]>
git.ipfire.org Git - thirdparty/systemd.git/blob - src/basic/user-util.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
26 #include "parse-util.h"
27 #include "path-util.h"
28 #include "string-util.h"
29 #include "user-util.h"
32 bool uid_is_valid(uid_t uid
) {
34 /* Some libc APIs use UID_INVALID as special placeholder */
35 if (uid
== (uid_t
) UINT32_C(0xFFFFFFFF))
38 /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
39 if (uid
== (uid_t
) UINT32_C(0xFFFF))
45 int parse_uid(const char *s
, uid_t
*ret
) {
51 assert_cc(sizeof(uid_t
) == sizeof(uint32_t));
52 r
= safe_atou32(s
, &uid
);
56 if (!uid_is_valid(uid
))
57 return -ENXIO
; /* we return ENXIO instead of EINVAL
58 * here, to make it easy to distuingish
59 * invalid numeric uids invalid
68 char* getlogname_malloc(void) {
72 if (isatty(STDIN_FILENO
) && fstat(STDIN_FILENO
, &st
) >= 0)
77 return uid_to_name(uid
);
80 char *getusername_malloc(void) {
87 return uid_to_name(getuid());
91 const char **username
,
92 uid_t
*uid
, gid_t
*gid
,
102 /* We enforce some special rules for uid=0: in order to avoid
103 * NSS lookups for root we hardcode its data. */
105 if (streq(*username
, "root") || streq(*username
, "0")) {
123 if (parse_uid(*username
, &u
) >= 0) {
127 /* If there are multiple users with the same id, make
128 * sure to leave $USER to the configured value instead
129 * of the first occurrence in the database. However if
130 * the uid was configured by a numeric uid, then let's
131 * pick the real username from /etc/passwd. */
133 *username
= p
->pw_name
;
136 p
= getpwnam(*username
);
140 return errno
> 0 ? -errno
: -ESRCH
;
143 if (!uid_is_valid(p
->pw_uid
))
150 if (!gid_is_valid(p
->pw_gid
))
160 *shell
= p
->pw_shell
;
165 int get_group_creds(const char **groupname
, gid_t
*gid
) {
171 /* We enforce some special rules for gid=0: in order to avoid
172 * NSS lookups for root we hardcode its data. */
174 if (streq(*groupname
, "root") || streq(*groupname
, "0")) {
183 if (parse_gid(*groupname
, &id
) >= 0) {
188 *groupname
= g
->gr_name
;
191 g
= getgrnam(*groupname
);
195 return errno
> 0 ? -errno
: -ESRCH
;
198 if (!gid_is_valid(g
->gr_gid
))
207 char* uid_to_name(uid_t uid
) {
211 /* Shortcut things to avoid NSS lookups */
213 return strdup("root");
215 if (uid_is_valid(uid
)) {
218 bufsize
= sysconf(_SC_GETPW_R_SIZE_MAX
);
223 struct passwd pwbuf
, *pw
= NULL
;
224 _cleanup_free_
char *buf
= NULL
;
226 buf
= malloc(bufsize
);
230 r
= getpwuid_r(uid
, &pwbuf
, buf
, (size_t) bufsize
, &pw
);
232 return strdup(pw
->pw_name
);
240 if (asprintf(&ret
, UID_FMT
, uid
) < 0)
246 char* gid_to_name(gid_t gid
) {
251 return strdup("root");
253 if (gid_is_valid(gid
)) {
256 bufsize
= sysconf(_SC_GETGR_R_SIZE_MAX
);
261 struct group grbuf
, *gr
= NULL
;
262 _cleanup_free_
char *buf
= NULL
;
264 buf
= malloc(bufsize
);
268 r
= getgrgid_r(gid
, &grbuf
, buf
, (size_t) bufsize
, &gr
);
270 return strdup(gr
->gr_name
);
278 if (asprintf(&ret
, GID_FMT
, gid
) < 0)
284 int in_gid(gid_t gid
) {
286 int ngroups_max
, r
, i
;
291 if (getegid() == gid
)
294 if (!gid_is_valid(gid
))
297 ngroups_max
= sysconf(_SC_NGROUPS_MAX
);
298 assert(ngroups_max
> 0);
300 gids
= alloca(sizeof(gid_t
) * ngroups_max
);
302 r
= getgroups(ngroups_max
, gids
);
306 for (i
= 0; i
< r
; i
++)
313 int in_group(const char *name
) {
317 r
= get_group_creds(&name
, &gid
);
324 int get_home_dir(char **_h
) {
332 /* Take the user specified one */
333 e
= secure_getenv("HOME");
334 if (e
&& path_is_absolute(e
)) {
343 /* Hardcode home directory for root to avoid NSS */
354 /* Check the database... */
358 return errno
> 0 ? -errno
: -ESRCH
;
360 if (!path_is_absolute(p
->pw_dir
))
363 h
= strdup(p
->pw_dir
);
371 int get_shell(char **_s
) {
379 /* Take the user specified one */
390 /* Hardcode home directory for root to avoid NSS */
393 s
= strdup("/bin/sh");
401 /* Check the database... */
405 return errno
> 0 ? -errno
: -ESRCH
;
407 if (!path_is_absolute(p
->pw_shell
))
410 s
= strdup(p
->pw_shell
);
418 int reset_uid_gid(void) {
420 if (setgroups(0, NULL
) < 0)
423 if (setresgid(0, 0, 0) < 0)
426 if (setresuid(0, 0, 0) < 0)