]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
b1d4f8e1 LP |
2 | #pragma once |
3 | ||
4 | /*** | |
5 | This file is part of systemd. | |
6 | ||
7 | Copyright 2010 Lennart Poettering | |
8 | ||
9 | systemd is free software; you can redistribute it and/or modify it | |
10 | under the terms of the GNU Lesser General Public License as published by | |
11 | the Free Software Foundation; either version 2.1 of the License, or | |
12 | (at your option) any later version. | |
13 | ||
14 | systemd is distributed in the hope that it will be useful, but | |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
17 | Lesser General Public License for more details. | |
18 | ||
19 | You should have received a copy of the GNU Lesser General Public License | |
20 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
21 | ***/ | |
22 | ||
100d5f6e FB |
23 | #include <grp.h> |
24 | #include <gshadow.h> | |
25 | #include <pwd.h> | |
26 | #include <shadow.h> | |
b1d4f8e1 | 27 | #include <stdbool.h> |
61755fda | 28 | #include <stdint.h> |
71d35b6b | 29 | #include <sys/types.h> |
ccabee0d | 30 | #include <unistd.h> |
b1d4f8e1 LP |
31 | |
32 | bool uid_is_valid(uid_t uid); | |
33 | ||
34 | static inline bool gid_is_valid(gid_t gid) { | |
35 | return uid_is_valid((uid_t) gid); | |
36 | } | |
37 | ||
38 | int parse_uid(const char *s, uid_t* ret_uid); | |
39 | ||
40 | static inline int parse_gid(const char *s, gid_t *ret_gid) { | |
41 | return parse_uid(s, (uid_t*) ret_gid); | |
42 | } | |
43 | ||
b1d4f8e1 LP |
44 | char* getlogname_malloc(void); |
45 | char* getusername_malloc(void); | |
46 | ||
47 | int get_user_creds(const char **username, uid_t *uid, gid_t *gid, const char **home, const char **shell); | |
be39ccf3 | 48 | int get_user_creds_clean(const char **username, uid_t *uid, gid_t *gid, const char **home, const char **shell); |
b1d4f8e1 LP |
49 | int get_group_creds(const char **groupname, gid_t *gid); |
50 | ||
51 | char* uid_to_name(uid_t uid); | |
52 | char* gid_to_name(gid_t gid); | |
53 | ||
54 | int in_gid(gid_t gid); | |
55 | int in_group(const char *name); | |
56 | ||
57 | int get_home_dir(char **ret); | |
58 | int get_shell(char **_ret); | |
59 | ||
60 | int reset_uid_gid(void); | |
e929bee0 LP |
61 | |
62 | int take_etc_passwd_lock(const char *root); | |
ee104e11 LP |
63 | |
64 | #define UID_INVALID ((uid_t) -1) | |
65 | #define GID_INVALID ((gid_t) -1) | |
66 | ||
3a664727 LP |
67 | #define UID_NOBODY ((uid_t) 65534U) |
68 | #define GID_NOBODY ((gid_t) 65534U) | |
69 | ||
d1e4b8fd ZJS |
70 | #define ETC_PASSWD_LOCK_PATH "/etc/.pwd.lock" |
71 | ||
61755fda ZJS |
72 | static inline bool uid_is_dynamic(uid_t uid) { |
73 | return DYNAMIC_UID_MIN <= uid && uid <= DYNAMIC_UID_MAX; | |
74 | } | |
75 | ||
83438277 LP |
76 | static inline bool gid_is_dynamic(gid_t gid) { |
77 | return uid_is_dynamic((uid_t) gid); | |
78 | } | |
79 | ||
ece877d4 LP |
80 | static inline bool uid_is_system(uid_t uid) { |
81 | return uid <= SYSTEM_UID_MAX; | |
82 | } | |
83 | ||
84 | static inline bool gid_is_system(gid_t gid) { | |
85 | return gid <= SYSTEM_GID_MAX; | |
86 | } | |
87 | ||
61755fda ZJS |
88 | /* The following macros add 1 when converting things, since UID 0 is a valid UID, while the pointer |
89 | * NULL is special */ | |
ee104e11 LP |
90 | #define PTR_TO_UID(p) ((uid_t) (((uintptr_t) (p))-1)) |
91 | #define UID_TO_PTR(u) ((void*) (((uintptr_t) (u))+1)) | |
92 | ||
93 | #define PTR_TO_GID(p) ((gid_t) (((uintptr_t) (p))-1)) | |
94 | #define GID_TO_PTR(u) ((void*) (((uintptr_t) (u))+1)) | |
ccabee0d LP |
95 | |
96 | static inline bool userns_supported(void) { | |
97 | return access("/proc/self/uid_map", F_OK) >= 0; | |
98 | } | |
e4631b48 LP |
99 | |
100 | bool valid_user_group_name(const char *u); | |
101 | bool valid_user_group_name_or_id(const char *u); | |
102 | bool valid_gecos(const char *d); | |
103 | bool valid_home(const char *p); | |
36d85478 | 104 | |
7b1aaf66 ZJS |
105 | static inline bool valid_shell(const char *p) { |
106 | /* We have the same requirements, so just piggy-back on the home check. | |
107 | * | |
108 | * Let's ignore /etc/shells because this is only applicable to real and | |
109 | * not system users. It is also incompatible with the idea of empty /etc. | |
110 | */ | |
111 | return valid_home(p); | |
112 | } | |
113 | ||
36d85478 | 114 | int maybe_setgroups(size_t size, const gid_t *list); |
24eccc34 LP |
115 | |
116 | bool synthesize_nobody(void); | |
100d5f6e FB |
117 | |
118 | int fgetpwent_sane(FILE *stream, struct passwd **pw); | |
119 | int fgetspent_sane(FILE *stream, struct spwd **sp); | |
120 | int fgetgrent_sane(FILE *stream, struct group **gr); | |
121 | int putpwent_sane(const struct passwd *pw, FILE *stream); | |
122 | int putspent_sane(const struct spwd *sp, FILE *stream); | |
123 | int putgrent_sane(const struct group *gr, FILE *stream); | |
124 | #ifdef ENABLE_GSHADOW | |
125 | int fgetsgent_sane(FILE *stream, struct sgrp **sg); | |
126 | int putsgent_sane(const struct sgrp *sg, FILE *stream); | |
127 | #endif |