summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIvan Shapovalov <intelfx100@gmail.com>2015-03-07 18:11:32 +0300
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2015-03-07 13:09:36 -0500
commitc5abf22514b3925aa6f0d4a3f36f76799bf1911b (patch)
tree31f08d2dc8623a89ebbc28b42b8ca77c3e9dfdfa
parentad525df851a1bef7369fe21b5cde382941e7b073 (diff)
sysusers: do not reject users with already present /etc/shadow entries
This is needed to interoperate firstboot and sysusers. The former one is started first, and it writes only /etc/shadow when it is told to set the root password. It's better to relax checks here than to duplicate functionality in firstboot.
-rw-r--r--src/sysusers/sysusers.c23
1 files changed, 9 insertions, 14 deletions
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
index 0b5668a338..9c597921b7 100644
--- a/src/sysusers/sysusers.c
+++ b/src/sysusers/sysusers.c
@@ -603,6 +603,8 @@ static int write_files(void) {
if (r < 0)
goto finish;
+ lstchg = (long) (now(CLOCK_REALTIME) / USEC_PER_DAY);
+
original = fopen(shadow_path, "re");
if (original) {
struct spwd *sp;
@@ -616,8 +618,13 @@ static int write_files(void) {
i = hashmap_get(users, sp->sp_namp);
if (i && i->todo_user) {
- r = -EEXIST;
- goto finish;
+ /* we will update the existing entry */
+ sp->sp_lstchg = lstchg;
+
+ /* only the /etc/shadow stage is left, so we can
+ * safely remove the item from the todo set */
+ i->todo_user = false;
+ hashmap_remove(todo_uids, UID_TO_PTR(i->uid));
}
errno = 0;
@@ -640,7 +647,6 @@ static int write_files(void) {
goto finish;
}
- lstchg = (long) (now(CLOCK_REALTIME) / USEC_PER_DAY);
HASHMAP_FOREACH(i, todo_uids, iterator) {
struct spwd n = {
.sp_namp = i->name,
@@ -877,7 +883,6 @@ static int add_user(Item *i) {
if (!arg_root) {
struct passwd *p;
- struct spwd *sp;
/* Also check NSS */
errno = 0;
@@ -893,16 +898,6 @@ static int add_user(Item *i) {
}
if (!IN_SET(errno, 0, ENOENT))
return log_error_errno(errno, "Failed to check if user %s already exists: %m", i->name);
-
- /* And shadow too, just to be sure */
- errno = 0;
- sp = getspnam(i->name);
- if (sp) {
- log_error("User %s already exists in shadow database, but not in user database.", i->name);
- return -EBADMSG;
- }
- if (!IN_SET(errno, 0, ENOENT))
- return log_error_errno(errno, "Failed to check if user %s already exists in shadow database: %m", i->name);
}
/* Try to use the suggested numeric uid */