mirrors/systemd
0
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-27 12:13:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

user-util: also consider /bin/false and /bin/true as non-shell

Browse Source
This commit is contained in:
Lennart Poettering 2018-02-07 18:11:18 +01:00
parent a6011d1887
commit 7cb609115c
1 changed files with 20 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/basic/user-util.c
View File

@ -197,6 +197,25 @@ int get_user_creds(
return 0; return 0;
} }
static inline bool is_nologin_shell(const char *shell) {
return PATH_IN_SET(shell,
/* 'nologin' is the friendliest way to disable logins for a user account. It prints a nice
* message and exits. Different distributions place the binary at different places though,
* hence let's list them all. */
"/bin/nologin",
"/sbin/nologin",
"/usr/bin/nologin",
"/usr/sbin/nologin",
/* 'true' and 'false' work too for the same purpose, but are less friendly as they don't do
* any message printing. Different distributions place the binary at various places but at
* least not in the 'sbin' directory. */
"/bin/false",
"/usr/bin/false",
"/bin/true",
"/usr/bin/true");
}
int get_user_creds_clean( int get_user_creds_clean(
const char **username, const char **username,
uid_t *uid, gid_t *gid, uid_t *uid, gid_t *gid,
@ -212,11 +231,7 @@ int get_user_creds_clean(
return r; return r;
if (shell && if (shell &&
(isempty(*shell) || PATH_IN_SET(*shell, (isempty(*shell) || is_nologin_shell(*shell)))
"/bin/nologin",
"/sbin/nologin",
"/usr/bin/nologin",
"/usr/sbin/nologin")))
*shell = NULL; *shell = NULL;
if (home && if (home &&