#include <dbus/dbus-list.h>
#include <dbus/dbus-hash.h>
#include <dbus/dbus-internals.h>
+#include <dbus/dbus-userdb.h>
struct BusContext
{
BusRegistry *registry;
BusPolicy *policy;
BusMatchmaker *matchmaker;
- DBusUserDatabase *user_database;
BusLimits limits;
unsigned int fork : 1;
};
if (!dbus_server_allocate_data_slot (&server_data_slot))
_dbus_assert_not_reached ("second ref of server data slot failed");
- context->user_database = _dbus_user_database_new ();
- if (context->user_database == NULL)
- {
- BUS_SET_OOM (error);
- goto failed;
- }
-
/* Note that we don't know whether the print_addr_fd is
* one of the sockets we're using to listen on, or some
* other random thing. But I think the answer is "don't do
dbus_bool_t ret;
/* Flush the user database cache */
- _dbus_user_database_flush(context->user_database);
+ _dbus_user_database_flush_system ();
ret = FALSE;
_dbus_string_init_const (&config_file, context->config_file);
dbus_free (context->pidfile);
}
-
- if (context->user_database != NULL)
- _dbus_user_database_unref (context->user_database);
-
dbus_free (context);
dbus_server_free_data_slot (&server_data_slot);
return context->loop;
}
-DBusUserDatabase*
-bus_context_get_user_database (BusContext *context)
-{
- return context->user_database;
-}
-
dbus_bool_t
bus_context_allow_user (BusContext *context,
unsigned long uid)
{
return bus_policy_allow_user (context->policy,
- context->user_database,
uid);
}
#include <dbus/dbus.h>
#include <dbus/dbus-string.h>
#include <dbus/dbus-mainloop.h>
-#include <dbus/dbus-userdb.h>
typedef struct BusActivation BusActivation;
typedef struct BusConnections BusConnections;
BusActivation* bus_context_get_activation (BusContext *context);
BusMatchmaker* bus_context_get_matchmaker (BusContext *context);
DBusLoop* bus_context_get_loop (BusContext *context);
-DBusUserDatabase* bus_context_get_user_database (BusContext *context);
-
dbus_bool_t bus_context_allow_user (BusContext *context,
unsigned long uid);
BusPolicy* bus_context_get_policy (BusContext *context);
#include <dbus/dbus-list.h>
#include <dbus/dbus-hash.h>
#include <dbus/dbus-timeout.h>
+#include <dbus/dbus-userdb.h>
static void bus_connection_remove_transactions (DBusConnection *connection);
{
BusConnectionData *d;
unsigned long uid;
- DBusUserDatabase *user_database;
d = BUS_CONNECTION_DATA (connection);
_dbus_assert (d != NULL);
- user_database = bus_context_get_user_database (d->connections->context);
-
*groups = NULL;
*n_groups = 0;
if (dbus_connection_get_unix_user (connection, &uid))
{
- if (!_dbus_user_database_get_groups (user_database,
- uid, groups, n_groups,
- error))
+ if (!_dbus_groups_from_uid (uid, groups, n_groups))
{
- _DBUS_ASSERT_ERROR_IS_SET (error);
_dbus_verbose ("Did not get any groups for UID %lu\n",
uid);
return FALSE;
#include <dbus/dbus-list.h>
#include <dbus/dbus-hash.h>
#include <dbus/dbus-internals.h>
+#include <dbus/dbus-userdb.h>
BusPolicyRule*
bus_policy_rule_new (BusPolicyRuleType type,
dbus_bool_t
bus_policy_allow_user (BusPolicy *policy,
- DBusUserDatabase *user_database,
unsigned long uid)
{
dbus_bool_t allowed;
int n_group_ids;
/* On OOM or error we always reject the user */
- if (!_dbus_user_database_get_groups (user_database,
- uid, &group_ids, &n_group_ids, NULL))
+ if (!_dbus_groups_from_uid (uid, &group_ids, &n_group_ids))
{
_dbus_verbose ("Did not get any groups for UID %lu\n",
uid);
DBusConnection *connection,
DBusError *error);
dbus_bool_t bus_policy_allow_user (BusPolicy *policy,
- DBusUserDatabase *user_database,
unsigned long uid);
dbus_bool_t bus_policy_append_default_rule (BusPolicy *policy,
BusPolicyRule *rule);
return FALSE;
}
+ /* TPTD: this should be cache-safe, we've locked the DB and
+ _dbus_user_at_console doesn't pass it on. */
info = _dbus_user_database_lookup (db, uid, NULL, error);
if (info == NULL)
/**
- * Gets all groups for a particular user. Returns #FALSE
+ * Gets all groups corresponding to the given UID. Returns #FALSE
* if no memory, or user isn't known, but always initializes
- * group_ids to a NULL array. Sets error to the reason
- * for returning #FALSE.
+ * group_ids to a NULL array.
*
- * @param db the user database object
- * @param uid the user ID
+ * @param uid the UID
* @param group_ids return location for array of group IDs
* @param n_group_ids return location for length of returned array
- * @param error return location for error
- * @returns #TRUE on success
+ * @returns #TRUE if the UID existed and we got some credentials
*/
dbus_bool_t
-_dbus_user_database_get_groups (DBusUserDatabase *db,
- dbus_uid_t uid,
- dbus_gid_t **group_ids,
- int *n_group_ids,
- DBusError *error)
+_dbus_groups_from_uid (dbus_uid_t uid,
+ dbus_gid_t **group_ids,
+ int *n_group_ids)
{
- DBusUserInfo *info;
-
- _DBUS_ASSERT_ERROR_IS_CLEAR (error);
-
+ DBusUserDatabase *db;
+ const DBusUserInfo *info;
*group_ids = NULL;
*n_group_ids = 0;
-
- info = _dbus_user_database_lookup (db, uid, NULL, error);
- if (info == NULL)
+
+ _dbus_user_database_lock_system ();
+
+ db = _dbus_user_database_get_system ();
+ if (db == NULL)
{
- _DBUS_ASSERT_ERROR_IS_SET (error);
+ _dbus_user_database_unlock_system ();
return FALSE;
}
+ if (!_dbus_user_database_get_uid (db, uid,
+ &info, NULL))
+ {
+ _dbus_user_database_unlock_system ();
+ return FALSE;
+ }
+
+ _dbus_assert (info->uid == uid);
+
if (info->n_group_ids > 0)
{
*group_ids = dbus_new (dbus_gid_t, info->n_group_ids);
if (*group_ids == NULL)
{
- dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+ _dbus_user_database_unlock_system ();
return FALSE;
}
memcpy (*group_ids, info->group_ids, info->n_group_ids * sizeof (dbus_gid_t));
}
+ _dbus_user_database_unlock_system ();
return TRUE;
}
-
/** @} */
#ifdef DBUS_BUILD_TESTS
{
const DBusString *username;
const DBusString *homedir;
+ dbus_uid_t uid;
+ unsigned long *group_ids;
+ int n_group_ids, i;
if (!_dbus_username_from_current_process (&username))
_dbus_assert_not_reached ("didn't get username");
if (!_dbus_homedir_from_current_process (&homedir))
_dbus_assert_not_reached ("didn't get homedir");
- printf (" Current user: %s homedir: %s\n",
+ if (!_dbus_get_user_id (username, &uid))
+ _dbus_assert_not_reached ("didn't get uid");
+
+
+ if (!_dbus_groups_from_uid (uid, &group_ids, &n_group_ids))
+ _dbus_assert_not_reached ("didn't get groups");
+
+ printf (" Current user: %s homedir: %s gids:",
_dbus_string_get_const_data (username),
_dbus_string_get_const_data (homedir));
-
+
+ for (i=0; i<n_group_ids; i++)
+ printf(" %ld", group_ids[i]);
+
+ printf ("\n");
+
+ dbus_free (group_ids);
+
return TRUE;
}
#endif /* DBUS_BUILD_TESTS */
{
int end;
- if (_dbus_string_parse_int (str, 0, num, &end) &&
+ if (_dbus_string_parse_uint (str, 0, num, &end) &&
end == _dbus_string_get_length (str))
return TRUE;
else
}
/**
+ * Flushes the system global user database;
+ */
+void
+_dbus_user_database_flush_system (void)
+{
+ _dbus_user_database_lock_system ();
+
+ _dbus_user_database_flush (system_db);
+
+ _dbus_user_database_unlock_system ();
+}
+
+/**
* Gets username of user owning current process. The returned string
* is valid until dbus_shutdown() is called.
*
};
-#endif /* DBUS_USERDB_INCLUDES_PRIVATE */
DBusUserDatabase* _dbus_user_database_new (void);
DBusUserDatabase* _dbus_user_database_ref (DBusUserDatabase *db);
void _dbus_user_database_flush (DBusUserDatabase *db);
void _dbus_user_database_unref (DBusUserDatabase *db);
-dbus_bool_t _dbus_user_database_get_groups (DBusUserDatabase *db,
- dbus_uid_t uid,
- dbus_gid_t **group_ids,
- int *n_group_ids,
- DBusError *error);
dbus_bool_t _dbus_user_database_get_uid (DBusUserDatabase *db,
dbus_uid_t uid,
const DBusUserInfo **info,
const DBusGroupInfo **info,
DBusError *error);
-#ifdef DBUS_USERDB_INCLUDES_PRIVATE
DBusUserInfo* _dbus_user_database_lookup (DBusUserDatabase *db,
dbus_uid_t uid,
const DBusString *username,
DBusUserDatabase* _dbus_user_database_get_system (void);
void _dbus_user_database_lock_system (void);
void _dbus_user_database_unlock_system (void);
+void _dbus_user_database_flush_system (void);
dbus_bool_t _dbus_username_from_current_process (const DBusString **username);
dbus_bool_t _dbus_homedir_from_current_process (const DBusString **homedir);
DBusCredentials *credentials);
dbus_bool_t _dbus_credentials_from_uid (dbus_uid_t user_id,
DBusCredentials *credentials);
+dbus_bool_t _dbus_groups_from_uid (dbus_uid_t uid,
+ dbus_gid_t **group_ids,
+ int *n_group_ids);
dbus_bool_t _dbus_is_console_user (dbus_uid_t uid,
DBusError *error);
projects / platform / upstream / dbus.git / commitdiff