return DYNAMIC_UID_MIN <= uid && uid <= DYNAMIC_UID_MAX;
}
+static inline bool uid_is_system(uid_t uid) {
+ return uid <= SYSTEM_UID_MAX;
+}
+
+static inline bool gid_is_system(gid_t gid) {
+ return gid <= SYSTEM_GID_MAX;
+}
+
/* The following macros add 1 when converting things, since UID 0 is a valid UID, while the pointer
* NULL is special */
#define PTR_TO_UID(p) ((uid_t) (((uintptr_t) (p))-1))
assert(fd >= 0);
- if (uid <= SYSTEM_UID_MAX)
+ if (uid_is_system(uid))
return 0;
/* Make sure normal users can read (but not write or delete)
assert(f);
#if HAVE_ACL
- if (uid <= SYSTEM_UID_MAX)
+ if (uid_is_system(uid))
return;
r = add_acls_for_user(f->fd, uid);
if (s->runtime_journal)
return s->runtime_journal;
- if (uid <= SYSTEM_UID_MAX || uid_is_dynamic(uid))
+ if (uid_is_system(uid) || uid_is_dynamic(uid))
return s->system_journal;
r = sd_id128_get_machine(&machine);
* cases, as we shouldn't accidentally remove a system service's IPC objects while it is running, just because
* a cronjob running as the same user just finished. Hence: exclude system users generally from IPC clean-up,
* and do it only for normal users. */
- if (u->manager->remove_ipc && u->uid > SYSTEM_UID_MAX) {
+ if (u->manager->remove_ipc && !uid_is_system(u->uid)) {
k = clean_ipc_by_uid(u->uid);
if (k < 0)
r = k;
}
}
- if (uid <= SYSTEM_UID_MAX)
+ if (uid_is_system(uid))
goto not_found;
if (getenv_bool_secure("SYSTEMD_NSS_DYNAMIC_BYPASS") > 0)
}
}
- if (gid <= SYSTEM_GID_MAX)
+ if (gid_is_system(gid))
goto not_found;
if (getenv_bool_secure("SYSTEMD_NSS_DYNAMIC_BYPASS") > 0)
return id == getuid() || id == geteuid();
if (streq("@system", c->parameter))
- return getuid() <= SYSTEM_UID_MAX || geteuid() <= SYSTEM_UID_MAX;
+ return uid_is_system(getuid()) || uid_is_system(geteuid());
username = getusername_malloc();
if (!username)
assert_se(condition);
r = condition_test(condition);
log_info("ConditionUser=@system → %i", r);
- if (getuid() < SYSTEM_UID_MAX || geteuid() < SYSTEM_UID_MAX)
+ if (uid_is_system(getuid()) || uid_is_system(geteuid()))
assert_se(r > 0);
else
assert_se(r == 0);