nss-systemd,user-util: add a way how synthesizing "nobody" can be turned off

This is quite ugly, but provides us with an avenue for moving distributions to define the "nobody" user properly without breaking legacy systems that us the name for other stuff. The idea is basically, that the distribution adopts the new definition of "nobody" (and thus recompiles systemd with it) and then touches /etc/systemd/dont-synthesize-nobody on legacy systems to turn off possibly conflicting synthesizing of the nobody name by systemd.
author: Lennart Poettering <lennart@poettering.net> 2018-01-10 18:26:03 +0100
committer: Lennart Poettering <lennart@poettering.net> 2018-01-10 18:26:03 +0100
commit: 24eccc3414a29a14b319d639531bd23c158b20e1 (patch)
tree: a20f3581507d77d7a4bec01f1377ea724861365d /src/nss-systemd
parent: tmpfiles: modernize load_unix_sockets() a bit (diff)
download: systemd-24eccc3414a29a14b319d639531bd23c158b20e1.tar.xz
systemd-24eccc3414a29a14b319d639531bd23c158b20e1.zip
1 files changed, 8 insertions, 4 deletions
diff --git a/src/nss-systemd/nss-systemd.c b/src/nss-systemd/nss-systemd.c
index cc641e1615..f75405d2e5 100644
--- a/src/nss-systemd/nss-systemd.c
+++ b/src/nss-systemd/nss-systemd.c
@@ -136,7 +136,8 @@ enum nss_status _nss_systemd_getpwnam_r(
                         *errnop = 0;
                         return NSS_STATUS_SUCCESS;
                 }
-                if (streq(name, nobody_passwd.pw_name)) {
+                if (synthesize_nobody() &&
+                    streq(name, nobody_passwd.pw_name)) {
                         *pwd = nobody_passwd;
                         *errnop = 0;
                         return NSS_STATUS_SUCCESS;
@@ -244,7 +245,8 @@ enum nss_status _nss_systemd_getpwuid_r(
                         *errnop = 0;
                         return NSS_STATUS_SUCCESS;
                 }
-                if (uid == nobody_passwd.pw_uid) {
+                if (synthesize_nobody() &&
+                    uid == nobody_passwd.pw_uid) {
                         *pwd = nobody_passwd;
                         *errnop = 0;
                         return NSS_STATUS_SUCCESS;
@@ -351,7 +353,8 @@ enum nss_status _nss_systemd_getgrnam_r(
                         *errnop = 0;
                         return NSS_STATUS_SUCCESS;
                 }
-                if (streq(name, nobody_group.gr_name)) {
+                if (synthesize_nobody() &&
+                    streq(name, nobody_group.gr_name)) {
                         *gr = nobody_group;
                         *errnop = 0;
                         return NSS_STATUS_SUCCESS;
@@ -456,7 +459,8 @@ enum nss_status _nss_systemd_getgrgid_r(
                         *errnop = 0;
                         return NSS_STATUS_SUCCESS;
                 }
-                if (gid == nobody_group.gr_gid) {
+                if (synthesize_nobody() &&
+                    gid == nobody_group.gr_gid) {
                         *gr = nobody_group;
                         *errnop = 0;
                         return NSS_STATUS_SUCCESS;
author	Lennart Poettering <lennart@poettering.net>	2018-01-10 18:26:03 +0100
committer	Lennart Poettering <lennart@poettering.net>	2018-01-10 18:26:03 +0100
commit	24eccc3414a29a14b319d639531bd23c158b20e1 (patch)
tree	a20f3581507d77d7a4bec01f1377ea724861365d /src/nss-systemd
parent	tmpfiles: modernize load_unix_sockets() a bit (diff)
download	systemd-24eccc3414a29a14b319d639531bd23c158b20e1.tar.xz systemd-24eccc3414a29a14b319d639531bd23c158b20e1.zip