]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/home/homectl.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #25651 from keszybz/man-halt
[thirdparty/systemd.git] / src / home / homectl.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <getopt.h>
4
5 #include "sd-bus.h"
6
7 #include "ask-password-api.h"
8 #include "build.h"
9 #include "bus-common-errors.h"
10 #include "bus-error.h"
11 #include "bus-locator.h"
12 #include "cgroup-util.h"
13 #include "dns-domain.h"
14 #include "env-util.h"
15 #include "fd-util.h"
16 #include "fileio.h"
17 #include "format-table.h"
18 #include "fs-util.h"
19 #include "glyph-util.h"
20 #include "home-util.h"
21 #include "homectl-fido2.h"
22 #include "homectl-pkcs11.h"
23 #include "homectl-recovery-key.h"
24 #include "libfido2-util.h"
25 #include "locale-util.h"
26 #include "main-func.h"
27 #include "memory-util.h"
28 #include "pager.h"
29 #include "parse-argument.h"
30 #include "parse-util.h"
31 #include "path-util.h"
32 #include "percent-util.h"
33 #include "pkcs11-util.h"
34 #include "pretty-print.h"
35 #include "process-util.h"
36 #include "pwquality-util.h"
37 #include "rlimit-util.h"
38 #include "spawn-polkit-agent.h"
39 #include "terminal-util.h"
40 #include "uid-alloc-range.h"
41 #include "user-record-pwquality.h"
42 #include "user-record-show.h"
43 #include "user-record-util.h"
44 #include "user-record.h"
45 #include "user-util.h"
46 #include "verbs.h"
47
48 static PagerFlags arg_pager_flags = 0;
49 static bool arg_legend = true;
50 static bool arg_ask_password = true;
51 static BusTransport arg_transport = BUS_TRANSPORT_LOCAL;
52 static const char *arg_host = NULL;
53 static const char *arg_identity = NULL;
54 static JsonVariant *arg_identity_extra = NULL;
55 static JsonVariant *arg_identity_extra_privileged = NULL;
56 static JsonVariant *arg_identity_extra_this_machine = NULL;
57 static JsonVariant *arg_identity_extra_rlimits = NULL;
58 static char **arg_identity_filter = NULL; /* this one is also applied to 'privileged' and 'thisMachine' subobjects */
59 static char **arg_identity_filter_rlimits = NULL;
60 static uint64_t arg_disk_size = UINT64_MAX;
61 static uint64_t arg_disk_size_relative = UINT64_MAX;
62 static char **arg_pkcs11_token_uri = NULL;
63 static char **arg_fido2_device = NULL;
64 static Fido2EnrollFlags arg_fido2_lock_with = FIDO2ENROLL_PIN | FIDO2ENROLL_UP;
65 #if HAVE_LIBFIDO2
66 static int arg_fido2_cred_alg = COSE_ES256;
67 #else
68 static int arg_fido2_cred_alg = 0;
69 #endif
70 static bool arg_recovery_key = false;
71 static JsonFormatFlags arg_json_format_flags = JSON_FORMAT_OFF;
72 static bool arg_and_resize = false;
73 static bool arg_and_change_password = false;
74 static enum {
75 EXPORT_FORMAT_FULL, /* export the full record */
76 EXPORT_FORMAT_STRIPPED, /* strip "state" + "binding", but leave signature in place */
77 EXPORT_FORMAT_MINIMAL, /* also strip signature */
78 } arg_export_format = EXPORT_FORMAT_FULL;
79
80 STATIC_DESTRUCTOR_REGISTER(arg_identity_extra, json_variant_unrefp);
81 STATIC_DESTRUCTOR_REGISTER(arg_identity_extra_this_machine, json_variant_unrefp);
82 STATIC_DESTRUCTOR_REGISTER(arg_identity_extra_privileged, json_variant_unrefp);
83 STATIC_DESTRUCTOR_REGISTER(arg_identity_extra_rlimits, json_variant_unrefp);
84 STATIC_DESTRUCTOR_REGISTER(arg_identity_filter, strv_freep);
85 STATIC_DESTRUCTOR_REGISTER(arg_identity_filter_rlimits, strv_freep);
86 STATIC_DESTRUCTOR_REGISTER(arg_pkcs11_token_uri, strv_freep);
87 STATIC_DESTRUCTOR_REGISTER(arg_fido2_device, strv_freep);
88
89 static const BusLocator *bus_mgr;
90
91 static bool identity_properties_specified(void) {
92 return
93 arg_identity ||
94 !json_variant_is_blank_object(arg_identity_extra) ||
95 !json_variant_is_blank_object(arg_identity_extra_privileged) ||
96 !json_variant_is_blank_object(arg_identity_extra_this_machine) ||
97 !json_variant_is_blank_object(arg_identity_extra_rlimits) ||
98 !strv_isempty(arg_identity_filter) ||
99 !strv_isempty(arg_identity_filter_rlimits) ||
100 !strv_isempty(arg_pkcs11_token_uri) ||
101 !strv_isempty(arg_fido2_device);
102 }
103
104 static int acquire_bus(sd_bus **bus) {
105 int r;
106
107 assert(bus);
108
109 if (*bus)
110 return 0;
111
112 r = bus_connect_transport(arg_transport, arg_host, false, bus);
113 if (r < 0)
114 return bus_log_connect_error(r, arg_transport);
115
116 (void) sd_bus_set_allow_interactive_authorization(*bus, arg_ask_password);
117
118 return 0;
119 }
120
121 static int list_homes(int argc, char *argv[], void *userdata) {
122 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
123 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
124 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
125 _cleanup_(table_unrefp) Table *table = NULL;
126 int r;
127
128 r = acquire_bus(&bus);
129 if (r < 0)
130 return r;
131
132 r = bus_call_method(bus, bus_mgr, "ListHomes", &error, &reply, NULL);
133 if (r < 0)
134 return log_error_errno(r, "Failed to list homes: %s", bus_error_message(&error, r));
135
136 table = table_new("name", "uid", "gid", "state", "realname", "home", "shell");
137 if (!table)
138 return log_oom();
139
140 r = sd_bus_message_enter_container(reply, 'a', "(susussso)");
141 if (r < 0)
142 return bus_log_parse_error(r);
143
144 for (;;) {
145 const char *name, *state, *realname, *home, *shell, *color;
146 TableCell *cell;
147 uint32_t uid, gid;
148
149 r = sd_bus_message_read(reply, "(susussso)", &name, &uid, &state, &gid, &realname, &home, &shell, NULL);
150 if (r < 0)
151 return bus_log_parse_error(r);
152 if (r == 0)
153 break;
154
155 r = table_add_many(table,
156 TABLE_STRING, name,
157 TABLE_UID, uid,
158 TABLE_GID, gid);
159 if (r < 0)
160 return table_log_add_error(r);
161
162
163 r = table_add_cell(table, &cell, TABLE_STRING, state);
164 if (r < 0)
165 return table_log_add_error(r);
166
167 color = user_record_state_color(state);
168 if (color)
169 (void) table_set_color(table, cell, color);
170
171 r = table_add_many(table,
172 TABLE_STRING, strna(empty_to_null(realname)),
173 TABLE_STRING, home,
174 TABLE_STRING, strna(empty_to_null(shell)));
175 if (r < 0)
176 return table_log_add_error(r);
177 }
178
179 r = sd_bus_message_exit_container(reply);
180 if (r < 0)
181 return bus_log_parse_error(r);
182
183 if (table_get_rows(table) > 1 || !FLAGS_SET(arg_json_format_flags, JSON_FORMAT_OFF)) {
184 r = table_set_sort(table, (size_t) 0);
185 if (r < 0)
186 return table_log_sort_error(r);
187
188 r = table_print_with_pager(table, arg_json_format_flags, arg_pager_flags, arg_legend);
189 if (r < 0)
190 return r;
191 }
192
193 if (arg_legend && (arg_json_format_flags & JSON_FORMAT_OFF)) {
194 if (table_get_rows(table) > 1)
195 printf("\n%zu home areas listed.\n", table_get_rows(table) - 1);
196 else
197 printf("No home areas.\n");
198 }
199
200 return 0;
201 }
202
203 static int acquire_existing_password(
204 const char *user_name,
205 UserRecord *hr,
206 bool emphasize_current,
207 AskPasswordFlags flags) {
208
209 _cleanup_(strv_free_erasep) char **password = NULL;
210 _cleanup_(erase_and_freep) char *envpw = NULL;
211 _cleanup_free_ char *question = NULL;
212 int r;
213
214 assert(user_name);
215 assert(hr);
216
217 r = getenv_steal_erase("PASSWORD", &envpw);
218 if (r < 0)
219 return log_error_errno(r, "Failed to acquire password from environment: %m");
220 if (r > 0) {
221 /* People really shouldn't use environment variables for passing passwords. We support this
222 * only for testing purposes, and do not document the behaviour, so that people won't
223 * actually use this outside of testing. */
224
225 r = user_record_set_password(hr, STRV_MAKE(envpw), true);
226 if (r < 0)
227 return log_error_errno(r, "Failed to store password: %m");
228
229 return 1;
230 }
231
232 /* If this is not our own user, then don't use the password cache */
233 if (is_this_me(user_name) <= 0)
234 SET_FLAG(flags, ASK_PASSWORD_ACCEPT_CACHED|ASK_PASSWORD_PUSH_CACHE, false);
235
236 if (asprintf(&question, emphasize_current ?
237 "Please enter current password for user %s:" :
238 "Please enter password for user %s:",
239 user_name) < 0)
240 return log_oom();
241
242 r = ask_password_auto(question,
243 /* icon= */ "user-home",
244 NULL,
245 /* key_name= */ "home-password",
246 /* credential_name= */ "home.password",
247 USEC_INFINITY,
248 flags,
249 &password);
250 if (r == -EUNATCH) { /* EUNATCH is returned if no password was found and asking interactively was
251 * disabled via the flags. Not an error for us. */
252 log_debug_errno(r, "No passwords acquired.");
253 return 0;
254 }
255 if (r < 0)
256 return log_error_errno(r, "Failed to acquire password: %m");
257
258 r = user_record_set_password(hr, password, true);
259 if (r < 0)
260 return log_error_errno(r, "Failed to store password: %m");
261
262 return 1;
263 }
264
265 static int acquire_recovery_key(
266 const char *user_name,
267 UserRecord *hr,
268 AskPasswordFlags flags) {
269
270 _cleanup_(strv_free_erasep) char **recovery_key = NULL;
271 _cleanup_(erase_and_freep) char *envpw = NULL;
272 _cleanup_free_ char *question = NULL;
273 int r;
274
275 assert(user_name);
276 assert(hr);
277
278 r = getenv_steal_erase("PASSWORD", &envpw);
279 if (r < 0)
280 return log_error_errno(r, "Failed to acquire password from environment: %m");
281 if (r > 0) {
282 /* People really shouldn't use environment variables for passing secrets. We support this
283 * only for testing purposes, and do not document the behaviour, so that people won't
284 * actually use this outside of testing. */
285
286 r = user_record_set_password(hr, STRV_MAKE(envpw), true); /* recovery keys are stored in the record exactly like regular passwords! */
287 if (r < 0)
288 return log_error_errno(r, "Failed to store recovery key: %m");
289
290 return 1;
291 }
292
293 /* If this is not our own user, then don't use the password cache */
294 if (is_this_me(user_name) <= 0)
295 SET_FLAG(flags, ASK_PASSWORD_ACCEPT_CACHED|ASK_PASSWORD_PUSH_CACHE, false);
296
297 if (asprintf(&question, "Please enter recovery key for user %s:", user_name) < 0)
298 return log_oom();
299
300 r = ask_password_auto(question,
301 /* icon= */ "user-home",
302 NULL,
303 /* key_name= */ "home-recovery-key",
304 /* credential_name= */ "home.recovery-key",
305 USEC_INFINITY,
306 flags,
307 &recovery_key);
308 if (r == -EUNATCH) { /* EUNATCH is returned if no recovery key was found and asking interactively was
309 * disabled via the flags. Not an error for us. */
310 log_debug_errno(r, "No recovery keys acquired.");
311 return 0;
312 }
313 if (r < 0)
314 return log_error_errno(r, "Failed to acquire recovery keys: %m");
315
316 r = user_record_set_password(hr, recovery_key, true);
317 if (r < 0)
318 return log_error_errno(r, "Failed to store recovery keys: %m");
319
320 return 1;
321 }
322
323 static int acquire_token_pin(
324 const char *user_name,
325 UserRecord *hr,
326 AskPasswordFlags flags) {
327
328 _cleanup_(strv_free_erasep) char **pin = NULL;
329 _cleanup_(erase_and_freep) char *envpin = NULL;
330 _cleanup_free_ char *question = NULL;
331 int r;
332
333 assert(user_name);
334 assert(hr);
335
336 r = getenv_steal_erase("PIN", &envpin);
337 if (r < 0)
338 return log_error_errno(r, "Failed to acquire PIN from environment: %m");
339 if (r > 0) {
340 r = user_record_set_token_pin(hr, STRV_MAKE(envpin), false);
341 if (r < 0)
342 return log_error_errno(r, "Failed to store token PIN: %m");
343
344 return 1;
345 }
346
347 /* If this is not our own user, then don't use the password cache */
348 if (is_this_me(user_name) <= 0)
349 SET_FLAG(flags, ASK_PASSWORD_ACCEPT_CACHED|ASK_PASSWORD_PUSH_CACHE, false);
350
351 if (asprintf(&question, "Please enter security token PIN for user %s:", user_name) < 0)
352 return log_oom();
353
354 r = ask_password_auto(
355 question,
356 /* icon= */ "user-home",
357 NULL,
358 /* key_name= */ "token-pin",
359 /* credential_name= */ "home.token-pin",
360 USEC_INFINITY,
361 flags,
362 &pin);
363 if (r == -EUNATCH) { /* EUNATCH is returned if no PIN was found and asking interactively was disabled
364 * via the flags. Not an error for us. */
365 log_debug_errno(r, "No security token PINs acquired.");
366 return 0;
367 }
368 if (r < 0)
369 return log_error_errno(r, "Failed to acquire security token PIN: %m");
370
371 r = user_record_set_token_pin(hr, pin, false);
372 if (r < 0)
373 return log_error_errno(r, "Failed to store security token PIN: %m");
374
375 return 1;
376 }
377
378 static int handle_generic_user_record_error(
379 const char *user_name,
380 UserRecord *hr,
381 const sd_bus_error *error,
382 int ret,
383 bool emphasize_current_password) {
384 int r;
385
386 assert(user_name);
387 assert(hr);
388
389 if (sd_bus_error_has_name(error, BUS_ERROR_HOME_ABSENT))
390 return log_error_errno(SYNTHETIC_ERRNO(EREMOTE),
391 "Home of user %s is currently absent, please plug in the necessary storage device or backing file system.", user_name);
392
393 else if (sd_bus_error_has_name(error, BUS_ERROR_AUTHENTICATION_LIMIT_HIT))
394 return log_error_errno(SYNTHETIC_ERRNO(ETOOMANYREFS),
395 "Too frequent login attempts for user %s, try again later.", user_name);
396
397 else if (sd_bus_error_has_name(error, BUS_ERROR_BAD_PASSWORD)) {
398
399 if (!strv_isempty(hr->password))
400 log_notice("Password incorrect or not sufficient, please try again.");
401
402 /* Don't consume cache entries or credentials here, we already tried that unsuccessfully. But
403 * let's push what we acquire here into the cache */
404 r = acquire_existing_password(
405 user_name,
406 hr,
407 emphasize_current_password,
408 ASK_PASSWORD_PUSH_CACHE | ASK_PASSWORD_NO_CREDENTIAL);
409 if (r < 0)
410 return r;
411
412 } else if (sd_bus_error_has_name(error, BUS_ERROR_BAD_RECOVERY_KEY)) {
413
414 if (!strv_isempty(hr->password))
415 log_notice("Recovery key incorrect or not sufficient, please try again.");
416
417 /* Don't consume cache entries or credentials here, we already tried that unsuccessfully. But
418 * let's push what we acquire here into the cache */
419 r = acquire_recovery_key(
420 user_name,
421 hr,
422 ASK_PASSWORD_PUSH_CACHE | ASK_PASSWORD_NO_CREDENTIAL);
423 if (r < 0)
424 return r;
425
426 } else if (sd_bus_error_has_name(error, BUS_ERROR_BAD_PASSWORD_AND_NO_TOKEN)) {
427
428 if (strv_isempty(hr->password))
429 log_notice("Security token not inserted, please enter password.");
430 else
431 log_notice("Password incorrect or not sufficient, and configured security token not inserted, please try again.");
432
433 r = acquire_existing_password(
434 user_name,
435 hr,
436 emphasize_current_password,
437 ASK_PASSWORD_PUSH_CACHE | ASK_PASSWORD_NO_CREDENTIAL);
438 if (r < 0)
439 return r;
440
441 } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_PIN_NEEDED)) {
442
443 /* First time the PIN is requested, let's accept cached data, and allow using credential store */
444 r = acquire_token_pin(
445 user_name,
446 hr,
447 ASK_PASSWORD_ACCEPT_CACHED | ASK_PASSWORD_PUSH_CACHE);
448 if (r < 0)
449 return r;
450
451 } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_PROTECTED_AUTHENTICATION_PATH_NEEDED)) {
452
453 log_notice("%s%sPlease authenticate physically on security token.",
454 emoji_enabled() ? special_glyph(SPECIAL_GLYPH_TOUCH) : "",
455 emoji_enabled() ? " " : "");
456
457 r = user_record_set_pkcs11_protected_authentication_path_permitted(hr, true);
458 if (r < 0)
459 return log_error_errno(r, "Failed to set PKCS#11 protected authentication path permitted flag: %m");
460
461 } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_USER_PRESENCE_NEEDED)) {
462
463 log_notice("%s%sPlease confirm presence on security token.",
464 emoji_enabled() ? special_glyph(SPECIAL_GLYPH_TOUCH) : "",
465 emoji_enabled() ? " " : "");
466
467 r = user_record_set_fido2_user_presence_permitted(hr, true);
468 if (r < 0)
469 return log_error_errno(r, "Failed to set FIDO2 user presence permitted flag: %m");
470
471 } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_USER_VERIFICATION_NEEDED)) {
472
473 log_notice("%s%sPlease verify user on security token.",
474 emoji_enabled() ? special_glyph(SPECIAL_GLYPH_TOUCH) : "",
475 emoji_enabled() ? " " : "");
476
477 r = user_record_set_fido2_user_verification_permitted(hr, true);
478 if (r < 0)
479 return log_error_errno(r, "Failed to set FIDO2 user verification permitted flag: %m");
480
481 } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_PIN_LOCKED))
482 return log_error_errno(SYNTHETIC_ERRNO(EPERM), "Security token PIN is locked, please unlock it first. (Hint: Removal and re-insertion might suffice.)");
483
484 else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN)) {
485
486 log_notice("Security token PIN incorrect, please try again.");
487
488 /* If the previous PIN was wrong don't accept cached info anymore, but add to cache. Also, don't use the credential data */
489 r = acquire_token_pin(
490 user_name,
491 hr,
492 ASK_PASSWORD_PUSH_CACHE | ASK_PASSWORD_NO_CREDENTIAL);
493 if (r < 0)
494 return r;
495
496 } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN_FEW_TRIES_LEFT)) {
497
498 log_notice("Security token PIN incorrect, please try again (only a few tries left!).");
499
500 r = acquire_token_pin(
501 user_name,
502 hr,
503 ASK_PASSWORD_PUSH_CACHE | ASK_PASSWORD_NO_CREDENTIAL);
504 if (r < 0)
505 return r;
506
507 } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN_ONE_TRY_LEFT)) {
508
509 log_notice("Security token PIN incorrect, please try again (only one try left!).");
510
511 r = acquire_token_pin(
512 user_name,
513 hr,
514 ASK_PASSWORD_PUSH_CACHE | ASK_PASSWORD_NO_CREDENTIAL);
515 if (r < 0)
516 return r;
517 } else
518 return log_error_errno(ret, "Operation on home %s failed: %s", user_name, bus_error_message(error, ret));
519
520 return 0;
521 }
522
523 static int acquire_passed_secrets(const char *user_name, UserRecord **ret) {
524 _cleanup_(user_record_unrefp) UserRecord *secret = NULL;
525 int r;
526
527 assert(ret);
528
529 /* Generates an initial secret objects that contains passwords supplied via $PASSWORD, the password
530 * cache or the credentials subsystem, but excluding any interactive stuff. If nothing is passed,
531 * returns an empty secret object. */
532
533 secret = user_record_new();
534 if (!secret)
535 return log_oom();
536
537 r = acquire_existing_password(
538 user_name,
539 secret,
540 /* emphasize_current_password = */ false,
541 ASK_PASSWORD_ACCEPT_CACHED | ASK_PASSWORD_NO_TTY | ASK_PASSWORD_NO_AGENT);
542 if (r < 0)
543 return r;
544
545 r = acquire_token_pin(
546 user_name,
547 secret,
548 ASK_PASSWORD_ACCEPT_CACHED | ASK_PASSWORD_NO_TTY | ASK_PASSWORD_NO_AGENT);
549 if (r < 0)
550 return r;
551
552 r = acquire_recovery_key(
553 user_name,
554 secret,
555 ASK_PASSWORD_ACCEPT_CACHED | ASK_PASSWORD_NO_TTY | ASK_PASSWORD_NO_AGENT);
556 if (r < 0)
557 return r;
558
559 *ret = TAKE_PTR(secret);
560 return 0;
561 }
562
563 static int activate_home(int argc, char *argv[], void *userdata) {
564 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
565 int r, ret = 0;
566
567 r = acquire_bus(&bus);
568 if (r < 0)
569 return r;
570
571 STRV_FOREACH(i, strv_skip(argv, 1)) {
572 _cleanup_(user_record_unrefp) UserRecord *secret = NULL;
573
574 r = acquire_passed_secrets(*i, &secret);
575 if (r < 0)
576 return r;
577
578 for (;;) {
579 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
580 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
581
582 r = bus_message_new_method_call(bus, &m, bus_mgr, "ActivateHome");
583 if (r < 0)
584 return bus_log_create_error(r);
585
586 r = sd_bus_message_append(m, "s", *i);
587 if (r < 0)
588 return bus_log_create_error(r);
589
590 r = bus_message_append_secret(m, secret);
591 if (r < 0)
592 return bus_log_create_error(r);
593
594 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
595 if (r < 0) {
596 r = handle_generic_user_record_error(*i, secret, &error, r, /* emphasize_current_password= */ false);
597 if (r < 0) {
598 if (ret == 0)
599 ret = r;
600
601 break;
602 }
603 } else
604 break;
605 }
606 }
607
608 return ret;
609 }
610
611 static int deactivate_home(int argc, char *argv[], void *userdata) {
612 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
613 int r, ret = 0;
614
615 r = acquire_bus(&bus);
616 if (r < 0)
617 return r;
618
619 STRV_FOREACH(i, strv_skip(argv, 1)) {
620 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
621 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
622
623 r = bus_message_new_method_call(bus, &m, bus_mgr, "DeactivateHome");
624 if (r < 0)
625 return bus_log_create_error(r);
626
627 r = sd_bus_message_append(m, "s", *i);
628 if (r < 0)
629 return bus_log_create_error(r);
630
631 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
632 if (r < 0) {
633 log_error_errno(r, "Failed to deactivate user home: %s", bus_error_message(&error, r));
634 if (ret == 0)
635 ret = r;
636 }
637 }
638
639 return ret;
640 }
641
642 static void dump_home_record(UserRecord *hr) {
643 int r;
644
645 assert(hr);
646
647 if (hr->incomplete) {
648 fflush(stdout);
649 log_warning("Warning: lacking rights to acquire privileged fields of user record of '%s', output incomplete.", hr->user_name);
650 }
651
652 if (arg_json_format_flags & JSON_FORMAT_OFF)
653 user_record_show(hr, true);
654 else {
655 _cleanup_(user_record_unrefp) UserRecord *stripped = NULL;
656
657 if (arg_export_format == EXPORT_FORMAT_STRIPPED)
658 r = user_record_clone(hr, USER_RECORD_EXTRACT_EMBEDDED|USER_RECORD_PERMISSIVE, &stripped);
659 else if (arg_export_format == EXPORT_FORMAT_MINIMAL)
660 r = user_record_clone(hr, USER_RECORD_EXTRACT_SIGNABLE|USER_RECORD_PERMISSIVE, &stripped);
661 else
662 r = 0;
663 if (r < 0)
664 log_warning_errno(r, "Failed to strip user record, ignoring: %m");
665 if (stripped)
666 hr = stripped;
667
668 json_variant_dump(hr->json, arg_json_format_flags, stdout, NULL);
669 }
670 }
671
672 static char **mangle_user_list(char **list, char ***ret_allocated) {
673 _cleanup_free_ char *myself = NULL;
674 char **l;
675
676 if (!strv_isempty(list)) {
677 *ret_allocated = NULL;
678 return list;
679 }
680
681 myself = getusername_malloc();
682 if (!myself)
683 return NULL;
684
685 l = new(char*, 2);
686 if (!l)
687 return NULL;
688
689 l[0] = TAKE_PTR(myself);
690 l[1] = NULL;
691
692 *ret_allocated = l;
693 return l;
694 }
695
696 static int inspect_home(int argc, char *argv[], void *userdata) {
697 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
698 _cleanup_(strv_freep) char **mangled_list = NULL;
699 int r, ret = 0;
700 char **items;
701
702 pager_open(arg_pager_flags);
703
704 r = acquire_bus(&bus);
705 if (r < 0)
706 return r;
707
708 items = mangle_user_list(strv_skip(argv, 1), &mangled_list);
709 if (!items)
710 return log_oom();
711
712 STRV_FOREACH(i, items) {
713 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
714 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
715 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
716 _cleanup_(user_record_unrefp) UserRecord *hr = NULL;
717 const char *json;
718 int incomplete;
719 uid_t uid;
720
721 r = parse_uid(*i, &uid);
722 if (r < 0) {
723 if (!valid_user_group_name(*i, 0)) {
724 log_error("Invalid user name '%s'.", *i);
725 if (ret == 0)
726 ret = -EINVAL;
727
728 continue;
729 }
730
731 r = bus_call_method(bus, bus_mgr, "GetUserRecordByName", &error, &reply, "s", *i);
732 } else
733 r = bus_call_method(bus, bus_mgr, "GetUserRecordByUID", &error, &reply, "u", (uint32_t) uid);
734
735 if (r < 0) {
736 log_error_errno(r, "Failed to inspect home: %s", bus_error_message(&error, r));
737 if (ret == 0)
738 ret = r;
739
740 continue;
741 }
742
743 r = sd_bus_message_read(reply, "sbo", &json, &incomplete, NULL);
744 if (r < 0) {
745 bus_log_parse_error(r);
746 if (ret == 0)
747 ret = r;
748
749 continue;
750 }
751
752 r = json_parse(json, JSON_PARSE_SENSITIVE, &v, NULL, NULL);
753 if (r < 0) {
754 log_error_errno(r, "Failed to parse JSON identity: %m");
755 if (ret == 0)
756 ret = r;
757
758 continue;
759 }
760
761 hr = user_record_new();
762 if (!hr)
763 return log_oom();
764
765 r = user_record_load(hr, v, USER_RECORD_LOAD_REFUSE_SECRET|USER_RECORD_LOG|USER_RECORD_PERMISSIVE);
766 if (r < 0) {
767 if (ret == 0)
768 ret = r;
769
770 continue;
771 }
772
773 hr->incomplete = incomplete;
774 dump_home_record(hr);
775 }
776
777 return ret;
778 }
779
780 static int authenticate_home(int argc, char *argv[], void *userdata) {
781 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
782 _cleanup_(strv_freep) char **mangled_list = NULL;
783 int r, ret = 0;
784 char **items;
785
786 items = mangle_user_list(strv_skip(argv, 1), &mangled_list);
787 if (!items)
788 return log_oom();
789
790 r = acquire_bus(&bus);
791 if (r < 0)
792 return r;
793
794 (void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
795
796 STRV_FOREACH(i, items) {
797 _cleanup_(user_record_unrefp) UserRecord *secret = NULL;
798
799 r = acquire_passed_secrets(*i, &secret);
800 if (r < 0)
801 return r;
802
803 for (;;) {
804 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
805 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
806
807 r = bus_message_new_method_call(bus, &m, bus_mgr, "AuthenticateHome");
808 if (r < 0)
809 return bus_log_create_error(r);
810
811 r = sd_bus_message_append(m, "s", *i);
812 if (r < 0)
813 return bus_log_create_error(r);
814
815 r = bus_message_append_secret(m, secret);
816 if (r < 0)
817 return bus_log_create_error(r);
818
819 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
820 if (r < 0) {
821 r = handle_generic_user_record_error(*i, secret, &error, r, false);
822 if (r < 0) {
823 if (ret == 0)
824 ret = r;
825
826 break;
827 }
828 } else
829 break;
830 }
831 }
832
833 return ret;
834 }
835
836 static int update_last_change(JsonVariant **v, bool with_password, bool override) {
837 JsonVariant *c;
838 usec_t n;
839 int r;
840
841 assert(v);
842
843 n = now(CLOCK_REALTIME);
844
845 c = json_variant_by_key(*v, "lastChangeUSec");
846 if (c) {
847 uint64_t u;
848
849 if (!override)
850 goto update_password;
851
852 if (!json_variant_is_unsigned(c))
853 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "lastChangeUSec field is not an unsigned integer, refusing.");
854
855 u = json_variant_unsigned(c);
856 if (u >= n)
857 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "lastChangeUSec is from the future, can't update.");
858 }
859
860 r = json_variant_set_field_unsigned(v, "lastChangeUSec", n);
861 if (r < 0)
862 return log_error_errno(r, "Failed to update lastChangeUSec: %m");
863
864 update_password:
865 if (!with_password)
866 return 0;
867
868 c = json_variant_by_key(*v, "lastPasswordChangeUSec");
869 if (c) {
870 uint64_t u;
871
872 if (!override)
873 return 0;
874
875 if (!json_variant_is_unsigned(c))
876 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "lastPasswordChangeUSec field is not an unsigned integer, refusing.");
877
878 u = json_variant_unsigned(c);
879 if (u >= n)
880 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "lastPasswordChangeUSec is from the future, can't update.");
881 }
882
883 r = json_variant_set_field_unsigned(v, "lastPasswordChangeUSec", n);
884 if (r < 0)
885 return log_error_errno(r, "Failed to update lastPasswordChangeUSec: %m");
886
887 return 1;
888 }
889
890 static int apply_identity_changes(JsonVariant **_v) {
891 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
892 int r;
893
894 assert(_v);
895
896 v = json_variant_ref(*_v);
897
898 r = json_variant_filter(&v, arg_identity_filter);
899 if (r < 0)
900 return log_error_errno(r, "Failed to filter identity: %m");
901
902 r = json_variant_merge(&v, arg_identity_extra);
903 if (r < 0)
904 return log_error_errno(r, "Failed to merge identities: %m");
905
906 if (arg_identity_extra_this_machine || !strv_isempty(arg_identity_filter)) {
907 _cleanup_(json_variant_unrefp) JsonVariant *per_machine = NULL, *mmid = NULL;
908 sd_id128_t mid;
909
910 r = sd_id128_get_machine(&mid);
911 if (r < 0)
912 return log_error_errno(r, "Failed to acquire machine ID: %m");
913
914 r = json_variant_new_string(&mmid, SD_ID128_TO_STRING(mid));
915 if (r < 0)
916 return log_error_errno(r, "Failed to allocate matchMachineId object: %m");
917
918 per_machine = json_variant_ref(json_variant_by_key(v, "perMachine"));
919 if (per_machine) {
920 _cleanup_(json_variant_unrefp) JsonVariant *npm = NULL, *add = NULL;
921 _cleanup_free_ JsonVariant **array = NULL;
922 JsonVariant *z;
923 size_t i = 0;
924
925 if (!json_variant_is_array(per_machine))
926 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "perMachine field is not an array, refusing.");
927
928 array = new(JsonVariant*, json_variant_elements(per_machine) + 1);
929 if (!array)
930 return log_oom();
931
932 JSON_VARIANT_ARRAY_FOREACH(z, per_machine) {
933 JsonVariant *u;
934
935 if (!json_variant_is_object(z))
936 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "perMachine entry is not an object, refusing.");
937
938 array[i++] = z;
939
940 u = json_variant_by_key(z, "matchMachineId");
941 if (!u)
942 continue;
943
944 if (!json_variant_equal(u, mmid))
945 continue;
946
947 r = json_variant_merge(&add, z);
948 if (r < 0)
949 return log_error_errno(r, "Failed to merge perMachine entry: %m");
950
951 i--;
952 }
953
954 r = json_variant_filter(&add, arg_identity_filter);
955 if (r < 0)
956 return log_error_errno(r, "Failed to filter perMachine: %m");
957
958 r = json_variant_merge(&add, arg_identity_extra_this_machine);
959 if (r < 0)
960 return log_error_errno(r, "Failed to merge in perMachine fields: %m");
961
962 if (arg_identity_filter_rlimits || arg_identity_extra_rlimits) {
963 _cleanup_(json_variant_unrefp) JsonVariant *rlv = NULL;
964
965 rlv = json_variant_ref(json_variant_by_key(add, "resourceLimits"));
966
967 r = json_variant_filter(&rlv, arg_identity_filter_rlimits);
968 if (r < 0)
969 return log_error_errno(r, "Failed to filter resource limits: %m");
970
971 r = json_variant_merge(&rlv, arg_identity_extra_rlimits);
972 if (r < 0)
973 return log_error_errno(r, "Failed to set resource limits: %m");
974
975 if (json_variant_is_blank_object(rlv)) {
976 r = json_variant_filter(&add, STRV_MAKE("resourceLimits"));
977 if (r < 0)
978 return log_error_errno(r, "Failed to drop resource limits field from identity: %m");
979 } else {
980 r = json_variant_set_field(&add, "resourceLimits", rlv);
981 if (r < 0)
982 return log_error_errno(r, "Failed to update resource limits of identity: %m");
983 }
984 }
985
986 if (!json_variant_is_blank_object(add)) {
987 r = json_variant_set_field(&add, "matchMachineId", mmid);
988 if (r < 0)
989 return log_error_errno(r, "Failed to set matchMachineId field: %m");
990
991 array[i++] = add;
992 }
993
994 r = json_variant_new_array(&npm, array, i);
995 if (r < 0)
996 return log_error_errno(r, "Failed to allocate new perMachine array: %m");
997
998 json_variant_unref(per_machine);
999 per_machine = TAKE_PTR(npm);
1000 } else {
1001 _cleanup_(json_variant_unrefp) JsonVariant *item = json_variant_ref(arg_identity_extra_this_machine);
1002
1003 if (arg_identity_extra_rlimits) {
1004 r = json_variant_set_field(&item, "resourceLimits", arg_identity_extra_rlimits);
1005 if (r < 0)
1006 return log_error_errno(r, "Failed to update resource limits of identity: %m");
1007 }
1008
1009 r = json_variant_set_field(&item, "matchMachineId", mmid);
1010 if (r < 0)
1011 return log_error_errno(r, "Failed to set matchMachineId field: %m");
1012
1013 r = json_variant_append_array(&per_machine, item);
1014 if (r < 0)
1015 return log_error_errno(r, "Failed to append to perMachine array: %m");
1016 }
1017
1018 r = json_variant_set_field(&v, "perMachine", per_machine);
1019 if (r < 0)
1020 return log_error_errno(r, "Failed to update per machine record: %m");
1021 }
1022
1023 if (arg_identity_extra_privileged || arg_identity_filter) {
1024 _cleanup_(json_variant_unrefp) JsonVariant *privileged = NULL;
1025
1026 privileged = json_variant_ref(json_variant_by_key(v, "privileged"));
1027
1028 r = json_variant_filter(&privileged, arg_identity_filter);
1029 if (r < 0)
1030 return log_error_errno(r, "Failed to filter identity (privileged part): %m");
1031
1032 r = json_variant_merge(&privileged, arg_identity_extra_privileged);
1033 if (r < 0)
1034 return log_error_errno(r, "Failed to merge identities (privileged part): %m");
1035
1036 if (json_variant_is_blank_object(privileged)) {
1037 r = json_variant_filter(&v, STRV_MAKE("privileged"));
1038 if (r < 0)
1039 return log_error_errno(r, "Failed to drop privileged part from identity: %m");
1040 } else {
1041 r = json_variant_set_field(&v, "privileged", privileged);
1042 if (r < 0)
1043 return log_error_errno(r, "Failed to update privileged part of identity: %m");
1044 }
1045 }
1046
1047 if (arg_identity_filter_rlimits) {
1048 _cleanup_(json_variant_unrefp) JsonVariant *rlv = NULL;
1049
1050 rlv = json_variant_ref(json_variant_by_key(v, "resourceLimits"));
1051
1052 r = json_variant_filter(&rlv, arg_identity_filter_rlimits);
1053 if (r < 0)
1054 return log_error_errno(r, "Failed to filter resource limits: %m");
1055
1056 /* Note that we only filter resource limits here, but don't apply them. We do that in the perMachine section */
1057
1058 if (json_variant_is_blank_object(rlv)) {
1059 r = json_variant_filter(&v, STRV_MAKE("resourceLimits"));
1060 if (r < 0)
1061 return log_error_errno(r, "Failed to drop resource limits field from identity: %m");
1062 } else {
1063 r = json_variant_set_field(&v, "resourceLimits", rlv);
1064 if (r < 0)
1065 return log_error_errno(r, "Failed to update resource limits of identity: %m");
1066 }
1067 }
1068
1069 json_variant_unref(*_v);
1070 *_v = TAKE_PTR(v);
1071
1072 return 0;
1073 }
1074
1075 static int add_disposition(JsonVariant **v) {
1076 int r;
1077
1078 assert(v);
1079
1080 if (json_variant_by_key(*v, "disposition"))
1081 return 0;
1082
1083 /* Set the disposition to regular, if not configured explicitly */
1084 r = json_variant_set_field_string(v, "disposition", "regular");
1085 if (r < 0)
1086 return log_error_errno(r, "Failed to set disposition field: %m");
1087
1088 return 1;
1089 }
1090
1091 static int acquire_new_home_record(UserRecord **ret) {
1092 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
1093 _cleanup_(user_record_unrefp) UserRecord *hr = NULL;
1094 int r;
1095
1096 assert(ret);
1097
1098 if (arg_identity) {
1099 unsigned line, column;
1100
1101 r = json_parse_file(
1102 streq(arg_identity, "-") ? stdin : NULL,
1103 streq(arg_identity, "-") ? "<stdin>" : arg_identity, JSON_PARSE_SENSITIVE, &v, &line, &column);
1104 if (r < 0)
1105 return log_error_errno(r, "Failed to parse identity at %u:%u: %m", line, column);
1106 }
1107
1108 r = apply_identity_changes(&v);
1109 if (r < 0)
1110 return r;
1111
1112 r = add_disposition(&v);
1113 if (r < 0)
1114 return r;
1115
1116 STRV_FOREACH(i, arg_pkcs11_token_uri) {
1117 r = identity_add_pkcs11_key_data(&v, *i);
1118 if (r < 0)
1119 return r;
1120 }
1121
1122 STRV_FOREACH(i, arg_fido2_device) {
1123 r = identity_add_fido2_parameters(&v, *i, arg_fido2_lock_with, arg_fido2_cred_alg);
1124 if (r < 0)
1125 return r;
1126 }
1127
1128 if (arg_recovery_key) {
1129 r = identity_add_recovery_key(&v);
1130 if (r < 0)
1131 return r;
1132 }
1133
1134 r = update_last_change(&v, true, false);
1135 if (r < 0)
1136 return r;
1137
1138 if (DEBUG_LOGGING)
1139 json_variant_dump(v, JSON_FORMAT_PRETTY, NULL, NULL);
1140
1141 hr = user_record_new();
1142 if (!hr)
1143 return log_oom();
1144
1145 r = user_record_load(hr, v, USER_RECORD_REQUIRE_REGULAR|USER_RECORD_ALLOW_SECRET|USER_RECORD_ALLOW_PRIVILEGED|USER_RECORD_ALLOW_PER_MACHINE|USER_RECORD_ALLOW_SIGNATURE|USER_RECORD_LOG|USER_RECORD_PERMISSIVE);
1146 if (r < 0)
1147 return r;
1148
1149 *ret = TAKE_PTR(hr);
1150 return 0;
1151 }
1152
1153 static int acquire_new_password(
1154 const char *user_name,
1155 UserRecord *hr,
1156 bool suggest,
1157 char **ret) {
1158
1159 _cleanup_(erase_and_freep) char *envpw = NULL;
1160 unsigned i = 5;
1161 int r;
1162
1163 assert(user_name);
1164 assert(hr);
1165
1166 r = getenv_steal_erase("NEWPASSWORD", &envpw);
1167 if (r < 0)
1168 return log_error_errno(r, "Failed to acquire password from environment: %m");
1169 if (r > 0) {
1170 /* As above, this is not for use, just for testing */
1171
1172 r = user_record_set_password(hr, STRV_MAKE(envpw), /* prepend = */ true);
1173 if (r < 0)
1174 return log_error_errno(r, "Failed to store password: %m");
1175
1176 if (ret)
1177 *ret = TAKE_PTR(envpw);
1178
1179 return 0;
1180 }
1181
1182 if (suggest)
1183 (void) suggest_passwords();
1184
1185 for (;;) {
1186 _cleanup_(strv_free_erasep) char **first = NULL, **second = NULL;
1187 _cleanup_free_ char *question = NULL;
1188
1189 if (--i == 0)
1190 return log_error_errno(SYNTHETIC_ERRNO(ENOKEY), "Too many attempts, giving up:");
1191
1192 if (asprintf(&question, "Please enter new password for user %s:", user_name) < 0)
1193 return log_oom();
1194
1195 r = ask_password_auto(
1196 question,
1197 /* icon= */ "user-home",
1198 NULL,
1199 /* key_name= */ "home-password",
1200 /* credential_name= */ "home.new-password",
1201 USEC_INFINITY,
1202 0, /* no caching, we want to collect a new password here after all */
1203 &first);
1204 if (r < 0)
1205 return log_error_errno(r, "Failed to acquire password: %m");
1206
1207 question = mfree(question);
1208 if (asprintf(&question, "Please enter new password for user %s (repeat):", user_name) < 0)
1209 return log_oom();
1210
1211 r = ask_password_auto(
1212 question,
1213 /* icon= */ "user-home",
1214 NULL,
1215 /* key_name= */ "home-password",
1216 /* credential_name= */ "home.new-password",
1217 USEC_INFINITY,
1218 0, /* no caching */
1219 &second);
1220 if (r < 0)
1221 return log_error_errno(r, "Failed to acquire password: %m");
1222
1223 if (strv_equal(first, second)) {
1224 _cleanup_(erase_and_freep) char *copy = NULL;
1225
1226 if (ret) {
1227 copy = strdup(first[0]);
1228 if (!copy)
1229 return log_oom();
1230 }
1231
1232 r = user_record_set_password(hr, first, /* prepend = */ true);
1233 if (r < 0)
1234 return log_error_errno(r, "Failed to store password: %m");
1235
1236 if (ret)
1237 *ret = TAKE_PTR(copy);
1238
1239 return 0;
1240 }
1241
1242 log_error("Password didn't match, try again.");
1243 }
1244 }
1245
1246 static int create_home(int argc, char *argv[], void *userdata) {
1247 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
1248 _cleanup_(user_record_unrefp) UserRecord *hr = NULL;
1249 int r;
1250
1251 r = acquire_bus(&bus);
1252 if (r < 0)
1253 return r;
1254
1255 (void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
1256
1257 if (argc >= 2) {
1258 /* If a username was specified, use it */
1259
1260 if (valid_user_group_name(argv[1], 0))
1261 r = json_variant_set_field_string(&arg_identity_extra, "userName", argv[1]);
1262 else {
1263 _cleanup_free_ char *un = NULL, *rr = NULL;
1264
1265 /* Before we consider the user name invalid, let's check if we can split it? */
1266 r = split_user_name_realm(argv[1], &un, &rr);
1267 if (r < 0)
1268 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "User name '%s' is not valid: %m", argv[1]);
1269
1270 if (rr) {
1271 r = json_variant_set_field_string(&arg_identity_extra, "realm", rr);
1272 if (r < 0)
1273 return log_error_errno(r, "Failed to set realm field: %m");
1274 }
1275
1276 r = json_variant_set_field_string(&arg_identity_extra, "userName", un);
1277 }
1278 if (r < 0)
1279 return log_error_errno(r, "Failed to set userName field: %m");
1280 } else {
1281 /* If neither a username nor an identity have been specified we cannot operate. */
1282 if (!arg_identity)
1283 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "User name required.");
1284 }
1285
1286 r = acquire_new_home_record(&hr);
1287 if (r < 0)
1288 return r;
1289
1290 /* If the JSON record carries no plain text password (besides the recovery key), then let's query it
1291 * manually. */
1292 if (strv_length(hr->password) <= arg_recovery_key) {
1293
1294 if (strv_isempty(hr->hashed_password)) {
1295 _cleanup_(erase_and_freep) char *new_password = NULL;
1296
1297 /* No regular (i.e. non-PKCS#11) hashed passwords set in the record, let's fix that. */
1298 r = acquire_new_password(hr->user_name, hr, /* suggest = */ true, &new_password);
1299 if (r < 0)
1300 return r;
1301
1302 r = user_record_make_hashed_password(hr, STRV_MAKE(new_password), /* extend = */ false);
1303 if (r < 0)
1304 return log_error_errno(r, "Failed to hash password: %m");
1305 } else {
1306 /* There's a hash password set in the record, acquire the unhashed version of it. */
1307 r = acquire_existing_password(
1308 hr->user_name,
1309 hr,
1310 /* emphasize_current= */ false,
1311 ASK_PASSWORD_ACCEPT_CACHED | ASK_PASSWORD_PUSH_CACHE);
1312 if (r < 0)
1313 return r;
1314 }
1315 }
1316
1317 if (hr->enforce_password_policy == 0) {
1318 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1319
1320 /* If password quality enforcement is disabled, let's at least warn client side */
1321
1322 r = user_record_quality_check_password(hr, hr, &error);
1323 if (r < 0)
1324 log_warning_errno(r, "Specified password does not pass quality checks (%s), proceeding anyway.", bus_error_message(&error, r));
1325 }
1326
1327 for (;;) {
1328 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1329 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1330 _cleanup_(erase_and_freep) char *formatted = NULL;
1331
1332 r = json_variant_format(hr->json, 0, &formatted);
1333 if (r < 0)
1334 return log_error_errno(r, "Failed to format user record: %m");
1335
1336 r = bus_message_new_method_call(bus, &m, bus_mgr, "CreateHome");
1337 if (r < 0)
1338 return bus_log_create_error(r);
1339
1340 (void) sd_bus_message_sensitive(m);
1341
1342 r = sd_bus_message_append(m, "s", formatted);
1343 if (r < 0)
1344 return bus_log_create_error(r);
1345
1346 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
1347 if (r < 0) {
1348 if (sd_bus_error_has_name(&error, BUS_ERROR_LOW_PASSWORD_QUALITY)) {
1349 _cleanup_(erase_and_freep) char *new_password = NULL;
1350
1351 log_error_errno(r, "%s", bus_error_message(&error, r));
1352 log_info("(Use --enforce-password-policy=no to turn off password quality checks for this account.)");
1353
1354 r = acquire_new_password(hr->user_name, hr, /* suggest = */ false, &new_password);
1355 if (r < 0)
1356 return r;
1357
1358 r = user_record_make_hashed_password(hr, STRV_MAKE(new_password), /* extend = */ false);
1359 if (r < 0)
1360 return log_error_errno(r, "Failed to hash passwords: %m");
1361 } else {
1362 r = handle_generic_user_record_error(hr->user_name, hr, &error, r, false);
1363 if (r < 0)
1364 return r;
1365 }
1366 } else
1367 break; /* done */
1368 }
1369
1370 return 0;
1371 }
1372
1373 static int remove_home(int argc, char *argv[], void *userdata) {
1374 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
1375 int r, ret = 0;
1376
1377 r = acquire_bus(&bus);
1378 if (r < 0)
1379 return r;
1380
1381 (void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
1382
1383 STRV_FOREACH(i, strv_skip(argv, 1)) {
1384 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1385 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1386
1387 r = bus_message_new_method_call(bus, &m, bus_mgr, "RemoveHome");
1388 if (r < 0)
1389 return bus_log_create_error(r);
1390
1391 r = sd_bus_message_append(m, "s", *i);
1392 if (r < 0)
1393 return bus_log_create_error(r);
1394
1395 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
1396 if (r < 0) {
1397 log_error_errno(r, "Failed to remove home: %s", bus_error_message(&error, r));
1398 if (ret == 0)
1399 ret = r;
1400 }
1401 }
1402
1403 return ret;
1404 }
1405
1406 static int acquire_updated_home_record(
1407 sd_bus *bus,
1408 const char *username,
1409 UserRecord **ret) {
1410
1411 _cleanup_(json_variant_unrefp) JsonVariant *json = NULL;
1412 _cleanup_(user_record_unrefp) UserRecord *hr = NULL;
1413 int r;
1414
1415 assert(ret);
1416
1417 if (arg_identity) {
1418 unsigned line, column;
1419 JsonVariant *un;
1420
1421 r = json_parse_file(
1422 streq(arg_identity, "-") ? stdin : NULL,
1423 streq(arg_identity, "-") ? "<stdin>" : arg_identity, JSON_PARSE_SENSITIVE, &json, &line, &column);
1424 if (r < 0)
1425 return log_error_errno(r, "Failed to parse identity at %u:%u: %m", line, column);
1426
1427 un = json_variant_by_key(json, "userName");
1428 if (un) {
1429 if (!json_variant_is_string(un) || (username && !streq(json_variant_string(un), username)))
1430 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "User name specified on command line and in JSON record do not match.");
1431 } else {
1432 if (!username)
1433 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "No username specified.");
1434
1435 r = json_variant_set_field_string(&arg_identity_extra, "userName", username);
1436 if (r < 0)
1437 return log_error_errno(r, "Failed to set userName field: %m");
1438 }
1439
1440 } else {
1441 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1442 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1443 int incomplete;
1444 const char *text;
1445
1446 if (!identity_properties_specified())
1447 return log_error_errno(SYNTHETIC_ERRNO(EALREADY), "No field to change specified.");
1448
1449 r = bus_call_method(bus, bus_mgr, "GetUserRecordByName", &error, &reply, "s", username);
1450 if (r < 0)
1451 return log_error_errno(r, "Failed to acquire user home record: %s", bus_error_message(&error, r));
1452
1453 r = sd_bus_message_read(reply, "sbo", &text, &incomplete, NULL);
1454 if (r < 0)
1455 return bus_log_parse_error(r);
1456
1457 if (incomplete)
1458 return log_error_errno(SYNTHETIC_ERRNO(EACCES), "Lacking rights to acquire user record including privileged metadata, can't update record.");
1459
1460 r = json_parse(text, JSON_PARSE_SENSITIVE, &json, NULL, NULL);
1461 if (r < 0)
1462 return log_error_errno(r, "Failed to parse JSON identity: %m");
1463
1464 reply = sd_bus_message_unref(reply);
1465
1466 r = json_variant_filter(&json, STRV_MAKE("binding", "status", "signature"));
1467 if (r < 0)
1468 return log_error_errno(r, "Failed to strip binding and status from record to update: %m");
1469 }
1470
1471 r = apply_identity_changes(&json);
1472 if (r < 0)
1473 return r;
1474
1475 STRV_FOREACH(i, arg_pkcs11_token_uri) {
1476 r = identity_add_pkcs11_key_data(&json, *i);
1477 if (r < 0)
1478 return r;
1479 }
1480
1481 STRV_FOREACH(i, arg_fido2_device) {
1482 r = identity_add_fido2_parameters(&json, *i, arg_fido2_lock_with, arg_fido2_cred_alg);
1483 if (r < 0)
1484 return r;
1485 }
1486
1487 /* If the user supplied a full record, then add in lastChange, but do not override. Otherwise always
1488 * override. */
1489 r = update_last_change(&json, arg_pkcs11_token_uri || arg_fido2_device, !arg_identity);
1490 if (r < 0)
1491 return r;
1492
1493 if (DEBUG_LOGGING)
1494 json_variant_dump(json, JSON_FORMAT_PRETTY, NULL, NULL);
1495
1496 hr = user_record_new();
1497 if (!hr)
1498 return log_oom();
1499
1500 r = user_record_load(hr, json, USER_RECORD_REQUIRE_REGULAR|USER_RECORD_ALLOW_PRIVILEGED|USER_RECORD_ALLOW_PER_MACHINE|USER_RECORD_ALLOW_SECRET|USER_RECORD_ALLOW_SIGNATURE|USER_RECORD_LOG|USER_RECORD_PERMISSIVE);
1501 if (r < 0)
1502 return r;
1503
1504 *ret = TAKE_PTR(hr);
1505 return 0;
1506 }
1507
1508 static int home_record_reset_human_interaction_permission(UserRecord *hr) {
1509 int r;
1510
1511 assert(hr);
1512
1513 /* When we execute multiple operations one after the other, let's reset the permission to ask the
1514 * user each time, so that if interaction is necessary we will be told so again and thus can print a
1515 * nice message to the user, telling the user so. */
1516
1517 r = user_record_set_pkcs11_protected_authentication_path_permitted(hr, -1);
1518 if (r < 0)
1519 return log_error_errno(r, "Failed to reset PKCS#11 protected authentication path permission flag: %m");
1520
1521 r = user_record_set_fido2_user_presence_permitted(hr, -1);
1522 if (r < 0)
1523 return log_error_errno(r, "Failed to reset FIDO2 user presence permission flag: %m");
1524
1525 r = user_record_set_fido2_user_verification_permitted(hr, -1);
1526 if (r < 0)
1527 return log_error_errno(r, "Failed to reset FIDO2 user verification permission flag: %m");
1528
1529 return 0;
1530 }
1531
1532 static int update_home(int argc, char *argv[], void *userdata) {
1533 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
1534 _cleanup_(user_record_unrefp) UserRecord *hr = NULL, *secret = NULL;
1535 _cleanup_free_ char *buffer = NULL;
1536 const char *username;
1537 int r;
1538
1539 if (argc >= 2)
1540 username = argv[1];
1541 else if (!arg_identity) {
1542 buffer = getusername_malloc();
1543 if (!buffer)
1544 return log_oom();
1545
1546 username = buffer;
1547 } else
1548 username = NULL;
1549
1550 r = acquire_bus(&bus);
1551 if (r < 0)
1552 return r;
1553
1554 (void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
1555
1556 r = acquire_updated_home_record(bus, username, &hr);
1557 if (r < 0)
1558 return r;
1559
1560 /* Add in all secrets we can acquire cheaply */
1561 r = acquire_passed_secrets(username, &secret);
1562 if (r < 0)
1563 return r;
1564
1565 r = user_record_merge_secret(hr, secret);
1566 if (r < 0)
1567 return r;
1568
1569 /* If we do multiple operations, let's output things more verbosely, since otherwise the repeated
1570 * authentication might be confusing. */
1571
1572 if (arg_and_resize || arg_and_change_password)
1573 log_info("Updating home directory.");
1574
1575 for (;;) {
1576 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1577 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1578 _cleanup_free_ char *formatted = NULL;
1579
1580 r = bus_message_new_method_call(bus, &m, bus_mgr, "UpdateHome");
1581 if (r < 0)
1582 return bus_log_create_error(r);
1583
1584 r = json_variant_format(hr->json, 0, &formatted);
1585 if (r < 0)
1586 return log_error_errno(r, "Failed to format user record: %m");
1587
1588 (void) sd_bus_message_sensitive(m);
1589
1590 r = sd_bus_message_append(m, "s", formatted);
1591 if (r < 0)
1592 return bus_log_create_error(r);
1593
1594 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
1595 if (r < 0) {
1596 if (arg_and_change_password &&
1597 sd_bus_error_has_name(&error, BUS_ERROR_BAD_PASSWORD_AND_NO_TOKEN))
1598 /* In the generic handler we'd ask for a password in this case, but when
1599 * changing passwords that's not sufficient, as we need to acquire all keys
1600 * first. */
1601 return log_error_errno(r, "Security token not inserted, refusing.");
1602
1603 r = handle_generic_user_record_error(hr->user_name, hr, &error, r, false);
1604 if (r < 0)
1605 return r;
1606 } else
1607 break;
1608 }
1609
1610 if (arg_and_resize)
1611 log_info("Resizing home.");
1612
1613 (void) home_record_reset_human_interaction_permission(hr);
1614
1615 /* Also sync down disk size to underlying LUKS/fscrypt/quota */
1616 while (arg_and_resize) {
1617 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1618 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1619
1620 r = bus_message_new_method_call(bus, &m, bus_mgr, "ResizeHome");
1621 if (r < 0)
1622 return bus_log_create_error(r);
1623
1624 /* Specify UINT64_MAX as size, in which case the underlying disk size will just be synced */
1625 r = sd_bus_message_append(m, "st", hr->user_name, UINT64_MAX);
1626 if (r < 0)
1627 return bus_log_create_error(r);
1628
1629 r = bus_message_append_secret(m, hr);
1630 if (r < 0)
1631 return bus_log_create_error(r);
1632
1633 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
1634 if (r < 0) {
1635 if (arg_and_change_password &&
1636 sd_bus_error_has_name(&error, BUS_ERROR_BAD_PASSWORD_AND_NO_TOKEN))
1637 return log_error_errno(r, "Security token not inserted, refusing.");
1638
1639 r = handle_generic_user_record_error(hr->user_name, hr, &error, r, false);
1640 if (r < 0)
1641 return r;
1642 } else
1643 break;
1644 }
1645
1646 if (arg_and_change_password)
1647 log_info("Synchronizing passwords and encryption keys.");
1648
1649 (void) home_record_reset_human_interaction_permission(hr);
1650
1651 /* Also sync down passwords to underlying LUKS/fscrypt */
1652 while (arg_and_change_password) {
1653 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1654 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1655
1656 r = bus_message_new_method_call(bus, &m, bus_mgr, "ChangePasswordHome");
1657 if (r < 0)
1658 return bus_log_create_error(r);
1659
1660 /* Specify an empty new secret, in which case the underlying LUKS/fscrypt password will just be synced */
1661 r = sd_bus_message_append(m, "ss", hr->user_name, "{}");
1662 if (r < 0)
1663 return bus_log_create_error(r);
1664
1665 r = bus_message_append_secret(m, hr);
1666 if (r < 0)
1667 return bus_log_create_error(r);
1668
1669 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
1670 if (r < 0) {
1671 if (sd_bus_error_has_name(&error, BUS_ERROR_BAD_PASSWORD_AND_NO_TOKEN))
1672 return log_error_errno(r, "Security token not inserted, refusing.");
1673
1674 r = handle_generic_user_record_error(hr->user_name, hr, &error, r, false);
1675 if (r < 0)
1676 return r;
1677 } else
1678 break;
1679 }
1680
1681 return 0;
1682 }
1683
1684 static int passwd_home(int argc, char *argv[], void *userdata) {
1685 _cleanup_(user_record_unrefp) UserRecord *old_secret = NULL, *new_secret = NULL;
1686 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
1687 _cleanup_free_ char *buffer = NULL;
1688 const char *username;
1689 int r;
1690
1691 if (arg_pkcs11_token_uri)
1692 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
1693 "To change the PKCS#11 security token use 'homectl update --pkcs11-token-uri=%s'.",
1694 special_glyph(SPECIAL_GLYPH_ELLIPSIS));
1695 if (arg_fido2_device)
1696 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
1697 "To change the FIDO2 security token use 'homectl update --fido2-device=%s'.",
1698 special_glyph(SPECIAL_GLYPH_ELLIPSIS));
1699 if (identity_properties_specified())
1700 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "The 'passwd' verb does not permit changing other record properties at the same time.");
1701
1702 if (argc >= 2)
1703 username = argv[1];
1704 else {
1705 buffer = getusername_malloc();
1706 if (!buffer)
1707 return log_oom();
1708
1709 username = buffer;
1710 }
1711
1712 r = acquire_bus(&bus);
1713 if (r < 0)
1714 return r;
1715
1716 (void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
1717
1718 r = acquire_passed_secrets(username, &old_secret);
1719 if (r < 0)
1720 return r;
1721
1722 new_secret = user_record_new();
1723 if (!new_secret)
1724 return log_oom();
1725
1726 r = acquire_new_password(username, new_secret, /* suggest = */ true, NULL);
1727 if (r < 0)
1728 return r;
1729
1730 for (;;) {
1731 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1732 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1733
1734 r = bus_message_new_method_call(bus, &m, bus_mgr, "ChangePasswordHome");
1735 if (r < 0)
1736 return bus_log_create_error(r);
1737
1738 r = sd_bus_message_append(m, "s", username);
1739 if (r < 0)
1740 return bus_log_create_error(r);
1741
1742 r = bus_message_append_secret(m, new_secret);
1743 if (r < 0)
1744 return bus_log_create_error(r);
1745
1746 r = bus_message_append_secret(m, old_secret);
1747 if (r < 0)
1748 return bus_log_create_error(r);
1749
1750 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
1751 if (r < 0) {
1752 if (sd_bus_error_has_name(&error, BUS_ERROR_LOW_PASSWORD_QUALITY)) {
1753
1754 log_error_errno(r, "%s", bus_error_message(&error, r));
1755
1756 r = acquire_new_password(username, new_secret, /* suggest = */ false, NULL);
1757
1758 } else if (sd_bus_error_has_name(&error, BUS_ERROR_BAD_PASSWORD_AND_NO_TOKEN))
1759
1760 /* In the generic handler we'd ask for a password in this case, but when
1761 * changing passwords that's not sufficeint, as we need to acquire all keys
1762 * first. */
1763 return log_error_errno(r, "Security token not inserted, refusing.");
1764 else
1765 r = handle_generic_user_record_error(username, old_secret, &error, r, true);
1766 if (r < 0)
1767 return r;
1768 } else
1769 break;
1770 }
1771
1772 return 0;
1773 }
1774
1775 static int parse_disk_size(const char *t, uint64_t *ret) {
1776 int r;
1777
1778 assert(t);
1779 assert(ret);
1780
1781 if (streq(t, "min"))
1782 *ret = 0;
1783 else if (streq(t, "max"))
1784 *ret = UINT64_MAX-1; /* Largest size that isn't UINT64_MAX special marker */
1785 else {
1786 uint64_t ds;
1787
1788 r = parse_size(t, 1024, &ds);
1789 if (r < 0)
1790 return log_error_errno(r, "Failed to parse disk size parameter: %s", t);
1791
1792 if (ds >= UINT64_MAX) /* UINT64_MAX has special meaning for us ("dont change"), refuse */
1793 return log_error_errno(SYNTHETIC_ERRNO(ERANGE), "Disk size out of range: %s", t);
1794
1795 *ret = ds;
1796 }
1797
1798 return 0;
1799 }
1800
1801 static int parse_sector_size(const char *t, uint64_t *ret) {
1802 int r;
1803
1804 assert(t);
1805 assert(ret);
1806
1807 uint64_t ss;
1808
1809 r = safe_atou64(t, &ss);
1810 if (r < 0)
1811 return log_error_errno(r, "Failed to parse sector size parameter %s", t);
1812 if (ss < 512 || ss > 4096) /* Allow up to 4K due to dm-crypt support and 4K alignment by the homed LUKS backend */
1813 return log_error_errno(SYNTHETIC_ERRNO(ERANGE), "Sector size not between 512 and 4096: %s", t);
1814 if (!ISPOWEROF2(ss))
1815 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Sector size not power of 2: %s", t);
1816
1817 *ret = ss;
1818 return 0;
1819 }
1820
1821 static int resize_home(int argc, char *argv[], void *userdata) {
1822 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
1823 _cleanup_(user_record_unrefp) UserRecord *secret = NULL;
1824 uint64_t ds = UINT64_MAX;
1825 int r;
1826
1827 r = acquire_bus(&bus);
1828 if (r < 0)
1829 return r;
1830
1831 (void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
1832
1833 if (arg_disk_size_relative != UINT64_MAX ||
1834 (argc > 2 && parse_permyriad(argv[2]) >= 0))
1835 return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
1836 "Relative disk size specification currently not supported when resizing.");
1837
1838 if (argc > 2) {
1839 r = parse_disk_size(argv[2], &ds);
1840 if (r < 0)
1841 return r;
1842 }
1843
1844 if (arg_disk_size != UINT64_MAX) {
1845 if (ds != UINT64_MAX && ds != arg_disk_size)
1846 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Disk size specified twice and doesn't match, refusing.");
1847
1848 ds = arg_disk_size;
1849 }
1850
1851 r = acquire_passed_secrets(argv[1], &secret);
1852 if (r < 0)
1853 return r;
1854
1855 for (;;) {
1856 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1857 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1858
1859 r = bus_message_new_method_call(bus, &m, bus_mgr, "ResizeHome");
1860 if (r < 0)
1861 return bus_log_create_error(r);
1862
1863 r = sd_bus_message_append(m, "st", argv[1], ds);
1864 if (r < 0)
1865 return bus_log_create_error(r);
1866
1867 r = bus_message_append_secret(m, secret);
1868 if (r < 0)
1869 return bus_log_create_error(r);
1870
1871 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
1872 if (r < 0) {
1873 r = handle_generic_user_record_error(argv[1], secret, &error, r, false);
1874 if (r < 0)
1875 return r;
1876 } else
1877 break;
1878 }
1879
1880 return 0;
1881 }
1882
1883 static int lock_home(int argc, char *argv[], void *userdata) {
1884 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
1885 int r, ret = 0;
1886
1887 r = acquire_bus(&bus);
1888 if (r < 0)
1889 return r;
1890
1891 STRV_FOREACH(i, strv_skip(argv, 1)) {
1892 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1893 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1894
1895 r = bus_message_new_method_call(bus, &m, bus_mgr, "LockHome");
1896 if (r < 0)
1897 return bus_log_create_error(r);
1898
1899 r = sd_bus_message_append(m, "s", *i);
1900 if (r < 0)
1901 return bus_log_create_error(r);
1902
1903 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
1904 if (r < 0) {
1905 log_error_errno(r, "Failed to lock home: %s", bus_error_message(&error, r));
1906 if (ret == 0)
1907 ret = r;
1908 }
1909 }
1910
1911 return ret;
1912 }
1913
1914 static int unlock_home(int argc, char *argv[], void *userdata) {
1915 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
1916 int r, ret = 0;
1917
1918 r = acquire_bus(&bus);
1919 if (r < 0)
1920 return r;
1921
1922 STRV_FOREACH(i, strv_skip(argv, 1)) {
1923 _cleanup_(user_record_unrefp) UserRecord *secret = NULL;
1924
1925 r = acquire_passed_secrets(*i, &secret);
1926 if (r < 0)
1927 return r;
1928
1929 for (;;) {
1930 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1931 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1932
1933 r = bus_message_new_method_call(bus, &m, bus_mgr, "UnlockHome");
1934 if (r < 0)
1935 return bus_log_create_error(r);
1936
1937 r = sd_bus_message_append(m, "s", *i);
1938 if (r < 0)
1939 return bus_log_create_error(r);
1940
1941 r = bus_message_append_secret(m, secret);
1942 if (r < 0)
1943 return bus_log_create_error(r);
1944
1945 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
1946 if (r < 0) {
1947 r = handle_generic_user_record_error(argv[1], secret, &error, r, false);
1948 if (r < 0) {
1949 if (ret == 0)
1950 ret = r;
1951
1952 break;
1953 }
1954 } else
1955 break;
1956 }
1957 }
1958
1959 return ret;
1960 }
1961
1962 static int with_home(int argc, char *argv[], void *userdata) {
1963 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1964 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL;
1965 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
1966 _cleanup_(user_record_unrefp) UserRecord *secret = NULL;
1967 _cleanup_close_ int acquired_fd = -1;
1968 _cleanup_strv_free_ char **cmdline = NULL;
1969 const char *home;
1970 int r, ret;
1971 pid_t pid;
1972
1973 r = acquire_bus(&bus);
1974 if (r < 0)
1975 return r;
1976
1977 if (argc < 3) {
1978 _cleanup_free_ char *shell = NULL;
1979
1980 /* If no command is specified, spawn a shell */
1981 r = get_shell(&shell);
1982 if (r < 0)
1983 return log_error_errno(r, "Failed to acquire shell: %m");
1984
1985 cmdline = strv_new(shell);
1986 } else
1987 cmdline = strv_copy(argv + 2);
1988 if (!cmdline)
1989 return log_oom();
1990
1991 r = acquire_passed_secrets(argv[1], &secret);
1992 if (r < 0)
1993 return r;
1994
1995 for (;;) {
1996 r = bus_message_new_method_call(bus, &m, bus_mgr, "AcquireHome");
1997 if (r < 0)
1998 return bus_log_create_error(r);
1999
2000 r = sd_bus_message_append(m, "s", argv[1]);
2001 if (r < 0)
2002 return bus_log_create_error(r);
2003
2004 r = bus_message_append_secret(m, secret);
2005 if (r < 0)
2006 return bus_log_create_error(r);
2007
2008 r = sd_bus_message_append(m, "b", /* please_suspend = */ getenv_bool("SYSTEMD_PLEASE_SUSPEND_HOME") > 0);
2009 if (r < 0)
2010 return bus_log_create_error(r);
2011
2012 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, &reply);
2013 m = sd_bus_message_unref(m);
2014 if (r < 0) {
2015 r = handle_generic_user_record_error(argv[1], secret, &error, r, false);
2016 if (r < 0)
2017 return r;
2018
2019 sd_bus_error_free(&error);
2020 } else {
2021 int fd;
2022
2023 r = sd_bus_message_read(reply, "h", &fd);
2024 if (r < 0)
2025 return bus_log_parse_error(r);
2026
2027 acquired_fd = fcntl(fd, F_DUPFD_CLOEXEC, 3);
2028 if (acquired_fd < 0)
2029 return log_error_errno(errno, "Failed to duplicate acquired fd: %m");
2030
2031 reply = sd_bus_message_unref(reply);
2032 break;
2033 }
2034 }
2035
2036 r = bus_call_method(bus, bus_mgr, "GetHomeByName", &error, &reply, "s", argv[1]);
2037 if (r < 0)
2038 return log_error_errno(r, "Failed to inspect home: %s", bus_error_message(&error, r));
2039
2040 r = sd_bus_message_read(reply, "usussso", NULL, NULL, NULL, NULL, &home, NULL, NULL);
2041 if (r < 0)
2042 return bus_log_parse_error(r);
2043
2044 r = safe_fork("(with)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE|FORK_REOPEN_LOG, &pid);
2045 if (r < 0)
2046 return r;
2047 if (r == 0) {
2048 if (chdir(home) < 0) {
2049 log_error_errno(errno, "Failed to change to directory %s: %m", home);
2050 _exit(255);
2051 }
2052
2053 execvp(cmdline[0], cmdline);
2054 log_error_errno(errno, "Failed to execute %s: %m", cmdline[0]);
2055 _exit(255);
2056 }
2057
2058 ret = wait_for_terminate_and_check(cmdline[0], pid, WAIT_LOG_ABNORMAL);
2059
2060 /* Close the fd that pings the home now. */
2061 acquired_fd = safe_close(acquired_fd);
2062
2063 r = bus_message_new_method_call(bus, &m, bus_mgr, "ReleaseHome");
2064 if (r < 0)
2065 return bus_log_create_error(r);
2066
2067 r = sd_bus_message_append(m, "s", argv[1]);
2068 if (r < 0)
2069 return bus_log_create_error(r);
2070
2071 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
2072 if (r < 0) {
2073 if (sd_bus_error_has_name(&error, BUS_ERROR_HOME_BUSY))
2074 log_notice("Not deactivating home directory of %s, as it is still used.", argv[1]);
2075 else
2076 return log_error_errno(r, "Failed to release user home: %s", bus_error_message(&error, r));
2077 }
2078
2079 return ret;
2080 }
2081
2082 static int lock_all_homes(int argc, char *argv[], void *userdata) {
2083 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2084 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
2085 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
2086 int r;
2087
2088 r = acquire_bus(&bus);
2089 if (r < 0)
2090 return r;
2091
2092 r = bus_message_new_method_call(bus, &m, bus_mgr, "LockAllHomes");
2093 if (r < 0)
2094 return bus_log_create_error(r);
2095
2096 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
2097 if (r < 0)
2098 return log_error_errno(r, "Failed to lock all homes: %s", bus_error_message(&error, r));
2099
2100 return 0;
2101 }
2102
2103 static int deactivate_all_homes(int argc, char *argv[], void *userdata) {
2104 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2105 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
2106 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
2107 int r;
2108
2109 r = acquire_bus(&bus);
2110 if (r < 0)
2111 return r;
2112
2113 r = bus_message_new_method_call(bus, &m, bus_mgr, "DeactivateAllHomes");
2114 if (r < 0)
2115 return bus_log_create_error(r);
2116
2117 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
2118 if (r < 0)
2119 return log_error_errno(r, "Failed to deactivate all homes: %s", bus_error_message(&error, r));
2120
2121 return 0;
2122 }
2123
2124 static int rebalance(int argc, char *argv[], void *userdata) {
2125 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2126 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
2127 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
2128 int r;
2129
2130 r = acquire_bus(&bus);
2131 if (r < 0)
2132 return r;
2133
2134 r = bus_message_new_method_call(bus, &m, bus_mgr, "Rebalance");
2135 if (r < 0)
2136 return bus_log_create_error(r);
2137
2138 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
2139 if (r < 0) {
2140 if (sd_bus_error_has_name(&error, BUS_ERROR_REBALANCE_NOT_NEEDED))
2141 log_info("No homes needed rebalancing.");
2142 else
2143 return log_error_errno(r, "Failed to rebalance: %s", bus_error_message(&error, r));
2144 } else
2145 log_info("Completed rebalancing.");
2146
2147 return 0;
2148 }
2149
2150 static int drop_from_identity(const char *field) {
2151 int r;
2152
2153 assert(field);
2154
2155 /* If we are called to update an identity record and drop some field, let's keep track of what to
2156 * remove from the old record */
2157 r = strv_extend(&arg_identity_filter, field);
2158 if (r < 0)
2159 return log_oom();
2160
2161 /* Let's also drop the field if it was previously set to a new value on the same command line */
2162 r = json_variant_filter(&arg_identity_extra, STRV_MAKE(field));
2163 if (r < 0)
2164 return log_error_errno(r, "Failed to filter JSON identity data: %m");
2165
2166 r = json_variant_filter(&arg_identity_extra_this_machine, STRV_MAKE(field));
2167 if (r < 0)
2168 return log_error_errno(r, "Failed to filter JSON identity data: %m");
2169
2170 r = json_variant_filter(&arg_identity_extra_privileged, STRV_MAKE(field));
2171 if (r < 0)
2172 return log_error_errno(r, "Failed to filter JSON identity data: %m");
2173
2174 return 0;
2175 }
2176
2177 static int help(int argc, char *argv[], void *userdata) {
2178 _cleanup_free_ char *link = NULL;
2179 int r;
2180
2181 pager_open(arg_pager_flags);
2182
2183 r = terminal_urlify_man("homectl", "1", &link);
2184 if (r < 0)
2185 return log_oom();
2186
2187 printf("%1$s [OPTIONS...] COMMAND ...\n\n"
2188 "%2$sCreate, manipulate or inspect home directories.%3$s\n"
2189 "\n%4$sCommands:%5$s\n"
2190 " list List home areas\n"
2191 " activate USER… Activate a home area\n"
2192 " deactivate USER… Deactivate a home area\n"
2193 " inspect USER… Inspect a home area\n"
2194 " authenticate USER… Authenticate a home area\n"
2195 " create USER Create a home area\n"
2196 " remove USER… Remove a home area\n"
2197 " update USER Update a home area\n"
2198 " passwd USER Change password of a home area\n"
2199 " resize USER SIZE Resize a home area\n"
2200 " lock USER… Temporarily lock an active home area\n"
2201 " unlock USER… Unlock a temporarily locked home area\n"
2202 " lock-all Lock all suitable home areas\n"
2203 " deactivate-all Deactivate all active home areas\n"
2204 " rebalance Rebalance free space between home areas\n"
2205 " with USER [COMMAND…] Run shell or command with access to a home area\n"
2206 "\n%4$sOptions:%5$s\n"
2207 " -h --help Show this help\n"
2208 " --version Show package version\n"
2209 " --no-pager Do not pipe output into a pager\n"
2210 " --no-legend Do not show the headers and footers\n"
2211 " --no-ask-password Do not ask for system passwords\n"
2212 " -H --host=[USER@]HOST Operate on remote host\n"
2213 " -M --machine=CONTAINER Operate on local container\n"
2214 " --identity=PATH Read JSON identity from file\n"
2215 " --json=FORMAT Output inspection data in JSON (takes one of\n"
2216 " pretty, short, off)\n"
2217 " -j Equivalent to --json=pretty (on TTY) or\n"
2218 " --json=short (otherwise)\n"
2219 " --export-format= Strip JSON inspection data (full, stripped,\n"
2220 " minimal)\n"
2221 " -E When specified once equals -j --export-format=\n"
2222 " stripped, when specified twice equals\n"
2223 " -j --export-format=minimal\n"
2224 "\n%4$sGeneral User Record Properties:%5$s\n"
2225 " -c --real-name=REALNAME Real name for user\n"
2226 " --realm=REALM Realm to create user in\n"
2227 " --email-address=EMAIL Email address for user\n"
2228 " --location=LOCATION Set location of user on earth\n"
2229 " --icon-name=NAME Icon name for user\n"
2230 " -d --home-dir=PATH Home directory\n"
2231 " -u --uid=UID Numeric UID for user\n"
2232 " -G --member-of=GROUP Add user to group\n"
2233 " --skel=PATH Skeleton directory to use\n"
2234 " --shell=PATH Shell for account\n"
2235 " --setenv=VARIABLE[=VALUE] Set an environment variable at log-in\n"
2236 " --timezone=TIMEZONE Set a time-zone\n"
2237 " --language=LOCALE Set preferred language\n"
2238 " --ssh-authorized-keys=KEYS\n"
2239 " Specify SSH public keys\n"
2240 " --pkcs11-token-uri=URI URI to PKCS#11 security token containing\n"
2241 " private key and matching X.509 certificate\n"
2242 " --fido2-device=PATH Path to FIDO2 hidraw device with hmac-secret\n"
2243 " extension\n"
2244 " --fido2-with-client-pin=BOOL\n"
2245 " Whether to require entering a PIN to unlock the\n"
2246 " account\n"
2247 " --fido2-with-user-presence=BOOL\n"
2248 " Whether to require user presence to unlock the\n"
2249 " account\n"
2250 " --fido2-with-user-verification=BOOL\n"
2251 " Whether to require user verification to unlock\n"
2252 " the account\n"
2253 " --recovery-key=BOOL Add a recovery key\n"
2254 "\n%4$sAccount Management User Record Properties:%5$s\n"
2255 " --locked=BOOL Set locked account state\n"
2256 " --not-before=TIMESTAMP Do not allow logins before\n"
2257 " --not-after=TIMESTAMP Do not allow logins after\n"
2258 " --rate-limit-interval=SECS\n"
2259 " Login rate-limit interval in seconds\n"
2260 " --rate-limit-burst=NUMBER\n"
2261 " Login rate-limit attempts per interval\n"
2262 "\n%4$sPassword Policy User Record Properties:%5$s\n"
2263 " --password-hint=HINT Set Password hint\n"
2264 " --enforce-password-policy=BOOL\n"
2265 " Control whether to enforce system's password\n"
2266 " policy for this user\n"
2267 " -P Same as --enforce-password-password=no\n"
2268 " --password-change-now=BOOL\n"
2269 " Require the password to be changed on next login\n"
2270 " --password-change-min=TIME\n"
2271 " Require minimum time between password changes\n"
2272 " --password-change-max=TIME\n"
2273 " Require maximum time between password changes\n"
2274 " --password-change-warn=TIME\n"
2275 " How much time to warn before password expiry\n"
2276 " --password-change-inactive=TIME\n"
2277 " How much time to block password after expiry\n"
2278 "\n%4$sResource Management User Record Properties:%5$s\n"
2279 " --disk-size=BYTES Size to assign the user on disk\n"
2280 " --access-mode=MODE User home directory access mode\n"
2281 " --umask=MODE Umask for user when logging in\n"
2282 " --nice=NICE Nice level for user\n"
2283 " --rlimit=LIMIT=VALUE[:VALUE]\n"
2284 " Set resource limits\n"
2285 " --tasks-max=MAX Set maximum number of per-user tasks\n"
2286 " --memory-high=BYTES Set high memory threshold in bytes\n"
2287 " --memory-max=BYTES Set maximum memory limit\n"
2288 " --cpu-weight=WEIGHT Set CPU weight\n"
2289 " --io-weight=WEIGHT Set IO weight\n"
2290 "\n%4$sStorage User Record Properties:%5$s\n"
2291 " --storage=STORAGE Storage type to use (luks, fscrypt, directory,\n"
2292 " subvolume, cifs)\n"
2293 " --image-path=PATH Path to image file/directory\n"
2294 " --drop-caches=BOOL Whether to automatically drop caches on logout\n"
2295 "\n%4$sLUKS Storage User Record Properties:%5$s\n"
2296 " --fs-type=TYPE File system type to use in case of luks\n"
2297 " storage (btrfs, ext4, xfs)\n"
2298 " --luks-discard=BOOL Whether to use 'discard' feature of file system\n"
2299 " when activated (mounted)\n"
2300 " --luks-offline-discard=BOOL\n"
2301 " Whether to trim file on logout\n"
2302 " --luks-cipher=CIPHER Cipher to use for LUKS encryption\n"
2303 " --luks-cipher-mode=MODE Cipher mode to use for LUKS encryption\n"
2304 " --luks-volume-key-size=BITS\n"
2305 " Volume key size to use for LUKS encryption\n"
2306 " --luks-pbkdf-type=TYPE Password-based Key Derivation Function to use\n"
2307 " --luks-pbkdf-hash-algorithm=ALGORITHM\n"
2308 " PBKDF hash algorithm to use\n"
2309 " --luks-pbkdf-time-cost=SECS\n"
2310 " Time cost for PBKDF in seconds\n"
2311 " --luks-pbkdf-memory-cost=BYTES\n"
2312 " Memory cost for PBKDF in bytes\n"
2313 " --luks-pbkdf-parallel-threads=NUMBER\n"
2314 " Number of parallel threads for PKBDF\n"
2315 " --luks-sector-size=BYTES\n"
2316 " Sector size for LUKS encryption in bytes\n"
2317 " --luks-extra-mount-options=OPTIONS\n"
2318 " LUKS extra mount options\n"
2319 " --auto-resize-mode=MODE Automatically grow/shrink home on login/logout\n"
2320 " --rebalance-weight=WEIGHT Weight while rebalancing\n"
2321 "\n%4$sMounting User Record Properties:%5$s\n"
2322 " --nosuid=BOOL Control the 'nosuid' flag of the home mount\n"
2323 " --nodev=BOOL Control the 'nodev' flag of the home mount\n"
2324 " --noexec=BOOL Control the 'noexec' flag of the home mount\n"
2325 "\n%4$sCIFS User Record Properties:%5$s\n"
2326 " --cifs-domain=DOMAIN CIFS (Windows) domain\n"
2327 " --cifs-user-name=USER CIFS (Windows) user name\n"
2328 " --cifs-service=SERVICE CIFS (Windows) service to mount as home area\n"
2329 " --cifs-extra-mount-options=OPTIONS\n"
2330 " CIFS (Windows) extra mount options\n"
2331 "\n%4$sLogin Behaviour User Record Properties:%5$s\n"
2332 " --stop-delay=SECS How long to leave user services running after\n"
2333 " logout\n"
2334 " --kill-processes=BOOL Whether to kill user processes when sessions\n"
2335 " terminate\n"
2336 " --auto-login=BOOL Try to log this user in automatically\n"
2337 "\nSee the %6$s for details.\n",
2338 program_invocation_short_name,
2339 ansi_highlight(),
2340 ansi_normal(),
2341 ansi_underline(),
2342 ansi_normal(),
2343 link);
2344
2345 return 0;
2346 }
2347
2348 static int parse_argv(int argc, char *argv[]) {
2349
2350 enum {
2351 ARG_VERSION = 0x100,
2352 ARG_NO_PAGER,
2353 ARG_NO_LEGEND,
2354 ARG_NO_ASK_PASSWORD,
2355 ARG_REALM,
2356 ARG_EMAIL_ADDRESS,
2357 ARG_DISK_SIZE,
2358 ARG_ACCESS_MODE,
2359 ARG_STORAGE,
2360 ARG_FS_TYPE,
2361 ARG_IMAGE_PATH,
2362 ARG_UMASK,
2363 ARG_LUKS_DISCARD,
2364 ARG_LUKS_OFFLINE_DISCARD,
2365 ARG_JSON,
2366 ARG_SETENV,
2367 ARG_TIMEZONE,
2368 ARG_LANGUAGE,
2369 ARG_LOCKED,
2370 ARG_SSH_AUTHORIZED_KEYS,
2371 ARG_LOCATION,
2372 ARG_ICON_NAME,
2373 ARG_PASSWORD_HINT,
2374 ARG_NICE,
2375 ARG_RLIMIT,
2376 ARG_NOT_BEFORE,
2377 ARG_NOT_AFTER,
2378 ARG_LUKS_CIPHER,
2379 ARG_LUKS_CIPHER_MODE,
2380 ARG_LUKS_VOLUME_KEY_SIZE,
2381 ARG_NOSUID,
2382 ARG_NODEV,
2383 ARG_NOEXEC,
2384 ARG_CIFS_DOMAIN,
2385 ARG_CIFS_USER_NAME,
2386 ARG_CIFS_SERVICE,
2387 ARG_CIFS_EXTRA_MOUNT_OPTIONS,
2388 ARG_TASKS_MAX,
2389 ARG_MEMORY_HIGH,
2390 ARG_MEMORY_MAX,
2391 ARG_CPU_WEIGHT,
2392 ARG_IO_WEIGHT,
2393 ARG_LUKS_PBKDF_TYPE,
2394 ARG_LUKS_PBKDF_HASH_ALGORITHM,
2395 ARG_LUKS_PBKDF_FORCE_ITERATIONS,
2396 ARG_LUKS_PBKDF_TIME_COST,
2397 ARG_LUKS_PBKDF_MEMORY_COST,
2398 ARG_LUKS_PBKDF_PARALLEL_THREADS,
2399 ARG_LUKS_SECTOR_SIZE,
2400 ARG_RATE_LIMIT_INTERVAL,
2401 ARG_RATE_LIMIT_BURST,
2402 ARG_STOP_DELAY,
2403 ARG_KILL_PROCESSES,
2404 ARG_ENFORCE_PASSWORD_POLICY,
2405 ARG_PASSWORD_CHANGE_NOW,
2406 ARG_PASSWORD_CHANGE_MIN,
2407 ARG_PASSWORD_CHANGE_MAX,
2408 ARG_PASSWORD_CHANGE_WARN,
2409 ARG_PASSWORD_CHANGE_INACTIVE,
2410 ARG_EXPORT_FORMAT,
2411 ARG_AUTO_LOGIN,
2412 ARG_PKCS11_TOKEN_URI,
2413 ARG_FIDO2_DEVICE,
2414 ARG_FIDO2_WITH_PIN,
2415 ARG_FIDO2_WITH_UP,
2416 ARG_FIDO2_WITH_UV,
2417 ARG_RECOVERY_KEY,
2418 ARG_AND_RESIZE,
2419 ARG_AND_CHANGE_PASSWORD,
2420 ARG_DROP_CACHES,
2421 ARG_LUKS_EXTRA_MOUNT_OPTIONS,
2422 ARG_AUTO_RESIZE_MODE,
2423 ARG_REBALANCE_WEIGHT,
2424 ARG_FIDO2_CRED_ALG,
2425 };
2426
2427 static const struct option options[] = {
2428 { "help", no_argument, NULL, 'h' },
2429 { "version", no_argument, NULL, ARG_VERSION },
2430 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
2431 { "no-legend", no_argument, NULL, ARG_NO_LEGEND },
2432 { "no-ask-password", no_argument, NULL, ARG_NO_ASK_PASSWORD },
2433 { "host", required_argument, NULL, 'H' },
2434 { "machine", required_argument, NULL, 'M' },
2435 { "identity", required_argument, NULL, 'I' },
2436 { "real-name", required_argument, NULL, 'c' },
2437 { "comment", required_argument, NULL, 'c' }, /* Compat alias to keep thing in sync with useradd(8) */
2438 { "realm", required_argument, NULL, ARG_REALM },
2439 { "email-address", required_argument, NULL, ARG_EMAIL_ADDRESS },
2440 { "location", required_argument, NULL, ARG_LOCATION },
2441 { "password-hint", required_argument, NULL, ARG_PASSWORD_HINT },
2442 { "icon-name", required_argument, NULL, ARG_ICON_NAME },
2443 { "home-dir", required_argument, NULL, 'd' }, /* Compatible with useradd(8) */
2444 { "uid", required_argument, NULL, 'u' }, /* Compatible with useradd(8) */
2445 { "member-of", required_argument, NULL, 'G' },
2446 { "groups", required_argument, NULL, 'G' }, /* Compat alias to keep thing in sync with useradd(8) */
2447 { "skel", required_argument, NULL, 'k' }, /* Compatible with useradd(8) */
2448 { "shell", required_argument, NULL, 's' }, /* Compatible with useradd(8) */
2449 { "setenv", required_argument, NULL, ARG_SETENV },
2450 { "timezone", required_argument, NULL, ARG_TIMEZONE },
2451 { "language", required_argument, NULL, ARG_LANGUAGE },
2452 { "locked", required_argument, NULL, ARG_LOCKED },
2453 { "not-before", required_argument, NULL, ARG_NOT_BEFORE },
2454 { "not-after", required_argument, NULL, ARG_NOT_AFTER },
2455 { "expiredate", required_argument, NULL, 'e' }, /* Compat alias to keep thing in sync with useradd(8) */
2456 { "ssh-authorized-keys", required_argument, NULL, ARG_SSH_AUTHORIZED_KEYS },
2457 { "disk-size", required_argument, NULL, ARG_DISK_SIZE },
2458 { "access-mode", required_argument, NULL, ARG_ACCESS_MODE },
2459 { "umask", required_argument, NULL, ARG_UMASK },
2460 { "nice", required_argument, NULL, ARG_NICE },
2461 { "rlimit", required_argument, NULL, ARG_RLIMIT },
2462 { "tasks-max", required_argument, NULL, ARG_TASKS_MAX },
2463 { "memory-high", required_argument, NULL, ARG_MEMORY_HIGH },
2464 { "memory-max", required_argument, NULL, ARG_MEMORY_MAX },
2465 { "cpu-weight", required_argument, NULL, ARG_CPU_WEIGHT },
2466 { "io-weight", required_argument, NULL, ARG_IO_WEIGHT },
2467 { "storage", required_argument, NULL, ARG_STORAGE },
2468 { "image-path", required_argument, NULL, ARG_IMAGE_PATH },
2469 { "fs-type", required_argument, NULL, ARG_FS_TYPE },
2470 { "luks-discard", required_argument, NULL, ARG_LUKS_DISCARD },
2471 { "luks-offline-discard", required_argument, NULL, ARG_LUKS_OFFLINE_DISCARD },
2472 { "luks-cipher", required_argument, NULL, ARG_LUKS_CIPHER },
2473 { "luks-cipher-mode", required_argument, NULL, ARG_LUKS_CIPHER_MODE },
2474 { "luks-volume-key-size", required_argument, NULL, ARG_LUKS_VOLUME_KEY_SIZE },
2475 { "luks-pbkdf-type", required_argument, NULL, ARG_LUKS_PBKDF_TYPE },
2476 { "luks-pbkdf-hash-algorithm", required_argument, NULL, ARG_LUKS_PBKDF_HASH_ALGORITHM },
2477 { "luks-pbkdf-force-iterations", required_argument, NULL, ARG_LUKS_PBKDF_FORCE_ITERATIONS },
2478 { "luks-pbkdf-time-cost", required_argument, NULL, ARG_LUKS_PBKDF_TIME_COST },
2479 { "luks-pbkdf-memory-cost", required_argument, NULL, ARG_LUKS_PBKDF_MEMORY_COST },
2480 { "luks-pbkdf-parallel-threads", required_argument, NULL, ARG_LUKS_PBKDF_PARALLEL_THREADS },
2481 { "luks-sector-size", required_argument, NULL, ARG_LUKS_SECTOR_SIZE },
2482 { "nosuid", required_argument, NULL, ARG_NOSUID },
2483 { "nodev", required_argument, NULL, ARG_NODEV },
2484 { "noexec", required_argument, NULL, ARG_NOEXEC },
2485 { "cifs-user-name", required_argument, NULL, ARG_CIFS_USER_NAME },
2486 { "cifs-domain", required_argument, NULL, ARG_CIFS_DOMAIN },
2487 { "cifs-service", required_argument, NULL, ARG_CIFS_SERVICE },
2488 { "cifs-extra-mount-options", required_argument, NULL, ARG_CIFS_EXTRA_MOUNT_OPTIONS },
2489 { "rate-limit-interval", required_argument, NULL, ARG_RATE_LIMIT_INTERVAL },
2490 { "rate-limit-burst", required_argument, NULL, ARG_RATE_LIMIT_BURST },
2491 { "stop-delay", required_argument, NULL, ARG_STOP_DELAY },
2492 { "kill-processes", required_argument, NULL, ARG_KILL_PROCESSES },
2493 { "enforce-password-policy", required_argument, NULL, ARG_ENFORCE_PASSWORD_POLICY },
2494 { "password-change-now", required_argument, NULL, ARG_PASSWORD_CHANGE_NOW },
2495 { "password-change-min", required_argument, NULL, ARG_PASSWORD_CHANGE_MIN },
2496 { "password-change-max", required_argument, NULL, ARG_PASSWORD_CHANGE_MAX },
2497 { "password-change-warn", required_argument, NULL, ARG_PASSWORD_CHANGE_WARN },
2498 { "password-change-inactive", required_argument, NULL, ARG_PASSWORD_CHANGE_INACTIVE },
2499 { "auto-login", required_argument, NULL, ARG_AUTO_LOGIN },
2500 { "json", required_argument, NULL, ARG_JSON },
2501 { "export-format", required_argument, NULL, ARG_EXPORT_FORMAT },
2502 { "pkcs11-token-uri", required_argument, NULL, ARG_PKCS11_TOKEN_URI },
2503 { "fido2-credential-algorithm", required_argument, NULL, ARG_FIDO2_CRED_ALG },
2504 { "fido2-device", required_argument, NULL, ARG_FIDO2_DEVICE },
2505 { "fido2-with-client-pin", required_argument, NULL, ARG_FIDO2_WITH_PIN },
2506 { "fido2-with-user-presence", required_argument, NULL, ARG_FIDO2_WITH_UP },
2507 { "fido2-with-user-verification",required_argument, NULL, ARG_FIDO2_WITH_UV },
2508 { "recovery-key", required_argument, NULL, ARG_RECOVERY_KEY },
2509 { "and-resize", required_argument, NULL, ARG_AND_RESIZE },
2510 { "and-change-password", required_argument, NULL, ARG_AND_CHANGE_PASSWORD },
2511 { "drop-caches", required_argument, NULL, ARG_DROP_CACHES },
2512 { "luks-extra-mount-options", required_argument, NULL, ARG_LUKS_EXTRA_MOUNT_OPTIONS },
2513 { "auto-resize-mode", required_argument, NULL, ARG_AUTO_RESIZE_MODE },
2514 { "rebalance-weight", required_argument, NULL, ARG_REBALANCE_WEIGHT },
2515 {}
2516 };
2517
2518 int r;
2519
2520 assert(argc >= 0);
2521 assert(argv);
2522
2523 for (;;) {
2524 int c;
2525
2526 c = getopt_long(argc, argv, "hH:M:I:c:d:u:k:s:e:G:jPE", options, NULL);
2527 if (c < 0)
2528 break;
2529
2530 switch (c) {
2531
2532 case 'h':
2533 return help(0, NULL, NULL);
2534
2535 case ARG_VERSION:
2536 return version();
2537
2538 case ARG_NO_PAGER:
2539 arg_pager_flags |= PAGER_DISABLE;
2540 break;
2541
2542 case ARG_NO_LEGEND:
2543 arg_legend = false;
2544 break;
2545
2546 case ARG_NO_ASK_PASSWORD:
2547 arg_ask_password = false;
2548 break;
2549
2550 case 'H':
2551 arg_transport = BUS_TRANSPORT_REMOTE;
2552 arg_host = optarg;
2553 break;
2554
2555 case 'M':
2556 arg_transport = BUS_TRANSPORT_MACHINE;
2557 arg_host = optarg;
2558 break;
2559
2560 case 'I':
2561 arg_identity = optarg;
2562 break;
2563
2564 case 'c':
2565 if (isempty(optarg)) {
2566 r = drop_from_identity("realName");
2567 if (r < 0)
2568 return r;
2569
2570 break;
2571 }
2572
2573 if (!valid_gecos(optarg))
2574 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Real name '%s' not a valid GECOS field.", optarg);
2575
2576 r = json_variant_set_field_string(&arg_identity_extra, "realName", optarg);
2577 if (r < 0)
2578 return log_error_errno(r, "Failed to set realName field: %m");
2579
2580 break;
2581
2582 case 'd': {
2583 _cleanup_free_ char *hd = NULL;
2584
2585 if (isempty(optarg)) {
2586 r = drop_from_identity("homeDirectory");
2587 if (r < 0)
2588 return r;
2589
2590 break;
2591 }
2592
2593 r = parse_path_argument(optarg, false, &hd);
2594 if (r < 0)
2595 return r;
2596
2597 if (!valid_home(hd))
2598 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Home directory '%s' not valid.", hd);
2599
2600 r = json_variant_set_field_string(&arg_identity_extra, "homeDirectory", hd);
2601 if (r < 0)
2602 return log_error_errno(r, "Failed to set homeDirectory field: %m");
2603
2604 break;
2605 }
2606
2607 case ARG_REALM:
2608 if (isempty(optarg)) {
2609 r = drop_from_identity("realm");
2610 if (r < 0)
2611 return r;
2612
2613 break;
2614 }
2615
2616 r = dns_name_is_valid(optarg);
2617 if (r < 0)
2618 return log_error_errno(r, "Failed to determine whether realm '%s' is a valid DNS domain: %m", optarg);
2619 if (r == 0)
2620 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Realm '%s' is not a valid DNS domain: %m", optarg);
2621
2622 r = json_variant_set_field_string(&arg_identity_extra, "realm", optarg);
2623 if (r < 0)
2624 return log_error_errno(r, "Failed to set realm field: %m");
2625 break;
2626
2627 case ARG_EMAIL_ADDRESS:
2628 case ARG_LOCATION:
2629 case ARG_ICON_NAME:
2630 case ARG_CIFS_USER_NAME:
2631 case ARG_CIFS_DOMAIN:
2632 case ARG_CIFS_EXTRA_MOUNT_OPTIONS:
2633 case ARG_LUKS_EXTRA_MOUNT_OPTIONS: {
2634
2635 const char *field =
2636 c == ARG_EMAIL_ADDRESS ? "emailAddress" :
2637 c == ARG_LOCATION ? "location" :
2638 c == ARG_ICON_NAME ? "iconName" :
2639 c == ARG_CIFS_USER_NAME ? "cifsUserName" :
2640 c == ARG_CIFS_DOMAIN ? "cifsDomain" :
2641 c == ARG_CIFS_EXTRA_MOUNT_OPTIONS ? "cifsExtraMountOptions" :
2642 c == ARG_LUKS_EXTRA_MOUNT_OPTIONS ? "luksExtraMountOptions" :
2643 NULL;
2644
2645 assert(field);
2646
2647 if (isempty(optarg)) {
2648 r = drop_from_identity(field);
2649 if (r < 0)
2650 return r;
2651
2652 break;
2653 }
2654
2655 r = json_variant_set_field_string(&arg_identity_extra, field, optarg);
2656 if (r < 0)
2657 return log_error_errno(r, "Failed to set %s field: %m", field);
2658
2659 break;
2660 }
2661
2662 case ARG_CIFS_SERVICE:
2663 if (isempty(optarg)) {
2664 r = drop_from_identity("cifsService");
2665 if (r < 0)
2666 return r;
2667
2668 break;
2669 }
2670
2671 r = parse_cifs_service(optarg, NULL, NULL, NULL);
2672 if (r < 0)
2673 return log_error_errno(r, "Failed to validate CIFS service name: %s", optarg);
2674
2675 r = json_variant_set_field_string(&arg_identity_extra, "cifsService", optarg);
2676 if (r < 0)
2677 return log_error_errno(r, "Failed to set cifsService field: %m");
2678
2679 break;
2680
2681 case ARG_PASSWORD_HINT:
2682 if (isempty(optarg)) {
2683 r = drop_from_identity("passwordHint");
2684 if (r < 0)
2685 return r;
2686
2687 break;
2688 }
2689
2690 r = json_variant_set_field_string(&arg_identity_extra_privileged, "passwordHint", optarg);
2691 if (r < 0)
2692 return log_error_errno(r, "Failed to set passwordHint field: %m");
2693
2694 string_erase(optarg);
2695 break;
2696
2697 case ARG_NICE: {
2698 int nc;
2699
2700 if (isempty(optarg)) {
2701 r = drop_from_identity("niceLevel");
2702 if (r < 0)
2703 return r;
2704 break;
2705 }
2706
2707 r = parse_nice(optarg, &nc);
2708 if (r < 0)
2709 return log_error_errno(r, "Failed to parse nice level: %s", optarg);
2710
2711 r = json_variant_set_field_integer(&arg_identity_extra, "niceLevel", nc);
2712 if (r < 0)
2713 return log_error_errno(r, "Failed to set niceLevel field: %m");
2714
2715 break;
2716 }
2717
2718 case ARG_RLIMIT: {
2719 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL, *jcur = NULL, *jmax = NULL;
2720 _cleanup_free_ char *field = NULL, *t = NULL;
2721 const char *eq;
2722 struct rlimit rl;
2723 int l;
2724
2725 if (isempty(optarg)) {
2726 /* Remove all resource limits */
2727
2728 r = drop_from_identity("resourceLimits");
2729 if (r < 0)
2730 return r;
2731
2732 arg_identity_filter_rlimits = strv_free(arg_identity_filter_rlimits);
2733 arg_identity_extra_rlimits = json_variant_unref(arg_identity_extra_rlimits);
2734 break;
2735 }
2736
2737 eq = strchr(optarg, '=');
2738 if (!eq)
2739 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Can't parse resource limit assignment: %s", optarg);
2740
2741 field = strndup(optarg, eq - optarg);
2742 if (!field)
2743 return log_oom();
2744
2745 l = rlimit_from_string_harder(field);
2746 if (l < 0)
2747 return log_error_errno(l, "Unknown resource limit type: %s", field);
2748
2749 if (isempty(eq + 1)) {
2750 /* Remove only the specific rlimit */
2751
2752 r = strv_extend(&arg_identity_filter_rlimits, rlimit_to_string(l));
2753 if (r < 0)
2754 return r;
2755
2756 r = json_variant_filter(&arg_identity_extra_rlimits, STRV_MAKE(field));
2757 if (r < 0)
2758 return log_error_errno(r, "Failed to filter JSON identity data: %m");
2759
2760 break;
2761 }
2762
2763 r = rlimit_parse(l, eq + 1, &rl);
2764 if (r < 0)
2765 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to parse resource limit value: %s", eq + 1);
2766
2767 r = rl.rlim_cur == RLIM_INFINITY ? json_variant_new_null(&jcur) : json_variant_new_unsigned(&jcur, rl.rlim_cur);
2768 if (r < 0)
2769 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to allocate current integer: %m");
2770
2771 r = rl.rlim_max == RLIM_INFINITY ? json_variant_new_null(&jmax) : json_variant_new_unsigned(&jmax, rl.rlim_max);
2772 if (r < 0)
2773 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to allocate maximum integer: %m");
2774
2775 r = json_build(&v,
2776 JSON_BUILD_OBJECT(
2777 JSON_BUILD_PAIR("cur", JSON_BUILD_VARIANT(jcur)),
2778 JSON_BUILD_PAIR("max", JSON_BUILD_VARIANT(jmax))));
2779 if (r < 0)
2780 return log_error_errno(r, "Failed to build resource limit: %m");
2781
2782 t = strjoin("RLIMIT_", rlimit_to_string(l));
2783 if (!t)
2784 return log_oom();
2785
2786 r = json_variant_set_field(&arg_identity_extra_rlimits, t, v);
2787 if (r < 0)
2788 return log_error_errno(r, "Failed to set %s field: %m", rlimit_to_string(l));
2789
2790 break;
2791 }
2792
2793 case 'u': {
2794 uid_t uid;
2795
2796 if (isempty(optarg)) {
2797 r = drop_from_identity("uid");
2798 if (r < 0)
2799 return r;
2800
2801 break;
2802 }
2803
2804 r = parse_uid(optarg, &uid);
2805 if (r < 0)
2806 return log_error_errno(r, "Failed to parse UID '%s'.", optarg);
2807
2808 if (uid_is_system(uid))
2809 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "UID " UID_FMT " is in system range, refusing.", uid);
2810 if (uid_is_dynamic(uid))
2811 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "UID " UID_FMT " is in dynamic range, refusing.", uid);
2812 if (uid == UID_NOBODY)
2813 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "UID " UID_FMT " is nobody UID, refusing.", uid);
2814
2815 r = json_variant_set_field_unsigned(&arg_identity_extra, "uid", uid);
2816 if (r < 0)
2817 return log_error_errno(r, "Failed to set realm field: %m");
2818
2819 break;
2820 }
2821
2822 case 'k':
2823 case ARG_IMAGE_PATH: {
2824 const char *field = c == 'k' ? "skeletonDirectory" : "imagePath";
2825 _cleanup_free_ char *v = NULL;
2826
2827 if (isempty(optarg)) {
2828 r = drop_from_identity(field);
2829 if (r < 0)
2830 return r;
2831
2832 break;
2833 }
2834
2835 r = parse_path_argument(optarg, false, &v);
2836 if (r < 0)
2837 return r;
2838
2839 r = json_variant_set_field_string(&arg_identity_extra_this_machine, field, v);
2840 if (r < 0)
2841 return log_error_errno(r, "Failed to set %s field: %m", v);
2842
2843 break;
2844 }
2845
2846 case 's':
2847 if (isempty(optarg)) {
2848 r = drop_from_identity("shell");
2849 if (r < 0)
2850 return r;
2851
2852 break;
2853 }
2854
2855 if (!valid_shell(optarg))
2856 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Shell '%s' not valid.", optarg);
2857
2858 r = json_variant_set_field_string(&arg_identity_extra, "shell", optarg);
2859 if (r < 0)
2860 return log_error_errno(r, "Failed to set shell field: %m");
2861
2862 break;
2863
2864 case ARG_SETENV: {
2865 _cleanup_free_ char **l = NULL;
2866 _cleanup_(json_variant_unrefp) JsonVariant *ne = NULL;
2867 JsonVariant *e;
2868
2869 if (isempty(optarg)) {
2870 r = drop_from_identity("environment");
2871 if (r < 0)
2872 return r;
2873
2874 break;
2875 }
2876
2877 e = json_variant_by_key(arg_identity_extra, "environment");
2878 if (e) {
2879 r = json_variant_strv(e, &l);
2880 if (r < 0)
2881 return log_error_errno(r, "Failed to parse JSON environment field: %m");
2882 }
2883
2884 r = strv_env_replace_strdup_passthrough(&l, optarg);
2885 if (r < 0)
2886 return log_error_errno(r, "Cannot assign environment variable %s: %m", optarg);
2887
2888 strv_sort(l);
2889
2890 r = json_variant_new_array_strv(&ne, l);
2891 if (r < 0)
2892 return log_error_errno(r, "Failed to allocate environment list JSON: %m");
2893
2894 r = json_variant_set_field(&arg_identity_extra, "environment", ne);
2895 if (r < 0)
2896 return log_error_errno(r, "Failed to set environment list: %m");
2897
2898 break;
2899 }
2900
2901 case ARG_TIMEZONE:
2902
2903 if (isempty(optarg)) {
2904 r = drop_from_identity("timeZone");
2905 if (r < 0)
2906 return r;
2907
2908 break;
2909 }
2910
2911 if (!timezone_is_valid(optarg, LOG_DEBUG))
2912 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Timezone '%s' is not valid.", optarg);
2913
2914 r = json_variant_set_field_string(&arg_identity_extra, "timeZone", optarg);
2915 if (r < 0)
2916 return log_error_errno(r, "Failed to set timezone field: %m");
2917
2918 break;
2919
2920 case ARG_LANGUAGE:
2921 if (isempty(optarg)) {
2922 r = drop_from_identity("language");
2923 if (r < 0)
2924 return r;
2925
2926 break;
2927 }
2928
2929 if (!locale_is_valid(optarg))
2930 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Locale '%s' is not valid.", optarg);
2931
2932 if (locale_is_installed(optarg) <= 0)
2933 log_warning("Locale '%s' is not installed, accepting anyway.", optarg);
2934
2935 r = json_variant_set_field_string(&arg_identity_extra, "preferredLanguage", optarg);
2936 if (r < 0)
2937 return log_error_errno(r, "Failed to set preferredLanguage field: %m");
2938
2939 break;
2940
2941 case ARG_NOSUID:
2942 case ARG_NODEV:
2943 case ARG_NOEXEC:
2944 case ARG_LOCKED:
2945 case ARG_KILL_PROCESSES:
2946 case ARG_ENFORCE_PASSWORD_POLICY:
2947 case ARG_AUTO_LOGIN:
2948 case ARG_PASSWORD_CHANGE_NOW: {
2949 const char *field =
2950 c == ARG_LOCKED ? "locked" :
2951 c == ARG_NOSUID ? "mountNoSuid" :
2952 c == ARG_NODEV ? "mountNoDevices" :
2953 c == ARG_NOEXEC ? "mountNoExecute" :
2954 c == ARG_KILL_PROCESSES ? "killProcesses" :
2955 c == ARG_ENFORCE_PASSWORD_POLICY ? "enforcePasswordPolicy" :
2956 c == ARG_AUTO_LOGIN ? "autoLogin" :
2957 c == ARG_PASSWORD_CHANGE_NOW ? "passwordChangeNow" :
2958 NULL;
2959
2960 assert(field);
2961
2962 if (isempty(optarg)) {
2963 r = drop_from_identity(field);
2964 if (r < 0)
2965 return r;
2966
2967 break;
2968 }
2969
2970 r = parse_boolean(optarg);
2971 if (r < 0)
2972 return log_error_errno(r, "Failed to parse %s boolean: %m", field);
2973
2974 r = json_variant_set_field_boolean(&arg_identity_extra, field, r > 0);
2975 if (r < 0)
2976 return log_error_errno(r, "Failed to set %s field: %m", field);
2977
2978 break;
2979 }
2980
2981 case 'P':
2982 r = json_variant_set_field_boolean(&arg_identity_extra, "enforcePasswordPolicy", false);
2983 if (r < 0)
2984 return log_error_errno(r, "Failed to set enforcePasswordPolicy field: %m");
2985
2986 break;
2987
2988 case ARG_DISK_SIZE:
2989 if (isempty(optarg)) {
2990 FOREACH_STRING(prop, "diskSize", "diskSizeRelative", "rebalanceWeight") {
2991 r = drop_from_identity(prop);
2992 if (r < 0)
2993 return r;
2994 }
2995
2996 arg_disk_size = arg_disk_size_relative = UINT64_MAX;
2997 break;
2998 }
2999
3000 r = parse_permyriad(optarg);
3001 if (r < 0) {
3002 r = parse_disk_size(optarg, &arg_disk_size);
3003 if (r < 0)
3004 return r;
3005
3006 r = drop_from_identity("diskSizeRelative");
3007 if (r < 0)
3008 return r;
3009
3010 r = json_variant_set_field_unsigned(&arg_identity_extra_this_machine, "diskSize", arg_disk_size);
3011 if (r < 0)
3012 return log_error_errno(r, "Failed to set diskSize field: %m");
3013
3014 arg_disk_size_relative = UINT64_MAX;
3015 } else {
3016 /* Normalize to UINT32_MAX == 100% */
3017 arg_disk_size_relative = UINT32_SCALE_FROM_PERMYRIAD(r);
3018
3019 r = drop_from_identity("diskSize");
3020 if (r < 0)
3021 return r;
3022
3023 r = json_variant_set_field_unsigned(&arg_identity_extra_this_machine, "diskSizeRelative", arg_disk_size_relative);
3024 if (r < 0)
3025 return log_error_errno(r, "Failed to set diskSizeRelative field: %m");
3026
3027 arg_disk_size = UINT64_MAX;
3028 }
3029
3030 /* Automatically turn off the rebalance logic if user configured a size explicitly */
3031 r = json_variant_set_field_unsigned(&arg_identity_extra_this_machine, "rebalanceWeight", REBALANCE_WEIGHT_OFF);
3032 if (r < 0)
3033 return log_error_errno(r, "Failed to set rebalanceWeight field: %m");
3034
3035 break;
3036
3037 case ARG_ACCESS_MODE: {
3038 mode_t mode;
3039
3040 if (isempty(optarg)) {
3041 r = drop_from_identity("accessMode");
3042 if (r < 0)
3043 return r;
3044
3045 break;
3046 }
3047
3048 r = parse_mode(optarg, &mode);
3049 if (r < 0)
3050 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Access mode '%s' not valid.", optarg);
3051
3052 r = json_variant_set_field_unsigned(&arg_identity_extra, "accessMode", mode);
3053 if (r < 0)
3054 return log_error_errno(r, "Failed to set access mode field: %m");
3055
3056 break;
3057 }
3058
3059 case ARG_LUKS_DISCARD:
3060 if (isempty(optarg)) {
3061 r = drop_from_identity("luksDiscard");
3062 if (r < 0)
3063 return r;
3064
3065 break;
3066 }
3067
3068 r = parse_boolean(optarg);
3069 if (r < 0)
3070 return log_error_errno(r, "Failed to parse --luks-discard= parameter: %s", optarg);
3071
3072 r = json_variant_set_field_boolean(&arg_identity_extra, "luksDiscard", r);
3073 if (r < 0)
3074 return log_error_errno(r, "Failed to set discard field: %m");
3075
3076 break;
3077
3078 case ARG_LUKS_OFFLINE_DISCARD:
3079 if (isempty(optarg)) {
3080 r = drop_from_identity("luksOfflineDiscard");
3081 if (r < 0)
3082 return r;
3083
3084 break;
3085 }
3086
3087 r = parse_boolean(optarg);
3088 if (r < 0)
3089 return log_error_errno(r, "Failed to parse --luks-offline-discard= parameter: %s", optarg);
3090
3091 r = json_variant_set_field_boolean(&arg_identity_extra, "luksOfflineDiscard", r);
3092 if (r < 0)
3093 return log_error_errno(r, "Failed to set offline discard field: %m");
3094
3095 break;
3096
3097 case ARG_LUKS_VOLUME_KEY_SIZE:
3098 case ARG_LUKS_PBKDF_FORCE_ITERATIONS:
3099 case ARG_LUKS_PBKDF_PARALLEL_THREADS:
3100 case ARG_RATE_LIMIT_BURST: {
3101 const char *field =
3102 c == ARG_LUKS_VOLUME_KEY_SIZE ? "luksVolumeKeySize" :
3103 c == ARG_LUKS_PBKDF_FORCE_ITERATIONS ? "luksPbkdfForceIterations" :
3104 c == ARG_LUKS_PBKDF_PARALLEL_THREADS ? "luksPbkdfParallelThreads" :
3105 c == ARG_RATE_LIMIT_BURST ? "rateLimitBurst" : NULL;
3106 unsigned n;
3107
3108 assert(field);
3109
3110 if (isempty(optarg)) {
3111 r = drop_from_identity(field);
3112 if (r < 0)
3113 return r;
3114 }
3115
3116 r = safe_atou(optarg, &n);
3117 if (r < 0)
3118 return log_error_errno(r, "Failed to parse %s parameter: %s", field, optarg);
3119
3120 r = json_variant_set_field_unsigned(&arg_identity_extra, field, n);
3121 if (r < 0)
3122 return log_error_errno(r, "Failed to set %s field: %m", field);
3123
3124 break;
3125 }
3126
3127 case ARG_LUKS_SECTOR_SIZE: {
3128 uint64_t ss;
3129
3130 if (isempty(optarg)) {
3131 r = drop_from_identity("luksSectorSize");
3132 if (r < 0)
3133 return r;
3134
3135 break;
3136 }
3137
3138 r = parse_sector_size(optarg, &ss);
3139 if (r < 0)
3140 return r;
3141
3142 r = json_variant_set_field_unsigned(&arg_identity_extra, "luksSectorSize", ss);
3143 if (r < 0)
3144 return log_error_errno(r, "Failed to set sector size field: %m");
3145
3146 break;
3147 }
3148
3149 case ARG_UMASK: {
3150 mode_t m;
3151
3152 if (isempty(optarg)) {
3153 r = drop_from_identity("umask");
3154 if (r < 0)
3155 return r;
3156
3157 break;
3158 }
3159
3160 r = parse_mode(optarg, &m);
3161 if (r < 0)
3162 return log_error_errno(r, "Failed to parse umask: %m");
3163
3164 r = json_variant_set_field_integer(&arg_identity_extra, "umask", m);
3165 if (r < 0)
3166 return log_error_errno(r, "Failed to set umask field: %m");
3167
3168 break;
3169 }
3170
3171 case ARG_SSH_AUTHORIZED_KEYS: {
3172 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
3173 _cleanup_(strv_freep) char **l = NULL, **add = NULL;
3174
3175 if (isempty(optarg)) {
3176 r = drop_from_identity("sshAuthorizedKeys");
3177 if (r < 0)
3178 return r;
3179
3180 break;
3181 }
3182
3183 if (optarg[0] == '@') {
3184 _cleanup_fclose_ FILE *f = NULL;
3185
3186 /* If prefixed with '@' read from a file */
3187
3188 f = fopen(optarg+1, "re");
3189 if (!f)
3190 return log_error_errno(errno, "Failed to open '%s': %m", optarg+1);
3191
3192 for (;;) {
3193 _cleanup_free_ char *line = NULL;
3194
3195 r = read_line(f, LONG_LINE_MAX, &line);
3196 if (r < 0)
3197 return log_error_errno(r, "Failed to read from '%s': %m", optarg+1);
3198 if (r == 0)
3199 break;
3200
3201 if (isempty(line))
3202 continue;
3203
3204 if (line[0] == '#')
3205 continue;
3206
3207 r = strv_consume(&add, TAKE_PTR(line));
3208 if (r < 0)
3209 return log_oom();
3210 }
3211 } else {
3212 /* Otherwise, assume it's a literal key. Let's do some superficial checks
3213 * before accept it though. */
3214
3215 if (string_has_cc(optarg, NULL))
3216 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Authorized key contains control characters, refusing.");
3217 if (optarg[0] == '#')
3218 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Specified key is a comment?");
3219
3220 add = strv_new(optarg);
3221 if (!add)
3222 return log_oom();
3223 }
3224
3225 v = json_variant_ref(json_variant_by_key(arg_identity_extra_privileged, "sshAuthorizedKeys"));
3226 if (v) {
3227 r = json_variant_strv(v, &l);
3228 if (r < 0)
3229 return log_error_errno(r, "Failed to parse SSH authorized keys list: %m");
3230 }
3231
3232 r = strv_extend_strv(&l, add, true);
3233 if (r < 0)
3234 return log_oom();
3235
3236 v = json_variant_unref(v);
3237
3238 r = json_variant_new_array_strv(&v, l);
3239 if (r < 0)
3240 return log_oom();
3241
3242 r = json_variant_set_field(&arg_identity_extra_privileged, "sshAuthorizedKeys", v);
3243 if (r < 0)
3244 return log_error_errno(r, "Failed to set authorized keys: %m");
3245
3246 break;
3247 }
3248
3249 case ARG_NOT_BEFORE:
3250 case ARG_NOT_AFTER:
3251 case 'e': {
3252 const char *field;
3253 usec_t n;
3254
3255 field = c == ARG_NOT_BEFORE ? "notBeforeUSec" :
3256 IN_SET(c, ARG_NOT_AFTER, 'e') ? "notAfterUSec" : NULL;
3257
3258 assert(field);
3259
3260 if (isempty(optarg)) {
3261 r = drop_from_identity(field);
3262 if (r < 0)
3263 return r;
3264
3265 break;
3266 }
3267
3268 /* Note the minor discrepancy regarding -e parsing here: we support that for compat
3269 * reasons, and in the original useradd(8) implementation it accepts dates in the
3270 * format YYYY-MM-DD. Coincidentally, we accept dates formatted like that too, but
3271 * with greater precision. */
3272 r = parse_timestamp(optarg, &n);
3273 if (r < 0)
3274 return log_error_errno(r, "Failed to parse %s parameter: %m", field);
3275
3276 r = json_variant_set_field_unsigned(&arg_identity_extra, field, n);
3277 if (r < 0)
3278 return log_error_errno(r, "Failed to set %s field: %m", field);
3279 break;
3280 }
3281
3282 case ARG_PASSWORD_CHANGE_MIN:
3283 case ARG_PASSWORD_CHANGE_MAX:
3284 case ARG_PASSWORD_CHANGE_WARN:
3285 case ARG_PASSWORD_CHANGE_INACTIVE: {
3286 const char *field;
3287 usec_t n;
3288
3289 field = c == ARG_PASSWORD_CHANGE_MIN ? "passwordChangeMinUSec" :
3290 c == ARG_PASSWORD_CHANGE_MAX ? "passwordChangeMaxUSec" :
3291 c == ARG_PASSWORD_CHANGE_WARN ? "passwordChangeWarnUSec" :
3292 c == ARG_PASSWORD_CHANGE_INACTIVE ? "passwordChangeInactiveUSec" :
3293 NULL;
3294
3295 assert(field);
3296
3297 if (isempty(optarg)) {
3298 r = drop_from_identity(field);
3299 if (r < 0)
3300 return r;
3301
3302 break;
3303 }
3304
3305 r = parse_sec(optarg, &n);
3306 if (r < 0)
3307 return log_error_errno(r, "Failed to parse %s parameter: %m", field);
3308
3309 r = json_variant_set_field_unsigned(&arg_identity_extra, field, n);
3310 if (r < 0)
3311 return log_error_errno(r, "Failed to set %s field: %m", field);
3312 break;
3313 }
3314
3315 case ARG_STORAGE:
3316 case ARG_FS_TYPE:
3317 case ARG_LUKS_CIPHER:
3318 case ARG_LUKS_CIPHER_MODE:
3319 case ARG_LUKS_PBKDF_TYPE:
3320 case ARG_LUKS_PBKDF_HASH_ALGORITHM: {
3321
3322 const char *field =
3323 c == ARG_STORAGE ? "storage" :
3324 c == ARG_FS_TYPE ? "fileSystemType" :
3325 c == ARG_LUKS_CIPHER ? "luksCipher" :
3326 c == ARG_LUKS_CIPHER_MODE ? "luksCipherMode" :
3327 c == ARG_LUKS_PBKDF_TYPE ? "luksPbkdfType" :
3328 c == ARG_LUKS_PBKDF_HASH_ALGORITHM ? "luksPbkdfHashAlgorithm" : NULL;
3329
3330 assert(field);
3331
3332 if (isempty(optarg)) {
3333 r = drop_from_identity(field);
3334 if (r < 0)
3335 return r;
3336
3337 break;
3338 }
3339
3340 if (!string_is_safe(optarg))
3341 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Parameter for %s field not valid: %s", field, optarg);
3342
3343 r = json_variant_set_field_string(
3344 IN_SET(c, ARG_STORAGE, ARG_FS_TYPE) ?
3345 &arg_identity_extra_this_machine :
3346 &arg_identity_extra, field, optarg);
3347 if (r < 0)
3348 return log_error_errno(r, "Failed to set %s field: %m", field);
3349
3350 break;
3351 }
3352
3353 case ARG_LUKS_PBKDF_TIME_COST:
3354 case ARG_RATE_LIMIT_INTERVAL:
3355 case ARG_STOP_DELAY: {
3356 const char *field =
3357 c == ARG_LUKS_PBKDF_TIME_COST ? "luksPbkdfTimeCostUSec" :
3358 c == ARG_RATE_LIMIT_INTERVAL ? "rateLimitIntervalUSec" :
3359 c == ARG_STOP_DELAY ? "stopDelayUSec" :
3360 NULL;
3361 usec_t t;
3362
3363 assert(field);
3364
3365 if (isempty(optarg)) {
3366 r = drop_from_identity(field);
3367 if (r < 0)
3368 return r;
3369
3370 break;
3371 }
3372
3373 r = parse_sec(optarg, &t);
3374 if (r < 0)
3375 return log_error_errno(r, "Failed to parse %s field: %s", field, optarg);
3376
3377 r = json_variant_set_field_unsigned(&arg_identity_extra, field, t);
3378 if (r < 0)
3379 return log_error_errno(r, "Failed to set %s field: %m", field);
3380
3381 break;
3382 }
3383
3384 case 'G': {
3385 const char *p = optarg;
3386
3387 if (isempty(p)) {
3388 r = drop_from_identity("memberOf");
3389 if (r < 0)
3390 return r;
3391
3392 break;
3393 }
3394
3395 for (;;) {
3396 _cleanup_(json_variant_unrefp) JsonVariant *mo = NULL;
3397 _cleanup_strv_free_ char **list = NULL;
3398 _cleanup_free_ char *word = NULL;
3399
3400 r = extract_first_word(&p, &word, ",", 0);
3401 if (r < 0)
3402 return log_error_errno(r, "Failed to parse group list: %m");
3403 if (r == 0)
3404 break;
3405
3406 if (!valid_user_group_name(word, 0))
3407 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid group name %s.", word);
3408
3409 mo = json_variant_ref(json_variant_by_key(arg_identity_extra, "memberOf"));
3410
3411 r = json_variant_strv(mo, &list);
3412 if (r < 0)
3413 return log_error_errno(r, "Failed to parse group list: %m");
3414
3415 r = strv_extend(&list, word);
3416 if (r < 0)
3417 return log_oom();
3418
3419 strv_sort(list);
3420 strv_uniq(list);
3421
3422 mo = json_variant_unref(mo);
3423 r = json_variant_new_array_strv(&mo, list);
3424 if (r < 0)
3425 return log_error_errno(r, "Failed to create group list JSON: %m");
3426
3427 r = json_variant_set_field(&arg_identity_extra, "memberOf", mo);
3428 if (r < 0)
3429 return log_error_errno(r, "Failed to update group list: %m");
3430 }
3431
3432 break;
3433 }
3434
3435 case ARG_TASKS_MAX: {
3436 uint64_t u;
3437
3438 if (isempty(optarg)) {
3439 r = drop_from_identity("tasksMax");
3440 if (r < 0)
3441 return r;
3442 break;
3443 }
3444
3445 r = safe_atou64(optarg, &u);
3446 if (r < 0)
3447 return log_error_errno(r, "Failed to parse --tasks-max= parameter: %s", optarg);
3448
3449 r = json_variant_set_field_unsigned(&arg_identity_extra, "tasksMax", u);
3450 if (r < 0)
3451 return log_error_errno(r, "Failed to set tasksMax field: %m");
3452
3453 break;
3454 }
3455
3456 case ARG_MEMORY_MAX:
3457 case ARG_MEMORY_HIGH:
3458 case ARG_LUKS_PBKDF_MEMORY_COST: {
3459 const char *field =
3460 c == ARG_MEMORY_MAX ? "memoryMax" :
3461 c == ARG_MEMORY_HIGH ? "memoryHigh" :
3462 c == ARG_LUKS_PBKDF_MEMORY_COST ? "luksPbkdfMemoryCost" : NULL;
3463
3464 uint64_t u;
3465
3466 assert(field);
3467
3468 if (isempty(optarg)) {
3469 r = drop_from_identity(field);
3470 if (r < 0)
3471 return r;
3472 break;
3473 }
3474
3475 r = parse_size(optarg, 1024, &u);
3476 if (r < 0)
3477 return log_error_errno(r, "Failed to parse %s parameter: %s", field, optarg);
3478
3479 r = json_variant_set_field_unsigned(&arg_identity_extra_this_machine, field, u);
3480 if (r < 0)
3481 return log_error_errno(r, "Failed to set %s field: %m", field);
3482
3483 break;
3484 }
3485
3486 case ARG_CPU_WEIGHT:
3487 case ARG_IO_WEIGHT: {
3488 const char *field = c == ARG_CPU_WEIGHT ? "cpuWeight" :
3489 c == ARG_IO_WEIGHT ? "ioWeight" : NULL;
3490 uint64_t u;
3491
3492 assert(field);
3493
3494 if (isempty(optarg)) {
3495 r = drop_from_identity(field);
3496 if (r < 0)
3497 return r;
3498 break;
3499 }
3500
3501 r = safe_atou64(optarg, &u);
3502 if (r < 0)
3503 return log_error_errno(r, "Failed to parse --cpu-weight=/--io-weight= parameter: %s", optarg);
3504
3505 if (!CGROUP_WEIGHT_IS_OK(u))
3506 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Weight %" PRIu64 " is out of valid weight range.", u);
3507
3508 r = json_variant_set_field_unsigned(&arg_identity_extra, field, u);
3509 if (r < 0)
3510 return log_error_errno(r, "Failed to set %s field: %m", field);
3511
3512 break;
3513 }
3514
3515 case ARG_PKCS11_TOKEN_URI:
3516 if (streq(optarg, "list"))
3517 return pkcs11_list_tokens();
3518
3519 /* If --pkcs11-token-uri= is specified we always drop everything old */
3520 FOREACH_STRING(p, "pkcs11TokenUri", "pkcs11EncryptedKey") {
3521 r = drop_from_identity(p);
3522 if (r < 0)
3523 return r;
3524 }
3525
3526 if (isempty(optarg)) {
3527 arg_pkcs11_token_uri = strv_free(arg_pkcs11_token_uri);
3528 break;
3529 }
3530
3531 if (streq(optarg, "auto")) {
3532 _cleanup_free_ char *found = NULL;
3533
3534 r = pkcs11_find_token_auto(&found);
3535 if (r < 0)
3536 return r;
3537 r = strv_consume(&arg_pkcs11_token_uri, TAKE_PTR(found));
3538 } else {
3539 if (!pkcs11_uri_valid(optarg))
3540 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Not a valid PKCS#11 URI: %s", optarg);
3541
3542 r = strv_extend(&arg_pkcs11_token_uri, optarg);
3543 }
3544 if (r < 0)
3545 return r;
3546
3547 strv_uniq(arg_pkcs11_token_uri);
3548 break;
3549
3550 case ARG_FIDO2_CRED_ALG:
3551 r = parse_fido2_algorithm(optarg, &arg_fido2_cred_alg);
3552 if (r < 0)
3553 return log_error_errno(r, "Failed to parse COSE algorithm: %s", optarg);
3554 break;
3555
3556 case ARG_FIDO2_DEVICE:
3557 if (streq(optarg, "list"))
3558 return fido2_list_devices();
3559
3560 FOREACH_STRING(p, "fido2HmacCredential", "fido2HmacSalt") {
3561 r = drop_from_identity(p);
3562 if (r < 0)
3563 return r;
3564 }
3565
3566 if (isempty(optarg)) {
3567 arg_fido2_device = strv_free(arg_fido2_device);
3568 break;
3569 }
3570
3571 if (streq(optarg, "auto")) {
3572 _cleanup_free_ char *found = NULL;
3573
3574 r = fido2_find_device_auto(&found);
3575 if (r < 0)
3576 return r;
3577
3578 r = strv_consume(&arg_fido2_device, TAKE_PTR(found));
3579 } else
3580 r = strv_extend(&arg_fido2_device, optarg);
3581 if (r < 0)
3582 return r;
3583
3584 strv_uniq(arg_fido2_device);
3585 break;
3586
3587 case ARG_FIDO2_WITH_PIN: {
3588 bool lock_with_pin;
3589
3590 r = parse_boolean_argument("--fido2-with-client-pin=", optarg, &lock_with_pin);
3591 if (r < 0)
3592 return r;
3593
3594 SET_FLAG(arg_fido2_lock_with, FIDO2ENROLL_PIN, lock_with_pin);
3595 break;
3596 }
3597
3598 case ARG_FIDO2_WITH_UP: {
3599 bool lock_with_up;
3600
3601 r = parse_boolean_argument("--fido2-with-user-presence=", optarg, &lock_with_up);
3602 if (r < 0)
3603 return r;
3604
3605 SET_FLAG(arg_fido2_lock_with, FIDO2ENROLL_UP, lock_with_up);
3606 break;
3607 }
3608
3609 case ARG_FIDO2_WITH_UV: {
3610 bool lock_with_uv;
3611
3612 r = parse_boolean_argument("--fido2-with-user-verification=", optarg, &lock_with_uv);
3613 if (r < 0)
3614 return r;
3615
3616 SET_FLAG(arg_fido2_lock_with, FIDO2ENROLL_UV, lock_with_uv);
3617 break;
3618 }
3619
3620 case ARG_RECOVERY_KEY:
3621 r = parse_boolean(optarg);
3622 if (r < 0)
3623 return log_error_errno(r, "Failed to parse --recovery-key= argument: %s", optarg);
3624
3625 arg_recovery_key = r;
3626
3627 FOREACH_STRING(p, "recoveryKey", "recoveryKeyType") {
3628 r = drop_from_identity(p);
3629 if (r < 0)
3630 return r;
3631 }
3632
3633 break;
3634
3635 case ARG_AUTO_RESIZE_MODE:
3636 if (isempty(optarg)) {
3637 r = drop_from_identity("autoResizeMode");
3638 if (r < 0)
3639 return r;
3640
3641 break;
3642 }
3643
3644 r = auto_resize_mode_from_string(optarg);
3645 if (r < 0)
3646 return log_error_errno(r, "Failed to parse --auto-resize-mode= argument: %s", optarg);
3647
3648 r = json_variant_set_field_string(&arg_identity_extra, "autoResizeMode", auto_resize_mode_to_string(r));
3649 if (r < 0)
3650 return log_error_errno(r, "Failed to set autoResizeMode field: %m");
3651
3652 break;
3653
3654 case ARG_REBALANCE_WEIGHT: {
3655 uint64_t u;
3656
3657 if (isempty(optarg)) {
3658 r = drop_from_identity("rebalanceWeight");
3659 if (r < 0)
3660 return r;
3661 }
3662
3663 if (streq(optarg, "off"))
3664 u = REBALANCE_WEIGHT_OFF;
3665 else {
3666 r = safe_atou64(optarg, &u);
3667 if (r < 0)
3668 return log_error_errno(r, "Failed to parse --rebalance-weight= argument: %s", optarg);
3669
3670 if (u < REBALANCE_WEIGHT_MIN || u > REBALANCE_WEIGHT_MAX)
3671 return log_error_errno(SYNTHETIC_ERRNO(ERANGE), "Rebalancing weight out of valid range %" PRIu64 "%s%" PRIu64 ": %s",
3672 REBALANCE_WEIGHT_MIN, special_glyph(SPECIAL_GLYPH_ELLIPSIS), REBALANCE_WEIGHT_MAX, optarg);
3673 }
3674
3675 /* Drop from per machine stuff and everywhere */
3676 r = drop_from_identity("rebalanceWeight");
3677 if (r < 0)
3678 return r;
3679
3680 /* Add to main identity */
3681 r = json_variant_set_field_unsigned(&arg_identity_extra, "rebalanceWeight", u);
3682 if (r < 0)
3683 return log_error_errno(r, "Failed to set rebalanceWeight field: %m");
3684
3685 break;
3686 }
3687
3688 case 'j':
3689 arg_json_format_flags = JSON_FORMAT_PRETTY_AUTO|JSON_FORMAT_COLOR_AUTO;
3690 break;
3691
3692 case ARG_JSON:
3693 r = parse_json_argument(optarg, &arg_json_format_flags);
3694 if (r <= 0)
3695 return r;
3696
3697 break;
3698
3699 case 'E':
3700 if (arg_export_format == EXPORT_FORMAT_FULL)
3701 arg_export_format = EXPORT_FORMAT_STRIPPED;
3702 else if (arg_export_format == EXPORT_FORMAT_STRIPPED)
3703 arg_export_format = EXPORT_FORMAT_MINIMAL;
3704 else
3705 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Specifying -E more than twice is not supported.");
3706
3707 arg_json_format_flags &= ~JSON_FORMAT_OFF;
3708 if (arg_json_format_flags == 0)
3709 arg_json_format_flags = JSON_FORMAT_PRETTY_AUTO|JSON_FORMAT_COLOR_AUTO;
3710 break;
3711
3712 case ARG_EXPORT_FORMAT:
3713 if (streq(optarg, "full"))
3714 arg_export_format = EXPORT_FORMAT_FULL;
3715 else if (streq(optarg, "stripped"))
3716 arg_export_format = EXPORT_FORMAT_STRIPPED;
3717 else if (streq(optarg, "minimal"))
3718 arg_export_format = EXPORT_FORMAT_MINIMAL;
3719 else if (streq(optarg, "help")) {
3720 puts("full\n"
3721 "stripped\n"
3722 "minimal");
3723 return 0;
3724 }
3725
3726 break;
3727
3728 case ARG_AND_RESIZE:
3729 arg_and_resize = true;
3730 break;
3731
3732 case ARG_AND_CHANGE_PASSWORD:
3733 arg_and_change_password = true;
3734 break;
3735
3736 case ARG_DROP_CACHES: {
3737 bool drop_caches;
3738
3739 if (isempty(optarg)) {
3740 r = drop_from_identity("dropCaches");
3741 if (r < 0)
3742 return r;
3743 }
3744
3745 r = parse_boolean_argument("--drop-caches=", optarg, &drop_caches);
3746 if (r < 0)
3747 return r;
3748
3749 r = json_variant_set_field_boolean(&arg_identity_extra, "dropCaches", r);
3750 if (r < 0)
3751 return log_error_errno(r, "Failed to set drop caches field: %m");
3752
3753 break;
3754 }
3755
3756 case '?':
3757 return -EINVAL;
3758
3759 default:
3760 assert_not_reached();
3761 }
3762 }
3763
3764 if (!strv_isempty(arg_pkcs11_token_uri) || !strv_isempty(arg_fido2_device))
3765 arg_and_change_password = true;
3766
3767 if (arg_disk_size != UINT64_MAX || arg_disk_size_relative != UINT64_MAX)
3768 arg_and_resize = true;
3769
3770 return 1;
3771 }
3772
3773 static int redirect_bus_mgr(void) {
3774 const char *suffix;
3775
3776 /* Talk to a different service if that's requested. (The same env var is also understood by homed, so
3777 * that it is relatively easily possible to invoke a second instance of homed for debug purposes and
3778 * have homectl talk to it, without colliding with the host version. This is handy when operating
3779 * from a homed-managed account.) */
3780
3781 suffix = getenv("SYSTEMD_HOME_DEBUG_SUFFIX");
3782 if (suffix) {
3783 static BusLocator locator = {
3784 .path = "/org/freedesktop/home1",
3785 .interface = "org.freedesktop.home1.Manager",
3786 };
3787
3788 /* Yes, we leak this memory, but there's little point to collect this, given that we only do
3789 * this in a debug environment, do it only once, and the string shall live for out entire
3790 * process runtime. */
3791
3792 locator.destination = strjoin("org.freedesktop.home1.", suffix);
3793 if (!locator.destination)
3794 return log_oom();
3795
3796 bus_mgr = &locator;
3797 } else
3798 bus_mgr = bus_home_mgr;
3799
3800 return 0;
3801 }
3802
3803 static int run(int argc, char *argv[]) {
3804 static const Verb verbs[] = {
3805 { "help", VERB_ANY, VERB_ANY, 0, help },
3806 { "list", VERB_ANY, 1, VERB_DEFAULT, list_homes },
3807 { "activate", 2, VERB_ANY, 0, activate_home },
3808 { "deactivate", 2, VERB_ANY, 0, deactivate_home },
3809 { "inspect", VERB_ANY, VERB_ANY, 0, inspect_home },
3810 { "authenticate", VERB_ANY, VERB_ANY, 0, authenticate_home },
3811 { "create", VERB_ANY, 2, 0, create_home },
3812 { "remove", 2, VERB_ANY, 0, remove_home },
3813 { "update", VERB_ANY, 2, 0, update_home },
3814 { "passwd", VERB_ANY, 2, 0, passwd_home },
3815 { "resize", 2, 3, 0, resize_home },
3816 { "lock", 2, VERB_ANY, 0, lock_home },
3817 { "unlock", 2, VERB_ANY, 0, unlock_home },
3818 { "with", 2, VERB_ANY, 0, with_home },
3819 { "lock-all", VERB_ANY, 1, 0, lock_all_homes },
3820 { "deactivate-all", VERB_ANY, 1, 0, deactivate_all_homes },
3821 { "rebalance", VERB_ANY, 1, 0, rebalance },
3822 {}
3823 };
3824
3825 int r;
3826
3827 log_setup();
3828
3829 r = redirect_bus_mgr();
3830 if (r < 0)
3831 return r;
3832
3833 r = parse_argv(argc, argv);
3834 if (r <= 0)
3835 return r;
3836
3837 return dispatch_verb(argc, argv, verbs, NULL);
3838 }
3839
3840 DEFINE_MAIN_FUNCTION_WITH_POSITIVE_FAILURE(run);
Unnamed repository; edit this file 'description' to name the repository.