emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity
a210d898b6
shadow/libmisc/find_new_uid.c

204 lines
6.3 KiB
C
Raw Normal View History

Make sure every source files are distributed with a copyright and license. Files with no license use the default 3-clauses BSD license. The copyright were mostly not recorded; they were updated according to the Changelog. "Julianne Frances Haugh and contributors" changed to "copyright holders and contributors".
2008-04-27 06:10:09 +05:30
/*
* Copyright (c) 1991 - 1994, Julianne Frances Haugh
* libmisc/find_new_gid.c, libmisc/find_new_uid.c, libmisc/isexpired.c, src/groupadd.c, lib/pwauth.h, lib/groupmem.c, lib/shadowmem.c, lib/pwmem.c, lib/prototypes.h: Added splint annotations.
2009-04-23 23:13:27 +05:30
* Copyright (c) 2008 - 2009, Nicolas François
Make sure every source files are distributed with a copyright and license. Files with no license use the default 3-clauses BSD license. The copyright were mostly not recorded; they were updated according to the Changelog. "Julianne Frances Haugh and contributors" changed to "copyright holders and contributors".
2008-04-27 06:10:09 +05:30
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the copyright holders or contributors may not be used to
* endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
Add new generic functions to find the next user or group ID available: find_new_uid() and find_new_gid(). They work the same way as the functions with the same name of useradd or groupadd, except that they check in the local database to make sure an ID was not reserved in an uncommitted change (this is needed to be used in newusers), they report a status instead of calling exit(), and they can receive a preferred ID. They should later support system IDs. This should be a little bit slower, but not too much (if the database is not open the checks against the local database will exit immediately, and if it is already open, all the checks will be done regarding the data in memory).
2008-02-03 22:23:07 +05:30
#include <config.h>
#include <assert.h>
#include <stdio.h>
* libmisc/find_new_uid.c, libmisc/find_new_gid.c: Add missing memory allocation check.
2011-06-03 00:10:06 +05:30
#include <errno.h>
Add new generic functions to find the next user or group ID available: find_new_uid() and find_new_gid(). They work the same way as the functions with the same name of useradd or groupadd, except that they check in the local database to make sure an ID was not reserved in an uncommitted change (this is needed to be used in newusers), they report a status instead of calling exit(), and they can receive a preferred ID. They should later support system IDs. This should be a little bit slower, but not too much (if the database is not open the checks against the local database will exit immediately, and if it is already open, all the checks will be done regarding the data in memory).
2008-02-03 22:23:07 +05:30
#include "prototypes.h"
#include "pwio.h"
#include "getdef.h"
/*
* find_new_uid - Find a new unused UID.
*
* If successful, find_new_uid provides an unused user ID in the
* [UID_MIN:UID_MAX] range.
* This ID should be higher than all the used UID, but if not possible,
* the lowest unused ID in the range will be returned.
*
* Return 0 on success, -1 if no unused UIDs are available.
*/
* libmisc/find_new_gid.c, libmisc/find_new_uid.c, libmisc/isexpired.c, src/groupadd.c, lib/pwauth.h, lib/groupmem.c, lib/shadowmem.c, lib/pwmem.c, lib/prototypes.h: Added splint annotations.
2009-04-23 23:13:27 +05:30
int find_new_uid (bool sys_user,
uid_t *uid,
/*@null@*/uid_t const *preferred_uid)
Add new generic functions to find the next user or group ID available: find_new_uid() and find_new_gid(). They work the same way as the functions with the same name of useradd or groupadd, except that they check in the local database to make sure an ID was not reserved in an uncommitted change (this is needed to be used in newusers), they report a status instead of calling exit(), and they can receive a preferred ID. They should later support system IDs. This should be a little bit slower, but not too much (if the database is not open the checks against the local database will exit immediately, and if it is already open, all the checks will be done regarding the data in memory).
2008-02-03 22:23:07 +05:30
{
const struct passwd *pwd;
* lib/utent.c (getutline): Remove getutline(). This function is no more used. * lib/groupmem.c: Limit the scope of variable i. * lib/shadow.c: Avoid implicit conversion of pointers and integers to booleans. * lib/shadow.c: Added brackets. * libmisc/limits.c: Limit the scope of variable tmpmask. * libmisc/copydir.c: Close opened file on failure. * libmisc/loginprompt.c: Limit the scope of variable envc. * libmisc/find_new_uid.c, libmisc/find_new_gid.c: Limit the scope of variable id.
2010-03-23 14:26:52 +05:30
uid_t uid_min, uid_max, user_id;
* libmisc/find_new_gid.c: Use booleans instead of char fo used_gids. * libmisc/find_new_gid.c: Use getdef_ulong and cast to git_t to get GID values. * libmisc/find_new_gid.c: Use UL as a prefix for ulong values. * libmisc/find_new_uid.c: Likewise.
2009-04-23 16:46:38 +05:30
bool *used_uids;
Add new generic functions to find the next user or group ID available: find_new_uid() and find_new_gid(). They work the same way as the functions with the same name of useradd or groupadd, except that they check in the local database to make sure an ID was not reserved in an uncommitted change (this is needed to be used in newusers), they report a status instead of calling exit(), and they can receive a preferred ID. They should later support system IDs. This should be a little bit slower, but not too much (if the database is not open the checks against the local database will exit immediately, and if it is already open, all the checks will be done regarding the data in memory).
2008-02-03 22:23:07 +05:30
assert (uid != NULL);
* libmisc/find_new_ids.c: Change find_new_uid() and find_new_gid() prototypes to use a bool for their first argument (sys_user / sys_group).
2008-06-09 23:43:09 +05:30
if (!sys_user) {
* libmisc/find_new_gid.c: Use booleans instead of char fo used_gids. * libmisc/find_new_gid.c: Use getdef_ulong and cast to git_t to get GID values. * libmisc/find_new_gid.c: Use UL as a prefix for ulong values. * libmisc/find_new_uid.c: Likewise.
2009-04-23 16:46:38 +05:30
uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Detect some misconfigurations of UID_MIN, UID_MAX, SYS_UID_MIN, SYS_UID_MAX (and the GID equivalents)
2010-03-21 06:50:50 +05:30
if (uid_max < uid_min) {
(void) fprintf (stderr,
_("%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"),
Prog, (unsigned long) uid_min, (unsigned long) uid_max);
}
Added new option -r, --system for system accounts in useradd, groupadd, and newusers.
2008-02-20 02:31:38 +05:30
} else {
2009-07-18 Peter Vrabec <pvrabec@redhat.com> * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Since system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in reverse order, accounts are packed close to SYS_?ID_MAX if SYS_?ID_MIN is already used but there are still dome gaps.
2009-07-18 06:05:35 +05:30
uid_min = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL);
* libmisc/find_new_gid.c: Use booleans instead of char fo used_gids. * libmisc/find_new_gid.c: Use getdef_ulong and cast to git_t to get GID values. * libmisc/find_new_gid.c: Use UL as a prefix for ulong values. * libmisc/find_new_uid.c: Likewise.
2009-04-23 16:46:38 +05:30
uid_max = (uid_t) getdef_ulong ("UID_MIN", 1000UL) - 1;
uid_max = (uid_t) getdef_ulong ("SYS_UID_MAX", (unsigned long) uid_max);
* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Detect some misconfigurations of UID_MIN, UID_MAX, SYS_UID_MIN, SYS_UID_MAX (and the GID equivalents)
2010-03-21 06:50:50 +05:30
if (uid_max < uid_min) {
(void) fprintf (stderr,
_("%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"),
Prog, (unsigned long) uid_min, getdef_ulong ("UID_MIN", 1000UL), (unsigned long) uid_max);
}
Added new option -r, --system for system accounts in useradd, groupadd, and newusers.
2008-02-20 02:31:38 +05:30
}
* libmisc/find_new_uid.c, libmisc/find_new_gid.c: Add missing memory allocation check.
2011-06-03 00:10:06 +05:30
used_uids = malloc (sizeof (bool) * (uid_max +1));
if (NULL == used_uids) {
fprintf (stderr,
Harmonize message.
2011-06-04 02:39:27 +05:30
_("%s: failed to allocate memory: %s\n"),
* libmisc/find_new_uid.c, libmisc/find_new_gid.c: Add missing memory allocation check.
2011-06-03 00:10:06 +05:30
Prog, strerror (errno));
return -1;
}
* libmisc/find_new_gid.c: Use booleans instead of char fo used_gids. * libmisc/find_new_gid.c: Use getdef_ulong and cast to git_t to get GID values. * libmisc/find_new_gid.c: Use UL as a prefix for ulong values. * libmisc/find_new_uid.c: Likewise.
2009-04-23 16:46:38 +05:30
memset (used_uids, false, sizeof (bool) * (uid_max + 1));
Add new generic functions to find the next user or group ID available: find_new_uid() and find_new_gid(). They work the same way as the functions with the same name of useradd or groupadd, except that they check in the local database to make sure an ID was not reserved in an uncommitted change (this is needed to be used in newusers), they report a status instead of calling exit(), and they can receive a preferred ID. They should later support system IDs. This should be a little bit slower, but not too much (if the database is not open the checks against the local database will exit immediately, and if it is already open, all the checks will be done regarding the data in memory).
2008-02-03 22:23:07 +05:30
if ( (NULL != preferred_uid)
&& (*preferred_uid >= uid_min)
&& (*preferred_uid <= uid_max)
/* Check if the user exists according to NSS */
&& (getpwuid (*preferred_uid) == NULL)
/* Check also the local database in case of uncommitted
* changes */
&& (pw_locate_uid (*preferred_uid) == NULL)) {
*uid = *preferred_uid;
return 0;
}
/*
* Search the entire password file,
* looking for the largest unused value.
*
* We check the list of users according to NSS (setpwent/getpwent),
* but we also check the local database (pw_rewind/pw_next) in case
* some users were created but the changes were not committed yet.
*/
* NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not use getpwent / getgrent for system accounts. Trying the low-IDs with getpwuid / getgrgid should be more efficient on LDAP configured systems with many accounts.
2009-07-18 04:24:23 +05:30
if (sys_user) {
* lib/utent.c (getutline): Remove getutline(). This function is no more used. * lib/groupmem.c: Limit the scope of variable i. * lib/shadow.c: Avoid implicit conversion of pointers and integers to booleans. * lib/shadow.c: Added brackets. * libmisc/limits.c: Limit the scope of variable tmpmask. * libmisc/copydir.c: Close opened file on failure. * libmisc/loginprompt.c: Limit the scope of variable envc. * libmisc/find_new_uid.c, libmisc/find_new_gid.c: Limit the scope of variable id.
2010-03-23 14:26:52 +05:30
uid_t id;
* NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not use getpwent / getgrent for system accounts. Trying the low-IDs with getpwuid / getgrgid should be more efficient on LDAP configured systems with many accounts.
2009-07-18 04:24:23 +05:30
/* setpwent / getpwent / endpwent can be very slow with
* LDAP configurations (and many accounts).
* Since there is a limited amount of IDs to be tested
* for system accounts, we just check the existence
* of IDs with getpwuid.
*/
2009-07-18 Peter Vrabec <pvrabec@redhat.com> * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Since system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in reverse order, accounts are packed close to SYS_?ID_MAX if SYS_?ID_MIN is already used but there are still dome gaps.
2009-07-18 06:05:35 +05:30
user_id = uid_max;
for (id = uid_max; id >= uid_min; id--) {
if (getpwuid (id) != NULL) {
user_id = id - 1;
used_uids[id] = true;
}
}
* libmisc/limits.c: Avoid implicit conversion of integer to boolean. * libmisc/basename.c: Avoid implicit conversion of pointer to boolean. * libmisc/basename.c, lib/prototypes.h (Basename): Return a constant string. * libmisc/basename.c, libmisc/obscure.c, lib/prototypes.h, libmisc/xmalloc.c, libmisc/getdate.h, libmisc/system.c, libmisc/getgr_nam_gid.c, libmisc/failure.c, libmisc/valid.c: Add splint annotations. * libmisc/chowndir.c: Avoid memory leak. * libmisc/chowndir.c: Do not check *printf/*puts return value. * libmisc/chowntty.c: Avoid implicit conversion between integer types. * libmisc/obscure.c: Return a bool when possible instead of int. * libmisc/shell.c: Do not check *printf/*puts return value. * libmisc/shell.c: Do not check execle return value. * libmisc/setupenv.c: Avoid implicit conversion between integer types. * libmisc/xmalloc.c: size should not be zero to avoid returning NULL pointers. * libmisc/hushed.c: Do not check *printf/*puts return value. * libmisc/system.c: Avoid implicit conversion of integer to boolean. safe_system last argument is a boolean. * libmisc/system.c: Check return value of dup2. * libmisc/system.c: Do not check *printf/*puts return value. * libmisc/system.c: Do not check execve return value. * libmisc/salt.c: Do not check *printf/*puts return value. * libmisc/loginprompt.c: Do not check gethostname return value. * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not check gr_rewind/pw_rewind return value. * libmisc/ttytype.c: Limit the number of parsed characters in the sscanf format. * libmisc/ttytype.c: Test if a type was really read. * libmisc/sub.c: Do not check *printf/*puts return value. * libmisc/sub.c: Avoid implicit conversion of integer to boolean. * src/userdel.c: Fix typo in comment. * src/userdel.c: Avoid implicit conversion of boolean to integer. * src/userdel.c: safe_system last argument is a boolean. * src/newusers.c: Avoid implicit conversion of boolean to integer. * src/newusers.c: Avoid implicit conversion of integer to boolean. * src/usermod.c: Add brackets. * src/usermod.c: Avoid implicit conversion of characters or integers to booleans. * src/vipw.c: Avoid implicit conversion of integer to boolean. * src/su.c: Avoid implicit conversion of integer to boolean. * src/su.c: Add brackets. * src/useradd.c: Avoid implicit conversion of characters or integers to booleans.
2010-08-23 00:43:53 +05:30
(void) pw_rewind ();
2009-07-18 Peter Vrabec <pvrabec@redhat.com> * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Since system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in reverse order, accounts are packed close to SYS_?ID_MAX if SYS_?ID_MIN is already used but there are still dome gaps.
2009-07-18 06:05:35 +05:30
while ((pwd = pw_next ()) != NULL) {
if ((pwd->pw_uid <= user_id) && (pwd->pw_uid >= uid_min)) {
user_id = pwd->pw_uid - 1;
}
/* create index of used UIDs */
if (pwd->pw_uid <= uid_max) {
used_uids[pwd->pw_uid] = true;
* NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not use getpwent / getgrent for system accounts. Trying the low-IDs with getpwuid / getgrgid should be more efficient on LDAP configured systems with many accounts.
2009-07-18 04:24:23 +05:30
}
Add new generic functions to find the next user or group ID available: find_new_uid() and find_new_gid(). They work the same way as the functions with the same name of useradd or groupadd, except that they check in the local database to make sure an ID was not reserved in an uncommitted change (this is needed to be used in newusers), they report a status instead of calling exit(), and they can receive a preferred ID. They should later support system IDs. This should be a little bit slower, but not too much (if the database is not open the checks against the local database will exit immediately, and if it is already open, all the checks will be done regarding the data in memory).
2008-02-03 22:23:07 +05:30
}
* NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not use getpwent / getgrent for system accounts. Trying the low-IDs with getpwuid / getgrgid should be more efficient on LDAP configured systems with many accounts.
2009-07-18 04:24:23 +05:30
} else {
2009-07-18 Peter Vrabec <pvrabec@redhat.com> * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Since system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in reverse order, accounts are packed close to SYS_?ID_MAX if SYS_?ID_MIN is already used but there are still dome gaps.
2009-07-18 06:05:35 +05:30
user_id = uid_min;
* NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not use getpwent / getgrent for system accounts. Trying the low-IDs with getpwuid / getgrgid should be more efficient on LDAP configured systems with many accounts.
2009-07-18 04:24:23 +05:30
setpwent ();
while ((pwd = getpwent ()) != NULL) {
if ((pwd->pw_uid >= user_id) && (pwd->pw_uid <= uid_max)) {
user_id = pwd->pw_uid + 1;
}
/* create index of used UIDs */
if (pwd->pw_uid <= uid_max) {
used_uids[pwd->pw_uid] = true;
}
From RedHat's patch shadow-4.1.2-sysAccountDownhill.patch Thanks to Peter Vrabec. * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Build an index of used IDs to avoid a database request for each id in the allowed range (when the highest allowed ID is already used). This speedups the addition of users or groups when the highest allowed ID is already used. The additional memory usage of the tools should be acceptable when UID_MAX/SYS_UID_MAX are set to a reasonable number.
2008-09-13 17:24:49 +05:30
}
* NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not use getpwent / getgrent for system accounts. Trying the low-IDs with getpwuid / getgrgid should be more efficient on LDAP configured systems with many accounts.
2009-07-18 04:24:23 +05:30
endpwent ();
Add new generic functions to find the next user or group ID available: find_new_uid() and find_new_gid(). They work the same way as the functions with the same name of useradd or groupadd, except that they check in the local database to make sure an ID was not reserved in an uncommitted change (this is needed to be used in newusers), they report a status instead of calling exit(), and they can receive a preferred ID. They should later support system IDs. This should be a little bit slower, but not too much (if the database is not open the checks against the local database will exit immediately, and if it is already open, all the checks will be done regarding the data in memory).
2008-02-03 22:23:07 +05:30
* libmisc/limits.c: Avoid implicit conversion of integer to boolean. * libmisc/basename.c: Avoid implicit conversion of pointer to boolean. * libmisc/basename.c, lib/prototypes.h (Basename): Return a constant string. * libmisc/basename.c, libmisc/obscure.c, lib/prototypes.h, libmisc/xmalloc.c, libmisc/getdate.h, libmisc/system.c, libmisc/getgr_nam_gid.c, libmisc/failure.c, libmisc/valid.c: Add splint annotations. * libmisc/chowndir.c: Avoid memory leak. * libmisc/chowndir.c: Do not check *printf/*puts return value. * libmisc/chowntty.c: Avoid implicit conversion between integer types. * libmisc/obscure.c: Return a bool when possible instead of int. * libmisc/shell.c: Do not check *printf/*puts return value. * libmisc/shell.c: Do not check execle return value. * libmisc/setupenv.c: Avoid implicit conversion between integer types. * libmisc/xmalloc.c: size should not be zero to avoid returning NULL pointers. * libmisc/hushed.c: Do not check *printf/*puts return value. * libmisc/system.c: Avoid implicit conversion of integer to boolean. safe_system last argument is a boolean. * libmisc/system.c: Check return value of dup2. * libmisc/system.c: Do not check *printf/*puts return value. * libmisc/system.c: Do not check execve return value. * libmisc/salt.c: Do not check *printf/*puts return value. * libmisc/loginprompt.c: Do not check gethostname return value. * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not check gr_rewind/pw_rewind return value. * libmisc/ttytype.c: Limit the number of parsed characters in the sscanf format. * libmisc/ttytype.c: Test if a type was really read. * libmisc/sub.c: Do not check *printf/*puts return value. * libmisc/sub.c: Avoid implicit conversion of integer to boolean. * src/userdel.c: Fix typo in comment. * src/userdel.c: Avoid implicit conversion of boolean to integer. * src/userdel.c: safe_system last argument is a boolean. * src/newusers.c: Avoid implicit conversion of boolean to integer. * src/newusers.c: Avoid implicit conversion of integer to boolean. * src/usermod.c: Add brackets. * src/usermod.c: Avoid implicit conversion of characters or integers to booleans. * src/vipw.c: Avoid implicit conversion of integer to boolean. * src/su.c: Avoid implicit conversion of integer to boolean. * src/su.c: Add brackets. * src/useradd.c: Avoid implicit conversion of characters or integers to booleans.
2010-08-23 00:43:53 +05:30
(void) pw_rewind ();
2009-07-18 Peter Vrabec <pvrabec@redhat.com> * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Since system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in reverse order, accounts are packed close to SYS_?ID_MAX if SYS_?ID_MIN is already used but there are still dome gaps.
2009-07-18 06:05:35 +05:30
while ((pwd = pw_next ()) != NULL) {
if ((pwd->pw_uid >= user_id) && (pwd->pw_uid <= uid_max)) {
user_id = pwd->pw_uid + 1;
}
/* create index of used UIDs */
if (pwd->pw_uid <= uid_max) {
used_uids[pwd->pw_uid] = true;
* libmisc/find_new_gid.c, libmisc/find_new_uid.c: For system accounts, return the first unused ID, starting from the max value. This could be useful later to increase the static IDs range.
2009-04-11 21:30:45 +05:30
}
}
}
Add new generic functions to find the next user or group ID available: find_new_uid() and find_new_gid(). They work the same way as the functions with the same name of useradd or groupadd, except that they check in the local database to make sure an ID was not reserved in an uncommitted change (this is needed to be used in newusers), they report a status instead of calling exit(), and they can receive a preferred ID. They should later support system IDs. This should be a little bit slower, but not too much (if the database is not open the checks against the local database will exit immediately, and if it is already open, all the checks will be done regarding the data in memory).
2008-02-03 22:23:07 +05:30
/*
* If a user with UID equal to UID_MAX exists, the above algorithm
* will give us UID_MAX+1 even if not unique. Search for the first
From RedHat's patch shadow-4.1.2-sysAccountDownhill.patch Thanks to Peter Vrabec. * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Build an index of used IDs to avoid a database request for each id in the allowed range (when the highest allowed ID is already used). This speedups the addition of users or groups when the highest allowed ID is already used. The additional memory usage of the tools should be acceptable when UID_MAX/SYS_UID_MAX are set to a reasonable number.
2008-09-13 17:24:49 +05:30
* free UID starting with UID_MIN.
Add new generic functions to find the next user or group ID available: find_new_uid() and find_new_gid(). They work the same way as the functions with the same name of useradd or groupadd, except that they check in the local database to make sure an ID was not reserved in an uncommitted change (this is needed to be used in newusers), they report a status instead of calling exit(), and they can receive a preferred ID. They should later support system IDs. This should be a little bit slower, but not too much (if the database is not open the checks against the local database will exit immediately, and if it is already open, all the checks will be done regarding the data in memory).
2008-02-03 22:23:07 +05:30
*/
2009-07-18 Peter Vrabec <pvrabec@redhat.com> * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Since system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in reverse order, accounts are packed close to SYS_?ID_MAX if SYS_?ID_MIN is already used but there are still dome gaps.
2009-07-18 06:05:35 +05:30
if (sys_user) {
if (user_id == uid_min - 1) {
for (user_id = uid_max; user_id >= uid_min; user_id--) {
if (false == used_uids[user_id]) {
break;
}
}
if (user_id < uid_min ) {
fprintf (stderr,
_("%s: Can't get unique system UID (no more available UIDs)\n"),
Prog);
SYSLOG ((LOG_WARN,
"no more available UID on the system"));
return -1;
Add new generic functions to find the next user or group ID available: find_new_uid() and find_new_gid(). They work the same way as the functions with the same name of useradd or groupadd, except that they check in the local database to make sure an ID was not reserved in an uncommitted change (this is needed to be used in newusers), they report a status instead of calling exit(), and they can receive a preferred ID. They should later support system IDs. This should be a little bit slower, but not too much (if the database is not open the checks against the local database will exit immediately, and if it is already open, all the checks will be done regarding the data in memory).
2008-02-03 22:23:07 +05:30
}
}
2009-07-18 Peter Vrabec <pvrabec@redhat.com> * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Since system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in reverse order, accounts are packed close to SYS_?ID_MAX if SYS_?ID_MIN is already used but there are still dome gaps.
2009-07-18 06:05:35 +05:30
} else {
if (user_id == uid_max + 1) {
for (user_id = uid_min; user_id < uid_max; user_id++) {
if (false == used_uids[user_id]) {
break;
}
}
if (user_id == uid_max) {
fprintf (stderr,
_("%s: Can't get unique UID (no more available UIDs)\n"),
Prog);
SYSLOG ((LOG_WARN, "no more available UID on the system"));
return -1;
}
Add new generic functions to find the next user or group ID available: find_new_uid() and find_new_gid(). They work the same way as the functions with the same name of useradd or groupadd, except that they check in the local database to make sure an ID was not reserved in an uncommitted change (this is needed to be used in newusers), they report a status instead of calling exit(), and they can receive a preferred ID. They should later support system IDs. This should be a little bit slower, but not too much (if the database is not open the checks against the local database will exit immediately, and if it is already open, all the checks will be done regarding the data in memory).
2008-02-03 22:23:07 +05:30
}
}
* libmisc/find_new_uid.c, libmisc/find_new_gid.c: Add missing memory allocation check.
2011-06-03 00:10:06 +05:30
free (used_uids);
Add new generic functions to find the next user or group ID available: find_new_uid() and find_new_gid(). They work the same way as the functions with the same name of useradd or groupadd, except that they check in the local database to make sure an ID was not reserved in an uncommitted change (this is needed to be used in newusers), they report a status instead of calling exit(), and they can receive a preferred ID. They should later support system IDs. This should be a little bit slower, but not too much (if the database is not open the checks against the local database will exit immediately, and if it is already open, all the checks will be done regarding the data in memory).
2008-02-03 22:23:07 +05:30
*uid = user_id;
return 0;
}
Reference in New Issue Copy Permalink