/* SPDX-License-Identifier: LGPL-2.1+ */
-/***
- This file is part of systemd.
-
- Copyright 2016 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
#include <nss.h>
+#include <pthread.h>
#include "sd-bus.h"
#include "alloc-util.h"
#include "bus-common-errors.h"
+#include "dirent-util.h"
#include "env-util.h"
+#include "fd-util.h"
#include "fs-util.h"
+#include "list.h"
#include "macro.h"
#include "nss-util.h"
#include "signal-util.h"
#include "user-util.h"
#include "util.h"
+#define DYNAMIC_USER_GECOS "Dynamic User"
+#define DYNAMIC_USER_PASSWD "*" /* locked */
+#define DYNAMIC_USER_DIR "/"
+#define DYNAMIC_USER_SHELL "/sbin/nologin"
+
static const struct passwd root_passwd = {
.pw_name = (char*) "root",
.pw_passwd = (char*) "x", /* see shadow file */
.gr_mem = (char*[]) { NULL },
};
+typedef struct UserEntry UserEntry;
+typedef struct GetentData GetentData;
+
+struct UserEntry {
+ uid_t id;
+ char *name;
+
+ GetentData *data;
+ LIST_FIELDS(UserEntry, entries);
+};
+
+struct GetentData {
+ /* As explained in NOTES section of getpwent_r(3) as 'getpwent_r() is not really
+ * reentrant since it shares the reading position in the stream with all other threads',
+ * we need to protect the data in UserEntry from multithreaded programs which may call
+ * setpwent(), getpwent_r(), or endpwent() simultaneously. So, each function locks the
+ * data by using the mutex below. */
+ pthread_mutex_t mutex;
+
+ UserEntry *position;
+ LIST_HEAD(UserEntry, entries);
+};
+
+static GetentData getpwent_data = { PTHREAD_MUTEX_INITIALIZER, NULL, NULL };
+static GetentData getgrent_data = { PTHREAD_MUTEX_INITIALIZER, NULL, NULL };
+
NSS_GETPW_PROTOTYPES(systemd);
NSS_GETGR_PROTOTYPES(systemd);
+enum nss_status _nss_systemd_endpwent(void) _public_;
+enum nss_status _nss_systemd_setpwent(int stayopen) _public_;
+enum nss_status _nss_systemd_getpwent_r(struct passwd *result, char *buffer, size_t buflen, int *errnop) _public_;
+enum nss_status _nss_systemd_endgrent(void) _public_;
+enum nss_status _nss_systemd_setgrent(int stayopen) _public_;
+enum nss_status _nss_systemd_getgrent_r(struct group *result, char *buffer, size_t buflen, int *errnop) _public_;
static int direct_lookup_name(const char *name, uid_t *ret) {
_cleanup_free_ char *s = NULL;
char *buffer, size_t buflen,
int *errnop) {
+ _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
+ _cleanup_(sd_bus_message_unrefp) sd_bus_message* reply = NULL;
+ _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
uint32_t translated;
size_t l;
int bypass, r;
+ PROTECT_ERRNO;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
assert(name);
/* If the username is not valid, then we don't know it. Ideally libc would filter these for us anyway. We don't
* generate EINVAL here, because it isn't really out business to complain about invalid user names. */
if (!valid_user_group_name(name))
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
/* Synthesize entries for the root and nobody users, in case they are missing in /etc/passwd */
if (getenv_bool_secure("SYSTEMD_NSS_BYPASS_SYNTHETIC") <= 0) {
if (streq(name, root_passwd.pw_name)) {
*pwd = root_passwd;
- *errnop = 0;
return NSS_STATUS_SUCCESS;
}
- if (streq(name, nobody_passwd.pw_name)) {
+ if (synthesize_nobody() &&
+ streq(name, nobody_passwd.pw_name)) {
*pwd = nobody_passwd;
- *errnop = 0;
return NSS_STATUS_SUCCESS;
}
}
/* Make sure that we don't go in circles when allocating a dynamic UID by checking our own database */
if (getenv_bool_secure("SYSTEMD_NSS_DYNAMIC_BYPASS") > 0)
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
bypass = getenv_bool_secure("SYSTEMD_NSS_BYPASS_BUS");
if (bypass <= 0) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_(sd_bus_message_unrefp) sd_bus_message* reply = NULL;
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
-
r = sd_bus_open_system(&bus);
- if (r < 0) {
+ if (r < 0)
bypass = 1;
- goto direct_lookup;
- }
+ }
+ if (bypass > 0) {
+ r = direct_lookup_name(name, (uid_t*) &translated);
+ if (r == -ENOENT)
+ return NSS_STATUS_NOTFOUND;
+ if (r < 0)
+ goto fail;
+ } else {
r = sd_bus_call_method(bus,
"org.freedesktop.systemd1",
"/org/freedesktop/systemd1",
name);
if (r < 0) {
if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_DYNAMIC_USER))
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
goto fail;
}
goto fail;
}
-direct_lookup:
- if (bypass > 0) {
- /* Access the dynamic UID allocation directly if we are called from dbus-daemon, see above. */
- r = direct_lookup_name(name, (uid_t*) &translated);
- if (r == -ENOENT)
- goto not_found;
- if (r < 0)
- goto fail;
- }
-
l = strlen(name);
if (buflen < l+1) {
+ UNPROTECT_ERRNO;
*errnop = ERANGE;
return NSS_STATUS_TRYAGAIN;
}
pwd->pw_name = buffer;
pwd->pw_uid = (uid_t) translated;
pwd->pw_gid = (uid_t) translated;
- pwd->pw_gecos = (char*) "Dynamic User";
- pwd->pw_passwd = (char*) "*"; /* locked */
- pwd->pw_dir = (char*) "/";
- pwd->pw_shell = (char*) "/sbin/nologin";
+ pwd->pw_gecos = (char*) DYNAMIC_USER_GECOS;
+ pwd->pw_passwd = (char*) DYNAMIC_USER_PASSWD;
+ pwd->pw_dir = (char*) DYNAMIC_USER_DIR;
+ pwd->pw_shell = (char*) DYNAMIC_USER_SHELL;
- *errnop = 0;
return NSS_STATUS_SUCCESS;
-not_found:
- *errnop = 0;
- return NSS_STATUS_NOTFOUND;
-
fail:
+ UNPROTECT_ERRNO;
*errnop = -r;
return NSS_STATUS_UNAVAIL;
}
size_t l;
int bypass, r;
+ PROTECT_ERRNO;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
if (!uid_is_valid(uid))
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
/* Synthesize data for the root user and for nobody in case they are missing from /etc/passwd */
if (getenv_bool_secure("SYSTEMD_NSS_BYPASS_SYNTHETIC") <= 0) {
if (uid == root_passwd.pw_uid) {
*pwd = root_passwd;
- *errnop = 0;
return NSS_STATUS_SUCCESS;
}
- if (uid == nobody_passwd.pw_uid) {
+ if (synthesize_nobody() &&
+ uid == nobody_passwd.pw_uid) {
*pwd = nobody_passwd;
- *errnop = 0;
return NSS_STATUS_SUCCESS;
}
}
if (!uid_is_dynamic(uid))
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
if (getenv_bool_secure("SYSTEMD_NSS_DYNAMIC_BYPASS") > 0)
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
bypass = getenv_bool_secure("SYSTEMD_NSS_BYPASS_BUS");
if (bypass <= 0) {
r = sd_bus_open_system(&bus);
- if (r < 0) {
+ if (r < 0)
bypass = 1;
- goto direct_lookup;
- }
+ }
+
+ if (bypass > 0) {
+ r = direct_lookup_uid(uid, &direct);
+ if (r == -ENOENT)
+ return NSS_STATUS_NOTFOUND;
+ if (r < 0)
+ goto fail;
+ translated = direct;
+
+ } else {
r = sd_bus_call_method(bus,
"org.freedesktop.systemd1",
"/org/freedesktop/systemd1",
(uint32_t) uid);
if (r < 0) {
if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_DYNAMIC_USER))
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
goto fail;
}
goto fail;
}
-direct_lookup:
- if (bypass > 0) {
- r = direct_lookup_uid(uid, &direct);
- if (r == -ENOENT)
- goto not_found;
- if (r < 0)
- goto fail;
-
- translated = direct;
-
- }
-
l = strlen(translated) + 1;
if (buflen < l) {
+ UNPROTECT_ERRNO;
*errnop = ERANGE;
return NSS_STATUS_TRYAGAIN;
}
pwd->pw_name = buffer;
pwd->pw_uid = uid;
pwd->pw_gid = uid;
- pwd->pw_gecos = (char*) "Dynamic User";
- pwd->pw_passwd = (char*) "*"; /* locked */
- pwd->pw_dir = (char*) "/";
- pwd->pw_shell = (char*) "/sbin/nologin";
+ pwd->pw_gecos = (char*) DYNAMIC_USER_GECOS;
+ pwd->pw_passwd = (char*) DYNAMIC_USER_PASSWD;
+ pwd->pw_dir = (char*) DYNAMIC_USER_DIR;
+ pwd->pw_shell = (char*) DYNAMIC_USER_SHELL;
- *errnop = 0;
return NSS_STATUS_SUCCESS;
-not_found:
- *errnop = 0;
- return NSS_STATUS_NOTFOUND;
-
fail:
+ UNPROTECT_ERRNO;
*errnop = -r;
return NSS_STATUS_UNAVAIL;
}
+#pragma GCC diagnostic ignored "-Wsizeof-pointer-memaccess"
+
enum nss_status _nss_systemd_getgrnam_r(
const char *name,
struct group *gr,
char *buffer, size_t buflen,
int *errnop) {
+ _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
+ _cleanup_(sd_bus_message_unrefp) sd_bus_message* reply = NULL;
+ _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
uint32_t translated;
size_t l;
int bypass, r;
+ PROTECT_ERRNO;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
assert(name);
assert(gr);
if (!valid_user_group_name(name))
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
/* Synthesize records for root and nobody, in case they are missing form /etc/group */
if (getenv_bool_secure("SYSTEMD_NSS_BYPASS_SYNTHETIC") <= 0) {
if (streq(name, root_group.gr_name)) {
*gr = root_group;
- *errnop = 0;
return NSS_STATUS_SUCCESS;
}
- if (streq(name, nobody_group.gr_name)) {
+ if (synthesize_nobody() &&
+ streq(name, nobody_group.gr_name)) {
*gr = nobody_group;
- *errnop = 0;
return NSS_STATUS_SUCCESS;
}
}
if (getenv_bool_secure("SYSTEMD_NSS_DYNAMIC_BYPASS") > 0)
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
bypass = getenv_bool_secure("SYSTEMD_NSS_BYPASS_BUS");
if (bypass <= 0) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_(sd_bus_message_unrefp) sd_bus_message* reply = NULL;
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
-
r = sd_bus_open_system(&bus);
- if (r < 0) {
+ if (r < 0)
bypass = 1;
- goto direct_lookup;
- }
+ }
+ if (bypass > 0) {
+ r = direct_lookup_name(name, (uid_t*) &translated);
+ if (r == -ENOENT)
+ return NSS_STATUS_NOTFOUND;
+ if (r < 0)
+ goto fail;
+ } else {
r = sd_bus_call_method(bus,
"org.freedesktop.systemd1",
"/org/freedesktop/systemd1",
name);
if (r < 0) {
if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_DYNAMIC_USER))
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
goto fail;
}
goto fail;
}
-direct_lookup:
- if (bypass > 0) {
- /* Access the dynamic GID allocation directly if we are called from dbus-daemon, see above. */
- r = direct_lookup_name(name, (uid_t*) &translated);
- if (r == -ENOENT)
- goto not_found;
- if (r < 0)
- goto fail;
- }
-
l = sizeof(char*) + strlen(name) + 1;
if (buflen < l) {
+ UNPROTECT_ERRNO;
*errnop = ERANGE;
return NSS_STATUS_TRYAGAIN;
}
gr->gr_name = buffer + sizeof(char*);
gr->gr_gid = (gid_t) translated;
- gr->gr_passwd = (char*) "*"; /* locked */
+ gr->gr_passwd = (char*) DYNAMIC_USER_PASSWD;
gr->gr_mem = (char**) buffer;
- *errnop = 0;
return NSS_STATUS_SUCCESS;
-not_found:
- *errnop = 0;
- return NSS_STATUS_NOTFOUND;
-
fail:
+ UNPROTECT_ERRNO;
*errnop = -r;
return NSS_STATUS_UNAVAIL;
}
size_t l;
int bypass, r;
+ PROTECT_ERRNO;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
if (!gid_is_valid(gid))
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
/* Synthesize records for root and nobody, in case they are missing from /etc/group */
if (getenv_bool_secure("SYSTEMD_NSS_BYPASS_SYNTHETIC") <= 0) {
if (gid == root_group.gr_gid) {
*gr = root_group;
- *errnop = 0;
return NSS_STATUS_SUCCESS;
}
- if (gid == nobody_group.gr_gid) {
+ if (synthesize_nobody() &&
+ gid == nobody_group.gr_gid) {
*gr = nobody_group;
- *errnop = 0;
return NSS_STATUS_SUCCESS;
}
}
if (!gid_is_dynamic(gid))
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
if (getenv_bool_secure("SYSTEMD_NSS_DYNAMIC_BYPASS") > 0)
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
bypass = getenv_bool_secure("SYSTEMD_NSS_BYPASS_BUS");
if (bypass <= 0) {
r = sd_bus_open_system(&bus);
- if (r < 0) {
+ if (r < 0)
bypass = 1;
- goto direct_lookup;
- }
+ }
+
+ if (bypass > 0) {
+ r = direct_lookup_uid(gid, &direct);
+ if (r == -ENOENT)
+ return NSS_STATUS_NOTFOUND;
+ if (r < 0)
+ goto fail;
+
+ translated = direct;
+ } else {
r = sd_bus_call_method(bus,
"org.freedesktop.systemd1",
"/org/freedesktop/systemd1",
(uint32_t) gid);
if (r < 0) {
if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_DYNAMIC_USER))
- goto not_found;
+ return NSS_STATUS_NOTFOUND;
goto fail;
}
goto fail;
}
-direct_lookup:
- if (bypass > 0) {
- r = direct_lookup_uid(gid, &direct);
- if (r == -ENOENT)
- goto not_found;
- if (r < 0)
- goto fail;
-
- translated = direct;
- }
-
l = sizeof(char*) + strlen(translated) + 1;
if (buflen < l) {
+ UNPROTECT_ERRNO;
*errnop = ERANGE;
return NSS_STATUS_TRYAGAIN;
}
gr->gr_name = buffer + sizeof(char*);
gr->gr_gid = gid;
- gr->gr_passwd = (char*) "*"; /* locked */
+ gr->gr_passwd = (char*) DYNAMIC_USER_PASSWD;
gr->gr_mem = (char**) buffer;
- *errnop = 0;
return NSS_STATUS_SUCCESS;
-not_found:
- *errnop = 0;
- return NSS_STATUS_NOTFOUND;
-
fail:
+ UNPROTECT_ERRNO;
*errnop = -r;
return NSS_STATUS_UNAVAIL;
}
+
+static void user_entry_free(UserEntry *p) {
+ if (!p)
+ return;
+
+ if (p->data)
+ LIST_REMOVE(entries, p->data->entries, p);
+
+ free(p->name);
+ free(p);
+}
+
+static int user_entry_add(GetentData *data, const char *name, uid_t id) {
+ UserEntry *p;
+
+ assert(data);
+
+ /* This happens when User= or Group= already exists statically. */
+ if (!uid_is_dynamic(id))
+ return -EINVAL;
+
+ p = new0(UserEntry, 1);
+ if (!p)
+ return -ENOMEM;
+
+ p->name = strdup(name);
+ if (!p->name) {
+ free(p);
+ return -ENOMEM;
+ }
+ p->id = id;
+ p->data = data;
+
+ LIST_PREPEND(entries, data->entries, p);
+
+ return 0;
+}
+
+static void systemd_endent(GetentData *data) {
+ UserEntry *p;
+
+ assert(data);
+
+ while ((p = data->entries))
+ user_entry_free(p);
+
+ data->position = NULL;
+}
+
+static enum nss_status nss_systemd_endent(GetentData *p) {
+ PROTECT_ERRNO;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
+ assert_se(pthread_mutex_lock(&p->mutex) == 0);
+ systemd_endent(p);
+ assert_se(pthread_mutex_unlock(&p->mutex) == 0);
+
+ return NSS_STATUS_SUCCESS;
+}
+
+enum nss_status _nss_systemd_endpwent(void) {
+ return nss_systemd_endent(&getpwent_data);
+}
+
+enum nss_status _nss_systemd_endgrent(void) {
+ return nss_systemd_endent(&getgrent_data);
+}
+
+static int direct_enumeration(GetentData *p) {
+ _cleanup_closedir_ DIR *d = NULL;
+ struct dirent *de;
+ int r;
+
+ assert(p);
+
+ d = opendir("/run/systemd/dynamic-uid/");
+ if (!d)
+ return -errno;
+
+ FOREACH_DIRENT(de, d, return -errno) {
+ _cleanup_free_ char *name = NULL;
+ uid_t uid, verified;
+
+ if (!dirent_is_file(de))
+ continue;
+
+ r = parse_uid(de->d_name, &uid);
+ if (r < 0)
+ continue;
+
+ r = direct_lookup_uid(uid, &name);
+ if (r == -ENOMEM)
+ return r;
+ if (r < 0)
+ continue;
+
+ r = direct_lookup_name(name, &verified);
+ if (r < 0)
+ continue;
+
+ if (uid != verified)
+ continue;
+
+ r = user_entry_add(p, name, uid);
+ if (r == -ENOMEM)
+ return r;
+ if (r < 0)
+ continue;
+ }
+
+ return 0;
+}
+
+static enum nss_status systemd_setent(GetentData *p) {
+ _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
+ _cleanup_(sd_bus_message_unrefp) sd_bus_message* reply = NULL;
+ _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
+ const char *name;
+ uid_t id;
+ int bypass, r;
+
+ PROTECT_ERRNO;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
+ assert(p);
+
+ assert_se(pthread_mutex_lock(&p->mutex) == 0);
+
+ systemd_endent(p);
+
+ if (getenv_bool_secure("SYSTEMD_NSS_DYNAMIC_BYPASS") > 0)
+ goto finish;
+
+ bypass = getenv_bool_secure("SYSTEMD_NSS_BYPASS_BUS");
+
+ if (bypass <= 0) {
+ r = sd_bus_open_system(&bus);
+ if (r < 0)
+ bypass = 1;
+ }
+
+ if (bypass > 0) {
+ r = direct_enumeration(p);
+ if (r < 0)
+ goto fail;
+
+ goto finish;
+ }
+
+ r = sd_bus_call_method(bus,
+ "org.freedesktop.systemd1",
+ "/org/freedesktop/systemd1",
+ "org.freedesktop.systemd1.Manager",
+ "GetDynamicUsers",
+ &error,
+ &reply,
+ NULL);
+ if (r < 0)
+ goto fail;
+
+ r = sd_bus_message_enter_container(reply, 'a', "(us)");
+ if (r < 0)
+ goto fail;
+
+ while ((r = sd_bus_message_read(reply, "(us)", &id, &name)) > 0) {
+ r = user_entry_add(p, name, id);
+ if (r == -ENOMEM)
+ goto fail;
+ if (r < 0)
+ continue;
+ }
+ if (r < 0)
+ goto fail;
+
+ r = sd_bus_message_exit_container(reply);
+ if (r < 0)
+ goto fail;
+
+finish:
+ p->position = p->entries;
+ assert_se(pthread_mutex_unlock(&p->mutex) == 0);
+
+ return NSS_STATUS_SUCCESS;
+
+fail:
+ systemd_endent(p);
+ assert_se(pthread_mutex_unlock(&p->mutex) == 0);
+
+ return NSS_STATUS_UNAVAIL;
+}
+
+enum nss_status _nss_systemd_setpwent(int stayopen) {
+ return systemd_setent(&getpwent_data);
+}
+
+enum nss_status _nss_systemd_setgrent(int stayopen) {
+ return systemd_setent(&getgrent_data);
+}
+
+enum nss_status _nss_systemd_getpwent_r(struct passwd *result, char *buffer, size_t buflen, int *errnop) {
+ enum nss_status ret;
+ UserEntry *p;
+ size_t len;
+
+ PROTECT_ERRNO;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
+ assert(result);
+ assert(buffer);
+ assert(errnop);
+
+ assert_se(pthread_mutex_lock(&getpwent_data.mutex) == 0);
+
+ LIST_FOREACH(entries, p, getpwent_data.position) {
+ len = strlen(p->name) + 1;
+ if (buflen < len) {
+ UNPROTECT_ERRNO;
+ *errnop = ERANGE;
+ ret = NSS_STATUS_TRYAGAIN;
+ goto finalize;
+ }
+
+ memcpy(buffer, p->name, len);
+
+ result->pw_name = buffer;
+ result->pw_uid = p->id;
+ result->pw_gid = p->id;
+ result->pw_gecos = (char*) DYNAMIC_USER_GECOS;
+ result->pw_passwd = (char*) DYNAMIC_USER_PASSWD;
+ result->pw_dir = (char*) DYNAMIC_USER_DIR;
+ result->pw_shell = (char*) DYNAMIC_USER_SHELL;
+ break;
+ }
+ if (!p) {
+ ret = NSS_STATUS_NOTFOUND;
+ goto finalize;
+ }
+
+ /* On success, step to the next entry. */
+ p = p->entries_next;
+ ret = NSS_STATUS_SUCCESS;
+
+finalize:
+ /* Save position for the next call. */
+ getpwent_data.position = p;
+
+ assert_se(pthread_mutex_unlock(&getpwent_data.mutex) == 0);
+
+ return ret;
+}
+
+enum nss_status _nss_systemd_getgrent_r(struct group *result, char *buffer, size_t buflen, int *errnop) {
+ enum nss_status ret;
+ UserEntry *p;
+ size_t len;
+
+ PROTECT_ERRNO;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
+ assert(result);
+ assert(buffer);
+ assert(errnop);
+
+ assert_se(pthread_mutex_lock(&getgrent_data.mutex) == 0);
+
+ LIST_FOREACH(entries, p, getgrent_data.position) {
+ len = sizeof(char*) + strlen(p->name) + 1;
+ if (buflen < len) {
+ UNPROTECT_ERRNO;
+ *errnop = ERANGE;
+ ret = NSS_STATUS_TRYAGAIN;
+ goto finalize;
+ }
+
+ memzero(buffer, sizeof(char*));
+ strcpy(buffer + sizeof(char*), p->name);
+
+ result->gr_name = buffer + sizeof(char*);
+ result->gr_gid = p->id;
+ result->gr_passwd = (char*) DYNAMIC_USER_PASSWD;
+ result->gr_mem = (char**) buffer;
+ break;
+ }
+ if (!p) {
+ ret = NSS_STATUS_NOTFOUND;
+ goto finalize;
+ }
+
+ /* On success, step to the next entry. */
+ p = p->entries_next;
+ ret = NSS_STATUS_SUCCESS;
+
+finalize:
+ /* Save position for the next call. */
+ getgrent_data.position = p;
+
+ assert_se(pthread_mutex_unlock(&getgrent_data.mutex) == 0);
+
+ return ret;
+}
projects / thirdparty / systemd.git / blobdiff