]>
Commit | Line | Data |
---|---|---|
cabb0bc6 LP |
1 | /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ |
2 | ||
3 | /*** | |
4 | This file is part of systemd. | |
5 | ||
6 | Copyright 2014 Lennart Poettering | |
7 | ||
8 | systemd is free software; you can redistribute it and/or modify it | |
9 | under the terms of the GNU Lesser General Public License as published by | |
10 | the Free Software Foundation; either version 2.1 of the License, or | |
11 | (at your option) any later version. | |
12 | ||
13 | systemd is distributed in the hope that it will be useful, but | |
14 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
16 | Lesser General Public License for more details. | |
17 | ||
18 | You should have received a copy of the GNU Lesser General Public License | |
19 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
20 | ***/ | |
21 | ||
cabb0bc6 | 22 | #include <netdb.h> |
07630cea | 23 | #include <nss.h> |
cabb0bc6 LP |
24 | |
25 | #include "sd-bus.h" | |
26 | #include "sd-login.h" | |
07630cea | 27 | |
c01ff965 | 28 | #include "bus-common-errors.h" |
07630cea | 29 | #include "bus-util.h" |
25300b5a | 30 | #include "hostname-util.h" |
07630cea LP |
31 | #include "in-addr-util.h" |
32 | #include "macro.h" | |
33 | #include "nss-util.h" | |
34 | #include "string-util.h" | |
b1d4f8e1 | 35 | #include "user-util.h" |
07630cea | 36 | #include "util.h" |
cabb0bc6 LP |
37 | |
38 | NSS_GETHOSTBYNAME_PROTOTYPES(mymachines); | |
c01ff965 LP |
39 | NSS_GETPW_PROTOTYPES(mymachines); |
40 | NSS_GETGR_PROTOTYPES(mymachines); | |
cabb0bc6 | 41 | |
0dd25fb9 | 42 | static int count_addresses(sd_bus_message *m, int af, unsigned *ret) { |
cabb0bc6 LP |
43 | unsigned c = 0; |
44 | int r; | |
45 | ||
46 | assert(m); | |
47 | assert(ret); | |
48 | ||
3a6fb33c | 49 | while ((r = sd_bus_message_enter_container(m, 'r', "iay")) > 0) { |
0dd25fb9 | 50 | int family; |
cabb0bc6 | 51 | |
0dd25fb9 | 52 | r = sd_bus_message_read(m, "i", &family); |
cabb0bc6 LP |
53 | if (r < 0) |
54 | return r; | |
55 | ||
56 | r = sd_bus_message_skip(m, "ay"); | |
57 | if (r < 0) | |
58 | return r; | |
59 | ||
60 | r = sd_bus_message_exit_container(m); | |
61 | if (r < 0) | |
62 | return r; | |
63 | ||
64 | if (af != AF_UNSPEC && family != af) | |
65 | continue; | |
66 | ||
67 | c ++; | |
68 | } | |
69 | if (r < 0) | |
70 | return r; | |
71 | ||
72 | r = sd_bus_message_rewind(m, false); | |
73 | if (r < 0) | |
74 | return r; | |
75 | ||
76 | *ret = c; | |
77 | return 0; | |
78 | } | |
79 | ||
80 | enum nss_status _nss_mymachines_gethostbyname4_r( | |
81 | const char *name, | |
82 | struct gaih_addrtuple **pat, | |
83 | char *buffer, size_t buflen, | |
84 | int *errnop, int *h_errnop, | |
85 | int32_t *ttlp) { | |
86 | ||
87 | struct gaih_addrtuple *r_tuple, *r_tuple_first = NULL; | |
88 | _cleanup_bus_message_unref_ sd_bus_message* reply = NULL; | |
03976f7b | 89 | _cleanup_bus_flush_close_unref_ sd_bus *bus = NULL; |
634af566 | 90 | _cleanup_free_ int *ifindices = NULL; |
cabb0bc6 LP |
91 | _cleanup_free_ char *class = NULL; |
92 | size_t l, ms, idx; | |
93 | unsigned i = 0, c = 0; | |
94 | char *r_name; | |
634af566 | 95 | int n_ifindices, r; |
cabb0bc6 LP |
96 | |
97 | assert(name); | |
98 | assert(pat); | |
99 | assert(buffer); | |
100 | assert(errnop); | |
101 | assert(h_errnop); | |
102 | ||
103 | r = sd_machine_get_class(name, &class); | |
104 | if (r < 0) | |
105 | goto fail; | |
106 | if (!streq(class, "container")) { | |
107 | r = -ENOTTY; | |
108 | goto fail; | |
109 | } | |
110 | ||
634af566 LP |
111 | n_ifindices = sd_machine_get_ifindices(name, &ifindices); |
112 | if (n_ifindices < 0) { | |
113 | r = n_ifindices; | |
cabb0bc6 LP |
114 | goto fail; |
115 | } | |
116 | ||
117 | r = sd_bus_open_system(&bus); | |
118 | if (r < 0) | |
119 | goto fail; | |
120 | ||
121 | r = sd_bus_call_method(bus, | |
122 | "org.freedesktop.machine1", | |
123 | "/org/freedesktop/machine1", | |
124 | "org.freedesktop.machine1.Manager", | |
125 | "GetMachineAddresses", | |
126 | NULL, | |
127 | &reply, | |
128 | "s", name); | |
129 | if (r < 0) | |
130 | goto fail; | |
131 | ||
0dd25fb9 | 132 | r = sd_bus_message_enter_container(reply, 'a', "(iay)"); |
cabb0bc6 LP |
133 | if (r < 0) |
134 | goto fail; | |
135 | ||
136 | r = count_addresses(reply, AF_UNSPEC, &c); | |
137 | if (r < 0) | |
138 | goto fail; | |
139 | ||
140 | if (c <= 0) { | |
555bd6e9 | 141 | *errnop = ESRCH; |
cabb0bc6 LP |
142 | *h_errnop = HOST_NOT_FOUND; |
143 | return NSS_STATUS_NOTFOUND; | |
144 | } | |
145 | ||
146 | l = strlen(name); | |
147 | ms = ALIGN(l+1) + ALIGN(sizeof(struct gaih_addrtuple)) * c; | |
148 | if (buflen < ms) { | |
149 | *errnop = ENOMEM; | |
555bd6e9 | 150 | *h_errnop = TRY_AGAIN; |
cabb0bc6 LP |
151 | return NSS_STATUS_TRYAGAIN; |
152 | } | |
153 | ||
154 | /* First, append name */ | |
155 | r_name = buffer; | |
156 | memcpy(r_name, name, l+1); | |
157 | idx = ALIGN(l+1); | |
158 | ||
159 | /* Second, append addresses */ | |
160 | r_tuple_first = (struct gaih_addrtuple*) (buffer + idx); | |
0dd25fb9 LP |
161 | while ((r = sd_bus_message_enter_container(reply, 'r', "iay")) > 0) { |
162 | int family; | |
cabb0bc6 LP |
163 | const void *a; |
164 | size_t sz; | |
165 | ||
0dd25fb9 | 166 | r = sd_bus_message_read(reply, "i", &family); |
cabb0bc6 LP |
167 | if (r < 0) |
168 | goto fail; | |
169 | ||
170 | r = sd_bus_message_read_array(reply, 'y', &a, &sz); | |
171 | if (r < 0) | |
172 | goto fail; | |
173 | ||
174 | r = sd_bus_message_exit_container(reply); | |
175 | if (r < 0) | |
176 | goto fail; | |
177 | ||
555bd6e9 LP |
178 | if (!IN_SET(family, AF_INET, AF_INET6)) { |
179 | r = -EAFNOSUPPORT; | |
180 | goto fail; | |
181 | } | |
182 | ||
9d485985 | 183 | if (sz != FAMILY_ADDRESS_SIZE(family)) { |
cabb0bc6 LP |
184 | r = -EINVAL; |
185 | goto fail; | |
186 | } | |
187 | ||
188 | r_tuple = (struct gaih_addrtuple*) (buffer + idx); | |
189 | r_tuple->next = i == c-1 ? NULL : (struct gaih_addrtuple*) ((char*) r_tuple + ALIGN(sizeof(struct gaih_addrtuple))); | |
190 | r_tuple->name = r_name; | |
191 | r_tuple->family = family; | |
634af566 | 192 | r_tuple->scopeid = n_ifindices == 1 ? ifindices[0] : 0; |
cabb0bc6 LP |
193 | memcpy(r_tuple->addr, a, sz); |
194 | ||
195 | idx += ALIGN(sizeof(struct gaih_addrtuple)); | |
196 | i++; | |
197 | } | |
198 | ||
199 | assert(i == c); | |
200 | ||
201 | r = sd_bus_message_exit_container(reply); | |
202 | if (r < 0) | |
203 | goto fail; | |
204 | ||
205 | assert(idx == ms); | |
206 | ||
207 | if (*pat) | |
208 | **pat = *r_tuple_first; | |
209 | else | |
210 | *pat = r_tuple_first; | |
211 | ||
212 | if (ttlp) | |
213 | *ttlp = 0; | |
214 | ||
e70df46b LP |
215 | /* Explicitly reset all error variables */ |
216 | *errnop = 0; | |
217 | *h_errnop = NETDB_SUCCESS; | |
218 | h_errno = 0; | |
219 | ||
cabb0bc6 LP |
220 | return NSS_STATUS_SUCCESS; |
221 | ||
222 | fail: | |
223 | *errnop = -r; | |
224 | *h_errnop = NO_DATA; | |
225 | return NSS_STATUS_UNAVAIL; | |
226 | } | |
227 | ||
228 | enum nss_status _nss_mymachines_gethostbyname3_r( | |
229 | const char *name, | |
230 | int af, | |
231 | struct hostent *result, | |
232 | char *buffer, size_t buflen, | |
233 | int *errnop, int *h_errnop, | |
234 | int32_t *ttlp, | |
235 | char **canonp) { | |
236 | ||
237 | _cleanup_bus_message_unref_ sd_bus_message* reply = NULL; | |
03976f7b | 238 | _cleanup_bus_flush_close_unref_ sd_bus *bus = NULL; |
cabb0bc6 LP |
239 | _cleanup_free_ char *class = NULL; |
240 | unsigned c = 0, i = 0; | |
241 | char *r_name, *r_aliases, *r_addr, *r_addr_list; | |
242 | size_t l, idx, ms, alen; | |
243 | int r; | |
244 | ||
245 | assert(name); | |
246 | assert(result); | |
247 | assert(buffer); | |
248 | assert(errnop); | |
249 | assert(h_errnop); | |
250 | ||
251 | if (af == AF_UNSPEC) | |
252 | af = AF_INET; | |
253 | ||
254 | if (af != AF_INET && af != AF_INET6) { | |
255 | r = -EAFNOSUPPORT; | |
256 | goto fail; | |
257 | } | |
258 | ||
259 | r = sd_machine_get_class(name, &class); | |
260 | if (r < 0) | |
261 | goto fail; | |
262 | if (!streq(class, "container")) { | |
263 | r = -ENOTTY; | |
264 | goto fail; | |
265 | } | |
266 | ||
267 | r = sd_bus_open_system(&bus); | |
268 | if (r < 0) | |
269 | goto fail; | |
270 | ||
271 | r = sd_bus_call_method(bus, | |
272 | "org.freedesktop.machine1", | |
273 | "/org/freedesktop/machine1", | |
274 | "org.freedesktop.machine1.Manager", | |
275 | "GetMachineAddresses", | |
276 | NULL, | |
277 | &reply, | |
278 | "s", name); | |
279 | if (r < 0) | |
280 | goto fail; | |
281 | ||
0dd25fb9 | 282 | r = sd_bus_message_enter_container(reply, 'a', "(iay)"); |
cabb0bc6 LP |
283 | if (r < 0) |
284 | goto fail; | |
285 | ||
286 | r = count_addresses(reply, af, &c); | |
287 | if (r < 0) | |
288 | goto fail; | |
289 | ||
290 | if (c <= 0) { | |
291 | *errnop = ENOENT; | |
292 | *h_errnop = HOST_NOT_FOUND; | |
293 | return NSS_STATUS_NOTFOUND; | |
294 | } | |
295 | ||
9d485985 | 296 | alen = FAMILY_ADDRESS_SIZE(af); |
cabb0bc6 LP |
297 | l = strlen(name); |
298 | ||
66a16e7e | 299 | ms = ALIGN(l+1) + c * ALIGN(alen) + (c+2) * sizeof(char*); |
cabb0bc6 LP |
300 | |
301 | if (buflen < ms) { | |
302 | *errnop = ENOMEM; | |
303 | *h_errnop = NO_RECOVERY; | |
304 | return NSS_STATUS_TRYAGAIN; | |
305 | } | |
306 | ||
307 | /* First, append name */ | |
308 | r_name = buffer; | |
309 | memcpy(r_name, name, l+1); | |
310 | idx = ALIGN(l+1); | |
311 | ||
312 | /* Second, create aliases array */ | |
313 | r_aliases = buffer + idx; | |
314 | ((char**) r_aliases)[0] = NULL; | |
315 | idx += sizeof(char*); | |
316 | ||
317 | /* Third, append addresses */ | |
318 | r_addr = buffer + idx; | |
0dd25fb9 LP |
319 | while ((r = sd_bus_message_enter_container(reply, 'r', "iay")) > 0) { |
320 | int family; | |
cabb0bc6 LP |
321 | const void *a; |
322 | size_t sz; | |
323 | ||
0dd25fb9 | 324 | r = sd_bus_message_read(reply, "i", &family); |
cabb0bc6 LP |
325 | if (r < 0) |
326 | goto fail; | |
327 | ||
328 | r = sd_bus_message_read_array(reply, 'y', &a, &sz); | |
329 | if (r < 0) | |
330 | goto fail; | |
331 | ||
332 | r = sd_bus_message_exit_container(reply); | |
333 | if (r < 0) | |
334 | goto fail; | |
335 | ||
336 | if (family != af) | |
337 | continue; | |
338 | ||
339 | if (sz != alen) { | |
340 | r = -EINVAL; | |
341 | goto fail; | |
342 | } | |
343 | ||
344 | memcpy(r_addr + i*ALIGN(alen), a, alen); | |
345 | i++; | |
346 | } | |
347 | ||
348 | assert(i == c); | |
349 | idx += c * ALIGN(alen); | |
350 | ||
351 | r = sd_bus_message_exit_container(reply); | |
352 | if (r < 0) | |
353 | goto fail; | |
354 | ||
355 | /* Third, append address pointer array */ | |
356 | r_addr_list = buffer + idx; | |
357 | for (i = 0; i < c; i++) | |
358 | ((char**) r_addr_list)[i] = r_addr + i*ALIGN(alen); | |
359 | ||
360 | ((char**) r_addr_list)[i] = NULL; | |
361 | idx += (c+1) * sizeof(char*); | |
362 | ||
363 | assert(idx == ms); | |
364 | ||
365 | result->h_name = r_name; | |
366 | result->h_aliases = (char**) r_aliases; | |
367 | result->h_addrtype = af; | |
368 | result->h_length = alen; | |
369 | result->h_addr_list = (char**) r_addr_list; | |
370 | ||
371 | if (ttlp) | |
372 | *ttlp = 0; | |
373 | ||
374 | if (canonp) | |
375 | *canonp = r_name; | |
376 | ||
e70df46b LP |
377 | /* Explicitly reset all error variables */ |
378 | *errnop = 0; | |
379 | *h_errnop = NETDB_SUCCESS; | |
380 | h_errno = 0; | |
381 | ||
cabb0bc6 LP |
382 | return NSS_STATUS_SUCCESS; |
383 | ||
384 | fail: | |
385 | *errnop = -r; | |
386 | *h_errnop = NO_DATA; | |
387 | return NSS_STATUS_UNAVAIL; | |
388 | } | |
389 | ||
c01ff965 LP |
390 | NSS_GETHOSTBYNAME_FALLBACKS(mymachines); |
391 | ||
392 | enum nss_status _nss_mymachines_getpwnam_r( | |
393 | const char *name, | |
394 | struct passwd *pwd, | |
395 | char *buffer, size_t buflen, | |
396 | int *errnop) { | |
397 | ||
398 | _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; | |
399 | _cleanup_bus_message_unref_ sd_bus_message* reply = NULL; | |
400 | _cleanup_bus_flush_close_unref_ sd_bus *bus = NULL; | |
401 | const char *p, *e, *machine; | |
402 | uint32_t mapped; | |
403 | uid_t uid; | |
404 | size_t l; | |
405 | int r; | |
406 | ||
407 | assert(name); | |
408 | assert(pwd); | |
409 | ||
410 | p = startswith(name, "vu-"); | |
411 | if (!p) | |
412 | goto not_found; | |
413 | ||
414 | e = strrchr(p, '-'); | |
415 | if (!e || e == p) | |
416 | goto not_found; | |
417 | ||
418 | r = parse_uid(e + 1, &uid); | |
419 | if (r < 0) | |
420 | goto not_found; | |
421 | ||
422 | machine = strndupa(p, e - p); | |
423 | if (!machine_name_is_valid(machine)) | |
424 | goto not_found; | |
425 | ||
426 | r = sd_bus_open_system(&bus); | |
427 | if (r < 0) | |
428 | goto fail; | |
429 | ||
430 | r = sd_bus_call_method(bus, | |
431 | "org.freedesktop.machine1", | |
432 | "/org/freedesktop/machine1", | |
433 | "org.freedesktop.machine1.Manager", | |
434 | "MapFromMachineUser", | |
435 | &error, | |
436 | &reply, | |
437 | "su", | |
438 | machine, (uint32_t) uid); | |
439 | if (r < 0) { | |
440 | if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_USER_MAPPING)) | |
441 | goto not_found; | |
442 | ||
443 | goto fail; | |
444 | } | |
445 | ||
446 | r = sd_bus_message_read(reply, "u", &mapped); | |
447 | if (r < 0) | |
448 | goto fail; | |
449 | ||
450 | l = strlen(name); | |
451 | if (buflen < l+1) { | |
452 | *errnop = ENOMEM; | |
453 | return NSS_STATUS_TRYAGAIN; | |
454 | } | |
455 | ||
456 | memcpy(buffer, name, l+1); | |
457 | ||
458 | pwd->pw_name = buffer; | |
459 | pwd->pw_uid = mapped; | |
460 | pwd->pw_gid = 65534; /* nobody */ | |
461 | pwd->pw_gecos = buffer; | |
462 | pwd->pw_passwd = (char*) "*"; /* locked */ | |
463 | pwd->pw_dir = (char*) "/"; | |
464 | pwd->pw_shell = (char*) "/sbin/nologin"; | |
465 | ||
466 | *errnop = 0; | |
467 | return NSS_STATUS_SUCCESS; | |
468 | ||
469 | not_found: | |
470 | *errnop = 0; | |
471 | return NSS_STATUS_NOTFOUND; | |
472 | ||
473 | fail: | |
474 | *errnop = -r; | |
475 | return NSS_STATUS_UNAVAIL; | |
476 | } | |
477 | ||
478 | enum nss_status _nss_mymachines_getpwuid_r( | |
479 | uid_t uid, | |
480 | struct passwd *pwd, | |
481 | char *buffer, size_t buflen, | |
482 | int *errnop) { | |
483 | ||
484 | _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; | |
485 | _cleanup_bus_message_unref_ sd_bus_message* reply = NULL; | |
486 | _cleanup_bus_flush_close_unref_ sd_bus *bus = NULL; | |
487 | const char *machine, *object; | |
488 | uint32_t mapped; | |
489 | int r; | |
490 | ||
c077529b | 491 | if (!uid_is_valid(uid)) { |
c01ff965 LP |
492 | r = -EINVAL; |
493 | goto fail; | |
494 | } | |
495 | ||
496 | /* We consider all uids < 65536 host uids */ | |
497 | if (uid < 0x10000) | |
498 | goto not_found; | |
499 | ||
500 | r = sd_bus_open_system(&bus); | |
501 | if (r < 0) | |
502 | goto fail; | |
503 | ||
504 | r = sd_bus_call_method(bus, | |
505 | "org.freedesktop.machine1", | |
506 | "/org/freedesktop/machine1", | |
507 | "org.freedesktop.machine1.Manager", | |
508 | "MapToMachineUser", | |
509 | &error, | |
510 | &reply, | |
511 | "u", | |
512 | (uint32_t) uid); | |
513 | if (r < 0) { | |
514 | if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_USER_MAPPING)) | |
515 | goto not_found; | |
516 | ||
517 | goto fail; | |
518 | } | |
519 | ||
520 | r = sd_bus_message_read(reply, "sou", &machine, &object, &mapped); | |
521 | if (r < 0) | |
522 | goto fail; | |
523 | ||
524 | if (snprintf(buffer, buflen, "vu-%s-" UID_FMT, machine, (uid_t) mapped) >= (int) buflen) { | |
525 | *errnop = ENOMEM; | |
526 | return NSS_STATUS_TRYAGAIN; | |
527 | } | |
528 | ||
529 | pwd->pw_name = buffer; | |
530 | pwd->pw_uid = uid; | |
531 | pwd->pw_gid = 65534; /* nobody */ | |
532 | pwd->pw_gecos = buffer; | |
533 | pwd->pw_passwd = (char*) "*"; /* locked */ | |
534 | pwd->pw_dir = (char*) "/"; | |
535 | pwd->pw_shell = (char*) "/sbin/nologin"; | |
536 | ||
537 | *errnop = 0; | |
538 | return NSS_STATUS_SUCCESS; | |
539 | ||
540 | not_found: | |
541 | *errnop = 0; | |
542 | return NSS_STATUS_NOTFOUND; | |
543 | ||
544 | fail: | |
545 | *errnop = -r; | |
546 | return NSS_STATUS_UNAVAIL; | |
547 | } | |
548 | ||
549 | enum nss_status _nss_mymachines_getgrnam_r( | |
550 | const char *name, | |
551 | struct group *gr, | |
552 | char *buffer, size_t buflen, | |
553 | int *errnop) { | |
554 | ||
555 | _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; | |
556 | _cleanup_bus_message_unref_ sd_bus_message* reply = NULL; | |
557 | _cleanup_bus_flush_close_unref_ sd_bus *bus = NULL; | |
558 | const char *p, *e, *machine; | |
559 | uint32_t mapped; | |
560 | uid_t gid; | |
561 | size_t l; | |
562 | int r; | |
563 | ||
564 | assert(name); | |
565 | assert(gr); | |
566 | ||
567 | p = startswith(name, "vg-"); | |
568 | if (!p) | |
569 | goto not_found; | |
570 | ||
571 | e = strrchr(p, '-'); | |
572 | if (!e || e == p) | |
573 | goto not_found; | |
574 | ||
575 | r = parse_gid(e + 1, &gid); | |
576 | if (r < 0) | |
577 | goto not_found; | |
578 | ||
579 | machine = strndupa(p, e - p); | |
580 | if (!machine_name_is_valid(machine)) | |
581 | goto not_found; | |
582 | ||
583 | r = sd_bus_open_system(&bus); | |
584 | if (r < 0) | |
585 | goto fail; | |
586 | ||
587 | r = sd_bus_call_method(bus, | |
588 | "org.freedesktop.machine1", | |
589 | "/org/freedesktop/machine1", | |
590 | "org.freedesktop.machine1.Manager", | |
591 | "MapFromMachineGroup", | |
592 | &error, | |
593 | &reply, | |
594 | "su", | |
595 | machine, (uint32_t) gid); | |
596 | if (r < 0) { | |
597 | if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_GROUP_MAPPING)) | |
598 | goto not_found; | |
599 | ||
600 | goto fail; | |
601 | } | |
602 | ||
603 | r = sd_bus_message_read(reply, "u", &mapped); | |
604 | if (r < 0) | |
605 | goto fail; | |
606 | ||
607 | l = sizeof(char*) + strlen(name) + 1; | |
608 | if (buflen < l) { | |
609 | *errnop = ENOMEM; | |
610 | return NSS_STATUS_TRYAGAIN; | |
611 | } | |
612 | ||
613 | memzero(buffer, sizeof(char*)); | |
614 | strcpy(buffer + sizeof(char*), name); | |
615 | ||
616 | gr->gr_name = buffer + sizeof(char*); | |
617 | gr->gr_gid = gid; | |
618 | gr->gr_passwd = (char*) "*"; /* locked */ | |
619 | gr->gr_mem = (char**) buffer; | |
620 | ||
621 | *errnop = 0; | |
622 | return NSS_STATUS_SUCCESS; | |
623 | ||
624 | not_found: | |
625 | *errnop = 0; | |
626 | return NSS_STATUS_NOTFOUND; | |
627 | ||
628 | fail: | |
629 | *errnop = -r; | |
630 | return NSS_STATUS_UNAVAIL; | |
631 | } | |
632 | ||
633 | enum nss_status _nss_mymachines_getgrgid_r( | |
634 | gid_t gid, | |
635 | struct group *gr, | |
636 | char *buffer, size_t buflen, | |
637 | int *errnop) { | |
638 | ||
639 | _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; | |
640 | _cleanup_bus_message_unref_ sd_bus_message* reply = NULL; | |
641 | _cleanup_bus_flush_close_unref_ sd_bus *bus = NULL; | |
642 | const char *machine, *object; | |
643 | uint32_t mapped; | |
644 | int r; | |
645 | ||
c077529b | 646 | if (!gid_is_valid(gid)) { |
c01ff965 LP |
647 | r = -EINVAL; |
648 | goto fail; | |
649 | } | |
650 | ||
651 | /* We consider all gids < 65536 host gids */ | |
652 | if (gid < 0x10000) | |
653 | goto not_found; | |
654 | ||
655 | r = sd_bus_open_system(&bus); | |
656 | if (r < 0) | |
657 | goto fail; | |
658 | ||
659 | r = sd_bus_call_method(bus, | |
660 | "org.freedesktop.machine1", | |
661 | "/org/freedesktop/machine1", | |
662 | "org.freedesktop.machine1.Manager", | |
663 | "MapToMachineGroup", | |
664 | &error, | |
665 | &reply, | |
666 | "u", | |
667 | (uint32_t) gid); | |
668 | if (r < 0) { | |
669 | if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_GROUP_MAPPING)) | |
670 | goto not_found; | |
671 | ||
672 | goto fail; | |
673 | } | |
674 | ||
675 | r = sd_bus_message_read(reply, "sou", &machine, &object, &mapped); | |
676 | if (r < 0) | |
677 | goto fail; | |
678 | ||
679 | if (buflen < sizeof(char*) + 1) { | |
680 | *errnop = ENOMEM; | |
681 | return NSS_STATUS_TRYAGAIN; | |
682 | } | |
683 | ||
684 | memzero(buffer, sizeof(char*)); | |
685 | if (snprintf(buffer + sizeof(char*), buflen - sizeof(char*), "vg-%s-" GID_FMT, machine, (gid_t) mapped) >= (int) buflen) { | |
686 | *errnop = ENOMEM; | |
687 | return NSS_STATUS_TRYAGAIN; | |
688 | } | |
689 | ||
690 | gr->gr_name = buffer + sizeof(char*); | |
691 | gr->gr_gid = gid; | |
692 | gr->gr_passwd = (char*) "*"; /* locked */ | |
693 | gr->gr_mem = (char**) buffer; | |
694 | ||
695 | *errnop = 0; | |
696 | return NSS_STATUS_SUCCESS; | |
697 | ||
698 | not_found: | |
699 | *errnop = 0; | |
700 | return NSS_STATUS_NOTFOUND; | |
701 | ||
702 | fail: | |
703 | *errnop = -r; | |
704 | return NSS_STATUS_UNAVAIL; | |
705 | } |