summaryrefslogtreecommitdiff
path: root/src/home/homectl.c
Commit message (Collapse)AuthorAgeFilesLines
* tree-wide: allow ASCII fallback for … in logsDavid Tardon2022-06-281-4/+8
|
* cryptenroll,homectl: Introduce --fido2-credential-algorithm optionMkfsSion2022-04-221-2/+15
| | | | | * Some authenticators(like Yubikey) support credential algorithm other than ES256 * Introduce a new option so users can make use of it
* strv: declare iterator of FOREACH_STRING() in the loopZbigniew Jędrzejewski-Szmek2022-03-231-14/+3
| | | | | | | | | | | Same idea as 03677889f0ef42cdc534bf3b31265a054b20a354. No functional change intended. The type of the iterator is generally changed to be 'const char*' instead of 'char*'. Despite the type commonly used, modifying the string was not allowed. I adjusted the naming of some short variables for clarity and reduced the scope of some variable declarations in code that was being touched anyway.
* strv: make iterator in STRV_FOREACH() declaread in the loopYu Watanabe2022-03-191-9/+2
| | | | This also avoids multiple evaluations in STRV_FOREACH_BACKWARDS()
* env-util: replace unsetenv_erase() by new getenv_steal_erase() helperLennart Poettering2022-02-201-30/+25
| | | | | | | | The new helper combines a bunch of steps every invocation of unsetenv_erase() did so far: getenv() + strdup() + unsetenv_erase(). Let's unify this into one helper that is harder to use incorrectly. It's in inspired by TAKE_PTR() in a way: get the env var out and invalidate where it was before.
* home: update log messageYu Watanabe2021-12-221-1/+1
| | | | The ratelimit hits even when the all previous attempts are successfull.
* homectl: add new "homectl rebalance" commandLennart Poettering2021-11-251-0/+28
| | | | | Let's add an explicit, synchronous command to request immediate rebalancing and wait for it.
* homectl: expose new rebalanceWeight JSON use record fieldLennart Poettering2021-11-251-6/+48
|
* homectl: also acquire "cheap" passwords for homectl update/passwdLennart Poettering2021-11-241-4/+13
| | | | | | | | | In 57bb9bcba5563c040ee0c41f58e3730a006a8de2 support was added to read "cheap" passwords from env vars and stuff before issuing the first operation, instead of waiting for it until the first operation failed. This was added for most verbs of "homectl", but two were left out: update + passwd. Add it there too.
* homectl: expose new autoResizeMode JSON user record propertyLennart Poettering2021-11-231-0/+22
|
* homectl: parse "min" and "max" as special disk size valuesLennart Poettering2021-11-191-4/+30
|
* Merge pull request #21424 from keszybz/json-doubleLuca Boccassi2021-11-181-2/+2
|\ | | | | Use double and int64_t types in json
| * shared/json: use int64_t instead of intmax_tZbigniew Jędrzejewski-Szmek2021-11-181-2/+2
| | | | | | | | | | | | | | | | | | | | | | We were already asserting that the intmax_t and uintmax_t types are the same as int64_t and uint64_t. Pretty much everywhere in the code base we use the latter types. In principle intmax_t could be something different on some new architecture, and then the code would fail to compile or behave differently. We actually do not want the code to behave differently on those architectures, because that'd break interoperability. So let's just use int64_t/uint64_t since that's what we indend to use.
* | homectl: if homed asks for the recovery key to be supplied, query the user ↵Lennart Poettering2021-11-171-0/+78
|/ | | | | | for it Fixes: #21103
* shared: split out UID allocation range stuff from user-record.hLennart Poettering2021-11-131-0/+1
| | | | | | | | user-record.[ch] are about the UserRecord JSON stuff, and the UID allocation range stuff (i.e. login.defs handling) is a very different thing, and complex enough on its own, let's give it its own c/h files. No code changes, just some splitting out of code.
* homectl: make new LUKS extra mount option field settableLennart Poettering2021-11-121-1/+7
|
* Merge pull request #20138 from keszybz/coding-style-variable-declsLuca Boccassi2021-11-051-2/+2
|\ | | | | A coding style tweak and checking of sd_notify() calls and voidification of pager_open()
| * Make pager_open() return voidZbigniew Jędrzejewski-Szmek2021-11-031-2/+2
| |
* | tree-wide: do not print hint about -M if -M is already usedZbigniew Jędrzejewski-Szmek2021-11-041-1/+1
|/ | | | | | | | (Or when -H is used, since -H and -M are incompatible.) Note that the slightly unusual form with separate boolean variables (hint_vars, hint_addr) instead of e.g. a const char* variable to hold the message, because this way we don't trigger the warning about non-literal format.
* homework: allow specifying explicit additional mount options when using CIFS ↵Lennart Poettering2021-10-271-7/+13
| | | | | | | | backend This is useful since certain shares can only be mounted with additional mount flags. For example the SMB share in modern AVM Fritz!Boxes requires "noserverino" to be set to work from Linux.
* homectl: validate CIFS service name before accepting itLennart Poettering2021-10-271-3/+21
|
* homed: optionally, drop caches on logoutLennart Poettering2021-10-111-0/+23
| | | | Fixes: #20857
* basic: split out glyph/emoji related calls from locale-util.[ch] into ↵Lennart Poettering2021-10-051-0/+1
| | | | | | | | glyph-util.[ch] These functions are used pretty much independently of locale, i.e. the only info relevant is whether th locale is UTF-8 or not. Hence let's give this its own pair of .c/.h files.
* tree-wide: port everything over to new sd-id128 compund literal blissLennart Poettering2021-08-201-2/+1
|
* env-util: add unsetenv_erase() helperLennart Poettering2021-08-171-8/+3
| | | | Let's unify how we remove secrets from the env block.
* homectl: allow --setenv=FOOZbigniew Jędrzejewski-Szmek2021-08-111-115/+111
|
* Drop the text argument from assert_not_reached()Zbigniew Jędrzejewski-Szmek2021-08-031-1/+1
| | | | | | | | | | | | | | | | | In general we almost never hit those asserts in production code, so users see them very rarely, if ever. But either way, we just need something that users can pass to the developers. We have quite a few of those asserts, and some have fairly nice messages, but many are like "WTF?" or "???" or "unexpected something". The error that is printed includes the file location, and function name. In almost all functions there's at most one assert, so the function name alone is enough to identify the failure for a developer. So we don't get much extra from the message, and we might just as well drop them. Dropping them makes our code a tiny bit smaller, and most importantly, improves development experience by making it easy to insert such an assert in the code without thinking how to phrase the argument.
* userdb: make most loading of JSON user record data "permissive"Lennart Poettering2021-06-011-5/+5
| | | | | | | | | | | | | We want user records to be extensible, hence we shouldn't complain about fields we can't parse. In particular we want them to be extensible for our own future extensions. Some code already turned the permissive flag when parsing the JSON data, but most did not. Fix that. A few select cases remain where the bit is not set: where we just gnerated the JSON data ourselves, and thus can be reasonably sure that if we can't parse it it's our immediate programming error and not just us processing a user record from some other tool or a newer version of ourselves.
* homectl: store FIDO2 up/uv/clientPin fields in user records tooLennart Poettering2021-06-011-4/+66
| | | | | | | | | | | | This catches up homed's FIDO2 support with cryptsetup's: we'll now store the uv/up/clientPin configuration at enrollment in the user record JSON data, and use it when authenticating with it. This also adds explicit "uv" support: we'll only allow it to happen when the client explicity said it's OK. This is then used by clients to print a nice message suggesting "uv" has to take place before retrying allowing it this time. This is modelled after the existing handling for "up".
* homectl: pick up cached/credential store/env var passwords *before* issuing ↵Lennart Poettering2021-04-231-15/+58
| | | | | | | | | | | | | | | | | first request Previously, we'd generally attempt the operation first, without any passwords, and only query for a password if that operation then fails and asks for one. This is done to improve compatibility with password-less authentication schemes, such as security tokens and similar. This patch modifies this slightly: if a password can be acquired cheaply via the keyring password cache, the $CREDENTIALS_PATH credential store, or the $PASSWORD/$PIN environment variables, acquire it *before* issuing the first requested. This should save us a pointless roundtrip, and should never hurt.
* homectl: don't use password cache if we operate on other userLennart Poettering2021-04-231-0/+8
|
* homectl: don't use cached passwords when re-requesting password because wrongLennart Poettering2021-04-231-19/+86
| | | | | | Asking repeatedly for a password is pointless if we always use the same cached one. Let's thus disable cache use whenever we failed already once.
* homectl,TEST-46: fix test and fix homectl return value, update docsZbigniew Jędrzejewski-Szmek2021-04-081-1/+1
| | | | | The usual: the test wasn't testing, so we didn't notice that the command wasn't returning as expected.
* ask-password: when querying for a password, try to read from credential ↵Lennart Poettering2021-03-261-4/+4
| | | | | | | | | | | | store first This adds generic support for the SetCredential=/LoadCredential= logic to our password querying infrastructure: if a password is requested by a program that has a credential store configured via $CREDENTIALS_DIRECTORY we'll look in it for a password. The "systemd-ask-password" tool is updated with an option to specify the credential to look for.
* table: drop last SIZE_MAX from table_set_sort() and table_set_display()Yu Watanabe2021-03-051-1/+1
|
* tree-wide: port various pieces of code over to UINT32_SCALE_FROM_PERMYRIAD()Lennart Poettering2021-02-181-1/+1
|
* util: move percent/permille/permyriad parser into percent-util.[ch]Lennart Poettering2021-02-181-0/+1
| | | | | | | A good chunk of parse-util.[ch] has been about parsing parts per hundred/thousand/ten-thousand. Let's split that out into its own file. No code changes, just some shuffling around.
* tree-wide: parse permyriads wherever we canLennart Poettering2021-02-181-3/+3
| | | | | | Given that we now have a parser for permyriads, let's use it everywhere for greater accuracy. This means wherever we previously supported % and ‰, we now also support ‱.
* Merge pull request #18601 from keszybz/env-assign-cleanupLennart Poettering2021-02-161-7/+8
|\ | | | | Envvar assignment cleanup
| * basic/env-util: add variant of strv_env_replace() that does strdup internallyZbigniew Jędrzejewski-Szmek2021-02-151-7/+8
| |
* | Move and rename parse_json_argument() functionZbigniew Jędrzejewski-Szmek2021-02-151-1/+1
| | | | | | | | | | json.[ch] is a very generic implementation, and cmdline argument parsing doesn't fit there.
* | Move and rename parse_path_argument() functionZbigniew Jędrzejewski-Szmek2021-02-151-2/+3
|/ | | | | This fits better in shared/, and the new parse-argument.c file is a good home for it.
* tree-wide: propagate error code from _from_string() functionsZbigniew Jędrzejewski-Szmek2021-02-101-1/+1
| | | | Now that we know we have something useful, no need to make an answer up.
* tree-wide: enable colorized logging for daemons when run in consoleYu Watanabe2021-02-011-1/+1
| | | | It may be useful when debugging daemons.
* tree-wide: Drop custom formatting for print() help messagesDaan De Meyer2021-01-311-6/+7
| | | | | | | | | | | | I think this formatting was originally used because it simplified adding new options to the help messages. However, these days, most tools their help message end with "\nSee the %s for details.\n" so the final line almost never has to be edited which eliminates the benefit of the custom formatting used for printf() help messages. Let's make things more consistent and use the same formatting for printf() help messages that we use everywhere else. Prompted by https://github.com/systemd/systemd/pull/18355#discussion_r567241580
* busctl/homectl: port the obvious cases to table_print_with_pager()Lennart Poettering2021-01-211-6/+2
|
* json: port various tools to the new JSON_FORMAT_OFF flagLennart Poettering2021-01-091-29/+12
| | | | These are the obvious cases.
* homed: move fido2 device enumeration logic to shared codeLennart Poettering2020-12-171-2/+3
|
* homed: move code to list and resolve "auto" pkcs#11 URL into common codeLennart Poettering2020-12-171-2/+2
| | | | That way we can reuse it from systemd-cryptenroll.
* tree-wide: unsetenv cannot failZbigniew Jędrzejewski-Szmek2020-11-101-9/+3
| | | | | | ... when called with a valid environment variable name. This means that any time we call it with a fixed string, it is guaranteed to return 0. (Also when the variable is not present in the environment block.)
View Lorry Controller Status