From 763fe64a51caa25c51a9d68d8e3943b519edf5cb Mon Sep 17 00:00:00 2001 From: "A. Wilcox" Date: Sun, 18 Aug 2024 03:11:15 -0500 Subject: [PATCH 23/34] shared: Conditionalise sgrp on ENABLE_GSHADOW Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Signed-off-by: A. Wilcox Signed-off-by: Alexander Miroshnichenko --- src/shared/user-record-nss.c | 25 ++++++++++++++++++++++++- src/shared/user-record-nss.h | 6 +++++- src/shared/userdb.c | 6 ++++++ 3 files changed, 35 insertions(+), 2 deletions(-) diff --git a/src/shared/user-record-nss.c b/src/shared/user-record-nss.c index ffb572146628..3e2f61473a6a 100644 --- a/src/shared/user-record-nss.c +++ b/src/shared/user-record-nss.c @@ -275,9 +275,12 @@ int nss_user_record_by_uid( int nss_group_to_group_record( const struct group *grp, - const struct sgrp *sgrp, + void *_sgrp, GroupRecord **ret) { +#if ENABLE_GSHADOW + struct sgrp *sgrp = (struct sgrp *)_sgrp; +#endif _cleanup_(group_record_unrefp) GroupRecord *g = NULL; int r; @@ -286,8 +289,10 @@ int nss_group_to_group_record( if (isempty(grp->gr_name)) return -EINVAL; +#if ENABLE_GSHADOW if (sgrp && !streq_ptr(sgrp->sg_namp, grp->gr_name)) return -EINVAL; +#endif g = group_record_new(); if (!g) @@ -303,6 +308,7 @@ int nss_group_to_group_record( g->gid = grp->gr_gid; +#if ENABLE_GSHADOW if (sgrp) { if (looks_like_hashed_password(utf8_only(sgrp->sg_passwd))) { g->hashed_password = strv_new(sgrp->sg_passwd); @@ -318,6 +324,7 @@ int nss_group_to_group_record( if (r < 0) return r; } +#endif r = json_build(&g->json, JSON_BUILD_OBJECT( JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING(g->group_name)), @@ -336,6 +343,7 @@ int nss_group_to_group_record( return 0; } +#if ENABLE_GSHADOW int nss_sgrp_for_group(const struct group *grp, struct sgrp *ret_sgrp, char **ret_buffer) { size_t buflen = 4096; int r; @@ -373,6 +381,7 @@ int nss_sgrp_for_group(const struct group *grp, struct sgrp *ret_sgrp, char **re buf = mfree(buf); } } +#endif int nss_group_record_by_name( const char *name, @@ -382,7 +391,9 @@ int nss_group_record_by_name( _cleanup_free_ char *sbuf = NULL; _cleanup_free_ struct group *result = NULL; bool incomplete = false; +#if ENABLE_GSHADOW struct sgrp sgrp, *sresult = NULL; +#endif int r; assert(name); @@ -391,6 +402,7 @@ int nss_group_record_by_name( if (r < 0) return r; +#if ENABLE_GSHADOW if (with_shadow) { r = nss_sgrp_for_group(result, &sgrp, &sbuf); if (r < 0) { @@ -402,6 +414,10 @@ int nss_group_record_by_name( incomplete = true; r = nss_group_to_group_record(result, sresult, ret); +#else + incomplete = true; + r = nss_group_to_group_record(result, NULL, ret); +#endif if (r < 0) return r; @@ -418,13 +434,16 @@ int nss_group_record_by_gid( _cleanup_free_ char *sbuf = NULL; _cleanup_free_ struct group *result = NULL; bool incomplete = false; +#if ENABLE_GSHADOW struct sgrp sgrp, *sresult = NULL; +#endif int r; r = getgrgid_malloc(gid, &result); if (r < 0) return r; +#if ENABLE_GSHADOW if (with_shadow) { r = nss_sgrp_for_group(result, &sgrp, &sbuf); if (r < 0) { @@ -436,6 +455,10 @@ int nss_group_record_by_gid( incomplete = true; r = nss_group_to_group_record(result, sresult, ret); +#else + incomplete = true; + r = nss_group_to_group_record(result, NULL, ret); +#endif if (r < 0) return r; diff --git a/src/shared/user-record-nss.h b/src/shared/user-record-nss.h index 22ab04d6eec3..5677a119f6d0 100644 --- a/src/shared/user-record-nss.h +++ b/src/shared/user-record-nss.h @@ -2,7 +2,9 @@ #pragma once #include +#if ENABLE_GSHADOW #include +#endif #include #include @@ -17,8 +19,10 @@ int nss_spwd_for_passwd(const struct passwd *pwd, struct spwd *ret_spwd, char ** int nss_user_record_by_name(const char *name, bool with_shadow, UserRecord **ret); int nss_user_record_by_uid(uid_t uid, bool with_shadow, UserRecord **ret); -int nss_group_to_group_record(const struct group *grp, const struct sgrp *sgrp, GroupRecord **ret); +int nss_group_to_group_record(const struct group *grp, void *sgrp, GroupRecord **ret); +#if ENABLE_GSHADOW int nss_sgrp_for_group(const struct group *grp, struct sgrp *ret_sgrp, char **ret_buffer); +#endif int nss_group_record_by_name(const char *name, bool with_shadow, GroupRecord **ret); int nss_group_record_by_gid(gid_t gid, bool with_shadow, GroupRecord **ret); diff --git a/src/shared/userdb.c b/src/shared/userdb.c index 353388125f79..002f35c79fc4 100644 --- a/src/shared/userdb.c +++ b/src/shared/userdb.c @@ -1038,13 +1038,16 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) { if (gr) { _cleanup_free_ char *buffer = NULL; bool incomplete = false; +#if ENABLE_GSHADOW struct sgrp sgrp; +#endif if (streq_ptr(gr->gr_name, "root")) iterator->synthesize_root = false; if (gr->gr_gid == GID_NOBODY) iterator->synthesize_nobody = false; +#if ENABLE_GSHADOW if (!FLAGS_SET(iterator->flags, USERDB_SUPPRESS_SHADOW)) { r = nss_sgrp_for_group(gr, &sgrp, &buffer); if (r < 0) { @@ -1057,6 +1060,9 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) { } r = nss_group_to_group_record(gr, r >= 0 ? &sgrp : NULL, ret); +#else + r = nss_group_to_group_record(gr, NULL, ret); +#endif if (r < 0) return r; -- 2.41.0