]>
git.ipfire.org Git - thirdparty/systemd.git/blob - src/basic/user-util.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25 #include "user-util.h"
28 #include "string-util.h"
29 #include "path-util.h"
31 bool uid_is_valid(uid_t uid
) {
33 /* Some libc APIs use UID_INVALID as special placeholder */
34 if (uid
== (uid_t
) UINT32_C(0xFFFFFFFF))
37 /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
38 if (uid
== (uid_t
) UINT32_C(0xFFFF))
44 int parse_uid(const char *s
, uid_t
*ret
) {
50 assert_cc(sizeof(uid_t
) == sizeof(uint32_t));
51 r
= safe_atou32(s
, &uid
);
55 if (!uid_is_valid(uid
))
56 return -ENXIO
; /* we return ENXIO instead of EINVAL
57 * here, to make it easy to distuingish
58 * invalid numeric uids invalid
67 char* getlogname_malloc(void) {
71 if (isatty(STDIN_FILENO
) && fstat(STDIN_FILENO
, &st
) >= 0)
76 return uid_to_name(uid
);
79 char *getusername_malloc(void) {
86 return uid_to_name(getuid());
90 const char **username
,
91 uid_t
*uid
, gid_t
*gid
,
101 /* We enforce some special rules for uid=0: in order to avoid
102 * NSS lookups for root we hardcode its data. */
104 if (streq(*username
, "root") || streq(*username
, "0")) {
122 if (parse_uid(*username
, &u
) >= 0) {
126 /* If there are multiple users with the same id, make
127 * sure to leave $USER to the configured value instead
128 * of the first occurrence in the database. However if
129 * the uid was configured by a numeric uid, then let's
130 * pick the real username from /etc/passwd. */
132 *username
= p
->pw_name
;
135 p
= getpwnam(*username
);
139 return errno
> 0 ? -errno
: -ESRCH
;
142 if (!uid_is_valid(p
->pw_uid
))
149 if (!gid_is_valid(p
->pw_gid
))
159 *shell
= p
->pw_shell
;
164 int get_group_creds(const char **groupname
, gid_t
*gid
) {
170 /* We enforce some special rules for gid=0: in order to avoid
171 * NSS lookups for root we hardcode its data. */
173 if (streq(*groupname
, "root") || streq(*groupname
, "0")) {
182 if (parse_gid(*groupname
, &id
) >= 0) {
187 *groupname
= g
->gr_name
;
190 g
= getgrnam(*groupname
);
194 return errno
> 0 ? -errno
: -ESRCH
;
197 if (!gid_is_valid(g
->gr_gid
))
206 char* uid_to_name(uid_t uid
) {
210 /* Shortcut things to avoid NSS lookups */
212 return strdup("root");
214 if (uid_is_valid(uid
)) {
217 bufsize
= sysconf(_SC_GETPW_R_SIZE_MAX
);
222 struct passwd pwbuf
, *pw
= NULL
;
223 _cleanup_free_
char *buf
= NULL
;
225 buf
= malloc(bufsize
);
229 r
= getpwuid_r(uid
, &pwbuf
, buf
, (size_t) bufsize
, &pw
);
231 return strdup(pw
->pw_name
);
239 if (asprintf(&ret
, UID_FMT
, uid
) < 0)
245 char* gid_to_name(gid_t gid
) {
250 return strdup("root");
252 if (gid_is_valid(gid
)) {
255 bufsize
= sysconf(_SC_GETGR_R_SIZE_MAX
);
260 struct group grbuf
, *gr
= NULL
;
261 _cleanup_free_
char *buf
= NULL
;
263 buf
= malloc(bufsize
);
267 r
= getgrgid_r(gid
, &grbuf
, buf
, (size_t) bufsize
, &gr
);
269 return strdup(gr
->gr_name
);
277 if (asprintf(&ret
, GID_FMT
, gid
) < 0)
283 int in_gid(gid_t gid
) {
285 int ngroups_max
, r
, i
;
290 if (getegid() == gid
)
293 if (!gid_is_valid(gid
))
296 ngroups_max
= sysconf(_SC_NGROUPS_MAX
);
297 assert(ngroups_max
> 0);
299 gids
= alloca(sizeof(gid_t
) * ngroups_max
);
301 r
= getgroups(ngroups_max
, gids
);
305 for (i
= 0; i
< r
; i
++)
312 int in_group(const char *name
) {
316 r
= get_group_creds(&name
, &gid
);
323 int get_home_dir(char **_h
) {
331 /* Take the user specified one */
332 e
= secure_getenv("HOME");
333 if (e
&& path_is_absolute(e
)) {
342 /* Hardcode home directory for root to avoid NSS */
353 /* Check the database... */
357 return errno
> 0 ? -errno
: -ESRCH
;
359 if (!path_is_absolute(p
->pw_dir
))
362 h
= strdup(p
->pw_dir
);
370 int get_shell(char **_s
) {
378 /* Take the user specified one */
389 /* Hardcode home directory for root to avoid NSS */
392 s
= strdup("/bin/sh");
400 /* Check the database... */
404 return errno
> 0 ? -errno
: -ESRCH
;
406 if (!path_is_absolute(p
->pw_shell
))
409 s
= strdup(p
->pw_shell
);
417 int reset_uid_gid(void) {
419 if (setgroups(0, NULL
) < 0)
422 if (setresgid(0, 0, 0) < 0)
425 if (setresuid(0, 0, 0) < 0)