diff options
| author | Luke Shumaker <lukeshu@sbcglobal.net> | 2016-12-17 03:11:52 -0500 |
|---|---|---|
| committer | Luke Shumaker <lukeshu@sbcglobal.net> | 2016-12-17 03:11:52 -0500 |
| commit | b849891b5dde5ee14ab8b7b7db74e65a4a38d993 (patch) | |
| tree | 29bb0e6fda9b4b170041913de495da057bbe3621 /src/libsystemd-basic/include/systemd-basic/user-util.h | |
| parent | 004efebf9cc559ea131bb9460ee0ee198e2d5da7 (diff) | |
| parent | 881228ff72434a0e3401a16bd87f179ef0ab1619 (diff) | |
Merge branch 'notsystemd/postmove' into notsystemd/master
# Conflicts:
# src/grp-journal/libjournal-core/.gitignore
# src/grp-system/libcore/include/core/mount.h
Diffstat (limited to 'src/libsystemd-basic/include/systemd-basic/user-util.h')
| -rw-r--r-- | src/libsystemd-basic/include/systemd-basic/user-util.h | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/src/libsystemd-basic/include/systemd-basic/user-util.h b/src/libsystemd-basic/include/systemd-basic/user-util.h index 8026eca3f4..dfea561bde 100644 --- a/src/libsystemd-basic/include/systemd-basic/user-util.h +++ b/src/libsystemd-basic/include/systemd-basic/user-util.h @@ -20,6 +20,7 @@ ***/ #include <stdbool.h> +#include <stdint.h> #include <sys/types.h> #include <unistd.h> @@ -39,6 +40,7 @@ char* getlogname_malloc(void); char* getusername_malloc(void); int get_user_creds(const char **username, uid_t *uid, gid_t *gid, const char **home, const char **shell); +int get_user_creds_clean(const char **username, uid_t *uid, gid_t *gid, const char **home, const char **shell); int get_group_creds(const char **groupname, gid_t *gid); char* uid_to_name(uid_t uid); @@ -57,8 +59,19 @@ int take_etc_passwd_lock(const char *root); #define UID_INVALID ((uid_t) -1) #define GID_INVALID ((gid_t) -1) -/* The following macros add 1 when converting things, since UID 0 is a - * valid UID, while the pointer NULL is special */ +/* Let's pick a UIDs within the 16bit range, so that we are compatible with containers using 16bit + * user namespacing. At least on Fedora normal users are allocated until UID 60000, hence do not + * allocate from below this. Also stay away from the upper end of the range as that is often used + * for overflow/nobody users. */ +#define DYNAMIC_UID_MIN ((uid_t) UINT32_C(0x0000EF00)) +#define DYNAMIC_UID_MAX ((uid_t) UINT32_C(0x0000FFEF)) + +static inline bool uid_is_dynamic(uid_t uid) { + return DYNAMIC_UID_MIN <= uid && uid <= DYNAMIC_UID_MAX; +} + +/* The following macros add 1 when converting things, since UID 0 is a valid UID, while the pointer + * NULL is special */ #define PTR_TO_UID(p) ((uid_t) (((uintptr_t) (p))-1)) #define UID_TO_PTR(u) ((void*) (((uintptr_t) (u))+1)) @@ -68,3 +81,10 @@ int take_etc_passwd_lock(const char *root); static inline bool userns_supported(void) { return access("/proc/self/uid_map", F_OK) >= 0; } + +bool valid_user_group_name(const char *u); +bool valid_user_group_name_or_id(const char *u); +bool valid_gecos(const char *d); +bool valid_home(const char *p); + +int maybe_setgroups(size_t size, const gid_t *list); |