Skip to content

Commit

Permalink
passwd.rs: add condition when adding passwd/group content
Browse files Browse the repository at this point in the history
  • Loading branch information
HuijingHei committed Oct 31, 2023
1 parent ee68159 commit a9c572a
Showing 1 changed file with 11 additions and 4 deletions.
15 changes: 11 additions & 4 deletions rust/src/passwd.rs
Original file line number Diff line number Diff line change
Expand Up @@ -614,6 +614,7 @@ fn complete_pwgrp(rootfs: &Dir) -> Result<()> {
/// This is a pre-commit validation hook which ensures that the upcoming
/// users/groups entries are somehow sane. See treefile `check-passwd` and
/// `check-groups` fields for a description of available validation knobs.
#[context("Validate users/groups refer to treefile check-passwd/check-groups configuration")]
pub fn check_passwd_group_entries(
ffi_repo: &crate::ffi::OstreeRepo,
rootfs_dfd: i32,
Expand All @@ -630,8 +631,12 @@ pub fn check_passwd_group_entries(

// Parse entries in the upcoming commit content.
let mut new_entities = PasswdEntries::default();
new_entities.add_passwd_content(rootfs.as_raw_fd(), "usr/lib/passwd")?;
new_entities.add_group_content(rootfs.as_raw_fd(), "usr/lib/group")?;
new_entities.add_passwd_content(rootfs.as_raw_fd(), "usr/etc/passwd")?;
new_entities.add_group_content(rootfs.as_raw_fd(), "usr/etc/group")?;
if has_usrlib_passwd(&rootfs)? {
new_entities.add_passwd_content(rootfs.as_raw_fd(), "usr/lib/passwd")?;
new_entities.add_group_content(rootfs.as_raw_fd(), "usr/lib/group")?;
}

// Fetch entries from treefile and previous commit, according to config.
// These are used as ground-truth by the validation steps below.
Expand Down Expand Up @@ -679,9 +684,11 @@ impl PasswdDB {
pub(crate) fn populate_new(rootfs: &Dir) -> Result<Self> {
let mut db = Self::default();
db.add_passwd_content(rootfs.as_raw_fd(), "usr/etc/passwd")?;
db.add_passwd_content(rootfs.as_raw_fd(), "usr/lib/passwd")?;
db.add_group_content(rootfs.as_raw_fd(), "usr/etc/group")?;
db.add_group_content(rootfs.as_raw_fd(), "usr/lib/group")?;
if has_usrlib_passwd(&rootfs)? {
db.add_passwd_content(rootfs.as_raw_fd(), "usr/lib/passwd")?;
db.add_group_content(rootfs.as_raw_fd(), "usr/lib/group")?;
}
Ok(db)
}

Expand Down

0 comments on commit a9c572a

Please sign in to comment.