From: Zbigniew Jędrzejewski-Szmek Date: Tue, 18 Nov 2025 08:47:51 +0000 (+0100) Subject: udev: define a generic helper to print messages about unknown users and groups X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6e6e96f628d352b56fd396cffb311f16839f78fb;p=thirdparty%2Fsystemd.git udev: define a generic helper to print messages about unknown users and groups We cannot just use %m, because strerror returns a confusing error message for ESRCH or ENOEXEC. udev code was doing a good job, but the error handling was very verbose. Let's encapsulate the customized error messages in a helper. No functional change, except that the error messages have a slightly different form now. The old messages were a bit better, but we don't have as much flexibility in the new scheme. "Failed to resolve user 'foo': Unknown user" should be good enough. --- diff --git a/src/basic/user-util.h b/src/basic/user-util.h index c4f2aea3095..24793530e67 100644 --- a/src/basic/user-util.h +++ b/src/basic/user-util.h @@ -10,7 +10,8 @@ #include "basic-forward.h" -/* Users managed by systemd-homed. See https://systemd.io/UIDS-GIDS for details how this range fits into the rest of the world */ +/* Users managed by systemd-homed. See https://systemd.io/UIDS-GIDS for details + * how this range fits into the rest of the world. */ #define HOME_UID_MIN ((uid_t) 60001) #define HOME_UID_MAX ((uid_t) 60513) @@ -18,6 +19,12 @@ #define MAP_UID_MIN ((uid_t) 60514) #define MAP_UID_MAX ((uid_t) 60577) +/* A helper to print an error message when user or group resolution fails. + * Note that we can't use ({ … }) to define a temporary variable, so errnum is + * evaluated multiple times. */ +#define STRERROR_USER(errnum) ((errnum) == -ESRCH ? "Unknown user" : (errnum) == -ENOEXEC ? "Not a system user" : STRERROR(errnum)) +#define STRERROR_GROUP(errnum) ((errnum) == -ESRCH ? "Unknown group" : (errnum) == -ENOEXEC ? "Not a system group" : STRERROR(errnum)) + bool uid_is_valid(uid_t uid) _const_; static inline bool gid_is_valid(gid_t gid) { diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c index 87c57d7487e..543ad9be06c 100644 --- a/src/udev/udev-rules.c +++ b/src/udev/udev-rules.c @@ -512,12 +512,10 @@ static int rule_resolve_user(UdevRuleLine *rule_line, const char *name, uid_t *r r = userdb_by_name(name, &USERDB_MATCH_ROOT_AND_SYSTEM, USERDB_SUPPRESS_SHADOW | USERDB_PARSE_NUMERIC | USERDB_SYNTHESIZE_NUMERIC, &ur); - if (r == -ESRCH) - return log_line_error_errno(rule_line, r, "Unknown user '%s', ignoring.", name); - if (r == -ENOEXEC) - return log_line_error_errno(rule_line, r, "User '%s' is not a system user, ignoring.", name); if (r < 0) - return log_line_error_errno(rule_line, r, "Failed to resolve user '%s', ignoring: %m", name); + return log_line_error_errno(rule_line, r, + "Failed to resolve user '%s', ignoring: %s", + name, STRERROR_USER(r)); _cleanup_free_ char *n = strdup(name); if (!n) @@ -549,12 +547,10 @@ static int rule_resolve_group(UdevRuleLine *rule_line, const char *name, gid_t * r = groupdb_by_name(name, &USERDB_MATCH_ROOT_AND_SYSTEM, USERDB_SUPPRESS_SHADOW | USERDB_PARSE_NUMERIC | USERDB_SYNTHESIZE_NUMERIC, &gr); - if (r == -ESRCH) - return log_line_error_errno(rule_line, r, "Unknown group '%s', ignoring.", name); - if (r == -ENOEXEC) - return log_line_error_errno(rule_line, r, "Group '%s' is not a system group, ignoring.", name); if (r < 0) - return log_line_error_errno(rule_line, r, "Failed to resolve group '%s', ignoring: %m", name); + return log_line_error_errno(rule_line, r, + "Failed to resolve group '%s', ignoring: %s", + name, STRERROR_GROUP(r)); _cleanup_free_ char *n = strdup(name); if (!n) @@ -2681,12 +2677,10 @@ static int udev_rule_apply_token_to_event( r = userdb_by_name(owner, &USERDB_MATCH_ROOT_AND_SYSTEM, USERDB_SUPPRESS_SHADOW | USERDB_PARSE_NUMERIC | USERDB_SYNTHESIZE_NUMERIC, &ur); - if (r == -ESRCH) - log_event_error_errno(event, token, r, "Unknown user \"%s\", ignoring.", owner); - else if (r == -ENOEXEC) - log_event_error(event, token, "User \"%s\" is not a system user, ignoring.", owner); - else if (r < 0) - log_event_error_errno(event, token, r, "Failed to resolve user \"%s\", ignoring: %m", owner); + if (r < 0) + log_event_error_errno(event, token, r, + "Failed to resolve user \"%s\", ignoring: %s", + owner, STRERROR_USER(r)); else { event->uid = ur->uid; log_event_debug(event, token, "Set owner: %s("UID_FMT")", owner, event->uid); @@ -2709,12 +2703,10 @@ static int udev_rule_apply_token_to_event( r = groupdb_by_name(group, &USERDB_MATCH_ROOT_AND_SYSTEM, USERDB_SUPPRESS_SHADOW | USERDB_PARSE_NUMERIC | USERDB_SYNTHESIZE_NUMERIC, &gr); - if (r == -ESRCH) - log_event_error_errno(event, token, r, "Unknown group \"%s\", ignoring.", group); - else if (r == -ENOEXEC) - log_event_error(event, token, "Group \"%s\" is not a system group, ignoring.", group); - else if (r < 0) - log_event_error_errno(event, token, r, "Failed to resolve group \"%s\", ignoring: %m", group); + if (r < 0) + log_event_error_errno(event, token, r, + "Failed to resolve group \"%s\", ignoring: %s", + group, STRERROR_GROUP(r)); else { event->gid = gr->gid; log_event_debug(event, token, "Set group: %s("GID_FMT")", group, event->gid); diff --git a/test/units/TEST-17-UDEV.verify.sh b/test/units/TEST-17-UDEV.verify.sh index 8252b630d35..5b6baa42802 100755 --- a/test/units/TEST-17-UDEV.verify.sh +++ b/test/units/TEST-17-UDEV.verify.sh @@ -309,15 +309,15 @@ assert_0 "${rules}" test_syntax_error 'OWNER=":nosuchuser:"' "Failed to resolve user ':nosuchuser:', ignoring: Invalid argument" # nonexistent user if ! getent passwd nosuchuser >/dev/null; then - test_syntax_error 'OWNER="nosuchuser"' "Unknown user 'nosuchuser', ignoring." + test_syntax_error 'OWNER="nosuchuser"' "Failed to resolve user 'nosuchuser', ignoring: Unknown user" fi if ! getent passwd 12345 >/dev/null; then - test_syntax_error 'OWNER="12345"' "Unknown user '12345', ignoring." + test_syntax_error 'OWNER="12345"' "Failed to resolve user '12345', ignoring: Unknown user" fi # regular user if getent passwd testuser >/dev/null; then - test_syntax_error 'OWNER="testuser"' "User 'testuser' is not a system user, ignoring." - test_syntax_error "OWNER=\"$(id -u testuser)\"" "User '$(id -u testuser)' is not a system user, ignoring." + test_syntax_error 'OWNER="testuser"' "Failed to resolve user 'testuser', ignoring: Not a system user" + test_syntax_error "OWNER=\"$(id -u testuser)\"" "Failed to resolve user '$(id -u testuser)', ignoring: Not a system user" fi test_syntax_error 'GROUP{a}="b"' 'Invalid attribute for GROUP.' test_syntax_error 'GROUP-="b"' 'Invalid operator for GROUP.' @@ -341,15 +341,15 @@ assert_0 "${rules}" test_syntax_error 'GROUP=":nosuchgroup:"' "Failed to resolve group ':nosuchgroup:', ignoring: Invalid argument" # nonexistent group if ! getent group nosuchgroup >/dev/null; then - test_syntax_error 'GROUP="nosuchgroup"' "Unknown group 'nosuchgroup', ignoring." + test_syntax_error 'GROUP="nosuchgroup"' "Failed to resolve group 'nosuchgroup', ignoring: Unknown group" fi if ! getent group 12345 >/dev/null; then - test_syntax_error 'GROUP="12345"' "Unknown group '12345', ignoring." + test_syntax_error 'GROUP="12345"' "Failed to resolve group '12345', ignoring: Unknown group" fi # regular group if getent group testuser >/dev/null; then - test_syntax_error 'GROUP="testuser"' "Group 'testuser' is not a system group, ignoring." - test_syntax_error "GROUP=\"$(id -g testuser)\"" "Group '$(id -g testuser)' is not a system group, ignoring." + test_syntax_error 'GROUP="testuser"' "Failed to resolve group 'testuser', ignoring: Not a system group" + test_syntax_error "GROUP=\"$(id -g testuser)\"" "Failed to resolve group '$(id -g testuser)', ignoring: Not a system group" fi test_syntax_error 'MODE{a}="b"' 'Invalid attribute for MODE.' test_syntax_error 'MODE-="b"' 'Invalid operator for MODE.'