Hugo Osvaldo Barrera: 1 Drop unmaintained `users` crate 4 files changed, 13 insertions(+), 36 deletions(-)
Copy & paste the following snippet into your terminal to import this patchset into git:
curl -s https://lists.sr.ht/~kennylevinsen/greetd-devel/patches/41710/mbox | git am -3Learn more about email & git
Its functionality is provided by the `nix` crate which is already a dependency anyway. See: https://rustsec.org/advisories/RUSTSEC-2023-0040.html --- v2: sending again; previous patch was lost due to quirk in sr.ht. Cargo.lock | 11 ----------- greetd/Cargo.toml | 1 - greetd/src/server.rs | 7 ++----- greetd/src/session/worker.rs | 30 +++++++++++------------------- 4 files changed, 13 insertions(+), 36 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index a7ae5bb..5ee2e03 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -93,7 +93,6 @@ dependencies = [ "serde_json", "thiserror", "tokio", - "users", ] [[package]] @@ -356,16 +355,6 @@ version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c0edd1e5b14653f783770bce4a4dabb4a5108a5370a5f5d8cfe8710c361f6c8b" -[[package]] -name = "users" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "24cc0f6d6f267b73e5a2cadf007ba8f9bc39c6a6f9666f8cf25ea809a153b032" -dependencies = [ - "libc", - "log", -] - [[package]] name = "wasi" version = "0.11.0+wasi-snapshot-preview1" diff --git a/greetd/Cargo.toml b/greetd/Cargo.toml index 8de0b3d..a5801be 100644 --- a/greetd/Cargo.toml +++ b/greetd/Cargo.toml @@ -13,7 +13,6 @@ debug = [] [dependencies] nix = "0.26" pam-sys = "0.5.6" -users = "0.11.0" serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" greetd_ipc = { path = "../greetd_ipc", features = ["tokio-codec"] } diff --git a/greetd/src/server.rs b/greetd/src/server.rs index f9adf26..0cdd608 100644 --- a/greetd/src/server.rs +++ b/greetd/src/server.rs @@ -222,15 +222,12 @@ pub async fn main(config: Config) -> Result<(), Error> { service }; - let u = users::get_user_by_name(&config.file.default_session.user).ok_or(format!( + let u = nix::unistd::User::from_name(&config.file.default_session.user)?.ok_or(format!( "configured default session user '{}' not found", &config.file.default_session.user ))?; - let uid = Uid::from_raw(u.uid()); - let gid = Gid::from_raw(u.primary_group_id()); - - let listener = Listener::create(uid, gid)?; + let listener = Listener::create(u.uid, u.gid)?; let term_mode = get_tty(&config)?; diff --git a/greetd/src/session/worker.rs b/greetd/src/session/worker.rs index c88664b..fc1b5f8 100644 --- a/greetd/src/session/worker.rs +++ b/greetd/src/session/worker.rs @@ -2,11 +2,10 @@ use std::{env, ffi::CString, os::unix::net::UnixDatagram}; use nix::{ sys::wait::waitpid, - unistd::{execve, fork, initgroups, setgid, setsid, setuid, ForkResult, Gid, Uid}, + unistd::{execve, fork, initgroups, setgid, setsid, setuid, ForkResult}, }; use pam_sys::{PamFlag, PamItemType}; use serde::{Deserialize, Serialize}; -use users::os::unix::UserExt; use super::{ conv::SessionConv, @@ -128,7 +127,7 @@ fn worker(sock: &UnixDatagram) -> Result<(), Error> { let pam_username = pam.get_user()?; - let user = users::get_user_by_name(&pam_username).ok_or("unable to get user info")?; + let user = nix::unistd::User::from_name(&pam_username)?.ok_or("unable to get user info")?; // Make this process a session leader. setsid().map_err(|e| format!("unable to become session leader: {}", e))?; @@ -164,13 +163,6 @@ fn worker(sock: &UnixDatagram) -> Result<(), Error> { } } - // Prepare some values from the user struct we gathered earlier. - let username = user.name().to_str().unwrap_or(""); - let home = user.home_dir().to_str().unwrap_or(""); - let shell = user.shell().to_str().unwrap_or(""); - let uid = Uid::from_raw(user.uid()); - let gid = Gid::from_raw(user.primary_group_id()); - // PAM has to be provided a bunch of environment variables before // open_session. We pass any environment variables from our greeter // through here as well. This allows them to affect PAM (more @@ -179,10 +171,10 @@ fn worker(sock: &UnixDatagram) -> Result<(), Error> { let prepared_env = [ "XDG_SEAT=seat0".to_string(), format!("XDG_SESSION_CLASS={}", class), - format!("USER={}", username), - format!("LOGNAME={}", username), - format!("HOME={}", home), - format!("SHELL={}", shell), + format!("USER={}", user.name), + format!("LOGNAME={}", user.name), + format!("HOME={}", user.dir.to_string_lossy()), + format!("SHELL={}", user.shell.to_string_lossy()), format!("GREETD_SOCK={}", env::var("GREETD_SOCK").unwrap()), format!( "TERM={}", @@ -198,7 +190,7 @@ fn worker(sock: &UnixDatagram) -> Result<(), Error> { pam.open_session(PamFlag::NONE)?; // Prepare some strings in C format that we'll need. - let cusername = CString::new(username)?; + let cusername = CString::new(user.name)?; let command = if source_profile { format!( "[ -f /etc/profile ] && . /etc/profile; [ -f $HOME/.profile ] && . $HOME/.profile; exec {}", @@ -223,16 +215,16 @@ fn worker(sock: &UnixDatagram) -> Result<(), Error> { // this match arm. // Drop privileges to target user - initgroups(&cusername, gid).expect("unable to init groups"); - setgid(gid).expect("unable to set GID"); - setuid(uid).expect("unable to set UID"); + initgroups(&cusername, user.gid).expect("unable to init groups"); + setgid(user.gid).expect("unable to set GID"); + setuid(user.uid).expect("unable to set UID"); // Set our parent death signal. setuid/setgid above resets the // death signal, which is why we do this here. prctl(PrctlOption::SET_PDEATHSIG(libc::SIGTERM)).expect("unable to set death signal"); // Change working directory - if let Err(e) = env::set_current_dir(home) { + if let Err(e) = env::set_current_dir(user.dir) { eprintln!("unable to set working directory: {}", e); } -- 2.41.0
Applied, thanks!