summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/bus-proxyd/bus-policy.c8
-rw-r--r--src/bus-proxyd/bus-proxyd.c20
-rw-r--r--src/core/execute.c6
-rw-r--r--src/core/socket.c4
-rw-r--r--src/core/timer.c4
-rw-r--r--src/libsystemd/sd-bus/bus-control.c22
-rw-r--r--src/libsystemd/sd-bus/bus-kernel.c18
-rw-r--r--src/libsystemd/sd-bus/bus-message.c4
-rw-r--r--src/shared/cgroup-util.c6
-rw-r--r--src/shared/macro.h4
-rw-r--r--src/shared/mkdir.c4
-rw-r--r--src/shared/uid-range.c4
-rw-r--r--src/shared/util.c18
-rw-r--r--src/sysusers/sysusers.c2
-rw-r--r--src/test/test-cgroup-util.c2
-rw-r--r--src/test/test-conf-files.c2
-rw-r--r--src/test/test-uid-range.c2
-rw-r--r--src/tmpfiles/tmpfiles.c4
18 files changed, 69 insertions, 65 deletions
diff --git a/src/bus-proxyd/bus-policy.c b/src/bus-proxyd/bus-policy.c
index 13322ea514..59cc1d788b 100644
--- a/src/bus-proxyd/bus-policy.c
+++ b/src/bus-proxyd/bus-policy.c
@@ -668,13 +668,13 @@ static int check_policy_item(PolicyItem *i, const struct policy_check_filter *fi
break;
case POLICY_ITEM_USER:
- if (filter->uid != (uid_t) -1)
+ if (filter->uid != UID_INVALID)
if ((streq_ptr(i->name, "*") || (i->uid_valid && i->uid == filter->uid)))
return is_permissive(i);
break;
case POLICY_ITEM_GROUP:
- if (filter->gid != (gid_t) -1)
+ if (filter->gid != GID_INVALID)
if ((streq_ptr(i->name, "*") || (i->gid_valid && i->gid == filter->gid)))
return is_permissive(i);
break;
@@ -734,7 +734,7 @@ static int policy_check(Policy *p, const struct policy_check_filter *filter) {
verdict = check_policy_items(p->default_items, filter);
- if (filter->gid != (gid_t) -1) {
+ if (filter->gid != GID_INVALID) {
items = hashmap_get(p->group_items, UINT32_TO_PTR(filter->gid));
if (items) {
v = check_policy_items(items, filter);
@@ -743,7 +743,7 @@ static int policy_check(Policy *p, const struct policy_check_filter *filter) {
}
}
- if (filter->uid != (uid_t) -1) {
+ if (filter->uid != UID_INVALID) {
items = hashmap_get(p->user_items, UINT32_TO_PTR(filter->uid));
if (items) {
v = check_policy_items(items, filter);
diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c
index 6dfba14695..8fb204ca59 100644
--- a/src/bus-proxyd/bus-proxyd.c
+++ b/src/bus-proxyd/bus-proxyd.c
@@ -969,8 +969,8 @@ static int process_policy(sd_bus *from, sd_bus *to, sd_bus_message *m, Policy *p
return 0;
if (from->is_kernel) {
- uid_t sender_uid = (uid_t) -1;
- gid_t sender_gid = (gid_t) -1;
+ uid_t sender_uid = UID_INVALID;
+ gid_t sender_gid = GID_INVALID;
char **sender_names = NULL;
bool granted = false;
@@ -1026,8 +1026,8 @@ static int process_policy(sd_bus *from, sd_bus *to, sd_bus_message *m, Policy *p
if (to->is_kernel) {
_cleanup_bus_creds_unref_ sd_bus_creds *destination_creds = NULL;
- uid_t destination_uid = (uid_t) -1;
- gid_t destination_gid = (gid_t) -1;
+ uid_t destination_uid = UID_INVALID;
+ gid_t destination_gid = GID_INVALID;
const char *destination_unique = NULL;
char **destination_names = NULL;
bool granted = false;
@@ -1331,13 +1331,13 @@ int main(int argc, char *argv[]) {
a->fake_pids_valid = true;
a->fake_creds.uid = ucred.uid;
- a->fake_creds.euid = (uid_t) -1;
- a->fake_creds.suid = (uid_t) -1;
- a->fake_creds.fsuid = (uid_t) -1;
+ a->fake_creds.euid = UID_INVALID;
+ a->fake_creds.suid = UID_INVALID;
+ a->fake_creds.fsuid = UID_INVALID;
a->fake_creds.gid = ucred.gid;
- a->fake_creds.egid = (gid_t) -1;
- a->fake_creds.sgid = (gid_t) -1;
- a->fake_creds.fsgid = (gid_t) -1;
+ a->fake_creds.egid = GID_INVALID;
+ a->fake_creds.sgid = GID_INVALID;
+ a->fake_creds.fsgid = GID_INVALID;
a->fake_creds_valid = true;
}
diff --git a/src/core/execute.c b/src/core/execute.c
index c19f613641..ea745aa198 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -1241,8 +1241,8 @@ static int exec_child(ExecCommand *command,
const char *username = NULL, *home = NULL, *shell = NULL;
unsigned n_dont_close = 0;
int dont_close[n_fds + 4];
- uid_t uid = (uid_t) -1;
- gid_t gid = (gid_t) -1;
+ uid_t uid = UID_INVALID;
+ gid_t gid = GID_INVALID;
int i, err;
assert(command);
@@ -1436,7 +1436,7 @@ static int exec_child(ExecCommand *command,
#ifdef ENABLE_KDBUS
if (params->bus_endpoint_fd >= 0 && context->bus_endpoint) {
- uid_t ep_uid = (uid == (uid_t) -1) ? 0 : uid;
+ uid_t ep_uid = (uid == UID_INVALID) ? 0 : uid;
err = bus_kernel_set_endpoint_policy(params->bus_endpoint_fd, ep_uid, context->bus_endpoint);
if (err < 0) {
diff --git a/src/core/socket.c b/src/core/socket.c
index 828ed31077..8fa55e0b03 100644
--- a/src/core/socket.c
+++ b/src/core/socket.c
@@ -1456,8 +1456,8 @@ static int socket_chown(Socket *s, pid_t *_pid) {
if (pid == 0) {
SocketPort *p;
- uid_t uid = (uid_t) -1;
- gid_t gid = (gid_t) -1;
+ uid_t uid = UID_INVALID;
+ gid_t gid = GID_INVALID;
int ret;
default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
diff --git a/src/core/timer.c b/src/core/timer.c
index fa134b13ad..70aeedd3c7 100644
--- a/src/core/timer.c
+++ b/src/core/timer.c
@@ -505,7 +505,7 @@ static void timer_enter_running(Timer *t) {
dual_timestamp_get(&t->last_trigger);
if (t->stamp_path)
- touch_file(t->stamp_path, true, t->last_trigger.realtime, (uid_t) -1, (gid_t) -1, 0);
+ touch_file(t->stamp_path, true, t->last_trigger.realtime, UID_INVALID, GID_INVALID, 0);
timer_set_state(t, TIMER_RUNNING);
return;
@@ -543,7 +543,7 @@ static int timer_start(Unit *u) {
/* The timer has never run before,
* make sure a stamp file exists.
*/
- touch_file(t->stamp_path, true, (usec_t) -1, (uid_t) -1, (gid_t) -1, 0);
+ touch_file(t->stamp_path, true, (usec_t) -1, UID_INVALID, GID_INVALID, 0);
}
t->result = TIMER_SUCCESS;
diff --git a/src/libsystemd/sd-bus/bus-control.c b/src/libsystemd/sd-bus/bus-control.c
index 71fdbcf948..a9a0c1ec19 100644
--- a/src/libsystemd/sd-bus/bus-control.c
+++ b/src/libsystemd/sd-bus/bus-control.c
@@ -414,42 +414,42 @@ static int bus_populate_creds_from_items(
case KDBUS_ITEM_CREDS:
- if (mask & SD_BUS_CREDS_UID && (uid_t) item->creds.uid != (uid_t) -1) {
+ if (mask & SD_BUS_CREDS_UID && (uid_t) item->creds.uid != UID_INVALID) {
c->uid = (uid_t) item->creds.uid;
c->mask |= SD_BUS_CREDS_UID;
}
- if (mask & SD_BUS_CREDS_EUID && (uid_t) item->creds.euid != (uid_t) -1) {
+ if (mask & SD_BUS_CREDS_EUID && (uid_t) item->creds.euid != UID_INVALID) {
c->euid = (uid_t) item->creds.euid;
c->mask |= SD_BUS_CREDS_EUID;
}
- if (mask & SD_BUS_CREDS_SUID && (uid_t) item->creds.suid != (uid_t) -1) {
+ if (mask & SD_BUS_CREDS_SUID && (uid_t) item->creds.suid != UID_INVALID) {
c->suid = (uid_t) item->creds.suid;
c->mask |= SD_BUS_CREDS_SUID;
}
- if (mask & SD_BUS_CREDS_FSUID && (uid_t) item->creds.fsuid != (uid_t) -1) {
+ if (mask & SD_BUS_CREDS_FSUID && (uid_t) item->creds.fsuid != UID_INVALID) {
c->fsuid = (uid_t) item->creds.fsuid;
c->mask |= SD_BUS_CREDS_FSUID;
}
- if (mask & SD_BUS_CREDS_GID && (gid_t) item->creds.gid != (gid_t) -1) {
+ if (mask & SD_BUS_CREDS_GID && (gid_t) item->creds.gid != GID_INVALID) {
c->gid = (gid_t) item->creds.gid;
c->mask |= SD_BUS_CREDS_GID;
}
- if (mask & SD_BUS_CREDS_EGID && (gid_t) item->creds.egid != (gid_t) -1) {
+ if (mask & SD_BUS_CREDS_EGID && (gid_t) item->creds.egid != GID_INVALID) {
c->egid = (gid_t) item->creds.egid;
c->mask |= SD_BUS_CREDS_EGID;
}
- if (mask & SD_BUS_CREDS_SGID && (gid_t) item->creds.sgid != (gid_t) -1) {
+ if (mask & SD_BUS_CREDS_SGID && (gid_t) item->creds.sgid != GID_INVALID) {
c->sgid = (gid_t) item->creds.sgid;
c->mask |= SD_BUS_CREDS_SGID;
}
- if (mask & SD_BUS_CREDS_FSGID && (gid_t) item->creds.fsgid != (gid_t) -1) {
+ if (mask & SD_BUS_CREDS_FSGID && (gid_t) item->creds.fsgid != GID_INVALID) {
c->fsgid = (gid_t) item->creds.fsgid;
c->mask |= SD_BUS_CREDS_FSGID;
}
@@ -549,7 +549,7 @@ static int bus_populate_creds_from_items(
c->mask |= SD_BUS_CREDS_AUDIT_SESSION_ID;
}
- if (mask & SD_BUS_CREDS_AUDIT_LOGIN_UID && (uid_t) item->audit.loginuid != (uid_t) -1) {
+ if (mask & SD_BUS_CREDS_AUDIT_LOGIN_UID && (uid_t) item->audit.loginuid != UID_INVALID) {
c->audit_login_uid = (uid_t) item->audit.loginuid;
c->mask |= SD_BUS_CREDS_AUDIT_LOGIN_UID;
}
@@ -946,12 +946,12 @@ static int bus_get_owner_creds_dbus1(sd_bus *bus, uint64_t mask, sd_bus_creds **
c->mask |= SD_BUS_CREDS_PID & mask;
}
- if (bus->ucred.uid != (uid_t) -1) {
+ if (bus->ucred.uid != UID_INVALID) {
c->uid = bus->ucred.uid;
c->mask |= SD_BUS_CREDS_UID & mask;
}
- if (bus->ucred.gid != (gid_t) -1) {
+ if (bus->ucred.gid != GID_INVALID) {
c->gid = bus->ucred.gid;
c->mask |= SD_BUS_CREDS_GID & mask;
}
diff --git a/src/libsystemd/sd-bus/bus-kernel.c b/src/libsystemd/sd-bus/bus-kernel.c
index aaf44e3e75..d81e9d2546 100644
--- a/src/libsystemd/sd-bus/bus-kernel.c
+++ b/src/libsystemd/sd-bus/bus-kernel.c
@@ -580,42 +580,42 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) {
/* EUID/SUID/FSUID/EGID/SGID/FSGID might be missing too (see above). */
- if ((uid_t) d->creds.uid != (uid_t) -1) {
+ if ((uid_t) d->creds.uid != UID_INVALID) {
m->creds.uid = (uid_t) d->creds.uid;
m->creds.mask |= SD_BUS_CREDS_UID & bus->creds_mask;
}
- if ((uid_t) d->creds.euid != (uid_t) -1) {
+ if ((uid_t) d->creds.euid != UID_INVALID) {
m->creds.euid = (uid_t) d->creds.euid;
m->creds.mask |= SD_BUS_CREDS_EUID & bus->creds_mask;
}
- if ((uid_t) d->creds.suid != (uid_t) -1) {
+ if ((uid_t) d->creds.suid != UID_INVALID) {
m->creds.suid = (uid_t) d->creds.suid;
m->creds.mask |= SD_BUS_CREDS_SUID & bus->creds_mask;
}
- if ((uid_t) d->creds.fsuid != (uid_t) -1) {
+ if ((uid_t) d->creds.fsuid != UID_INVALID) {
m->creds.fsuid = (uid_t) d->creds.fsuid;
m->creds.mask |= SD_BUS_CREDS_FSUID & bus->creds_mask;
}
- if ((gid_t) d->creds.gid != (gid_t) -1) {
+ if ((gid_t) d->creds.gid != GID_INVALID) {
m->creds.gid = (gid_t) d->creds.gid;
m->creds.mask |= SD_BUS_CREDS_GID & bus->creds_mask;
}
- if ((gid_t) d->creds.egid != (gid_t) -1) {
+ if ((gid_t) d->creds.egid != GID_INVALID) {
m->creds.egid = (gid_t) d->creds.egid;
m->creds.mask |= SD_BUS_CREDS_EGID & bus->creds_mask;
}
- if ((gid_t) d->creds.sgid != (gid_t) -1) {
+ if ((gid_t) d->creds.sgid != GID_INVALID) {
m->creds.sgid = (gid_t) d->creds.sgid;
m->creds.mask |= SD_BUS_CREDS_SGID & bus->creds_mask;
}
- if ((gid_t) d->creds.fsgid != (gid_t) -1) {
+ if ((gid_t) d->creds.fsgid != GID_INVALID) {
m->creds.fsgid = (gid_t) d->creds.fsgid;
m->creds.mask |= SD_BUS_CREDS_FSGID & bus->creds_mask;
}
@@ -671,7 +671,7 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) {
m->creds.mask |= SD_BUS_CREDS_AUDIT_SESSION_ID & bus->creds_mask;
}
- if ((uid_t) d->audit.loginuid != (uid_t) -1) {
+ if ((uid_t) d->audit.loginuid != UID_INVALID) {
m->creds.audit_login_uid = (uid_t) d->audit.loginuid;
m->creds.mask |= SD_BUS_CREDS_AUDIT_LOGIN_UID & bus->creds_mask;
}
diff --git a/src/libsystemd/sd-bus/bus-message.c b/src/libsystemd/sd-bus/bus-message.c
index 05015a4157..2c85130d19 100644
--- a/src/libsystemd/sd-bus/bus-message.c
+++ b/src/libsystemd/sd-bus/bus-message.c
@@ -429,10 +429,10 @@ int bus_message_from_header(
if (m->creds.pid > 0)
m->creds.mask |= SD_BUS_CREDS_PID;
- if (m->creds.uid != (uid_t) -1)
+ if (m->creds.uid != UID_INVALID)
m->creds.mask |= SD_BUS_CREDS_UID;
- if (m->creds.gid != (gid_t) -1)
+ if (m->creds.gid != GID_INVALID)
m->creds.mask |= SD_BUS_CREDS_GID;
}
diff --git a/src/shared/cgroup-util.c b/src/shared/cgroup-util.c
index da8e885226..bc5030ebb2 100644
--- a/src/shared/cgroup-util.c
+++ b/src/shared/cgroup-util.c
@@ -682,7 +682,7 @@ int cg_set_group_access(
assert(path);
- if (mode != (mode_t) -1)
+ if (mode != MODE_INVALID)
mode &= 0777;
r = cg_get_path(controller, path, NULL, &fs);
@@ -704,10 +704,10 @@ int cg_set_task_access(
assert(path);
- if (mode == (mode_t) -1 && uid == (uid_t) -1 && gid == (gid_t) -1)
+ if (mode == MODE_INVALID && uid == UID_INVALID && gid == GID_INVALID)
return 0;
- if (mode != (mode_t) -1)
+ if (mode != MODE_INVALID)
mode &= 0666;
r = cg_get_path(controller, path, "cgroup.procs", &fs);
diff --git a/src/shared/macro.h b/src/shared/macro.h
index 6d4712c30d..9f5e4552b4 100644
--- a/src/shared/macro.h
+++ b/src/shared/macro.h
@@ -423,4 +423,8 @@ do { \
#endif
#endif
+#define UID_INVALID ((uid_t) -1)
+#define GID_INVALID ((gid_t) -1)
+#define MODE_INVALID ((mode_t) -1)
+
#include "log.h"
diff --git a/src/shared/mkdir.c b/src/shared/mkdir.c
index ef3f494cc8..beefd1052a 100644
--- a/src/shared/mkdir.c
+++ b/src/shared/mkdir.c
@@ -44,8 +44,8 @@ int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, mkd
if ((st.st_mode & 0007) > (mode & 0007) ||
(st.st_mode & 0070) > (mode & 0070) ||
(st.st_mode & 0700) > (mode & 0700) ||
- (uid != (uid_t) -1 && st.st_uid != uid) ||
- (gid != (gid_t) -1 && st.st_gid != gid) ||
+ (uid != UID_INVALID && st.st_uid != uid) ||
+ (gid != GID_INVALID && st.st_gid != gid) ||
!S_ISDIR(st.st_mode)) {
errno = EEXIST;
return -errno;
diff --git a/src/shared/uid-range.c b/src/shared/uid-range.c
index 74c3be4a13..4794ff45bb 100644
--- a/src/shared/uid-range.c
+++ b/src/shared/uid-range.c
@@ -161,7 +161,7 @@ int uid_range_add_str(UidRange **p, unsigned *n, const char *s) {
}
int uid_range_next_lower(const UidRange *p, unsigned n, uid_t *uid) {
- uid_t closest = (uid_t) -1, candidate;
+ uid_t closest = UID_INVALID, candidate;
unsigned i;
assert(p);
@@ -184,7 +184,7 @@ int uid_range_next_lower(const UidRange *p, unsigned n, uid_t *uid) {
closest = end;
}
- if (closest == (uid_t) -1)
+ if (closest == UID_INVALID)
return -EBUSY;
*uid = closest;
diff --git a/src/shared/util.c b/src/shared/util.c
index f8511ff4aa..4c380b8b90 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -354,7 +354,7 @@ int parse_uid(const char *s, uid_t* ret_uid) {
if ((unsigned long) uid != ul)
return -ERANGE;
- /* Some libc APIs use (uid_t) -1 as special placeholder */
+ /* Some libc APIs use UID_INVALID as special placeholder */
if (uid == (uid_t) 0xFFFFFFFF)
return -ENXIO;
@@ -3167,11 +3167,11 @@ int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid) {
* first change the access mode and only then hand out
* ownership to avoid a window where access is too open. */
- if (mode != (mode_t) -1)
+ if (mode != MODE_INVALID)
if (chmod(path, mode) < 0)
return -errno;
- if (uid != (uid_t) -1 || gid != (gid_t) -1)
+ if (uid != UID_INVALID || gid != GID_INVALID)
if (chown(path, uid, gid) < 0)
return -errno;
@@ -3185,11 +3185,11 @@ int fchmod_and_fchown(int fd, mode_t mode, uid_t uid, gid_t gid) {
* first change the access mode and only then hand out
* ownership to avoid a window where access is too open. */
- if (mode != (mode_t) -1)
+ if (mode != MODE_INVALID)
if (fchmod(fd, mode) < 0)
return -errno;
- if (uid != (uid_t) -1 || gid != (gid_t) -1)
+ if (uid != UID_INVALID || gid != GID_INVALID)
if (fchown(fd, uid, gid) < 0)
return -errno;
@@ -3680,7 +3680,7 @@ int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gi
return -errno;
}
- if (uid != (uid_t) -1 || gid != (gid_t) -1) {
+ if (uid != UID_INVALID || gid != GID_INVALID) {
r = fchown(fd, uid, gid);
if (r < 0)
return -errno;
@@ -3701,7 +3701,7 @@ int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gi
}
int touch(const char *path) {
- return touch_file(path, false, USEC_INFINITY, (uid_t) -1, (gid_t) -1, 0);
+ return touch_file(path, false, USEC_INFINITY, UID_INVALID, GID_INVALID, 0);
}
char *unquote(const char *s, const char* quotes) {
@@ -6547,9 +6547,9 @@ int getpeercred(int fd, struct ucred *ucred) {
* to namespacing issues */
if (u.pid <= 0)
return -ENODATA;
- if (u.uid == (uid_t) -1)
+ if (u.uid == UID_INVALID)
return -ENODATA;
- if (u.gid == (gid_t) -1)
+ if (u.gid == GID_INVALID)
return -ENODATA;
*ucred = u;
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
index 685bbefd8d..647eb577a6 100644
--- a/src/sysusers/sysusers.c
+++ b/src/sysusers/sysusers.c
@@ -76,7 +76,7 @@ static Hashmap *members = NULL;
static Hashmap *database_uid = NULL, *database_user = NULL;
static Hashmap *database_gid = NULL, *database_group = NULL;
-static uid_t search_uid = (uid_t) -1;
+static uid_t search_uid = UID_INVALID;
static UidRange *uid_range = NULL;
static unsigned n_uid_range = 0;
diff --git a/src/test/test-cgroup-util.c b/src/test/test-cgroup-util.c
index 68c526ae82..58eb744277 100644
--- a/src/test/test-cgroup-util.c
+++ b/src/test/test-cgroup-util.c
@@ -141,7 +141,7 @@ static void test_proc(void) {
FOREACH_DIRENT(de, d, break) {
_cleanup_free_ char *path = NULL, *path_shifted = NULL, *session = NULL, *unit = NULL, *user_unit = NULL, *machine = NULL, *slice = NULL;
pid_t pid;
- uid_t uid = (uid_t) -1;
+ uid_t uid = UID_INVALID;
if (de->d_type != DT_DIR &&
de->d_type != DT_UNKNOWN)
diff --git a/src/test/test-conf-files.c b/src/test/test-conf-files.c
index e801c5989e..945ada59a3 100644
--- a/src/test/test-conf-files.c
+++ b/src/test/test-conf-files.c
@@ -36,7 +36,7 @@ static void setup_test_dir(char *tmp_dir, const char *files, ...) {
va_start(ap, files);
while (files != NULL) {
_cleanup_free_ char *path = strappend(tmp_dir, files);
- assert_se(touch_file(path, true, (usec_t) -1, (uid_t) -1, (gid_t) -1, 0) == 0);
+ assert_se(touch_file(path, true, (usec_t) -1, UID_INVALID, GID_INVALID, 0) == 0);
files = va_arg(ap, const char *);
}
va_end(ap);
diff --git a/src/test/test-uid-range.c b/src/test/test-uid-range.c
index 06b4d43426..bc5baa2fcb 100644
--- a/src/test/test-uid-range.c
+++ b/src/test/test-uid-range.c
@@ -39,7 +39,7 @@ int main(int argc, char *argv[]) {
assert_se(uid_range_contains(p, n, 999));
assert_se(!uid_range_contains(p, n, 1000));
- search = (uid_t) -1;
+ search = UID_INVALID;
assert_se(uid_range_next_lower(p, n, &search));
assert_se(search == 999);
assert_se(uid_range_next_lower(p, n, &search));
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
index f19fa970cf..d60c57793b 100644
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -477,8 +477,8 @@ static int item_set_perms(Item *i, const char *path) {
if ((!st_valid || (i->uid != st.st_uid || i->gid != st.st_gid)) &&
(i->uid_set || i->gid_set))
if (chown(path,
- i->uid_set ? i->uid : (uid_t) -1,
- i->gid_set ? i->gid : (gid_t) -1) < 0) {
+ i->uid_set ? i->uid : UID_INVALID,
+ i->gid_set ? i->gid : GID_INVALID) < 0) {
log_error_errno(errno, "chown(%s) failed: %m", path);
return -errno;