summaryrefslogtreecommitdiff
path: root/0001-daemon-Allow-SystemAccount-false-to-be-set-in-cache-.patch
diff options
context:
space:
mode:
authorCoprDistGit <infra@openeuler.org>2024-08-05 01:31:40 +0000
committerCoprDistGit <infra@openeuler.org>2024-08-05 01:31:40 +0000
commit6f7b9533265e275189556ad04e0163bf28d4a00c (patch)
tree9bff2e3d0b65c8f4c5fb51f006fc66636951dbc1 /0001-daemon-Allow-SystemAccount-false-to-be-set-in-cache-.patch
parent3056f6d62d975d27171c5b3b34d22ca18423ae83 (diff)
automatic import of accountsserviceopeneuler24.03_LTS
Diffstat (limited to '0001-daemon-Allow-SystemAccount-false-to-be-set-in-cache-.patch')
-rw-r--r--0001-daemon-Allow-SystemAccount-false-to-be-set-in-cache-.patch304
1 files changed, 304 insertions, 0 deletions
diff --git a/0001-daemon-Allow-SystemAccount-false-to-be-set-in-cache-.patch b/0001-daemon-Allow-SystemAccount-false-to-be-set-in-cache-.patch
new file mode 100644
index 0000000..84d5265
--- /dev/null
+++ b/0001-daemon-Allow-SystemAccount-false-to-be-set-in-cache-.patch
@@ -0,0 +1,304 @@
+From 14c902f42a4ea74ce9450eb53817e1bf5be05d26 Mon Sep 17 00:00:00 2001
+From: Ray Strode <rstrode@redhat.com>
+Date: Wed, 8 Sep 2021 16:38:17 -0400
+Subject: [PATCH 1/2] daemon: Allow SystemAccount=false to be set in cache file
+
+At the moment we do dodgy checks based on uid to decide whether or not
+an account is a system account.
+
+For legacy reasons, sometimes normal users have really low UIDs.
+
+This commit reshuffles things, so the cache file "wins" for deciding
+whether or not a user is a system user.
+---
+ src/daemon.c | 24 ++++++++++++------------
+ 1 file changed, 12 insertions(+), 12 deletions(-)
+
+diff --git a/src/daemon.c b/src/daemon.c
+index 66ac7ba..2b6650b 100644
+--- a/src/daemon.c
++++ b/src/daemon.c
+@@ -219,60 +219,68 @@ entry_generator_fgetpwent (Daemon *daemon,
+ if (g_hash_table_size (shadow_users) == 0) {
+ g_clear_pointer (&shadow_users, g_hash_table_unref);
+ return NULL;
+ }
+
+ fp = fopen (PATH_PASSWD, "r");
+ if (fp == NULL) {
+ g_clear_pointer (&shadow_users, g_hash_table_unref);
+ g_warning ("Unable to open %s: %s", PATH_PASSWD, g_strerror (errno));
+ return NULL;
+ }
+
+ generator_state = g_malloc0 (sizeof (*generator_state));
+ generator_state->fp = fp;
+ generator_state->users = shadow_users;
+
+ *state = generator_state;
+ }
+
+ /* Every iteration */
+ generator_state = *state;
+
+ if (g_hash_table_size (users) < MAX_LOCAL_USERS) {
+ pwent = fgetpwent (generator_state->fp);
+ if (pwent != NULL) {
+ shadow_entry_buffers = g_hash_table_lookup (generator_state->users, pwent->pw_name);
+
+ if (shadow_entry_buffers != NULL) {
+ *spent = &shadow_entry_buffers->spbuf;
+ }
++
++ /* Skip system users... */
++ if (!user_classify_is_human (pwent->pw_uid, pwent->pw_name, pwent->pw_shell, (*spent)? (*spent)->sp_pwdp : NULL)) {
++ g_debug ("skipping user: %s", pwent->pw_name);
++
++ return entry_generator_fgetpwent (daemon, users, state, spent);
++ }
++
+ return pwent;
+ }
+ }
+
+ /* Last iteration */
+ fclose (generator_state->fp);
+ g_hash_table_unref (generator_state->users);
+ g_free (generator_state);
+ *state = NULL;
+
+ return NULL;
+ }
+
+ static struct passwd *
+ entry_generator_cachedir (Daemon *daemon,
+ GHashTable *users,
+ gpointer *state,
+ struct spwd **shadow_entry)
+ {
+ struct passwd *pwent;
+ g_autoptr(GError) error = NULL;
+ gboolean regular;
+ GHashTableIter iter;
+ gpointer key, value;
+ GDir *dir;
+
+ /* First iteration */
+ if (*state == NULL) {
+ *state = g_dir_open (USERDIR, 0, &error);
+ if (error != NULL) {
+@@ -373,66 +381,60 @@ entry_generator_requested_users (Daemon *daemon,
+ }
+ }
+ }
+
+ /* Last iteration */
+
+ *state = NULL;
+ return NULL;
+ }
+
+ static void
+ load_entries (Daemon *daemon,
+ GHashTable *users,
+ gboolean explicitly_requested,
+ EntryGeneratorFunc entry_generator)
+ {
+ DaemonPrivate *priv = daemon_get_instance_private (daemon);
+ gpointer generator_state = NULL;
+ struct passwd *pwent;
+ struct spwd *spent = NULL;
+ User *user = NULL;
+
+ g_assert (entry_generator != NULL);
+
+ for (;;) {
+ spent = NULL;
+ pwent = entry_generator (daemon, users, &generator_state, &spent);
+ if (pwent == NULL)
+ break;
+
+- /* Skip system users... */
+- if (!explicitly_requested && !user_classify_is_human (pwent->pw_uid, pwent->pw_name, pwent->pw_shell, spent? spent->sp_pwdp : NULL)) {
+- g_debug ("skipping user: %s", pwent->pw_name);
+- continue;
+- }
+-
+ /* Only process users that haven't been processed yet.
+ * We do always make sure entries get promoted
+ * to "cached" status if they are supposed to be
+ */
+
+ user = g_hash_table_lookup (users, pwent->pw_name);
+
+ if (user == NULL) {
+ user = g_hash_table_lookup (priv->users, pwent->pw_name);
+ if (user == NULL) {
+ user = user_new (daemon, pwent->pw_uid);
+ } else {
+ g_object_ref (user);
+ }
+
+ /* freeze & update users not already in the new list */
+ g_object_freeze_notify (G_OBJECT (user));
+ user_update_from_pwent (user, pwent, spent);
+
+ g_hash_table_insert (users, g_strdup (user_get_user_name (user)), user);
+ g_debug ("loaded user: %s", user_get_user_name (user));
+ }
+
+ if (!explicitly_requested) {
+ user_set_cached (user, TRUE);
+ }
+ }
+
+ /* Generator should have cleaned up */
+ g_assert (generator_state == NULL);
+@@ -501,66 +503,66 @@ has_network_realms (Daemon *daemon)
+
+ static void
+ reload_users (Daemon *daemon)
+ {
+ DaemonPrivate *priv = daemon_get_instance_private (daemon);
+ AccountsAccounts *accounts = ACCOUNTS_ACCOUNTS (daemon);
+ gboolean had_no_users, has_no_users, had_multiple_users, has_multiple_users;
+ GHashTable *users;
+ GHashTable *old_users;
+ GHashTable *local;
+ GHashTableIter iter;
+ gsize number_of_normal_users = 0;
+ gpointer name, value;
+
+ /* Track the users that we saw during our (re)load */
+ users = create_users_hash_table ();
+
+ /*
+ * NOTE: As we load data from all the sources, notifies are
+ * frozen in load_entries() and then thawed as we process
+ * them below.
+ */
+
+ /* Load the local users into our hash table */
+ load_entries (daemon, users, FALSE, entry_generator_fgetpwent);
+ local = g_hash_table_new (g_str_hash, g_str_equal);
+ g_hash_table_iter_init (&iter, users);
+ while (g_hash_table_iter_next (&iter, &name, NULL))
+ g_hash_table_add (local, name);
+
+- /* and add users to hash table that were explicitly requested */
+- load_entries (daemon, users, TRUE, entry_generator_requested_users);
+-
+ /* Now add/update users from other sources, possibly non-local */
+ load_entries (daemon, users, FALSE, entry_generator_cachedir);
+
++ /* and add users to hash table that were explicitly requested */
++ load_entries (daemon, users, TRUE, entry_generator_requested_users);
++
+ wtmp_helper_update_login_frequencies (users);
+
+ /* Count the non-system users. Mark which users are local, which are not. */
+ g_hash_table_iter_init (&iter, users);
+ while (g_hash_table_iter_next (&iter, &name, &value)) {
+ User *user = value;
+ if (!user_get_system_account (user))
+ number_of_normal_users++;
+ user_update_local_account_property (user, g_hash_table_lookup (local, name) != NULL);
+ }
+ g_hash_table_destroy (local);
+
+ had_no_users = accounts_accounts_get_has_no_users (accounts);
+ has_no_users = number_of_normal_users == 0;
+
+ if (has_no_users && has_network_realms (daemon)) {
+ g_debug ("No local users, but network realms detected, presuming there are remote users");
+ has_no_users = FALSE;
+ }
+
+ if (had_no_users != has_no_users)
+ accounts_accounts_set_has_no_users (accounts, has_no_users);
+
+ had_multiple_users = accounts_accounts_get_has_multiple_users (accounts);
+ has_multiple_users = number_of_normal_users > 1;
+
+ if (had_multiple_users != has_multiple_users)
+ accounts_accounts_set_has_multiple_users (accounts, has_multiple_users);
+
+ /* Swap out the users */
+@@ -1017,73 +1019,71 @@ daemon_find_user_by_name (AccountsAccounts *accounts,
+
+ static ListUserData *
+ list_user_data_new (Daemon *daemon,
+ GDBusMethodInvocation *context)
+ {
+ ListUserData *data;
+
+ data = g_new0 (ListUserData, 1);
+
+ data->daemon = g_object_ref (daemon);
+ data->context = context;
+
+ return data;
+ }
+
+ static void
+ list_user_data_free (ListUserData *data)
+ {
+ g_object_unref (data->daemon);
+ g_free (data);
+ }
+
+ static void
+ finish_list_cached_users (ListUserData *data)
+ {
+ DaemonPrivate *priv = daemon_get_instance_private (data->daemon);
+ g_autoptr(GPtrArray) object_paths = NULL;
+ GHashTableIter iter;
+ gpointer key, value;
+ uid_t uid;
+- const gchar *shell;
+
+ object_paths = g_ptr_array_new ();
+
+ g_hash_table_iter_init (&iter, priv->users);
+ while (g_hash_table_iter_next (&iter, &key, &value)) {
+ const gchar *name = key;
+ User *user = value;
+
+ uid = user_get_uid (user);
+- shell = user_get_shell (user);
+
+- if (!user_classify_is_human (uid, name, shell, NULL)) {
++ if (user_get_system_account (user)) {
+ g_debug ("user %s %ld excluded", name, (long) uid);
+ continue;
+ }
+
+ if (!user_get_cached (user)) {
+ g_debug ("user %s %ld not cached", name, (long) uid);
+ continue;
+ }
+
+ g_debug ("user %s %ld not excluded", name, (long) uid);
+ g_ptr_array_add (object_paths, (gpointer) user_get_object_path (user));
+ }
+ g_ptr_array_add (object_paths, NULL);
+
+ accounts_accounts_complete_list_cached_users (NULL, data->context, (const gchar * const *) object_paths->pdata);
+
+ list_user_data_free (data);
+ }
+
+ static gboolean
+ daemon_list_cached_users (AccountsAccounts *accounts,
+ GDBusMethodInvocation *context)
+ {
+ Daemon *daemon = (Daemon*)accounts;
+ DaemonPrivate *priv = daemon_get_instance_private (daemon);
+ ListUserData *data;
+
+ data = list_user_data_new (daemon, context);
+
+ if (priv->reload_id > 0) {
+--
+2.31.1
+
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-29 18:10:52 +0000