diff options
author | Christian Perrier <bubulle@debian.org> | 2014-05-09 12:21:45 +0200 |
---|---|---|
committer | Christian Perrier <bubulle@debian.org> | 2014-05-09 12:21:45 +0200 |
commit | 03c52251fb0ec875067c03249fb6486b7210aad6 (patch) | |
tree | 277908f3fae6ea3dc1f8527932ee86e4401639f7 /src | |
parent | aadd2f332cfcf6100bb2476f902e565cc82bd5a3 (diff) | |
download | shadow-03c52251fb0ec875067c03249fb6486b7210aad6.tar.gz |
Configure userns
Diffstat (limited to 'src')
-rw-r--r-- | src/newusers.c | 4 | ||||
-rw-r--r-- | src/useradd.c | 10 |
2 files changed, 10 insertions, 4 deletions
diff --git a/src/newusers.c b/src/newusers.c index a90d04ee..85822db1 100644 --- a/src/newusers.c +++ b/src/newusers.c @@ -988,8 +988,8 @@ int main (int argc, char **argv) is_shadow_grp = sgr_file_present (); #endif #ifdef ENABLE_SUBIDS - is_sub_uid = sub_uid_file_present (); - is_sub_gid = sub_gid_file_present (); + is_sub_uid = sub_uid_file_present () && !rflg; + is_sub_gid = sub_gid_file_present () && !rflg; #endif /* ENABLE_SUBIDS */ open_files (); diff --git a/src/useradd.c b/src/useradd.c index 1b65bf44..a8a1f767 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -1993,6 +1993,10 @@ int main (int argc, char **argv) #endif /* USE_PAM */ #endif /* ACCT_TOOLS_SETUID */ + /* Needed for userns check */ + uid_t uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL); + uid_t uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL); + /* * Get my name so that I can use it to report errors. */ @@ -2022,8 +2026,10 @@ int main (int argc, char **argv) is_shadow_grp = sgr_file_present (); #endif #ifdef ENABLE_SUBIDS - is_sub_uid = sub_uid_file_present (); - is_sub_gid = sub_gid_file_present (); + is_sub_uid = sub_uid_file_present () && !rflg && + (!user_id || (user_id <= uid_max && user_id >= uid_min)); + is_sub_gid = sub_gid_file_present () && !rflg && + (!user_id || (user_id <= uid_max && user_id >= uid_min)); #endif /* ENABLE_SUBIDS */ get_defaults (); |