userdbd: also listen on a varlink socket io.systemd.DropIn

author Lennart Poettering <lennart@poettering.net>

Thu, 6 May 2021 14:38:28 +0000 (16:38 +0200)

committer Lennart Poettering <lennart@poettering.net>

Mon, 10 May 2021 12:58:39 +0000 (14:58 +0200)
author Lennart Poettering <lennart@poettering.net>
Thu, 6 May 2021 14:38:28 +0000 (16:38 +0200)
committer Lennart Poettering <lennart@poettering.net>
Mon, 10 May 2021 12:58:39 +0000 (14:58 +0200)
diff --git a/src/shared/userdb.h b/src/shared/userdb.h

index a851cbd6fba4073a4572ce0c7c0904ad70ff29f2..75eb4b2dce8b57b291a457d11b00afc5b0231e03 100644 (file)
--- a/src/shared/userdb.h
+++ b/src/shared/userdb.h
@@ -28,6 +28,7 @@ typedef enum UserDBFlags {
  
          /* Combinations */
          USERDB_NSS_ONLY = USERDB_EXCLUDE_VARLINK|USERDB_EXCLUDE_DROPIN|USERDB_DONT_SYNTHESIZE,
+        USERDB_DROPIN_ONLY = USERDB_EXCLUDE_NSS|USERDB_EXCLUDE_VARLINK|USERDB_DONT_SYNTHESIZE,
  } UserDBFlags;
  
  /* Well-known errors we'll return here:
diff --git a/src/userdb/userdbd-manager.c b/src/userdb/userdbd-manager.c

index 3fd82255ac63b099a311083b05ca808399f4191a..0564840dbe8db1ba4fb64dae18fdb8aaa826031d 100644 (file)
--- a/src/userdb/userdbd-manager.c
+++ b/src/userdb/userdbd-manager.c
@@ -289,6 +289,11 @@ int manager_startup(Manager *m) {
                  if (r < 0)
                          return log_error_errno(r, "Failed to bind io.systemd.Multiplexer: %m");
  
+                r = symlink_idempotent("io.systemd.Multiplexer",
+                                       "/run/systemd/userdb/io.systemd.DropIn", false);
+                if (r < 0)
+                        return log_error_errno(r, "Failed to bind io.systemd.Multiplexer: %m");
+
                  if (listen(m->listen_fd, SOMAXCONN) < 0)
                          return log_error_errno(errno, "Failed to listen on socket: %m");
          }
diff --git a/src/userdb/userdbd.c b/src/userdb/userdbd.c

index 6b28dd0a084d7aa2c7dade03d72cfa54f4ad5211..d469411eb82e1f12596ee8c42639980a2b4c4a2c 100644 (file)
--- a/src/userdb/userdbd.c
+++ b/src/userdb/userdbd.c
@@ -17,6 +17,9 @@
   *         → io.systemd.Multiplexer: this multiplexes lookup requests to all Varlink services that have a
   *           socket in /run/systemd/userdb/. It's supposed to simplify clients that don't want to implement
   *           the full iterative logic on their own.
+ *
+ *         → io.systemd.DropIn: this makes JSON user/group records dropped into /run/userdb/ available as
+ *           regular users.
   */
  
  static int run(int argc, char *argv[]) {
@@ -31,8 +34,8 @@ static int run(int argc, char *argv[]) {
          if (argc != 1)
                  return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "This program takes no arguments.");
  
-        if (setenv("SYSTEMD_BYPASS_USERDB", "io.systemd.NameServiceSwitch:io.systemd.Multiplexer", 1) < 0)
-                return log_error_errno(errno, "Failed to se $SYSTEMD_BYPASS_USERDB: %m");
+        if (setenv("SYSTEMD_BYPASS_USERDB", "io.systemd.NameServiceSwitch:io.systemd.Multiplexer:io.systemd.DropIn", 1) < 0)
+                return log_error_errno(errno, "Failed to set $SYSTEMD_BYPASS_USERDB: %m");
  
          assert_se(sigprocmask_many(SIG_BLOCK, NULL, SIGCHLD, SIGTERM, SIGINT, SIGUSR2, -1) >= 0);
  
diff --git a/src/userdb/userwork.c b/src/userdb/userwork.c

index 418a2892acf194183c174f363a3b7b403565ecdd..21caa540965d56469f214edb3d75d03556a86bb7 100644 (file)
--- a/src/userdb/userwork.c
+++ b/src/userdb/userwork.c
@@ -120,6 +120,8 @@ static int userdb_flags_from_service(Varlink *link, const char *service, UserDBF
  
          if (streq_ptr(service, "io.systemd.NameServiceSwitch"))
                  *ret = USERDB_NSS_ONLY|USERDB_AVOID_MULTIPLEXER;
+        if (streq_ptr(service, "io.systemd.DropIn"))
+                *ret = USERDB_DROPIN_ONLY|USERDB_AVOID_MULTIPLEXER;
          else if (streq_ptr(service, "io.systemd.Multiplexer"))
                  *ret = USERDB_AVOID_MULTIPLEXER;
          else
diff --git a/units/systemd-userdbd.socket b/units/systemd-userdbd.socket

index 50235dd1ef2851fb22427d5e1659ad5cfa90cf90..768253a2b046b7f884a4191f487f3a0d70dda5af 100644 (file)
--- a/units/systemd-userdbd.socket
+++ b/units/systemd-userdbd.socket
@@ -15,7 +15,7 @@ Before=sockets.target
  
  [Socket]
  ListenStream=/run/systemd/userdb/io.systemd.Multiplexer
-Symlinks=/run/systemd/userdb/io.systemd.NameServiceSwitch
+Symlinks=/run/systemd/userdb/io.systemd.NameServiceSwitch /run/systemd/userdb/io.systemd.DropIn
  SocketMode=0666
  
  [Install]
author	Lennart Poettering <lennart@poettering.net>
	Thu, 6 May 2021 14:38:28 +0000 (16:38 +0200)
committer	Lennart Poettering <lennart@poettering.net>
	Mon, 10 May 2021 12:58:39 +0000 (14:58 +0200)
src/shared/userdb.h		patch \| blob \| blame \| history
src/userdb/userdbd-manager.c		patch \| blob \| blame \| history
src/userdb/userdbd.c		patch \| blob \| blame \| history
src/userdb/userwork.c		patch \| blob \| blame \| history
units/systemd-userdbd.socket		patch \| blob \| blame \| history