[systemd-devel] [PATCH 3/3] sysusers: do not reject users with already present /etc/shadow entries

Zbigniew Jędrzejewski-Szmek zbyszek at in.waw.pl
Sat Mar 7 06:09:46 PST 2015 

On Thu, Feb 26, 2015 at 02:46:25AM +0300, Ivan Shapovalov wrote:
> This is needed to interoperate firstboot and sysusers. The former one is started
> first, and it writes only /etc/shadow when it is told to set the root password.
> It's better to relax checks here than to duplicate functionality in firstboot.
Does not apply on top of git... Could you rebase?

Zbyszek

> ---
>  src/sysusers/sysusers.c | 23 +++++++++--------------
>  1 file changed, 9 insertions(+), 14 deletions(-)
> 
> diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
> index 9d39bd4..ec3e8ad 100644
> --- a/src/sysusers/sysusers.c
> +++ b/src/sysusers/sysusers.c
> @@ -603,6 +603,8 @@ static int write_files(void) {
>                  if (r < 0)
>                          goto finish;
>  
> +                lstchg = (long) (now(CLOCK_REALTIME) / USEC_PER_DAY);
> +
>                  original = fopen(shadow_path, "re");
>                  if (original) {
>                          struct spwd *sp;
> @@ -616,8 +618,13 @@ static int write_files(void) {
>  
>                                  i = hashmap_get(users, sp->sp_namp);
>                                  if (i && i->todo_user) {
> -                                        r = -EEXIST;
> -                                        goto finish;
> +                                        /* we will update the existing entry */
> +                                        sp->sp_lstchg = lstchg;
> +
> +                                        /* only the /etc/shadow stage is left, so we can
> +                                         * safely remove the item from the todo set */
> +                                        i->todo_user = false;
> +                                        hashmap_remove(todo_uids, UID_TO_PTR(i->uid));
>                                  }
>  
>                                  errno = 0;
> @@ -640,7 +647,6 @@ static int write_files(void) {
>                          goto finish;
>                  }
>  
> -                lstchg = (long) (now(CLOCK_REALTIME) / USEC_PER_DAY);
>                  HASHMAP_FOREACH(i, todo_uids, iterator) {
>                          struct spwd n = {
>                                  .sp_namp = i->name,
> @@ -877,7 +883,6 @@ static int add_user(Item *i) {
>  
>          if (!arg_root_dest) {
>                  struct passwd *p;
> -                struct spwd *sp;
>  
>                  /* Also check NSS */
>                  errno = 0;
> @@ -893,16 +898,6 @@ static int add_user(Item *i) {
>                  }
>                  if (!IN_SET(errno, 0, ENOENT))
>                          return log_error_errno(errno, "Failed to check if user %s already exists: %m", i->name);
> -
> -                /* And shadow too, just to be sure */
> -                errno = 0;
> -                sp = getspnam(i->name);
> -                if (sp) {
> -                        log_error("User %s already exists in shadow database, but not in user database.", i->name);
> -                        return -EBADMSG;
> -                }
> -                if (!IN_SET(errno, 0, ENOENT))
> -                        return log_error_errno(errno, "Failed to check if user %s already exists in shadow database: %m", i->name);
>          }
>  
>          /* Try to use the suggested numeric uid */
> -- 
> 2.3.0
> 
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel

More information about the systemd-devel mailing list