summaryrefslogtreecommitdiff
path: root/src/shared/sleep-config.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2020-04-04 12:23:02 +0200
committerThe Plumber <50238977+systemd-rhel-bot@users.noreply.github.com>2020-11-02 19:05:19 +0100
commit33b851f0c30e47fe71a293e2c990ef26573efe86 (patch)
tree1fff0b1f7316583e6b49894f078a901fec1be974 /src/shared/sleep-config.c
parent7569168bea3d7e11cd3afe6167fcf4a3ac65a1a6 (diff)
downloadsystemd-239-42.tar.gz
user-util: rework how we validate user namesv239-42
This reworks the user validation infrastructure. There are now two modes. In regular mode we are strict and test against a strict set of valid chars. And in "relaxed" mode we just filter out some really obvious, dangerous stuff. i.e. strict is whitelisting what is OK, but "relaxed" is blacklisting what is really not OK. The idea is that we use strict mode whenver we allocate a new user (i.e. in sysusers.d or homed), while "relaxed" mode is when we process users registered elsewhere, (i.e. userdb, logind, …) The requirements on user name validity vary wildly. SSSD thinks its fine to embedd "@" for example, while the suggested NAME_REGEX field on Debian does not even allow uppercase chars… This effectively liberaralizes a lot what we expect from usernames. The code that warns about questionnable user names is now optional and only used at places such as unit file parsing, so that it doesn't show up on every userdb query, but only when processing configuration files that know better. Fixes: #15149 #15090 (cherry picked from commit 7a8867abfab10e5bbca10590ec2aa40c5b27d8fb) Resolves: #1848373
Diffstat (limited to 'src/shared/sleep-config.c')
0 files changed, 0 insertions, 0 deletions