shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-11 05:17:44 +03:00
Code

core: add @system special value to ConditionUser=

Browse Source 
It allows checking if the user is a system user or a normal user
This commit is contained in:
Felipe Sateler 2017-05-18 22:12:14 -04:00
parent c465a29f24
commit 534bab66ab
3 changed files with 20 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
man/systemd.unit.xml
View File

@ -1034,16 +1034,19 @@
executable.</para>
<para><varname>ConditionUser=</varname> takes a numeric
<literal>UID</literal> or a UNIX user name. This condition
may be used to check whether the service manager is running
as the given real or effective user. This option is not
<literal>UID</literal>, a UNIX user name, or the special value
<literal>@system</literal>. This condition may be used to check
whether the service manager is running as the given user. The
special value <literal>@system</literal> can be used to check
if the user id is within the system user range. This option is not
useful for system services, as the system manager exclusively
runs as the root user, and thus the test result is constant.</para>
<para><varname>ConditionGroup=</varname> is similar
to <varname>ConditionUser=</varname> but verifies that the
service manager's real or effective group, or any of its
auxiliary groups match the specified group or GID.</para>
auxiliary groups match the specified group or GID. This setting
does not have a special value <literal>@system</literal>.</para>
<para>If multiple conditions are specified, the unit will be
executed if all of them apply (i.e. a logical AND is applied).

3
src/shared/condition.c
View File

@ -154,6 +154,9 @@ static int condition_test_user(Condition *c) {
if (r >= 0)
return id == getuid() || id == geteuid();
if (streq("@system", c->parameter))
return getuid() <= SYSTEM_UID_MAX || geteuid() <= SYSTEM_UID_MAX;
username = getusername_malloc();
if (!username)
return -ENOMEM;

10
src/test/test-condition.c
View File

@ -385,6 +385,16 @@ static void test_condition_test_user(void) {
log_info("ConditionUser=%s → %i", username, r);
assert_se(r == 0);
condition_free(condition);
condition = condition_new(CONDITION_USER, "@system", false, false);
assert_se(condition);
r = condition_test(condition);
log_info("ConditionUser=@system → %i", r);
if (geteuid() == 0)
assert_se(r > 0);
else
assert_se(r == 0);
condition_free(condition);
}
static void test_condition_test_group(void) {