]>
git.ipfire.org Git - thirdparty/systemd.git/blob - src/shared/group-record-nss.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 #include "errno-util.h"
4 #include "group-record-nss.h"
5 #include "libcrypt-util.h"
8 int nss_group_to_group_record(
9 const struct group
*grp
,
10 const struct sgrp
*sgrp
,
13 _cleanup_(group_record_unrefp
) GroupRecord
*g
= NULL
;
19 if (isempty(grp
->gr_name
))
22 if (sgrp
&& !streq_ptr(sgrp
->sg_namp
, grp
->gr_name
))
25 g
= group_record_new();
29 g
->group_name
= strdup(grp
->gr_name
);
33 g
->members
= strv_copy(grp
->gr_mem
);
40 if (looks_like_hashed_password(sgrp
->sg_passwd
)) {
41 g
->hashed_password
= strv_new(sgrp
->sg_passwd
);
42 if (!g
->hashed_password
)
46 r
= strv_extend_strv(&g
->members
, sgrp
->sg_mem
, 1);
50 g
->administrators
= strv_copy(sgrp
->sg_adm
);
51 if (!g
->administrators
)
55 r
= json_build(&g
->json
, JSON_BUILD_OBJECT(
56 JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING(g
->group_name
)),
57 JSON_BUILD_PAIR("gid", JSON_BUILD_UNSIGNED(g
->gid
)),
58 JSON_BUILD_PAIR_CONDITION(!strv_isempty(g
->members
), "members", JSON_BUILD_STRV(g
->members
)),
59 JSON_BUILD_PAIR_CONDITION(!strv_isempty(g
->hashed_password
), "privileged", JSON_BUILD_OBJECT(JSON_BUILD_PAIR("hashedPassword", JSON_BUILD_STRV(g
->hashed_password
)))),
60 JSON_BUILD_PAIR_CONDITION(!strv_isempty(g
->administrators
), "administrators", JSON_BUILD_STRV(g
->administrators
))));
64 g
->mask
= USER_RECORD_REGULAR
|
65 (!strv_isempty(g
->hashed_password
) ? USER_RECORD_PRIVILEGED
: 0);
71 int nss_sgrp_for_group(const struct group
*grp
, struct sgrp
*ret_sgrp
, char **ret_buffer
) {
80 _cleanup_free_
char *buf
= NULL
;
81 struct sgrp sgrp
, *result
;
87 r
= getsgnam_r(grp
->gr_name
, &sgrp
, buf
, buflen
, &result
);
93 *ret_buffer
= TAKE_PTR(buf
);
97 return -EIO
; /* Weird, this should not return negative! */
101 if (buflen
> SIZE_MAX
/ 2)
109 int nss_group_record_by_name(
114 _cleanup_free_
char *buf
= NULL
, *sbuf
= NULL
;
115 struct group grp
, *result
;
116 bool incomplete
= false;
117 size_t buflen
= 4096;
118 struct sgrp sgrp
, *sresult
= NULL
;
125 buf
= malloc(buflen
);
129 r
= getgrnam_r(name
, &grp
, buf
, buflen
, &result
);
138 return log_debug_errno(SYNTHETIC_ERRNO(EIO
), "getgrnam_r() returned a negative value");
141 if (buflen
> SIZE_MAX
/ 2)
149 r
= nss_sgrp_for_group(result
, &sgrp
, &sbuf
);
151 log_debug_errno(r
, "Failed to do shadow lookup for group %s, ignoring: %m", result
->gr_name
);
152 incomplete
= ERRNO_IS_PRIVILEGE(r
);
158 r
= nss_group_to_group_record(result
, sresult
, ret
);
162 (*ret
)->incomplete
= incomplete
;
166 int nss_group_record_by_gid(
171 _cleanup_free_
char *buf
= NULL
, *sbuf
= NULL
;
172 struct group grp
, *result
;
173 bool incomplete
= false;
174 size_t buflen
= 4096;
175 struct sgrp sgrp
, *sresult
= NULL
;
181 buf
= malloc(buflen
);
185 r
= getgrgid_r(gid
, &grp
, buf
, buflen
, &result
);
193 return log_debug_errno(SYNTHETIC_ERRNO(EIO
), "getgrgid_r() returned a negative value");
196 if (buflen
> SIZE_MAX
/ 2)
204 r
= nss_sgrp_for_group(result
, &sgrp
, &sbuf
);
206 log_debug_errno(r
, "Failed to do shadow lookup for group %s, ignoring: %m", result
->gr_name
);
207 incomplete
= ERRNO_IS_PRIVILEGE(r
);
213 r
= nss_group_to_group_record(result
, sresult
, ret
);
217 (*ret
)->incomplete
= incomplete
;