diff options
| author | Lennart Poettering <lennart@poettering.net> | 2021-05-06 16:38:28 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2021-05-10 14:58:39 +0200 |
| commit | 8fbb1941f1a8c3d9eda920891b2b51a67f2a2375 (patch) | |
| tree | 0426b5e4474292d5d02a6d749b1eeb9f4ed09379 /src/userdb | |
| parent | 85f088abe8d8069c67a55d25f4415516c9a6f01a (diff) | |
| download | systemd-8fbb1941f1a8c3d9eda920891b2b51a67f2a2375.tar.gz | |
userdbd: also listen on a varlink socket io.systemd.DropIn
Let's explicitly support looking things up via dropin as a varlink
service.
Diffstat (limited to 'src/userdb')
| -rw-r--r-- | src/userdb/userdbd-manager.c | 5 | ||||
| -rw-r--r-- | src/userdb/userdbd.c | 7 | ||||
| -rw-r--r-- | src/userdb/userwork.c | 2 |
3 files changed, 12 insertions, 2 deletions
diff --git a/src/userdb/userdbd-manager.c b/src/userdb/userdbd-manager.c index 3fd82255ac..0564840dbe 100644 --- a/src/userdb/userdbd-manager.c +++ b/src/userdb/userdbd-manager.c @@ -289,6 +289,11 @@ int manager_startup(Manager *m) { if (r < 0) return log_error_errno(r, "Failed to bind io.systemd.Multiplexer: %m"); + r = symlink_idempotent("io.systemd.Multiplexer", + "/run/systemd/userdb/io.systemd.DropIn", false); + if (r < 0) + return log_error_errno(r, "Failed to bind io.systemd.Multiplexer: %m"); + if (listen(m->listen_fd, SOMAXCONN) < 0) return log_error_errno(errno, "Failed to listen on socket: %m"); } diff --git a/src/userdb/userdbd.c b/src/userdb/userdbd.c index 6b28dd0a08..d469411eb8 100644 --- a/src/userdb/userdbd.c +++ b/src/userdb/userdbd.c @@ -17,6 +17,9 @@ * → io.systemd.Multiplexer: this multiplexes lookup requests to all Varlink services that have a * socket in /run/systemd/userdb/. It's supposed to simplify clients that don't want to implement * the full iterative logic on their own. + * + * → io.systemd.DropIn: this makes JSON user/group records dropped into /run/userdb/ available as + * regular users. */ static int run(int argc, char *argv[]) { @@ -31,8 +34,8 @@ static int run(int argc, char *argv[]) { if (argc != 1) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "This program takes no arguments."); - if (setenv("SYSTEMD_BYPASS_USERDB", "io.systemd.NameServiceSwitch:io.systemd.Multiplexer", 1) < 0) - return log_error_errno(errno, "Failed to se $SYSTEMD_BYPASS_USERDB: %m"); + if (setenv("SYSTEMD_BYPASS_USERDB", "io.systemd.NameServiceSwitch:io.systemd.Multiplexer:io.systemd.DropIn", 1) < 0) + return log_error_errno(errno, "Failed to set $SYSTEMD_BYPASS_USERDB: %m"); assert_se(sigprocmask_many(SIG_BLOCK, NULL, SIGCHLD, SIGTERM, SIGINT, SIGUSR2, -1) >= 0); diff --git a/src/userdb/userwork.c b/src/userdb/userwork.c index 418a2892ac..21caa54096 100644 --- a/src/userdb/userwork.c +++ b/src/userdb/userwork.c @@ -120,6 +120,8 @@ static int userdb_flags_from_service(Varlink *link, const char *service, UserDBF if (streq_ptr(service, "io.systemd.NameServiceSwitch")) *ret = USERDB_NSS_ONLY|USERDB_AVOID_MULTIPLEXER; + if (streq_ptr(service, "io.systemd.DropIn")) + *ret = USERDB_DROPIN_ONLY|USERDB_AVOID_MULTIPLEXER; else if (streq_ptr(service, "io.systemd.Multiplexer")) *ret = USERDB_AVOID_MULTIPLEXER; else |