-/* SPDX-License-Identifier: LGPL-2.1+ */
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include "dirent-util.h"
#include "fd-util.h"
#include "strv.h"
#include "tmpfile-util.h"
-int home_prepare_cifs(
+int home_setup_cifs(
UserRecord *h,
bool already_activated,
HomeSetup *setup) {
char **pw;
int r;
- r = home_unshare_and_mount(NULL, NULL, false);
+ r = home_unshare_and_mount(NULL, NULL, false, user_record_mount_flags(h));
if (r < 0)
return r;
f = safe_fclose(f);
- if (asprintf(&options, "credentials=%s,uid=" UID_FMT ",forceuid,gid=" UID_FMT ",forcegid,file_mode=0%3o,dir_mode=0%3o",
- p, h->uid, h->uid, h->access_mode, h->access_mode) < 0)
+ if (asprintf(&options, "credentials=%s,uid=" UID_FMT ",forceuid,gid=" GID_FMT ",forcegid,file_mode=0%3o,dir_mode=0%3o",
+ p, h->uid, user_record_gid(h), user_record_access_mode(h), user_record_access_mode(h)) < 0)
return log_oom();
r = safe_fork("(mount)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_STDOUT_TO_STDERR, &mount_pid);
h->cifs_service, "/run/systemd/user-home-mount",
"-o", options, NULL);
- log_error_errno(errno, "Failed to execute fsck: %m");
+ log_error_errno(errno, "Failed to execute mount: %m");
_exit(EXIT_FAILURE);
}
}
if (!mounted)
- return log_error_errno(ENOKEY, "Failed to mount home directory with supplied password.");
+ return log_error_errno(SYNTHETIC_ERRNO(ENOKEY),
+ "Failed to mount home directory with supplied password.");
setup->root_fd = open("/run/systemd/user-home-mount", O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOFOLLOW);
}
int home_activate_cifs(
UserRecord *h,
- char ***pkcs11_decrypted_passwords,
+ PasswordCache *cache,
UserRecord **ret_home) {
_cleanup_(home_setup_undo) HomeSetup setup = HOME_SETUP_INIT;
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "User record lacks CIFS service, refusing.");
assert_se(hdo = user_record_home_directory(h));
- hd = strdupa(hdo); /* copy the string out, since it might change later in the home record object */
+ hd = strdupa_safe(hdo); /* copy the string out, since it might change later in the home record object */
- r = home_prepare_cifs(h, false, &setup);
+ r = home_setup_cifs(h, false, &setup);
if (r < 0)
return r;
- r = home_refresh(h, &setup, NULL, pkcs11_decrypted_passwords, NULL, &new_home);
+ r = home_refresh(h, &setup, NULL, cache, NULL, &new_home);
if (r < 0)
return r;
_cleanup_(home_setup_undo) HomeSetup setup = HOME_SETUP_INIT;
_cleanup_(user_record_unrefp) UserRecord *new_home = NULL;
_cleanup_(closedirp) DIR *d = NULL;
- int r, copy;
+ _cleanup_close_ int copy = -1;
+ int r;
assert(h);
assert(user_record_storage(h) == USER_CIFS);
return log_error_errno(errno, "Unable to detect whether /sbin/mount.cifs exists: %m");
}
- r = home_prepare_cifs(h, false, &setup);
+ r = home_setup_cifs(h, false, &setup);
if (r < 0)
return r;
if (copy < 0)
return -errno;
- d = fdopendir(copy);
- if (!d) {
- safe_close(copy);
+ d = take_fdopendir(©);
+ if (!d)
return -errno;
- }
errno = 0;
if (readdir_no_dot(d))
if (r < 0)
return r;
- r = user_record_clone(h, USER_RECORD_LOAD_MASK_SECRET, &new_home);
+ r = user_record_clone(h, USER_RECORD_LOAD_MASK_SECRET|USER_RECORD_PERMISSIVE, &new_home);
if (r < 0)
return log_error_errno(r, "Failed to clone record: %m");