mirror of
https://github.com/systemd/systemd.git
synced 2024-10-28 03:25:31 +03:00
docs: permit user/group services that do not support enumeration
sssd people don't like enumeration and for some other cases it's not nice to support either, in particular when synthesizing records for container/userns UID/GID ranges. Hence, let's make enumeration optional.
This commit is contained in:
parent
16a4a2f8cc
commit
56870d324b
@ -185,6 +185,7 @@ error NoRecordFound()
|
||||
error BadService()
|
||||
error ServiceNotAvailable()
|
||||
error ConflictingRecordFound()
|
||||
error EnumerationNotSupported()
|
||||
```
|
||||
|
||||
The `GetUserRecord` method looks up or enumerates a user record. If the `uid`
|
||||
@ -264,4 +265,11 @@ services. Result of this is that it can be one service that defines a user A,
|
||||
and another service that defines a group B, and a third service that declares
|
||||
that A is a member of B.
|
||||
|
||||
Looking up explicit users/groups by their name or UID/GID, or querying
|
||||
user/group memberships must be supported by all services implementing these
|
||||
interfaces. However, supporting enumeration (i.e. user/group lookups that may
|
||||
result in more than one reply, because neither UID/GID nor name is specified)
|
||||
is optional. Services which are asked for enumeration may return the
|
||||
`EnumerationNotSupported` error in this case.
|
||||
|
||||
And that's really all there is to it.
|
||||
|
@ -156,6 +156,8 @@ static int userdb_on_query_reply(
|
||||
r = -ESRCH;
|
||||
else if (streq(error_id, "io.systemd.UserDatabase.ServiceNotAvailable"))
|
||||
r = -EHOSTDOWN;
|
||||
else if (streq(error_id, "io.systemd.UserDatabase.EnumerationNotSupported"))
|
||||
r = -EOPNOTSUPP;
|
||||
else if (streq(error_id, VARLINK_ERROR_TIMEOUT))
|
||||
r = -ETIMEDOUT;
|
||||
else
|
||||
|
Loading…
Reference in New Issue
Block a user