#include "basic-forward.h"
-/* Users managed by systemd-homed. See https://systemd.io/UIDS-GIDS for details how this range fits into the rest of the world */
+/* Users managed by systemd-homed. See https://systemd.io/UIDS-GIDS for details
+ * how this range fits into the rest of the world. */
#define HOME_UID_MIN ((uid_t) 60001)
#define HOME_UID_MAX ((uid_t) 60513)
#define MAP_UID_MIN ((uid_t) 60514)
#define MAP_UID_MAX ((uid_t) 60577)
+/* A helper to print an error message when user or group resolution fails.
+ * Note that we can't use ({ … }) to define a temporary variable, so errnum is
+ * evaluated multiple times. */
+#define STRERROR_USER(errnum) ((errnum) == -ESRCH ? "Unknown user" : (errnum) == -ENOEXEC ? "Not a system user" : STRERROR(errnum))
+#define STRERROR_GROUP(errnum) ((errnum) == -ESRCH ? "Unknown group" : (errnum) == -ENOEXEC ? "Not a system group" : STRERROR(errnum))
+
bool uid_is_valid(uid_t uid) _const_;
static inline bool gid_is_valid(gid_t gid) {
r = userdb_by_name(name, &USERDB_MATCH_ROOT_AND_SYSTEM,
USERDB_SUPPRESS_SHADOW | USERDB_PARSE_NUMERIC | USERDB_SYNTHESIZE_NUMERIC,
&ur);
- if (r == -ESRCH)
- return log_line_error_errno(rule_line, r, "Unknown user '%s', ignoring.", name);
- if (r == -ENOEXEC)
- return log_line_error_errno(rule_line, r, "User '%s' is not a system user, ignoring.", name);
if (r < 0)
- return log_line_error_errno(rule_line, r, "Failed to resolve user '%s', ignoring: %m", name);
+ return log_line_error_errno(rule_line, r,
+ "Failed to resolve user '%s', ignoring: %s",
+ name, STRERROR_USER(r));
_cleanup_free_ char *n = strdup(name);
if (!n)
r = groupdb_by_name(name, &USERDB_MATCH_ROOT_AND_SYSTEM,
USERDB_SUPPRESS_SHADOW | USERDB_PARSE_NUMERIC | USERDB_SYNTHESIZE_NUMERIC,
&gr);
- if (r == -ESRCH)
- return log_line_error_errno(rule_line, r, "Unknown group '%s', ignoring.", name);
- if (r == -ENOEXEC)
- return log_line_error_errno(rule_line, r, "Group '%s' is not a system group, ignoring.", name);
if (r < 0)
- return log_line_error_errno(rule_line, r, "Failed to resolve group '%s', ignoring: %m", name);
+ return log_line_error_errno(rule_line, r,
+ "Failed to resolve group '%s', ignoring: %s",
+ name, STRERROR_GROUP(r));
_cleanup_free_ char *n = strdup(name);
if (!n)
r = userdb_by_name(owner, &USERDB_MATCH_ROOT_AND_SYSTEM,
USERDB_SUPPRESS_SHADOW | USERDB_PARSE_NUMERIC | USERDB_SYNTHESIZE_NUMERIC,
&ur);
- if (r == -ESRCH)
- log_event_error_errno(event, token, r, "Unknown user \"%s\", ignoring.", owner);
- else if (r == -ENOEXEC)
- log_event_error(event, token, "User \"%s\" is not a system user, ignoring.", owner);
- else if (r < 0)
- log_event_error_errno(event, token, r, "Failed to resolve user \"%s\", ignoring: %m", owner);
+ if (r < 0)
+ log_event_error_errno(event, token, r,
+ "Failed to resolve user \"%s\", ignoring: %s",
+ owner, STRERROR_USER(r));
else {
event->uid = ur->uid;
log_event_debug(event, token, "Set owner: %s("UID_FMT")", owner, event->uid);
r = groupdb_by_name(group, &USERDB_MATCH_ROOT_AND_SYSTEM,
USERDB_SUPPRESS_SHADOW | USERDB_PARSE_NUMERIC | USERDB_SYNTHESIZE_NUMERIC,
&gr);
- if (r == -ESRCH)
- log_event_error_errno(event, token, r, "Unknown group \"%s\", ignoring.", group);
- else if (r == -ENOEXEC)
- log_event_error(event, token, "Group \"%s\" is not a system group, ignoring.", group);
- else if (r < 0)
- log_event_error_errno(event, token, r, "Failed to resolve group \"%s\", ignoring: %m", group);
+ if (r < 0)
+ log_event_error_errno(event, token, r,
+ "Failed to resolve group \"%s\", ignoring: %s",
+ group, STRERROR_GROUP(r));
else {
event->gid = gr->gid;
log_event_debug(event, token, "Set group: %s("GID_FMT")", group, event->gid);
test_syntax_error 'OWNER=":nosuchuser:"' "Failed to resolve user ':nosuchuser:', ignoring: Invalid argument"
# nonexistent user
if ! getent passwd nosuchuser >/dev/null; then
- test_syntax_error 'OWNER="nosuchuser"' "Unknown user 'nosuchuser', ignoring."
+ test_syntax_error 'OWNER="nosuchuser"' "Failed to resolve user 'nosuchuser', ignoring: Unknown user"
fi
if ! getent passwd 12345 >/dev/null; then
- test_syntax_error 'OWNER="12345"' "Unknown user '12345', ignoring."
+ test_syntax_error 'OWNER="12345"' "Failed to resolve user '12345', ignoring: Unknown user"
fi
# regular user
if getent passwd testuser >/dev/null; then
- test_syntax_error 'OWNER="testuser"' "User 'testuser' is not a system user, ignoring."
- test_syntax_error "OWNER=\"$(id -u testuser)\"" "User '$(id -u testuser)' is not a system user, ignoring."
+ test_syntax_error 'OWNER="testuser"' "Failed to resolve user 'testuser', ignoring: Not a system user"
+ test_syntax_error "OWNER=\"$(id -u testuser)\"" "Failed to resolve user '$(id -u testuser)', ignoring: Not a system user"
fi
test_syntax_error 'GROUP{a}="b"' 'Invalid attribute for GROUP.'
test_syntax_error 'GROUP-="b"' 'Invalid operator for GROUP.'
test_syntax_error 'GROUP=":nosuchgroup:"' "Failed to resolve group ':nosuchgroup:', ignoring: Invalid argument"
# nonexistent group
if ! getent group nosuchgroup >/dev/null; then
- test_syntax_error 'GROUP="nosuchgroup"' "Unknown group 'nosuchgroup', ignoring."
+ test_syntax_error 'GROUP="nosuchgroup"' "Failed to resolve group 'nosuchgroup', ignoring: Unknown group"
fi
if ! getent group 12345 >/dev/null; then
- test_syntax_error 'GROUP="12345"' "Unknown group '12345', ignoring."
+ test_syntax_error 'GROUP="12345"' "Failed to resolve group '12345', ignoring: Unknown group"
fi
# regular group
if getent group testuser >/dev/null; then
- test_syntax_error 'GROUP="testuser"' "Group 'testuser' is not a system group, ignoring."
- test_syntax_error "GROUP=\"$(id -g testuser)\"" "Group '$(id -g testuser)' is not a system group, ignoring."
+ test_syntax_error 'GROUP="testuser"' "Failed to resolve group 'testuser', ignoring: Not a system group"
+ test_syntax_error "GROUP=\"$(id -g testuser)\"" "Failed to resolve group '$(id -g testuser)', ignoring: Not a system group"
fi
test_syntax_error 'MODE{a}="b"' 'Invalid attribute for MODE.'
test_syntax_error 'MODE-="b"' 'Invalid operator for MODE.'
projects / thirdparty / systemd.git / commitdiff
