[systemd-devel] [PATCH] nspawn: spawn shell under specified --user

Mon Jun 27 05:01:27 PDT 2011

On Fri, 24.06.11 14:39, Michal Vyskocil (mvyskocil at suse.cz) wrote:

> Add -u/--user option, which changes the effective and real user and
> group id to the new value. The user must exists in the chroot, otherwise
> it will fail. Both username and user id are accepted.

Sounds sensible, though I do wonder about the ultimate usefulness of
this given that this requires user settings configured on the host
systems in a way that makes sense in the container too. (i.e. the $HOME
and UID/GID of the user must be in sync in host and in container). Or am
I missing something?

> +static struct passwd *getpwun(const char* user) {
> +        
> +        struct passwd *pw;
> +
> +        pw = getpwnam(user);
> +
> +        if (!pw && isdigits(user)) {
> +                pw = getpwuid((uid_t)atoi(user));
> +        }
> +
> +        if (! (pw && pw->pw_name && pw->pw_name[0] && pw->pw_dir && pw->pw_dir[0]
> +                 && pw->pw_passwd)) {
> +                log_error("user name or id %s does not exist: %m", user);
> +                return NULL;
> +        }

Please work the other way here. Use "safe_atou()" first on the
username, and if that works it's a numeric uid. If it doesn't try
getpwnam(). Code that already does this you find in get_user_creds() in
execute.c.

> +                        mkdir_p(pw->pw_dir, 0755);
> +                        if (chown(pw->pw_dir, pw->pw_uid, pw->pw_gid) < 0) {
> +                                log_error("chown(%s) failed: %m", pw->pw_dir);
> +                                goto child_fail;
> +                        }

Please use safe_mkdir() here.

Lennart

-- 
Lennart Poettering - Red Hat, Inc.