Skip to content

Commit a8be098

Browse files
poetteringpoettering
committed
homework: also apply uid shifting when changing passwords/resizing/updating home areas
This adds uidmap shifting also when resizing/updating/changing passwords. Prviously I thought we didn't have to, because the user is not going to access the uidmap if we only quickly activate the home area. But this thinking is wrong, because the three operations will result in an update ~/.identity fie to be written, and we should do that with uidmap applied, so that its ownership maps down to nobody below as intended. Fixes: systemd#21441
1 parent 6f2c813 commit a8be098

File tree

2 files changed

+12
-0
lines changed

2 files changed

+12
-0
lines changed

src/home/homework-luks.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3202,6 +3202,10 @@ int home_resize_luks(
32023202
return r;
32033203
}
32043204

3205+
r = home_maybe_shift_uid(h, flags, setup);
3206+
if (r < 0)
3207+
return r;
3208+
32053209
log_info("offset = %" PRIu64 ", size = %" PRIu64 ", image = %" PRIu64, setup->partition_offset, setup->partition_size, old_image_size);
32063210

32073211
if ((UINT64_MAX - setup->partition_offset) < setup->partition_size ||

src/home/homework.c

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1609,6 +1609,10 @@ static int home_update(UserRecord *h, UserRecord **ret) {
16091609
if (r < 0)
16101610
return r;
16111611

1612+
r = home_maybe_shift_uid(h, flags, &setup);
1613+
if (r < 0)
1614+
return r;
1615+
16121616
r = home_store_header_identity_luks(new_home, &setup, header_home);
16131617
if (r < 0)
16141618
return r;
@@ -1701,6 +1705,10 @@ static int home_passwd(UserRecord *h, UserRecord **ret_home) {
17011705
if (r < 0)
17021706
return r;
17031707

1708+
r = home_maybe_shift_uid(h, flags, &setup);
1709+
if (r < 0)
1710+
return r;
1711+
17041712
switch (user_record_storage(h)) {
17051713

17061714
case USER_LUKS:

0 commit comments

Comments
 (0)