pwd: Use libsubid

This is an attempt to read any subids using libsubid from shadow.

However, it seems that libsubid is not entirely thread-safe and randomly
fails. Hence this code is kept disabled for now.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/Makefile.am b/Makefile.am
index e70b08ce5b237c28b987fcc220b5ad740cda2ec8..8a72f7309b59c47bd783e0ff7803454670eb3826 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -345,6 +345,7 @@ libpakfire_la_LIBADD = \
        $(SECCOMP_LIBS) \
        $(SOLV_LIBS) \
        $(SQLITE3_LIBS) \
+       $(SUBID_LIBS) \
        $(SYSTEMD_LIBS) \
        $(UUID_LIBS) \
        $(ZSTD_LIBS)

diff --git a/configure.ac b/configure.ac
index 91029206362264a6b26eda1705df5dfcef786d22..6700004cc6a204dc55829449078ee28c8b7abd6c 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -273,6 +273,18 @@ PKG_CHECK_MODULES([SYSTEMD], [libsystemd],
 PKG_CHECK_MODULES([UUID], [uuid])
 PKG_CHECK_MODULES([ZSTD], [libzstd])
 
+save_LIBS="$LIBS"
+
+# subid
+#LIBS=
+#AC_SEARCH_LIBS([subid_init], [subid],
+#      [AC_DEFINE([HAVE_SUBID], [], [subid is present])],
+#      [AC_MSG_WARN([*** subid library not found])])
+#SUBID_LIBS="$LIBS"
+#AC_SUBST(SUBID_LIBS)
+
+LIBS="$save_LIBS"
+
 AC_ARG_WITH([systemdsystemunitdir],
        AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
        [], [with_systemdsystemunitdir=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)])

diff --git a/src/libpakfire/pwd.c b/src/libpakfire/pwd.c
index 1e8fdf20178d35de25501a61a197e87a0196e514..4cc154246bd8dd0527737f78fb7191641d93cc31 100644 (file)
--- a/src/libpakfire/pwd.c
+++ b/src/libpakfire/pwd.c
@@ -25,6 +25,10 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#ifdef HAVE_SUBID
+#include <shadow/subid.h>
+#endif
+
 #include <pakfire/logging.h>
 #include <pakfire/pakfire.h>
 #include <pakfire/pwd.h>
@@ -158,6 +162,50 @@ struct group* pakfire_getgrgid(struct pakfire* pakfire, gid_t gid) {
 
 // SUBUID/SUBGID
 
+#ifdef HAVE_SUBID
+
+static int pakfire_getsubid(struct pakfire* pakfire, const char* owner,
+               struct pakfire_subid* subid, int (callback)(const char* owner, struct subid_range** ranges)) {
+       struct subid_range* ranges = NULL;
+       int count;
+       int r = -1;
+
+       if (!subid_init(PACKAGE_NAME, stderr)) {
+               ERROR(pakfire, "Could not setup subid: %m\n");
+               return 1;
+       }
+
+       count = callback(owner, &ranges);
+       if (count < 0) {
+               ERROR(pakfire, "Could not fetch subids for %s: %m\n", owner);
+               goto ERROR;
+       }
+
+       // Store the result
+       for (int i = 0; i < count; i++) {
+               subid->id     = ranges[i].start;
+               subid->length = ranges[i].count;
+               r = 0;
+               break;
+       }
+
+ERROR:
+       if (ranges)
+               free(ranges);
+
+       return r;
+}
+
+int pakfire_getsubuid(struct pakfire* pakfire, const char* owner, struct pakfire_subid* subid) {
+       return pakfire_getsubid(pakfire, owner, subid, subid_get_uid_ranges);
+}
+
+int pakfire_getsubgid(struct pakfire* pakfire, const char* owner, struct pakfire_subid* subid) {
+       return pakfire_getsubid(pakfire, owner, subid, subid_get_gid_ranges);
+}
+
+# else /* Our own implementation */
+
 static int pakfire_fgetsubid(struct pakfire* pakfire, struct pakfire_subid* subid, FILE* f) {
        int r;