Compare commits
4 Commits
a85daa0dfb
...
f5d9daaea3
| Author | SHA1 | Date |
|---|---|---|
Zbigniew Jędrzejewski-Szmek
|
f5d9daaea3 | |
|
Lennart Poettering
|
286fe8ee21 | |
|
Vito Caputo
|
80ace4f25e | |
|
Lennart Poettering
|
e3028514ae |
|
|
@ -1207,7 +1207,7 @@ static int add_pkcs11_key_data(JsonVariant **v, const char *uri) {
|
||||||
|
|
||||||
pkey = X509_get0_pubkey(cert);
|
pkey = X509_get0_pubkey(cert);
|
||||||
if (!pkey)
|
if (!pkey)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to exract public key from X.509 certificate.");
|
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to extract public key from X.509 certificate.");
|
||||||
|
|
||||||
if (EVP_PKEY_base_id(pkey) != EVP_PKEY_RSA)
|
if (EVP_PKEY_base_id(pkey) != EVP_PKEY_RSA)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "X.509 certificate does not refer to RSA key.");
|
return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "X.509 certificate does not refer to RSA key.");
|
||||||
|
|
@ -1338,7 +1338,7 @@ static int acquire_new_password(
|
||||||
string_erase(e);
|
string_erase(e);
|
||||||
|
|
||||||
if (unsetenv("NEWPASSWORD") < 0)
|
if (unsetenv("NEWPASSWORD") < 0)
|
||||||
return log_error_errno(errno, "Failed to unse $NEWPASSWORD: %m");
|
return log_error_errno(errno, "Failed to unset $NEWPASSWORD: %m");
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
@ -1376,7 +1376,7 @@ static int acquire_new_password(
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
log_error("Password didn't mach, try again.");
|
log_error("Password didn't match, try again.");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -630,7 +630,7 @@ int bus_home_method_acquire(
|
||||||
/* This operation might not be something we can executed immediately, hence queue it */
|
/* This operation might not be something we can executed immediately, hence queue it */
|
||||||
fd = home_create_fifo(h, please_suspend);
|
fd = home_create_fifo(h, please_suspend);
|
||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
return sd_bus_reply_method_errnof(message, fd, "Failed to allocate fifo for %s: %m", h->user_name);
|
return sd_bus_reply_method_errnof(message, fd, "Failed to allocate FIFO for %s: %m", h->user_name);
|
||||||
|
|
||||||
o = operation_new(OPERATION_ACQUIRE, message);
|
o = operation_new(OPERATION_ACQUIRE, message);
|
||||||
if (!o)
|
if (!o)
|
||||||
|
|
@ -681,7 +681,7 @@ int bus_home_method_ref(
|
||||||
|
|
||||||
fd = home_create_fifo(h, please_suspend);
|
fd = home_create_fifo(h, please_suspend);
|
||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
return sd_bus_reply_method_errnof(message, fd, "Failed to allocate fifo for %s: %m", h->user_name);
|
return sd_bus_reply_method_errnof(message, fd, "Failed to allocate FIFO for %s: %m", h->user_name);
|
||||||
|
|
||||||
return sd_bus_reply_method_return(message, "h", fd);
|
return sd_bus_reply_method_return(message, "h", fd);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -424,7 +424,7 @@ static int home_verify_user_record(Home *h, UserRecord *hr, bool *ret_signed_loc
|
||||||
|
|
||||||
case -ENOKEY:
|
case -ENOKEY:
|
||||||
sd_bus_error_setf(ret_error, BUS_ERROR_BAD_SIGNATURE, "User record %s is not signed by any known key, refusing.", hr->user_name);
|
sd_bus_error_setf(ret_error, BUS_ERROR_BAD_SIGNATURE, "User record %s is not signed by any known key, refusing.", hr->user_name);
|
||||||
return log_error_errno(is_signed, "Home %s contians user record that is not signed by any known key, refusing.", hr->user_name);
|
return log_error_errno(is_signed, "Home %s contains user record that is not signed by any known key, refusing.", hr->user_name);
|
||||||
|
|
||||||
default:
|
default:
|
||||||
assert(is_signed < 0);
|
assert(is_signed < 0);
|
||||||
|
|
@ -438,7 +438,7 @@ static int convert_worker_errno(Home *h, int e, sd_bus_error *error) {
|
||||||
switch (e) {
|
switch (e) {
|
||||||
|
|
||||||
case -EMSGSIZE:
|
case -EMSGSIZE:
|
||||||
return sd_bus_error_setf(error, BUS_ERROR_BAD_HOME_SIZE, "File systems of this type cannot shrinked");
|
return sd_bus_error_setf(error, BUS_ERROR_BAD_HOME_SIZE, "File systems of this type cannot be shrinked");
|
||||||
case -ETXTBSY:
|
case -ETXTBSY:
|
||||||
return sd_bus_error_setf(error, BUS_ERROR_BAD_HOME_SIZE, "File systems of this type can only be shrinked offline");
|
return sd_bus_error_setf(error, BUS_ERROR_BAD_HOME_SIZE, "File systems of this type can only be shrinked offline");
|
||||||
case -ERANGE:
|
case -ERANGE:
|
||||||
|
|
@ -1472,7 +1472,7 @@ int home_resize(Home *h, uint64_t disk_size, UserRecord *secret, sd_bus_error *e
|
||||||
|
|
||||||
if (disk_size == UINT64_MAX || disk_size == h->record->disk_size) {
|
if (disk_size == UINT64_MAX || disk_size == h->record->disk_size) {
|
||||||
if (h->record->disk_size == UINT64_MAX)
|
if (h->record->disk_size == UINT64_MAX)
|
||||||
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Not disk size to resize to specified.");
|
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "No disk size to resize to specified.");
|
||||||
|
|
||||||
c = user_record_ref(h->record); /* Shortcut if size is unspecified or matches the record */
|
c = user_record_ref(h->record); /* Shortcut if size is unspecified or matches the record */
|
||||||
} else {
|
} else {
|
||||||
|
|
|
||||||
|
|
@ -584,7 +584,7 @@ static int method_lock_all_homes(sd_bus_message *message, void *userdata, sd_bus
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
}
|
}
|
||||||
|
|
||||||
log_info("Automatically locking of home of user %s.", h->user_name);
|
log_info("Automatically locking home of user %s.", h->user_name);
|
||||||
|
|
||||||
r = home_schedule_operation(h, o, error);
|
r = home_schedule_operation(h, o, error);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
|
|
||||||
|
|
@ -631,7 +631,7 @@ static int manager_add_home_by_image(
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!same) {
|
if (!same) {
|
||||||
log_debug("Found a multiple images for a user '%s', ignoring image '%s'.", user_name, image_path);
|
log_debug("Found multiple images for user '%s', ignoring image '%s'.", user_name, image_path);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -768,7 +768,7 @@ static int manager_assess_image(
|
||||||
r = stat(path, &st);
|
r = stat(path, &st);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_full_errno(errno == ENOENT ? LOG_DEBUG : LOG_WARNING, errno,
|
return log_full_errno(errno == ENOENT ? LOG_DEBUG : LOG_WARNING, errno,
|
||||||
"Failed to stat directory entry '%s', ignoring: %m", dentry_name);
|
"Failed to stat() directory entry '%s', ignoring: %m", dentry_name);
|
||||||
|
|
||||||
if (S_ISREG(st.st_mode)) {
|
if (S_ISREG(st.st_mode)) {
|
||||||
_cleanup_free_ char *n = NULL, *user_name = NULL, *realm = NULL;
|
_cleanup_free_ char *n = NULL, *user_name = NULL, *realm = NULL;
|
||||||
|
|
@ -833,7 +833,7 @@ static int manager_assess_image(
|
||||||
if (errno == ENODATA)
|
if (errno == ENODATA)
|
||||||
log_debug_errno(errno, "Determined %s is not fscrypt encrypted.", path);
|
log_debug_errno(errno, "Determined %s is not fscrypt encrypted.", path);
|
||||||
else if (ERRNO_IS_NOT_SUPPORTED(errno))
|
else if (ERRNO_IS_NOT_SUPPORTED(errno))
|
||||||
log_debug_errno(errno, "Determined %s is not fscrypt encrypted because kernel or file system don't support it.", path);
|
log_debug_errno(errno, "Determined %s is not fscrypt encrypted because kernel or file system doesn't support it.", path);
|
||||||
else
|
else
|
||||||
log_debug_errno(errno, "FS_IOC_GET_ENCRYPTION_POLICY failed with unexpected error code on %s, ignoring: %m", path);
|
log_debug_errno(errno, "FS_IOC_GET_ENCRYPTION_POLICY failed with unexpected error code on %s, ignoring: %m", path);
|
||||||
|
|
||||||
|
|
@ -1307,7 +1307,7 @@ static int manager_generate_key_pair(Manager *m) {
|
||||||
/* Write out public key (note that we only do that as a help to the user, we don't make use of this ever */
|
/* Write out public key (note that we only do that as a help to the user, we don't make use of this ever */
|
||||||
r = fopen_temporary("/var/lib/systemd/home/local.public", &fpublic, &temp_public);
|
r = fopen_temporary("/var/lib/systemd/home/local.public", &fpublic, &temp_public);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(errno, "Failed ot open key file for writing: %m");
|
return log_error_errno(errno, "Failed to open key file for writing: %m");
|
||||||
|
|
||||||
if (PEM_write_PUBKEY(fpublic, m->private_key) <= 0)
|
if (PEM_write_PUBKEY(fpublic, m->private_key) <= 0)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to write public key.");
|
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to write public key.");
|
||||||
|
|
@ -1321,7 +1321,7 @@ static int manager_generate_key_pair(Manager *m) {
|
||||||
/* Write out the private key (this actually writes out both private and public, OpenSSL is confusing) */
|
/* Write out the private key (this actually writes out both private and public, OpenSSL is confusing) */
|
||||||
r = fopen_temporary("/var/lib/systemd/home/local.private", &fprivate, &temp_private);
|
r = fopen_temporary("/var/lib/systemd/home/local.private", &fprivate, &temp_private);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(errno, "Failed ot open key file for writing: %m");
|
return log_error_errno(errno, "Failed to open key file for writing: %m");
|
||||||
|
|
||||||
if (PEM_write_PrivateKey(fprivate, m->private_key, NULL, NULL, 0, NULL, 0) <= 0)
|
if (PEM_write_PrivateKey(fprivate, m->private_key, NULL, NULL, 0, NULL, 0) <= 0)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to write private key pair.");
|
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to write private key pair.");
|
||||||
|
|
@ -1660,7 +1660,7 @@ int manager_enqueue_gc(Manager *m, Home *focus) {
|
||||||
|
|
||||||
r = sd_event_add_defer(m->event, &m->deferred_gc_event_source, on_deferred_gc, m);
|
r = sd_event_add_defer(m->event, &m->deferred_gc_event_source, on_deferred_gc, m);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to allocate gc event source: %m");
|
return log_error_errno(r, "Failed to allocate GC event source: %m");
|
||||||
|
|
||||||
r = sd_event_source_set_priority(m->deferred_gc_event_source, SD_EVENT_PRIORITY_IDLE);
|
r = sd_event_source_set_priority(m->deferred_gc_event_source, SD_EVENT_PRIORITY_IDLE);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
|
|
||||||
|
|
@ -47,7 +47,7 @@ static Operation *operation_free(Operation *o) {
|
||||||
r = sd_bus_reply_method_errnof(o->message, o->ret, "Failed to execute operation: %m");
|
r = sd_bus_reply_method_errnof(o->message, o->ret, "Failed to execute operation: %m");
|
||||||
}
|
}
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_warning_errno(r, "Failed ot reply to %s method call, ignoring: %m", sd_bus_message_get_member(o->message));
|
log_warning_errno(r, "Failed to reply to %s method call, ignoring: %m", sd_bus_message_get_member(o->message));
|
||||||
}
|
}
|
||||||
|
|
||||||
sd_bus_message_unref(o->message);
|
sd_bus_message_unref(o->message);
|
||||||
|
|
|
||||||
|
|
@ -616,7 +616,7 @@ static int crypt_device_to_evp_cipher(struct crypt_device *cd, const EVP_CIPHER
|
||||||
/* Verify that our key length calculations match what OpenSSL thinks */
|
/* Verify that our key length calculations match what OpenSSL thinks */
|
||||||
r = EVP_CIPHER_key_length(cc);
|
r = EVP_CIPHER_key_length(cc);
|
||||||
if (r < 0 || (uint64_t) r != key_size)
|
if (r < 0 || (uint64_t) r != key_size)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Key size of selected cipher doesn't meet out expectations.");
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Key size of selected cipher doesn't meet our expectations.");
|
||||||
|
|
||||||
*ret = cc;
|
*ret = cc;
|
||||||
return 0;
|
return 0;
|
||||||
|
|
@ -1263,7 +1263,7 @@ int home_activate_luks(
|
||||||
|
|
||||||
r = dm_deferred_remove(setup.dm_name);
|
r = dm_deferred_remove(setup.dm_name);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_warning_errno(r, "Failed to relinquish dm device, ignoring: %m");
|
log_warning_errno(r, "Failed to relinquish DM device, ignoring: %m");
|
||||||
|
|
||||||
setup.undo_dm = false;
|
setup.undo_dm = false;
|
||||||
|
|
||||||
|
|
@ -1328,7 +1328,7 @@ static int run_mkfs(
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to check if mkfs for file system %s exists: %m", fstype);
|
return log_error_errno(r, "Failed to check if mkfs for file system %s exists: %m", fstype);
|
||||||
if (r == 0)
|
if (r == 0)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EPROTONOSUPPORT), "Nt mkfs for file system %s installed.", fstype);
|
return log_error_errno(SYNTHETIC_ERRNO(EPROTONOSUPPORT), "No mkfs for file system %s installed.", fstype);
|
||||||
|
|
||||||
r = safe_fork("(mkfs)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_STDOUT_TO_STDERR, NULL);
|
r = safe_fork("(mkfs)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_STDOUT_TO_STDERR, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
|
@ -1584,7 +1584,7 @@ static int make_partition_table(
|
||||||
|
|
||||||
r = fdisk_create_disklabel(c, "gpt");
|
r = fdisk_create_disklabel(c, "gpt");
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to create gpt disk label: %m");
|
return log_error_errno(r, "Failed to create GPT disk label: %m");
|
||||||
|
|
||||||
p = fdisk_new_partition();
|
p = fdisk_new_partition();
|
||||||
if (!p)
|
if (!p)
|
||||||
|
|
@ -2212,7 +2212,7 @@ static int ext4_offline_resize_fs(HomeSetup *setup, uint64_t new_size, bool disc
|
||||||
re_mount = true;
|
re_mount = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
log_info("Temporarary unmounting of file system completed.");
|
log_info("Temporary unmounting of file system completed.");
|
||||||
|
|
||||||
/* resize2fs requires that the file system is force checked first, do so. */
|
/* resize2fs requires that the file system is force checked first, do so. */
|
||||||
r = safe_fork("(e2fsck)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_STDOUT_TO_STDERR, &fsck_pid);
|
r = safe_fork("(e2fsck)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_STDOUT_TO_STDERR, &fsck_pid);
|
||||||
|
|
@ -2426,7 +2426,7 @@ static int apply_resize_partition(int fd, sd_id128_t disk_uuids, struct fdisk_ta
|
||||||
if (n < 0)
|
if (n < 0)
|
||||||
return log_error_errno(errno, "Failed to wipe partition table: %m");
|
return log_error_errno(errno, "Failed to wipe partition table: %m");
|
||||||
if (n != 1024)
|
if (n != 1024)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Short write while whiping partition table.");
|
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Short write while wiping partition table.");
|
||||||
|
|
||||||
c = fdisk_new_context();
|
c = fdisk_new_context();
|
||||||
if (!c)
|
if (!c)
|
||||||
|
|
@ -2536,7 +2536,7 @@ int home_resize_luks(
|
||||||
} else {
|
} else {
|
||||||
r = stat_verify_regular(&st);
|
r = stat_verify_regular(&st);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Image file %s is not a block device nor regular: %m", ip);
|
return log_error_errno(r, "Image %s is not a block device nor regular file: %m", ip);
|
||||||
|
|
||||||
old_image_size = st.st_size;
|
old_image_size = st.st_size;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -53,7 +53,7 @@ int pkcs11_callback(
|
||||||
if (rv != CKR_OK)
|
if (rv != CKR_OK)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to log into security token '%s': %s", token_label, p11_kit_strerror(rv));
|
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to log into security token '%s': %s", token_label, p11_kit_strerror(rv));
|
||||||
|
|
||||||
log_info("Successully logged into security token '%s' via protected authentication path.", token_label);
|
log_info("Successfully logged into security token '%s' via protected authentication path.", token_label);
|
||||||
goto decrypt;
|
goto decrypt;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -383,7 +383,7 @@ int home_load_embedded_identity(
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
if (!user_record_compatible(h, embedded_home))
|
if (!user_record_compatible(h, embedded_home))
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EREMCHG), "Hmbedded home record not compatible with host record, refusing.");
|
return log_error_errno(SYNTHETIC_ERRNO(EREMCHG), "Embedded home record not compatible with host record, refusing.");
|
||||||
|
|
||||||
/* Insist that credentials the user supplies also unlocks any embedded records. */
|
/* Insist that credentials the user supplies also unlocks any embedded records. */
|
||||||
r = user_record_authenticate(embedded_home, h, pkcs11_decrypted_passwords);
|
r = user_record_authenticate(embedded_home, h, pkcs11_decrypted_passwords);
|
||||||
|
|
@ -986,7 +986,7 @@ static int home_remove(UserRecord *h) {
|
||||||
|
|
||||||
if (stat(ip, &st) < 0) {
|
if (stat(ip, &st) < 0) {
|
||||||
if (errno != -ENOENT)
|
if (errno != -ENOENT)
|
||||||
return log_error_errno(errno, "Failed to stat %s: %m", ip);
|
return log_error_errno(errno, "Failed to stat() %s: %m", ip);
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
if (S_ISREG(st.st_mode)) {
|
if (S_ISREG(st.st_mode)) {
|
||||||
|
|
|
||||||
|
|
@ -41,7 +41,7 @@ static int parse_argv(
|
||||||
|
|
||||||
k = parse_boolean(v);
|
k = parse_boolean(v);
|
||||||
if (k < 0)
|
if (k < 0)
|
||||||
pam_syslog(handle, LOG_WARNING, "Failed to parse suspend-please= argument, ignoring: %s", v);
|
pam_syslog(handle, LOG_WARNING, "Failed to parse suspend= argument, ignoring: %s", v);
|
||||||
else if (please_suspend)
|
else if (please_suspend)
|
||||||
*please_suspend = k;
|
*please_suspend = k;
|
||||||
|
|
||||||
|
|
@ -95,7 +95,7 @@ static int acquire_user_record(
|
||||||
r = pam_get_data(handle, "systemd-user-record-is-homed", &b);
|
r = pam_get_data(handle, "systemd-user-record-is-homed", &b);
|
||||||
if (!IN_SET(r, PAM_SUCCESS, PAM_NO_MODULE_DATA)) {
|
if (!IN_SET(r, PAM_SUCCESS, PAM_NO_MODULE_DATA)) {
|
||||||
/* Failure */
|
/* Failure */
|
||||||
pam_syslog(handle, LOG_ERR, "Failed to get PAM user record is homed flag: %s", pam_strerror(handle, r));
|
pam_syslog(handle, LOG_ERR, "Failed to get PAM user-record-is-homed flag: %s", pam_strerror(handle, r));
|
||||||
return r;
|
return r;
|
||||||
} else if (b == NULL)
|
} else if (b == NULL)
|
||||||
/* Nothing cached yet, need to acquire fresh */
|
/* Nothing cached yet, need to acquire fresh */
|
||||||
|
|
@ -200,7 +200,7 @@ user_unknown:
|
||||||
/* Cache this, so that we don't check again */
|
/* Cache this, so that we don't check again */
|
||||||
r = pam_set_data(handle, "systemd-user-record-is-homed", USER_RECORD_IS_OTHER, NULL);
|
r = pam_set_data(handle, "systemd-user-record-is-homed", USER_RECORD_IS_OTHER, NULL);
|
||||||
if (r != PAM_SUCCESS)
|
if (r != PAM_SUCCESS)
|
||||||
pam_syslog(handle, LOG_ERR, "Failed to set PAM user record is homed flag, ignoring: %s", pam_strerror(handle, r));
|
pam_syslog(handle, LOG_ERR, "Failed to set PAM user-record-is-homed flag, ignoring: %s", pam_strerror(handle, r));
|
||||||
|
|
||||||
return PAM_USER_UNKNOWN;
|
return PAM_USER_UNKNOWN;
|
||||||
}
|
}
|
||||||
|
|
@ -214,7 +214,7 @@ static int release_user_record(pam_handle_t *handle) {
|
||||||
|
|
||||||
k = pam_set_data(handle, "systemd-user-record-is-homed", NULL, NULL);
|
k = pam_set_data(handle, "systemd-user-record-is-homed", NULL, NULL);
|
||||||
if (k != PAM_SUCCESS)
|
if (k != PAM_SUCCESS)
|
||||||
pam_syslog(handle, LOG_ERR, "Failed to release PAM user record is homed flag: %s", pam_strerror(handle, k));
|
pam_syslog(handle, LOG_ERR, "Failed to release PAM user-record-is-homed flag: %s", pam_strerror(handle, k));
|
||||||
|
|
||||||
return IN_SET(r, PAM_SUCCESS, PAM_NO_MODULE_DATA) ? k : r;
|
return IN_SET(r, PAM_SUCCESS, PAM_NO_MODULE_DATA) ? k : r;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -73,7 +73,7 @@ int quality_check_password(
|
||||||
|
|
||||||
r = pwquality_read_config(pwq, NULL, &auxerror);
|
r = pwquality_read_config(pwq, NULL, &auxerror);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_warning_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to read libpwquality configuation, ignoring: %s",
|
log_warning_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to read libpwquality configuration, ignoring: %s",
|
||||||
pwquality_strerror(buf, sizeof(buf), r, auxerror));
|
pwquality_strerror(buf, sizeof(buf), r, auxerror));
|
||||||
|
|
||||||
pwquality_maybe_disable_dictionary(pwq);
|
pwquality_maybe_disable_dictionary(pwq);
|
||||||
|
|
@ -143,7 +143,7 @@ int suggest_passwords(void) {
|
||||||
|
|
||||||
r = pwquality_read_config(pwq, NULL, &auxerror);
|
r = pwquality_read_config(pwq, NULL, &auxerror);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_warning_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to read libpwquality configuation, ignoring: %s",
|
log_warning_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to read libpwquality configuration, ignoring: %s",
|
||||||
pwquality_strerror(buf, sizeof(buf), r, auxerror));
|
pwquality_strerror(buf, sizeof(buf), r, auxerror));
|
||||||
|
|
||||||
pwquality_maybe_disable_dictionary(pwq);
|
pwquality_maybe_disable_dictionary(pwq);
|
||||||
|
|
|
||||||
|
|
@ -763,7 +763,7 @@ static int run(int argc, char *argv[]) {
|
||||||
if (parent <= 1)
|
if (parent <= 1)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Parent already died?");
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Parent already died?");
|
||||||
|
|
||||||
if (kill(parent, SIGUSR1) < 0)
|
if (kill(parent, SIGUSR2) < 0)
|
||||||
return log_error_errno(errno, "Failed to kill our own parent.");
|
return log_error_errno(errno, "Failed to kill our own parent.");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -10,7 +10,7 @@
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Home Area Manager
|
Description=Home Area Manager
|
||||||
Documentation=man:systemd-homed.service(8)
|
Documentation=man:systemd-homed.service(8)
|
||||||
RequiresMountsFor=/home
|
After=home.mount
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
BusName=org.freedesktop.home1
|
BusName=org.freedesktop.home1
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue