Merge 684f4d25c8 into d209e197f8

userdbctl: two trivial fixlets (#35296 )
Fixes: #35294
2024-11-22 16:16:24 +01:00 · 2024-11-22 16:06:01 +01:00 · 2024-11-22 16:04:16 +01:00 · 2024-11-22 11:28:30 +01:00 · 2024-11-22 11:28:28 +01:00 · 2024-11-22 11:28:17 +01:00
2 changed files with 26 additions and 5 deletions
--- a/src/shared/tpm2-util.h
+++ b/src/shared/tpm2-util.h
@ -392,7 +392,7 @@ int tpm2_make_pcr_json_array(uint32_t pcr_mask, sd_json_variant **ret);
 int tpm2_parse_pcr_json_array(sd_json_variant *v, uint32_t *ret);

 int tpm2_make_luks2_json(int keyslot, uint32_t hash_pcr_mask, uint16_t pcr_bank, const struct iovec *pubkey, uint32_t pubkey_pcr_mask, uint16_t primary_alg, const struct iovec blobs[], size_t n_blobs, const struct iovec policy_hash[], size_t n_policy_hash, const struct iovec *salt, const struct iovec *srk, const struct iovec *pcrlock_nv, TPM2Flags flags, sd_json_variant **ret);
-int tpm2_parse_luks2_json(sd_json_variant *v, int *ret_keyslot, uint32_t *ret_hash_pcr_mask, uint16_t *ret_pcr_bank, struct iovec *ret_pubkey, uint32_t *ret_pubkey_pcr_mask, uint16_t *ret_primary_alg, struct iovec **ret_blobs, size_t *ret_n_blobs, struct iovec **ret_policy_hash, size_t *ret_n_policy_hash, struct iovec *ret_salt, struct iovec *ret_srk, struct iovec *pcrlock_nv, TPM2Flags *ret_flags);
+int tpm2_parse_luks2_json(sd_json_variant *v, int *ret_keyslot, uint32_t *ret_hash_pcr_mask, uint16_t *ret_pcr_bank, struct iovec *ret_pubkey, uint32_t *ret_pubkey_pcr_mask, uint16_t *ret_primary_alg, struct iovec **ret_blobs, size_t *ret_n_blobs, struct iovec **ret_policy_hash, size_t *ret_n_policy_hash, struct iovec *ret_salt, struct iovec *ret_srk, struct iovec *ret_pcrlock_nv, TPM2Flags *ret_flags);

 /* Default to PCR 7 only */
 #define TPM2_PCR_INDEX_DEFAULT UINT32_C(7)
--- a/src/userdb/userdbctl.c
+++ b/src/userdb/userdbctl.c
@ -23,6 +23,7 @@
 #include "user-util.h"
 #include "userdb.h"
 #include "verbs.h"
+#include "virt.h"

 static enum {
        OUTPUT_CLASSIC,
@ -139,10 +140,16 @@ static int show_user(UserRecord *ur, Table *table) {
        return 0;
 }

+static bool test_show_mapped(void) {
+        /* Show mapped user range only in environments where user mapping is a thing. */
+        return running_in_userns() > 0;
+}
+
 static const struct {
        uid_t first, last;
        const char *name;
        UserDisposition disposition;
+        bool (*test)(void);
 } uid_range_table[] = {
        {
                .first = 1,
@ -175,11 +182,12 @@ static const struct {
                .last = MAP_UID_MAX,
                .name = "mapped",
                .disposition = USER_REGULAR,
+                .test = test_show_mapped,
        },
 };

 static int table_add_uid_boundaries(Table *table, const UIDRange *p) {
-        int r;
+        int r, n_added = 0;

        assert(table);

@ -192,6 +200,9 @@ static int table_add_uid_boundaries(Table *table, const UIDRange *p) {
                if (!uid_range_covers(p, i->first, i->last - i->first + 1))
                        continue;

+                if (i->test && !i->test())
+                        continue;
+
                name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_DOWN),
                               " begin ", i->name, " users ",
                               special_glyph(SPECIAL_GLYPH_ARROW_DOWN));
@ -249,9 +260,11 @@ static int table_add_uid_boundaries(Table *table, const UIDRange *p) {
                                TABLE_INT, 1); /* sort after any other entry with the same UID */
                if (r < 0)
                        return table_log_add_error(r);
+
+                n_added += 2;
        }

-        return ELEMENTSOF(uid_range_table) * 2;
+        return n_added;
 }

 static int add_unavailable_uid(Table *table, uid_t start, uid_t end) {
@ -565,16 +578,22 @@ static int show_group(GroupRecord *gr, Table *table) {
 }

 static int table_add_gid_boundaries(Table *table, const UIDRange *p) {
-        int r;
+        int r, n_added = 0;

        assert(table);

        FOREACH_ELEMENT(i, uid_range_table) {
                _cleanup_free_ char *name = NULL, *comment = NULL;

+                if (!FLAGS_SET(arg_disposition_mask, UINT64_C(1) << i->disposition))
+                        continue;
+
                if (!uid_range_covers(p, i->first, i->last - i->first + 1))
                        continue;

+                if (i->test && !i->test())
+                        continue;
+
                name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_DOWN),
                               " begin ", i->name, " groups ",
                               special_glyph(SPECIAL_GLYPH_ARROW_DOWN));
@ -626,9 +645,11 @@ static int table_add_gid_boundaries(Table *table, const UIDRange *p) {
                                TABLE_INT, 1); /* sort after any other entry with the same GID */
                if (r < 0)
                        return table_log_add_error(r);
+
+                n_added += 2;
        }

-        return ELEMENTSOF(uid_range_table) * 2;
+        return n_added;
 }

 static int add_unavailable_gid(Table *table, uid_t start, uid_t end) {
Author	SHA1	Message	Date
Philip Meulengracht	dca9bbfac9	Merge `684f4d25c8` into `d209e197f8`	2024-11-22 16:16:24 +01:00
Lennart Poettering	d209e197f8	userdbctl: two trivial fixlets (#35296 ) Fixes: #35294	2024-11-22 16:06:01 +01:00
Antonio Alvarez Feijoo	9ed090230e	tpm2-util: fix parameter name	2024-11-22 16:04:16 +01:00
Lennart Poettering	47c5ca237b	userdbctl: respect selected disposition also when showing gid boundaries Follow-up for: `ad5de3222f`	2024-11-22 11:28:30 +01:00
Lennart Poettering	7f8a4f12df	userdbctl: fix counting Fixes: #35294	2024-11-22 11:28:28 +01:00
Lennart Poettering	e412fc5e04	userbdctl: show 'mapped' user range only inside of userns Outside of userns the concept makes no sense, there cannot be users mapped from further outside.	2024-11-22 11:28:17 +01:00