]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
71d0b9d4 LP |
2 | |
3 | #include <sys/mount.h> | |
4 | ||
8e1bc689 | 5 | #include "cap-list.h" |
71d0b9d4 LP |
6 | #include "cgroup-util.h" |
7 | #include "dns-domain.h" | |
8 | #include "env-util.h" | |
9 | #include "fs-util.h" | |
28e5e1e9 | 10 | #include "glyph-util.h" |
71d0b9d4 LP |
11 | #include "hexdecoct.h" |
12 | #include "hostname-util.h" | |
49e55abb | 13 | #include "locale-util.h" |
71d0b9d4 LP |
14 | #include "memory-util.h" |
15 | #include "path-util.h" | |
16 | #include "pkcs11-util.h" | |
17 | #include "rlimit-util.h" | |
1b466c09 | 18 | #include "sha256.h" |
71d0b9d4 LP |
19 | #include "string-table.h" |
20 | #include "strv.h" | |
8e1ac16b | 21 | #include "uid-classification.h" |
71d0b9d4 LP |
22 | #include "user-record.h" |
23 | #include "user-util.h" | |
1b466c09 | 24 | #include "utf8.h" |
71d0b9d4 LP |
25 | |
26 | #define DEFAULT_RATELIMIT_BURST 30 | |
27 | #define DEFAULT_RATELIMIT_INTERVAL_USEC (1*USEC_PER_MINUTE) | |
28 | ||
29 | UserRecord* user_record_new(void) { | |
30 | UserRecord *h; | |
31 | ||
32 | h = new(UserRecord, 1); | |
33 | if (!h) | |
34 | return NULL; | |
35 | ||
36 | *h = (UserRecord) { | |
37 | .n_ref = 1, | |
38 | .disposition = _USER_DISPOSITION_INVALID, | |
39 | .last_change_usec = UINT64_MAX, | |
40 | .last_password_change_usec = UINT64_MAX, | |
41 | .umask = MODE_INVALID, | |
42 | .nice_level = INT_MAX, | |
43 | .not_before_usec = UINT64_MAX, | |
44 | .not_after_usec = UINT64_MAX, | |
45 | .locked = -1, | |
46 | .storage = _USER_STORAGE_INVALID, | |
47 | .access_mode = MODE_INVALID, | |
48 | .disk_size = UINT64_MAX, | |
49 | .disk_size_relative = UINT64_MAX, | |
50 | .tasks_max = UINT64_MAX, | |
51 | .memory_high = UINT64_MAX, | |
52 | .memory_max = UINT64_MAX, | |
53 | .cpu_weight = UINT64_MAX, | |
54 | .io_weight = UINT64_MAX, | |
55 | .uid = UID_INVALID, | |
56 | .gid = GID_INVALID, | |
57 | .nodev = true, | |
58 | .nosuid = true, | |
59 | .luks_discard = -1, | |
5e86c82a | 60 | .luks_offline_discard = -1, |
71d0b9d4 | 61 | .luks_volume_key_size = UINT64_MAX, |
b04ff66b | 62 | .luks_pbkdf_force_iterations = UINT64_MAX, |
71d0b9d4 LP |
63 | .luks_pbkdf_time_cost_usec = UINT64_MAX, |
64 | .luks_pbkdf_memory_cost = UINT64_MAX, | |
65 | .luks_pbkdf_parallel_threads = UINT64_MAX, | |
fd83c98e | 66 | .luks_sector_size = UINT64_MAX, |
71d0b9d4 LP |
67 | .disk_usage = UINT64_MAX, |
68 | .disk_free = UINT64_MAX, | |
69 | .disk_ceiling = UINT64_MAX, | |
70 | .disk_floor = UINT64_MAX, | |
71 | .signed_locally = -1, | |
72 | .good_authentication_counter = UINT64_MAX, | |
73 | .bad_authentication_counter = UINT64_MAX, | |
74 | .last_good_authentication_usec = UINT64_MAX, | |
75 | .last_bad_authentication_usec = UINT64_MAX, | |
76 | .ratelimit_begin_usec = UINT64_MAX, | |
77 | .ratelimit_count = UINT64_MAX, | |
78 | .ratelimit_interval_usec = UINT64_MAX, | |
79 | .ratelimit_burst = UINT64_MAX, | |
80 | .removable = -1, | |
81 | .enforce_password_policy = -1, | |
82 | .auto_login = -1, | |
83 | .stop_delay_usec = UINT64_MAX, | |
84 | .kill_processes = -1, | |
85 | .password_change_min_usec = UINT64_MAX, | |
86 | .password_change_max_usec = UINT64_MAX, | |
87 | .password_change_warn_usec = UINT64_MAX, | |
88 | .password_change_inactive_usec = UINT64_MAX, | |
89 | .password_change_now = -1, | |
90 | .pkcs11_protected_authentication_path_permitted = -1, | |
7b78db28 | 91 | .fido2_user_presence_permitted = -1, |
17e7561a | 92 | .fido2_user_verification_permitted = -1, |
86019efa | 93 | .drop_caches = -1, |
8bec643c | 94 | .auto_resize_mode = _AUTO_RESIZE_MODE_INVALID, |
9aa3e5eb | 95 | .rebalance_weight = REBALANCE_WEIGHT_UNSET, |
71d0b9d4 LP |
96 | }; |
97 | ||
98 | return h; | |
99 | } | |
100 | ||
101 | static void pkcs11_encrypted_key_done(Pkcs11EncryptedKey *k) { | |
102 | if (!k) | |
103 | return; | |
104 | ||
105 | free(k->uri); | |
106 | erase_and_free(k->data); | |
107 | erase_and_free(k->hashed_password); | |
108 | } | |
109 | ||
5e4fa456 LP |
110 | static void fido2_hmac_credential_done(Fido2HmacCredential *c) { |
111 | if (!c) | |
112 | return; | |
113 | ||
114 | free(c->id); | |
115 | } | |
116 | ||
117 | static void fido2_hmac_salt_done(Fido2HmacSalt *s) { | |
118 | if (!s) | |
119 | return; | |
120 | ||
121 | fido2_hmac_credential_done(&s->credential); | |
122 | erase_and_free(s->salt); | |
123 | erase_and_free(s->hashed_password); | |
124 | } | |
125 | ||
b3a97fd3 LP |
126 | static void recovery_key_done(RecoveryKey *k) { |
127 | if (!k) | |
128 | return; | |
129 | ||
130 | free(k->type); | |
131 | erase_and_free(k->hashed_password); | |
132 | } | |
133 | ||
71d0b9d4 LP |
134 | static UserRecord* user_record_free(UserRecord *h) { |
135 | if (!h) | |
136 | return NULL; | |
137 | ||
138 | free(h->user_name); | |
139 | free(h->realm); | |
140 | free(h->user_name_and_realm_auto); | |
141 | free(h->real_name); | |
142 | free(h->email_address); | |
143 | erase_and_free(h->password_hint); | |
144 | free(h->location); | |
145 | free(h->icon_name); | |
146 | ||
1b466c09 AV |
147 | free(h->blob_directory); |
148 | hashmap_free(h->blob_manifest); | |
149 | ||
71d0b9d4 LP |
150 | free(h->shell); |
151 | ||
152 | strv_free(h->environment); | |
153 | free(h->time_zone); | |
154 | free(h->preferred_language); | |
49e55abb | 155 | strv_free(h->additional_languages); |
71d0b9d4 LP |
156 | rlimit_free_all(h->rlimits); |
157 | ||
158 | free(h->skeleton_directory); | |
159 | ||
160 | strv_free_erase(h->hashed_password); | |
161 | strv_free_erase(h->ssh_authorized_keys); | |
162 | strv_free_erase(h->password); | |
c0bde0d2 | 163 | strv_free_erase(h->token_pin); |
71d0b9d4 LP |
164 | |
165 | free(h->cifs_service); | |
166 | free(h->cifs_user_name); | |
167 | free(h->cifs_domain); | |
4c2ee5c7 | 168 | free(h->cifs_extra_mount_options); |
71d0b9d4 LP |
169 | |
170 | free(h->image_path); | |
171 | free(h->image_path_auto); | |
172 | free(h->home_directory); | |
173 | free(h->home_directory_auto); | |
174 | ||
46c60f72 LP |
175 | free(h->fallback_shell); |
176 | free(h->fallback_home_directory); | |
177 | ||
71d0b9d4 | 178 | strv_free(h->member_of); |
8e1bc689 LP |
179 | strv_free(h->capability_bounding_set); |
180 | strv_free(h->capability_ambient_set); | |
71d0b9d4 LP |
181 | |
182 | free(h->file_system_type); | |
183 | free(h->luks_cipher); | |
184 | free(h->luks_cipher_mode); | |
185 | free(h->luks_pbkdf_hash_algorithm); | |
186 | free(h->luks_pbkdf_type); | |
2e0001c2 | 187 | free(h->luks_extra_mount_options); |
71d0b9d4 LP |
188 | |
189 | free(h->state); | |
190 | free(h->service); | |
191 | ||
793ceda1 AV |
192 | free(h->preferred_session_type); |
193 | free(h->preferred_session_launcher); | |
194 | ||
71d0b9d4 LP |
195 | strv_free(h->pkcs11_token_uri); |
196 | for (size_t i = 0; i < h->n_pkcs11_encrypted_key; i++) | |
197 | pkcs11_encrypted_key_done(h->pkcs11_encrypted_key + i); | |
198 | free(h->pkcs11_encrypted_key); | |
199 | ||
5e4fa456 LP |
200 | for (size_t i = 0; i < h->n_fido2_hmac_credential; i++) |
201 | fido2_hmac_credential_done(h->fido2_hmac_credential + i); | |
202 | for (size_t i = 0; i < h->n_fido2_hmac_salt; i++) | |
203 | fido2_hmac_salt_done(h->fido2_hmac_salt + i); | |
204 | ||
b3a97fd3 LP |
205 | strv_free(h->recovery_key_type); |
206 | for (size_t i = 0; i < h->n_recovery_key; i++) | |
207 | recovery_key_done(h->recovery_key + i); | |
208 | ||
71d0b9d4 LP |
209 | json_variant_unref(h->json); |
210 | ||
211 | return mfree(h); | |
212 | } | |
213 | ||
214 | DEFINE_TRIVIAL_REF_UNREF_FUNC(UserRecord, user_record, user_record_free); | |
215 | ||
216 | int json_dispatch_realm(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
217 | char **s = userdata; | |
218 | const char *n; | |
219 | int r; | |
220 | ||
221 | if (json_variant_is_null(variant)) { | |
222 | *s = mfree(*s); | |
223 | return 0; | |
224 | } | |
225 | ||
226 | if (!json_variant_is_string(variant)) | |
227 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
228 | ||
229 | n = json_variant_string(variant); | |
230 | r = dns_name_is_valid(n); | |
231 | if (r < 0) | |
232 | return json_log(variant, flags, r, "Failed to check if JSON field '%s' is a valid DNS domain.", strna(name)); | |
233 | if (r == 0) | |
234 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid DNS domain.", strna(name)); | |
235 | ||
236 | r = free_and_strdup(s, n); | |
237 | if (r < 0) | |
238 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
239 | ||
240 | return 0; | |
241 | } | |
242 | ||
0bb43080 | 243 | int json_dispatch_gecos(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { |
71d0b9d4 LP |
244 | char **s = userdata; |
245 | const char *n; | |
71d0b9d4 LP |
246 | |
247 | if (json_variant_is_null(variant)) { | |
248 | *s = mfree(*s); | |
249 | return 0; | |
250 | } | |
251 | ||
252 | if (!json_variant_is_string(variant)) | |
253 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
254 | ||
255 | n = json_variant_string(variant); | |
5cd12aba LP |
256 | if (valid_gecos(n)) { |
257 | if (free_and_strdup(s, n) < 0) | |
258 | return json_log_oom(variant, flags); | |
259 | } else { | |
260 | _cleanup_free_ char *m = NULL; | |
71d0b9d4 | 261 | |
5cd12aba LP |
262 | json_log(variant, flags|JSON_DEBUG, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid GECOS compatible string, mangling.", strna(name)); |
263 | ||
264 | m = mangle_gecos(n); | |
265 | if (!m) | |
266 | return json_log_oom(variant, flags); | |
267 | ||
268 | free_and_replace(*s, m); | |
269 | } | |
71d0b9d4 LP |
270 | |
271 | return 0; | |
272 | } | |
273 | ||
274 | static int json_dispatch_nice(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
275 | int *nl = userdata; | |
718ca772 | 276 | int64_t m; |
71d0b9d4 LP |
277 | |
278 | if (json_variant_is_null(variant)) { | |
279 | *nl = INT_MAX; | |
280 | return 0; | |
281 | } | |
282 | ||
283 | if (!json_variant_is_integer(variant)) | |
284 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
285 | ||
286 | m = json_variant_integer(variant); | |
287 | if (m < PRIO_MIN || m >= PRIO_MAX) | |
288 | return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), "JSON field '%s' is not a valid nice level.", strna(name)); | |
289 | ||
290 | *nl = m; | |
291 | return 0; | |
292 | } | |
293 | ||
294 | static int json_dispatch_rlimit_value(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
295 | rlim_t *ret = userdata; | |
296 | ||
297 | if (json_variant_is_null(variant)) | |
298 | *ret = RLIM_INFINITY; | |
299 | else if (json_variant_is_unsigned(variant)) { | |
718ca772 | 300 | uint64_t w; |
71d0b9d4 LP |
301 | |
302 | w = json_variant_unsigned(variant); | |
718ca772 | 303 | if (w == RLIM_INFINITY || (uint64_t) w != json_variant_unsigned(variant)) |
71d0b9d4 LP |
304 | return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), "Resource limit value '%s' is out of range.", name); |
305 | ||
306 | *ret = (rlim_t) w; | |
307 | } else | |
308 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit value '%s' is not an unsigned integer.", name); | |
309 | ||
310 | return 0; | |
311 | } | |
312 | ||
313 | static int json_dispatch_rlimits(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
314 | struct rlimit** limits = userdata; | |
315 | JsonVariant *value; | |
316 | const char *key; | |
317 | int r; | |
318 | ||
319 | assert_se(limits); | |
320 | ||
321 | if (json_variant_is_null(variant)) { | |
322 | rlimit_free_all(limits); | |
323 | return 0; | |
324 | } | |
325 | ||
326 | if (!json_variant_is_object(variant)) | |
327 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an object.", strna(name)); | |
328 | ||
329 | JSON_VARIANT_OBJECT_FOREACH(key, value, variant) { | |
330 | JsonVariant *jcur, *jmax; | |
331 | struct rlimit rl; | |
332 | const char *p; | |
333 | int l; | |
334 | ||
335 | p = startswith(key, "RLIMIT_"); | |
336 | if (!p) | |
7211c853 | 337 | l = -SYNTHETIC_ERRNO(EINVAL); |
71d0b9d4 LP |
338 | else |
339 | l = rlimit_from_string(p); | |
340 | if (l < 0) | |
7211c853 | 341 | return json_log(variant, flags, l, "Resource limit '%s' not known.", key); |
71d0b9d4 LP |
342 | |
343 | if (!json_variant_is_object(value)) | |
344 | return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' has invalid value.", key); | |
345 | ||
346 | if (json_variant_elements(value) != 4) | |
347 | return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' value is does not have two fields as expected.", key); | |
348 | ||
349 | jcur = json_variant_by_key(value, "cur"); | |
350 | if (!jcur) | |
351 | return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' lacks 'cur' field.", key); | |
352 | r = json_dispatch_rlimit_value("cur", jcur, flags, &rl.rlim_cur); | |
353 | if (r < 0) | |
354 | return r; | |
355 | ||
356 | jmax = json_variant_by_key(value, "max"); | |
357 | if (!jmax) | |
358 | return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' lacks 'max' field.", key); | |
359 | r = json_dispatch_rlimit_value("max", jmax, flags, &rl.rlim_max); | |
360 | if (r < 0) | |
361 | return r; | |
362 | ||
363 | if (limits[l]) | |
364 | *(limits[l]) = rl; | |
365 | else { | |
366 | limits[l] = newdup(struct rlimit, &rl, 1); | |
367 | if (!limits[l]) | |
368 | return log_oom(); | |
369 | } | |
370 | } | |
371 | ||
372 | return 0; | |
373 | } | |
374 | ||
375 | static int json_dispatch_filename_or_path(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
99534007 | 376 | char **s = ASSERT_PTR(userdata); |
71d0b9d4 LP |
377 | const char *n; |
378 | int r; | |
379 | ||
71d0b9d4 LP |
380 | if (json_variant_is_null(variant)) { |
381 | *s = mfree(*s); | |
382 | return 0; | |
383 | } | |
384 | ||
385 | if (!json_variant_is_string(variant)) | |
386 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
387 | ||
388 | n = json_variant_string(variant); | |
389 | if (!filename_is_valid(n) && !path_is_normalized(n)) | |
390 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid file name or normalized path.", strna(name)); | |
391 | ||
392 | r = free_and_strdup(s, n); | |
393 | if (r < 0) | |
394 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
395 | ||
396 | return 0; | |
397 | } | |
398 | ||
399 | static int json_dispatch_path(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
400 | char **s = userdata; | |
401 | const char *n; | |
402 | int r; | |
403 | ||
404 | if (json_variant_is_null(variant)) { | |
405 | *s = mfree(*s); | |
406 | return 0; | |
407 | } | |
408 | ||
409 | if (!json_variant_is_string(variant)) | |
410 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
411 | ||
412 | n = json_variant_string(variant); | |
413 | if (!path_is_normalized(n)) | |
414 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a normalized file system path.", strna(name)); | |
415 | if (!path_is_absolute(n)) | |
416 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an absolute file system path.", strna(name)); | |
417 | ||
418 | r = free_and_strdup(s, n); | |
419 | if (r < 0) | |
420 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
421 | ||
422 | return 0; | |
423 | } | |
424 | ||
425 | static int json_dispatch_home_directory(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
426 | char **s = userdata; | |
427 | const char *n; | |
428 | int r; | |
429 | ||
430 | if (json_variant_is_null(variant)) { | |
431 | *s = mfree(*s); | |
432 | return 0; | |
433 | } | |
434 | ||
435 | if (!json_variant_is_string(variant)) | |
436 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
437 | ||
438 | n = json_variant_string(variant); | |
439 | if (!valid_home(n)) | |
440 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid home directory path.", strna(name)); | |
441 | ||
442 | r = free_and_strdup(s, n); | |
443 | if (r < 0) | |
444 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
445 | ||
446 | return 0; | |
447 | } | |
448 | ||
449 | static int json_dispatch_image_path(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
450 | char **s = userdata; | |
451 | const char *n; | |
452 | int r; | |
453 | ||
454 | if (json_variant_is_null(variant)) { | |
455 | *s = mfree(*s); | |
456 | return 0; | |
457 | } | |
458 | ||
459 | if (!json_variant_is_string(variant)) | |
460 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
461 | ||
462 | n = json_variant_string(variant); | |
463 | if (empty_or_root(n) || !path_is_valid(n) || !path_is_absolute(n)) | |
464 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid image path.", strna(name)); | |
465 | ||
466 | r = free_and_strdup(s, n); | |
467 | if (r < 0) | |
468 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
469 | ||
470 | return 0; | |
471 | } | |
472 | ||
473 | static int json_dispatch_umask(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
474 | mode_t *m = userdata; | |
718ca772 | 475 | uint64_t k; |
71d0b9d4 LP |
476 | |
477 | if (json_variant_is_null(variant)) { | |
f5fbe71d | 478 | *m = MODE_INVALID; |
71d0b9d4 LP |
479 | return 0; |
480 | } | |
481 | ||
482 | if (!json_variant_is_unsigned(variant)) | |
483 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a number.", strna(name)); | |
484 | ||
485 | k = json_variant_unsigned(variant); | |
486 | if (k > 0777) | |
28e5e1e9 DT |
487 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), |
488 | "JSON field '%s' outside of valid range 0%s0777.", | |
489 | strna(name), special_glyph(SPECIAL_GLYPH_ELLIPSIS)); | |
71d0b9d4 LP |
490 | |
491 | *m = (mode_t) k; | |
492 | return 0; | |
493 | } | |
494 | ||
495 | static int json_dispatch_access_mode(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
496 | mode_t *m = userdata; | |
718ca772 | 497 | uint64_t k; |
71d0b9d4 LP |
498 | |
499 | if (json_variant_is_null(variant)) { | |
f5fbe71d | 500 | *m = MODE_INVALID; |
71d0b9d4 LP |
501 | return 0; |
502 | } | |
503 | ||
504 | if (!json_variant_is_unsigned(variant)) | |
505 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a number.", strna(name)); | |
506 | ||
507 | k = json_variant_unsigned(variant); | |
508 | if (k > 07777) | |
28e5e1e9 DT |
509 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), |
510 | "JSON field '%s' outside of valid range 0%s07777.", | |
511 | strna(name), special_glyph(SPECIAL_GLYPH_ELLIPSIS)); | |
71d0b9d4 LP |
512 | |
513 | *m = (mode_t) k; | |
514 | return 0; | |
515 | } | |
516 | ||
517 | static int json_dispatch_environment(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
518 | _cleanup_strv_free_ char **n = NULL; | |
519 | char ***l = userdata; | |
71d0b9d4 LP |
520 | int r; |
521 | ||
522 | if (json_variant_is_null(variant)) { | |
523 | *l = strv_free(*l); | |
524 | return 0; | |
525 | } | |
526 | ||
527 | if (!json_variant_is_array(variant)) | |
528 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array.", strna(name)); | |
529 | ||
6f8f8688 | 530 | for (size_t i = 0; i < json_variant_elements(variant); i++) { |
71d0b9d4 LP |
531 | JsonVariant *e; |
532 | const char *a; | |
533 | ||
534 | e = json_variant_by_index(variant, i); | |
535 | if (!json_variant_is_string(e)) | |
536 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of strings.", strna(name)); | |
537 | ||
538 | assert_se(a = json_variant_string(e)); | |
539 | ||
540 | if (!env_assignment_is_valid(a)) | |
541 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of environment variables.", strna(name)); | |
542 | ||
aaf057c4 | 543 | r = strv_env_replace_strdup(&n, a); |
71d0b9d4 LP |
544 | if (r < 0) |
545 | return json_log_oom(variant, flags); | |
71d0b9d4 LP |
546 | } |
547 | ||
aaf057c4 | 548 | return strv_free_and_replace(*l, n); |
71d0b9d4 LP |
549 | } |
550 | ||
49e55abb AV |
551 | static int json_dispatch_locale(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { |
552 | char **s = userdata; | |
553 | const char *n; | |
554 | int r; | |
555 | ||
556 | if (json_variant_is_null(variant)) { | |
557 | *s = mfree(*s); | |
558 | return 0; | |
559 | } | |
560 | ||
561 | if (!json_variant_is_string(variant)) | |
562 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
563 | ||
564 | n = json_variant_string(variant); | |
565 | ||
566 | if (!locale_is_valid(n)) | |
567 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid locale.", strna(name)); | |
568 | ||
569 | r = free_and_strdup(s, n); | |
570 | if (r < 0) | |
571 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
572 | ||
573 | return 0; | |
574 | } | |
575 | ||
576 | static int json_dispatch_locales(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
577 | _cleanup_strv_free_ char **n = NULL; | |
578 | char ***l = userdata; | |
579 | const char *locale; | |
580 | JsonVariant *e; | |
581 | int r; | |
582 | ||
583 | if (json_variant_is_null(variant)) { | |
584 | *l = strv_free(*l); | |
585 | return 0; | |
586 | } | |
587 | ||
588 | if (!json_variant_is_array(variant)) | |
589 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of strings.", strna(name)); | |
590 | ||
591 | JSON_VARIANT_ARRAY_FOREACH(e, variant) { | |
592 | if (!json_variant_is_string(e)) | |
593 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of strings.", strna(name)); | |
594 | ||
595 | locale = json_variant_string(e); | |
596 | if (!locale_is_valid(locale)) | |
597 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of valid locales.", strna(name)); | |
598 | ||
599 | r = strv_extend(&n, locale); | |
600 | if (r < 0) | |
601 | return json_log_oom(variant, flags); | |
602 | } | |
603 | ||
604 | return strv_free_and_replace(*l, n); | |
605 | } | |
606 | ||
19f32829 LP |
607 | JSON_DISPATCH_ENUM_DEFINE(json_dispatch_user_disposition, UserDisposition, user_disposition_from_string); |
608 | static JSON_DISPATCH_ENUM_DEFINE(json_dispatch_user_storage, UserStorage, user_storage_from_string); | |
71d0b9d4 | 609 | |
71d0b9d4 | 610 | static int json_dispatch_tasks_or_memory_max(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { |
718ca772 | 611 | uint64_t *limit = userdata, k; |
71d0b9d4 LP |
612 | |
613 | if (json_variant_is_null(variant)) { | |
614 | *limit = UINT64_MAX; | |
615 | return 0; | |
616 | } | |
617 | ||
618 | if (!json_variant_is_unsigned(variant)) | |
387f6955 | 619 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an integer.", strna(name)); |
71d0b9d4 LP |
620 | |
621 | k = json_variant_unsigned(variant); | |
622 | if (k <= 0 || k >= UINT64_MAX) | |
28e5e1e9 DT |
623 | return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), |
624 | "JSON field '%s' is not in valid range %" PRIu64 "%s%" PRIu64 ".", | |
625 | strna(name), (uint64_t) 1, special_glyph(SPECIAL_GLYPH_ELLIPSIS), UINT64_MAX-1); | |
71d0b9d4 LP |
626 | |
627 | *limit = k; | |
628 | return 0; | |
629 | } | |
630 | ||
631 | static int json_dispatch_weight(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
718ca772 | 632 | uint64_t *weight = userdata, k; |
71d0b9d4 LP |
633 | |
634 | if (json_variant_is_null(variant)) { | |
635 | *weight = UINT64_MAX; | |
636 | return 0; | |
637 | } | |
638 | ||
639 | if (!json_variant_is_unsigned(variant)) | |
387f6955 | 640 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an integer.", strna(name)); |
71d0b9d4 LP |
641 | |
642 | k = json_variant_unsigned(variant); | |
643 | if (k <= CGROUP_WEIGHT_MIN || k >= CGROUP_WEIGHT_MAX) | |
28e5e1e9 DT |
644 | return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), |
645 | "JSON field '%s' is not in valid range %" PRIu64 "%s%" PRIu64 ".", | |
646 | strna(name), (uint64_t) CGROUP_WEIGHT_MIN, | |
647 | special_glyph(SPECIAL_GLYPH_ELLIPSIS), (uint64_t) CGROUP_WEIGHT_MAX); | |
71d0b9d4 LP |
648 | |
649 | *weight = k; | |
650 | return 0; | |
651 | } | |
652 | ||
653 | int json_dispatch_user_group_list(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
654 | _cleanup_strv_free_ char **l = NULL; | |
655 | char ***list = userdata; | |
656 | JsonVariant *e; | |
657 | int r; | |
658 | ||
659 | if (!json_variant_is_array(variant)) | |
660 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of strings.", strna(name)); | |
661 | ||
662 | JSON_VARIANT_ARRAY_FOREACH(e, variant) { | |
663 | ||
664 | if (!json_variant_is_string(e)) | |
665 | return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not a string."); | |
666 | ||
7a8867ab | 667 | if (!valid_user_group_name(json_variant_string(e), FLAGS_SET(flags, JSON_RELAX) ? VALID_USER_RELAX : 0)) |
71d0b9d4 LP |
668 | return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not a valid user/group name: %s", json_variant_string(e)); |
669 | ||
670 | r = strv_extend(&l, json_variant_string(e)); | |
671 | if (r < 0) | |
672 | return json_log(e, flags, r, "Failed to append array element: %m"); | |
673 | } | |
674 | ||
675 | r = strv_extend_strv(list, l, true); | |
676 | if (r < 0) | |
677 | return json_log(variant, flags, r, "Failed to merge user/group arrays: %m"); | |
678 | ||
679 | return 0; | |
680 | } | |
681 | ||
682 | static int dispatch_secret(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
683 | ||
684 | static const JsonDispatch secret_dispatch_table[] = { | |
685 | { "password", _JSON_VARIANT_TYPE_INVALID, json_dispatch_strv, offsetof(UserRecord, password), 0 }, | |
c0bde0d2 LP |
686 | { "tokenPin", _JSON_VARIANT_TYPE_INVALID, json_dispatch_strv, offsetof(UserRecord, token_pin), 0 }, |
687 | { "pkcs11Pin", /* legacy alias */ _JSON_VARIANT_TYPE_INVALID, json_dispatch_strv, offsetof(UserRecord, token_pin), 0 }, | |
71d0b9d4 | 688 | { "pkcs11ProtectedAuthenticationPathPermitted", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, pkcs11_protected_authentication_path_permitted), 0 }, |
7b78db28 | 689 | { "fido2UserPresencePermitted", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, fido2_user_presence_permitted), 0 }, |
17e7561a | 690 | { "fido2UserVerificationPermitted", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, fido2_user_verification_permitted), 0 }, |
71d0b9d4 LP |
691 | {}, |
692 | }; | |
693 | ||
f1b622a0 | 694 | return json_dispatch(variant, secret_dispatch_table, flags, userdata); |
71d0b9d4 LP |
695 | } |
696 | ||
697 | static int dispatch_pkcs11_uri(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
698 | char **s = userdata; | |
699 | const char *n; | |
700 | int r; | |
701 | ||
702 | if (json_variant_is_null(variant)) { | |
703 | *s = mfree(*s); | |
704 | return 0; | |
705 | } | |
706 | ||
707 | if (!json_variant_is_string(variant)) | |
708 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
709 | ||
710 | n = json_variant_string(variant); | |
711 | if (!pkcs11_uri_valid(n)) | |
712 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid RFC7512 PKCS#11 URI.", strna(name)); | |
713 | ||
714 | r = free_and_strdup(s, n); | |
715 | if (r < 0) | |
716 | return json_log(variant, flags, r, "Failed to allocate string: %m"); | |
717 | ||
718 | return 0; | |
719 | } | |
720 | ||
721 | static int dispatch_pkcs11_uri_array(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
722 | _cleanup_strv_free_ char **z = NULL; | |
723 | char ***l = userdata; | |
724 | JsonVariant *e; | |
725 | int r; | |
726 | ||
727 | if (json_variant_is_null(variant)) { | |
728 | *l = strv_free(*l); | |
729 | return 0; | |
730 | } | |
731 | ||
732 | if (json_variant_is_string(variant)) { | |
733 | const char *n; | |
734 | ||
735 | n = json_variant_string(variant); | |
736 | if (!pkcs11_uri_valid(n)) | |
737 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid RFC7512 PKCS#11 URI.", strna(name)); | |
738 | ||
739 | z = strv_new(n); | |
740 | if (!z) | |
741 | return log_oom(); | |
742 | ||
743 | } else { | |
744 | ||
745 | if (!json_variant_is_array(variant)) | |
746 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string or array of strings.", strna(name)); | |
747 | ||
748 | JSON_VARIANT_ARRAY_FOREACH(e, variant) { | |
749 | const char *n; | |
750 | ||
751 | if (!json_variant_is_string(e)) | |
752 | return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not a string."); | |
753 | ||
754 | n = json_variant_string(e); | |
755 | if (!pkcs11_uri_valid(n)) | |
756 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element in '%s' is not a valid RFC7512 PKCS#11 URI: %s", strna(name), n); | |
757 | ||
758 | r = strv_extend(&z, n); | |
759 | if (r < 0) | |
760 | return log_oom(); | |
761 | } | |
762 | } | |
763 | ||
764 | strv_free_and_replace(*l, z); | |
765 | return 0; | |
766 | } | |
767 | ||
768 | static int dispatch_pkcs11_key_data(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
769 | Pkcs11EncryptedKey *k = userdata; | |
770 | size_t l; | |
771 | void *b; | |
772 | int r; | |
773 | ||
774 | if (json_variant_is_null(variant)) { | |
d00f3183 | 775 | k->data = erase_and_free(k->data); |
71d0b9d4 LP |
776 | k->size = 0; |
777 | return 0; | |
778 | } | |
779 | ||
780 | if (!json_variant_is_string(variant)) | |
781 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
782 | ||
bdd2036e | 783 | r = unbase64mem(json_variant_string(variant), &b, &l); |
71d0b9d4 LP |
784 | if (r < 0) |
785 | return json_log(variant, flags, r, "Failed to decode encrypted PKCS#11 key: %m"); | |
786 | ||
787 | erase_and_free(k->data); | |
788 | k->data = b; | |
789 | k->size = l; | |
790 | ||
791 | return 0; | |
792 | } | |
793 | ||
794 | static int dispatch_pkcs11_key(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
795 | UserRecord *h = userdata; | |
796 | JsonVariant *e; | |
797 | int r; | |
798 | ||
799 | if (!json_variant_is_array(variant)) | |
800 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of objects.", strna(name)); | |
801 | ||
802 | JSON_VARIANT_ARRAY_FOREACH(e, variant) { | |
803 | Pkcs11EncryptedKey *array, *k; | |
804 | ||
805 | static const JsonDispatch pkcs11_key_dispatch_table[] = { | |
806 | { "uri", JSON_VARIANT_STRING, dispatch_pkcs11_uri, offsetof(Pkcs11EncryptedKey, uri), JSON_MANDATORY }, | |
807 | { "data", JSON_VARIANT_STRING, dispatch_pkcs11_key_data, 0, JSON_MANDATORY }, | |
808 | { "hashedPassword", JSON_VARIANT_STRING, json_dispatch_string, offsetof(Pkcs11EncryptedKey, hashed_password), JSON_MANDATORY }, | |
809 | {}, | |
810 | }; | |
811 | ||
812 | if (!json_variant_is_object(e)) | |
813 | return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not an object."); | |
814 | ||
815 | array = reallocarray(h->pkcs11_encrypted_key, h->n_pkcs11_encrypted_key + 1, sizeof(Pkcs11EncryptedKey)); | |
816 | if (!array) | |
817 | return log_oom(); | |
818 | ||
819 | h->pkcs11_encrypted_key = array; | |
820 | k = h->pkcs11_encrypted_key + h->n_pkcs11_encrypted_key; | |
821 | *k = (Pkcs11EncryptedKey) {}; | |
822 | ||
f1b622a0 | 823 | r = json_dispatch(e, pkcs11_key_dispatch_table, flags, k); |
71d0b9d4 LP |
824 | if (r < 0) { |
825 | pkcs11_encrypted_key_done(k); | |
826 | return r; | |
827 | } | |
828 | ||
829 | h->n_pkcs11_encrypted_key++; | |
830 | } | |
831 | ||
832 | return 0; | |
833 | } | |
834 | ||
5e4fa456 LP |
835 | static int dispatch_fido2_hmac_credential(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { |
836 | Fido2HmacCredential *k = userdata; | |
837 | size_t l; | |
838 | void *b; | |
839 | int r; | |
840 | ||
841 | if (json_variant_is_null(variant)) { | |
842 | k->id = mfree(k->id); | |
843 | k->size = 0; | |
844 | return 0; | |
845 | } | |
846 | ||
847 | if (!json_variant_is_string(variant)) | |
848 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
849 | ||
bdd2036e | 850 | r = unbase64mem(json_variant_string(variant), &b, &l); |
5e4fa456 LP |
851 | if (r < 0) |
852 | return json_log(variant, flags, r, "Failed to decode FIDO2 credential ID: %m"); | |
853 | ||
854 | free_and_replace(k->id, b); | |
855 | k->size = l; | |
856 | ||
857 | return 0; | |
858 | } | |
859 | ||
860 | static int dispatch_fido2_hmac_credential_array(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
861 | UserRecord *h = userdata; | |
862 | JsonVariant *e; | |
863 | int r; | |
864 | ||
865 | if (!json_variant_is_array(variant)) | |
866 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of strings.", strna(name)); | |
867 | ||
868 | JSON_VARIANT_ARRAY_FOREACH(e, variant) { | |
869 | Fido2HmacCredential *array; | |
870 | size_t l; | |
871 | void *b; | |
872 | ||
873 | if (!json_variant_is_string(e)) | |
874 | return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not a string."); | |
875 | ||
876 | array = reallocarray(h->fido2_hmac_credential, h->n_fido2_hmac_credential + 1, sizeof(Fido2HmacCredential)); | |
877 | if (!array) | |
878 | return log_oom(); | |
879 | ||
bdd2036e | 880 | r = unbase64mem(json_variant_string(e), &b, &l); |
5e4fa456 LP |
881 | if (r < 0) |
882 | return json_log(variant, flags, r, "Failed to decode FIDO2 credential ID: %m"); | |
883 | ||
884 | h->fido2_hmac_credential = array; | |
885 | ||
886 | h->fido2_hmac_credential[h->n_fido2_hmac_credential++] = (Fido2HmacCredential) { | |
887 | .id = b, | |
888 | .size = l, | |
889 | }; | |
890 | } | |
891 | ||
892 | return 0; | |
893 | } | |
894 | ||
895 | static int dispatch_fido2_hmac_salt_value(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
896 | Fido2HmacSalt *k = userdata; | |
897 | size_t l; | |
898 | void *b; | |
899 | int r; | |
900 | ||
901 | if (json_variant_is_null(variant)) { | |
902 | k->salt = erase_and_free(k->salt); | |
903 | k->salt_size = 0; | |
904 | return 0; | |
905 | } | |
906 | ||
907 | if (!json_variant_is_string(variant)) | |
908 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name)); | |
909 | ||
bdd2036e | 910 | r = unbase64mem(json_variant_string(variant), &b, &l); |
5e4fa456 LP |
911 | if (r < 0) |
912 | return json_log(variant, flags, r, "Failed to decode FIDO2 salt: %m"); | |
913 | ||
914 | erase_and_free(k->salt); | |
915 | k->salt = b; | |
916 | k->salt_size = l; | |
917 | ||
918 | return 0; | |
919 | } | |
920 | ||
921 | static int dispatch_fido2_hmac_salt(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
922 | UserRecord *h = userdata; | |
923 | JsonVariant *e; | |
924 | int r; | |
925 | ||
926 | if (!json_variant_is_array(variant)) | |
927 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of objects.", strna(name)); | |
928 | ||
929 | JSON_VARIANT_ARRAY_FOREACH(e, variant) { | |
930 | Fido2HmacSalt *array, *k; | |
931 | ||
932 | static const JsonDispatch fido2_hmac_salt_dispatch_table[] = { | |
17e7561a LP |
933 | { "credential", JSON_VARIANT_STRING, dispatch_fido2_hmac_credential, offsetof(Fido2HmacSalt, credential), JSON_MANDATORY }, |
934 | { "salt", JSON_VARIANT_STRING, dispatch_fido2_hmac_salt_value, 0, JSON_MANDATORY }, | |
935 | { "hashedPassword", JSON_VARIANT_STRING, json_dispatch_string, offsetof(Fido2HmacSalt, hashed_password), JSON_MANDATORY }, | |
936 | { "up", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(Fido2HmacSalt, up), 0 }, | |
937 | { "uv", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(Fido2HmacSalt, uv), 0 }, | |
938 | { "clientPin", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(Fido2HmacSalt, client_pin), 0 }, | |
5e4fa456 LP |
939 | {}, |
940 | }; | |
941 | ||
942 | if (!json_variant_is_object(e)) | |
943 | return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not an object."); | |
944 | ||
945 | array = reallocarray(h->fido2_hmac_salt, h->n_fido2_hmac_salt + 1, sizeof(Fido2HmacSalt)); | |
946 | if (!array) | |
947 | return log_oom(); | |
948 | ||
949 | h->fido2_hmac_salt = array; | |
950 | k = h->fido2_hmac_salt + h->n_fido2_hmac_salt; | |
17e7561a LP |
951 | *k = (Fido2HmacSalt) { |
952 | .uv = -1, | |
953 | .up = -1, | |
954 | .client_pin = -1, | |
955 | }; | |
5e4fa456 | 956 | |
f1b622a0 | 957 | r = json_dispatch(e, fido2_hmac_salt_dispatch_table, flags, k); |
5e4fa456 LP |
958 | if (r < 0) { |
959 | fido2_hmac_salt_done(k); | |
960 | return r; | |
961 | } | |
962 | ||
963 | h->n_fido2_hmac_salt++; | |
964 | } | |
965 | ||
966 | return 0; | |
967 | } | |
968 | ||
b3a97fd3 LP |
969 | static int dispatch_recovery_key(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { |
970 | UserRecord *h = userdata; | |
971 | JsonVariant *e; | |
972 | int r; | |
973 | ||
974 | if (!json_variant_is_array(variant)) | |
975 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of objects.", strna(name)); | |
976 | ||
977 | JSON_VARIANT_ARRAY_FOREACH(e, variant) { | |
978 | RecoveryKey *array, *k; | |
979 | ||
980 | static const JsonDispatch recovery_key_dispatch_table[] = { | |
981 | { "type", JSON_VARIANT_STRING, json_dispatch_string, 0, JSON_MANDATORY }, | |
982 | { "hashedPassword", JSON_VARIANT_STRING, json_dispatch_string, offsetof(RecoveryKey, hashed_password), JSON_MANDATORY }, | |
983 | {}, | |
984 | }; | |
985 | ||
986 | if (!json_variant_is_object(e)) | |
987 | return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not an object."); | |
988 | ||
989 | array = reallocarray(h->recovery_key, h->n_recovery_key + 1, sizeof(RecoveryKey)); | |
990 | if (!array) | |
991 | return log_oom(); | |
992 | ||
993 | h->recovery_key = array; | |
994 | k = h->recovery_key + h->n_recovery_key; | |
995 | *k = (RecoveryKey) {}; | |
996 | ||
f1b622a0 | 997 | r = json_dispatch(e, recovery_key_dispatch_table, flags, k); |
b3a97fd3 LP |
998 | if (r < 0) { |
999 | recovery_key_done(k); | |
1000 | return r; | |
1001 | } | |
1002 | ||
1003 | h->n_recovery_key++; | |
1004 | } | |
1005 | ||
1006 | return 0; | |
1007 | } | |
1008 | ||
8bec643c LP |
1009 | static int dispatch_auto_resize_mode(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { |
1010 | AutoResizeMode *mode = userdata, m; | |
1011 | ||
1012 | assert_se(mode); | |
1013 | ||
1014 | if (json_variant_is_null(variant)) { | |
1015 | *mode = _AUTO_RESIZE_MODE_INVALID; | |
1016 | return 0; | |
1017 | } | |
1018 | ||
1019 | if (json_variant_is_boolean(variant)) { | |
1020 | *mode = json_variant_boolean(variant) ? AUTO_RESIZE_SHRINK_AND_GROW : AUTO_RESIZE_OFF; | |
1021 | return 0; | |
1022 | } | |
1023 | ||
1024 | if (!json_variant_is_string(variant)) | |
1025 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string, boolean or null.", strna(name)); | |
1026 | ||
1027 | m = auto_resize_mode_from_string(json_variant_string(variant)); | |
1028 | if (m < 0) | |
1029 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid automatic resize mode.", strna(name)); | |
1030 | ||
1031 | *mode = m; | |
1032 | return 0; | |
1033 | } | |
1034 | ||
9aa3e5eb LP |
1035 | static int dispatch_rebalance_weight(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { |
1036 | uint64_t *rebalance_weight = userdata; | |
1037 | uintmax_t u; | |
1038 | ||
1039 | assert_se(rebalance_weight); | |
1040 | ||
1041 | if (json_variant_is_null(variant)) { | |
1042 | *rebalance_weight = REBALANCE_WEIGHT_UNSET; | |
1043 | return 0; | |
1044 | } | |
1045 | ||
1046 | if (json_variant_is_boolean(variant)) { | |
1047 | *rebalance_weight = json_variant_boolean(variant) ? REBALANCE_WEIGHT_DEFAULT : REBALANCE_WEIGHT_OFF; | |
1048 | return 0; | |
1049 | } | |
1050 | ||
1051 | if (!json_variant_is_unsigned(variant)) | |
1052 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an unsigned integer, boolean or null.", strna(name)); | |
1053 | ||
1054 | u = json_variant_unsigned(variant); | |
1055 | if (u >= REBALANCE_WEIGHT_MIN && u <= REBALANCE_WEIGHT_MAX) | |
1056 | *rebalance_weight = (uint64_t) u; | |
1057 | else if (u == 0) | |
1058 | *rebalance_weight = REBALANCE_WEIGHT_OFF; | |
1059 | else | |
28e5e1e9 DT |
1060 | return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), |
1061 | "Rebalance weight is out of valid range %" PRIu64 "%s%" PRIu64 ".", | |
1062 | REBALANCE_WEIGHT_MIN, special_glyph(SPECIAL_GLYPH_ELLIPSIS), REBALANCE_WEIGHT_MAX); | |
9aa3e5eb LP |
1063 | |
1064 | return 0; | |
1065 | } | |
1066 | ||
71d0b9d4 LP |
1067 | static int dispatch_privileged(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { |
1068 | ||
1069 | static const JsonDispatch privileged_dispatch_table[] = { | |
5e4fa456 LP |
1070 | { "passwordHint", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, password_hint), 0 }, |
1071 | { "hashedPassword", _JSON_VARIANT_TYPE_INVALID, json_dispatch_strv, offsetof(UserRecord, hashed_password), JSON_SAFE }, | |
1072 | { "sshAuthorizedKeys", _JSON_VARIANT_TYPE_INVALID, json_dispatch_strv, offsetof(UserRecord, ssh_authorized_keys), 0 }, | |
1073 | { "pkcs11EncryptedKey", JSON_VARIANT_ARRAY, dispatch_pkcs11_key, 0, 0 }, | |
1074 | { "fido2HmacSalt", JSON_VARIANT_ARRAY, dispatch_fido2_hmac_salt, 0, 0 }, | |
b3a97fd3 | 1075 | { "recoveryKey", JSON_VARIANT_ARRAY, dispatch_recovery_key, 0, 0 }, |
71d0b9d4 LP |
1076 | {}, |
1077 | }; | |
1078 | ||
f1b622a0 | 1079 | return json_dispatch(variant, privileged_dispatch_table, flags, userdata); |
71d0b9d4 LP |
1080 | } |
1081 | ||
1082 | static int dispatch_binding(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
1083 | ||
1084 | static const JsonDispatch binding_dispatch_table[] = { | |
1b466c09 | 1085 | { "blobDirectory", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, blob_directory), 0 }, |
71d0b9d4 LP |
1086 | { "imagePath", JSON_VARIANT_STRING, json_dispatch_image_path, offsetof(UserRecord, image_path), 0 }, |
1087 | { "homeDirectory", JSON_VARIANT_STRING, json_dispatch_home_directory, offsetof(UserRecord, home_directory), 0 }, | |
1088 | { "partitionUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, partition_uuid), 0 }, | |
1089 | { "luksUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, luks_uuid), 0 }, | |
1090 | { "fileSystemUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, file_system_uuid), 0 }, | |
1091 | { "uid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, uid), 0 }, | |
1092 | { "gid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, gid), 0 }, | |
19f32829 | 1093 | { "storage", JSON_VARIANT_STRING, json_dispatch_user_storage, offsetof(UserRecord, storage), 0 }, |
71d0b9d4 LP |
1094 | { "fileSystemType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, file_system_type), JSON_SAFE }, |
1095 | { "luksCipher", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher), JSON_SAFE }, | |
1096 | { "luksCipherMode", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher_mode), JSON_SAFE }, | |
9942f855 | 1097 | { "luksVolumeKeySize", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, luks_volume_key_size), 0 }, |
71d0b9d4 LP |
1098 | {}, |
1099 | }; | |
1100 | ||
71d0b9d4 LP |
1101 | JsonVariant *m; |
1102 | sd_id128_t mid; | |
1103 | int r; | |
1104 | ||
1105 | if (!variant) | |
1106 | return 0; | |
1107 | ||
1108 | if (!json_variant_is_object(variant)) | |
1109 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an object.", strna(name)); | |
1110 | ||
1111 | r = sd_id128_get_machine(&mid); | |
1112 | if (r < 0) | |
1113 | return json_log(variant, flags, r, "Failed to determine machine ID: %m"); | |
1114 | ||
85b55869 | 1115 | m = json_variant_by_key(variant, SD_ID128_TO_STRING(mid)); |
71d0b9d4 LP |
1116 | if (!m) |
1117 | return 0; | |
1118 | ||
f1b622a0 | 1119 | return json_dispatch(m, binding_dispatch_table, flags, userdata); |
71d0b9d4 LP |
1120 | } |
1121 | ||
1b466c09 AV |
1122 | static int dispatch_blob_manifest(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { |
1123 | _cleanup_hashmap_free_ Hashmap *manifest = NULL; | |
1124 | Hashmap **ret = ASSERT_PTR(userdata); | |
1125 | JsonVariant *value; | |
1126 | const char *key; | |
1127 | int r; | |
1128 | ||
1129 | if (!variant) | |
1130 | return 0; | |
1131 | ||
1132 | if (!json_variant_is_object(variant)) | |
1133 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an object.", strna(name)); | |
1134 | ||
1135 | JSON_VARIANT_OBJECT_FOREACH(key, value, variant) { | |
1136 | _cleanup_free_ char *filename = NULL; | |
1137 | _cleanup_free_ uint8_t *hash = NULL; | |
1138 | ||
1139 | if (!json_variant_is_string(value)) | |
1140 | return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Blob entry '%s' has invalid hash.", key); | |
1141 | ||
1142 | if (!suitable_blob_filename(key)) | |
1143 | return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Blob entry '%s' has invalid filename.", key); | |
1144 | ||
1145 | filename = strdup(key); | |
1146 | if (!filename) | |
1147 | return json_log_oom(value, flags); | |
1148 | ||
1149 | hash = malloc(SHA256_DIGEST_SIZE); | |
1150 | if (!hash) | |
1151 | return json_log_oom(value, flags); | |
1152 | ||
1153 | r = parse_sha256(json_variant_string(value), hash); | |
1154 | if (r < 0) | |
1155 | return json_log(value, flags, r, "Blob entry '%s' has invalid hash: %s", filename, json_variant_string(value)); | |
1156 | ||
1157 | r = hashmap_ensure_put(&manifest, &path_hash_ops_free_free, filename, hash); | |
1158 | if (r < 0) | |
1159 | return json_log(value, flags, r, "Failed to insert blob manifest entry '%s': %m", filename); | |
1160 | TAKE_PTR(filename); /* Ownership transfers to hashmap */ | |
1161 | TAKE_PTR(hash); | |
1162 | } | |
1163 | ||
1164 | hashmap_free_and_replace(*ret, manifest); | |
1165 | return 0; | |
1166 | } | |
1167 | ||
71d0b9d4 LP |
1168 | int per_machine_id_match(JsonVariant *ids, JsonDispatchFlags flags) { |
1169 | sd_id128_t mid; | |
1170 | int r; | |
1171 | ||
1172 | r = sd_id128_get_machine(&mid); | |
1173 | if (r < 0) | |
1174 | return json_log(ids, flags, r, "Failed to acquire machine ID: %m"); | |
1175 | ||
1176 | if (json_variant_is_string(ids)) { | |
1177 | sd_id128_t k; | |
1178 | ||
1179 | r = sd_id128_from_string(json_variant_string(ids), &k); | |
1180 | if (r < 0) { | |
1181 | json_log(ids, flags, r, "%s is not a valid machine ID, ignoring: %m", json_variant_string(ids)); | |
1182 | return 0; | |
1183 | } | |
1184 | ||
1185 | return sd_id128_equal(mid, k); | |
1186 | } | |
1187 | ||
1188 | if (json_variant_is_array(ids)) { | |
1189 | JsonVariant *e; | |
1190 | ||
1191 | JSON_VARIANT_ARRAY_FOREACH(e, ids) { | |
1192 | sd_id128_t k; | |
1193 | ||
1194 | if (!json_variant_is_string(e)) { | |
1195 | json_log(e, flags, 0, "Machine ID is not a string, ignoring: %m"); | |
1196 | continue; | |
1197 | } | |
1198 | ||
1199 | r = sd_id128_from_string(json_variant_string(e), &k); | |
1200 | if (r < 0) { | |
1201 | json_log(e, flags, r, "%s is not a valid machine ID, ignoring: %m", json_variant_string(e)); | |
1202 | continue; | |
1203 | } | |
1204 | ||
1205 | if (sd_id128_equal(mid, k)) | |
1206 | return true; | |
1207 | } | |
1208 | ||
1209 | return false; | |
1210 | } | |
1211 | ||
1212 | json_log(ids, flags, 0, "Machine ID is not a string or array of strings, ignoring: %m"); | |
1213 | return false; | |
1214 | } | |
1215 | ||
1216 | int per_machine_hostname_match(JsonVariant *hns, JsonDispatchFlags flags) { | |
1217 | _cleanup_free_ char *hn = NULL; | |
1218 | int r; | |
1219 | ||
1220 | r = gethostname_strict(&hn); | |
1221 | if (r == -ENXIO) { | |
1222 | json_log(hns, flags, r, "No hostname set, not matching perMachine hostname record: %m"); | |
1223 | return false; | |
1224 | } | |
1225 | if (r < 0) | |
1226 | return json_log(hns, flags, r, "Failed to acquire hostname: %m"); | |
1227 | ||
1228 | if (json_variant_is_string(hns)) | |
1229 | return streq(json_variant_string(hns), hn); | |
1230 | ||
1231 | if (json_variant_is_array(hns)) { | |
1232 | JsonVariant *e; | |
1233 | ||
1234 | JSON_VARIANT_ARRAY_FOREACH(e, hns) { | |
1235 | ||
1236 | if (!json_variant_is_string(e)) { | |
1237 | json_log(e, flags, 0, "Hostname is not a string, ignoring: %m"); | |
1238 | continue; | |
1239 | } | |
1240 | ||
1241 | if (streq(json_variant_string(hns), hn)) | |
1242 | return true; | |
1243 | } | |
1244 | ||
1245 | return false; | |
1246 | } | |
1247 | ||
1248 | json_log(hns, flags, 0, "Hostname is not a string or array of strings, ignoring: %m"); | |
1249 | return false; | |
1250 | } | |
1251 | ||
f0409e7b AV |
1252 | int per_machine_match(JsonVariant *entry, JsonDispatchFlags flags) { |
1253 | JsonVariant *m; | |
1254 | int r; | |
1255 | ||
1256 | assert(json_variant_is_object(entry)); | |
1257 | ||
1258 | m = json_variant_by_key(entry, "matchMachineId"); | |
1259 | if (m) { | |
1260 | r = per_machine_id_match(m, flags); | |
1261 | if (r < 0) | |
1262 | return r; | |
1263 | if (r > 0) | |
1264 | return true; | |
1265 | } | |
1266 | ||
1267 | m = json_variant_by_key(entry, "matchHostname"); | |
1268 | if (m) { | |
1269 | r = per_machine_hostname_match(m, flags); | |
1270 | if (r < 0) | |
1271 | return r; | |
1272 | if (r > 0) | |
1273 | return true; | |
1274 | } | |
1275 | ||
1276 | return false; | |
1277 | } | |
1278 | ||
71d0b9d4 LP |
1279 | static int dispatch_per_machine(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { |
1280 | ||
1281 | static const JsonDispatch per_machine_dispatch_table[] = { | |
5e4fa456 LP |
1282 | { "matchMachineId", _JSON_VARIANT_TYPE_INVALID, NULL, 0, 0 }, |
1283 | { "matchHostname", _JSON_VARIANT_TYPE_INVALID, NULL, 0, 0 }, | |
1b466c09 AV |
1284 | { "blobDirectory", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, blob_directory), 0 }, |
1285 | { "blobManifest", JSON_VARIANT_OBJECT, dispatch_blob_manifest, offsetof(UserRecord, blob_manifest), 0 }, | |
5e4fa456 LP |
1286 | { "iconName", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, icon_name), JSON_SAFE }, |
1287 | { "location", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, location), 0 }, | |
1288 | { "shell", JSON_VARIANT_STRING, json_dispatch_filename_or_path, offsetof(UserRecord, shell), 0 }, | |
1289 | { "umask", JSON_VARIANT_UNSIGNED, json_dispatch_umask, offsetof(UserRecord, umask), 0 }, | |
1290 | { "environment", JSON_VARIANT_ARRAY, json_dispatch_environment, offsetof(UserRecord, environment), 0 }, | |
1291 | { "timeZone", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, time_zone), JSON_SAFE }, | |
49e55abb AV |
1292 | { "preferredLanguage", JSON_VARIANT_STRING, json_dispatch_locale, offsetof(UserRecord, preferred_language), 0 }, |
1293 | { "additionalLanguages", JSON_VARIANT_ARRAY, json_dispatch_locales, offsetof(UserRecord, additional_languages), 0 }, | |
5e4fa456 LP |
1294 | { "niceLevel", _JSON_VARIANT_TYPE_INVALID, json_dispatch_nice, offsetof(UserRecord, nice_level), 0 }, |
1295 | { "resourceLimits", _JSON_VARIANT_TYPE_INVALID, json_dispatch_rlimits, offsetof(UserRecord, rlimits), 0 }, | |
1296 | { "locked", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, locked), 0 }, | |
9942f855 LP |
1297 | { "notBeforeUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, not_before_usec), 0 }, |
1298 | { "notAfterUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, not_after_usec), 0 }, | |
19f32829 | 1299 | { "storage", JSON_VARIANT_STRING, json_dispatch_user_storage, offsetof(UserRecord, storage), 0 }, |
9942f855 LP |
1300 | { "diskSize", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, disk_size), 0 }, |
1301 | { "diskSizeRelative", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, disk_size_relative), 0 }, | |
5e4fa456 LP |
1302 | { "skeletonDirectory", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, skeleton_directory), 0 }, |
1303 | { "accessMode", JSON_VARIANT_UNSIGNED, json_dispatch_access_mode, offsetof(UserRecord, access_mode), 0 }, | |
1304 | { "tasksMax", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, tasks_max), 0 }, | |
1305 | { "memoryHigh", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, memory_high), 0 }, | |
1306 | { "memoryMax", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, memory_max), 0 }, | |
1307 | { "cpuWeight", JSON_VARIANT_UNSIGNED, json_dispatch_weight, offsetof(UserRecord, cpu_weight), 0 }, | |
1308 | { "ioWeight", JSON_VARIANT_UNSIGNED, json_dispatch_weight, offsetof(UserRecord, io_weight), 0 }, | |
1309 | { "mountNoDevices", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, nodev), 0 }, | |
1310 | { "mountNoSuid", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, nosuid), 0 }, | |
1311 | { "mountNoExecute", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, noexec), 0 }, | |
1312 | { "cifsDomain", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_domain), JSON_SAFE }, | |
1313 | { "cifsUserName", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_user_name), JSON_SAFE }, | |
1314 | { "cifsService", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_service), JSON_SAFE }, | |
4c2ee5c7 | 1315 | { "cifsExtraMountOptions", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_extra_mount_options), 0 }, |
5e4fa456 LP |
1316 | { "imagePath", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, image_path), 0 }, |
1317 | { "uid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, uid), 0 }, | |
1318 | { "gid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, gid), 0 }, | |
1319 | { "memberOf", JSON_VARIANT_ARRAY, json_dispatch_user_group_list, offsetof(UserRecord, member_of), JSON_RELAX}, | |
8e1bc689 LP |
1320 | { "capabilityBoundingSet", JSON_VARIANT_ARRAY, json_dispatch_strv, offsetof(UserRecord, capability_bounding_set), JSON_SAFE }, |
1321 | { "capabilityAmbientSet", JSON_VARIANT_ARRAY, json_dispatch_strv, offsetof(UserRecord, capability_ambient_set), JSON_SAFE }, | |
5e4fa456 LP |
1322 | { "fileSystemType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, file_system_type), JSON_SAFE }, |
1323 | { "partitionUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, partition_uuid), 0 }, | |
1324 | { "luksUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, luks_uuid), 0 }, | |
1325 | { "fileSystemUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, file_system_uuid), 0 }, | |
1326 | { "luksDiscard", _JSON_VARIANT_TYPE_INVALID, json_dispatch_tristate, offsetof(UserRecord, luks_discard), 0, }, | |
1327 | { "luksOfflineDiscard", _JSON_VARIANT_TYPE_INVALID, json_dispatch_tristate, offsetof(UserRecord, luks_offline_discard), 0, }, | |
1328 | { "luksCipher", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher), JSON_SAFE }, | |
1329 | { "luksCipherMode", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher_mode), JSON_SAFE }, | |
9942f855 | 1330 | { "luksVolumeKeySize", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, luks_volume_key_size), 0 }, |
5e4fa456 LP |
1331 | { "luksPbkdfHashAlgorithm", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_pbkdf_hash_algorithm), JSON_SAFE }, |
1332 | { "luksPbkdfType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_pbkdf_type), JSON_SAFE }, | |
9942f855 LP |
1333 | { "luksPbkdfForceIterations", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_force_iterations), 0 }, |
1334 | { "luksPbkdfTimeCostUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_time_cost_usec), 0 }, | |
1335 | { "luksPbkdfMemoryCost", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_memory_cost), 0 }, | |
1336 | { "luksPbkdfParallelThreads", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_parallel_threads), 0 }, | |
1337 | { "luksSectorSize", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, luks_sector_size), 0 }, | |
2e0001c2 | 1338 | { "luksExtraMountOptions", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_extra_mount_options), 0 }, |
86019efa | 1339 | { "dropCaches", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, drop_caches), 0 }, |
8bec643c | 1340 | { "autoResizeMode", _JSON_VARIANT_TYPE_INVALID, dispatch_auto_resize_mode, offsetof(UserRecord, auto_resize_mode), 0 }, |
9aa3e5eb | 1341 | { "rebalanceWeight", _JSON_VARIANT_TYPE_INVALID, dispatch_rebalance_weight, offsetof(UserRecord, rebalance_weight), 0 }, |
9942f855 LP |
1342 | { "rateLimitIntervalUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, ratelimit_interval_usec), 0 }, |
1343 | { "rateLimitBurst", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, ratelimit_burst), 0 }, | |
5e4fa456 LP |
1344 | { "enforcePasswordPolicy", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, enforce_password_policy), 0 }, |
1345 | { "autoLogin", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, auto_login), 0 }, | |
793ceda1 AV |
1346 | { "preferredSessionType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, preferred_session_type), JSON_SAFE }, |
1347 | { "preferredSessionLauncher", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, preferred_session_launcher), JSON_SAFE }, | |
9942f855 | 1348 | { "stopDelayUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, stop_delay_usec), 0 }, |
5e4fa456 | 1349 | { "killProcesses", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, kill_processes), 0 }, |
9942f855 LP |
1350 | { "passwordChangeMinUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, password_change_min_usec), 0 }, |
1351 | { "passwordChangeMaxUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, password_change_max_usec), 0 }, | |
1352 | { "passwordChangeWarnUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, password_change_warn_usec), 0 }, | |
1353 | { "passwordChangeInactiveUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, password_change_inactive_usec), 0 }, | |
5e4fa456 LP |
1354 | { "passwordChangeNow", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, password_change_now), 0 }, |
1355 | { "pkcs11TokenUri", JSON_VARIANT_ARRAY, dispatch_pkcs11_uri_array, offsetof(UserRecord, pkcs11_token_uri), 0 }, | |
1356 | { "fido2HmacCredential", JSON_VARIANT_ARRAY, dispatch_fido2_hmac_credential_array, 0, 0 }, | |
71d0b9d4 LP |
1357 | {}, |
1358 | }; | |
1359 | ||
1360 | JsonVariant *e; | |
1361 | int r; | |
1362 | ||
1363 | if (!variant) | |
1364 | return 0; | |
1365 | ||
1366 | if (!json_variant_is_array(variant)) | |
1367 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array.", strna(name)); | |
1368 | ||
1369 | JSON_VARIANT_ARRAY_FOREACH(e, variant) { | |
71d0b9d4 LP |
1370 | if (!json_variant_is_object(e)) |
1371 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of objects.", strna(name)); | |
1372 | ||
f0409e7b AV |
1373 | r = per_machine_match(e, flags); |
1374 | if (r < 0) | |
1375 | return r; | |
1376 | if (r == 0) | |
71d0b9d4 LP |
1377 | continue; |
1378 | ||
f1b622a0 | 1379 | r = json_dispatch(e, per_machine_dispatch_table, flags, userdata); |
71d0b9d4 LP |
1380 | if (r < 0) |
1381 | return r; | |
1382 | } | |
1383 | ||
1384 | return 0; | |
1385 | } | |
1386 | ||
1387 | static int dispatch_status(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { | |
1388 | ||
1389 | static const JsonDispatch status_dispatch_table[] = { | |
46c60f72 LP |
1390 | { "diskUsage", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, disk_usage), 0 }, |
1391 | { "diskFree", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, disk_free), 0 }, | |
1392 | { "diskSize", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, disk_size), 0 }, | |
1393 | { "diskCeiling", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, disk_ceiling), 0 }, | |
1394 | { "diskFloor", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, disk_floor), 0 }, | |
1395 | { "state", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, state), JSON_SAFE }, | |
1396 | { "service", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, service), JSON_SAFE }, | |
1397 | { "signedLocally", _JSON_VARIANT_TYPE_INVALID, json_dispatch_tristate, offsetof(UserRecord, signed_locally), 0 }, | |
1398 | { "goodAuthenticationCounter", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, good_authentication_counter), 0 }, | |
1399 | { "badAuthenticationCounter", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, bad_authentication_counter), 0 }, | |
1400 | { "lastGoodAuthenticationUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, last_good_authentication_usec), 0 }, | |
1401 | { "lastBadAuthenticationUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, last_bad_authentication_usec), 0 }, | |
1402 | { "rateLimitBeginUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, ratelimit_begin_usec), 0 }, | |
1403 | { "rateLimitCount", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, ratelimit_count), 0 }, | |
61ab5ddc | 1404 | { "removable", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, removable), 0 }, |
46c60f72 LP |
1405 | { "accessMode", JSON_VARIANT_UNSIGNED, json_dispatch_access_mode, offsetof(UserRecord, access_mode), 0 }, |
1406 | { "fileSystemType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, file_system_type), JSON_SAFE }, | |
1407 | { "fallbackShell", JSON_VARIANT_STRING, json_dispatch_filename_or_path, offsetof(UserRecord, fallback_shell), 0 }, | |
1408 | { "fallbackHomeDirectory", JSON_VARIANT_STRING, json_dispatch_home_directory, offsetof(UserRecord, fallback_home_directory), 0 }, | |
1409 | { "useFallback", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, use_fallback), 0 }, | |
71d0b9d4 LP |
1410 | {}, |
1411 | }; | |
1412 | ||
71d0b9d4 LP |
1413 | JsonVariant *m; |
1414 | sd_id128_t mid; | |
1415 | int r; | |
1416 | ||
1417 | if (!variant) | |
1418 | return 0; | |
1419 | ||
1420 | if (!json_variant_is_object(variant)) | |
1421 | return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an object.", strna(name)); | |
1422 | ||
1423 | r = sd_id128_get_machine(&mid); | |
1424 | if (r < 0) | |
1425 | return json_log(variant, flags, r, "Failed to determine machine ID: %m"); | |
1426 | ||
85b55869 | 1427 | m = json_variant_by_key(variant, SD_ID128_TO_STRING(mid)); |
71d0b9d4 LP |
1428 | if (!m) |
1429 | return 0; | |
1430 | ||
f1b622a0 | 1431 | return json_dispatch(m, status_dispatch_table, flags, userdata); |
71d0b9d4 LP |
1432 | } |
1433 | ||
a43eddbd LP |
1434 | int user_record_build_image_path(UserStorage storage, const char *user_name_and_realm, char **ret) { |
1435 | const char *suffix; | |
1436 | char *z; | |
1437 | ||
1438 | assert(storage >= 0); | |
1439 | assert(user_name_and_realm); | |
1440 | assert(ret); | |
1441 | ||
1442 | if (storage == USER_LUKS) | |
1443 | suffix = ".home"; | |
1444 | else if (IN_SET(storage, USER_DIRECTORY, USER_SUBVOLUME, USER_FSCRYPT)) | |
1445 | suffix = ".homedir"; | |
1446 | else { | |
1447 | *ret = NULL; | |
1448 | return 0; | |
1449 | } | |
1450 | ||
2700fecd | 1451 | z = strjoin(get_home_root(), "/", user_name_and_realm, suffix); |
a43eddbd LP |
1452 | if (!z) |
1453 | return -ENOMEM; | |
1454 | ||
2700fecd | 1455 | *ret = path_simplify(z); |
a43eddbd LP |
1456 | return 1; |
1457 | } | |
1458 | ||
71d0b9d4 | 1459 | static int user_record_augment(UserRecord *h, JsonDispatchFlags json_flags) { |
a43eddbd LP |
1460 | int r; |
1461 | ||
71d0b9d4 LP |
1462 | assert(h); |
1463 | ||
1464 | if (!FLAGS_SET(h->mask, USER_RECORD_REGULAR)) | |
1465 | return 0; | |
1466 | ||
1467 | assert(h->user_name); | |
1468 | ||
1469 | if (!h->user_name_and_realm_auto && h->realm) { | |
1470 | h->user_name_and_realm_auto = strjoin(h->user_name, "@", h->realm); | |
1471 | if (!h->user_name_and_realm_auto) | |
1472 | return json_log_oom(h->json, json_flags); | |
1473 | } | |
1474 | ||
162392b7 | 1475 | /* Let's add in the following automatisms only for regular users, they don't make sense for any others */ |
71d0b9d4 LP |
1476 | if (user_record_disposition(h) != USER_REGULAR) |
1477 | return 0; | |
1478 | ||
1479 | if (!h->home_directory && !h->home_directory_auto) { | |
2700fecd | 1480 | h->home_directory_auto = path_join(get_home_root(), h->user_name); |
71d0b9d4 LP |
1481 | if (!h->home_directory_auto) |
1482 | return json_log_oom(h->json, json_flags); | |
1483 | } | |
1484 | ||
1485 | if (!h->image_path && !h->image_path_auto) { | |
a43eddbd LP |
1486 | r = user_record_build_image_path(user_record_storage(h), user_record_user_name_and_realm(h), &h->image_path_auto); |
1487 | if (r < 0) | |
1488 | return json_log(h->json, json_flags, r, "Failed to determine default image path: %m"); | |
71d0b9d4 LP |
1489 | } |
1490 | ||
1491 | return 0; | |
1492 | } | |
1493 | ||
1494 | int user_group_record_mangle( | |
1495 | JsonVariant *v, | |
1496 | UserRecordLoadFlags load_flags, | |
1497 | JsonVariant **ret_variant, | |
1498 | UserRecordMask *ret_mask) { | |
1499 | ||
1500 | static const struct { | |
1501 | UserRecordMask mask; | |
1502 | const char *name; | |
1503 | } mask_field[] = { | |
1504 | { USER_RECORD_PRIVILEGED, "privileged" }, | |
1505 | { USER_RECORD_SECRET, "secret" }, | |
1506 | { USER_RECORD_BINDING, "binding" }, | |
1507 | { USER_RECORD_PER_MACHINE, "perMachine" }, | |
1508 | { USER_RECORD_STATUS, "status" }, | |
1509 | { USER_RECORD_SIGNATURE, "signature" }, | |
1510 | }; | |
1511 | ||
1512 | JsonDispatchFlags json_flags = USER_RECORD_LOAD_FLAGS_TO_JSON_DISPATCH_FLAGS(load_flags); | |
1513 | _cleanup_(json_variant_unrefp) JsonVariant *w = NULL; | |
1514 | JsonVariant *array[ELEMENTSOF(mask_field) * 2]; | |
6f8f8688 | 1515 | size_t n_retain = 0; |
71d0b9d4 LP |
1516 | UserRecordMask m = 0; |
1517 | int r; | |
1518 | ||
1519 | assert((load_flags & _USER_RECORD_MASK_MAX) == 0); /* detect mistakes when accidentally passing | |
1520 | * UserRecordMask bit masks as UserRecordLoadFlags | |
1521 | * value */ | |
1522 | ||
1523 | assert(v); | |
1524 | assert(ret_variant); | |
1525 | assert(ret_mask); | |
1526 | ||
1527 | /* Note that this function is shared with the group record parser, hence we try to be generic in our | |
1528 | * log message wording here, to cover both cases. */ | |
1529 | ||
1530 | if (!json_variant_is_object(v)) | |
1531 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record is not a JSON object, refusing."); | |
1532 | ||
1533 | if (USER_RECORD_ALLOW_MASK(load_flags) == 0) /* allow nothing? */ | |
1534 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EINVAL), "Nothing allowed in record, refusing."); | |
1535 | ||
1536 | if (USER_RECORD_STRIP_MASK(load_flags) == _USER_RECORD_MASK_MAX) /* strip everything? */ | |
1537 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EINVAL), "Stripping everything from record, refusing."); | |
1538 | ||
1539 | /* Check if we have the special sections and if they match our flags set */ | |
6f8f8688 | 1540 | for (size_t i = 0; i < ELEMENTSOF(mask_field); i++) { |
71d0b9d4 LP |
1541 | JsonVariant *e, *k; |
1542 | ||
1543 | if (FLAGS_SET(USER_RECORD_STRIP_MASK(load_flags), mask_field[i].mask)) { | |
1544 | if (!w) | |
1545 | w = json_variant_ref(v); | |
1546 | ||
1547 | r = json_variant_filter(&w, STRV_MAKE(mask_field[i].name)); | |
1548 | if (r < 0) | |
1549 | return json_log(w, json_flags, r, "Failed to remove field from variant: %m"); | |
1550 | ||
1551 | continue; | |
1552 | } | |
1553 | ||
1554 | e = json_variant_by_key_full(v, mask_field[i].name, &k); | |
1555 | if (e) { | |
1556 | if (!FLAGS_SET(USER_RECORD_ALLOW_MASK(load_flags), mask_field[i].mask)) | |
1557 | return json_log(e, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record contains '%s' field, which is not allowed.", mask_field[i].name); | |
1558 | ||
1559 | if (FLAGS_SET(load_flags, USER_RECORD_STRIP_REGULAR)) { | |
1560 | array[n_retain++] = k; | |
1561 | array[n_retain++] = e; | |
1562 | } | |
1563 | ||
1564 | m |= mask_field[i].mask; | |
1565 | } else { | |
1566 | if (FLAGS_SET(USER_RECORD_REQUIRE_MASK(load_flags), mask_field[i].mask)) | |
1567 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record lacks '%s' field, which is required.", mask_field[i].name); | |
1568 | } | |
1569 | } | |
1570 | ||
1571 | if (FLAGS_SET(load_flags, USER_RECORD_STRIP_REGULAR)) { | |
1572 | /* If we are supposed to strip regular items, then let's instead just allocate a new object | |
1573 | * with just the stuff we need. */ | |
1574 | ||
1575 | w = json_variant_unref(w); | |
1576 | r = json_variant_new_object(&w, array, n_retain); | |
1577 | if (r < 0) | |
1578 | return json_log(v, json_flags, r, "Failed to allocate new object: %m"); | |
6f8f8688 | 1579 | } else |
71d0b9d4 | 1580 | /* And now check if there's anything else in the record */ |
6f8f8688 | 1581 | for (size_t i = 0; i < json_variant_elements(v); i += 2) { |
71d0b9d4 LP |
1582 | const char *f; |
1583 | bool special = false; | |
71d0b9d4 LP |
1584 | |
1585 | assert_se(f = json_variant_string(json_variant_by_index(v, i))); | |
1586 | ||
6f8f8688 | 1587 | for (size_t j = 0; j < ELEMENTSOF(mask_field); j++) |
71d0b9d4 LP |
1588 | if (streq(f, mask_field[j].name)) { /* already covered in the loop above */ |
1589 | special = true; | |
1590 | continue; | |
1591 | } | |
1592 | ||
1593 | if (!special) { | |
1594 | if ((load_flags & (USER_RECORD_ALLOW_REGULAR|USER_RECORD_REQUIRE_REGULAR)) == 0) | |
1595 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record contains '%s' field, which is not allowed.", f); | |
1596 | ||
1597 | m |= USER_RECORD_REGULAR; | |
1598 | break; | |
1599 | } | |
1600 | } | |
71d0b9d4 LP |
1601 | |
1602 | if (FLAGS_SET(load_flags, USER_RECORD_REQUIRE_REGULAR) && !FLAGS_SET(m, USER_RECORD_REGULAR)) | |
1603 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record lacks basic identity fields, which are required."); | |
1604 | ||
1a298a20 | 1605 | if (!FLAGS_SET(load_flags, USER_RECORD_EMPTY_OK) && m == 0) |
71d0b9d4 LP |
1606 | return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record is empty."); |
1607 | ||
1608 | if (w) | |
1609 | *ret_variant = TAKE_PTR(w); | |
1610 | else | |
1611 | *ret_variant = json_variant_ref(v); | |
1612 | ||
1613 | *ret_mask = m; | |
1614 | return 0; | |
1615 | } | |
1616 | ||
1617 | int user_record_load(UserRecord *h, JsonVariant *v, UserRecordLoadFlags load_flags) { | |
1618 | ||
1619 | static const JsonDispatch user_dispatch_table[] = { | |
5e4fa456 LP |
1620 | { "userName", JSON_VARIANT_STRING, json_dispatch_user_group_name, offsetof(UserRecord, user_name), JSON_RELAX}, |
1621 | { "realm", JSON_VARIANT_STRING, json_dispatch_realm, offsetof(UserRecord, realm), 0 }, | |
1b466c09 AV |
1622 | { "blobDirectory", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, blob_directory), 0 }, |
1623 | { "blobManifest", JSON_VARIANT_OBJECT, dispatch_blob_manifest, offsetof(UserRecord, blob_manifest), 0 }, | |
5e4fa456 LP |
1624 | { "realName", JSON_VARIANT_STRING, json_dispatch_gecos, offsetof(UserRecord, real_name), 0 }, |
1625 | { "emailAddress", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, email_address), JSON_SAFE }, | |
1626 | { "iconName", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, icon_name), JSON_SAFE }, | |
1627 | { "location", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, location), 0 }, | |
1628 | { "disposition", JSON_VARIANT_STRING, json_dispatch_user_disposition, offsetof(UserRecord, disposition), 0 }, | |
9942f855 LP |
1629 | { "lastChangeUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, last_change_usec), 0 }, |
1630 | { "lastPasswordChangeUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, last_password_change_usec), 0 }, | |
5e4fa456 LP |
1631 | { "shell", JSON_VARIANT_STRING, json_dispatch_filename_or_path, offsetof(UserRecord, shell), 0 }, |
1632 | { "umask", JSON_VARIANT_UNSIGNED, json_dispatch_umask, offsetof(UserRecord, umask), 0 }, | |
1633 | { "environment", JSON_VARIANT_ARRAY, json_dispatch_environment, offsetof(UserRecord, environment), 0 }, | |
1634 | { "timeZone", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, time_zone), JSON_SAFE }, | |
49e55abb AV |
1635 | { "preferredLanguage", JSON_VARIANT_STRING, json_dispatch_locale, offsetof(UserRecord, preferred_language), 0 }, |
1636 | { "additionalLanguages", JSON_VARIANT_ARRAY, json_dispatch_locales, offsetof(UserRecord, additional_languages), 0 }, | |
5e4fa456 LP |
1637 | { "niceLevel", _JSON_VARIANT_TYPE_INVALID, json_dispatch_nice, offsetof(UserRecord, nice_level), 0 }, |
1638 | { "resourceLimits", _JSON_VARIANT_TYPE_INVALID, json_dispatch_rlimits, offsetof(UserRecord, rlimits), 0 }, | |
1639 | { "locked", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, locked), 0 }, | |
9942f855 LP |
1640 | { "notBeforeUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, not_before_usec), 0 }, |
1641 | { "notAfterUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, not_after_usec), 0 }, | |
19f32829 | 1642 | { "storage", JSON_VARIANT_STRING, json_dispatch_user_storage, offsetof(UserRecord, storage), 0 }, |
9942f855 LP |
1643 | { "diskSize", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, disk_size), 0 }, |
1644 | { "diskSizeRelative", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, disk_size_relative), 0 }, | |
5e4fa456 LP |
1645 | { "skeletonDirectory", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, skeleton_directory), 0 }, |
1646 | { "accessMode", JSON_VARIANT_UNSIGNED, json_dispatch_access_mode, offsetof(UserRecord, access_mode), 0 }, | |
1647 | { "tasksMax", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, tasks_max), 0 }, | |
1648 | { "memoryHigh", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, memory_high), 0 }, | |
1649 | { "memoryMax", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, memory_max), 0 }, | |
1650 | { "cpuWeight", JSON_VARIANT_UNSIGNED, json_dispatch_weight, offsetof(UserRecord, cpu_weight), 0 }, | |
1651 | { "ioWeight", JSON_VARIANT_UNSIGNED, json_dispatch_weight, offsetof(UserRecord, io_weight), 0 }, | |
1652 | { "mountNoDevices", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, nodev), 0 }, | |
1653 | { "mountNoSuid", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, nosuid), 0 }, | |
1654 | { "mountNoExecute", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, noexec), 0 }, | |
1655 | { "cifsDomain", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_domain), JSON_SAFE }, | |
1656 | { "cifsUserName", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_user_name), JSON_SAFE }, | |
1657 | { "cifsService", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_service), JSON_SAFE }, | |
4c2ee5c7 | 1658 | { "cifsExtraMountOptions", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_extra_mount_options), 0 }, |
5e4fa456 LP |
1659 | { "imagePath", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, image_path), 0 }, |
1660 | { "homeDirectory", JSON_VARIANT_STRING, json_dispatch_home_directory, offsetof(UserRecord, home_directory), 0 }, | |
1661 | { "uid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, uid), 0 }, | |
1662 | { "gid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, gid), 0 }, | |
1663 | { "memberOf", JSON_VARIANT_ARRAY, json_dispatch_user_group_list, offsetof(UserRecord, member_of), JSON_RELAX}, | |
8e1bc689 LP |
1664 | { "capabilityBoundingSet", JSON_VARIANT_ARRAY, json_dispatch_strv, offsetof(UserRecord, capability_bounding_set), JSON_SAFE }, |
1665 | { "capabilityAmbientSet", JSON_VARIANT_ARRAY, json_dispatch_strv, offsetof(UserRecord, capability_ambient_set), JSON_SAFE }, | |
5e4fa456 LP |
1666 | { "fileSystemType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, file_system_type), JSON_SAFE }, |
1667 | { "partitionUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, partition_uuid), 0 }, | |
1668 | { "luksUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, luks_uuid), 0 }, | |
1669 | { "fileSystemUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, file_system_uuid), 0 }, | |
1670 | { "luksDiscard", _JSON_VARIANT_TYPE_INVALID, json_dispatch_tristate, offsetof(UserRecord, luks_discard), 0 }, | |
86019efa | 1671 | { "luksOfflineDiscard", _JSON_VARIANT_TYPE_INVALID, json_dispatch_tristate, offsetof(UserRecord, luks_offline_discard), 0 }, |
5e4fa456 LP |
1672 | { "luksCipher", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher), JSON_SAFE }, |
1673 | { "luksCipherMode", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher_mode), JSON_SAFE }, | |
9942f855 | 1674 | { "luksVolumeKeySize", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, luks_volume_key_size), 0 }, |
5e4fa456 LP |
1675 | { "luksPbkdfHashAlgorithm", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_pbkdf_hash_algorithm), JSON_SAFE }, |
1676 | { "luksPbkdfType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_pbkdf_type), JSON_SAFE }, | |
9942f855 LP |
1677 | { "luksPbkdfForceIterations", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_force_iterations), 0 }, |
1678 | { "luksPbkdfTimeCostUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_time_cost_usec), 0 }, | |
1679 | { "luksPbkdfMemoryCost", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_memory_cost), 0 }, | |
1680 | { "luksPbkdfParallelThreads", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_parallel_threads), 0 }, | |
1681 | { "luksSectorSize", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, luks_sector_size), 0 }, | |
2e0001c2 | 1682 | { "luksExtraMountOptions", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_extra_mount_options), 0 }, |
86019efa | 1683 | { "dropCaches", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, drop_caches), 0 }, |
8bec643c | 1684 | { "autoResizeMode", _JSON_VARIANT_TYPE_INVALID, dispatch_auto_resize_mode, offsetof(UserRecord, auto_resize_mode), 0 }, |
9aa3e5eb | 1685 | { "rebalanceWeight", _JSON_VARIANT_TYPE_INVALID, dispatch_rebalance_weight, offsetof(UserRecord, rebalance_weight), 0 }, |
5e4fa456 | 1686 | { "service", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, service), JSON_SAFE }, |
9942f855 LP |
1687 | { "rateLimitIntervalUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, ratelimit_interval_usec), 0 }, |
1688 | { "rateLimitBurst", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, ratelimit_burst), 0 }, | |
5e4fa456 LP |
1689 | { "enforcePasswordPolicy", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, enforce_password_policy), 0 }, |
1690 | { "autoLogin", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, auto_login), 0 }, | |
793ceda1 AV |
1691 | { "preferredSessionType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, preferred_session_type), JSON_SAFE }, |
1692 | { "preferredSessionLauncher", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, preferred_session_launcher), JSON_SAFE }, | |
9942f855 | 1693 | { "stopDelayUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, stop_delay_usec), 0 }, |
5e4fa456 | 1694 | { "killProcesses", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, kill_processes), 0 }, |
9942f855 LP |
1695 | { "passwordChangeMinUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, password_change_min_usec), 0 }, |
1696 | { "passwordChangeMaxUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, password_change_max_usec), 0 }, | |
1697 | { "passwordChangeWarnUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, password_change_warn_usec), 0 }, | |
1698 | { "passwordChangeInactiveUSec", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(UserRecord, password_change_inactive_usec), 0 }, | |
5e4fa456 LP |
1699 | { "passwordChangeNow", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, password_change_now), 0 }, |
1700 | { "pkcs11TokenUri", JSON_VARIANT_ARRAY, dispatch_pkcs11_uri_array, offsetof(UserRecord, pkcs11_token_uri), 0 }, | |
1701 | { "fido2HmacCredential", JSON_VARIANT_ARRAY, dispatch_fido2_hmac_credential_array, 0, 0 }, | |
b3a97fd3 | 1702 | { "recoveryKeyType", JSON_VARIANT_ARRAY, json_dispatch_strv, offsetof(UserRecord, recovery_key_type), 0 }, |
5e4fa456 LP |
1703 | |
1704 | { "secret", JSON_VARIANT_OBJECT, dispatch_secret, 0, 0 }, | |
1705 | { "privileged", JSON_VARIANT_OBJECT, dispatch_privileged, 0, 0 }, | |
71d0b9d4 LP |
1706 | |
1707 | /* Ignore the perMachine, binding, status stuff here, and process it later, so that it overrides whatever is set above */ | |
5e4fa456 LP |
1708 | { "perMachine", JSON_VARIANT_ARRAY, NULL, 0, 0 }, |
1709 | { "binding", JSON_VARIANT_OBJECT, NULL, 0, 0 }, | |
1710 | { "status", JSON_VARIANT_OBJECT, NULL, 0, 0 }, | |
71d0b9d4 LP |
1711 | |
1712 | /* Ignore 'signature', we check it with explicit accessors instead */ | |
5e4fa456 | 1713 | { "signature", JSON_VARIANT_ARRAY, NULL, 0, 0 }, |
71d0b9d4 LP |
1714 | {}, |
1715 | }; | |
1716 | ||
1717 | JsonDispatchFlags json_flags = USER_RECORD_LOAD_FLAGS_TO_JSON_DISPATCH_FLAGS(load_flags); | |
1718 | int r; | |
1719 | ||
1720 | assert(h); | |
1721 | assert(!h->json); | |
1722 | ||
1723 | /* Note that this call will leave a half-initialized record around on failure! */ | |
1724 | ||
1725 | r = user_group_record_mangle(v, load_flags, &h->json, &h->mask); | |
1726 | if (r < 0) | |
1727 | return r; | |
1728 | ||
f0e4244b | 1729 | r = json_dispatch(h->json, user_dispatch_table, json_flags | JSON_ALLOW_EXTENSIONS, h); |
71d0b9d4 LP |
1730 | if (r < 0) |
1731 | return r; | |
1732 | ||
1733 | /* During the parsing operation above we ignored the 'perMachine', 'binding' and 'status' fields, | |
1734 | * since we want them to override the global options. Let's process them now. */ | |
1735 | ||
1736 | r = dispatch_per_machine("perMachine", json_variant_by_key(h->json, "perMachine"), json_flags, h); | |
1737 | if (r < 0) | |
1738 | return r; | |
1739 | ||
1740 | r = dispatch_binding("binding", json_variant_by_key(h->json, "binding"), json_flags, h); | |
1741 | if (r < 0) | |
1742 | return r; | |
1743 | ||
1744 | r = dispatch_status("status", json_variant_by_key(h->json, "status"), json_flags, h); | |
1745 | if (r < 0) | |
1746 | return r; | |
1747 | ||
1748 | if (FLAGS_SET(h->mask, USER_RECORD_REGULAR) && !h->user_name) | |
1749 | return json_log(h->json, json_flags, SYNTHETIC_ERRNO(EINVAL), "User name field missing, refusing."); | |
1750 | ||
1751 | r = user_record_augment(h, json_flags); | |
1752 | if (r < 0) | |
1753 | return r; | |
1754 | ||
1755 | return 0; | |
1756 | } | |
1757 | ||
1758 | int user_record_build(UserRecord **ret, ...) { | |
1759 | _cleanup_(json_variant_unrefp) JsonVariant *v = NULL; | |
1760 | _cleanup_(user_record_unrefp) UserRecord *u = NULL; | |
1761 | va_list ap; | |
1762 | int r; | |
1763 | ||
1764 | assert(ret); | |
1765 | ||
1766 | va_start(ap, ret); | |
1767 | r = json_buildv(&v, ap); | |
1768 | va_end(ap); | |
1769 | ||
1770 | if (r < 0) | |
1771 | return r; | |
1772 | ||
1773 | u = user_record_new(); | |
1774 | if (!u) | |
1775 | return -ENOMEM; | |
1776 | ||
1777 | r = user_record_load(u, v, USER_RECORD_LOAD_FULL); | |
1778 | if (r < 0) | |
1779 | return r; | |
1780 | ||
1781 | *ret = TAKE_PTR(u); | |
1782 | return 0; | |
1783 | } | |
1784 | ||
1785 | const char *user_record_user_name_and_realm(UserRecord *h) { | |
1786 | assert(h); | |
1787 | ||
1788 | /* Return the pre-initialized joined string if it is defined */ | |
1789 | if (h->user_name_and_realm_auto) | |
1790 | return h->user_name_and_realm_auto; | |
1791 | ||
1792 | /* If it's not defined then we cannot have a realm */ | |
1793 | assert(!h->realm); | |
1794 | return h->user_name; | |
1795 | } | |
1796 | ||
1797 | UserStorage user_record_storage(UserRecord *h) { | |
1798 | assert(h); | |
1799 | ||
1800 | if (h->storage >= 0) | |
1801 | return h->storage; | |
1802 | ||
1803 | return USER_CLASSIC; | |
1804 | } | |
1805 | ||
1806 | const char *user_record_file_system_type(UserRecord *h) { | |
1807 | assert(h); | |
1808 | ||
caf6bd16 | 1809 | return h->file_system_type ?: "btrfs"; |
71d0b9d4 LP |
1810 | } |
1811 | ||
1812 | const char *user_record_skeleton_directory(UserRecord *h) { | |
1813 | assert(h); | |
1814 | ||
1815 | return h->skeleton_directory ?: "/etc/skel"; | |
1816 | } | |
1817 | ||
1818 | mode_t user_record_access_mode(UserRecord *h) { | |
1819 | assert(h); | |
1820 | ||
f5fbe71d | 1821 | return h->access_mode != MODE_INVALID ? h->access_mode : 0700; |
71d0b9d4 LP |
1822 | } |
1823 | ||
46c60f72 | 1824 | static const char *user_record_home_directory_real(UserRecord *h) { |
71d0b9d4 LP |
1825 | assert(h); |
1826 | ||
1827 | if (h->home_directory) | |
1828 | return h->home_directory; | |
1829 | if (h->home_directory_auto) | |
1830 | return h->home_directory_auto; | |
1831 | ||
1832 | /* The root user is special, hence be special about it */ | |
1833 | if (streq_ptr(h->user_name, "root")) | |
1834 | return "/root"; | |
1835 | ||
1836 | return "/"; | |
1837 | } | |
1838 | ||
46c60f72 LP |
1839 | const char* user_record_home_directory(UserRecord *h) { |
1840 | assert(h); | |
1841 | ||
1842 | if (h->use_fallback && h->fallback_home_directory) | |
1843 | return h->fallback_home_directory; | |
1844 | ||
1845 | return user_record_home_directory_real(h); | |
1846 | } | |
1847 | ||
71d0b9d4 LP |
1848 | const char *user_record_image_path(UserRecord *h) { |
1849 | assert(h); | |
1850 | ||
1851 | if (h->image_path) | |
1852 | return h->image_path; | |
1853 | if (h->image_path_auto) | |
1854 | return h->image_path_auto; | |
1855 | ||
46c60f72 LP |
1856 | /* For some storage types the image is the home directory itself. (But let's ignore the fallback logic for it) */ |
1857 | return IN_SET(user_record_storage(h), USER_CLASSIC, USER_DIRECTORY, USER_SUBVOLUME, USER_FSCRYPT) ? | |
1858 | user_record_home_directory_real(h) : NULL; | |
71d0b9d4 LP |
1859 | } |
1860 | ||
1861 | const char *user_record_cifs_user_name(UserRecord *h) { | |
1862 | assert(h); | |
1863 | ||
1864 | return h->cifs_user_name ?: h->user_name; | |
1865 | } | |
1866 | ||
1867 | unsigned long user_record_mount_flags(UserRecord *h) { | |
1868 | assert(h); | |
1869 | ||
1870 | return (h->nosuid ? MS_NOSUID : 0) | | |
1871 | (h->noexec ? MS_NOEXEC : 0) | | |
1872 | (h->nodev ? MS_NODEV : 0); | |
1873 | } | |
1874 | ||
46c60f72 | 1875 | static const char *user_record_shell_real(UserRecord *h) { |
71d0b9d4 LP |
1876 | assert(h); |
1877 | ||
1878 | if (h->shell) | |
1879 | return h->shell; | |
1880 | ||
1881 | if (streq_ptr(h->user_name, "root")) | |
1882 | return "/bin/sh"; | |
1883 | ||
1884 | if (user_record_disposition(h) == USER_REGULAR) | |
53350c7b | 1885 | return DEFAULT_USER_SHELL; |
71d0b9d4 LP |
1886 | |
1887 | return NOLOGIN; | |
1888 | } | |
1889 | ||
46c60f72 LP |
1890 | const char *user_record_shell(UserRecord *h) { |
1891 | const char *shell; | |
1892 | ||
1893 | assert(h); | |
1894 | ||
1895 | shell = user_record_shell_real(h); | |
1896 | ||
1897 | /* Return fallback shall if we are told so — except if the primary shell is already a nologin shell, | |
1898 | * then let's not risk anything. */ | |
1899 | if (h->use_fallback && h->fallback_shell) | |
1900 | return is_nologin_shell(shell) ? NOLOGIN : h->fallback_shell; | |
1901 | ||
1902 | return shell; | |
1903 | } | |
1904 | ||
71d0b9d4 LP |
1905 | const char *user_record_real_name(UserRecord *h) { |
1906 | assert(h); | |
1907 | ||
1908 | return h->real_name ?: h->user_name; | |
1909 | } | |
1910 | ||
1911 | bool user_record_luks_discard(UserRecord *h) { | |
1912 | const char *ip; | |
1913 | ||
1914 | assert(h); | |
1915 | ||
1916 | if (h->luks_discard >= 0) | |
1917 | return h->luks_discard; | |
1918 | ||
1919 | ip = user_record_image_path(h); | |
1920 | if (!ip) | |
1921 | return false; | |
1922 | ||
1923 | /* Use discard by default if we are referring to a real block device, but not when operating on a | |
1924 | * loopback device. We want to optimize for SSD and flash storage after all, but we should be careful | |
1925 | * when storing stuff on top of regular file systems in loopback files as doing discard then would | |
1926 | * mean thin provisioning and we should not do that willy-nilly since it means we'll risk EIO later | |
1927 | * on should the disk space to back our file systems not be available. */ | |
1928 | ||
1929 | return path_startswith(ip, "/dev/"); | |
1930 | } | |
1931 | ||
5e86c82a LP |
1932 | bool user_record_luks_offline_discard(UserRecord *h) { |
1933 | const char *ip; | |
1934 | ||
1935 | assert(h); | |
1936 | ||
1937 | if (h->luks_offline_discard >= 0) | |
1938 | return h->luks_offline_discard; | |
1939 | ||
1940 | /* Discard while we are logged out should generally be a good idea, except when operating directly on | |
1941 | * physical media, where we should just bind it to the online discard mode. */ | |
1942 | ||
1943 | ip = user_record_image_path(h); | |
1944 | if (!ip) | |
1945 | return false; | |
1946 | ||
1947 | if (path_startswith(ip, "/dev/")) | |
1948 | return user_record_luks_discard(h); | |
1949 | ||
1950 | return true; | |
1951 | } | |
1952 | ||
71d0b9d4 LP |
1953 | const char *user_record_luks_cipher(UserRecord *h) { |
1954 | assert(h); | |
1955 | ||
1956 | return h->luks_cipher ?: "aes"; | |
1957 | } | |
1958 | ||
1959 | const char *user_record_luks_cipher_mode(UserRecord *h) { | |
1960 | assert(h); | |
1961 | ||
1962 | return h->luks_cipher_mode ?: "xts-plain64"; | |
1963 | } | |
1964 | ||
1965 | uint64_t user_record_luks_volume_key_size(UserRecord *h) { | |
1966 | assert(h); | |
1967 | ||
1968 | /* We return a value here that can be cast without loss into size_t which is what libcrypsetup expects */ | |
1969 | ||
1970 | if (h->luks_volume_key_size == UINT64_MAX) | |
1971 | return 256 / 8; | |
1972 | ||
1973 | return MIN(h->luks_volume_key_size, SIZE_MAX); | |
1974 | } | |
1975 | ||
1976 | const char* user_record_luks_pbkdf_type(UserRecord *h) { | |
1977 | assert(h); | |
1978 | ||
3f67dccc | 1979 | return h->luks_pbkdf_type ?: "argon2id"; |
71d0b9d4 LP |
1980 | } |
1981 | ||
b04ff66b AD |
1982 | uint64_t user_record_luks_pbkdf_force_iterations(UserRecord *h) { |
1983 | assert(h); | |
1984 | ||
1985 | /* propagate default "benchmark" mode as itself */ | |
1986 | if (h->luks_pbkdf_force_iterations == UINT64_MAX) | |
1987 | return UINT64_MAX; | |
1988 | ||
1989 | /* clamp everything else to actually accepted number of iterations of libcryptsetup */ | |
1990 | return CLAMP(h->luks_pbkdf_force_iterations, 1U, UINT32_MAX); | |
1991 | } | |
1992 | ||
71d0b9d4 LP |
1993 | uint64_t user_record_luks_pbkdf_time_cost_usec(UserRecord *h) { |
1994 | assert(h); | |
1995 | ||
1996 | /* Returns a value with ms granularity, since that's what libcryptsetup expects */ | |
1997 | ||
1998 | if (h->luks_pbkdf_time_cost_usec == UINT64_MAX) | |
1999 | return 500 * USEC_PER_MSEC; /* We default to 500ms, in contrast to libcryptsetup's 2s, which is just awfully slow on every login */ | |
2000 | ||
2001 | return MIN(DIV_ROUND_UP(h->luks_pbkdf_time_cost_usec, USEC_PER_MSEC), UINT32_MAX) * USEC_PER_MSEC; | |
2002 | } | |
2003 | ||
2004 | uint64_t user_record_luks_pbkdf_memory_cost(UserRecord *h) { | |
2005 | assert(h); | |
2006 | ||
2007 | /* Returns a value with kb granularity, since that's what libcryptsetup expects */ | |
71d0b9d4 | 2008 | if (h->luks_pbkdf_memory_cost == UINT64_MAX) |
8b4f88d1 LP |
2009 | return streq(user_record_luks_pbkdf_type(h), "pbkdf2") ? 0 : /* doesn't apply for simple pbkdf2 */ |
2010 | 64*1024*1024; /* We default to 64M, since this should work on smaller systems too */ | |
71d0b9d4 LP |
2011 | |
2012 | return MIN(DIV_ROUND_UP(h->luks_pbkdf_memory_cost, 1024), UINT32_MAX) * 1024; | |
2013 | } | |
2014 | ||
2015 | uint64_t user_record_luks_pbkdf_parallel_threads(UserRecord *h) { | |
2016 | assert(h); | |
2017 | ||
8b4f88d1 LP |
2018 | if (h->luks_pbkdf_parallel_threads == UINT64_MAX) |
2019 | return streq(user_record_luks_pbkdf_type(h), "pbkdf2") ? 0 : /* doesn't apply for simple pbkdf2 */ | |
2020 | 1; /* We default to 1, since this should work on smaller systems too */ | |
71d0b9d4 LP |
2021 | |
2022 | return MIN(h->luks_pbkdf_parallel_threads, UINT32_MAX); | |
2023 | } | |
2024 | ||
fd83c98e AD |
2025 | uint64_t user_record_luks_sector_size(UserRecord *h) { |
2026 | assert(h); | |
2027 | ||
2028 | if (h->luks_sector_size == UINT64_MAX) | |
2029 | return 512; | |
2030 | ||
2031 | /* Allow up to 4K due to dm-crypt support and 4K alignment by the homed LUKS backend */ | |
2032 | return CLAMP(UINT64_C(1) << (63 - __builtin_clzl(h->luks_sector_size)), 512U, 4096U); | |
2033 | } | |
2034 | ||
71d0b9d4 LP |
2035 | const char *user_record_luks_pbkdf_hash_algorithm(UserRecord *h) { |
2036 | assert(h); | |
2037 | ||
2038 | return h->luks_pbkdf_hash_algorithm ?: "sha512"; | |
2039 | } | |
2040 | ||
2041 | gid_t user_record_gid(UserRecord *h) { | |
2042 | assert(h); | |
2043 | ||
2044 | if (gid_is_valid(h->gid)) | |
2045 | return h->gid; | |
2046 | ||
2047 | return (gid_t) h->uid; | |
2048 | } | |
2049 | ||
2050 | UserDisposition user_record_disposition(UserRecord *h) { | |
2051 | assert(h); | |
2052 | ||
2053 | if (h->disposition >= 0) | |
2054 | return h->disposition; | |
2055 | ||
2056 | /* If not declared, derive from UID */ | |
2057 | ||
2058 | if (!uid_is_valid(h->uid)) | |
2059 | return _USER_DISPOSITION_INVALID; | |
2060 | ||
2061 | if (h->uid == 0 || h->uid == UID_NOBODY) | |
2062 | return USER_INTRINSIC; | |
2063 | ||
2064 | if (uid_is_system(h->uid)) | |
2065 | return USER_SYSTEM; | |
2066 | ||
2067 | if (uid_is_dynamic(h->uid)) | |
2068 | return USER_DYNAMIC; | |
2069 | ||
2070 | if (uid_is_container(h->uid)) | |
2071 | return USER_CONTAINER; | |
2072 | ||
2073 | if (h->uid > INT32_MAX) | |
2074 | return USER_RESERVED; | |
2075 | ||
2076 | return USER_REGULAR; | |
2077 | } | |
2078 | ||
2079 | int user_record_removable(UserRecord *h) { | |
2080 | UserStorage storage; | |
2081 | assert(h); | |
2082 | ||
2083 | if (h->removable >= 0) | |
2084 | return h->removable; | |
2085 | ||
2086 | /* Refuse to decide for classic records */ | |
2087 | storage = user_record_storage(h); | |
2088 | if (h->storage < 0 || h->storage == USER_CLASSIC) | |
2089 | return -1; | |
2090 | ||
2091 | /* For now consider only LUKS home directories with a reference by path as removable */ | |
2092 | return storage == USER_LUKS && path_startswith(user_record_image_path(h), "/dev/"); | |
2093 | } | |
2094 | ||
2095 | uint64_t user_record_ratelimit_interval_usec(UserRecord *h) { | |
2096 | assert(h); | |
2097 | ||
2098 | if (h->ratelimit_interval_usec == UINT64_MAX) | |
2099 | return DEFAULT_RATELIMIT_INTERVAL_USEC; | |
2100 | ||
2101 | return h->ratelimit_interval_usec; | |
2102 | } | |
2103 | ||
2104 | uint64_t user_record_ratelimit_burst(UserRecord *h) { | |
2105 | assert(h); | |
2106 | ||
2107 | if (h->ratelimit_burst == UINT64_MAX) | |
2108 | return DEFAULT_RATELIMIT_BURST; | |
2109 | ||
2110 | return h->ratelimit_burst; | |
2111 | } | |
2112 | ||
2113 | bool user_record_can_authenticate(UserRecord *h) { | |
2114 | assert(h); | |
2115 | ||
2116 | /* Returns true if there's some form of property configured that the user can authenticate against */ | |
2117 | ||
2118 | if (h->n_pkcs11_encrypted_key > 0) | |
2119 | return true; | |
2120 | ||
5e4fa456 LP |
2121 | if (h->n_fido2_hmac_salt > 0) |
2122 | return true; | |
2123 | ||
71d0b9d4 LP |
2124 | return !strv_isempty(h->hashed_password); |
2125 | } | |
2126 | ||
86019efa LP |
2127 | bool user_record_drop_caches(UserRecord *h) { |
2128 | assert(h); | |
2129 | ||
2130 | if (h->drop_caches >= 0) | |
2131 | return h->drop_caches; | |
2132 | ||
2133 | /* By default drop caches on fscrypt, not otherwise. */ | |
2134 | return user_record_storage(h) == USER_FSCRYPT; | |
2135 | } | |
2136 | ||
8bec643c LP |
2137 | AutoResizeMode user_record_auto_resize_mode(UserRecord *h) { |
2138 | assert(h); | |
2139 | ||
2140 | if (h->auto_resize_mode >= 0) | |
2141 | return h->auto_resize_mode; | |
2142 | ||
2143 | return user_record_storage(h) == USER_LUKS ? AUTO_RESIZE_SHRINK_AND_GROW : AUTO_RESIZE_OFF; | |
2144 | } | |
2145 | ||
9aa3e5eb LP |
2146 | uint64_t user_record_rebalance_weight(UserRecord *h) { |
2147 | assert(h); | |
2148 | ||
2149 | if (h->rebalance_weight == REBALANCE_WEIGHT_UNSET) | |
2150 | return REBALANCE_WEIGHT_DEFAULT; | |
2151 | ||
2152 | return h->rebalance_weight; | |
2153 | } | |
2154 | ||
8e1bc689 LP |
2155 | static uint64_t parse_caps_strv(char **l) { |
2156 | uint64_t c = 0; | |
2157 | int r; | |
2158 | ||
2159 | STRV_FOREACH(i, l) { | |
2160 | r = capability_from_name(*i); | |
2161 | if (r < 0) | |
2162 | log_debug_errno(r, "Don't know capability '%s', ignoring: %m", *i); | |
2163 | else | |
2164 | c |= UINT64_C(1) << r; | |
2165 | } | |
2166 | ||
2167 | return c; | |
2168 | } | |
2169 | ||
2170 | uint64_t user_record_capability_bounding_set(UserRecord *h) { | |
2171 | assert(h); | |
2172 | ||
2173 | /* Returns UINT64_MAX if no bounding set is configured (!) */ | |
2174 | ||
2175 | if (!h->capability_bounding_set) | |
2176 | return UINT64_MAX; | |
2177 | ||
2178 | return parse_caps_strv(h->capability_bounding_set); | |
2179 | } | |
2180 | ||
2181 | uint64_t user_record_capability_ambient_set(UserRecord *h) { | |
2182 | assert(h); | |
2183 | ||
2184 | /* Returns UINT64_MAX if no ambient set is configured (!) */ | |
2185 | ||
2186 | if (!h->capability_ambient_set) | |
2187 | return UINT64_MAX; | |
2188 | ||
2189 | return parse_caps_strv(h->capability_ambient_set) & user_record_capability_bounding_set(h); | |
2190 | } | |
2191 | ||
49e55abb AV |
2192 | int user_record_languages(UserRecord *h, char ***ret) { |
2193 | _cleanup_strv_free_ char **l = NULL; | |
2194 | int r; | |
2195 | ||
2196 | assert(h); | |
2197 | assert(ret); | |
2198 | ||
2199 | if (h->preferred_language) { | |
2200 | l = strv_new(h->preferred_language); | |
2201 | if (!l) | |
2202 | return -ENOMEM; | |
2203 | } | |
2204 | ||
2205 | r = strv_extend_strv(&l, h->additional_languages, /* filter_duplicates= */ true); | |
2206 | if (r < 0) | |
2207 | return r; | |
2208 | ||
2209 | *ret = TAKE_PTR(l); | |
2210 | return 0; | |
2211 | } | |
2212 | ||
71d0b9d4 LP |
2213 | uint64_t user_record_ratelimit_next_try(UserRecord *h) { |
2214 | assert(h); | |
2215 | ||
2216 | /* Calculates when the it's possible to login next. Returns: | |
2217 | * | |
2218 | * UINT64_MAX → Nothing known | |
2219 | * 0 → Right away | |
2220 | * Any other → Next time in CLOCK_REALTIME in usec (which could be in the past) | |
2221 | */ | |
2222 | ||
2223 | if (h->ratelimit_begin_usec == UINT64_MAX || | |
2224 | h->ratelimit_count == UINT64_MAX) | |
2225 | return UINT64_MAX; | |
2226 | ||
61a29a02 LP |
2227 | if (h->ratelimit_begin_usec > now(CLOCK_REALTIME)) /* If the ratelimit time is in the future, then |
2228 | * the local clock is probably incorrect. Let's | |
2229 | * not refuse login then. */ | |
2230 | return UINT64_MAX; | |
2231 | ||
71d0b9d4 LP |
2232 | if (h->ratelimit_count < user_record_ratelimit_burst(h)) |
2233 | return 0; | |
2234 | ||
2235 | return usec_add(h->ratelimit_begin_usec, user_record_ratelimit_interval_usec(h)); | |
2236 | } | |
2237 | ||
2238 | bool user_record_equal(UserRecord *a, UserRecord *b) { | |
2239 | assert(a); | |
2240 | assert(b); | |
2241 | ||
2242 | /* We assume that when a record is modified its JSON data is updated at the same time, hence it's | |
2243 | * sufficient to compare the JSON data. */ | |
2244 | ||
2245 | return json_variant_equal(a->json, b->json); | |
2246 | } | |
2247 | ||
2248 | bool user_record_compatible(UserRecord *a, UserRecord *b) { | |
2249 | assert(a); | |
2250 | assert(b); | |
2251 | ||
d51c4fca | 2252 | /* If either lacks the regular section, we can't really decide, let's hence say they are |
71d0b9d4 LP |
2253 | * incompatible. */ |
2254 | if (!(a->mask & b->mask & USER_RECORD_REGULAR)) | |
2255 | return false; | |
2256 | ||
2257 | return streq_ptr(a->user_name, b->user_name) && | |
2258 | streq_ptr(a->realm, b->realm); | |
2259 | } | |
2260 | ||
2261 | int user_record_compare_last_change(UserRecord *a, UserRecord *b) { | |
2262 | assert(a); | |
2263 | assert(b); | |
2264 | ||
2265 | if (a->last_change_usec == b->last_change_usec) | |
2266 | return 0; | |
2267 | ||
2268 | /* Always consider a record with a timestamp newer than one without */ | |
2269 | if (a->last_change_usec == UINT64_MAX) | |
2270 | return -1; | |
2271 | if (b->last_change_usec == UINT64_MAX) | |
2272 | return 1; | |
2273 | ||
2274 | return CMP(a->last_change_usec, b->last_change_usec); | |
2275 | } | |
2276 | ||
2277 | int user_record_clone(UserRecord *h, UserRecordLoadFlags flags, UserRecord **ret) { | |
2278 | _cleanup_(user_record_unrefp) UserRecord *c = NULL; | |
2279 | int r; | |
2280 | ||
2281 | assert(h); | |
2282 | assert(ret); | |
2283 | ||
2284 | c = user_record_new(); | |
2285 | if (!c) | |
2286 | return -ENOMEM; | |
2287 | ||
2288 | r = user_record_load(c, h->json, flags); | |
2289 | if (r < 0) | |
2290 | return r; | |
2291 | ||
2292 | *ret = TAKE_PTR(c); | |
2293 | return 0; | |
2294 | } | |
2295 | ||
2296 | int user_record_masked_equal(UserRecord *a, UserRecord *b, UserRecordMask mask) { | |
2297 | _cleanup_(user_record_unrefp) UserRecord *x = NULL, *y = NULL; | |
2298 | int r; | |
2299 | ||
2300 | assert(a); | |
2301 | assert(b); | |
2302 | ||
2303 | /* Compares the two records, but ignores anything not listed in the specified mask */ | |
2304 | ||
2305 | if ((a->mask & ~mask) != 0) { | |
bfc0cc1a | 2306 | r = user_record_clone(a, USER_RECORD_ALLOW(mask) | USER_RECORD_STRIP(~mask & _USER_RECORD_MASK_MAX) | USER_RECORD_PERMISSIVE, &x); |
71d0b9d4 LP |
2307 | if (r < 0) |
2308 | return r; | |
2309 | ||
2310 | a = x; | |
2311 | } | |
2312 | ||
2313 | if ((b->mask & ~mask) != 0) { | |
bfc0cc1a | 2314 | r = user_record_clone(b, USER_RECORD_ALLOW(mask) | USER_RECORD_STRIP(~mask & _USER_RECORD_MASK_MAX) | USER_RECORD_PERMISSIVE, &y); |
71d0b9d4 LP |
2315 | if (r < 0) |
2316 | return r; | |
2317 | ||
2318 | b = y; | |
2319 | } | |
2320 | ||
2321 | return user_record_equal(a, b); | |
2322 | } | |
2323 | ||
2324 | int user_record_test_blocked(UserRecord *h) { | |
2325 | usec_t n; | |
2326 | ||
2327 | /* Checks whether access to the specified user shall be allowed at the moment. Returns: | |
2328 | * | |
2329 | * -ESTALE: Record is from the future | |
2330 | * -ENOLCK: Record is blocked | |
2331 | * -EL2HLT: Record is not valid yet | |
2332 | * -EL3HLT: Record is not valid anymore | |
2333 | * | |
2334 | */ | |
2335 | ||
2336 | assert(h); | |
2337 | ||
71d0b9d4 LP |
2338 | if (h->locked > 0) |
2339 | return -ENOLCK; | |
2340 | ||
51a95db6 LP |
2341 | n = now(CLOCK_REALTIME); |
2342 | ||
71d0b9d4 LP |
2343 | if (h->not_before_usec != UINT64_MAX && n < h->not_before_usec) |
2344 | return -EL2HLT; | |
2345 | if (h->not_after_usec != UINT64_MAX && n > h->not_after_usec) | |
2346 | return -EL3HLT; | |
2347 | ||
51a95db6 LP |
2348 | if (h->last_change_usec != UINT64_MAX && |
2349 | h->last_change_usec > n) /* Complain during log-ins when the record is from the future */ | |
2350 | return -ESTALE; | |
2351 | ||
71d0b9d4 LP |
2352 | return 0; |
2353 | } | |
2354 | ||
2355 | int user_record_test_password_change_required(UserRecord *h) { | |
2356 | bool change_permitted; | |
2357 | usec_t n; | |
2358 | ||
2359 | assert(h); | |
2360 | ||
2361 | /* Checks whether the user must change the password when logging in | |
2362 | ||
2363 | -EKEYREVOKED: Change password now because admin said so | |
2364 | -EOWNERDEAD: Change password now because it expired | |
2365 | -EKEYREJECTED: Password is expired, no changing is allowed | |
2366 | -EKEYEXPIRED: Password is about to expire, warn user | |
2367 | -ENETDOWN: Record has expiration info but no password change timestamp | |
2368 | -EROFS: No password change required nor permitted | |
3e0b5486 | 2369 | -ESTALE: RTC likely incorrect, last password change is in the future |
71d0b9d4 LP |
2370 | 0: No password change required, but permitted |
2371 | */ | |
2372 | ||
162392b7 | 2373 | /* If a password change request has been set explicitly, it overrides everything */ |
71d0b9d4 LP |
2374 | if (h->password_change_now > 0) |
2375 | return -EKEYREVOKED; | |
2376 | ||
2377 | n = now(CLOCK_REALTIME); | |
2378 | ||
3e0b5486 LP |
2379 | /* Password change in the future? Then our RTC is likely incorrect */ |
2380 | if (h->last_password_change_usec != UINT64_MAX && | |
2381 | h->last_password_change_usec > n && | |
2382 | (h->password_change_min_usec != UINT64_MAX || | |
2383 | h->password_change_max_usec != UINT64_MAX || | |
2384 | h->password_change_inactive_usec != UINT64_MAX)) | |
2385 | return -ESTALE; | |
2386 | ||
71d0b9d4 LP |
2387 | /* Then, let's check if password changing is currently allowed at all */ |
2388 | if (h->password_change_min_usec != UINT64_MAX) { | |
2389 | ||
2390 | /* Expiry configured but no password change timestamp known? */ | |
2391 | if (h->last_password_change_usec == UINT64_MAX) | |
2392 | return -ENETDOWN; | |
2393 | ||
2394 | if (h->password_change_min_usec >= UINT64_MAX - h->last_password_change_usec) | |
2395 | change_permitted = false; | |
2396 | else | |
2397 | change_permitted = n >= h->last_password_change_usec + h->password_change_min_usec; | |
2398 | ||
2399 | } else | |
2400 | change_permitted = true; | |
2401 | ||
2402 | /* Let's check whether the password has expired. */ | |
2403 | if (!(h->password_change_max_usec == UINT64_MAX || | |
2404 | h->password_change_max_usec >= UINT64_MAX - h->last_password_change_usec)) { | |
2405 | ||
2406 | uint64_t change_before; | |
2407 | ||
2408 | /* Expiry configured but no password change timestamp known? */ | |
2409 | if (h->last_password_change_usec == UINT64_MAX) | |
2410 | return -ENETDOWN; | |
2411 | ||
2412 | /* Password is in inactive phase? */ | |
2413 | if (h->password_change_inactive_usec != UINT64_MAX && | |
2414 | h->password_change_inactive_usec < UINT64_MAX - h->password_change_max_usec) { | |
2415 | usec_t added; | |
2416 | ||
2417 | added = h->password_change_inactive_usec + h->password_change_max_usec; | |
2418 | if (added < UINT64_MAX - h->last_password_change_usec && | |
2419 | n >= h->last_password_change_usec + added) | |
2420 | return -EKEYREJECTED; | |
2421 | } | |
2422 | ||
2423 | /* Password needs to be changed now? */ | |
2424 | change_before = h->last_password_change_usec + h->password_change_max_usec; | |
2425 | if (n >= change_before) | |
2426 | return change_permitted ? -EOWNERDEAD : -EKEYREJECTED; | |
2427 | ||
2428 | /* Warn user? */ | |
2429 | if (h->password_change_warn_usec != UINT64_MAX && | |
2430 | (change_before < h->password_change_warn_usec || | |
2431 | n >= change_before - h->password_change_warn_usec)) | |
2432 | return change_permitted ? -EKEYEXPIRED : -EROFS; | |
2433 | } | |
2434 | ||
2435 | /* No password changing necessary */ | |
2436 | return change_permitted ? 0 : -EROFS; | |
2437 | } | |
2438 | ||
1b466c09 AV |
2439 | int suitable_blob_filename(const char *name) { |
2440 | /* Enforces filename requirements as described in docs/USER_RECORD_BULK_DIRS.md */ | |
2441 | return filename_is_valid(name) && | |
2442 | in_charset(name, URI_UNRESERVED) && | |
2443 | name[0] != '.'; | |
2444 | } | |
2445 | ||
71d0b9d4 LP |
2446 | static const char* const user_storage_table[_USER_STORAGE_MAX] = { |
2447 | [USER_CLASSIC] = "classic", | |
2448 | [USER_LUKS] = "luks", | |
2449 | [USER_DIRECTORY] = "directory", | |
2450 | [USER_SUBVOLUME] = "subvolume", | |
2451 | [USER_FSCRYPT] = "fscrypt", | |
2452 | [USER_CIFS] = "cifs", | |
2453 | }; | |
2454 | ||
2455 | DEFINE_STRING_TABLE_LOOKUP(user_storage, UserStorage); | |
2456 | ||
2457 | static const char* const user_disposition_table[_USER_DISPOSITION_MAX] = { | |
2458 | [USER_INTRINSIC] = "intrinsic", | |
2459 | [USER_SYSTEM] = "system", | |
2460 | [USER_DYNAMIC] = "dynamic", | |
2461 | [USER_REGULAR] = "regular", | |
2462 | [USER_CONTAINER] = "container", | |
2463 | [USER_RESERVED] = "reserved", | |
2464 | }; | |
2465 | ||
2466 | DEFINE_STRING_TABLE_LOOKUP(user_disposition, UserDisposition); | |
8bec643c LP |
2467 | |
2468 | static const char* const auto_resize_mode_table[_AUTO_RESIZE_MODE_MAX] = { | |
2469 | [AUTO_RESIZE_OFF] = "off", | |
2470 | [AUTO_RESIZE_GROW] = "grow", | |
2471 | [AUTO_RESIZE_SHRINK_AND_GROW] = "shrink-and-grow", | |
2472 | }; | |
2473 | ||
2474 | DEFINE_STRING_TABLE_LOOKUP(auto_resize_mode, AutoResizeMode); |