homed: return a better error when a home has no authentication information defined
We can't log into home entries that have no password or PKCS#11 token. Return a proper, useful error in that case. See: #15178
This commit is contained in:
parent
766507972b
commit
cbffdcecae
|
@ -471,6 +471,8 @@ static int convert_worker_errno(Home *h, int e, sd_bus_error *error) {
|
||||||
return sd_bus_error_setf(error, BUS_ERROR_HOME_NOT_ACTIVE, "Home %s is currently not active", h->user_name);
|
return sd_bus_error_setf(error, BUS_ERROR_HOME_NOT_ACTIVE, "Home %s is currently not active", h->user_name);
|
||||||
case -ENOSPC:
|
case -ENOSPC:
|
||||||
return sd_bus_error_setf(error, BUS_ERROR_NO_DISK_SPACE, "Not enough disk space for home %s", h->user_name);
|
return sd_bus_error_setf(error, BUS_ERROR_NO_DISK_SPACE, "Not enough disk space for home %s", h->user_name);
|
||||||
|
case -EKEYREVOKED:
|
||||||
|
return sd_bus_error_setf(error, BUS_ERROR_HOME_CANT_AUTHENTICATE, "Home %s has no password or other authentication mechanism defined.", h->user_name);
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
|
|
@ -1489,6 +1489,7 @@ static int run(int argc, char *argv[]) {
|
||||||
* EBUSY → file system is currently active
|
* EBUSY → file system is currently active
|
||||||
* ENOEXEC → file system is currently not active
|
* ENOEXEC → file system is currently not active
|
||||||
* ENOSPC → not enough disk space for operation
|
* ENOSPC → not enough disk space for operation
|
||||||
|
* EKEYREVOKED → user record has not suitable hashed password or pkcs#11 entry, we cannot authenticate
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if (streq(argv[1], "activate"))
|
if (streq(argv[1], "activate"))
|
||||||
|
|
|
@ -134,6 +134,7 @@ BUS_ERROR_MAP_ELF_REGISTER const sd_bus_error_map bus_common_errors[] = {
|
||||||
SD_BUS_ERROR_MAP(BUS_ERROR_HOME_NOT_LOCKED, ENOEXEC),
|
SD_BUS_ERROR_MAP(BUS_ERROR_HOME_NOT_LOCKED, ENOEXEC),
|
||||||
SD_BUS_ERROR_MAP(BUS_ERROR_TOO_MANY_OPERATIONS, ENOBUFS),
|
SD_BUS_ERROR_MAP(BUS_ERROR_TOO_MANY_OPERATIONS, ENOBUFS),
|
||||||
SD_BUS_ERROR_MAP(BUS_ERROR_AUTHENTICATION_LIMIT_HIT, ETOOMANYREFS),
|
SD_BUS_ERROR_MAP(BUS_ERROR_AUTHENTICATION_LIMIT_HIT, ETOOMANYREFS),
|
||||||
|
SD_BUS_ERROR_MAP(BUS_ERROR_HOME_CANT_AUTHENTICATE, EKEYREVOKED),
|
||||||
|
|
||||||
SD_BUS_ERROR_MAP_END
|
SD_BUS_ERROR_MAP_END
|
||||||
};
|
};
|
||||||
|
|
|
@ -115,5 +115,6 @@
|
||||||
#define BUS_ERROR_NO_DISK_SPACE "org.freedesktop.home1.NoDiskSpace"
|
#define BUS_ERROR_NO_DISK_SPACE "org.freedesktop.home1.NoDiskSpace"
|
||||||
#define BUS_ERROR_TOO_MANY_OPERATIONS "org.freedesktop.home1.TooManyOperations"
|
#define BUS_ERROR_TOO_MANY_OPERATIONS "org.freedesktop.home1.TooManyOperations"
|
||||||
#define BUS_ERROR_AUTHENTICATION_LIMIT_HIT "org.freedesktop.home1.AuthenticationLimitHit"
|
#define BUS_ERROR_AUTHENTICATION_LIMIT_HIT "org.freedesktop.home1.AuthenticationLimitHit"
|
||||||
|
#define BUS_ERROR_HOME_CANT_AUTHENTICATE "org.freedesktop.home1.HomeCantAuthenticate"
|
||||||
|
|
||||||
BUS_ERROR_MAP_ELF_USE(bus_common_errors);
|
BUS_ERROR_MAP_ELF_USE(bus_common_errors);
|
||||||
|
|
Loading…
Reference in New Issue