1 /* SPDX-License-Identifier: LGPL-2.1+ */
10 #include <sys/types.h>
13 bool uid_is_valid(uid_t uid
);
15 static inline bool gid_is_valid(gid_t gid
) {
16 return uid_is_valid((uid_t
) gid
);
19 int parse_uid(const char *s
, uid_t
* ret_uid
);
21 static inline int parse_gid(const char *s
, gid_t
*ret_gid
) {
22 return parse_uid(s
, (uid_t
*) ret_gid
);
25 char* getlogname_malloc(void);
26 char* getusername_malloc(void);
28 typedef enum UserCredsFlags
{
29 USER_CREDS_SYNTHESIZE_FALLBACK
= 1 << 0, /* if set, only synthesize user records if database lacks them. Normally we bypass the userdb entirely for the records we can synthesize */
30 USER_CREDS_ALLOW_MISSING
= 1 << 1, /* if a numeric UID string is resolved, be OK if there's no record for it */
31 USER_CREDS_CLEAN
= 1 << 2, /* try to clean up shell and home fields with invalid data */
34 int get_user_creds(const char **username
, uid_t
*uid
, gid_t
*gid
, const char **home
, const char **shell
, UserCredsFlags flags
);
35 int get_group_creds(const char **groupname
, gid_t
*gid
, UserCredsFlags flags
);
37 char* uid_to_name(uid_t uid
);
38 char* gid_to_name(gid_t gid
);
40 int in_gid(gid_t gid
);
41 int in_group(const char *name
);
43 int get_home_dir(char **ret
);
44 int get_shell(char **_ret
);
46 int reset_uid_gid(void);
48 int take_etc_passwd_lock(const char *root
);
50 #define UID_INVALID ((uid_t) -1)
51 #define GID_INVALID ((gid_t) -1)
53 #define UID_NOBODY ((uid_t) 65534U)
54 #define GID_NOBODY ((gid_t) 65534U)
56 #define ETC_PASSWD_LOCK_PATH "/etc/.pwd.lock"
58 static inline bool uid_is_dynamic(uid_t uid
) {
59 return DYNAMIC_UID_MIN
<= uid
&& uid
<= DYNAMIC_UID_MAX
;
62 static inline bool gid_is_dynamic(gid_t gid
) {
63 return uid_is_dynamic((uid_t
) gid
);
66 static inline bool uid_is_system(uid_t uid
) {
67 return uid
<= SYSTEM_UID_MAX
;
70 static inline bool gid_is_system(gid_t gid
) {
71 return gid
<= SYSTEM_GID_MAX
;
74 /* The following macros add 1 when converting things, since UID 0 is a valid UID, while the pointer
76 #define PTR_TO_UID(p) ((uid_t) (((uintptr_t) (p))-1))
77 #define UID_TO_PTR(u) ((void*) (((uintptr_t) (u))+1))
79 #define PTR_TO_GID(p) ((gid_t) (((uintptr_t) (p))-1))
80 #define GID_TO_PTR(u) ((void*) (((uintptr_t) (u))+1))
82 static inline bool userns_supported(void) {
83 return access("/proc/self/uid_map", F_OK
) >= 0;
86 bool valid_user_group_name(const char *u
);
87 bool valid_user_group_name_or_id(const char *u
);
88 bool valid_gecos(const char *d
);
89 bool valid_home(const char *p
);
91 static inline bool valid_shell(const char *p
) {
92 /* We have the same requirements, so just piggy-back on the home check.
94 * Let's ignore /etc/shells because this is only applicable to real and
95 * not system users. It is also incompatible with the idea of empty /etc.
100 int maybe_setgroups(size_t size
, const gid_t
*list
);
102 bool synthesize_nobody(void);
104 int fgetpwent_sane(FILE *stream
, struct passwd
**pw
);
105 int fgetspent_sane(FILE *stream
, struct spwd
**sp
);
106 int fgetgrent_sane(FILE *stream
, struct group
**gr
);
107 int putpwent_sane(const struct passwd
*pw
, FILE *stream
);
108 int putspent_sane(const struct spwd
*sp
, FILE *stream
);
109 int putgrent_sane(const struct group
*gr
, FILE *stream
);
111 int fgetsgent_sane(FILE *stream
, struct sgrp
**sg
);
112 int putsgent_sane(const struct sgrp
*sg
, FILE *stream
);