From ffaa6362bb5c29026a236566914305de6638729d Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri, 5 May 2023 06:07:52 +0000
Subject: [PATCH] pwd: Use libsubid

This is an attempt to read any subids using libsubid from shadow.

However, it seems that libsubid is not entirely thread-safe and randomly
fails. Hence this code is kept disabled for now.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 Makefile.am          |  1 +
 configure.ac         | 12 +++++++++++
 src/libpakfire/pwd.c | 48 ++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 61 insertions(+)

diff --git a/Makefile.am b/Makefile.am
index e70b08ce..8a72f730 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -345,6 +345,7 @@ libpakfire_la_LIBADD = \
 	$(SECCOMP_LIBS) \
 	$(SOLV_LIBS) \
 	$(SQLITE3_LIBS) \
+	$(SUBID_LIBS) \
 	$(SYSTEMD_LIBS) \
 	$(UUID_LIBS) \
 	$(ZSTD_LIBS)
diff --git a/configure.ac b/configure.ac
index 91029206..6700004c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -273,6 +273,18 @@ PKG_CHECK_MODULES([SYSTEMD], [libsystemd],
 PKG_CHECK_MODULES([UUID], [uuid])
 PKG_CHECK_MODULES([ZSTD], [libzstd])
 
+save_LIBS="$LIBS"
+
+# subid
+#LIBS=
+#AC_SEARCH_LIBS([subid_init], [subid],
+#	[AC_DEFINE([HAVE_SUBID], [], [subid is present])],
+#	[AC_MSG_WARN([*** subid library not found])])
+#SUBID_LIBS="$LIBS"
+#AC_SUBST(SUBID_LIBS)
+
+LIBS="$save_LIBS"
+
 AC_ARG_WITH([systemdsystemunitdir],
 	AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
 	[], [with_systemdsystemunitdir=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)])
diff --git a/src/libpakfire/pwd.c b/src/libpakfire/pwd.c
index 1e8fdf20..4cc15424 100644
--- a/src/libpakfire/pwd.c
+++ b/src/libpakfire/pwd.c
@@ -25,6 +25,10 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#ifdef HAVE_SUBID
+#include <shadow/subid.h>
+#endif
+
 #include <pakfire/logging.h>
 #include <pakfire/pakfire.h>
 #include <pakfire/pwd.h>
@@ -158,6 +162,50 @@ struct group* pakfire_getgrgid(struct pakfire* pakfire, gid_t gid) {
 
 // SUBUID/SUBGID
 
+#ifdef HAVE_SUBID
+
+static int pakfire_getsubid(struct pakfire* pakfire, const char* owner,
+		struct pakfire_subid* subid, int (callback)(const char* owner, struct subid_range** ranges)) {
+	struct subid_range* ranges = NULL;
+	int count;
+	int r = -1;
+
+	if (!subid_init(PACKAGE_NAME, stderr)) {
+		ERROR(pakfire, "Could not setup subid: %m\n");
+		return 1;
+	}
+
+	count = callback(owner, &ranges);
+	if (count < 0) {
+		ERROR(pakfire, "Could not fetch subids for %s: %m\n", owner);
+		goto ERROR;
+	}
+
+	// Store the result
+	for (int i = 0; i < count; i++) {
+		subid->id     = ranges[i].start;
+		subid->length = ranges[i].count;
+		r = 0;
+		break;
+	}
+
+ERROR:
+	if (ranges)
+		free(ranges);
+
+	return r;
+}
+
+int pakfire_getsubuid(struct pakfire* pakfire, const char* owner, struct pakfire_subid* subid) {
+	return pakfire_getsubid(pakfire, owner, subid, subid_get_uid_ranges);
+}
+
+int pakfire_getsubgid(struct pakfire* pakfire, const char* owner, struct pakfire_subid* subid) {
+	return pakfire_getsubid(pakfire, owner, subid, subid_get_gid_ranges);
+}
+
+# else /* Our own implementation */
+
 static int pakfire_fgetsubid(struct pakfire* pakfire, struct pakfire_subid* subid, FILE* f) {
 	int r;
 
-- 
2.39.2