summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* user: Support new LocalAccount property in cache file23.11.69Ray Strode2023-03-153-0/+30
| | | | | | | | | | | | | | | | | | At the moment an admin can decide whether or not a user is a system account by setting SystemAccount= to true or false in the users cache file, but there's no way to to do the same sort of configuration for deciding whether or not a user is a local account. This commit adds support for a new LocalAccount= key in the cache file. Note, by default this key won't get written into the cache file and instead accountsservice will continue to rely on it's "user is in /etc/shadow" heuristic. The key only gets rewritten into the file during cache file serialization if an admin added it there first. Closes: https://gitlab.freedesktop.org/accountsservice/accountsservice/-/issues/110
* daemon: Track local users outside of fgetpwent generatorRay Strode2023-03-151-30/+35
| | | | | | | | | | | | | | | Right now we assume all local users are in /etc/shadow. This mostly right, but there may be cases where an admin wants a user to be treated as local even though they don't have a password set there. As a first step toward supporting that end goal, this commit changes the code to track local users in a hash table allocated outside of the generator function. This way the table can be used from more than one generator. A future commit will change the cache file generator to populate the local users hash table as well.
* meson.build: fix -Wimplicit-function-declaration in configure tests for printfSam James2023-02-281-0/+2
| | | | | | | | <stdio.h> needs to be included for printf. Newer compilers like Clang 16 make implicit function declarations an error by default which can cause misleading or incorrect configure test results. Signed-off-by: Sam James <sam@gentoo.org>
* Update POTFILES.inPiotr Drąg2023-02-251-0/+1
|
* Add lightdm autologin supportzhuyaliang2023-02-234-20/+162
|
* daemon: Don't crash if /etc/shadow doesn't existSimon McVittie2023-02-181-3/+2
| | | | | | | | | | | | | | | Turning off shadow passwords with `shadowconfig off` or `pwunconv` (so that the hashed password is in /etc/passwd) is something that distributions still at least half-support, and apparently some people genuinely do this. After resolving #107 this would cause accountsservice to crash. Looking at the implementation, it seems the same crash would happen if /etc/shadow is present but empty. In this situation, treat all users as non-local (unless cached) with a warning, but don't crash. Bug-Debian: https://bugs.debian.org/1031309 Signed-off-by: Simon McVittie <smcv@debian.org>
* Annotate varargs functions with G_GNUC_PRINTFSimon McVittie2023-02-073-1/+11
| | | | | | | | This lets the compiler detect and diagnose type mismatches like the one fixed in the previous commit. Helps: https://gitlab.freedesktop.org/accountsservice/accountsservice/-/issues/109 Signed-off-by: Simon McVittie <smcv@debian.org>
* user: Use correct format strings to print accounts_user_get_uid()Simon McVittie2023-02-071-12/+12
| | | | | | | | | | | | | | | The Uid property is defined in the D-Bus introspection XML to be a 64-bit unsigned integer, so we need to treat it as such when using varargs. Otherwise, architectures that do not align arguments on the stack at 64-bit boundaries can parse the stack incorrectly, resulting in a crash. For whatever obscure ABI reason, among Debian's supported architectures this only showed up as a segmentation fault on 32-bit ARM (specifically ARMv5 softfloat and ARMv7 hardfloat), and not on (for example) i386. Resolves: https://gitlab.freedesktop.org/accountsservice/accountsservice/-/issues/109 Signed-off-by: Simon McVittie <smcv@debian.org>
* daemon: Define local users as being exactly those present in /etc/shadowSimon McVittie2023-02-051-18/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | According to https://bugs.freedesktop.org/show_bug.cgi?id=48177 and https://gitlab.freedesktop.org/accountsservice/accountsservice/-/merge_requests/116, the intention is that merely existing in /etc/passwd is not enough to consider an account to be local; it must also be listed in /etc/shadow. This was done to provide graceful handling of systems where the complete list of LDAP/NIS/etc. users is written into /etc/passwd by rsync or similar instead of using a NSS plugin (but authentication still uses a PAM plugin). However, this unintentionally regressed in 34bedecf which continues reading after an account not in /etc/shadow is found. entry_generator_fgetpwent() intentionally only outputs a maximum of 50 users, and only outputs users that are classified as likely to be human users' accounts, as opposed to system uids. However, when enumerating cached or explicitly requested users, we need to look them up in a complete list of local users. Otherwise, we can incorrectly classify local users as remote (if they are beyond the limit of 50 or have a username or shell that is more typically used for system users), which makes at least GNOME Settings display a misleading user interface for those users. Resolves: https://gitlab.freedesktop.org/accountsservice/accountsservice/-/issues/107 Bug-Debian: https://bugs.debian.org/1030262 Signed-off-by: Simon McVittie <smcv@debian.org>
* daemon: Clarify use of generator_state->usersSimon McVittie2023-02-051-4/+7
| | | | Signed-off-by: Simon McVittie <smcv@debian.org>
* user: Replace usermod -p with chpasswd -eSimon McVittie2023-02-053-17/+30
| | | | | | | | | Writing the password to chpasswd's standard input avoids it becoming visible in `/proc/$pid/cmdline` (CVE-2012-6655). Resolves: https://gitlab.freedesktop.org/accountsservice/accountsservice/-/issues/8 Bug-Debian: https://bugs.debian.org/757912 Signed-off-by: Simon McVittie <smcv@debian.org>
* CI: Pass --gcov-ignore-parse-errors to gcovrSimon McVittie2023-02-032-0/+8
| | | | | | | | Workaround for https://github.com/gcovr/gcovr/issues/710 and similar bugs. Because Meson invokes gcovr internally, it doesn't seem to be possible to add options any other way. Signed-off-by: Simon McVittie <smcv@debian.org>
* CI: Fix build in a fork whose name is not accountsserviceSimon McVittie2023-02-032-2/+2
| | | | | | | I named my fork smcv/accountsservice-branches> and now I regret that choice. Signed-off-by: Simon McVittie <smcv@debian.org>
* CI: Install systemd, for /usr/share/pkgconfig/systemd.pcSimon McVittie2023-02-031-0/+1
| | | | | | | This is not in systemd-devel because it contains facts about the service manager itself, rather than facts about the libsystemd shared library. Signed-off-by: Simon McVittie <smcv@debian.org>
* Update friulian translationFabio Tomat2023-01-021-19/+32
|
* po: Update Georgian translationNorwayFun2022-11-201-26/+39
|
* Update Hindi (hi) translationHemish2022-11-181-27/+39
|
* Update Hungarian translationBalázs Úr2022-09-231-28/+43
|
* Update Catalan translationJordi Mas2022-09-131-22/+37
|
* Update hr.pogogogogi2022-08-151-1/+1
|
* ci: Do a coding style checkRay Strode2022-07-284-0/+176
| | | | | | | | | Now that the accountsservice code has been uncrustified, it would be good to keep it that way going forward. plymouth has a script it runs during CI to check the coding style. This commit steals that script and uses it for accountsservice CI too.
* ci: Only run ci stuff on merge requestsRay Strode2022-07-281-0/+4
| | | | | This is necessary for the CI_MERGE_REQUEST_DIFF_BASE_SHA variable to be exposed.
* src: Run entire tree through uncrustifyRay Strode2022-07-2819-1066/+1123
| | | | | | | | | | | The accountsservice coding style is less than pristine, and it would be good to improve that going forward. Its coding style is ostensibly the same as plymouths, though, and plymouth has an uncrustify config hammered out already. This commit runs the tree through that config to get things in better shape.
* tests: Fix tests for 2nd userBastien Nocera2022-07-261-5/+5
|
* tests: Add second user to test dataBastien Nocera2022-07-266-1/+17
|
* tests: Support multiple users for user dataBastien Nocera2022-07-261-8/+10
|
* tests: Add test for GetUsersLanguages() methodBastien Nocera2022-07-261-0/+5
|
* daemon: Add GetUsersLanguages() functionBastien Nocera2022-07-262-0/+109
| | | | | This will get an array of unique languages, formatted in XPG locale format, as used by all the users of the system.
* daemon: Move uid variable where it's usedBastien Nocera2022-07-261-1/+1
|
* tests: Add daemon tests for new Languages propertyBastien Nocera2022-07-261-0/+34
|
* tests: Add library tests for "Languages" propertyBastien Nocera2022-07-262-0/+10
|
* user: Add "Languages" user propertyBastien Nocera2022-07-265-6/+200
| | | | | | | | | Languages is a property that can be used by desktops to declare what languages other than the main UI language they would want to use, such as fallback languages for missing translations, preferred languages in subtitles, installed dictionaries, etc. See https://gitlab.gnome.org/GNOME/gnome-control-center/-/issues/1969
* tests: Set locale from simple daemon testRay Strode2022-07-261-0/+3
| | | | | | | | accountsservice is going to use the locale it's running in as a proxy for the system locale. To that end, this commit changes the daemon test to set a simulated system locale before starting the accounts-daemon.
* ci: Fail run-tests if something failsRay Strode2022-07-261-1/+3
| | | | | | | | | I noticed we got a greenlight in CI even though something failed because of a missing locale. This commit adds a set -e to hopefully fix that issue. It also adds a -v so that there's moar output.
* ci: Make sure all locales are installedRay Strode2022-07-261-0/+1
| | | | | | I'm seeing the test suite use C when en_IE.utf8 is requested. This suggests, perhaps, that not all langpacks are installed.
* ci: Run test suite under valgrindRay Strode2022-07-263-1/+6
| | | | | | | | The test suite is svelt enough at the moment I don't think it's going to be a big resource drag, so let's just get the mem checking in the regular loop. This is an experiment that may not pan out.
* tests: Add test for setting invalid languageBastien Nocera2022-07-241-0/+24
|
* tests: Add polkit supportBastien Nocera2022-07-241-0/+25
| | | | | Start a mocked polkitd when needed so we can give ourselves the necessary permissions to access API.
* tests: Add test for another invalid localeBastien Nocera2022-07-241-0/+1
|
* tests: Add test for getting user dataBastien Nocera2022-07-241-0/+26
|
* tests: Add simple daemon testBastien Nocera2022-07-243-2/+242
| | | | Just checks whether the daemon can start.
* tests: Add sufficient data to allow the daemon to runBastien Nocera2022-07-246-0/+25
| | | | | | Add minimal /etc and /var/lib/AccountsService data to be able to run the daemon against. The .in file needs to be processed for the path to be adjusted.
* main: Use new overridable sysconfdirBastien Nocera2022-07-241-8/+16
| | | | For the shadow file, as this cannot be overridden using mocklibc.
* main: Use new overridable ICONDIRBastien Nocera2022-07-243-5/+5
|
* main: Use new overridable USERDIRBastien Nocera2022-07-243-13/+18
|
* user: Add helper to allow overriding the root directoryBastien Nocera2022-07-243-0/+54
| | | | | | This makes it possible to override the hardcoded USERDIR, ICONDIR, and /etc by setting the ROOTDIR environment variable, if the daemon is running as a normal user.
* build: Add mocklibc subprojectBastien Nocera2022-07-242-0/+13
| | | | This will be used to mock /etc/passwd and co.
* ci: Fail tests when some are skippedBastien Nocera2022-07-242-0/+26
| | | | We want to make sure all the tests are being run.
* ci: Run tests as a normal userBastien Nocera2022-07-242-3/+14
| | | | Rather than as root.
* build: Fix cwd != srcdir in generate-version.shBastien Nocera2022-07-241-0/+2
| | | | | | generate-version.sh expected the current directory to be the git checkout, which isn't always possible to achieve. Fix the checks for that case.
View Lorry Controller Status