]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/userdb/userwork.c
projects / thirdparty / systemd.git / blob
? search:


8b7a20b08d4cb8c2dcd063fc90949cd6becb5f68
[thirdparty/systemd.git] / src / userdb / userwork.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <poll.h>
4 #include <sys/wait.h>
5
6 #include "sd-daemon.h"
7
8 #include "env-util.h"
9 #include "fd-util.h"
10 #include "group-record.h"
11 #include "io-util.h"
12 #include "main-func.h"
13 #include "process-util.h"
14 #include "strv.h"
15 #include "time-util.h"
16 #include "user-record-nss.h"
17 #include "user-record.h"
18 #include "user-util.h"
19 #include "userdb.h"
20 #include "varlink.h"
21
22 #define ITERATIONS_MAX 64U
23 #define RUNTIME_MAX_USEC (5 * USEC_PER_MINUTE)
24 #define PRESSURE_SLEEP_TIME_USEC (50 * USEC_PER_MSEC)
25 #define CONNECTION_IDLE_USEC (15 * USEC_PER_SEC)
26 #define LISTEN_IDLE_USEC (90 * USEC_PER_SEC)
27
28 typedef struct LookupParameters {
29 const char *user_name;
30 const char *group_name;
31 union {
32 uid_t uid;
33 gid_t gid;
34 };
35 const char *service;
36 } LookupParameters;
37
38 static int add_nss_service(JsonVariant **v) {
39 _cleanup_(json_variant_unrefp) JsonVariant *status = NULL, *z = NULL;
40 char buf[SD_ID128_STRING_MAX];
41 sd_id128_t mid;
42 int r;
43
44 assert(v);
45
46 /* Patch in service field if it's missing. The assumption here is that this field is unset only for
47 * NSS records */
48
49 if (json_variant_by_key(*v, "service"))
50 return 0;
51
52 r = sd_id128_get_machine(&mid);
53 if (r < 0)
54 return r;
55
56 status = json_variant_ref(json_variant_by_key(*v, "status"));
57 z = json_variant_ref(json_variant_by_key(status, sd_id128_to_string(mid, buf)));
58
59 if (json_variant_by_key(z, "service"))
60 return 0;
61
62 r = json_variant_set_field_string(&z, "service", "io.systemd.NameServiceSwitch");
63 if (r < 0)
64 return r;
65
66 r = json_variant_set_field(&status, buf, z);
67 if (r < 0)
68 return r;
69
70 return json_variant_set_field(v, "status", status);
71 }
72
73 static int build_user_json(Varlink *link, UserRecord *ur, JsonVariant **ret) {
74 _cleanup_(user_record_unrefp) UserRecord *stripped = NULL;
75 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
76 UserRecordLoadFlags flags;
77 uid_t peer_uid;
78 bool trusted;
79 int r;
80
81 assert(ur);
82 assert(ret);
83
84 r = varlink_get_peer_uid(link, &peer_uid);
85 if (r < 0) {
86 log_debug_errno(r, "Unable to query peer UID, ignoring: %m");
87 trusted = false;
88 } else
89 trusted = peer_uid == 0 || peer_uid == ur->uid;
90
91 flags = USER_RECORD_REQUIRE_REGULAR|USER_RECORD_ALLOW_PER_MACHINE|USER_RECORD_ALLOW_BINDING|USER_RECORD_STRIP_SECRET|USER_RECORD_ALLOW_STATUS|USER_RECORD_ALLOW_SIGNATURE|USER_RECORD_PERMISSIVE;
92 if (trusted)
93 flags |= USER_RECORD_ALLOW_PRIVILEGED;
94 else
95 flags |= USER_RECORD_STRIP_PRIVILEGED;
96
97 r = user_record_clone(ur, flags, &stripped);
98 if (r < 0)
99 return r;
100
101 stripped->incomplete =
102 ur->incomplete ||
103 (FLAGS_SET(ur->mask, USER_RECORD_PRIVILEGED) &&
104 !FLAGS_SET(stripped->mask, USER_RECORD_PRIVILEGED));
105
106 v = json_variant_ref(stripped->json);
107 r = add_nss_service(&v);
108 if (r < 0)
109 return r;
110
111 return json_build(ret, JSON_BUILD_OBJECT(
112 JSON_BUILD_PAIR("record", JSON_BUILD_VARIANT(v)),
113 JSON_BUILD_PAIR("incomplete", JSON_BUILD_BOOLEAN(stripped->incomplete))));
114 }
115
116 static int userdb_flags_from_service(Varlink *link, const char *service, UserDBFlags *ret) {
117 assert(link);
118 assert(service);
119 assert(ret);
120
121 if (streq_ptr(service, "io.systemd.NameServiceSwitch"))
122 *ret = USERDB_NSS_ONLY|USERDB_AVOID_MULTIPLEXER;
123 if (streq_ptr(service, "io.systemd.DropIn"))
124 *ret = USERDB_DROPIN_ONLY|USERDB_AVOID_MULTIPLEXER;
125 else if (streq_ptr(service, "io.systemd.Multiplexer"))
126 *ret = USERDB_AVOID_MULTIPLEXER;
127 else
128 return varlink_error(link, "io.systemd.UserDatabase.BadService", NULL);
129
130 return 0;
131 }
132
133 static int vl_method_get_user_record(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata) {
134
135 static const JsonDispatch dispatch_table[] = {
136 { "uid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(LookupParameters, uid), 0 },
137 { "userName", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, user_name), 0 },
138 { "service", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, service), 0 },
139 {}
140 };
141
142 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
143 _cleanup_(user_record_unrefp) UserRecord *hr = NULL;
144 LookupParameters p = {
145 .uid = UID_INVALID,
146 };
147 UserDBFlags userdb_flags;
148 int r;
149
150 assert(parameters);
151
152 r = json_dispatch(parameters, dispatch_table, NULL, 0, &p);
153 if (r < 0)
154 return r;
155
156 r = userdb_flags_from_service(link, p.service, &userdb_flags);
157 if (r < 0)
158 return r;
159
160 if (uid_is_valid(p.uid))
161 r = userdb_by_uid(p.uid, userdb_flags, &hr);
162 else if (p.user_name)
163 r = userdb_by_name(p.user_name, userdb_flags, &hr);
164 else {
165 _cleanup_(userdb_iterator_freep) UserDBIterator *iterator = NULL;
166 _cleanup_(json_variant_unrefp) JsonVariant *last = NULL;
167
168 r = userdb_all(userdb_flags, &iterator);
169 if (r < 0)
170 return r;
171
172 for (;;) {
173 _cleanup_(user_record_unrefp) UserRecord *z = NULL;
174
175 r = userdb_iterator_get(iterator, &z);
176 if (r == -ESRCH)
177 break;
178 if (r < 0)
179 return r;
180
181 if (last) {
182 r = varlink_notify(link, last);
183 if (r < 0)
184 return r;
185
186 last = json_variant_unref(last);
187 }
188
189 r = build_user_json(link, z, &last);
190 if (r < 0)
191 return r;
192 }
193
194 if (!last)
195 return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
196
197 return varlink_reply(link, last);
198 }
199 if (r == -ESRCH)
200 return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
201 if (r < 0) {
202 log_debug_errno(r, "User lookup failed abnormally: %m");
203 return varlink_error(link, "io.systemd.UserDatabase.ServiceNotAvailable", NULL);
204 }
205
206 if ((uid_is_valid(p.uid) && hr->uid != p.uid) ||
207 (p.user_name && !streq(hr->user_name, p.user_name)))
208 return varlink_error(link, "io.systemd.UserDatabase.ConflictingRecordFound", NULL);
209
210 r = build_user_json(link, hr, &v);
211 if (r < 0)
212 return r;
213
214 return varlink_reply(link, v);
215 }
216
217 static int build_group_json(Varlink *link, GroupRecord *gr, JsonVariant **ret) {
218 _cleanup_(group_record_unrefp) GroupRecord *stripped = NULL;
219 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
220 UserRecordLoadFlags flags;
221 uid_t peer_uid;
222 bool trusted;
223 int r;
224
225 assert(gr);
226 assert(ret);
227
228 r = varlink_get_peer_uid(link, &peer_uid);
229 if (r < 0) {
230 log_debug_errno(r, "Unable to query peer UID, ignoring: %m");
231 trusted = false;
232 } else
233 trusted = peer_uid == 0;
234
235 flags = USER_RECORD_REQUIRE_REGULAR|USER_RECORD_ALLOW_PER_MACHINE|USER_RECORD_ALLOW_BINDING|USER_RECORD_STRIP_SECRET|USER_RECORD_ALLOW_STATUS|USER_RECORD_ALLOW_SIGNATURE|USER_RECORD_PERMISSIVE;
236 if (trusted)
237 flags |= USER_RECORD_ALLOW_PRIVILEGED;
238 else
239 flags |= USER_RECORD_STRIP_PRIVILEGED;
240
241 r = group_record_clone(gr, flags, &stripped);
242 if (r < 0)
243 return r;
244
245 stripped->incomplete =
246 gr->incomplete ||
247 (FLAGS_SET(gr->mask, USER_RECORD_PRIVILEGED) &&
248 !FLAGS_SET(stripped->mask, USER_RECORD_PRIVILEGED));
249
250 v = json_variant_ref(gr->json);
251 r = add_nss_service(&v);
252 if (r < 0)
253 return r;
254
255 return json_build(ret, JSON_BUILD_OBJECT(
256 JSON_BUILD_PAIR("record", JSON_BUILD_VARIANT(v)),
257 JSON_BUILD_PAIR("incomplete", JSON_BUILD_BOOLEAN(stripped->incomplete))));
258 }
259
260 static int vl_method_get_group_record(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata) {
261
262 static const JsonDispatch dispatch_table[] = {
263 { "gid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(LookupParameters, gid), 0 },
264 { "groupName", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, group_name), 0 },
265 { "service", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, service), 0 },
266 {}
267 };
268
269 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
270 _cleanup_(group_record_unrefp) GroupRecord *g = NULL;
271 LookupParameters p = {
272 .gid = GID_INVALID,
273 };
274 UserDBFlags userdb_flags;
275 int r;
276
277 assert(parameters);
278
279 r = json_dispatch(parameters, dispatch_table, NULL, 0, &p);
280 if (r < 0)
281 return r;
282
283 r = userdb_flags_from_service(link, p.service, &userdb_flags);
284 if (r < 0)
285 return r;
286
287 if (gid_is_valid(p.gid))
288 r = groupdb_by_gid(p.gid, userdb_flags, &g);
289 else if (p.group_name)
290 r = groupdb_by_name(p.group_name, userdb_flags, &g);
291 else {
292 _cleanup_(userdb_iterator_freep) UserDBIterator *iterator = NULL;
293 _cleanup_(json_variant_unrefp) JsonVariant *last = NULL;
294
295 r = groupdb_all(userdb_flags, &iterator);
296 if (r < 0)
297 return r;
298
299 for (;;) {
300 _cleanup_(group_record_unrefp) GroupRecord *z = NULL;
301
302 r = groupdb_iterator_get(iterator, &z);
303 if (r == -ESRCH)
304 break;
305 if (r < 0)
306 return r;
307
308 if (last) {
309 r = varlink_notify(link, last);
310 if (r < 0)
311 return r;
312
313 last = json_variant_unref(last);
314 }
315
316 r = build_group_json(link, z, &last);
317 if (r < 0)
318 return r;
319 }
320
321 if (!last)
322 return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
323
324 return varlink_reply(link, last);
325 }
326 if (r == -ESRCH)
327 return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
328 if (r < 0) {
329 log_debug_errno(r, "Group lookup failed abnormally: %m");
330 return varlink_error(link, "io.systemd.UserDatabase.ServiceNotAvailable", NULL);
331 }
332
333 if ((uid_is_valid(p.gid) && g->gid != p.gid) ||
334 (p.group_name && !streq(g->group_name, p.group_name)))
335 return varlink_error(link, "io.systemd.UserDatabase.ConflictingRecordFound", NULL);
336
337 r = build_group_json(link, g, &v);
338 if (r < 0)
339 return r;
340
341 return varlink_reply(link, v);
342 }
343
344 static int vl_method_get_memberships(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata) {
345 static const JsonDispatch dispatch_table[] = {
346 { "userName", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, user_name), 0 },
347 { "groupName", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, group_name), 0 },
348 { "service", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(LookupParameters, service), 0 },
349 {}
350 };
351
352 _cleanup_free_ char *last_user_name = NULL, *last_group_name = NULL;
353 _cleanup_(userdb_iterator_freep) UserDBIterator *iterator = NULL;
354 LookupParameters p = {};
355 UserDBFlags userdb_flags;
356 int r;
357
358 assert(parameters);
359
360 r = json_dispatch(parameters, dispatch_table, NULL, 0, &p);
361 if (r < 0)
362 return r;
363
364 r = userdb_flags_from_service(link, p.service, &userdb_flags);
365 if (r < 0)
366 return r;
367
368 if (p.group_name)
369 r = membershipdb_by_group(p.group_name, userdb_flags, &iterator);
370 else if (p.user_name)
371 r = membershipdb_by_user(p.user_name, userdb_flags, &iterator);
372 else
373 r = membershipdb_all(userdb_flags, &iterator);
374 if (r < 0)
375 return r;
376
377 for (;;) {
378 _cleanup_free_ char *user_name = NULL, *group_name = NULL;
379
380 r = membershipdb_iterator_get(iterator, &user_name, &group_name);
381 if (r == -ESRCH)
382 break;
383 if (r < 0)
384 return r;
385
386 /* If both group + user are specified do a-posteriori filtering */
387 if (p.group_name && p.user_name && !streq(group_name, p.group_name))
388 continue;
389
390 if (last_user_name) {
391 assert(last_group_name);
392
393 r = varlink_notifyb(link, JSON_BUILD_OBJECT(
394 JSON_BUILD_PAIR("userName", JSON_BUILD_STRING(last_user_name)),
395 JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING(last_group_name))));
396 if (r < 0)
397 return r;
398 }
399
400 free_and_replace(last_user_name, user_name);
401 free_and_replace(last_group_name, group_name);
402 }
403
404 if (!last_user_name) {
405 assert(!last_group_name);
406 return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
407 }
408
409 assert(last_group_name);
410
411 return varlink_replyb(link, JSON_BUILD_OBJECT(
412 JSON_BUILD_PAIR("userName", JSON_BUILD_STRING(last_user_name)),
413 JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING(last_group_name))));
414 }
415
416 static int process_connection(VarlinkServer *server, int fd) {
417 _cleanup_(varlink_close_unrefp) Varlink *vl = NULL;
418 int r;
419
420 r = varlink_server_add_connection(server, fd, &vl);
421 if (r < 0) {
422 fd = safe_close(fd);
423 return log_error_errno(r, "Failed to add connection: %m");
424 }
425
426 vl = varlink_ref(vl);
427
428 for (;;) {
429 r = varlink_process(vl);
430 if (r == -ENOTCONN) {
431 log_debug("Connection terminated.");
432 break;
433 }
434 if (r < 0)
435 return log_error_errno(r, "Failed to process connection: %m");
436 if (r > 0)
437 continue;
438
439 r = varlink_wait(vl, CONNECTION_IDLE_USEC);
440 if (r < 0)
441 return log_error_errno(r, "Failed to wait for connection events: %m");
442 if (r == 0)
443 break;
444 }
445
446 return 0;
447 }
448
449 static int run(int argc, char *argv[]) {
450 usec_t start_time, listen_idle_usec, last_busy_usec = USEC_INFINITY;
451 _cleanup_(varlink_server_unrefp) VarlinkServer *server = NULL;
452 unsigned n_iterations = 0;
453 int m, listen_fd, r;
454
455 log_setup();
456
457 m = sd_listen_fds(false);
458 if (m < 0)
459 return log_error_errno(m, "Failed to determine number of listening fds: %m");
460 if (m == 0)
461 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "No socket to listen on received.");
462 if (m > 1)
463 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Worker can only listen on a single socket at a time.");
464
465 listen_fd = SD_LISTEN_FDS_START;
466
467 r = fd_nonblock(listen_fd, false);
468 if (r < 0)
469 return log_error_errno(r, "Failed to turn off non-blocking mode for listening socket: %m");
470
471 r = varlink_server_new(&server, 0);
472 if (r < 0)
473 return log_error_errno(r, "Failed to allocate server: %m");
474
475 r = varlink_server_bind_method_many(
476 server,
477 "io.systemd.UserDatabase.GetUserRecord", vl_method_get_user_record,
478 "io.systemd.UserDatabase.GetGroupRecord", vl_method_get_group_record,
479 "io.systemd.UserDatabase.GetMemberships", vl_method_get_memberships);
480 if (r < 0)
481 return log_error_errno(r, "Failed to bind methods: %m");
482
483 r = getenv_bool("USERDB_FIXED_WORKER");
484 if (r < 0)
485 return log_error_errno(r, "Failed to parse USERDB_FIXED_WORKER: %m");
486 listen_idle_usec = r ? USEC_INFINITY : LISTEN_IDLE_USEC;
487
488 r = userdb_block_nss_systemd(true);
489 if (r < 0)
490 return log_error_errno(r, "Failed to disable userdb NSS compatibility: %m");
491
492 start_time = now(CLOCK_MONOTONIC);
493
494 for (;;) {
495 _cleanup_close_ int fd = -1;
496 usec_t n;
497
498 /* Exit the worker in regular intervals, to flush out all memory use */
499 if (n_iterations++ > ITERATIONS_MAX) {
500 log_debug("Exiting worker, processed %u iterations, that's enough.", n_iterations);
501 break;
502 }
503
504 n = now(CLOCK_MONOTONIC);
505 if (n >= usec_add(start_time, RUNTIME_MAX_USEC)) {
506 char buf[FORMAT_TIMESPAN_MAX];
507 log_debug("Exiting worker, ran for %s, that's enough.",
508 format_timespan(buf, sizeof(buf), usec_sub_unsigned(n, start_time), 0));
509 break;
510 }
511
512 if (last_busy_usec == USEC_INFINITY)
513 last_busy_usec = n;
514 else if (listen_idle_usec != USEC_INFINITY && n >= usec_add(last_busy_usec, listen_idle_usec)) {
515 char buf[FORMAT_TIMESPAN_MAX];
516 log_debug("Exiting worker, been idle for %s.",
517 format_timespan(buf, sizeof(buf), usec_sub_unsigned(n, last_busy_usec), 0));
518 break;
519 }
520
521 (void) rename_process("systemd-userwork: waiting...");
522
523 fd = accept4(listen_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
524 if (fd < 0)
525 fd = -errno;
526
527 (void) rename_process("systemd-userwork: processing...");
528
529 if (fd == -EAGAIN)
530 continue; /* The listening socket has SO_RECVTIMEO set, hence a timeout is expected
531 * after a while, let's check if it's time to exit though. */
532 if (fd == -EINTR)
533 continue; /* Might be that somebody attached via strace, let's just continue in that
534 * case */
535 if (fd < 0)
536 return log_error_errno(fd, "Failed to accept() from listening socket: %m");
537
538 if (now(CLOCK_MONOTONIC) <= usec_add(n, PRESSURE_SLEEP_TIME_USEC)) {
539 /* We only slept a very short time? If so, let's see if there are more sockets
540 * pending, and if so, let's ask our parent for more workers */
541
542 r = fd_wait_for_event(listen_fd, POLLIN, 0);
543 if (r < 0)
544 return log_error_errno(r, "Failed to test for POLLIN on listening socket: %m");
545
546 if (FLAGS_SET(r, POLLIN)) {
547 pid_t parent;
548
549 parent = getppid();
550 if (parent <= 1)
551 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Parent already died?");
552
553 if (kill(parent, SIGUSR2) < 0)
554 return log_error_errno(errno, "Failed to kill our own parent.");
555 }
556 }
557
558 (void) process_connection(server, TAKE_FD(fd));
559 last_busy_usec = USEC_INFINITY;
560 }
561
562 return 0;
563 }
564
565 DEFINE_MAIN_FUNCTION(run);
Unnamed repository; edit this file 'description' to name the repository.