Merge pull request #8368 from yuwata/nss-systemd-getpwent

nss-systemd: make dynamic users enumerable by `getent`
2026-03-06 15:02:31 -08:00 · 2018-03-21 12:36:47 +01:00
parent 4526113f57 23e6c10bbe
commit 0ba6791f46
7 changed files with 452 additions and 77 deletions
--- a/3
+++ b/3
@@ -27,9 +27,6 @@ Features:
 * add proper dbus APIs for the various sd_notify() commands, such as MAINPID=1
  and so on, which would mean we could report errors and such.

-* nss-systemd: implement enumeration, that shows all dynamic users plus the
-  synthesized ones if necessary, so that "getent passwd" shows useful data.
-
 * teach tmpfiles.d q/Q logic something sensible in the context of XFS/ext4
  project quota

--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -1798,6 +1798,50 @@ static int method_lookup_dynamic_user_by_uid(sd_bus_message *message, void *user
        return sd_bus_reply_method_return(message, "s", name);
 }

+static int method_get_dynamic_users(sd_bus_message *message, void *userdata, sd_bus_error *error) {
+        _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
+        Manager *m = userdata;
+        DynamicUser *d;
+        Iterator i;
+        int r;
+
+        assert(message);
+        assert(m);
+
+        assert_cc(sizeof(uid_t) == sizeof(uint32_t));
+
+        if (!MANAGER_IS_SYSTEM(m))
+                return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Dynamic users are only supported in the system instance.");
+
+        r = sd_bus_message_new_method_return(message, &reply);
+        if (r < 0)
+                return r;
+
+        r = sd_bus_message_open_container(reply, 'a', "(us)");
+        if (r < 0)
+                return r;
+
+        HASHMAP_FOREACH(d, m->dynamic_users, i) {
+                uid_t uid;
+
+                r = dynamic_user_current(d, &uid);
+                if (r == -EAGAIN) /* not realized yet? */
+                        continue;
+                if (r < 0)
+                        return sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "Failed to lookup a dynamic user.");
+
+                r = sd_bus_message_append(reply, "(us)", uid, d->name);
+                if (r < 0)
+                        return r;
+        }
+
+        r = sd_bus_message_close_container(reply);
+        if (r < 0)
+                return r;
+
+        return sd_bus_send(NULL, reply, NULL);
+}
+
 static int list_unit_files_by_patterns(sd_bus_message *message, void *userdata, sd_bus_error *error, char **states, char **patterns) {
        _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
        Manager *m = userdata;
@@ -2572,6 +2616,7 @@ const sd_bus_vtable bus_manager_vtable[] = {
        SD_BUS_METHOD("SetExitCode", "y", NULL, method_set_exit_code, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("LookupDynamicUserByName", "s", "u", method_lookup_dynamic_user_by_name, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("LookupDynamicUserByUID", "u", "s", method_lookup_dynamic_user_by_uid, SD_BUS_VTABLE_UNPRIVILEGED),
+        SD_BUS_METHOD("GetDynamicUsers", NULL, "a(us)", method_get_dynamic_users, SD_BUS_VTABLE_UNPRIVILEGED),

        SD_BUS_SIGNAL("UnitNew", "so", 0),
        SD_BUS_SIGNAL("UnitRemoved", "so", 0),
--- a/src/core/dynamic-user.c
+++ b/src/core/dynamic-user.c
@@ -563,7 +563,7 @@ static int dynamic_user_realize(
        return 0;
 }

-static int dynamic_user_current(DynamicUser *d, uid_t *ret) {
+int dynamic_user_current(DynamicUser *d, uid_t *ret) {
        _cleanup_(unlockfp) int storage_socket0_lock = -1;
        _cleanup_close_ int lock_fd = -1;
        uid_t uid;
--- a/src/core/dynamic-user.h
+++ b/src/core/dynamic-user.h
@@ -48,6 +48,7 @@ int dynamic_user_serialize(Manager *m, FILE *f, FDSet *fds);
 void dynamic_user_deserialize_one(Manager *m, const char *value, FDSet *fds);
 void dynamic_user_vacuum(Manager *m, bool close_user);

+int dynamic_user_current(DynamicUser *d, uid_t *ret);
 int dynamic_user_lookup_uid(Manager *m, uid_t uid, char **ret);
 int dynamic_user_lookup_name(Manager *m, const char *name, uid_t *ret);

--- a/src/core/org.freedesktop.systemd1.conf
+++ b/src/core/org.freedesktop.systemd1.conf
@@ -140,6 +140,10 @@
                       send_interface="org.freedesktop.systemd1.Manager"
                       send_member="LookupDynamicUserByUID"/>

+                <allow send_destination="org.freedesktop.systemd1"
+                       send_interface="org.freedesktop.systemd1.Manager"
+                       send_member="GetDynamicUsers"/>
+
                <!-- Completely open to anyone: org.freedesktop.systemd1.Unit interface -->

                <allow send_destination="org.freedesktop.systemd1"
--- a/src/nss-systemd/nss-systemd.c
+++ b/src/nss-systemd/nss-systemd.c
--- a/src/nss-systemd/nss-systemd.sym
+++ b/src/nss-systemd/nss-systemd.sym
@@ -13,7 +13,13 @@
 global:
        _nss_systemd_getpwnam_r;
        _nss_systemd_getpwuid_r;
+        _nss_systemd_endpwent;
+        _nss_systemd_setpwent;
+        _nss_systemd_getpwent_r;
        _nss_systemd_getgrnam_r;
        _nss_systemd_getgrgid_r;
+        _nss_systemd_endgrent;
+        _nss_systemd_setgrent;
+        _nss_systemd_getgrent_r;
 local: *;
 };