194 lines
6.4 KiB
Diff
194 lines
6.4 KiB
Diff
From 763fe64a51caa25c51a9d68d8e3943b519edf5cb Mon Sep 17 00:00:00 2001
|
|
From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
|
|
Date: Sun, 18 Aug 2024 03:11:15 -0500
|
|
Subject: [PATCH 23/34] shared: Conditionalise sgrp on ENABLE_GSHADOW
|
|
Content-Type: text/plain; charset="utf-8"
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
Signed-off-by: A. Wilcox <AWilcox@Wilcox-Tech.com>
|
|
Signed-off-by: Alexander Miroshnichenko <alex@millerson.name>
|
|
---
|
|
src/shared/user-record-nss.c | 25 ++++++++++++++++++++++++-
|
|
src/shared/user-record-nss.h | 6 +++++-
|
|
src/shared/userdb.c | 6 ++++++
|
|
3 files changed, 35 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/shared/user-record-nss.c b/src/shared/user-record-nss.c
|
|
index ffb572146628..3e2f61473a6a 100644
|
|
--- a/src/shared/user-record-nss.c
|
|
+++ b/src/shared/user-record-nss.c
|
|
@@ -275,9 +275,12 @@ int nss_user_record_by_uid(
|
|
|
|
int nss_group_to_group_record(
|
|
const struct group *grp,
|
|
- const struct sgrp *sgrp,
|
|
+ void *_sgrp,
|
|
GroupRecord **ret) {
|
|
|
|
+#if ENABLE_GSHADOW
|
|
+ struct sgrp *sgrp = (struct sgrp *)_sgrp;
|
|
+#endif
|
|
_cleanup_(group_record_unrefp) GroupRecord *g = NULL;
|
|
int r;
|
|
|
|
@@ -286,8 +289,10 @@ int nss_group_to_group_record(
|
|
if (isempty(grp->gr_name))
|
|
return -EINVAL;
|
|
|
|
+#if ENABLE_GSHADOW
|
|
if (sgrp && !streq_ptr(sgrp->sg_namp, grp->gr_name))
|
|
return -EINVAL;
|
|
+#endif
|
|
|
|
g = group_record_new();
|
|
if (!g)
|
|
@@ -303,6 +308,7 @@ int nss_group_to_group_record(
|
|
|
|
g->gid = grp->gr_gid;
|
|
|
|
+#if ENABLE_GSHADOW
|
|
if (sgrp) {
|
|
if (looks_like_hashed_password(utf8_only(sgrp->sg_passwd))) {
|
|
g->hashed_password = strv_new(sgrp->sg_passwd);
|
|
@@ -318,6 +324,7 @@ int nss_group_to_group_record(
|
|
if (r < 0)
|
|
return r;
|
|
}
|
|
+#endif
|
|
|
|
r = json_build(&g->json, JSON_BUILD_OBJECT(
|
|
JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING(g->group_name)),
|
|
@@ -336,6 +343,7 @@ int nss_group_to_group_record(
|
|
return 0;
|
|
}
|
|
|
|
+#if ENABLE_GSHADOW
|
|
int nss_sgrp_for_group(const struct group *grp, struct sgrp *ret_sgrp, char **ret_buffer) {
|
|
size_t buflen = 4096;
|
|
int r;
|
|
@@ -373,6 +381,7 @@ int nss_sgrp_for_group(const struct group *grp, struct sgrp *ret_sgrp, char **re
|
|
buf = mfree(buf);
|
|
}
|
|
}
|
|
+#endif
|
|
|
|
int nss_group_record_by_name(
|
|
const char *name,
|
|
@@ -382,7 +391,9 @@ int nss_group_record_by_name(
|
|
_cleanup_free_ char *sbuf = NULL;
|
|
_cleanup_free_ struct group *result = NULL;
|
|
bool incomplete = false;
|
|
+#if ENABLE_GSHADOW
|
|
struct sgrp sgrp, *sresult = NULL;
|
|
+#endif
|
|
int r;
|
|
|
|
assert(name);
|
|
@@ -391,6 +402,7 @@ int nss_group_record_by_name(
|
|
if (r < 0)
|
|
return r;
|
|
|
|
+#if ENABLE_GSHADOW
|
|
if (with_shadow) {
|
|
r = nss_sgrp_for_group(result, &sgrp, &sbuf);
|
|
if (r < 0) {
|
|
@@ -402,6 +414,10 @@ int nss_group_record_by_name(
|
|
incomplete = true;
|
|
|
|
r = nss_group_to_group_record(result, sresult, ret);
|
|
+#else
|
|
+ incomplete = true;
|
|
+ r = nss_group_to_group_record(result, NULL, ret);
|
|
+#endif
|
|
if (r < 0)
|
|
return r;
|
|
|
|
@@ -418,13 +434,16 @@ int nss_group_record_by_gid(
|
|
_cleanup_free_ char *sbuf = NULL;
|
|
_cleanup_free_ struct group *result = NULL;
|
|
bool incomplete = false;
|
|
+#if ENABLE_GSHADOW
|
|
struct sgrp sgrp, *sresult = NULL;
|
|
+#endif
|
|
int r;
|
|
|
|
r = getgrgid_malloc(gid, &result);
|
|
if (r < 0)
|
|
return r;
|
|
|
|
+#if ENABLE_GSHADOW
|
|
if (with_shadow) {
|
|
r = nss_sgrp_for_group(result, &sgrp, &sbuf);
|
|
if (r < 0) {
|
|
@@ -436,6 +455,10 @@ int nss_group_record_by_gid(
|
|
incomplete = true;
|
|
|
|
r = nss_group_to_group_record(result, sresult, ret);
|
|
+#else
|
|
+ incomplete = true;
|
|
+ r = nss_group_to_group_record(result, NULL, ret);
|
|
+#endif
|
|
if (r < 0)
|
|
return r;
|
|
|
|
diff --git a/src/shared/user-record-nss.h b/src/shared/user-record-nss.h
|
|
index 22ab04d6eec3..5677a119f6d0 100644
|
|
--- a/src/shared/user-record-nss.h
|
|
+++ b/src/shared/user-record-nss.h
|
|
@@ -2,7 +2,9 @@
|
|
#pragma once
|
|
|
|
#include <grp.h>
|
|
+#if ENABLE_GSHADOW
|
|
#include <gshadow.h>
|
|
+#endif
|
|
#include <pwd.h>
|
|
#include <shadow.h>
|
|
|
|
@@ -17,8 +19,10 @@ int nss_spwd_for_passwd(const struct passwd *pwd, struct spwd *ret_spwd, char **
|
|
int nss_user_record_by_name(const char *name, bool with_shadow, UserRecord **ret);
|
|
int nss_user_record_by_uid(uid_t uid, bool with_shadow, UserRecord **ret);
|
|
|
|
-int nss_group_to_group_record(const struct group *grp, const struct sgrp *sgrp, GroupRecord **ret);
|
|
+int nss_group_to_group_record(const struct group *grp, void *sgrp, GroupRecord **ret);
|
|
+#if ENABLE_GSHADOW
|
|
int nss_sgrp_for_group(const struct group *grp, struct sgrp *ret_sgrp, char **ret_buffer);
|
|
+#endif
|
|
|
|
int nss_group_record_by_name(const char *name, bool with_shadow, GroupRecord **ret);
|
|
int nss_group_record_by_gid(gid_t gid, bool with_shadow, GroupRecord **ret);
|
|
diff --git a/src/shared/userdb.c b/src/shared/userdb.c
|
|
index 353388125f79..002f35c79fc4 100644
|
|
--- a/src/shared/userdb.c
|
|
+++ b/src/shared/userdb.c
|
|
@@ -1038,13 +1038,16 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) {
|
|
if (gr) {
|
|
_cleanup_free_ char *buffer = NULL;
|
|
bool incomplete = false;
|
|
+#if ENABLE_GSHADOW
|
|
struct sgrp sgrp;
|
|
+#endif
|
|
|
|
if (streq_ptr(gr->gr_name, "root"))
|
|
iterator->synthesize_root = false;
|
|
if (gr->gr_gid == GID_NOBODY)
|
|
iterator->synthesize_nobody = false;
|
|
|
|
+#if ENABLE_GSHADOW
|
|
if (!FLAGS_SET(iterator->flags, USERDB_SUPPRESS_SHADOW)) {
|
|
r = nss_sgrp_for_group(gr, &sgrp, &buffer);
|
|
if (r < 0) {
|
|
@@ -1057,6 +1060,9 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) {
|
|
}
|
|
|
|
r = nss_group_to_group_record(gr, r >= 0 ? &sgrp : NULL, ret);
|
|
+#else
|
|
+ r = nss_group_to_group_record(gr, NULL, ret);
|
|
+#endif
|
|
if (r < 0)
|
|
return r;
|
|
|
|
--
|
|
2.41.0
|
|
|