]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/shared/user-record.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #14953 from yuwata/userdb-fix-groupdb
[thirdparty/systemd.git] / src / shared / user-record.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <sys/mount.h>
4
5 #include "cgroup-util.h"
6 #include "dns-domain.h"
7 #include "env-util.h"
8 #include "fs-util.h"
9 #include "hexdecoct.h"
10 #include "hostname-util.h"
11 #include "memory-util.h"
12 #include "path-util.h"
13 #include "pkcs11-util.h"
14 #include "rlimit-util.h"
15 #include "stat-util.h"
16 #include "string-table.h"
17 #include "strv.h"
18 #include "user-record.h"
19 #include "user-util.h"
20
21 #define DEFAULT_RATELIMIT_BURST 30
22 #define DEFAULT_RATELIMIT_INTERVAL_USEC (1*USEC_PER_MINUTE)
23
24 UserRecord* user_record_new(void) {
25 UserRecord *h;
26
27 h = new(UserRecord, 1);
28 if (!h)
29 return NULL;
30
31 *h = (UserRecord) {
32 .n_ref = 1,
33 .disposition = _USER_DISPOSITION_INVALID,
34 .last_change_usec = UINT64_MAX,
35 .last_password_change_usec = UINT64_MAX,
36 .umask = MODE_INVALID,
37 .nice_level = INT_MAX,
38 .not_before_usec = UINT64_MAX,
39 .not_after_usec = UINT64_MAX,
40 .locked = -1,
41 .storage = _USER_STORAGE_INVALID,
42 .access_mode = MODE_INVALID,
43 .disk_size = UINT64_MAX,
44 .disk_size_relative = UINT64_MAX,
45 .tasks_max = UINT64_MAX,
46 .memory_high = UINT64_MAX,
47 .memory_max = UINT64_MAX,
48 .cpu_weight = UINT64_MAX,
49 .io_weight = UINT64_MAX,
50 .uid = UID_INVALID,
51 .gid = GID_INVALID,
52 .nodev = true,
53 .nosuid = true,
54 .luks_discard = -1,
55 .luks_volume_key_size = UINT64_MAX,
56 .luks_pbkdf_time_cost_usec = UINT64_MAX,
57 .luks_pbkdf_memory_cost = UINT64_MAX,
58 .luks_pbkdf_parallel_threads = UINT64_MAX,
59 .disk_usage = UINT64_MAX,
60 .disk_free = UINT64_MAX,
61 .disk_ceiling = UINT64_MAX,
62 .disk_floor = UINT64_MAX,
63 .signed_locally = -1,
64 .good_authentication_counter = UINT64_MAX,
65 .bad_authentication_counter = UINT64_MAX,
66 .last_good_authentication_usec = UINT64_MAX,
67 .last_bad_authentication_usec = UINT64_MAX,
68 .ratelimit_begin_usec = UINT64_MAX,
69 .ratelimit_count = UINT64_MAX,
70 .ratelimit_interval_usec = UINT64_MAX,
71 .ratelimit_burst = UINT64_MAX,
72 .removable = -1,
73 .enforce_password_policy = -1,
74 .auto_login = -1,
75 .stop_delay_usec = UINT64_MAX,
76 .kill_processes = -1,
77 .password_change_min_usec = UINT64_MAX,
78 .password_change_max_usec = UINT64_MAX,
79 .password_change_warn_usec = UINT64_MAX,
80 .password_change_inactive_usec = UINT64_MAX,
81 .password_change_now = -1,
82 .pkcs11_protected_authentication_path_permitted = -1,
83 };
84
85 return h;
86 }
87
88 static void pkcs11_encrypted_key_done(Pkcs11EncryptedKey *k) {
89 if (!k)
90 return;
91
92 free(k->uri);
93 erase_and_free(k->data);
94 erase_and_free(k->hashed_password);
95 }
96
97 static UserRecord* user_record_free(UserRecord *h) {
98 if (!h)
99 return NULL;
100
101 free(h->user_name);
102 free(h->realm);
103 free(h->user_name_and_realm_auto);
104 free(h->real_name);
105 free(h->email_address);
106 erase_and_free(h->password_hint);
107 free(h->location);
108 free(h->icon_name);
109
110 free(h->shell);
111
112 strv_free(h->environment);
113 free(h->time_zone);
114 free(h->preferred_language);
115 rlimit_free_all(h->rlimits);
116
117 free(h->skeleton_directory);
118
119 strv_free_erase(h->hashed_password);
120 strv_free_erase(h->ssh_authorized_keys);
121 strv_free_erase(h->password);
122 strv_free_erase(h->pkcs11_pin);
123
124 free(h->cifs_service);
125 free(h->cifs_user_name);
126 free(h->cifs_domain);
127
128 free(h->image_path);
129 free(h->image_path_auto);
130 free(h->home_directory);
131 free(h->home_directory_auto);
132
133 strv_free(h->member_of);
134
135 free(h->file_system_type);
136 free(h->luks_cipher);
137 free(h->luks_cipher_mode);
138 free(h->luks_pbkdf_hash_algorithm);
139 free(h->luks_pbkdf_type);
140
141 free(h->state);
142 free(h->service);
143
144 strv_free(h->pkcs11_token_uri);
145 for (size_t i = 0; i < h->n_pkcs11_encrypted_key; i++)
146 pkcs11_encrypted_key_done(h->pkcs11_encrypted_key + i);
147 free(h->pkcs11_encrypted_key);
148
149 json_variant_unref(h->json);
150
151 return mfree(h);
152 }
153
154 DEFINE_TRIVIAL_REF_UNREF_FUNC(UserRecord, user_record, user_record_free);
155
156 int json_dispatch_realm(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
157 char **s = userdata;
158 const char *n;
159 int r;
160
161 if (json_variant_is_null(variant)) {
162 *s = mfree(*s);
163 return 0;
164 }
165
166 if (!json_variant_is_string(variant))
167 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
168
169 n = json_variant_string(variant);
170 r = dns_name_is_valid(n);
171 if (r < 0)
172 return json_log(variant, flags, r, "Failed to check if JSON field '%s' is a valid DNS domain.", strna(name));
173 if (r == 0)
174 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid DNS domain.", strna(name));
175
176 r = free_and_strdup(s, n);
177 if (r < 0)
178 return json_log(variant, flags, r, "Failed to allocate string: %m");
179
180 return 0;
181 }
182
183 static int json_dispatch_gecos(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
184 char **s = userdata;
185 const char *n;
186 int r;
187
188 if (json_variant_is_null(variant)) {
189 *s = mfree(*s);
190 return 0;
191 }
192
193 if (!json_variant_is_string(variant))
194 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
195
196 n = json_variant_string(variant);
197 if (!valid_gecos(n))
198 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid GECOS compatible real name.", strna(name));
199
200 r = free_and_strdup(s, n);
201 if (r < 0)
202 return json_log(variant, flags, r, "Failed to allocate string: %m");
203
204 return 0;
205 }
206
207 static int json_dispatch_nice(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
208 int *nl = userdata;
209 intmax_t m;
210
211 if (json_variant_is_null(variant)) {
212 *nl = INT_MAX;
213 return 0;
214 }
215
216 if (!json_variant_is_integer(variant))
217 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
218
219 m = json_variant_integer(variant);
220 if (m < PRIO_MIN || m >= PRIO_MAX)
221 return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), "JSON field '%s' is not a valid nice level.", strna(name));
222
223 *nl = m;
224 return 0;
225 }
226
227 static int json_dispatch_rlimit_value(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
228 rlim_t *ret = userdata;
229
230 if (json_variant_is_null(variant))
231 *ret = RLIM_INFINITY;
232 else if (json_variant_is_unsigned(variant)) {
233 uintmax_t w;
234
235 w = json_variant_unsigned(variant);
236 if (w == RLIM_INFINITY || (uintmax_t) w != json_variant_unsigned(variant))
237 return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), "Resource limit value '%s' is out of range.", name);
238
239 *ret = (rlim_t) w;
240 } else
241 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit value '%s' is not an unsigned integer.", name);
242
243 return 0;
244 }
245
246 static int json_dispatch_rlimits(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
247 struct rlimit** limits = userdata;
248 JsonVariant *value;
249 const char *key;
250 int r;
251
252 assert_se(limits);
253
254 if (json_variant_is_null(variant)) {
255 rlimit_free_all(limits);
256 return 0;
257 }
258
259 if (!json_variant_is_object(variant))
260 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an object.", strna(name));
261
262 JSON_VARIANT_OBJECT_FOREACH(key, value, variant) {
263 JsonVariant *jcur, *jmax;
264 struct rlimit rl;
265 const char *p;
266 int l;
267
268 p = startswith(key, "RLIMIT_");
269 if (!p)
270 l = -1;
271 else
272 l = rlimit_from_string(p);
273 if (l < 0)
274 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' not known.", key);
275
276 if (!json_variant_is_object(value))
277 return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' has invalid value.", key);
278
279 if (json_variant_elements(value) != 4)
280 return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' value is does not have two fields as expected.", key);
281
282 jcur = json_variant_by_key(value, "cur");
283 if (!jcur)
284 return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' lacks 'cur' field.", key);
285 r = json_dispatch_rlimit_value("cur", jcur, flags, &rl.rlim_cur);
286 if (r < 0)
287 return r;
288
289 jmax = json_variant_by_key(value, "max");
290 if (!jmax)
291 return json_log(value, flags, SYNTHETIC_ERRNO(EINVAL), "Resource limit '%s' lacks 'max' field.", key);
292 r = json_dispatch_rlimit_value("max", jmax, flags, &rl.rlim_max);
293 if (r < 0)
294 return r;
295
296 if (limits[l])
297 *(limits[l]) = rl;
298 else {
299 limits[l] = newdup(struct rlimit, &rl, 1);
300 if (!limits[l])
301 return log_oom();
302 }
303 }
304
305 return 0;
306 }
307
308 static int json_dispatch_filename_or_path(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
309 char **s = userdata;
310 const char *n;
311 int r;
312
313 assert(s);
314
315 if (json_variant_is_null(variant)) {
316 *s = mfree(*s);
317 return 0;
318 }
319
320 if (!json_variant_is_string(variant))
321 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
322
323 n = json_variant_string(variant);
324 if (!filename_is_valid(n) && !path_is_normalized(n))
325 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid file name or normalized path.", strna(name));
326
327 r = free_and_strdup(s, n);
328 if (r < 0)
329 return json_log(variant, flags, r, "Failed to allocate string: %m");
330
331 return 0;
332 }
333
334 static int json_dispatch_path(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
335 char **s = userdata;
336 const char *n;
337 int r;
338
339 if (json_variant_is_null(variant)) {
340 *s = mfree(*s);
341 return 0;
342 }
343
344 if (!json_variant_is_string(variant))
345 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
346
347 n = json_variant_string(variant);
348 if (!path_is_normalized(n))
349 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a normalized file system path.", strna(name));
350 if (!path_is_absolute(n))
351 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an absolute file system path.", strna(name));
352
353 r = free_and_strdup(s, n);
354 if (r < 0)
355 return json_log(variant, flags, r, "Failed to allocate string: %m");
356
357 return 0;
358 }
359
360 static int json_dispatch_home_directory(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
361 char **s = userdata;
362 const char *n;
363 int r;
364
365 if (json_variant_is_null(variant)) {
366 *s = mfree(*s);
367 return 0;
368 }
369
370 if (!json_variant_is_string(variant))
371 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
372
373 n = json_variant_string(variant);
374 if (!valid_home(n))
375 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid home directory path.", strna(name));
376
377 r = free_and_strdup(s, n);
378 if (r < 0)
379 return json_log(variant, flags, r, "Failed to allocate string: %m");
380
381 return 0;
382 }
383
384 static int json_dispatch_image_path(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
385 char **s = userdata;
386 const char *n;
387 int r;
388
389 if (json_variant_is_null(variant)) {
390 *s = mfree(*s);
391 return 0;
392 }
393
394 if (!json_variant_is_string(variant))
395 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
396
397 n = json_variant_string(variant);
398 if (empty_or_root(n) || !path_is_valid(n) || !path_is_absolute(n))
399 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid image path.", strna(name));
400
401 r = free_and_strdup(s, n);
402 if (r < 0)
403 return json_log(variant, flags, r, "Failed to allocate string: %m");
404
405 return 0;
406 }
407
408 static int json_dispatch_umask(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
409 mode_t *m = userdata;
410 uintmax_t k;
411
412 if (json_variant_is_null(variant)) {
413 *m = (mode_t) -1;
414 return 0;
415 }
416
417 if (!json_variant_is_unsigned(variant))
418 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a number.", strna(name));
419
420 k = json_variant_unsigned(variant);
421 if (k > 0777)
422 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' outside of valid range 0…0777.", strna(name));
423
424 *m = (mode_t) k;
425 return 0;
426 }
427
428 static int json_dispatch_access_mode(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
429 mode_t *m = userdata;
430 uintmax_t k;
431
432 if (json_variant_is_null(variant)) {
433 *m = (mode_t) -1;
434 return 0;
435 }
436
437 if (!json_variant_is_unsigned(variant))
438 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a number.", strna(name));
439
440 k = json_variant_unsigned(variant);
441 if (k > 07777)
442 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' outside of valid range 0…07777.", strna(name));
443
444 *m = (mode_t) k;
445 return 0;
446 }
447
448 static int json_dispatch_environment(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
449 _cleanup_strv_free_ char **n = NULL;
450 char ***l = userdata;
451 size_t i;
452 int r;
453
454 if (json_variant_is_null(variant)) {
455 *l = strv_free(*l);
456 return 0;
457 }
458
459 if (!json_variant_is_array(variant))
460 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array.", strna(name));
461
462 for (i = 0; i < json_variant_elements(variant); i++) {
463 _cleanup_free_ char *c = NULL;
464 JsonVariant *e;
465 const char *a;
466
467 e = json_variant_by_index(variant, i);
468 if (!json_variant_is_string(e))
469 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of strings.", strna(name));
470
471 assert_se(a = json_variant_string(e));
472
473 if (!env_assignment_is_valid(a))
474 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of environment variables.", strna(name));
475
476 c = strdup(a);
477 if (!c)
478 return json_log_oom(variant, flags);
479
480 r = strv_env_replace(&n, c);
481 if (r < 0)
482 return json_log_oom(variant, flags);
483
484 c = NULL;
485 }
486
487 strv_free_and_replace(*l, n);
488 return 0;
489 }
490
491 int json_dispatch_user_disposition(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
492 UserDisposition *disposition = userdata, k;
493
494 if (json_variant_is_null(variant)) {
495 *disposition = _USER_DISPOSITION_INVALID;
496 return 0;
497 }
498
499 if (!json_variant_is_string(variant))
500 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
501
502 k = user_disposition_from_string(json_variant_string(variant));
503 if (k < 0)
504 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "Disposition type '%s' not known.", json_variant_string(variant));
505
506 *disposition = k;
507 return 0;
508 }
509
510 static int json_dispatch_storage(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
511 UserStorage *storage = userdata, k;
512
513 if (json_variant_is_null(variant)) {
514 *storage = _USER_STORAGE_INVALID;
515 return 0;
516 }
517
518 if (!json_variant_is_string(variant))
519 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
520
521 k = user_storage_from_string(json_variant_string(variant));
522 if (k < 0)
523 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "Storage type '%s' not known.", json_variant_string(variant));
524
525 *storage = k;
526 return 0;
527 }
528
529 static int json_dispatch_disk_size(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
530 uint64_t *size = userdata;
531 uintmax_t k;
532
533 if (json_variant_is_null(variant)) {
534 *size = UINT64_MAX;
535 return 0;
536 }
537
538 if (!json_variant_is_unsigned(variant))
539 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an integer.", strna(name));
540
541 k = json_variant_unsigned(variant);
542 if (k < USER_DISK_SIZE_MIN || k > USER_DISK_SIZE_MAX)
543 return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), "JSON field '%s' is not in valid range %" PRIu64 "…%" PRIu64 ".", strna(name), USER_DISK_SIZE_MIN, USER_DISK_SIZE_MAX);
544
545 *size = k;
546 return 0;
547 }
548
549 static int json_dispatch_tasks_or_memory_max(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
550 uint64_t *limit = userdata;
551 uintmax_t k;
552
553 if (json_variant_is_null(variant)) {
554 *limit = UINT64_MAX;
555 return 0;
556 }
557
558 if (!json_variant_is_unsigned(variant))
559 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a integer.", strna(name));
560
561 k = json_variant_unsigned(variant);
562 if (k <= 0 || k >= UINT64_MAX)
563 return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), "JSON field '%s' is not in valid range %" PRIu64 "…%" PRIu64 ".", strna(name), (uint64_t) 1, UINT64_MAX-1);
564
565 *limit = k;
566 return 0;
567 }
568
569 static int json_dispatch_weight(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
570 uint64_t *weight = userdata;
571 uintmax_t k;
572
573 if (json_variant_is_null(variant)) {
574 *weight = UINT64_MAX;
575 return 0;
576 }
577
578 if (!json_variant_is_unsigned(variant))
579 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a integer.", strna(name));
580
581 k = json_variant_unsigned(variant);
582 if (k <= CGROUP_WEIGHT_MIN || k >= CGROUP_WEIGHT_MAX)
583 return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), "JSON field '%s' is not in valid range %" PRIu64 "…%" PRIu64 ".", strna(name), (uint64_t) CGROUP_WEIGHT_MIN, (uint64_t) CGROUP_WEIGHT_MAX);
584
585 *weight = k;
586 return 0;
587 }
588
589 int json_dispatch_user_group_list(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
590 _cleanup_strv_free_ char **l = NULL;
591 char ***list = userdata;
592 JsonVariant *e;
593 int r;
594
595 if (!json_variant_is_array(variant))
596 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of strings.", strna(name));
597
598 JSON_VARIANT_ARRAY_FOREACH(e, variant) {
599
600 if (!json_variant_is_string(e))
601 return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not a string.");
602
603 if (!valid_user_group_name_compat(json_variant_string(e)))
604 return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not a valid user/group name: %s", json_variant_string(e));
605
606 r = strv_extend(&l, json_variant_string(e));
607 if (r < 0)
608 return json_log(e, flags, r, "Failed to append array element: %m");
609 }
610
611 r = strv_extend_strv(list, l, true);
612 if (r < 0)
613 return json_log(variant, flags, r, "Failed to merge user/group arrays: %m");
614
615 return 0;
616 }
617
618 static int dispatch_secret(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
619
620 static const JsonDispatch secret_dispatch_table[] = {
621 { "password", _JSON_VARIANT_TYPE_INVALID, json_dispatch_strv, offsetof(UserRecord, password), 0 },
622 { "pkcs11Pin", _JSON_VARIANT_TYPE_INVALID, json_dispatch_strv, offsetof(UserRecord, pkcs11_pin), 0 },
623 { "pkcs11ProtectedAuthenticationPathPermitted", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, pkcs11_protected_authentication_path_permitted), 0 },
624 {},
625 };
626
627 return json_dispatch(variant, secret_dispatch_table, NULL, flags, userdata);
628 }
629
630 static int dispatch_pkcs11_uri(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
631 char **s = userdata;
632 const char *n;
633 int r;
634
635 if (json_variant_is_null(variant)) {
636 *s = mfree(*s);
637 return 0;
638 }
639
640 if (!json_variant_is_string(variant))
641 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
642
643 n = json_variant_string(variant);
644 if (!pkcs11_uri_valid(n))
645 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid RFC7512 PKCS#11 URI.", strna(name));
646
647 r = free_and_strdup(s, n);
648 if (r < 0)
649 return json_log(variant, flags, r, "Failed to allocate string: %m");
650
651 return 0;
652 }
653
654 static int dispatch_pkcs11_uri_array(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
655 _cleanup_strv_free_ char **z = NULL;
656 char ***l = userdata;
657 JsonVariant *e;
658 int r;
659
660 if (json_variant_is_null(variant)) {
661 *l = strv_free(*l);
662 return 0;
663 }
664
665 if (json_variant_is_string(variant)) {
666 const char *n;
667
668 n = json_variant_string(variant);
669 if (!pkcs11_uri_valid(n))
670 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a valid RFC7512 PKCS#11 URI.", strna(name));
671
672 z = strv_new(n);
673 if (!z)
674 return log_oom();
675
676 } else {
677
678 if (!json_variant_is_array(variant))
679 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string or array of strings.", strna(name));
680
681 JSON_VARIANT_ARRAY_FOREACH(e, variant) {
682 const char *n;
683
684 if (!json_variant_is_string(e))
685 return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not a string.");
686
687 n = json_variant_string(e);
688 if (!pkcs11_uri_valid(n))
689 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element in '%s' is not a valid RFC7512 PKCS#11 URI: %s", strna(name), n);
690
691 r = strv_extend(&z, n);
692 if (r < 0)
693 return log_oom();
694 }
695 }
696
697 strv_free_and_replace(*l, z);
698 return 0;
699 }
700
701 static int dispatch_pkcs11_key_data(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
702 Pkcs11EncryptedKey *k = userdata;
703 size_t l;
704 void *b;
705 int r;
706
707 if (json_variant_is_null(variant)) {
708 k->data = mfree(k->data);
709 k->size = 0;
710 return 0;
711 }
712
713 if (!json_variant_is_string(variant))
714 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
715
716 r = unbase64mem(json_variant_string(variant), (size_t) -1, &b, &l);
717 if (r < 0)
718 return json_log(variant, flags, r, "Failed to decode encrypted PKCS#11 key: %m");
719
720 erase_and_free(k->data);
721 k->data = b;
722 k->size = l;
723
724 return 0;
725 }
726
727 static int dispatch_pkcs11_key(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
728 UserRecord *h = userdata;
729 JsonVariant *e;
730 int r;
731
732 if (!json_variant_is_array(variant))
733 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of objects.", strna(name));
734
735 JSON_VARIANT_ARRAY_FOREACH(e, variant) {
736 Pkcs11EncryptedKey *array, *k;
737
738 static const JsonDispatch pkcs11_key_dispatch_table[] = {
739 { "uri", JSON_VARIANT_STRING, dispatch_pkcs11_uri, offsetof(Pkcs11EncryptedKey, uri), JSON_MANDATORY },
740 { "data", JSON_VARIANT_STRING, dispatch_pkcs11_key_data, 0, JSON_MANDATORY },
741 { "hashedPassword", JSON_VARIANT_STRING, json_dispatch_string, offsetof(Pkcs11EncryptedKey, hashed_password), JSON_MANDATORY },
742 {},
743 };
744
745 if (!json_variant_is_object(e))
746 return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "JSON array element is not an object.");
747
748 array = reallocarray(h->pkcs11_encrypted_key, h->n_pkcs11_encrypted_key + 1, sizeof(Pkcs11EncryptedKey));
749 if (!array)
750 return log_oom();
751
752 h->pkcs11_encrypted_key = array;
753 k = h->pkcs11_encrypted_key + h->n_pkcs11_encrypted_key;
754 *k = (Pkcs11EncryptedKey) {};
755
756 r = json_dispatch(e, pkcs11_key_dispatch_table, NULL, flags, k);
757 if (r < 0) {
758 pkcs11_encrypted_key_done(k);
759 return r;
760 }
761
762 h->n_pkcs11_encrypted_key++;
763 }
764
765 return 0;
766 }
767
768 static int dispatch_privileged(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
769
770 static const JsonDispatch privileged_dispatch_table[] = {
771 { "passwordHint", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, password_hint), 0 },
772 { "hashedPassword", _JSON_VARIANT_TYPE_INVALID, json_dispatch_strv, offsetof(UserRecord, hashed_password), JSON_SAFE },
773 { "sshAuthorizedKeys", _JSON_VARIANT_TYPE_INVALID, json_dispatch_strv, offsetof(UserRecord, ssh_authorized_keys), 0 },
774 { "pkcs11EncryptedKey", JSON_VARIANT_ARRAY, dispatch_pkcs11_key, 0, 0 },
775 {},
776 };
777
778 return json_dispatch(variant, privileged_dispatch_table, NULL, flags, userdata);
779 }
780
781 static int dispatch_binding(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
782
783 static const JsonDispatch binding_dispatch_table[] = {
784 { "imagePath", JSON_VARIANT_STRING, json_dispatch_image_path, offsetof(UserRecord, image_path), 0 },
785 { "homeDirectory", JSON_VARIANT_STRING, json_dispatch_home_directory, offsetof(UserRecord, home_directory), 0 },
786 { "partitionUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, partition_uuid), 0 },
787 { "luksUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, luks_uuid), 0 },
788 { "fileSystemUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, file_system_uuid), 0 },
789 { "uid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, uid), 0 },
790 { "gid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, gid), 0 },
791 { "storage", JSON_VARIANT_STRING, json_dispatch_storage, offsetof(UserRecord, storage), 0 },
792 { "fileSystemType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, file_system_type), JSON_SAFE },
793 { "luksCipher", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher), JSON_SAFE },
794 { "luksCipherMode", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher_mode), JSON_SAFE },
795 { "luksVolumeKeySize", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_volume_key_size), 0 },
796 {},
797 };
798
799 char smid[SD_ID128_STRING_MAX];
800 JsonVariant *m;
801 sd_id128_t mid;
802 int r;
803
804 if (!variant)
805 return 0;
806
807 if (!json_variant_is_object(variant))
808 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an object.", strna(name));
809
810 r = sd_id128_get_machine(&mid);
811 if (r < 0)
812 return json_log(variant, flags, r, "Failed to determine machine ID: %m");
813
814 m = json_variant_by_key(variant, sd_id128_to_string(mid, smid));
815 if (!m)
816 return 0;
817
818 return json_dispatch(m, binding_dispatch_table, NULL, flags, userdata);
819 }
820
821 int per_machine_id_match(JsonVariant *ids, JsonDispatchFlags flags) {
822 sd_id128_t mid;
823 int r;
824
825 r = sd_id128_get_machine(&mid);
826 if (r < 0)
827 return json_log(ids, flags, r, "Failed to acquire machine ID: %m");
828
829 if (json_variant_is_string(ids)) {
830 sd_id128_t k;
831
832 r = sd_id128_from_string(json_variant_string(ids), &k);
833 if (r < 0) {
834 json_log(ids, flags, r, "%s is not a valid machine ID, ignoring: %m", json_variant_string(ids));
835 return 0;
836 }
837
838 return sd_id128_equal(mid, k);
839 }
840
841 if (json_variant_is_array(ids)) {
842 JsonVariant *e;
843
844 JSON_VARIANT_ARRAY_FOREACH(e, ids) {
845 sd_id128_t k;
846
847 if (!json_variant_is_string(e)) {
848 json_log(e, flags, 0, "Machine ID is not a string, ignoring: %m");
849 continue;
850 }
851
852 r = sd_id128_from_string(json_variant_string(e), &k);
853 if (r < 0) {
854 json_log(e, flags, r, "%s is not a valid machine ID, ignoring: %m", json_variant_string(e));
855 continue;
856 }
857
858 if (sd_id128_equal(mid, k))
859 return true;
860 }
861
862 return false;
863 }
864
865 json_log(ids, flags, 0, "Machine ID is not a string or array of strings, ignoring: %m");
866 return false;
867 }
868
869 int per_machine_hostname_match(JsonVariant *hns, JsonDispatchFlags flags) {
870 _cleanup_free_ char *hn = NULL;
871 int r;
872
873 r = gethostname_strict(&hn);
874 if (r == -ENXIO) {
875 json_log(hns, flags, r, "No hostname set, not matching perMachine hostname record: %m");
876 return false;
877 }
878 if (r < 0)
879 return json_log(hns, flags, r, "Failed to acquire hostname: %m");
880
881 if (json_variant_is_string(hns))
882 return streq(json_variant_string(hns), hn);
883
884 if (json_variant_is_array(hns)) {
885 JsonVariant *e;
886
887 JSON_VARIANT_ARRAY_FOREACH(e, hns) {
888
889 if (!json_variant_is_string(e)) {
890 json_log(e, flags, 0, "Hostname is not a string, ignoring: %m");
891 continue;
892 }
893
894 if (streq(json_variant_string(hns), hn))
895 return true;
896 }
897
898 return false;
899 }
900
901 json_log(hns, flags, 0, "Hostname is not a string or array of strings, ignoring: %m");
902 return false;
903 }
904
905 static int dispatch_per_machine(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
906
907 static const JsonDispatch per_machine_dispatch_table[] = {
908 { "matchMachineId", _JSON_VARIANT_TYPE_INVALID, NULL, 0, 0 },
909 { "matchHostname", _JSON_VARIANT_TYPE_INVALID, NULL, 0, 0 },
910 { "iconName", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, icon_name), JSON_SAFE },
911 { "location", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, location), 0 },
912 { "shell", JSON_VARIANT_STRING, json_dispatch_filename_or_path, offsetof(UserRecord, shell), 0 },
913 { "umask", JSON_VARIANT_UNSIGNED, json_dispatch_umask, offsetof(UserRecord, umask), 0 },
914 { "environment", JSON_VARIANT_ARRAY, json_dispatch_environment, offsetof(UserRecord, environment), 0 },
915 { "timeZone", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, time_zone), JSON_SAFE },
916 { "preferredLanguage", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, preferred_language), JSON_SAFE },
917 { "niceLevel", _JSON_VARIANT_TYPE_INVALID, json_dispatch_nice, offsetof(UserRecord, nice_level), 0 },
918 { "resourceLimits", _JSON_VARIANT_TYPE_INVALID, json_dispatch_rlimits, offsetof(UserRecord, rlimits), 0 },
919 { "locked", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, locked), 0 },
920 { "notBeforeUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, not_before_usec), 0 },
921 { "notAfterUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, not_after_usec), 0 },
922 { "storage", JSON_VARIANT_STRING, json_dispatch_storage, offsetof(UserRecord, storage), 0 },
923 { "diskSize", JSON_VARIANT_UNSIGNED, json_dispatch_disk_size, offsetof(UserRecord, disk_size), 0 },
924 { "diskSizeRelative", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_size_relative), 0 },
925 { "skeletonDirectory", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, skeleton_directory), 0 },
926 { "accessMode", JSON_VARIANT_UNSIGNED, json_dispatch_access_mode, offsetof(UserRecord, access_mode), 0 },
927 { "tasksMax", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, tasks_max), 0 },
928 { "memoryHigh", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, memory_high), 0 },
929 { "memoryMax", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, memory_max), 0 },
930 { "cpuWeight", JSON_VARIANT_UNSIGNED, json_dispatch_weight, offsetof(UserRecord, cpu_weight), 0 },
931 { "ioWeight", JSON_VARIANT_UNSIGNED, json_dispatch_weight, offsetof(UserRecord, io_weight), 0 },
932 { "mountNoDevices", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, nodev), 0 },
933 { "mountNoSuid", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, nosuid), 0 },
934 { "mountNoExecute", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, noexec), 0 },
935 { "cifsDomain", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_domain), JSON_SAFE },
936 { "cifsUserName", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_user_name), JSON_SAFE },
937 { "cifsService", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_service), JSON_SAFE },
938 { "imagePath", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, image_path), 0 },
939 { "uid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, uid), 0 },
940 { "gid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, gid), 0 },
941 { "memberOf", JSON_VARIANT_ARRAY, json_dispatch_user_group_list, offsetof(UserRecord, member_of), 0 },
942 { "fileSystemType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, file_system_type), JSON_SAFE },
943 { "partitionUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, partition_uuid), 0 },
944 { "luksUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, luks_uuid), 0 },
945 { "fileSystemUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, file_system_uuid), 0 },
946 { "luksDiscard", _JSON_VARIANT_TYPE_INVALID, json_dispatch_tristate, offsetof(UserRecord, luks_discard), 0, },
947 { "luksCipher", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher), JSON_SAFE },
948 { "luksCipherMode", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher_mode), JSON_SAFE },
949 { "luksVolumeKeySize", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_volume_key_size), 0 },
950 { "luksPbkdfHashAlgorithm", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_pbkdf_hash_algorithm), JSON_SAFE },
951 { "luksPbkdfType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_pbkdf_type), JSON_SAFE },
952 { "luksPbkdfTimeCostUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_time_cost_usec), 0 },
953 { "luksPbkdfMemoryCost", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_memory_cost), 0 },
954 { "luksPbkdfParallelThreads", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_parallel_threads), 0 },
955 { "rateLimitIntervalUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, ratelimit_interval_usec), 0 },
956 { "rateLimitBurst", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, ratelimit_burst), 0 },
957 { "enforcePasswordPolicy", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, enforce_password_policy), 0 },
958 { "autoLogin", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, auto_login), 0 },
959 { "stopDelayUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, stop_delay_usec), 0 },
960 { "killProcesses", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, kill_processes), 0 },
961 { "passwordChangeMinUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_min_usec), 0 },
962 { "passwordChangeMaxUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_max_usec), 0 },
963 { "passwordChangeWarnUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_warn_usec), 0 },
964 { "passwordChangeInactiveUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_inactive_usec), 0 },
965 { "passwordChangeNow", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, password_change_now), 0 },
966 { "pkcs11TokenUri", JSON_VARIANT_ARRAY, dispatch_pkcs11_uri_array, offsetof(UserRecord, pkcs11_token_uri), 0 },
967 {},
968 };
969
970 JsonVariant *e;
971 int r;
972
973 if (!variant)
974 return 0;
975
976 if (!json_variant_is_array(variant))
977 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array.", strna(name));
978
979 JSON_VARIANT_ARRAY_FOREACH(e, variant) {
980 bool matching = false;
981 JsonVariant *m;
982
983 if (!json_variant_is_object(e))
984 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array of objects.", strna(name));
985
986 m = json_variant_by_key(e, "matchMachineId");
987 if (m) {
988 r = per_machine_id_match(m, flags);
989 if (r < 0)
990 return r;
991
992 matching = r > 0;
993 }
994
995 if (!matching) {
996 m = json_variant_by_key(e, "matchHostname");
997 if (m) {
998 r = per_machine_hostname_match(m, flags);
999 if (r < 0)
1000 return r;
1001
1002 matching = r > 0;
1003 }
1004 }
1005
1006 if (!matching)
1007 continue;
1008
1009 r = json_dispatch(e, per_machine_dispatch_table, NULL, flags, userdata);
1010 if (r < 0)
1011 return r;
1012 }
1013
1014 return 0;
1015 }
1016
1017 static int dispatch_status(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
1018
1019 static const JsonDispatch status_dispatch_table[] = {
1020 { "diskUsage", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_usage), 0 },
1021 { "diskFree", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_free), 0 },
1022 { "diskSize", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_size), 0 },
1023 { "diskCeiling", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_ceiling), 0 },
1024 { "diskFloor", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_floor), 0 },
1025 { "state", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, state), JSON_SAFE },
1026 { "service", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, service), JSON_SAFE },
1027 { "signedLocally", _JSON_VARIANT_TYPE_INVALID, json_dispatch_tristate, offsetof(UserRecord, signed_locally), 0 },
1028 { "goodAuthenticationCounter", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, good_authentication_counter), 0 },
1029 { "badAuthenticationCounter", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, bad_authentication_counter), 0 },
1030 { "lastGoodAuthenticationUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, last_good_authentication_usec), 0 },
1031 { "lastBadAuthenticationUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, last_bad_authentication_usec), 0 },
1032 { "rateLimitBeginUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, ratelimit_begin_usec), 0 },
1033 { "rateLimitCount", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, ratelimit_count), 0 },
1034 { "removable", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, removable), 0 },
1035 {},
1036 };
1037
1038 char smid[SD_ID128_STRING_MAX];
1039 JsonVariant *m;
1040 sd_id128_t mid;
1041 int r;
1042
1043 if (!variant)
1044 return 0;
1045
1046 if (!json_variant_is_object(variant))
1047 return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an object.", strna(name));
1048
1049 r = sd_id128_get_machine(&mid);
1050 if (r < 0)
1051 return json_log(variant, flags, r, "Failed to determine machine ID: %m");
1052
1053 m = json_variant_by_key(variant, sd_id128_to_string(mid, smid));
1054 if (!m)
1055 return 0;
1056
1057 return json_dispatch(m, status_dispatch_table, NULL, flags, userdata);
1058 }
1059
1060 static int user_record_augment(UserRecord *h, JsonDispatchFlags json_flags) {
1061 assert(h);
1062
1063 if (!FLAGS_SET(h->mask, USER_RECORD_REGULAR))
1064 return 0;
1065
1066 assert(h->user_name);
1067
1068 if (!h->user_name_and_realm_auto && h->realm) {
1069 h->user_name_and_realm_auto = strjoin(h->user_name, "@", h->realm);
1070 if (!h->user_name_and_realm_auto)
1071 return json_log_oom(h->json, json_flags);
1072 }
1073
1074 /* Let's add in the following automatisms only for regular users, they dont make sense for any others */
1075 if (user_record_disposition(h) != USER_REGULAR)
1076 return 0;
1077
1078 if (!h->home_directory && !h->home_directory_auto) {
1079 h->home_directory_auto = path_join("/home/", h->user_name);
1080 if (!h->home_directory_auto)
1081 return json_log_oom(h->json, json_flags);
1082 }
1083
1084 if (!h->image_path && !h->image_path_auto) {
1085 const char *suffix;
1086 UserStorage storage;
1087
1088 storage = user_record_storage(h);
1089 if (storage == USER_LUKS)
1090 suffix = ".home";
1091 else if (IN_SET(storage, USER_DIRECTORY, USER_SUBVOLUME, USER_FSCRYPT))
1092 suffix = ".homedir";
1093 else
1094 suffix = NULL;
1095
1096 if (suffix) {
1097 h->image_path_auto = strjoin("/home/", user_record_user_name_and_realm(h), suffix);
1098 if (!h->image_path_auto)
1099 return json_log_oom(h->json, json_flags);
1100 }
1101 }
1102
1103 return 0;
1104 }
1105
1106 int user_group_record_mangle(
1107 JsonVariant *v,
1108 UserRecordLoadFlags load_flags,
1109 JsonVariant **ret_variant,
1110 UserRecordMask *ret_mask) {
1111
1112 static const struct {
1113 UserRecordMask mask;
1114 const char *name;
1115 } mask_field[] = {
1116 { USER_RECORD_PRIVILEGED, "privileged" },
1117 { USER_RECORD_SECRET, "secret" },
1118 { USER_RECORD_BINDING, "binding" },
1119 { USER_RECORD_PER_MACHINE, "perMachine" },
1120 { USER_RECORD_STATUS, "status" },
1121 { USER_RECORD_SIGNATURE, "signature" },
1122 };
1123
1124 JsonDispatchFlags json_flags = USER_RECORD_LOAD_FLAGS_TO_JSON_DISPATCH_FLAGS(load_flags);
1125 _cleanup_(json_variant_unrefp) JsonVariant *w = NULL;
1126 JsonVariant *array[ELEMENTSOF(mask_field) * 2];
1127 size_t n_retain = 0, i;
1128 UserRecordMask m = 0;
1129 int r;
1130
1131 assert((load_flags & _USER_RECORD_MASK_MAX) == 0); /* detect mistakes when accidentally passing
1132 * UserRecordMask bit masks as UserRecordLoadFlags
1133 * value */
1134
1135 assert(v);
1136 assert(ret_variant);
1137 assert(ret_mask);
1138
1139 /* Note that this function is shared with the group record parser, hence we try to be generic in our
1140 * log message wording here, to cover both cases. */
1141
1142 if (!json_variant_is_object(v))
1143 return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record is not a JSON object, refusing.");
1144
1145 if (USER_RECORD_ALLOW_MASK(load_flags) == 0) /* allow nothing? */
1146 return json_log(v, json_flags, SYNTHETIC_ERRNO(EINVAL), "Nothing allowed in record, refusing.");
1147
1148 if (USER_RECORD_STRIP_MASK(load_flags) == _USER_RECORD_MASK_MAX) /* strip everything? */
1149 return json_log(v, json_flags, SYNTHETIC_ERRNO(EINVAL), "Stripping everything from record, refusing.");
1150
1151 /* Check if we have the special sections and if they match our flags set */
1152 for (i = 0; i < ELEMENTSOF(mask_field); i++) {
1153 JsonVariant *e, *k;
1154
1155 if (FLAGS_SET(USER_RECORD_STRIP_MASK(load_flags), mask_field[i].mask)) {
1156 if (!w)
1157 w = json_variant_ref(v);
1158
1159 r = json_variant_filter(&w, STRV_MAKE(mask_field[i].name));
1160 if (r < 0)
1161 return json_log(w, json_flags, r, "Failed to remove field from variant: %m");
1162
1163 continue;
1164 }
1165
1166 e = json_variant_by_key_full(v, mask_field[i].name, &k);
1167 if (e) {
1168 if (!FLAGS_SET(USER_RECORD_ALLOW_MASK(load_flags), mask_field[i].mask))
1169 return json_log(e, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record contains '%s' field, which is not allowed.", mask_field[i].name);
1170
1171 if (FLAGS_SET(load_flags, USER_RECORD_STRIP_REGULAR)) {
1172 array[n_retain++] = k;
1173 array[n_retain++] = e;
1174 }
1175
1176 m |= mask_field[i].mask;
1177 } else {
1178 if (FLAGS_SET(USER_RECORD_REQUIRE_MASK(load_flags), mask_field[i].mask))
1179 return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record lacks '%s' field, which is required.", mask_field[i].name);
1180 }
1181 }
1182
1183 if (FLAGS_SET(load_flags, USER_RECORD_STRIP_REGULAR)) {
1184 /* If we are supposed to strip regular items, then let's instead just allocate a new object
1185 * with just the stuff we need. */
1186
1187 w = json_variant_unref(w);
1188 r = json_variant_new_object(&w, array, n_retain);
1189 if (r < 0)
1190 return json_log(v, json_flags, r, "Failed to allocate new object: %m");
1191 } else {
1192 /* And now check if there's anything else in the record */
1193 for (i = 0; i < json_variant_elements(v); i += 2) {
1194 const char *f;
1195 bool special = false;
1196 size_t j;
1197
1198 assert_se(f = json_variant_string(json_variant_by_index(v, i)));
1199
1200 for (j = 0; j < ELEMENTSOF(mask_field); j++)
1201 if (streq(f, mask_field[j].name)) { /* already covered in the loop above */
1202 special = true;
1203 continue;
1204 }
1205
1206 if (!special) {
1207 if ((load_flags & (USER_RECORD_ALLOW_REGULAR|USER_RECORD_REQUIRE_REGULAR)) == 0)
1208 return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record contains '%s' field, which is not allowed.", f);
1209
1210 m |= USER_RECORD_REGULAR;
1211 break;
1212 }
1213 }
1214 }
1215
1216 if (FLAGS_SET(load_flags, USER_RECORD_REQUIRE_REGULAR) && !FLAGS_SET(m, USER_RECORD_REGULAR))
1217 return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record lacks basic identity fields, which are required.");
1218
1219 if (m == 0)
1220 return json_log(v, json_flags, SYNTHETIC_ERRNO(EBADMSG), "Record is empty.");
1221
1222 if (w)
1223 *ret_variant = TAKE_PTR(w);
1224 else
1225 *ret_variant = json_variant_ref(v);
1226
1227 *ret_mask = m;
1228 return 0;
1229 }
1230
1231 int user_record_load(UserRecord *h, JsonVariant *v, UserRecordLoadFlags load_flags) {
1232
1233 static const JsonDispatch user_dispatch_table[] = {
1234 { "userName", JSON_VARIANT_STRING, json_dispatch_user_group_name, offsetof(UserRecord, user_name), 0 },
1235 { "realm", JSON_VARIANT_STRING, json_dispatch_realm, offsetof(UserRecord, realm), 0 },
1236 { "realName", JSON_VARIANT_STRING, json_dispatch_gecos, offsetof(UserRecord, real_name), 0 },
1237 { "emailAddress", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, email_address), JSON_SAFE },
1238 { "iconName", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, icon_name), JSON_SAFE },
1239 { "location", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, location), 0 },
1240 { "disposition", JSON_VARIANT_STRING, json_dispatch_user_disposition, offsetof(UserRecord, disposition), 0 },
1241 { "lastChangeUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, last_change_usec), 0 },
1242 { "lastPasswordChangeUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, last_password_change_usec), 0 },
1243 { "shell", JSON_VARIANT_STRING, json_dispatch_filename_or_path, offsetof(UserRecord, shell), 0 },
1244 { "umask", JSON_VARIANT_UNSIGNED, json_dispatch_umask, offsetof(UserRecord, umask), 0 },
1245 { "environment", JSON_VARIANT_ARRAY, json_dispatch_environment, offsetof(UserRecord, environment), 0 },
1246 { "timeZone", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, time_zone), JSON_SAFE },
1247 { "preferredLanguage", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, preferred_language), JSON_SAFE },
1248 { "niceLevel", _JSON_VARIANT_TYPE_INVALID, json_dispatch_nice, offsetof(UserRecord, nice_level), 0 },
1249 { "resourceLimits", _JSON_VARIANT_TYPE_INVALID, json_dispatch_rlimits, offsetof(UserRecord, rlimits), 0 },
1250 { "locked", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, locked), 0 },
1251 { "notBeforeUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, not_before_usec), 0 },
1252 { "notAfterUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, not_after_usec), 0 },
1253 { "storage", JSON_VARIANT_STRING, json_dispatch_storage, offsetof(UserRecord, storage), 0 },
1254 { "diskSize", JSON_VARIANT_UNSIGNED, json_dispatch_disk_size, offsetof(UserRecord, disk_size), 0 },
1255 { "diskSizeRelative", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_size_relative), 0 },
1256 { "skeletonDirectory", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, skeleton_directory), 0 },
1257 { "accessMode", JSON_VARIANT_UNSIGNED, json_dispatch_access_mode, offsetof(UserRecord, access_mode), 0 },
1258 { "tasksMax", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, tasks_max), 0 },
1259 { "memoryHigh", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, memory_high), 0 },
1260 { "memoryMax", JSON_VARIANT_UNSIGNED, json_dispatch_tasks_or_memory_max, offsetof(UserRecord, memory_max), 0 },
1261 { "cpuWeight", JSON_VARIANT_UNSIGNED, json_dispatch_weight, offsetof(UserRecord, cpu_weight), 0 },
1262 { "ioWeight", JSON_VARIANT_UNSIGNED, json_dispatch_weight, offsetof(UserRecord, io_weight), 0 },
1263 { "mountNoDevices", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, nodev), 0 },
1264 { "mountNoSuid", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, nosuid), 0 },
1265 { "mountNoExecute", JSON_VARIANT_BOOLEAN, json_dispatch_boolean, offsetof(UserRecord, noexec), 0 },
1266 { "cifsDomain", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_domain), JSON_SAFE },
1267 { "cifsUserName", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_user_name), JSON_SAFE },
1268 { "cifsService", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, cifs_service), JSON_SAFE },
1269 { "imagePath", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, image_path), 0 },
1270 { "homeDirectory", JSON_VARIANT_STRING, json_dispatch_home_directory, offsetof(UserRecord, home_directory), 0 },
1271 { "uid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, uid), 0 },
1272 { "gid", JSON_VARIANT_UNSIGNED, json_dispatch_uid_gid, offsetof(UserRecord, gid), 0 },
1273 { "memberOf", JSON_VARIANT_ARRAY, json_dispatch_user_group_list, offsetof(UserRecord, member_of), 0 },
1274 { "fileSystemType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, file_system_type), JSON_SAFE },
1275 { "partitionUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, partition_uuid), 0 },
1276 { "luksUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, luks_uuid), 0 },
1277 { "fileSystemUuid", JSON_VARIANT_STRING, json_dispatch_id128, offsetof(UserRecord, file_system_uuid), 0 },
1278 { "luksDiscard", _JSON_VARIANT_TYPE_INVALID, json_dispatch_tristate, offsetof(UserRecord, luks_discard), 0 },
1279 { "luksCipher", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher), JSON_SAFE },
1280 { "luksCipherMode", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_cipher_mode), JSON_SAFE },
1281 { "luksVolumeKeySize", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_volume_key_size), 0 },
1282 { "luksPbkdfHashAlgorithm", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_pbkdf_hash_algorithm), JSON_SAFE },
1283 { "luksPbkdfType", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, luks_pbkdf_type), JSON_SAFE },
1284 { "luksPbkdfTimeCostUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_time_cost_usec), 0 },
1285 { "luksPbkdfMemoryCost", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_memory_cost), 0 },
1286 { "luksPbkdfParallelThreads", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, luks_pbkdf_parallel_threads), 0 },
1287 { "service", JSON_VARIANT_STRING, json_dispatch_string, offsetof(UserRecord, service), JSON_SAFE },
1288 { "rateLimitIntervalUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, ratelimit_interval_usec), 0 },
1289 { "rateLimitBurst", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, ratelimit_burst), 0 },
1290 { "enforcePasswordPolicy", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, enforce_password_policy), 0 },
1291 { "autoLogin", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, auto_login), 0 },
1292 { "stopDelayUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, stop_delay_usec), 0 },
1293 { "killProcesses", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, kill_processes), 0 },
1294 { "passwordChangeMinUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_min_usec), 0 },
1295 { "passwordChangeMaxUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_max_usec), 0 },
1296 { "passwordChangeWarnUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_warn_usec), 0 },
1297 { "passwordChangeInactiveUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, password_change_inactive_usec), 0 },
1298 { "passwordChangeNow", JSON_VARIANT_BOOLEAN, json_dispatch_tristate, offsetof(UserRecord, password_change_now), 0 },
1299 { "pkcs11TokenUri", JSON_VARIANT_ARRAY, dispatch_pkcs11_uri_array, offsetof(UserRecord, pkcs11_token_uri), 0 },
1300
1301 { "secret", JSON_VARIANT_OBJECT, dispatch_secret, 0, 0 },
1302 { "privileged", JSON_VARIANT_OBJECT, dispatch_privileged, 0, 0 },
1303
1304 /* Ignore the perMachine, binding, status stuff here, and process it later, so that it overrides whatever is set above */
1305 { "perMachine", JSON_VARIANT_ARRAY, NULL, 0, 0 },
1306 { "binding", JSON_VARIANT_OBJECT, NULL, 0, 0 },
1307 { "status", JSON_VARIANT_OBJECT, NULL, 0, 0 },
1308
1309 /* Ignore 'signature', we check it with explicit accessors instead */
1310 { "signature", JSON_VARIANT_ARRAY, NULL, 0, 0 },
1311 {},
1312 };
1313
1314 JsonDispatchFlags json_flags = USER_RECORD_LOAD_FLAGS_TO_JSON_DISPATCH_FLAGS(load_flags);
1315 int r;
1316
1317 assert(h);
1318 assert(!h->json);
1319
1320 /* Note that this call will leave a half-initialized record around on failure! */
1321
1322 r = user_group_record_mangle(v, load_flags, &h->json, &h->mask);
1323 if (r < 0)
1324 return r;
1325
1326 r = json_dispatch(h->json, user_dispatch_table, NULL, json_flags, h);
1327 if (r < 0)
1328 return r;
1329
1330 /* During the parsing operation above we ignored the 'perMachine', 'binding' and 'status' fields,
1331 * since we want them to override the global options. Let's process them now. */
1332
1333 r = dispatch_per_machine("perMachine", json_variant_by_key(h->json, "perMachine"), json_flags, h);
1334 if (r < 0)
1335 return r;
1336
1337 r = dispatch_binding("binding", json_variant_by_key(h->json, "binding"), json_flags, h);
1338 if (r < 0)
1339 return r;
1340
1341 r = dispatch_status("status", json_variant_by_key(h->json, "status"), json_flags, h);
1342 if (r < 0)
1343 return r;
1344
1345 if (FLAGS_SET(h->mask, USER_RECORD_REGULAR) && !h->user_name)
1346 return json_log(h->json, json_flags, SYNTHETIC_ERRNO(EINVAL), "User name field missing, refusing.");
1347
1348 r = user_record_augment(h, json_flags);
1349 if (r < 0)
1350 return r;
1351
1352 return 0;
1353 }
1354
1355 int user_record_build(UserRecord **ret, ...) {
1356 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
1357 _cleanup_(user_record_unrefp) UserRecord *u = NULL;
1358 va_list ap;
1359 int r;
1360
1361 assert(ret);
1362
1363 va_start(ap, ret);
1364 r = json_buildv(&v, ap);
1365 va_end(ap);
1366
1367 if (r < 0)
1368 return r;
1369
1370 u = user_record_new();
1371 if (!u)
1372 return -ENOMEM;
1373
1374 r = user_record_load(u, v, USER_RECORD_LOAD_FULL);
1375 if (r < 0)
1376 return r;
1377
1378 *ret = TAKE_PTR(u);
1379 return 0;
1380 }
1381
1382 const char *user_record_user_name_and_realm(UserRecord *h) {
1383 assert(h);
1384
1385 /* Return the pre-initialized joined string if it is defined */
1386 if (h->user_name_and_realm_auto)
1387 return h->user_name_and_realm_auto;
1388
1389 /* If it's not defined then we cannot have a realm */
1390 assert(!h->realm);
1391 return h->user_name;
1392 }
1393
1394 UserStorage user_record_storage(UserRecord *h) {
1395 assert(h);
1396
1397 if (h->storage >= 0)
1398 return h->storage;
1399
1400 return USER_CLASSIC;
1401 }
1402
1403 const char *user_record_file_system_type(UserRecord *h) {
1404 assert(h);
1405
1406 return h->file_system_type ?: "ext4";
1407 }
1408
1409 const char *user_record_skeleton_directory(UserRecord *h) {
1410 assert(h);
1411
1412 return h->skeleton_directory ?: "/etc/skel";
1413 }
1414
1415 mode_t user_record_access_mode(UserRecord *h) {
1416 assert(h);
1417
1418 return h->access_mode != (mode_t) -1 ? h->access_mode : 0700;
1419 }
1420
1421 const char* user_record_home_directory(UserRecord *h) {
1422 assert(h);
1423
1424 if (h->home_directory)
1425 return h->home_directory;
1426 if (h->home_directory_auto)
1427 return h->home_directory_auto;
1428
1429 /* The root user is special, hence be special about it */
1430 if (streq_ptr(h->user_name, "root"))
1431 return "/root";
1432
1433 return "/";
1434 }
1435
1436 const char *user_record_image_path(UserRecord *h) {
1437 assert(h);
1438
1439 if (h->image_path)
1440 return h->image_path;
1441 if (h->image_path_auto)
1442 return h->image_path_auto;
1443
1444 return IN_SET(user_record_storage(h), USER_CLASSIC, USER_DIRECTORY, USER_SUBVOLUME, USER_FSCRYPT) ? user_record_home_directory(h) : NULL;
1445 }
1446
1447 const char *user_record_cifs_user_name(UserRecord *h) {
1448 assert(h);
1449
1450 return h->cifs_user_name ?: h->user_name;
1451 }
1452
1453 unsigned long user_record_mount_flags(UserRecord *h) {
1454 assert(h);
1455
1456 return (h->nosuid ? MS_NOSUID : 0) |
1457 (h->noexec ? MS_NOEXEC : 0) |
1458 (h->nodev ? MS_NODEV : 0);
1459 }
1460
1461 const char *user_record_shell(UserRecord *h) {
1462 assert(h);
1463
1464 if (h->shell)
1465 return h->shell;
1466
1467 if (streq_ptr(h->user_name, "root"))
1468 return "/bin/sh";
1469
1470 if (user_record_disposition(h) == USER_REGULAR)
1471 return "/bin/bash";
1472
1473 return NOLOGIN;
1474 }
1475
1476 const char *user_record_real_name(UserRecord *h) {
1477 assert(h);
1478
1479 return h->real_name ?: h->user_name;
1480 }
1481
1482 bool user_record_luks_discard(UserRecord *h) {
1483 const char *ip;
1484
1485 assert(h);
1486
1487 if (h->luks_discard >= 0)
1488 return h->luks_discard;
1489
1490 ip = user_record_image_path(h);
1491 if (!ip)
1492 return false;
1493
1494 /* Use discard by default if we are referring to a real block device, but not when operating on a
1495 * loopback device. We want to optimize for SSD and flash storage after all, but we should be careful
1496 * when storing stuff on top of regular file systems in loopback files as doing discard then would
1497 * mean thin provisioning and we should not do that willy-nilly since it means we'll risk EIO later
1498 * on should the disk space to back our file systems not be available. */
1499
1500 return path_startswith(ip, "/dev/");
1501 }
1502
1503 const char *user_record_luks_cipher(UserRecord *h) {
1504 assert(h);
1505
1506 return h->luks_cipher ?: "aes";
1507 }
1508
1509 const char *user_record_luks_cipher_mode(UserRecord *h) {
1510 assert(h);
1511
1512 return h->luks_cipher_mode ?: "xts-plain64";
1513 }
1514
1515 uint64_t user_record_luks_volume_key_size(UserRecord *h) {
1516 assert(h);
1517
1518 /* We return a value here that can be cast without loss into size_t which is what libcrypsetup expects */
1519
1520 if (h->luks_volume_key_size == UINT64_MAX)
1521 return 256 / 8;
1522
1523 return MIN(h->luks_volume_key_size, SIZE_MAX);
1524 }
1525
1526 const char* user_record_luks_pbkdf_type(UserRecord *h) {
1527 assert(h);
1528
1529 return h->luks_pbkdf_type ?: "argon2i";
1530 }
1531
1532 uint64_t user_record_luks_pbkdf_time_cost_usec(UserRecord *h) {
1533 assert(h);
1534
1535 /* Returns a value with ms granularity, since that's what libcryptsetup expects */
1536
1537 if (h->luks_pbkdf_time_cost_usec == UINT64_MAX)
1538 return 500 * USEC_PER_MSEC; /* We default to 500ms, in contrast to libcryptsetup's 2s, which is just awfully slow on every login */
1539
1540 return MIN(DIV_ROUND_UP(h->luks_pbkdf_time_cost_usec, USEC_PER_MSEC), UINT32_MAX) * USEC_PER_MSEC;
1541 }
1542
1543 uint64_t user_record_luks_pbkdf_memory_cost(UserRecord *h) {
1544 assert(h);
1545
1546 /* Returns a value with kb granularity, since that's what libcryptsetup expects */
1547
1548 if (h->luks_pbkdf_memory_cost == UINT64_MAX)
1549 return 64*1024*1024; /* We default to 64M, since this should work on smaller systems too */
1550
1551 return MIN(DIV_ROUND_UP(h->luks_pbkdf_memory_cost, 1024), UINT32_MAX) * 1024;
1552 }
1553
1554 uint64_t user_record_luks_pbkdf_parallel_threads(UserRecord *h) {
1555 assert(h);
1556
1557 if (h->luks_pbkdf_memory_cost == UINT64_MAX)
1558 return 1; /* We default to 1, since this should work on smaller systems too */
1559
1560 return MIN(h->luks_pbkdf_parallel_threads, UINT32_MAX);
1561 }
1562
1563 const char *user_record_luks_pbkdf_hash_algorithm(UserRecord *h) {
1564 assert(h);
1565
1566 return h->luks_pbkdf_hash_algorithm ?: "sha512";
1567 }
1568
1569 gid_t user_record_gid(UserRecord *h) {
1570 assert(h);
1571
1572 if (gid_is_valid(h->gid))
1573 return h->gid;
1574
1575 return (gid_t) h->uid;
1576 }
1577
1578 UserDisposition user_record_disposition(UserRecord *h) {
1579 assert(h);
1580
1581 if (h->disposition >= 0)
1582 return h->disposition;
1583
1584 /* If not declared, derive from UID */
1585
1586 if (!uid_is_valid(h->uid))
1587 return _USER_DISPOSITION_INVALID;
1588
1589 if (h->uid == 0 || h->uid == UID_NOBODY)
1590 return USER_INTRINSIC;
1591
1592 if (uid_is_system(h->uid))
1593 return USER_SYSTEM;
1594
1595 if (uid_is_dynamic(h->uid))
1596 return USER_DYNAMIC;
1597
1598 if (uid_is_container(h->uid))
1599 return USER_CONTAINER;
1600
1601 if (h->uid > INT32_MAX)
1602 return USER_RESERVED;
1603
1604 return USER_REGULAR;
1605 }
1606
1607 int user_record_removable(UserRecord *h) {
1608 UserStorage storage;
1609 assert(h);
1610
1611 if (h->removable >= 0)
1612 return h->removable;
1613
1614 /* Refuse to decide for classic records */
1615 storage = user_record_storage(h);
1616 if (h->storage < 0 || h->storage == USER_CLASSIC)
1617 return -1;
1618
1619 /* For now consider only LUKS home directories with a reference by path as removable */
1620 return storage == USER_LUKS && path_startswith(user_record_image_path(h), "/dev/");
1621 }
1622
1623 uint64_t user_record_ratelimit_interval_usec(UserRecord *h) {
1624 assert(h);
1625
1626 if (h->ratelimit_interval_usec == UINT64_MAX)
1627 return DEFAULT_RATELIMIT_INTERVAL_USEC;
1628
1629 return h->ratelimit_interval_usec;
1630 }
1631
1632 uint64_t user_record_ratelimit_burst(UserRecord *h) {
1633 assert(h);
1634
1635 if (h->ratelimit_burst == UINT64_MAX)
1636 return DEFAULT_RATELIMIT_BURST;
1637
1638 return h->ratelimit_burst;
1639 }
1640
1641 bool user_record_can_authenticate(UserRecord *h) {
1642 assert(h);
1643
1644 /* Returns true if there's some form of property configured that the user can authenticate against */
1645
1646 if (h->n_pkcs11_encrypted_key > 0)
1647 return true;
1648
1649 return !strv_isempty(h->hashed_password);
1650 }
1651
1652 uint64_t user_record_ratelimit_next_try(UserRecord *h) {
1653 assert(h);
1654
1655 /* Calculates when the it's possible to login next. Returns:
1656 *
1657 * UINT64_MAX → Nothing known
1658 * 0 → Right away
1659 * Any other → Next time in CLOCK_REALTIME in usec (which could be in the past)
1660 */
1661
1662 if (h->ratelimit_begin_usec == UINT64_MAX ||
1663 h->ratelimit_count == UINT64_MAX)
1664 return UINT64_MAX;
1665
1666 if (h->ratelimit_count < user_record_ratelimit_burst(h))
1667 return 0;
1668
1669 return usec_add(h->ratelimit_begin_usec, user_record_ratelimit_interval_usec(h));
1670 }
1671
1672 bool user_record_equal(UserRecord *a, UserRecord *b) {
1673 assert(a);
1674 assert(b);
1675
1676 /* We assume that when a record is modified its JSON data is updated at the same time, hence it's
1677 * sufficient to compare the JSON data. */
1678
1679 return json_variant_equal(a->json, b->json);
1680 }
1681
1682 bool user_record_compatible(UserRecord *a, UserRecord *b) {
1683 assert(a);
1684 assert(b);
1685
1686 /* If either lacks a the regular section, we can't really decide, let's hence say they are
1687 * incompatible. */
1688 if (!(a->mask & b->mask & USER_RECORD_REGULAR))
1689 return false;
1690
1691 return streq_ptr(a->user_name, b->user_name) &&
1692 streq_ptr(a->realm, b->realm);
1693 }
1694
1695 int user_record_compare_last_change(UserRecord *a, UserRecord *b) {
1696 assert(a);
1697 assert(b);
1698
1699 if (a->last_change_usec == b->last_change_usec)
1700 return 0;
1701
1702 /* Always consider a record with a timestamp newer than one without */
1703 if (a->last_change_usec == UINT64_MAX)
1704 return -1;
1705 if (b->last_change_usec == UINT64_MAX)
1706 return 1;
1707
1708 return CMP(a->last_change_usec, b->last_change_usec);
1709 }
1710
1711 int user_record_clone(UserRecord *h, UserRecordLoadFlags flags, UserRecord **ret) {
1712 _cleanup_(user_record_unrefp) UserRecord *c = NULL;
1713 int r;
1714
1715 assert(h);
1716 assert(ret);
1717
1718 c = user_record_new();
1719 if (!c)
1720 return -ENOMEM;
1721
1722 r = user_record_load(c, h->json, flags);
1723 if (r < 0)
1724 return r;
1725
1726 *ret = TAKE_PTR(c);
1727 return 0;
1728 }
1729
1730 int user_record_masked_equal(UserRecord *a, UserRecord *b, UserRecordMask mask) {
1731 _cleanup_(user_record_unrefp) UserRecord *x = NULL, *y = NULL;
1732 int r;
1733
1734 assert(a);
1735 assert(b);
1736
1737 /* Compares the two records, but ignores anything not listed in the specified mask */
1738
1739 if ((a->mask & ~mask) != 0) {
1740 r = user_record_clone(a, USER_RECORD_ALLOW(mask) | USER_RECORD_STRIP(~mask & _USER_RECORD_MASK_MAX), &x);
1741 if (r < 0)
1742 return r;
1743
1744 a = x;
1745 }
1746
1747 if ((b->mask & ~mask) != 0) {
1748 r = user_record_clone(b, USER_RECORD_ALLOW(mask) | USER_RECORD_STRIP(~mask & _USER_RECORD_MASK_MAX), &y);
1749 if (r < 0)
1750 return r;
1751
1752 b = y;
1753 }
1754
1755 return user_record_equal(a, b);
1756 }
1757
1758 int user_record_test_blocked(UserRecord *h) {
1759 usec_t n;
1760
1761 /* Checks whether access to the specified user shall be allowed at the moment. Returns:
1762 *
1763 * -ESTALE: Record is from the future
1764 * -ENOLCK: Record is blocked
1765 * -EL2HLT: Record is not valid yet
1766 * -EL3HLT: Record is not valid anymore
1767 *
1768 */
1769
1770 assert(h);
1771
1772 n = now(CLOCK_REALTIME);
1773 if (h->last_change_usec != UINT64_MAX &&
1774 h->last_change_usec > n) /* Don't allow log ins when the record is from the future */
1775 return -ESTALE;
1776
1777 if (h->locked > 0)
1778 return -ENOLCK;
1779
1780 if (h->not_before_usec != UINT64_MAX && n < h->not_before_usec)
1781 return -EL2HLT;
1782 if (h->not_after_usec != UINT64_MAX && n > h->not_after_usec)
1783 return -EL3HLT;
1784
1785 return 0;
1786 }
1787
1788 int user_record_test_password_change_required(UserRecord *h) {
1789 bool change_permitted;
1790 usec_t n;
1791
1792 assert(h);
1793
1794 /* Checks whether the user must change the password when logging in
1795
1796 -EKEYREVOKED: Change password now because admin said so
1797 -EOWNERDEAD: Change password now because it expired
1798 -EKEYREJECTED: Password is expired, no changing is allowed
1799 -EKEYEXPIRED: Password is about to expire, warn user
1800 -ENETDOWN: Record has expiration info but no password change timestamp
1801 -EROFS: No password change required nor permitted
1802 0: No password change required, but permitted
1803 */
1804
1805 /* If a pasword change request has been set explicitly, it overrides everything */
1806 if (h->password_change_now > 0)
1807 return -EKEYREVOKED;
1808
1809 n = now(CLOCK_REALTIME);
1810
1811 /* Then, let's check if password changing is currently allowed at all */
1812 if (h->password_change_min_usec != UINT64_MAX) {
1813
1814 /* Expiry configured but no password change timestamp known? */
1815 if (h->last_password_change_usec == UINT64_MAX)
1816 return -ENETDOWN;
1817
1818 if (h->password_change_min_usec >= UINT64_MAX - h->last_password_change_usec)
1819 change_permitted = false;
1820 else
1821 change_permitted = n >= h->last_password_change_usec + h->password_change_min_usec;
1822
1823 } else
1824 change_permitted = true;
1825
1826 /* Let's check whether the password has expired. */
1827 if (!(h->password_change_max_usec == UINT64_MAX ||
1828 h->password_change_max_usec >= UINT64_MAX - h->last_password_change_usec)) {
1829
1830 uint64_t change_before;
1831
1832 /* Expiry configured but no password change timestamp known? */
1833 if (h->last_password_change_usec == UINT64_MAX)
1834 return -ENETDOWN;
1835
1836 /* Password is in inactive phase? */
1837 if (h->password_change_inactive_usec != UINT64_MAX &&
1838 h->password_change_inactive_usec < UINT64_MAX - h->password_change_max_usec) {
1839 usec_t added;
1840
1841 added = h->password_change_inactive_usec + h->password_change_max_usec;
1842 if (added < UINT64_MAX - h->last_password_change_usec &&
1843 n >= h->last_password_change_usec + added)
1844 return -EKEYREJECTED;
1845 }
1846
1847 /* Password needs to be changed now? */
1848 change_before = h->last_password_change_usec + h->password_change_max_usec;
1849 if (n >= change_before)
1850 return change_permitted ? -EOWNERDEAD : -EKEYREJECTED;
1851
1852 /* Warn user? */
1853 if (h->password_change_warn_usec != UINT64_MAX &&
1854 (change_before < h->password_change_warn_usec ||
1855 n >= change_before - h->password_change_warn_usec))
1856 return change_permitted ? -EKEYEXPIRED : -EROFS;
1857 }
1858
1859 /* No password changing necessary */
1860 return change_permitted ? 0 : -EROFS;
1861 }
1862
1863 static const char* const user_storage_table[_USER_STORAGE_MAX] = {
1864 [USER_CLASSIC] = "classic",
1865 [USER_LUKS] = "luks",
1866 [USER_DIRECTORY] = "directory",
1867 [USER_SUBVOLUME] = "subvolume",
1868 [USER_FSCRYPT] = "fscrypt",
1869 [USER_CIFS] = "cifs",
1870 };
1871
1872 DEFINE_STRING_TABLE_LOOKUP(user_storage, UserStorage);
1873
1874 static const char* const user_disposition_table[_USER_DISPOSITION_MAX] = {
1875 [USER_INTRINSIC] = "intrinsic",
1876 [USER_SYSTEM] = "system",
1877 [USER_DYNAMIC] = "dynamic",
1878 [USER_REGULAR] = "regular",
1879 [USER_CONTAINER] = "container",
1880 [USER_RESERVED] = "reserved",
1881 };
1882
1883 DEFINE_STRING_TABLE_LOOKUP(user_disposition, UserDisposition);
Unnamed repository; edit this file 'description' to name the repository.