summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTim Dijkstra <tim@famdijkstra.org>2006-12-12 21:24:07 +0000
committerTim Dijkstra <tim@famdijkstra.org>2006-12-12 21:24:07 +0000
commit145fb99b6e0351d92ffd2f85be77b426c89df59b (patch)
tree842a296b17f34ed145cdcbdfb1478ce28f0a7d2f
parent1a90c0193042bfc03d56d0f2454e46ec35667f3f (diff)
downloaddbus-145fb99b6e0351d92ffd2f85be77b426c89df59b.tar.gz
commit.msg
Diffstat
-rw-r--r--bus/bus.c22
-rw-r--r--bus/bus.h3
-rw-r--r--bus/connection.c9
-rw-r--r--bus/policy.c5
-rw-r--r--bus/policy.h1
-rw-r--r--dbus/dbus-userdb-util.c71
-rw-r--r--dbus/dbus-userdb.c15
-rw-r--r--dbus/dbus-userdb.h11
8 files changed, 71 insertions, 66 deletions
diff --git a/bus/bus.c b/bus/bus.c
index efbd0232..562eb983 100644
--- a/bus/bus.c
+++ b/bus/bus.c
@@ -34,6 +34,7 @@
#include <dbus/dbus-list.h>
#include <dbus/dbus-hash.h>
#include <dbus/dbus-internals.h>
+#include <dbus/dbus-userdb.h>
struct BusContext
{
@@ -50,7 +51,6 @@ struct BusContext
BusRegistry *registry;
BusPolicy *policy;
BusMatchmaker *matchmaker;
- DBusUserDatabase *user_database;
BusLimits limits;
unsigned int fork : 1;
};
@@ -596,13 +596,6 @@ bus_context_new (const DBusString *config_file,
if (!dbus_server_allocate_data_slot (&server_data_slot))
_dbus_assert_not_reached ("second ref of server data slot failed");
- context->user_database = _dbus_user_database_new ();
- if (context->user_database == NULL)
- {
- BUS_SET_OOM (error);
- goto failed;
- }
-
/* Note that we don't know whether the print_addr_fd is
* one of the sockets we're using to listen on, or some
* other random thing. But I think the answer is "don't do
@@ -800,7 +793,7 @@ bus_context_reload_config (BusContext *context,
dbus_bool_t ret;
/* Flush the user database cache */
- _dbus_user_database_flush(context->user_database);
+ _dbus_user_database_flush_system ();
ret = FALSE;
_dbus_string_init_const (&config_file, context->config_file);
@@ -951,10 +944,6 @@ bus_context_unref (BusContext *context)
dbus_free (context->pidfile);
}
-
- if (context->user_database != NULL)
- _dbus_user_database_unref (context->user_database);
-
dbus_free (context);
dbus_server_free_data_slot (&server_data_slot);
@@ -1004,18 +993,11 @@ bus_context_get_loop (BusContext *context)
return context->loop;
}
-DBusUserDatabase*
-bus_context_get_user_database (BusContext *context)
-{
- return context->user_database;
-}
-
dbus_bool_t
bus_context_allow_user (BusContext *context,
unsigned long uid)
{
return bus_policy_allow_user (context->policy,
- context->user_database,
uid);
}
diff --git a/bus/bus.h b/bus/bus.h
index 527bfddc..77d764db 100644
--- a/bus/bus.h
+++ b/bus/bus.h
@@ -29,7 +29,6 @@
#include <dbus/dbus.h>
#include <dbus/dbus-string.h>
#include <dbus/dbus-mainloop.h>
-#include <dbus/dbus-userdb.h>
typedef struct BusActivation BusActivation;
typedef struct BusConnections BusConnections;
@@ -86,8 +85,6 @@ BusConnections* bus_context_get_connections (BusContext
BusActivation* bus_context_get_activation (BusContext *context);
BusMatchmaker* bus_context_get_matchmaker (BusContext *context);
DBusLoop* bus_context_get_loop (BusContext *context);
-DBusUserDatabase* bus_context_get_user_database (BusContext *context);
-
dbus_bool_t bus_context_allow_user (BusContext *context,
unsigned long uid);
BusPolicy* bus_context_get_policy (BusContext *context);
diff --git a/bus/connection.c b/bus/connection.c
index df888f47..d063afca 100644
--- a/bus/connection.c
+++ b/bus/connection.c
@@ -31,6 +31,7 @@
#include <dbus/dbus-list.h>
#include <dbus/dbus-hash.h>
#include <dbus/dbus-timeout.h>
+#include <dbus/dbus-userdb.h>
static void bus_connection_remove_transactions (DBusConnection *connection);
@@ -778,24 +779,18 @@ bus_connection_get_groups (DBusConnection *connection,
{
BusConnectionData *d;
unsigned long uid;
- DBusUserDatabase *user_database;
d = BUS_CONNECTION_DATA (connection);
_dbus_assert (d != NULL);
- user_database = bus_context_get_user_database (d->connections->context);
-
*groups = NULL;
*n_groups = 0;
if (dbus_connection_get_unix_user (connection, &uid))
{
- if (!_dbus_user_database_get_groups (user_database,
- uid, groups, n_groups,
- error))
+ if (!_dbus_groups_from_uid (uid, groups, n_groups))
{
- _DBUS_ASSERT_ERROR_IS_SET (error);
_dbus_verbose ("Did not get any groups for UID %lu\n",
uid);
return FALSE;
diff --git a/bus/policy.c b/bus/policy.c
index c0244bdc..7b4c5f26 100644
--- a/bus/policy.c
+++ b/bus/policy.c
@@ -28,6 +28,7 @@
#include <dbus/dbus-list.h>
#include <dbus/dbus-hash.h>
#include <dbus/dbus-internals.h>
+#include <dbus/dbus-userdb.h>
BusPolicyRule*
bus_policy_rule_new (BusPolicyRuleType type,
@@ -438,7 +439,6 @@ list_allows_user (dbus_bool_t def,
dbus_bool_t
bus_policy_allow_user (BusPolicy *policy,
- DBusUserDatabase *user_database,
unsigned long uid)
{
dbus_bool_t allowed;
@@ -446,8 +446,7 @@ bus_policy_allow_user (BusPolicy *policy,
int n_group_ids;
/* On OOM or error we always reject the user */
- if (!_dbus_user_database_get_groups (user_database,
- uid, &group_ids, &n_group_ids, NULL))
+ if (!_dbus_groups_from_uid (uid, &group_ids, &n_group_ids))
{
_dbus_verbose ("Did not get any groups for UID %lu\n",
uid);
diff --git a/bus/policy.h b/bus/policy.h
index 94b48e6f..0a944ff1 100644
--- a/bus/policy.h
+++ b/bus/policy.h
@@ -113,7 +113,6 @@ BusClientPolicy* bus_policy_create_client_policy (BusPolicy *policy,
DBusConnection *connection,
DBusError *error);
dbus_bool_t bus_policy_allow_user (BusPolicy *policy,
- DBusUserDatabase *user_database,
unsigned long uid);
dbus_bool_t bus_policy_append_default_rule (BusPolicy *policy,
BusPolicyRule *rule);
diff --git a/dbus/dbus-userdb-util.c b/dbus/dbus-userdb-util.c
index 81564ad7..bd393a27 100644
--- a/dbus/dbus-userdb-util.c
+++ b/dbus/dbus-userdb-util.c
@@ -86,6 +86,8 @@ _dbus_is_console_user (dbus_uid_t uid,
return FALSE;
}
+ /* TPTD: this should be cache-safe, we've locked the DB and
+ _dbus_user_at_console doesn't pass it on. */
info = _dbus_user_database_lookup (db, uid, NULL, error);
if (info == NULL)
@@ -347,45 +349,49 @@ _dbus_user_database_get_gid (DBusUserDatabase *db,
/**
- * Gets all groups for a particular user. Returns #FALSE
+ * Gets all groups corresponding to the given UID. Returns #FALSE
* if no memory, or user isn't known, but always initializes
- * group_ids to a NULL array. Sets error to the reason
- * for returning #FALSE.
+ * group_ids to a NULL array.
*
- * @param db the user database object
- * @param uid the user ID
+ * @param uid the UID
* @param group_ids return location for array of group IDs
* @param n_group_ids return location for length of returned array
- * @param error return location for error
- * @returns #TRUE on success
+ * @returns #TRUE if the UID existed and we got some credentials
*/
dbus_bool_t
-_dbus_user_database_get_groups (DBusUserDatabase *db,
- dbus_uid_t uid,
- dbus_gid_t **group_ids,
- int *n_group_ids,
- DBusError *error)
+_dbus_groups_from_uid (dbus_uid_t uid,
+ dbus_gid_t **group_ids,
+ int *n_group_ids)
{
- DBusUserInfo *info;
-
- _DBUS_ASSERT_ERROR_IS_CLEAR (error);
-
+ DBusUserDatabase *db;
+ const DBusUserInfo *info;
*group_ids = NULL;
*n_group_ids = 0;
-
- info = _dbus_user_database_lookup (db, uid, NULL, error);
- if (info == NULL)
+
+ _dbus_user_database_lock_system ();
+
+ db = _dbus_user_database_get_system ();
+ if (db == NULL)
{
- _DBUS_ASSERT_ERROR_IS_SET (error);
+ _dbus_user_database_unlock_system ();
return FALSE;
}
+ if (!_dbus_user_database_get_uid (db, uid,
+ &info, NULL))
+ {
+ _dbus_user_database_unlock_system ();
+ return FALSE;
+ }
+
+ _dbus_assert (info->uid == uid);
+
if (info->n_group_ids > 0)
{
*group_ids = dbus_new (dbus_gid_t, info->n_group_ids);
if (*group_ids == NULL)
{
- dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+ _dbus_user_database_unlock_system ();
return FALSE;
}
@@ -394,9 +400,9 @@ _dbus_user_database_get_groups (DBusUserDatabase *db,
memcpy (*group_ids, info->group_ids, info->n_group_ids * sizeof (dbus_gid_t));
}
+ _dbus_user_database_unlock_system ();
return TRUE;
}
-
/** @} */
#ifdef DBUS_BUILD_TESTS
@@ -412,6 +418,9 @@ _dbus_userdb_test (const char *test_data_dir)
{
const DBusString *username;
const DBusString *homedir;
+ dbus_uid_t uid;
+ unsigned long *group_ids;
+ int n_group_ids, i;
if (!_dbus_username_from_current_process (&username))
_dbus_assert_not_reached ("didn't get username");
@@ -419,10 +428,24 @@ _dbus_userdb_test (const char *test_data_dir)
if (!_dbus_homedir_from_current_process (&homedir))
_dbus_assert_not_reached ("didn't get homedir");
- printf (" Current user: %s homedir: %s\n",
+ if (!_dbus_get_user_id (username, &uid))
+ _dbus_assert_not_reached ("didn't get uid");
+
+
+ if (!_dbus_groups_from_uid (uid, &group_ids, &n_group_ids))
+ _dbus_assert_not_reached ("didn't get groups");
+
+ printf (" Current user: %s homedir: %s gids:",
_dbus_string_get_const_data (username),
_dbus_string_get_const_data (homedir));
-
+
+ for (i=0; i<n_group_ids; i++)
+ printf(" %ld", group_ids[i]);
+
+ printf ("\n");
+
+ dbus_free (group_ids);
+
return TRUE;
}
#endif /* DBUS_BUILD_TESTS */
diff --git a/dbus/dbus-userdb.c b/dbus/dbus-userdb.c
index c4f35fb7..1be3dda6 100644
--- a/dbus/dbus-userdb.c
+++ b/dbus/dbus-userdb.c
@@ -79,7 +79,7 @@ _dbus_is_a_number (const DBusString *str,
{
int end;
- if (_dbus_string_parse_int (str, 0, num, &end) &&
+ if (_dbus_string_parse_uint (str, 0, num, &end) &&
end == _dbus_string_get_length (str))
return TRUE;
else
@@ -312,6 +312,19 @@ _dbus_user_database_get_system (void)
}
/**
+ * Flushes the system global user database;
+ */
+void
+_dbus_user_database_flush_system (void)
+{
+ _dbus_user_database_lock_system ();
+
+ _dbus_user_database_flush (system_db);
+
+ _dbus_user_database_unlock_system ();
+}
+
+/**
* Gets username of user owning current process. The returned string
* is valid until dbus_shutdown() is called.
*
diff --git a/dbus/dbus-userdb.h b/dbus/dbus-userdb.h
index 906c6ab3..9e278544 100644
--- a/dbus/dbus-userdb.h
+++ b/dbus/dbus-userdb.h
@@ -47,17 +47,11 @@ struct DBusUserDatabase
};
-#endif /* DBUS_USERDB_INCLUDES_PRIVATE */
DBusUserDatabase* _dbus_user_database_new (void);
DBusUserDatabase* _dbus_user_database_ref (DBusUserDatabase *db);
void _dbus_user_database_flush (DBusUserDatabase *db);
void _dbus_user_database_unref (DBusUserDatabase *db);
-dbus_bool_t _dbus_user_database_get_groups (DBusUserDatabase *db,
- dbus_uid_t uid,
- dbus_gid_t **group_ids,
- int *n_group_ids,
- DBusError *error);
dbus_bool_t _dbus_user_database_get_uid (DBusUserDatabase *db,
dbus_uid_t uid,
const DBusUserInfo **info,
@@ -75,7 +69,6 @@ dbus_bool_t _dbus_user_database_get_groupname (DBusUserDatabase *db,
const DBusGroupInfo **info,
DBusError *error);
-#ifdef DBUS_USERDB_INCLUDES_PRIVATE
DBusUserInfo* _dbus_user_database_lookup (DBusUserDatabase *db,
dbus_uid_t uid,
const DBusString *username,
@@ -91,6 +84,7 @@ void _dbus_group_info_free_allocated (DBusGroupInfo *info);
DBusUserDatabase* _dbus_user_database_get_system (void);
void _dbus_user_database_lock_system (void);
void _dbus_user_database_unlock_system (void);
+void _dbus_user_database_flush_system (void);
dbus_bool_t _dbus_username_from_current_process (const DBusString **username);
dbus_bool_t _dbus_homedir_from_current_process (const DBusString **homedir);
@@ -104,6 +98,9 @@ dbus_bool_t _dbus_credentials_from_username (const DBusString *username,
DBusCredentials *credentials);
dbus_bool_t _dbus_credentials_from_uid (dbus_uid_t user_id,
DBusCredentials *credentials);
+dbus_bool_t _dbus_groups_from_uid (dbus_uid_t uid,
+ dbus_gid_t **group_ids,
+ int *n_group_ids);
dbus_bool_t _dbus_is_console_user (dbus_uid_t uid,
DBusError *error);
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-16 13:36:56 +0000