pwd: Set maximum range for SUBUID/SUBGIDs by default

This allows us to continue even if we cannot read anything from
/etc/subuid or /etc/subgid.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/libpakfire/pakfire.c b/src/libpakfire/pakfire.c
index a4ab9f9cbe07fe791baaff379fad8bfe65c0e2d1..7406f0178465f31300cdc2fc68faab36002da53a 100644 (file)
--- a/src/libpakfire/pakfire.c
+++ b/src/libpakfire/pakfire.c
@@ -783,7 +783,7 @@ static int pakfire_setup_user(struct pakfire* pakfire) {
                goto ERROR;
 
        // Store UID
-       pakfire->user.uid = uid;
+       pakfire->user.uid = pakfire->user.subuids.id = uid;
 
        // Store username
        r = pakfire_string_set(pakfire->user.name, user.pw_name);
@@ -801,13 +801,26 @@ static int pakfire_setup_user(struct pakfire* pakfire) {
                goto ERROR;
 
        // Store GID
-       pakfire->group.gid = gid;
+       pakfire->group.gid = pakfire->group.subgids.id = gid;
 
        // Store name
        r = pakfire_string_set(pakfire->group.name, group.gr_name);
        if (r)
                goto ERROR;
 
+       /*
+               Set default ranges for SUBUID/SUBGID
+
+               For root, we set the entire range, but for unprivileged users,
+               we can only map our own UID/GID. This may later be overwritten
+               from /etc/sub{u,g}id.
+       */
+       if (uid == 0)
+               pakfire->user.subuids.length = pakfire->group.subgids.length = 0xffffffff - 1;
+       else
+               pakfire->user.subuids.length = pakfire->group.subgids.length = 1;
+
+       // Read SUBUID/SUBGIDs from file
        if (!pakfire_on_root(pakfire)) {
                // Fetch SUBUIDs
                r = pakfire_getsubuid(pakfire, pakfire->user.name, &pakfire->user.subuids);