shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-03-13 00:58:27 +03:00
Code

udev-rules: ignore OWNER=/GROUP= with unknown user/group

Browse Source 
Previously, when an unknown or invalid user/group is specified,
a token was installed with UID_INVALID/GID_INVALID. That's not only
meaningless in most cases, but also clears previous assignment,
if multiple OWNER=/GROUP= token exist for the same device, e.g.

KERNEL=="sda", GROUP="disk"
KERNEL=="sda", GROUP="nonexistentuser"

This makes when an unknown user/group is specified, the line will be
ignored. Hence, in the above example, the device will be owned by the
group "disk".
This commit is contained in:
Yu Watanabe 2025-01-23 05:59:04 +09:00
parent e89eaeb027
commit a1ee55e3c9
1 changed files with 16 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
src/udev/udev-rules.c
View File

@ -496,23 +496,18 @@ static int rule_resolve_user(UdevRuleLine *rule_line, const char *name, uid_t *r
/* ret_home = */ NULL,
/* ret_shell = */ NULL,
USER_CREDS_ALLOW_MISSING);
if (r < 0) {
if (r == -ESRCH)
log_line_error_errno(rule_line, r, "Unknown user '%s', ignoring.", name);
else
log_line_error_errno(rule_line, r, "Failed to resolve user '%s', ignoring: %m", name);
*ret = UID_INVALID;
return 0;
}
if (r == -ESRCH)
return log_line_error_errno(rule_line, r, "Unknown user '%s', ignoring.", name);
if (r < 0)
return log_line_error_errno(rule_line, r, "Failed to resolve user '%s', ignoring: %m", name);
n = strdup(name);
if (!n)
return -ENOMEM;
return log_oom();
r = hashmap_ensure_put(known_users, &string_hash_ops_free, n, UID_TO_PTR(uid));
if (r < 0)
return r;
return log_oom();
TAKE_PTR(n);
*ret = uid;
@ -536,23 +531,18 @@ static int rule_resolve_group(UdevRuleLine *rule_line, const char *name, gid_t *
}
r = get_group_creds(&name, &gid, USER_CREDS_ALLOW_MISSING);
if (r < 0) {
if (r == -ESRCH)
log_line_error_errno(rule_line, r, "Unknown group '%s', ignoring.", name);
else
log_line_error_errno(rule_line, r, "Failed to resolve group '%s', ignoring: %m", name);
*ret = GID_INVALID;
return 0;
}
if (r == -ESRCH)
return log_line_error_errno(rule_line, r, "Unknown group '%s', ignoring.", name);
if (r < 0)
return log_line_error_errno(rule_line, r, "Failed to resolve group '%s', ignoring: %m", name);
n = strdup(name);
if (!n)
return -ENOMEM;
return log_oom();
r = hashmap_ensure_put(known_groups, &string_hash_ops_free, n, GID_TO_PTR(gid));
if (r < 0)
return r;
return log_oom();
TAKE_PTR(n);
*ret = gid;
@ -1052,9 +1042,10 @@ static int parse_token(
r = rule_line_add_token(rule_line, TK_A_OWNER_ID, op, NULL, UID_TO_PTR(uid), /* is_case_insensitive = */ false, token_str);
else if (resolve_name_timing == RESOLVE_NAME_EARLY &&
rule_get_substitution_type(value) == SUBST_TYPE_PLAIN) {
r = rule_resolve_user(rule_line, value, &uid);
if (r < 0)
return log_line_error_errno(rule_line, r, "Failed to resolve user name '%s': %m", value);
return r;
r = rule_line_add_token(rule_line, TK_A_OWNER_ID, op, NULL, UID_TO_PTR(uid), /* is_case_insensitive = */ false, token_str);
} else if (resolve_name_timing != RESOLVE_NAME_NEVER) {
@ -1080,9 +1071,10 @@ static int parse_token(
r = rule_line_add_token(rule_line, TK_A_GROUP_ID, op, NULL, GID_TO_PTR(gid), /* is_case_insensitive = */ false, token_str);
else if (resolve_name_timing == RESOLVE_NAME_EARLY &&
rule_get_substitution_type(value) == SUBST_TYPE_PLAIN) {
r = rule_resolve_group(rule_line, value, &gid);
if (r < 0)
return log_line_error_errno(rule_line, r, "Failed to resolve group name '%s': %m", value);
return r;
r = rule_line_add_token(rule_line, TK_A_GROUP_ID, op, NULL, GID_TO_PTR(gid), /* is_case_insensitive = */ false, token_str);
} else if (resolve_name_timing != RESOLVE_NAME_NEVER) {