From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 15 Apr 2020 17:35:07 +0000 (+0200)
Subject: homectl: do generic error handling/retry also when creating a home directory
X-Git-Tag: v246-rc1~45^2~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8e62dfb12aff85cc894ff7eef39fb21623335566;p=thirdparty%2Fsystemd.git

homectl: do generic error handling/retry also when creating a home directory

After all, when creating we might need interaction with the security
token too, and our initial attempt to create the user will fail, since
we do not allow interactive auth on the security token, so that we then
can print a log message and retry with interactive auth then enabled.
---

diff --git a/src/home/homectl.c b/src/home/homectl.c
index 41531735de3..943f5266762 100644
--- a/src/home/homectl.c
+++ b/src/home/homectl.c
@@ -1459,25 +1459,28 @@ static int create_home(int argc, char *argv[], void *userdata) {
 
                 r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
                 if (r < 0) {
-                        if (!sd_bus_error_has_name(&error, BUS_ERROR_LOW_PASSWORD_QUALITY))
-                                return log_error_errno(r, "Failed to create user home: %s", bus_error_message(&error, r));
-
-                        log_error_errno(r, "%s", bus_error_message(&error, r));
-                        log_info("(Use --enforce-password-policy=no to turn off password quality checks for this account.)");
-                } else
-                        break; /* done */
+                        if (sd_bus_error_has_name(&error, BUS_ERROR_LOW_PASSWORD_QUALITY)) {
+                                log_error_errno(r, "%s", bus_error_message(&error, r));
+                                log_info("(Use --enforce-password-policy=no to turn off password quality checks for this account.)");
 
-                r = user_record_set_hashed_password(hr, original_hashed_passwords);
-                if (r < 0)
-                        return r;
+                                r = user_record_set_hashed_password(hr, original_hashed_passwords);
+                                if (r < 0)
+                                        return r;
 
-                r = acquire_new_password(hr->user_name, hr, /* suggest = */ false);
-                if (r < 0)
-                        return r;
+                                r = acquire_new_password(hr->user_name, hr, /* suggest = */ false);
+                                if (r < 0)
+                                        return r;
 
-                r = user_record_make_hashed_password(hr, hr->password, /* extend = */ true);
-                if (r < 0)
-                        return log_error_errno(r, "Failed to hash passwords: %m");
+                                r = user_record_make_hashed_password(hr, hr->password, /* extend = */ true);
+                                if (r < 0)
+                                        return log_error_errno(r, "Failed to hash passwords: %m");
+                        } else {
+                                r = handle_generic_user_record_error(hr->user_name, hr, &error, r, false);
+                                if (r < 0)
+                                        return r;
+                        }
+                } else
+                        break; /* done */
         }
 
         return 0;