Let's fold get_user_creds_clean() into get_user_creds(), and introduce a
flags argument for it to select "clean" behaviour. This flags parameter
also learns to other new flags:
- USER_CREDS_SYNTHESIZE_FALLBACK: in this mode the user records for
root/nobody are only synthesized as fallback. Normally, the synthesized
records take precedence over what is in the user database. With this
flag set this is reversed, and the user database takes precedence, and
the synthesized records are only used if they are missing there. This
flag should be set in cases where doing NSS is deemed safe, and where
there's interest in knowing the correct shell, for example if the
admin changed root's shell to zsh or suchlike.
- USER_CREDS_ALLOW_MISSING: if set, and a UID/GID is specified by
numeric value, and there's no user/group record for it accept it
anyway. This allows us to fix#9767
This then also ports all users to set the most appropriate flags.
Fixes: #9767
[zj: remove one isempty() call]
$ git grep -e 'This program is free software' -l |grep -v LICENSE | \
xargs perl -i -0pe 's/ \* This program.*?for more details.\s*\*\n( \* You should have.*licenses.>.\n)?//gms'
For some reason they were missed previously. All those files seem to
have proper SDPX tags.
This is primarly useful to support escaped double quotes in PROGRAM or
IMPORT{program} directives.
The only possibilty before this patch was to use an external shell script but
this seems too cumbersome for trivial logics such as
PROGRAM=="/bin/sh -c 'FOO=\"%s{model}\"; echo ${FOO:0:4}'"
or any similar shell constructs that needs to deals with patterns including
whitespaces.
As it's the case for single quote and for directives running a program, words
within escaped double quotes will be considered as a single argument.
Fixes: #6835
Let's use proc_cmdline_get_key() instead of some strstr() logic to find
a kernel command line key. Using strstr() gets confused by similarly
named keys, and we should reuse our own code as much as we can anyway...
Fixes: #6330
All those uses were correct, but I think it's better to be explicit.
Using implicit errno is too error prone, and with this change we can require
(in the sense of a style guideline) that the code is always specified.
Helpful query: git grep -n -P 'log_[^s][a-z]+\(.*%m'
If the string_escape option is either unset or 'replace' (i.e. if it is
not 'none'), then enable whitespace replacement in SYMLINK variable
substitution values, as added in the last patch.
This will keep any whitespace that is directly contained in a SYMLINK
value, but will replace any whitespace that is added to the SYMLINK
value as a result of variable substitution (except $result/%c).
This fixes bug 4833.
If replace_whitespace is true, each substitution value has all its
whitespace removed/replaced by util_replace_whitespace (except the
SUBST_RESULT substitution - $result{} or %c{} - which handles spaces
itself as field separators). All existing callers are updated to
pass false, so no functional change is made by this patch.
This is needed so the SYMLINK assignment can replace any spaces
introduced through variable substitution, becuase the SYMLINK value is
a space-separated list of symlinks to create. Any variables that
contain spaces will thus unexpectedly change the symlink value from
a single symlink to multiple incorrectly-named symlinks.
This is used in the next patch, which enables the whitespace
replacement for SYMLINK variable substitution.
It is possible to specify only one quote in udev rules, which is not
detected as an invalid quoting (" instead of "" for empty string).
Technically this doesn't lead to a bug, because the string ends in two
terminating nul characters at this position, but a user should still be
reminded that his configuration is invalid.
Also downgrade non-fatal warnings to log_warning.
Previously rule_add_key() would check the output array and log a cryptic
error and return -1. Most of the time the return value was ignored. This
does not seems right, because the buffer can overflow with enough rules.
It would also check if we have enough space for the *next* rule, even if
there might be not next rule, i.e. off-by-one.
Replace this with a check that we have enough space for a next rule before
we start parsing.
Normally using macros to alter flow is not allowed, but in this case I
think it is worth it, because it allows lots of boilerplate code to be
removed and hides repeated boring parameters, making function logic much
easier to follow.
If the attribute wasn't found, the last filename looked at was returned in
the input/output argument. This just seems bad style.
The return value was ignored, so change function to return void.
There are more than enough calls doing string manipulations to deserve
its own files, hence do something about it.
This patch also sorts the #include blocks of all files that needed to be
updated, according to the sorting suggestions from CODING_STYLE. Since
pretty much every file needs our string manipulation functions this
effectively means that most files have sorted #include blocks now.
Also touches a few unrelated include files.
Use %m where previously %s was used together with strerrno().
Fixes: e53fc357a9 "tree-wide: remove a number of invocations of
strerror() and replace by %m"
The TAG key can be used in rules for event matching. At the moment, it
does not support inequality tests. This patch enhances the key test to
validate the rule if it does not contain a given TAG (by TAG!="value").
Signed-off-by: Felipe Franciosi <felipe@paradoxo.org>
