summaryrefslogtreecommitdiff
path: root/src/sysusers/sysusers.c
AgeCommit message (Collapse)Author
2014-11-26Introduce CONF_DIRS_NULSTR helper to define standard conf dirsJosh Triplett
Several different systemd tools define a nulstr containing a standard series of configuration file directories, in /etc, /run, /usr/local/lib, /usr/lib, and (#ifdef HAVE_SPLIT_USR) /lib. Factor that logic out into a new helper macro, CONF_DIRS_NULSTR.
2014-11-11sysuser: simplify access mode syncing by introducing helper function for itLennart Poettering
2014-11-07sysusers: be nice and print a warning if futimens() failsLennart Poettering
CID# 1251163
2014-10-30sysusers: Preserve ownership and mode on /etc/passwd and friendsColin Guthrie
When running sysusers we would clobber file ownership and permissions on the files /etc/passwd, /etc/group and /etc/[g]shadow. This simply preserves the ownership and mode if existing files are found.
2014-10-23mac: rename apis with mac_{selinux/smack}_ prefixWaLyong Cho
2014-09-18sysusers: Remove some gcc warnings about uninitialized variablesPhilippe De Swert
Gcc is spewing some warnings about uninitialized variables. Let's get rid of the noise.
2014-09-15hashmap: introduce hash_ops to make struct Hashmap smallerMichal Schmidt
It is redundant to store 'hash' and 'compare' function pointers in struct Hashmap separately. The functions always comprise a pair. Store a single pointer to struct hash_ops instead. systemd keeps hundreds of hashmaps, so this saves a little bit of memory.
2014-08-19sysusers: initialize rThomas Hindoe Paaboel Andersen
Needed for the stdin case where it could otherwise end up being used uninitialized.
2014-08-19tmpfiles: add new 'r' line type to add UIDs/GIDs to the pool to allocate ↵Lennart Poettering
UIDs/GIDs from This way we can guarantee a limited amount of compatibility with login.defs, by generate an appopriate "r" line out of it, on package installation.
2014-08-19sysusers: add another column to sysusers files for the home directoryLennart Poettering
2014-08-19sysusers: optionally, read sysuers configuration from standard inputLennart Poettering
2014-08-19sysusers: also update /etc/shadow and /etc/gshadow when creating new system ↵Lennart Poettering
users This should resolve problems with tools like "grpck" and suchlike.
2014-08-04sysusers: isempty will never be < 0Thomas Hindoe Paaboel Andersen
looks like a typo from 1b99214789101976d6bbf75c351279584b071998
2014-08-03Unify parse_argv styleZbigniew Jędrzejewski-Szmek
getopt is usually good at printing out a nice error message when commandline options are invalid. It distinguishes between an unknown option and a known option with a missing arg. It is better to let it do its job and not use opterr=0 unless we actually want to suppress messages. So remove opterr=0 in the few places where it wasn't really useful. When an error in options is encountered, we should not print a lengthy help() and overwhelm the user, when we know precisely what is wrong with the commandline. In addition, since help() prints to stdout, it should not be used except when requested with -h or --help. Also, simplify things here and there.
2014-07-21sysusers: fix selinux context of backup filesZbigniew Jędrzejewski-Szmek
Also, fix fopen_temporary_label to set proper context. By chance, all users so far used the same context, so the error didn't matter. Also, check return value from label_init(). https://bugzilla.redhat.com/show_bug.cgi?id=1121806
2014-07-13Add function to open temp files in selinux modeZbigniew Jędrzejewski-Szmek
2014-07-13sysusers: preserve label of /etc/{passwd, group}Colin Walters
These files are specially labeled on SELinux systems, and we need to preserve that label.
2014-07-10sysusers: allow overrides in /etc and /runZbigniew Jędrzejewski-Szmek
An administrator might want to block a certain sysusers config file from being executed, e.g. to block the creation of a certain user. Only a relatively short description is added in the man page, since overrides should be relatively rare.
2014-07-09sysusers: don't allow control characters in gecos fieldsLennart Poettering
2014-07-09sysusers: don't allow user names longer than UT_NAMESIZELennart Poettering
As pointed out by Miloslav Trmač it might be a good idea to make sure that usernames stay with in the utmp-defined limits.
2014-07-07firstboot: follow lock protocol when changing /etc/shadowLennart Poettering
2014-07-06sysusers: fix uninitialized warningRonny Chevalier
2014-07-03sysusers: add new line type "m" to add users as members to groupsLennart Poettering
2014-06-23coredump: never write more than the configured processing size limit to diskLennart Poettering
2014-06-13sysusers: always treat ENOENT as entry-not-found when doing NSS callsLennart Poettering
For most NSS calls it is documented that they return NULL + errno=0 when an entry is not found. However, in reality it appears to be common to return NULL + errno=ENOENT, instead. Handle that correctly, and don't consider ENOENT a systematic error.
2014-06-13sysusers: do not set todo to create a user when we only need a groupKay Sievers
2014-06-12sysusers: add minimal tool to reconstruct /etc/passwd and /etc/group from ↵Lennart Poettering
static files systemd-sysusers is a tool to reconstruct /etc/passwd and /etc/group from static definition files that take a lot of inspiration from tmpfiles snippets. These snippets should carry information about system users only. To make sure it is not misused for normal users these snippets only allow configuring UID and gecos field for each user, but do not allow configuration of the home directory or shell, which is necessary for real login users. The purpose of this tool is to enable state-less systems that can populate /etc with the minimal files necessary, solely from static data in /usr. systemd-sysuser is additive only, and will never override existing users. This tool will create these files directly, and not via some user database abtsraction layer. This is appropriate as this tool is supposed to run really early at boot, and is only useful for creating system users, and system users cannot be stored in remote databases anyway. The tool is also useful to be invoked from RPM scriptlets, instead of useradd. This allows moving from imperative user descriptions in RPM to declarative descriptions. The UID/GID for a user/group to be created can either be chosen dynamic, or fixed, or be read from the owner of a file in the file system, in order to support reconstructing the correct IDs for files that shall be owned by them. This also adds a minimal user definition file, that should be sufficient for most basic systems. Distributions are expected to patch these files and augment the contents, for example with fixed UIDs for the users where that's necessary.