From: Lennart Poettering Date: Thu, 27 Feb 2025 17:26:18 +0000 (+0100) Subject: homectl: making stripping of signatures from user records optional X-Git-Tag: v258-rc1~1143^2~7 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=17f48a8cc75215d2ff18a2b8242a341dd583f2c1;p=thirdparty%2Fsystemd.git homectl: making stripping of signatures from user records optional --- diff --git a/man/homectl.xml b/man/homectl.xml index 1acb338bbb2..5d97c676a96 100644 --- a/man/homectl.xml +++ b/man/homectl.xml @@ -191,6 +191,20 @@ + + + + Takes a boolean argument. When used with create or + register, controls whether to strip cryptographic signatures from the provided + JSON user records, which has the effect of signing them with the local signing key + (local.public) instead. If this switch is set to true, added user records + hence become locally managed (and thus can be modified locally), while if it is set to false the user + records remain managed and owned by its origin (and thus cannot be modified locally). This switch + defaults to true for create and false for register. + + + + diff --git a/shell-completion/bash/homectl b/shell-completion/bash/homectl index 1b365fbb712..10100947821 100644 --- a/shell-completion/bash/homectl +++ b/shell-completion/bash/homectl @@ -113,7 +113,8 @@ _homectl() { --login-background --session-launcher --session-type - --key-name' + --key-name + --seize' ) if __contains_word "$prev" ${OPTS[ARG]}; then diff --git a/src/home/homectl.c b/src/home/homectl.c index 37b6f416f57..969aabd7983 100644 --- a/src/home/homectl.c +++ b/src/home/homectl.c @@ -100,6 +100,7 @@ static bool arg_blob_clear = false; static Hashmap *arg_blob_files = NULL; static char *arg_key_name = NULL; static bool arg_dry_run = false; +static bool arg_seize = true; STATIC_DESTRUCTOR_REGISTER(arg_identity_extra, sd_json_variant_unrefp); STATIC_DESTRUCTOR_REGISTER(arg_identity_extra_this_machine, sd_json_variant_unrefp); @@ -1183,7 +1184,7 @@ static int acquire_new_home_record(sd_json_variant *input, UserRecord **ret) { USER_RECORD_ALLOW_PER_MACHINE| USER_RECORD_STRIP_BINDING| USER_RECORD_STRIP_STATUS| - USER_RECORD_STRIP_SIGNATURE| + (arg_seize ? USER_RECORD_STRIP_SIGNATURE : USER_RECORD_ALLOW_SIGNATURE) | USER_RECORD_LOG| USER_RECORD_PERMISSIVE); if (r < 0) @@ -3001,6 +3002,8 @@ static int help(int argc, char *argv[], void *userdata) { " --prompt-new-user firstboot: Query user interactively for user\n" " to create\n" " --key-name=NAME Key name when adding a signing key\n" + " --seize=no Do not strip existing signatures of user record\n" + " when creating\n" "\n%4$sGeneral User Record Properties:%5$s\n" " -c --real-name=REALNAME Real name for user\n" " --realm=REALM Realm to create user in\n" @@ -3235,6 +3238,7 @@ static int parse_argv(int argc, char *argv[]) { ARG_DEV_SHM_LIMIT, ARG_DEFAULT_AREA, ARG_KEY_NAME, + ARG_SEIZE, }; static const struct option options[] = { @@ -3339,6 +3343,7 @@ static int parse_argv(int argc, char *argv[]) { { "dev-shm-limit", required_argument, NULL, ARG_DEV_SHM_LIMIT }, { "default-area", required_argument, NULL, ARG_DEFAULT_AREA }, { "key-name", required_argument, NULL, ARG_KEY_NAME }, + { "seize", required_argument, NULL, ARG_SEIZE }, {} }; @@ -4862,6 +4867,12 @@ static int parse_argv(int argc, char *argv[]) { break; + case ARG_SEIZE: + r = parse_boolean_argument("--seize=", optarg, &arg_seize); + if (r < 0) + return r; + break; + case '?': return -EINVAL;