "perMachine"), json_flags, h); | |
1334 | if (r < 0) | |
1335 | return r; | |
1336 | ||
1337 | r = dispatch_binding("binding", json_variant_by_key(h->json, "binding"), json_flags, h); | |
1338 | if (r < 0) | |
1339 | return r; | |
1340 | ||
1341 | r = dispatch_status("status", json_variant_by_key(h->json, "status"), json_flags, h); | |
1342 | if (r < 0) | |
1343 | return r; | |
1344 | ||
1345 | if (FLAGS_SET(h->mask, USER_RECORD_REGULAR) && !h->user_name) | |
1346 | return json_log(h->json, json_flags, SYNTHETIC_ERRNO(EINVAL), "User name field missing, refusing."); | |
1347 | ||
1348 | r = user_record_augment(h, json_flags); | |
1349 | if (r < 0) | |
1350 | return r; | |
1351 | ||
1352 | return 0; | |
1353 | } | |
1354 | ||
1355 | int user_record_build(UserRecord **ret, ...) { | |
1356 | _cleanup_(json_variant_unrefp) JsonVariant *v = NULL; | |
1357 | _cleanup_(user_record_unrefp) UserRecord *u = NULL; | |
1358 | va_list ap; | |
1359 | int r; | |
1360 | ||
1361 | assert(ret); | |
1362 | ||
1363 | va_start(ap, ret); | |
1364 | r = json_buildv(&v, ap); | |
1365 | va_end(ap); | |
1366 | ||
1367 | if (r < 0) | |
1368 | return r; | |
1369 | ||
1370 | u = user_record_new(); | |
1371 | if (!u) | |
1372 | return -ENOMEM; | |
1373 | ||
1374 | r = user_record_load(u, v, USER_RECORD_LOAD_FULL); | |
1375 | if (r < 0) | |
1376 | return r; | |
1377 | ||
1378 | *ret = TAKE_PTR(u); | |
1379 | return 0; | |
1380 | } | |
1381 | ||
1382 | const char *user_record_user_name_and_realm(UserRecord *h) { | |
1383 | assert(h); | |
1384 | ||
1385 | /* Return the pre-initialized joined string if it is defined */ | |
1386 | if (h->user_name_and_realm_auto) | |
1387 | return h->user_name_and_realm_auto; | |
1388 | ||
1389 | /* If it's not defined then we cannot have a realm */ | |
1390 | assert(!h->realm); | |
1391 | return h->user_name; | |
1392 | } | |
1393 | ||
1394 | UserStorage user_record_storage(UserRecord *h) { | |
1395 | assert(h); | |
1396 | ||
1397 | if (h->storage >= 0) | |
1398 | return h->storage; | |
1399 | ||
1400 | return USER_CLASSIC; | |
1401 | } | |
1402 | ||
1403 | const char *user_record_file_system_type(UserRecord *h) { | |
1404 | assert(h); | |
1405 | ||
1406 | return h->file_system_type ?: "ext4"; | |
1407 | } | |
1408 | ||
1409 | const char *user_record_skeleton_directory(UserRecord *h) { | |
1410 | assert(h); | |
1411 | ||
1412 | return h->skeleton_directory ?: "/etc/skel"; | |
1413 | } | |
1414 | ||
1415 | mode_t user_record_access_mode(UserRecord *h) { | |
1416 | assert(h); | |
1417 | ||
1418 | return h->access_mode != (mode_t) -1 ? h->access_mode : 0700; | |
1419 | } | |
1420 | ||
1421 | const char* user_record_home_directory(UserRecord *h) { | |
1422 | assert(h); | |
1423 | ||
1424 | if (h->home_directory) | |
1425 | return h->home_directory; | |
1426 | if (h->home_directory_auto) | |
1427 | return h->home_directory_auto; | |
1428 | ||
1429 | /* The root user is special, hence be special about it */ | |
1430 | if (streq_ptr(h->user_name, "root")) | |
1431 | return "/root"; | |
1432 | ||
1433 | return "/"; | |
1434 | } | |
1435 | ||
1436 | const char *user_record_image_path(UserRecord *h) { | |
1437 | assert(h); | |
1438 | ||
1439 | if (h->image_path) | |
1440 | return h->image_path; | |
1441 | if (h->image_path_auto) | |
1442 | return h->image_path_auto; | |
1443 | ||
1444 | return IN_SET(user_record_storage(h), USER_CLASSIC, USER_DIRECTORY, USER_SUBVOLUME, USER_FSCRYPT) ? user_record_home_directory(h) : NULL; | |
1445 | } | |
1446 | ||
1447 | const char *user_record_cifs_user_name(UserRecord *h) { | |
1448 | assert(h); | |
1449 | ||
1450 | return h->cifs_user_name ?: h->user_name; | |
1451 | } | |
1452 | ||
1453 | unsigned long user_record_mount_flags(UserRecord *h) { | |
1454 | assert(h); | |
1455 | ||
1456 | return (h->nosuid ? MS_NOSUID : 0) | | |
1457 | (h->noexec ? MS_NOEXEC : 0) | | |
1458 | (h->nodev ? MS_NODEV : 0); | |
1459 | } | |
1460 | ||
1461 | const char *user_record_shell(UserRecord *h) { | |
1462 | assert(h); | |
1463 | ||
1464 | if (h->shell) | |
1465 | return h->shell; | |
1466 | ||
1467 | if (streq_ptr(h->user_name, "root")) | |
1468 | return "/bin/sh"; | |
1469 | ||
1470 | if (user_record_disposition(h) == USER_REGULAR) | |
1471 | return "/bin/bash"; | |
1472 | ||
1473 | return NOLOGIN; | |
1474 | } | |
1475 | ||
1476 | const char *user_record_real_name(UserRecord *h) { | |
1477 | assert(h); | |
1478 | ||
1479 | return h->real_name ?: h->user_name; | |
1480 | } | |
1481 | ||
1482 | bool user_record_luks_discard(UserRecord *h) { | |
1483 | const char *ip; | |
1484 | ||
1485 | assert(h); | |
1486 | ||
1487 | if (h->luks_discard >= 0) | |
1488 | return h->luks_discard; | |
1489 | ||
1490 | ip = user_record_image_path(h); | |
1491 | if (!ip) | |
1492 | return false; | |
1493 | ||
1494 | /* Use discard by default if we are referring to a real block device, but not when operating on a | |
1495 | * loopback device. We want to optimize for SSD and flash storage after all, but we should be careful | |
1496 | * when storing stuff on top of regular file systems in loopback files as doing discard then would | |
1497 | * mean thin provisioning and we should not do that willy-nilly since it means we'll risk EIO later | |
1498 | * on should the disk space to back our file systems not be available. */ | |
1499 | ||
1500 | return path_startswith(ip, "/dev/"); | |
1501 | } | |
1502 | ||
1503 | const char *user_record_luks_cipher(UserRecord *h) { | |
1504 | assert(h); | |
1505 | ||
1506 | return h->luks_cipher ?: "aes"; | |
1507 | } | |
1508 | ||
1509 | const char *user_record_luks_cipher_mode(UserRecord *h) { | |
1510 | assert(h); | |
1511 | ||
1512 | return h->luks_cipher_mode ?: "xts-plain64"; | |
1513 | } | |
1514 | ||
1515 | uint64_t user_record_luks_volume_key_size(UserRecord *h) { | |
1516 | assert(h); | |
1517 | ||
1518 | /* We return a value here that can be cast without loss into size_t which is what libcrypsetup expects */ | |
1519 | ||
1520 | if (h->luks_volume_key_size == UINT64_MAX) | |
1521 | return 256 / 8; | |
1522 | ||
1523 | return MIN(h->luks_volume_key_size, SIZE_MAX); | |
1524 | } | |
1525 | ||
1526 | const char* user_record_luks_pbkdf_type(UserRecord *h) { | |
1527 | assert(h); | |
1528 | ||
1529 | return h->luks_pbkdf_type ?: "argon2i"; | |
1530 | } | |
1531 | ||
1532 | uint64_t user_record_luks_pbkdf_time_cost_usec(UserRecord *h) { | |
1533 | assert(h); | |
1534 | ||
1535 | /* Returns a value with ms granularity, since that's what libcryptsetup expects */ | |
1536 | ||
1537 | if (h->luks_pbkdf_time_cost_usec == UINT64_MAX) | |
1538 | return 500 * USEC_PER_MSEC; /* We default to 500ms, in contrast to libcryptsetup's 2s, which is just awfully slow on every login */ | |
1539 | ||
1540 | return MIN(DIV_ROUND_UP(h->luks_pbkdf_time_cost_usec, USEC_PER_MSEC), UINT32_MAX) * USEC_PER_MSEC; | |
1541 | } | |
1542 | ||
1543 | uint64_t user_record_luks_pbkdf_memory_cost(UserRecord *h) { | |
1544 | assert(h); | |
1545 | ||
1546 | /* Returns a value with kb granularity, since that's what libcryptsetup expects */ | |
1547 | ||
1548 | if (h->luks_pbkdf_memory_cost == UINT64_MAX) | |
1549 | return 64*1024*1024; /* We default to 64M, since this should work on smaller systems too */ | |
1550 | ||
1551 | return MIN(DIV_ROUND_UP(h->luks_pbkdf_memory_cost, 1024), UINT32_MAX) * 1024; | |
1552 | } | |
1553 | ||
1554 | uint64_t user_record_luks_pbkdf_parallel_threads(UserRecord *h) { | |
1555 | assert(h); | |
1556 | ||
1557 | if (h->luks_pbkdf_memory_cost == UINT64_MAX) | |
1558 | return 1; /* We default to 1, since this should work on smaller systems too */ | |
1559 | ||
1560 | return MIN(h->luks_pbkdf_parallel_threads, UINT32_MAX); | |
1561 | } | |
1562 | ||
1563 | const char *user_record_luks_pbkdf_hash_algorithm(UserRecord *h) { | |
1564 | assert(h); | |
1565 | ||
1566 | return h->luks_pbkdf_hash_algorithm ?: "sha512"; | |
1567 | } | |
1568 | ||
1569 | gid_t user_record_gid(UserRecord *h) { | |
1570 | assert(h); | |
1571 | ||
1572 | if (gid_is_valid(h->gid)) | |
1573 | return h->gid; | |
1574 | ||
1575 | return (gid_t) h->uid; | |
1576 | } | |
1577 | ||
1578 | UserDisposition user_record_disposition(UserRecord *h) { | |
1579 | assert(h); | |
1580 | ||
1581 | if (h->disposition >= 0) | |
1582 | return h->disposition; | |
1583 | ||
1584 | /* If not declared, derive from UID */ | |
1585 | ||
1586 | if (!uid_is_valid(h->uid)) | |
1587 | return _USER_DISPOSITION_INVALID; | |
1588 | ||
1589 | if (h->uid == 0 || h->uid == UID_NOBODY) | |
1590 | return USER_INTRINSIC; | |
1591 | ||
1592 | if (uid_is_system(h->uid)) | |
1593 | return USER_SYSTEM; | |
1594 | ||
1595 | if (uid_is_dynamic(h->uid)) | |
1596 | return USER_DYNAMIC; | |
1597 | ||
1598 | if (uid_is_container(h->uid)) | |
1599 | return USER_CONTAINER; | |
1600 | ||
1601 | if (h->uid > INT32_MAX) | |
1602 | return USER_RESERVED; | |
1603 | ||
1604 | return USER_REGULAR; | |
1605 | } | |
1606 | ||
1607 | int user_record_removable(UserRecord *h) { | |
1608 | UserStorage storage; | |
1609 | assert(h); | |
1610 | ||
1611 | if (h->removable >= 0) | |
1612 | return h->removable; | |
1613 | ||
1614 | /* Refuse to decide for classic records */ | |
1615 | storage = user_record_storage(h); | |
1616 | if (h->storage < 0 || h->storage == USER_CLASSIC) | |
1617 | return -1; | |
1618 | ||
1619 | /* For now consider only LUKS home directories with a reference by path as removable */ | |
1620 | return storage == USER_LUKS && path_startswith(user_record_image_path(h), "/dev/"); | |
1621 | } | |
1622 | ||
1623 | uint64_t user_record_ratelimit_interval_usec(UserRecord *h) { | |
1624 | assert(h); | |
1625 | ||
1626 | if (h->ratelimit_interval_usec == UINT64_MAX) | |
1627 | return DEFAULT_RATELIMIT_INTERVAL_USEC; | |
1628 | ||
1629 | return h->ratelimit_interval_usec; | |
1630 | } | |
1631 | ||
1632 | uint64_t user_record_ratelimit_burst(UserRecord *h) { | |
1633 | assert(h); | |
1634 | ||
1635 | if (h->ratelimit_burst == UINT64_MAX) | |
1636 | return DEFAULT_RATELIMIT_BURST; | |
1637 | ||
1638 | return h->ratelimit_burst; | |
1639 | } | |
1640 | ||
1641 | bool user_record_can_authenticate(UserRecord *h) { | |
1642 | assert(h); | |
1643 | ||
1644 | /* Returns true if there's some form of property configured that the user can authenticate against */ | |
1645 | ||
1646 | if (h->n_pkcs11_encrypted_key > 0) | |
1647 | return true; | |
1648 | ||
1649 | return !strv_isempty(h->hashed_password); | |
1650 | } | |
1651 | ||
1652 | uint64_t user_record_ratelimit_next_try(UserRecord *h) { | |
1653 | assert(h); | |
1654 | ||
1655 | /* Calculates when the it's possible to login next. Returns: | |
1656 | * | |
1657 | * UINT64_MAX → Nothing known | |
1658 | * 0 → Right away | |
1659 | * Any other → Next time in CLOCK_REALTIME in usec (which could be in the past) | |
1660 | */ | |
1661 | ||
1662 | if (h->ratelimit_begin_usec == UINT64_MAX || | |
1663 | h->ratelimit_count == UINT64_MAX) | |
1664 | return UINT64_MAX; | |
1665 | ||
1666 | if (h->ratelimit_count < user_record_ratelimit_burst(h)) | |
1667 | return 0; | |
1668 | ||
1669 | return usec_add(h->ratelimit_begin_usec, user_record_ratelimit_interval_usec(h)); | |
1670 | } | |
1671 | ||
1672 | bool user_record_equal(UserRecord *a, UserRecord *b) { | |
1673 | assert(a); | |
1674 | assert(b); | |
1675 | ||
1676 | /* We assume that when a record is modified its JSON data is updated at the same time, hence it's | |
1677 | * sufficient to compare the JSON data. */ | |
1678 | ||
1679 | return json_variant_equal(a->json, b->json); | |
1680 | } | |
1681 | ||
1682 | bool user_record_compatible(UserRecord *a, UserRecord *b) { | |
1683 | assert(a); | |
1684 | assert(b); | |
1685 | ||
1686 | /* If either lacks a the regular section, we can't really decide, let's hence say they are | |
1687 | * incompatible. */ | |
1688 | if (!(a->mask & b->mask & USER_RECORD_REGULAR)) | |
1689 | return false; | |
1690 | ||
1691 | return streq_ptr(a->user_name, b->user_name) && | |
1692 | streq_ptr(a->realm, b->realm); | |
1693 | } | |
1694 | ||
1695 | int user_record_compare_last_change(UserRecord *a, UserRecord *b) { | |
1696 | assert(a); | |
1697 | assert(b); | |
1698 | ||
1699 | if (a->last_change_usec == b->last_change_usec) | |
1700 | return 0; | |
1701 | ||
1702 | /* Always consider a record with a timestamp newer than one without */ | |
1703 | if (a->last_change_usec == UINT64_MAX) | |
1704 | return -1; | |
1705 | if (b->last_change_usec == UINT64_MAX) | |
1706 | return 1; | |
1707 | ||
1708 | return CMP(a->last_change_usec, b->last_change_usec); | |
1709 | } | |
1710 | ||
1711 | int user_record_clone(UserRecord *h, UserRecordLoadFlags flags, UserRecord **ret) { | |
1712 | _cleanup_(user_record_unrefp) UserRecord *c = NULL; | |
1713 | int r; | |
1714 | ||
1715 | assert(h); | |
1716 | assert(ret); | |
1717 | ||
1718 | c = user_record_new(); | |
1719 | if (!c) | |
1720 | return -ENOMEM; | |
1721 | ||
1722 | r = user_record_load(c, h->json, flags); | |
1723 | if (r < 0) | |
1724 | return r; | |
1725 | ||
1726 | *ret = TAKE_PTR(c); | |
1727 | return 0; | |
1728 | } | |
1729 | ||
1730 | int user_record_masked_equal(UserRecord *a, UserRecord *b, UserRecordMask mask) { | |
1731 | _cleanup_(user_record_unrefp) UserRecord *x = NULL, *y = NULL; | |
1732 | int r; | |
1733 | ||
1734 | assert(a); | |
1735 | assert(b); | |
1736 | ||
1737 | /* Compares the two records, but ignores anything not listed in the specified mask */ | |
1738 | ||
1739 | if ((a->mask & ~mask) != 0) { | |
1740 | r = user_record_clone(a, USER_RECORD_ALLOW(mask) | USER_RECORD_STRIP(~mask & _USER_RECORD_MASK_MAX), &x); | |
1741 | if (r < 0) | |
1742 | return r; | |
1743 | ||
1744 | a = x; | |
1745 | } | |
1746 | ||
1747 | if ((b->mask & ~mask) != 0) { | |
1748 | r = user_record_clone(b, USER_RECORD_ALLOW(mask) | USER_RECORD_STRIP(~mask & _USER_RECORD_MASK_MAX), &y); | |
1749 | if (r < 0) | |
1750 | return r; | |
1751 | ||
1752 | b = y; | |
1753 | } | |
1754 | ||
1755 | return user_record_equal(a, b); | |
1756 | } | |
1757 | ||
1758 | int user_record_test_blocked(UserRecord *h) { | |
1759 | usec_t n; | |
1760 | ||
1761 | /* Checks whether access to the specified user shall be allowed at the moment. Returns: | |
1762 | * | |
1763 | * -ESTALE: Record is from the future | |
1764 | * -ENOLCK: Record is blocked | |
1765 | * -EL2HLT: Record is not valid yet | |
1766 | * -EL3HLT: Record is not valid anymore | |
1767 | * | |
1768 | */ | |
1769 | ||
1770 | assert(h); | |
1771 | ||
1772 | n = now(CLOCK_REALTIME); | |
1773 | if (h->last_change_usec != UINT64_MAX && | |
1774 | h->last_change_usec > n) /* Don't allow log ins when the record is from the future */ | |
1775 | return -ESTALE; | |
1776 | ||
1777 | if (h->locked > 0) | |
1778 | return -ENOLCK; | |
1779 | ||
1780 | if (h->not_before_usec != UINT64_MAX && n < h->not_before_usec) | |
1781 | return -EL2HLT; | |
1782 | if (h->not_after_usec != UINT64_MAX && n > h->not_after_usec) | |
1783 | return -EL3HLT; | |
1784 | ||
1785 | return 0; | |
1786 | } | |
1787 | ||
1788 | int user_record_test_password_change_required(UserRecord *h) { | |
1789 | bool change_permitted; | |
1790 | usec_t n; | |
1791 | ||
1792 | assert(h); | |
1793 | ||
1794 | /* Checks whether the user must change the password when logging in | |
1795 | ||
1796 | -EKEYREVOKED: Change password now because admin said so | |
1797 | -EOWNERDEAD: Change password now because it expired | |
1798 | -EKEYREJECTED: Password is expired, no changing is allowed | |
1799 | -EKEYEXPIRED: Password is about to expire, warn user | |
1800 | -ENETDOWN: Record has expiration info but no password change timestamp | |
1801 | -EROFS: No password change required nor permitted | |
1802 | 0: No password change required, but permitted | |
1803 | */ | |
1804 | ||
1805 | /* If a pasword change request has been set explicitly, it overrides everything */ | |
1806 | if (h->password_change_now > 0) | |
1807 | return -EKEYREVOKED; | |
1808 | ||
1809 | n = now(CLOCK_REALTIME); | |
1810 | ||
1811 | /* Then, let's check if password changing is currently allowed at all */ | |
1812 | if (h->password_change_min_usec != UINT64_MAX) { | |
1813 | ||
1814 | /* Expiry configured but no password change timestamp known? */ | |
1815 | if (h->last_password_change_usec == UINT64_MAX) | |
1816 | return -ENETDOWN; | |
1817 | ||
1818 | if (h->password_change_min_usec >= UINT64_MAX - h->last_password_change_usec) | |
1819 | change_permitted = false; | |
1820 | else | |
1821 | change_permitted = n >= h->last_password_change_usec + h->password_change_min_usec; | |
1822 | ||
1823 | } else | |
1824 | change_permitted = true; | |
1825 | ||
1826 | /* Let's check whether the password has expired. */ | |
1827 | if (!(h->password_change_max_usec == UINT64_MAX || | |
1828 | h->password_change_max_usec >= UINT64_MAX - h->last_password_change_usec)) { | |
1829 | ||
1830 | uint64_t change_before; | |
1831 | ||
1832 | /* Expiry configured but no password change timestamp known? */ | |
1833 | if (h->last_password_change_usec == UINT64_MAX) | |
1834 | return -ENETDOWN; | |
1835 | ||
1836 | /* Password is in inactive phase? */ | |
1837 | if (h->password_change_inactive_usec != UINT64_MAX && | |
1838 | h->password_change_inactive_usec < UINT64_MAX - h->password_change_max_usec) { | |
1839 | usec_t added; | |
1840 | ||
1841 | added = h->password_change_inactive_usec + h->password_change_max_usec; | |
1842 | if (added < UINT64_MAX - h->last_password_change_usec && | |
1843 | n >= h->last_password_change_usec + added) | |
1844 | return -EKEYREJECTED; | |
1845 | } | |
1846 | ||
1847 | /* Password needs to be changed now? */ | |
1848 | change_before = h->last_password_change_usec + h->password_change_max_usec; | |
1849 | if (n >= change_before) | |
1850 | return change_permitted ? -EOWNERDEAD : -EKEYREJECTED; | |
1851 | ||
1852 | /* Warn user? */ | |
1853 | if (h->password_change_warn_usec != UINT64_MAX && | |
1854 | (change_before < h->password_change_warn_usec || | |
1855 | n >= change_before - h->password_change_warn_usec)) | |
1856 | return change_permitted ? -EKEYEXPIRED : -EROFS; | |
1857 | } | |
1858 | ||
1859 | /* No password changing necessary */ | |
1860 | return change_permitted ? 0 : -EROFS; | |
1861 | } | |
1862 | ||
1863 | static const char* const user_storage_table[_USER_STORAGE_MAX] = { | |
1864 | [USER_CLASSIC] = "classic", | |
1865 | [USER_LUKS] = "luks", | |
1866 | [USER_DIRECTORY] = "directory", | |
1867 | [USER_SUBVOLUME] = "subvolume", | |
1868 | [USER_FSCRYPT] = "fscrypt", | |
1869 | [USER_CIFS] = "cifs", | |
1870 | }; | |
1871 | ||
1872 | DEFINE_STRING_TABLE_LOOKUP(user_storage, UserStorage); | |
1873 | ||
1874 | static const char* const user_disposition_table[_USER_DISPOSITION_MAX] = { | |
1875 | [USER_INTRINSIC] = "intrinsic", | |
1876 | [USER_SYSTEM] = "system", | |
1877 | [USER_DYNAMIC] = "dynamic", | |
1878 | [USER_REGULAR] = "regular", | |
1879 | [USER_CONTAINER] = "container", | |
1880 | [USER_RESERVED] = "reserved", | |
1881 | }; | |
1882 | ||
1883 | DEFINE_STRING_TABLE_LOOKUP(user_disposition, UserDisposition); |