From 9b50d885daabe255c9d39f598f9f624d23409d1a Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Thu, 4 May 2023 17:00:25 +0000 Subject: [PATCH] pakfire: Move SUBIDs into user/group structs Signed-off-by: Michael Tremer --- src/libpakfire/include/pakfire/pwd.h | 4 +- src/libpakfire/pakfire.c | 78 ++++++++++++---------------- src/libpakfire/pwd.c | 31 +++++------ 3 files changed, 51 insertions(+), 62 deletions(-) diff --git a/src/libpakfire/include/pakfire/pwd.h b/src/libpakfire/include/pakfire/pwd.h index b0468e769..2c38e46e8 100644 --- a/src/libpakfire/include/pakfire/pwd.h +++ b/src/libpakfire/include/pakfire/pwd.h @@ -38,8 +38,8 @@ struct passwd* pakfire_getpwuid(struct pakfire* pakfire, uid_t uid); struct group* pakfire_getgrnam(struct pakfire* pakfire, const char* name); struct group* pakfire_getgrgid(struct pakfire* pakfire, gid_t gid); -int pakfire_getsubid(struct pakfire* pakfire, const char* path, - const uid_t uid, struct pakfire_subid* subid); +int pakfire_getsubuid(struct pakfire* pakfire, const char* owner, struct pakfire_subid* subid); +int pakfire_getsubgid(struct pakfire* pakfire, const char* owner, struct pakfire_subid* subid); #endif diff --git a/src/libpakfire/pakfire.c b/src/libpakfire/pakfire.c index afe5141c2..93fd58d59 100644 --- a/src/libpakfire/pakfire.c +++ b/src/libpakfire/pakfire.c @@ -86,17 +86,15 @@ struct pakfire { uid_t uid; char name[NAME_MAX]; char home[PATH_MAX]; + struct pakfire_subid subuids; } user; struct pakfire_group { gid_t gid; char name[NAME_MAX]; + struct pakfire_subid subgids; } group; - // Mapped UID/GID - struct pakfire_subid subuid; - struct pakfire_subid subgid; - // Pool Pool* pool; @@ -185,11 +183,11 @@ gid_t pakfire_gid(struct pakfire* pakfire) { } const struct pakfire_subid* pakfire_subuid(struct pakfire* pakfire) { - return &pakfire->subuid; + return &pakfire->user.subuids; } const struct pakfire_subid* pakfire_subgid(struct pakfire* pakfire) { - return &pakfire->subgid; + return &pakfire->group.subgids; } /* @@ -794,6 +792,17 @@ static int pakfire_setup_user(struct pakfire* pakfire) { if (r) goto ERROR; + // Fetch sub UID/GIDs + if (!pakfire_on_root(pakfire)) { + r = pakfire_getsubuid(pakfire, pakfire->user.name, &pakfire->user.subuids); + if (r) + goto ERROR; + + r = pakfire_getsubgid(pakfire, pakfire->user.name, &pakfire->group.subgids); + if (r) + goto ERROR; + } + ERROR: return r; } @@ -849,16 +858,6 @@ PAKFIRE_EXPORT int pakfire_create(struct pakfire** pakfire, const char* path, pakfire_log_set_priority(p, log_priority(env)); } - // Setup user/group - r = pakfire_setup_user(p); - if (r) - goto ERROR; - - // Initialise configuration - r = pakfire_config_create(&p->config); - if (r) - goto ERROR; - // Generate a random path if none is set if (!path) { path = pakfire_mkdtemp(tempdir); @@ -874,6 +873,16 @@ PAKFIRE_EXPORT int pakfire_create(struct pakfire** pakfire, const char* path, // Set path pakfire_string_set(p->path, path); + // Setup user/group + r = pakfire_setup_user(p); + if (r) + goto ERROR; + + // Initialise configuration + r = pakfire_config_create(&p->config); + if (r) + goto ERROR; + // Read /etc/os-release r = pakfire_read_os_release(p); if (r && errno != ENOENT) @@ -888,27 +897,6 @@ PAKFIRE_EXPORT int pakfire_create(struct pakfire** pakfire, const char* path, DEBUG(p, " arch = %s\n", pakfire_get_arch(p)); DEBUG(p, " path = %s\n", pakfire_get_path(p)); - // Fetch sub UID/GIDs - if (!pakfire_on_root(p)) { - // UID - r = pakfire_getsubid(p, "/etc/subuid", p->user.uid, &p->subuid); - if (r) { - ERROR(p, "Could not fetch subuid: %m\n"); - goto ERROR; - } - - // GID - r = pakfire_getsubid(p, "/etc/subgid", p->user.uid, &p->subgid); - if (r) { - ERROR(p, "Could not fetch subgid: %m\n"); - goto ERROR; - } - - // Log - DEBUG(p, " subuid = %u - %zu\n", p->subuid.id, p->subuid.id + p->subuid.length); - DEBUG(p, " subgid = %u - %zu\n", p->subgid.id, p->subgid.id + p->subgid.length); - } - // Perform some safety checks r = pakfire_safety_checks(p); if (r) @@ -1747,7 +1735,7 @@ static const char* pakfire_user_lookup(void* data, la_int64_t uid) { DEBUG(pakfire, "Looking up name for UID %ld\n", uid); // Unmap the UID first - uid = pakfire_unmap_id(pakfire, &pakfire->subuid, uid); + uid = pakfire_unmap_id(pakfire, &pakfire->user.subuids, uid); // Fast path for "root" if (uid == 0) @@ -1771,7 +1759,7 @@ static const char* pakfire_group_lookup(void* data, la_int64_t gid) { DEBUG(pakfire, "Looking up name for GID %ld\n", gid); // Unmap the GID first - gid = pakfire_unmap_id(pakfire, &pakfire->subgid, gid); + gid = pakfire_unmap_id(pakfire, &pakfire->group.subgids, gid); // Fast path for "root" if (gid == 0) @@ -1821,18 +1809,18 @@ static la_int64_t pakfire_uid_lookup(void* data, const char* name, la_int64_t ui // Fast path for "root" if (strcmp(name, "root") == 0) - return pakfire_map_id(pakfire, &pakfire->subuid, 0); + return pakfire_map_id(pakfire, &pakfire->user.subuids, 0); // Find a matching entry in /etc/passwd struct passwd* entry = pakfire_getpwnam(pakfire, name); if (!entry) { ERROR(pakfire, "Could not retrieve UID for '%s': %m\n", name); - return pakfire_map_id(pakfire, &pakfire->subuid, 0); + return pakfire_map_id(pakfire, &pakfire->user.subuids, 0); } DEBUG(pakfire, "Mapping %s to UID %d\n", name, entry->pw_uid); - return pakfire_map_id(pakfire, &pakfire->subuid, entry->pw_uid); + return pakfire_map_id(pakfire, &pakfire->user.subuids, entry->pw_uid); } static la_int64_t pakfire_gid_lookup(void* data, const char* name, la_int64_t gid) { @@ -1842,18 +1830,18 @@ static la_int64_t pakfire_gid_lookup(void* data, const char* name, la_int64_t gi // Fast path for "root" if (strcmp(name, "root") == 0) - return pakfire_map_id(pakfire, &pakfire->subgid, 0); + return pakfire_map_id(pakfire, &pakfire->group.subgids, 0); // Find a matching entry in /etc/group struct group* entry = pakfire_getgrnam(pakfire, name); if (!entry) { ERROR(pakfire, "Could not retrieve GID for '%s': %m\n", name); - return pakfire_map_id(pakfire, &pakfire->subgid, 0); + return pakfire_map_id(pakfire, &pakfire->group.subgids, 0); } DEBUG(pakfire, "Mapping %s to GID %d\n", name, entry->gr_gid); - return pakfire_map_id(pakfire, &pakfire->subgid, entry->gr_gid); + return pakfire_map_id(pakfire, &pakfire->group.subgids, entry->gr_gid); } struct archive* pakfire_make_archive_disk_writer(struct pakfire* pakfire, int internal) { diff --git a/src/libpakfire/pwd.c b/src/libpakfire/pwd.c index e30706b59..1e8fdf201 100644 --- a/src/libpakfire/pwd.c +++ b/src/libpakfire/pwd.c @@ -225,32 +225,25 @@ ERROR: return r; } -int pakfire_getsubid(struct pakfire* pakfire, const char* path, const uid_t uid, +static int pakfire_getsubid(struct pakfire* pakfire, const char* path, const char* owner, struct pakfire_subid* subid) { struct pakfire_subid entry; int r = 1; // Do not lookup root user and set the entire available UID/GID range - if (uid == 0) { + if (!owner) { subid->id = 0; subid->length = 0xffffffff - 1; return 0; } - // Fetch information about the running user - struct passwd* passwd = getpwuid(uid); - if (!passwd) { - ERROR(pakfire, "Could not fetch passwd entry for UID %d: %m\n", uid); - return 1; - } - - DEBUG(pakfire, "Fetching SUBID from %s for %s (%d)\n", path, passwd->pw_name, uid); + DEBUG(pakfire, "Fetching SUBID from %s for %s\n", path, owner); // Open /etc/subuid FILE* f = fopen(path, "r"); if (!f) { - ERROR(pakfire, "Could not open %s: %m\n", ETC_SUBUID); + ERROR(pakfire, "Could not open %s: %m\n", path); r = 1; goto END; } @@ -261,10 +254,8 @@ int pakfire_getsubid(struct pakfire* pakfire, const char* path, const uid_t uid, if (r) goto END; - // TODO Check if name matches UID - // Check for match - if (strcmp(entry.name, passwd->pw_name) == 0) { + if (strcmp(entry.name, owner) == 0) { subid->id = entry.id; subid->length = entry.length; r = 0; @@ -274,7 +265,7 @@ int pakfire_getsubid(struct pakfire* pakfire, const char* path, const uid_t uid, } // No match found - ERROR(pakfire, "No match found for %s\n", passwd->pw_name); + ERROR(pakfire, "No match found for %s\n", owner); errno = ENOENT; r = 1; @@ -284,3 +275,13 @@ END: return r; } + +int pakfire_getsubuid(struct pakfire* pakfire, const char* owner, struct pakfire_subid* subid) { + return pakfire_getsubid(pakfire, ETC_SUBUID, owner, subid); +} + +int pakfire_getsubgid(struct pakfire* pakfire, const char* owner, struct pakfire_subid* subid) { + return pakfire_getsubid(pakfire, ETC_SUBGID, owner, subid); +} + +#endif -- 2.39.5