mirror of
https://github.com/systemd/systemd.git
synced 2024-12-22 17:35:35 +03:00
basic/namespace-util: add parse_userns_uid_range
This commit is contained in:
parent
5c57a86506
commit
acdef55ef7
@ -11,6 +11,7 @@
|
||||
#include "missing_magic.h"
|
||||
#include "missing_sched.h"
|
||||
#include "namespace-util.h"
|
||||
#include "parse-util.h"
|
||||
#include "process-util.h"
|
||||
#include "stat-util.h"
|
||||
#include "stdio-util.h"
|
||||
@ -305,3 +306,41 @@ int in_same_namespace(pid_t pid1, pid_t pid2, NamespaceType type) {
|
||||
|
||||
return stat_inode_same(&ns_st1, &ns_st2);
|
||||
}
|
||||
|
||||
int parse_userns_uid_range(const char *s, uid_t *ret_uid_shift, uid_t *ret_uid_range) {
|
||||
_cleanup_free_ char *buffer = NULL;
|
||||
const char *range, *shift;
|
||||
int r;
|
||||
uid_t uid_shift, uid_range = 65536;
|
||||
|
||||
assert(s);
|
||||
|
||||
range = strchr(s, ':');
|
||||
if (range) {
|
||||
buffer = strndup(s, range - s);
|
||||
if (!buffer)
|
||||
return log_oom();
|
||||
shift = buffer;
|
||||
|
||||
range++;
|
||||
r = safe_atou32(range, &uid_range);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to parse UID range \"%s\": %m", range);
|
||||
} else
|
||||
shift = s;
|
||||
|
||||
r = parse_uid(shift, &uid_shift);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to parse UID \"%s\": %m", s);
|
||||
|
||||
if (!userns_shift_range_valid(uid_shift, uid_range))
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "UID range cannot be empty or go beyond " UID_FMT ".", UID_INVALID);
|
||||
|
||||
if (ret_uid_shift)
|
||||
*ret_uid_shift = uid_shift;
|
||||
|
||||
if (ret_uid_range)
|
||||
*ret_uid_range = uid_range;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -53,3 +53,5 @@ static inline bool userns_shift_range_valid(uid_t shift, uid_t range) {
|
||||
int userns_acquire(const char *uid_map, const char *gid_map);
|
||||
int netns_acquire(void);
|
||||
int in_same_namespace(pid_t pid1, pid_t pid2, NamespaceType type);
|
||||
|
||||
int parse_userns_uid_range(const char *s, uid_t *ret_uid_shift, uid_t *ret_uid_range);
|
||||
|
Loading…
Reference in New Issue
Block a user