summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/basic/audit.c1
-rw-r--r--src/basic/cgroup-util.c1
-rw-r--r--src/basic/process-util.c1
-rw-r--r--src/basic/user-util.c403
-rw-r--r--src/basic/user-util.h55
-rw-r--r--src/basic/util.c375
-rw-r--r--src/basic/util.h25
-rw-r--r--src/bus-proxyd/bus-proxyd.c1
-rw-r--r--src/bus-proxyd/bus-xml-policy.c3
-rw-r--r--src/bus-proxyd/stdio-bridge.c1
-rw-r--r--src/core/bus-policy.c5
-rw-r--r--src/core/execute.c1
-rw-r--r--src/core/main.c1
-rw-r--r--src/core/socket.c1
-rw-r--r--src/core/timer.c3
-rw-r--r--src/core/unit-printf.c3
-rw-r--r--src/core/unit.c3
-rw-r--r--src/journal/coredump-vacuum.c1
-rw-r--r--src/journal/coredump.c1
-rw-r--r--src/journal/coredumpctl.c1
-rw-r--r--src/journal/journalctl.c1
-rw-r--r--src/libsystemd/sd-bus/bus-socket.c1
-rw-r--r--src/libsystemd/sd-bus/busctl.c1
-rw-r--r--src/libsystemd/sd-login/sd-login.c1
-rw-r--r--src/libsystemd/sd-path/sd-path.c1
-rw-r--r--src/login/inhibit.c1
-rw-r--r--src/login/loginctl.c1
-rw-r--r--src/login/logind-action.c1
-rw-r--r--src/login/logind-core.c1
-rw-r--r--src/login/logind-dbus.c1
-rw-r--r--src/login/logind-inhibit.c1
-rw-r--r--src/login/logind-session.c1
-rw-r--r--src/login/logind-user-dbus.c7
-rw-r--r--src/login/logind-utmp.c14
-rw-r--r--src/machine/machined-dbus.c1
-rw-r--r--src/network/networkd-netdev-tuntap.c3
-rw-r--r--src/network/networkd.c4
-rw-r--r--src/nspawn/nspawn-setuid.c1
-rw-r--r--src/nspawn/nspawn.c1
-rw-r--r--src/nss-mymachines/nss-mymachines.c1
-rw-r--r--src/resolve/resolved.c11
-rw-r--r--src/run/run.c1
-rw-r--r--src/shared/acl-util.c3
-rw-r--r--src/shared/install-printf.c5
-rw-r--r--src/shared/uid-range.c3
-rw-r--r--src/shared/utmp-wtmp.c1
-rw-r--r--src/systemctl/systemctl.c1
-rw-r--r--src/sysusers/sysusers.c1
-rw-r--r--src/test/test-ipcrm.c3
-rw-r--r--src/test/test-util.c1
-rw-r--r--src/timesync/timesyncd.c1
-rw-r--r--src/tmpfiles/tmpfiles.c1
-rw-r--r--src/udev/udev-rules.c1
53 files changed, 537 insertions, 426 deletions
diff --git a/src/basic/audit.c b/src/basic/audit.c
index af43ec8097..c9b762151a 100644
--- a/src/basic/audit.c
+++ b/src/basic/audit.c
@@ -27,6 +27,7 @@
#include "fileio.h"
#include "macro.h"
#include "process-util.h"
+#include "user-util.h"
#include "util.h"
int audit_session_from_pid(pid_t pid, uint32_t *id) {
diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c
index 958497543a..4af991200c 100644
--- a/src/basic/cgroup-util.c
+++ b/src/basic/cgroup-util.c
@@ -43,6 +43,7 @@
#include "special.h"
#include "string-util.h"
#include "unit-name.h"
+#include "user-util.h"
#include "util.h"
int cg_enumerate_processes(const char *controller, const char *path, FILE **_f) {
diff --git a/src/basic/process-util.c b/src/basic/process-util.c
index 949bd1f64d..65c93792fb 100644
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
@@ -35,6 +35,7 @@
#include "process-util.h"
#include "signal-util.h"
#include "string-util.h"
+#include "user-util.h"
#include "util.h"
int get_process_state(pid_t pid) {
diff --git a/src/basic/user-util.c b/src/basic/user-util.c
new file mode 100644
index 0000000000..637391f4a7
--- /dev/null
+++ b/src/basic/user-util.c
@@ -0,0 +1,403 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+ This file is part of systemd.
+
+ Copyright 2010 Lennart Poettering
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <pwd.h>
+#include <grp.h>
+
+#include "user-util.h"
+#include "macro.h"
+#include "util.h"
+#include "string-util.h"
+#include "path-util.h"
+
+bool uid_is_valid(uid_t uid) {
+
+ /* Some libc APIs use UID_INVALID as special placeholder */
+ if (uid == (uid_t) 0xFFFFFFFF)
+ return false;
+
+ /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
+ if (uid == (uid_t) 0xFFFF)
+ return false;
+
+ return true;
+}
+
+int parse_uid(const char *s, uid_t* ret_uid) {
+ unsigned long ul = 0;
+ uid_t uid;
+ int r;
+
+ assert(s);
+
+ r = safe_atolu(s, &ul);
+ if (r < 0)
+ return r;
+
+ uid = (uid_t) ul;
+
+ if ((unsigned long) uid != ul)
+ return -ERANGE;
+
+ if (!uid_is_valid(uid))
+ return -ENXIO; /* we return ENXIO instead of EINVAL
+ * here, to make it easy to distuingish
+ * invalid numeric uids invalid
+ * strings. */
+
+ if (ret_uid)
+ *ret_uid = uid;
+
+ return 0;
+}
+
+char *lookup_uid(uid_t uid) {
+ long bufsize;
+ char *name;
+ _cleanup_free_ char *buf = NULL;
+ struct passwd pwbuf, *pw = NULL;
+
+ /* Shortcut things to avoid NSS lookups */
+ if (uid == 0)
+ return strdup("root");
+
+ bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
+ if (bufsize <= 0)
+ bufsize = 4096;
+
+ buf = malloc(bufsize);
+ if (!buf)
+ return NULL;
+
+ if (getpwuid_r(uid, &pwbuf, buf, bufsize, &pw) == 0 && pw)
+ return strdup(pw->pw_name);
+
+ if (asprintf(&name, UID_FMT, uid) < 0)
+ return NULL;
+
+ return name;
+}
+
+char* getlogname_malloc(void) {
+ uid_t uid;
+ struct stat st;
+
+ if (isatty(STDIN_FILENO) && fstat(STDIN_FILENO, &st) >= 0)
+ uid = st.st_uid;
+ else
+ uid = getuid();
+
+ return lookup_uid(uid);
+}
+
+char *getusername_malloc(void) {
+ const char *e;
+
+ e = getenv("USER");
+ if (e)
+ return strdup(e);
+
+ return lookup_uid(getuid());
+}
+
+int get_user_creds(
+ const char **username,
+ uid_t *uid, gid_t *gid,
+ const char **home,
+ const char **shell) {
+
+ struct passwd *p;
+ uid_t u;
+
+ assert(username);
+ assert(*username);
+
+ /* We enforce some special rules for uid=0: in order to avoid
+ * NSS lookups for root we hardcode its data. */
+
+ if (streq(*username, "root") || streq(*username, "0")) {
+ *username = "root";
+
+ if (uid)
+ *uid = 0;
+
+ if (gid)
+ *gid = 0;
+
+ if (home)
+ *home = "/root";
+
+ if (shell)
+ *shell = "/bin/sh";
+
+ return 0;
+ }
+
+ if (parse_uid(*username, &u) >= 0) {
+ errno = 0;
+ p = getpwuid(u);
+
+ /* If there are multiple users with the same id, make
+ * sure to leave $USER to the configured value instead
+ * of the first occurrence in the database. However if
+ * the uid was configured by a numeric uid, then let's
+ * pick the real username from /etc/passwd. */
+ if (p)
+ *username = p->pw_name;
+ } else {
+ errno = 0;
+ p = getpwnam(*username);
+ }
+
+ if (!p)
+ return errno > 0 ? -errno : -ESRCH;
+
+ if (uid)
+ *uid = p->pw_uid;
+
+ if (gid)
+ *gid = p->pw_gid;
+
+ if (home)
+ *home = p->pw_dir;
+
+ if (shell)
+ *shell = p->pw_shell;
+
+ return 0;
+}
+
+int get_group_creds(const char **groupname, gid_t *gid) {
+ struct group *g;
+ gid_t id;
+
+ assert(groupname);
+
+ /* We enforce some special rules for gid=0: in order to avoid
+ * NSS lookups for root we hardcode its data. */
+
+ if (streq(*groupname, "root") || streq(*groupname, "0")) {
+ *groupname = "root";
+
+ if (gid)
+ *gid = 0;
+
+ return 0;
+ }
+
+ if (parse_gid(*groupname, &id) >= 0) {
+ errno = 0;
+ g = getgrgid(id);
+
+ if (g)
+ *groupname = g->gr_name;
+ } else {
+ errno = 0;
+ g = getgrnam(*groupname);
+ }
+
+ if (!g)
+ return errno > 0 ? -errno : -ESRCH;
+
+ if (gid)
+ *gid = g->gr_gid;
+
+ return 0;
+}
+
+char* uid_to_name(uid_t uid) {
+ struct passwd *p;
+ char *r;
+
+ if (uid == 0)
+ return strdup("root");
+
+ p = getpwuid(uid);
+ if (p)
+ return strdup(p->pw_name);
+
+ if (asprintf(&r, UID_FMT, uid) < 0)
+ return NULL;
+
+ return r;
+}
+
+char* gid_to_name(gid_t gid) {
+ struct group *p;
+ char *r;
+
+ if (gid == 0)
+ return strdup("root");
+
+ p = getgrgid(gid);
+ if (p)
+ return strdup(p->gr_name);
+
+ if (asprintf(&r, GID_FMT, gid) < 0)
+ return NULL;
+
+ return r;
+}
+
+int in_gid(gid_t gid) {
+ gid_t *gids;
+ int ngroups_max, r, i;
+
+ if (getgid() == gid)
+ return 1;
+
+ if (getegid() == gid)
+ return 1;
+
+ ngroups_max = sysconf(_SC_NGROUPS_MAX);
+ assert(ngroups_max > 0);
+
+ gids = alloca(sizeof(gid_t) * ngroups_max);
+
+ r = getgroups(ngroups_max, gids);
+ if (r < 0)
+ return -errno;
+
+ for (i = 0; i < r; i++)
+ if (gids[i] == gid)
+ return 1;
+
+ return 0;
+}
+
+int in_group(const char *name) {
+ int r;
+ gid_t gid;
+
+ r = get_group_creds(&name, &gid);
+ if (r < 0)
+ return r;
+
+ return in_gid(gid);
+}
+
+int get_home_dir(char **_h) {
+ struct passwd *p;
+ const char *e;
+ char *h;
+ uid_t u;
+
+ assert(_h);
+
+ /* Take the user specified one */
+ e = secure_getenv("HOME");
+ if (e && path_is_absolute(e)) {
+ h = strdup(e);
+ if (!h)
+ return -ENOMEM;
+
+ *_h = h;
+ return 0;
+ }
+
+ /* Hardcode home directory for root to avoid NSS */
+ u = getuid();
+ if (u == 0) {
+ h = strdup("/root");
+ if (!h)
+ return -ENOMEM;
+
+ *_h = h;
+ return 0;
+ }
+
+ /* Check the database... */
+ errno = 0;
+ p = getpwuid(u);
+ if (!p)
+ return errno > 0 ? -errno : -ESRCH;
+
+ if (!path_is_absolute(p->pw_dir))
+ return -EINVAL;
+
+ h = strdup(p->pw_dir);
+ if (!h)
+ return -ENOMEM;
+
+ *_h = h;
+ return 0;
+}
+
+int get_shell(char **_s) {
+ struct passwd *p;
+ const char *e;
+ char *s;
+ uid_t u;
+
+ assert(_s);
+
+ /* Take the user specified one */
+ e = getenv("SHELL");
+ if (e) {
+ s = strdup(e);
+ if (!s)
+ return -ENOMEM;
+
+ *_s = s;
+ return 0;
+ }
+
+ /* Hardcode home directory for root to avoid NSS */
+ u = getuid();
+ if (u == 0) {
+ s = strdup("/bin/sh");
+ if (!s)
+ return -ENOMEM;
+
+ *_s = s;
+ return 0;
+ }
+
+ /* Check the database... */
+ errno = 0;
+ p = getpwuid(u);
+ if (!p)
+ return errno > 0 ? -errno : -ESRCH;
+
+ if (!path_is_absolute(p->pw_shell))
+ return -EINVAL;
+
+ s = strdup(p->pw_shell);
+ if (!s)
+ return -ENOMEM;
+
+ *_s = s;
+ return 0;
+}
+
+int reset_uid_gid(void) {
+
+ if (setgroups(0, NULL) < 0)
+ return -errno;
+
+ if (setresgid(0, 0, 0) < 0)
+ return -errno;
+
+ if (setresuid(0, 0, 0) < 0)
+ return -errno;
+
+ return 0;
+}
diff --git a/src/basic/user-util.h b/src/basic/user-util.h
new file mode 100644
index 0000000000..9263ede741
--- /dev/null
+++ b/src/basic/user-util.h
@@ -0,0 +1,55 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+#pragma once
+
+/***
+ This file is part of systemd.
+
+ Copyright 2010 Lennart Poettering
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <sys/types.h>
+#include <stdbool.h>
+
+bool uid_is_valid(uid_t uid);
+
+static inline bool gid_is_valid(gid_t gid) {
+ return uid_is_valid((uid_t) gid);
+}
+
+int parse_uid(const char *s, uid_t* ret_uid);
+
+static inline int parse_gid(const char *s, gid_t *ret_gid) {
+ return parse_uid(s, (uid_t*) ret_gid);
+}
+
+char* lookup_uid(uid_t uid);
+char* getlogname_malloc(void);
+char* getusername_malloc(void);
+
+int get_user_creds(const char **username, uid_t *uid, gid_t *gid, const char **home, const char **shell);
+int get_group_creds(const char **groupname, gid_t *gid);
+
+char* uid_to_name(uid_t uid);
+char* gid_to_name(gid_t gid);
+
+int in_gid(gid_t gid);
+int in_group(const char *name);
+
+int get_home_dir(char **ret);
+int get_shell(char **_ret);
+
+int reset_uid_gid(void);
diff --git a/src/basic/util.c b/src/basic/util.c
index c02dfc5bc9..010261b37d 100644
--- a/src/basic/util.c
+++ b/src/basic/util.c
@@ -98,6 +98,7 @@
#include "string-util.h"
#include "strv.h"
#include "terminal-util.h"
+#include "user-util.h"
#include "utf8.h"
#include "util.h"
#include "virt.h"
@@ -168,47 +169,6 @@ int parse_pid(const char *s, pid_t* ret_pid) {
return 0;
}
-bool uid_is_valid(uid_t uid) {
-
- /* Some libc APIs use UID_INVALID as special placeholder */
- if (uid == (uid_t) 0xFFFFFFFF)
- return false;
-
- /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
- if (uid == (uid_t) 0xFFFF)
- return false;
-
- return true;
-}
-
-int parse_uid(const char *s, uid_t* ret_uid) {
- unsigned long ul = 0;
- uid_t uid;
- int r;
-
- assert(s);
-
- r = safe_atolu(s, &ul);
- if (r < 0)
- return r;
-
- uid = (uid_t) ul;
-
- if ((unsigned long) uid != ul)
- return -ERANGE;
-
- if (!uid_is_valid(uid))
- return -ENXIO; /* we return ENXIO instead of EINVAL
- * here, to make it easy to distuingish
- * invalid numeric uids invalid
- * strings. */
-
- if (ret_uid)
- *ret_uid = uid;
-
- return 0;
-}
-
int safe_atou(const char *s, unsigned *ret_u) {
char *x = NULL;
unsigned long l;
@@ -1437,55 +1397,6 @@ void rename_process(const char name[8]) {
}
}
-char *lookup_uid(uid_t uid) {
- long bufsize;
- char *name;
- _cleanup_free_ char *buf = NULL;
- struct passwd pwbuf, *pw = NULL;
-
- /* Shortcut things to avoid NSS lookups */
- if (uid == 0)
- return strdup("root");
-
- bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
- if (bufsize <= 0)
- bufsize = 4096;
-
- buf = malloc(bufsize);
- if (!buf)
- return NULL;
-
- if (getpwuid_r(uid, &pwbuf, buf, bufsize, &pw) == 0 && pw)
- return strdup(pw->pw_name);
-
- if (asprintf(&name, UID_FMT, uid) < 0)
- return NULL;
-
- return name;
-}
-
-char* getlogname_malloc(void) {
- uid_t uid;
- struct stat st;
-
- if (isatty(STDIN_FILENO) && fstat(STDIN_FILENO, &st) >= 0)
- uid = st.st_uid;
- else
- uid = getuid();
-
- return lookup_uid(uid);
-}
-
-char *getusername_malloc(void) {
- const char *e;
-
- e = getenv("USER");
- if (e)
- return strdup(e);
-
- return lookup_uid(getuid());
-}
-
bool is_fs_type(const struct statfs *s, statfs_f_type_t magic_value) {
assert(s);
assert_cc(sizeof(statfs_f_type_t) >= sizeof(s->f_type));
@@ -2074,182 +1985,6 @@ int socket_from_display(const char *display, char **path) {
return 0;
}
-int get_user_creds(
- const char **username,
- uid_t *uid, gid_t *gid,
- const char **home,
- const char **shell) {
-
- struct passwd *p;
- uid_t u;
-
- assert(username);
- assert(*username);
-
- /* We enforce some special rules for uid=0: in order to avoid
- * NSS lookups for root we hardcode its data. */
-
- if (streq(*username, "root") || streq(*username, "0")) {
- *username = "root";
-
- if (uid)
- *uid = 0;
-
- if (gid)
- *gid = 0;
-
- if (home)
- *home = "/root";
-
- if (shell)
- *shell = "/bin/sh";
-
- return 0;
- }
-
- if (parse_uid(*username, &u) >= 0) {
- errno = 0;
- p = getpwuid(u);
-
- /* If there are multiple users with the same id, make
- * sure to leave $USER to the configured value instead
- * of the first occurrence in the database. However if
- * the uid was configured by a numeric uid, then let's
- * pick the real username from /etc/passwd. */
- if (p)
- *username = p->pw_name;
- } else {
- errno = 0;
- p = getpwnam(*username);
- }
-
- if (!p)
- return errno > 0 ? -errno : -ESRCH;
-
- if (uid)
- *uid = p->pw_uid;
-
- if (gid)
- *gid = p->pw_gid;
-
- if (home)
- *home = p->pw_dir;
-
- if (shell)
- *shell = p->pw_shell;
-
- return 0;
-}
-
-char* uid_to_name(uid_t uid) {
- struct passwd *p;
- char *r;
-
- if (uid == 0)
- return strdup("root");
-
- p = getpwuid(uid);
- if (p)
- return strdup(p->pw_name);
-
- if (asprintf(&r, UID_FMT, uid) < 0)
- return NULL;
-
- return r;
-}
-
-char* gid_to_name(gid_t gid) {
- struct group *p;
- char *r;
-
- if (gid == 0)
- return strdup("root");
-
- p = getgrgid(gid);
- if (p)
- return strdup(p->gr_name);
-
- if (asprintf(&r, GID_FMT, gid) < 0)
- return NULL;
-
- return r;
-}
-
-int get_group_creds(const char **groupname, gid_t *gid) {
- struct group *g;
- gid_t id;
-
- assert(groupname);
-
- /* We enforce some special rules for gid=0: in order to avoid
- * NSS lookups for root we hardcode its data. */
-
- if (streq(*groupname, "root") || streq(*groupname, "0")) {
- *groupname = "root";
-
- if (gid)
- *gid = 0;
-
- return 0;
- }
-
- if (parse_gid(*groupname, &id) >= 0) {
- errno = 0;
- g = getgrgid(id);
-
- if (g)
- *groupname = g->gr_name;
- } else {
- errno = 0;
- g = getgrnam(*groupname);
- }
-
- if (!g)
- return errno > 0 ? -errno : -ESRCH;
-
- if (gid)
- *gid = g->gr_gid;
-
- return 0;
-}
-
-int in_gid(gid_t gid) {
- gid_t *gids;
- int ngroups_max, r, i;
-
- if (getgid() == gid)
- return 1;
-
- if (getegid() == gid)
- return 1;
-
- ngroups_max = sysconf(_SC_NGROUPS_MAX);
- assert(ngroups_max > 0);
-
- gids = alloca(sizeof(gid_t) * ngroups_max);
-
- r = getgroups(ngroups_max, gids);
- if (r < 0)
- return -errno;
-
- for (i = 0; i < r; i++)
- if (gids[i] == gid)
- return 1;
-
- return 0;
-}
-
-int in_group(const char *name) {
- int r;
- gid_t gid;
-
- r = get_group_creds(&name, &gid);
- if (r < 0)
- return r;
-
- return in_gid(gid);
-}
-
int glob_exists(const char *path) {
_cleanup_globfree_ glob_t g = {};
int k;
@@ -2864,100 +2599,6 @@ bool in_initrd(void) {
return saved;
}
-int get_home_dir(char **_h) {
- struct passwd *p;
- const char *e;
- char *h;
- uid_t u;
-
- assert(_h);
-
- /* Take the user specified one */
- e = secure_getenv("HOME");
- if (e && path_is_absolute(e)) {
- h = strdup(e);
- if (!h)
- return -ENOMEM;
-
- *_h = h;
- return 0;
- }
-
- /* Hardcode home directory for root to avoid NSS */
- u = getuid();
- if (u == 0) {
- h = strdup("/root");
- if (!h)
- return -ENOMEM;
-
- *_h = h;
- return 0;
- }
-
- /* Check the database... */
- errno = 0;
- p = getpwuid(u);
- if (!p)
- return errno > 0 ? -errno : -ESRCH;
-
- if (!path_is_absolute(p->pw_dir))
- return -EINVAL;
-
- h = strdup(p->pw_dir);
- if (!h)
- return -ENOMEM;
-
- *_h = h;
- return 0;
-}
-
-int get_shell(char **_s) {
- struct passwd *p;
- const char *e;
- char *s;
- uid_t u;
-
- assert(_s);
-
- /* Take the user specified one */
- e = getenv("SHELL");
- if (e) {
- s = strdup(e);
- if (!s)
- return -ENOMEM;
-
- *_s = s;
- return 0;
- }
-
- /* Hardcode home directory for root to avoid NSS */
- u = getuid();
- if (u == 0) {
- s = strdup("/bin/sh");
- if (!s)
- return -ENOMEM;
-
- *_s = s;
- return 0;
- }
-
- /* Check the database... */
- errno = 0;
- p = getpwuid(u);
- if (!p)
- return errno > 0 ? -errno : -ESRCH;
-
- if (!path_is_absolute(p->pw_shell))
- return -EINVAL;
-
- s = strdup(p->pw_shell);
- if (!s)
- return -ENOMEM;
-
- *_s = s;
- return 0;
-}
-
bool filename_is_valid(const char *p) {
if (isempty(p))
@@ -4631,20 +4272,6 @@ int mount_move_root(const char *path) {
return 0;
}
-int reset_uid_gid(void) {
-
- if (setgroups(0, NULL) < 0)
- return -errno;
-
- if (setresgid(0, 0, 0) < 0)
- return -errno;
-
- if (setresuid(0, 0, 0) < 0)
- return -errno;
-
- return 0;
-}
-
int getxattr_malloc(const char *path, const char *name, char **value, bool allow_symlink) {
char *v;
size_t l;
diff --git a/src/basic/util.h b/src/basic/util.h
index 1a56257cce..7d6412523c 100644
--- a/src/basic/util.h
+++ b/src/basic/util.h
@@ -91,14 +91,7 @@ int parse_size(const char *t, uint64_t base, uint64_t *size);
int parse_boolean(const char *v) _pure_;
int parse_pid(const char *s, pid_t* ret_pid);
-int parse_uid(const char *s, uid_t* ret_uid);
-#define parse_gid(s, ret_gid) parse_uid(s, ret_gid)
-bool uid_is_valid(uid_t uid);
-
-static inline bool gid_is_valid(gid_t gid) {
- return uid_is_valid((uid_t) gid);
-}
int safe_atou(const char *s, unsigned *ret_u);
int safe_atoi(const char *s, int *ret_i);
@@ -252,10 +245,6 @@ static inline int dir_is_populated(const char *path) {
return !r;
}
-char* lookup_uid(uid_t uid);
-char* getlogname_malloc(void);
-char* getusername_malloc(void);
-
int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid);
int fchmod_and_fchown(int fd, mode_t mode, uid_t uid, gid_t gid);
@@ -304,15 +293,6 @@ int fchmod_umask(int fd, mode_t mode);
bool display_is_local(const char *display) _pure_;
int socket_from_display(const char *display, char **path);
-int get_user_creds(const char **username, uid_t *uid, gid_t *gid, const char **home, const char **shell);
-int get_group_creds(const char **groupname, gid_t *gid);
-
-int in_gid(gid_t gid);
-int in_group(const char *name);
-
-char* uid_to_name(uid_t uid);
-char* gid_to_name(gid_t gid);
-
int glob_exists(const char *path);
int glob_extend(char ***strv, const char *path);
@@ -378,9 +358,6 @@ bool http_etag_is_valid(const char *etag);
bool in_initrd(void);
-int get_home_dir(char **ret);
-int get_shell(char **_ret);
-
static inline void freep(void *p) {
free(*(void**) p);
}
@@ -720,8 +697,6 @@ int parse_mode(const char *s, mode_t *ret);
int mount_move_root(const char *path);
-int reset_uid_gid(void);
-
int getxattr_malloc(const char *path, const char *name, char **value, bool allow_symlink);
int fgetxattr_malloc(int fd, const char *name, char **value);
diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c
index 1bbf984a2e..7e7574568c 100644
--- a/src/bus-proxyd/bus-proxyd.c
+++ b/src/bus-proxyd/bus-proxyd.c
@@ -43,6 +43,7 @@
#include "proxy.h"
#include "string-util.h"
#include "strv.h"
+#include "user-util.h"
#include "util.h"
static char *arg_address = NULL;
diff --git a/src/bus-proxyd/bus-xml-policy.c b/src/bus-proxyd/bus-xml-policy.c
index c5a1e09cf8..56dcfeab62 100644
--- a/src/bus-proxyd/bus-xml-policy.c
+++ b/src/bus-proxyd/bus-xml-policy.c
@@ -22,14 +22,15 @@
#include "sd-login.h"
#include "bus-internal.h"
+#include "bus-xml-policy.h"
#include "conf-files.h"
#include "fileio.h"
#include "formats-util.h"
#include "set.h"
#include "string-util.h"
#include "strv.h"
+#include "user-util.h"
#include "xml.h"
-#include "bus-xml-policy.h"
static void policy_item_free(PolicyItem *i) {
assert(i);
diff --git a/src/bus-proxyd/stdio-bridge.c b/src/bus-proxyd/stdio-bridge.c
index 168fc9ead0..a009ea76c4 100644
--- a/src/bus-proxyd/stdio-bridge.c
+++ b/src/bus-proxyd/stdio-bridge.c
@@ -37,6 +37,7 @@
#include "log.h"
#include "proxy.h"
#include "strv.h"
+#include "user-util.h"
#include "util.h"
static char *arg_address = NULL;
diff --git a/src/core/bus-policy.c b/src/core/bus-policy.c
index a6a8fcd4d3..2490903a8c 100644
--- a/src/core/bus-policy.c
+++ b/src/core/bus-policy.c
@@ -19,10 +19,11 @@
#include <stdlib.h>
-#include "kdbus.h"
-#include "util.h"
#include "bus-kernel.h"
#include "bus-policy.h"
+#include "kdbus.h"
+#include "user-util.h"
+#include "util.h"
int bus_kernel_translate_access(BusPolicyAccess access) {
assert(access >= 0);
diff --git a/src/core/execute.c b/src/core/execute.c
index 55da8ba4b7..3f2607ff1a 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -90,6 +90,7 @@
#include "strv.h"
#include "terminal-util.h"
#include "unit.h"
+#include "user-util.h"
#include "util.h"
#include "utmp-wtmp.h"
diff --git a/src/core/main.c b/src/core/main.c
index 68ec730406..b0ca6fa10e 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -76,6 +76,7 @@
#include "strv.h"
#include "switch-root.h"
#include "terminal-util.h"
+#include "user-util.h"
#include "virt.h"
#include "watchdog.h"
diff --git a/src/core/socket.c b/src/core/socket.c
index e2085dac1c..7f401025ed 100644
--- a/src/core/socket.c
+++ b/src/core/socket.c
@@ -54,6 +54,7 @@
#include "unit-name.h"
#include "unit-printf.h"
#include "unit.h"
+#include "user-util.h"
static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
[SOCKET_DEAD] = UNIT_INACTIVE,
diff --git a/src/core/timer.c b/src/core/timer.c
index 4548a4fa52..908d45ac73 100644
--- a/src/core/timer.c
+++ b/src/core/timer.c
@@ -26,9 +26,10 @@
#include "dbus-timer.h"
#include "special.h"
#include "string-util.h"
+#include "timer.h"
#include "unit-name.h"
#include "unit.h"
-#include "timer.h"
+#include "user-util.h"
static const UnitActiveState state_translation_table[_TIMER_STATE_MAX] = {
[TIMER_DEAD] = UNIT_INACTIVE,
diff --git a/src/core/unit-printf.c b/src/core/unit-printf.c
index 5b62f2d65c..4a5c7efdb0 100644
--- a/src/core/unit-printf.c
+++ b/src/core/unit-printf.c
@@ -26,8 +26,9 @@
#include "string-util.h"
#include "strv.h"
#include "unit-name.h"
-#include "unit.h"
#include "unit-printf.h"
+#include "unit.h"
+#include "user-util.h"
static int specifier_prefix_and_instance(char specifier, void *data, void *userdata, char **ret) {
Unit *u = userdata;
diff --git a/src/core/unit.c b/src/core/unit.c
index a054cc79b0..572b1c1b78 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -51,8 +51,9 @@
#include "string-util.h"
#include "strv.h"
#include "unit-name.h"
-#include "virt.h"
#include "unit.h"
+#include "user-util.h"
+#include "virt.h"
const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
[UNIT_SERVICE] = &service_vtable,
diff --git a/src/journal/coredump-vacuum.c b/src/journal/coredump-vacuum.c
index 92259fd5ef..bad6ea4242 100644
--- a/src/journal/coredump-vacuum.c
+++ b/src/journal/coredump-vacuum.c
@@ -27,6 +27,7 @@
#include "macro.h"
#include "string-util.h"
#include "time-util.h"
+#include "user-util.h"
#include "util.h"
#define DEFAULT_MAX_USE_LOWER (uint64_t) (1ULL*1024ULL*1024ULL) /* 1 MiB */
diff --git a/src/journal/coredump.c b/src/journal/coredump.c
index 3b87eb5355..7336db219b 100644
--- a/src/journal/coredump.c
+++ b/src/journal/coredump.c
@@ -52,6 +52,7 @@
#include "stacktrace.h"
#include "string-util.h"
#include "strv.h"
+#include "user-util.h"
#include "util.h"
/* The maximum size up to which we process coredumps */
diff --git a/src/journal/coredumpctl.c b/src/journal/coredumpctl.c
index a497a4781b..f891ddffc6 100644
--- a/src/journal/coredumpctl.c
+++ b/src/journal/coredumpctl.c
@@ -42,6 +42,7 @@
#include "string-util.h"
#include "terminal-util.h"
#include "util.h"
+#include "user-util.h"
static enum {
ACTION_NONE,
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index dee25841e1..6e452a4d51 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -62,6 +62,7 @@
#include "strv.h"
#include "terminal-util.h"
#include "unit-name.h"
+#include "user-util.h"
#define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c
index 3273d9b0c2..42d7f80461 100644
--- a/src/libsystemd/sd-bus/bus-socket.c
+++ b/src/libsystemd/sd-bus/bus-socket.c
@@ -36,6 +36,7 @@
#include "missing.h"
#include "signal-util.h"
#include "string-util.h"
+#include "user-util.h"
#include "utf8.h"
#include "util.h"
diff --git a/src/libsystemd/sd-bus/busctl.c b/src/libsystemd/sd-bus/busctl.c
index b55e81ce97..d3e846db84 100644
--- a/src/libsystemd/sd-bus/busctl.c
+++ b/src/libsystemd/sd-bus/busctl.c
@@ -37,6 +37,7 @@
#include "set.h"
#include "strv.h"
#include "terminal-util.h"
+#include "user-util.h"
#include "util.h"
static bool arg_no_pager = false;
diff --git a/src/libsystemd/sd-login/sd-login.c b/src/libsystemd/sd-login/sd-login.c
index e1f480d058..6012004a0b 100644
--- a/src/libsystemd/sd-login/sd-login.c
+++ b/src/libsystemd/sd-login/sd-login.c
@@ -38,6 +38,7 @@
#include "macro.h"
#include "string-util.h"
#include "strv.h"
+#include "user-util.h"
#include "util.h"
/* Error codes:
diff --git a/src/libsystemd/sd-path/sd-path.c b/src/libsystemd/sd-path/sd-path.c
index 2467c126ae..8e3eeb15d8 100644
--- a/src/libsystemd/sd-path/sd-path.c
+++ b/src/libsystemd/sd-path/sd-path.c
@@ -25,6 +25,7 @@
#include "path-util.h"
#include "string-util.h"
#include "strv.h"
+#include "user-util.h"
#include "util.h"
static int from_environment(const char *envname, const char *fallback, const char **ret) {
diff --git a/src/login/inhibit.c b/src/login/inhibit.c
index 5ff0957aed..f79f89af7e 100644
--- a/src/login/inhibit.c
+++ b/src/login/inhibit.c
@@ -34,6 +34,7 @@
#include "process-util.h"
#include "signal-util.h"
#include "strv.h"
+#include "user-util.h"
#include "util.h"
static const char* arg_what = "idle:sleep:shutdown";
diff --git a/src/login/loginctl.c b/src/login/loginctl.c
index bfc8716009..1cd186dec3 100644
--- a/src/login/loginctl.c
+++ b/src/login/loginctl.c
@@ -42,6 +42,7 @@
#include "sysfs-show.h"
#include "terminal-util.h"
#include "unit-name.h"
+#include "user-util.h"
#include "util.h"
#include "verbs.h"
diff --git a/src/login/logind-action.c b/src/login/logind-action.c
index a44e369149..f06f8edc07 100644
--- a/src/login/logind-action.c
+++ b/src/login/logind-action.c
@@ -30,6 +30,7 @@
#include "formats-util.h"
#include "process-util.h"
#include "terminal-util.h"
+#include "user-util.h"
int manager_handle_action(
Manager *m,
diff --git a/src/login/logind-core.c b/src/login/logind-core.c
index 3b6e982e9f..c2541e490b 100644
--- a/src/login/logind-core.c
+++ b/src/login/logind-core.c
@@ -33,6 +33,7 @@
#include "strv.h"
#include "terminal-util.h"
#include "udev-util.h"
+#include "user-util.h"
int manager_add_device(Manager *m, const char *sysfs, bool master, Device **_device) {
Device *d;
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
index 1677785467..6da1398b7d 100644
--- a/src/login/logind-dbus.c
+++ b/src/login/logind-dbus.c
@@ -46,6 +46,7 @@
#include "terminal-util.h"
#include "udev-util.h"
#include "unit-name.h"
+#include "user-util.h"
#include "utmp-wtmp.h"
int manager_get_session_from_creds(Manager *m, sd_bus_message *message, const char *name, sd_bus_error *error, Session **ret) {
diff --git a/src/login/logind-inhibit.c b/src/login/logind-inhibit.c
index ec34535f83..c4b74eb734 100644
--- a/src/login/logind-inhibit.c
+++ b/src/login/logind-inhibit.c
@@ -31,6 +31,7 @@
#include "logind-inhibit.h"
#include "mkdir.h"
#include "string-util.h"
+#include "user-util.h"
#include "util.h"
Inhibitor* inhibitor_new(Manager *m, const char* id) {
diff --git a/src/login/logind-session.c b/src/login/logind-session.c
index 10f1cfef81..714b1cb299 100644
--- a/src/login/logind-session.c
+++ b/src/login/logind-session.c
@@ -43,6 +43,7 @@
#include "mkdir.h"
#include "path-util.h"
#include "terminal-util.h"
+#include "user-util.h"
#include "util.h"
#define RELEASE_USEC (20*USEC_PER_SEC)
diff --git a/src/login/logind-user-dbus.c b/src/login/logind-user-dbus.c
index 20ea2fbdc4..5975b579e9 100644
--- a/src/login/logind-user-dbus.c
+++ b/src/login/logind-user-dbus.c
@@ -22,11 +22,12 @@
#include <errno.h>
#include <string.h>
-#include "strv.h"
#include "bus-util.h"
-#include "logind.h"
-#include "logind-user.h"
#include "formats-util.h"
+#include "logind-user.h"
+#include "logind.h"
+#include "strv.h"
+#include "user-util.h"
static int property_get_display(
sd_bus *bus,
diff --git a/src/login/logind-utmp.c b/src/login/logind-utmp.c
index 1e13ff01de..80e461f2dc 100644
--- a/src/login/logind-utmp.c
+++ b/src/login/logind-utmp.c
@@ -25,15 +25,17 @@
#include <pwd.h>
#include "sd-messages.h"
-#include "strv.h"
-#include "special.h"
-#include "unit-name.h"
+
#include "audit.h"
-#include "bus-util.h"
-#include "bus-error.h"
#include "bus-common-errors.h"
-#include "logind.h"
+#include "bus-error.h"
+#include "bus-util.h"
#include "formats-util.h"
+#include "logind.h"
+#include "special.h"
+#include "strv.h"
+#include "unit-name.h"
+#include "user-util.h"
#include "utmp-wtmp.h"
_const_ static usec_t when_wall(usec_t n, usec_t elapse) {
diff --git a/src/machine/machined-dbus.c b/src/machine/machined-dbus.c
index b5ce6cdca2..3c91fa8644 100644
--- a/src/machine/machined-dbus.c
+++ b/src/machine/machined-dbus.c
@@ -41,6 +41,7 @@
#include "process-util.h"
#include "strv.h"
#include "unit-name.h"
+#include "user-util.h"
static int property_get_pool_path(
sd_bus *bus,
diff --git a/src/network/networkd-netdev-tuntap.c b/src/network/networkd-netdev-tuntap.c
index 3096c4f72a..d04bb9bd9f 100644
--- a/src/network/networkd-netdev-tuntap.c
+++ b/src/network/networkd-netdev-tuntap.c
@@ -23,8 +23,9 @@
#include <net/if.h>
#include <linux/if_tun.h>
-#include "networkd-netdev-tuntap.h"
#include "fd-util.h"
+#include "networkd-netdev-tuntap.h"
+#include "user-util.h"
#define TUN_DEV "/dev/net/tun"
diff --git a/src/network/networkd.c b/src/network/networkd.c
index e6259043fa..1a17847715 100644
--- a/src/network/networkd.c
+++ b/src/network/networkd.c
@@ -20,9 +20,11 @@
***/
#include "sd-daemon.h"
+
#include "capability.h"
-#include "signal-util.h"
#include "networkd.h"
+#include "signal-util.h"
+#include "user-util.h"
int main(int argc, char *argv[]) {
_cleanup_manager_free_ Manager *m = NULL;
diff --git a/src/nspawn/nspawn-setuid.c b/src/nspawn/nspawn-setuid.c
index 2a1dfd83a9..6b4ca5a3f3 100644
--- a/src/nspawn/nspawn-setuid.c
+++ b/src/nspawn/nspawn-setuid.c
@@ -29,6 +29,7 @@
#include "process-util.h"
#include "signal-util.h"
#include "string-util.h"
+#include "user-util.h"
#include "util.h"
static int spawn_getent(const char *database, const char *key, pid_t *rpid) {
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index f95842d252..f01a376af8 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -90,6 +90,7 @@
#include "strv.h"
#include "terminal-util.h"
#include "udev-util.h"
+#include "user-util.h"
#include "util.h"
typedef enum ContainerStatus {
diff --git a/src/nss-mymachines/nss-mymachines.c b/src/nss-mymachines/nss-mymachines.c
index d05a32290b..b98bde676b 100644
--- a/src/nss-mymachines/nss-mymachines.c
+++ b/src/nss-mymachines/nss-mymachines.c
@@ -32,6 +32,7 @@
#include "macro.h"
#include "nss-util.h"
#include "string-util.h"
+#include "user-util.h"
#include "util.h"
NSS_GETHOSTBYNAME_PROTOTYPES(mymachines);
diff --git a/src/resolve/resolved.c b/src/resolve/resolved.c
index 32e61af925..df4eb6f63e 100644
--- a/src/resolve/resolved.c
+++ b/src/resolve/resolved.c
@@ -19,15 +19,16 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include "sd-event.h"
#include "sd-daemon.h"
-#include "mkdir.h"
+#include "sd-event.h"
+
#include "capability.h"
+#include "mkdir.h"
+#include "resolved-conf.h"
+#include "resolved-manager.h"
#include "selinux-util.h"
#include "signal-util.h"
-
-#include "resolved-manager.h"
-#include "resolved-conf.h"
+#include "user-util.h"
int main(int argc, char *argv[]) {
_cleanup_(manager_freep) Manager *m = NULL;
diff --git a/src/run/run.c b/src/run/run.c
index e81d0892e3..3646305961 100644
--- a/src/run/run.c
+++ b/src/run/run.c
@@ -39,6 +39,7 @@
#include "strv.h"
#include "terminal-util.h"
#include "unit-name.h"
+#include "user-util.h"
static bool arg_ask_password = true;
static bool arg_scope = false;
diff --git a/src/shared/acl-util.c b/src/shared/acl-util.c
index 47295ae379..e8931daee2 100644
--- a/src/shared/acl-util.c
+++ b/src/shared/acl-util.c
@@ -22,10 +22,11 @@
#include <errno.h>
#include <stdbool.h>
+#include "acl-util.h"
#include "string-util.h"
#include "strv.h"
+#include "user-util.h"
#include "util.h"
-#include "acl-util.h"
int acl_find_uid(acl_t acl, uid_t uid, acl_entry_t *entry) {
acl_entry_t i;
diff --git a/src/shared/install-printf.c b/src/shared/install-printf.c
index cbe984d2fb..224874f65c 100644
--- a/src/shared/install-printf.c
+++ b/src/shared/install-printf.c
@@ -21,11 +21,12 @@
#include <stdlib.h>
+#include "formats-util.h"
+#include "install-printf.h"
#include "specifier.h"
#include "unit-name.h"
+#include "user-util.h"
#include "util.h"
-#include "install-printf.h"
-#include "formats-util.h"
static int specifier_prefix_and_instance(char specifier, void *data, void *userdata, char **ret) {
UnitFileInstallInfo *i = userdata;
diff --git a/src/shared/uid-range.c b/src/shared/uid-range.c
index 4794ff45bb..079dd8752c 100644
--- a/src/shared/uid-range.c
+++ b/src/shared/uid-range.c
@@ -19,8 +19,9 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include "util.h"
#include "uid-range.h"
+#include "user-util.h"
+#include "util.h"
static bool uid_range_intersect(UidRange *range, uid_t start, uid_t nr) {
assert(range);
diff --git a/src/shared/utmp-wtmp.c b/src/shared/utmp-wtmp.c
index 93e6313360..1e6ac2f27d 100644
--- a/src/shared/utmp-wtmp.c
+++ b/src/shared/utmp-wtmp.c
@@ -33,6 +33,7 @@
#include "path-util.h"
#include "string-util.h"
#include "terminal-util.h"
+#include "user-util.h"
#include "utmp-wtmp.h"
int utmp_get_runlevel(int *runlevel, int *previous) {
diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
index 49acea1dd2..fe4213c085 100644
--- a/src/systemctl/systemctl.c
+++ b/src/systemctl/systemctl.c
@@ -73,6 +73,7 @@
#include "strv.h"
#include "terminal-util.h"
#include "unit-name.h"
+#include "user-util.h"
#include "util.h"
#include "utmp-wtmp.h"
#include "verbs.h"
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
index 547bd1b344..177432bf9f 100644
--- a/src/sysusers/sysusers.c
+++ b/src/sysusers/sysusers.c
@@ -41,6 +41,7 @@
#include "utf8.h"
#include "util.h"
#include "fd-util.h"
+#include "user-util.h"
typedef enum ItemType {
ADD_USER = 'u',
diff --git a/src/test/test-ipcrm.c b/src/test/test-ipcrm.c
index 4944bf6ad9..5841cb3fb1 100644
--- a/src/test/test-ipcrm.c
+++ b/src/test/test-ipcrm.c
@@ -19,8 +19,9 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include "util.h"
#include "clean-ipc.h"
+#include "user-util.h"
+#include "util.h"
int main(int argc, char *argv[]) {
uid_t uid;
diff --git a/src/test/test-util.c b/src/test/test-util.c
index 86895733c0..c1f8a866af 100644
--- a/src/test/test-util.c
+++ b/src/test/test-util.c
@@ -46,6 +46,7 @@
#include "strv.h"
#include "util.h"
#include "virt.h"
+#include "user-util.h"
static void test_streq_ptr(void) {
assert_se(streq_ptr(NULL, NULL));
diff --git a/src/timesync/timesyncd.c b/src/timesync/timesyncd.c
index 7755a6d89f..7a0ab18ca0 100644
--- a/src/timesync/timesyncd.c
+++ b/src/timesync/timesyncd.c
@@ -29,6 +29,7 @@
#include "signal-util.h"
#include "timesyncd-conf.h"
#include "timesyncd-manager.h"
+#include "user-util.h"
static int load_clock_timestamp(uid_t uid, gid_t gid) {
_cleanup_close_ int fd = -1;
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
index 457d721303..05c4661a2c 100644
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -59,6 +59,7 @@
#include "specifier.h"
#include "string-util.h"
#include "strv.h"
+#include "user-util.h"
#include "util.h"
/* This reads all files listed in /etc/tmpfiles.d/?*.conf and creates
diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
index f99d1a86c9..311d515645 100644
--- a/src/udev/udev-rules.c
+++ b/src/udev/udev-rules.c
@@ -38,6 +38,7 @@
#include "strv.h"
#include "sysctl-util.h"
#include "udev.h"
+#include "user-util.h"
#include "util.h"
#define PREALLOC_TOKEN 2048