[thirdparty/systemd.git] / src / basic / user-util.h

/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <stdbool.h>
#include <stdint.h>
#include <sys/types.h>
#include <unistd.h>

bool uid_is_valid(uid_t uid);

static inline bool gid_is_valid(gid_t gid) {
        return uid_is_valid((uid_t) gid);
}

int parse_uid(const char *s, uid_t* ret_uid);

static inline int parse_gid(const char *s, gid_t *ret_gid) {
        return parse_uid(s, (uid_t*) ret_gid);
}

char* getlogname_malloc(void);
char* getusername_malloc(void);

int get_user_creds(const char **username, uid_t *uid, gid_t *gid, const char **home, const char **shell);
int get_user_creds_clean(const char **username, uid_t *uid, gid_t *gid, const char **home, const char **shell);
int get_group_creds(const char **groupname, gid_t *gid);

char* uid_to_name(uid_t uid);
char* gid_to_name(gid_t gid);

int in_gid(gid_t gid);
int in_group(const char *name);

int get_home_dir(char **ret);
int get_shell(char **_ret);

int reset_uid_gid(void);

int take_etc_passwd_lock(const char *root);

#define UID_INVALID ((uid_t) -1)
#define GID_INVALID ((gid_t) -1)

/* Let's pick a UIDs within the 16bit range, so that we are compatible with containers using 16bit
 * user namespacing. At least on Fedora normal users are allocated until UID 60000, hence do not
 * allocate from below this. Also stay away from the upper end of the range as that is often used
 * for overflow/nobody users. */
#define DYNAMIC_UID_MIN ((uid_t) UINT32_C(0x0000EF00))
#define DYNAMIC_UID_MAX ((uid_t) UINT32_C(0x0000FFEF))

static inline bool uid_is_dynamic(uid_t uid) {
        return DYNAMIC_UID_MIN <= uid && uid <= DYNAMIC_UID_MAX;
}

/* The following macros add 1 when converting things, since UID 0 is a valid UID, while the pointer
 * NULL is special */
#define PTR_TO_UID(p) ((uid_t) (((uintptr_t) (p))-1))
#define UID_TO_PTR(u) ((void*) (((uintptr_t) (u))+1))

#define PTR_TO_GID(p) ((gid_t) (((uintptr_t) (p))-1))
#define GID_TO_PTR(u) ((void*) (((uintptr_t) (u))+1))

static inline bool userns_supported(void) {
        return access("/proc/self/uid_map", F_OK) >= 0;
}

bool valid_user_group_name(const char *u);
bool valid_user_group_name_or_id(const char *u);
bool valid_gecos(const char *d);
bool valid_home(const char *p);

int maybe_setgroups(size_t size, const gid_t *list);
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
b1d4f8e1 LP	2	#pragma once
	3
	4	/***
	5	This file is part of systemd.
	6
	7	Copyright 2010 Lennart Poettering
	8
	9	systemd is free software; you can redistribute it and/or modify it
	10	under the terms of the GNU Lesser General Public License as published by
	11	the Free Software Foundation; either version 2.1 of the License, or
	12	(at your option) any later version.
	13
	14	systemd is distributed in the hope that it will be useful, but
	15	WITHOUT ANY WARRANTY; without even the implied warranty of
	16	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	17	Lesser General Public License for more details.
	18
	19	You should have received a copy of the GNU Lesser General Public License
	20	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	21	***/
	22
b1d4f8e1	23	#include <stdbool.h>
61755fda	24	#include <stdint.h>
71d35b6b	25	#include <sys/types.h>
ccabee0d	26	#include <unistd.h>
b1d4f8e1 LP	27
	28	bool uid_is_valid(uid_t uid);
	29
	30	static inline bool gid_is_valid(gid_t gid) {
	31	return uid_is_valid((uid_t) gid);
	32	}
	33
	34	int parse_uid(const char s, uid_t ret_uid);
	35
	36	static inline int parse_gid(const char s, gid_t ret_gid) {
	37	return parse_uid(s, (uid_t*) ret_gid);
	38	}
	39
b1d4f8e1 LP	40	char* getlogname_malloc(void);
	41	char* getusername_malloc(void);
	42
	43	int get_user_creds(const char *username, uid_t uid, gid_t gid, const char home, const char *shell);
be39ccf3	44	int get_user_creds_clean(const char *username, uid_t uid, gid_t gid, const char home, const char *shell);
b1d4f8e1 LP	45	int get_group_creds(const char *groupname, gid_t gid);
	46
	47	char* uid_to_name(uid_t uid);
	48	char* gid_to_name(gid_t gid);
	49
	50	int in_gid(gid_t gid);
	51	int in_group(const char *name);
	52
	53	int get_home_dir(char **ret);
	54	int get_shell(char **_ret);
	55
	56	int reset_uid_gid(void);
e929bee0 LP	57
e929bee0 LP	58	int take_etc_passwd_lock(const char *root);
ee104e11 LP	59
	60	#define UID_INVALID ((uid_t) -1)
	61	#define GID_INVALID ((gid_t) -1)
	62
61755fda ZJS	63	/* Let's pick a UIDs within the 16bit range, so that we are compatible with containers using 16bit
	64	* user namespacing. At least on Fedora normal users are allocated until UID 60000, hence do not
	65	* allocate from below this. Also stay away from the upper end of the range as that is often used
	66	* for overflow/nobody users. */
	67	#define DYNAMIC_UID_MIN ((uid_t) UINT32_C(0x0000EF00))
	68	#define DYNAMIC_UID_MAX ((uid_t) UINT32_C(0x0000FFEF))
	69
	70	static inline bool uid_is_dynamic(uid_t uid) {
	71	return DYNAMIC_UID_MIN <= uid && uid <= DYNAMIC_UID_MAX;
	72	}
	73
	74	/* The following macros add 1 when converting things, since UID 0 is a valid UID, while the pointer
	75	* NULL is special */
ee104e11 LP	76	#define PTR_TO_UID(p) ((uid_t) (((uintptr_t) (p))-1))
	77	#define UID_TO_PTR(u) ((void*) (((uintptr_t) (u))+1))
	78
	79	#define PTR_TO_GID(p) ((gid_t) (((uintptr_t) (p))-1))
	80	#define GID_TO_PTR(u) ((void*) (((uintptr_t) (u))+1))
ccabee0d LP	81
	82	static inline bool userns_supported(void) {
	83	return access("/proc/self/uid_map", F_OK) >= 0;
	84	}
e4631b48 LP	85
	86	bool valid_user_group_name(const char *u);
	87	bool valid_user_group_name_or_id(const char *u);
	88	bool valid_gecos(const char *d);
	89	bool valid_home(const char *p);
36d85478 GS	90
36d85478 GS	91	int maybe_setgroups(size_t size, const gid_t *list);