~kennylevinsen/greetd-devel

Drop unmaintained `users` crate v2 APPLIED

Hugo Osvaldo Barrera: 1
 Drop unmaintained `users` crate

 4 files changed, 13 insertions(+), 36 deletions(-)
Export patchset (mbox)
How do I use this?

Copy & paste the following snippet into your terminal to import this patchset into git:

curl -s https://lists.sr.ht/~kennylevinsen/greetd-devel/patches/41710/mbox | git am -3
Learn more about email & git

[PATCH v2] Drop unmaintained `users` crate Export this patch

Its functionality is provided by the `nix` crate which is already a
dependency anyway.

See: https://rustsec.org/advisories/RUSTSEC-2023-0040.html
---
v2: sending again; previous patch was lost due to quirk in sr.ht.
 Cargo.lock                   | 11 -----------
 greetd/Cargo.toml            |  1 -
 greetd/src/server.rs         |  7 ++-----
 greetd/src/session/worker.rs | 30 +++++++++++-------------------
 4 files changed, 13 insertions(+), 36 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index a7ae5bb..5ee2e03 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -93,7 +93,6 @@ dependencies = [
 "serde_json",
 "thiserror",
 "tokio",
 "users",
]

[[package]]
@@ -356,16 +355,6 @@ version = "0.1.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c0edd1e5b14653f783770bce4a4dabb4a5108a5370a5f5d8cfe8710c361f6c8b"

[[package]]
name = "users"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "24cc0f6d6f267b73e5a2cadf007ba8f9bc39c6a6f9666f8cf25ea809a153b032"
dependencies = [
 "libc",
 "log",
]

[[package]]
name = "wasi"
version = "0.11.0+wasi-snapshot-preview1"
diff --git a/greetd/Cargo.toml b/greetd/Cargo.toml
index 8de0b3d..a5801be 100644
--- a/greetd/Cargo.toml
+++ b/greetd/Cargo.toml
@@ -13,7 +13,6 @@ debug = []
[dependencies]
nix = "0.26"
pam-sys = "0.5.6"
users = "0.11.0"
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
greetd_ipc = { path = "../greetd_ipc", features = ["tokio-codec"] }
diff --git a/greetd/src/server.rs b/greetd/src/server.rs
index f9adf26..0cdd608 100644
--- a/greetd/src/server.rs
+++ b/greetd/src/server.rs
@@ -222,15 +222,12 @@ pub async fn main(config: Config) -> Result<(), Error> {
        service
    };

    let u = users::get_user_by_name(&config.file.default_session.user).ok_or(format!(
    let u = nix::unistd::User::from_name(&config.file.default_session.user)?.ok_or(format!(
        "configured default session user '{}' not found",
        &config.file.default_session.user
    ))?;

    let uid = Uid::from_raw(u.uid());
    let gid = Gid::from_raw(u.primary_group_id());

    let listener = Listener::create(uid, gid)?;
    let listener = Listener::create(u.uid, u.gid)?;

    let term_mode = get_tty(&config)?;

diff --git a/greetd/src/session/worker.rs b/greetd/src/session/worker.rs
index c88664b..fc1b5f8 100644
--- a/greetd/src/session/worker.rs
+++ b/greetd/src/session/worker.rs
@@ -2,11 +2,10 @@ use std::{env, ffi::CString, os::unix::net::UnixDatagram};

use nix::{
    sys::wait::waitpid,
    unistd::{execve, fork, initgroups, setgid, setsid, setuid, ForkResult, Gid, Uid},
    unistd::{execve, fork, initgroups, setgid, setsid, setuid, ForkResult},
};
use pam_sys::{PamFlag, PamItemType};
use serde::{Deserialize, Serialize};
use users::os::unix::UserExt;

use super::{
    conv::SessionConv,
@@ -128,7 +127,7 @@ fn worker(sock: &UnixDatagram) -> Result<(), Error> {

    let pam_username = pam.get_user()?;

    let user = users::get_user_by_name(&pam_username).ok_or("unable to get user info")?;
    let user = nix::unistd::User::from_name(&pam_username)?.ok_or("unable to get user info")?;

    // Make this process a session leader.
    setsid().map_err(|e| format!("unable to become session leader: {}", e))?;
@@ -164,13 +163,6 @@ fn worker(sock: &UnixDatagram) -> Result<(), Error> {
        }
    }

    // Prepare some values from the user struct we gathered earlier.
    let username = user.name().to_str().unwrap_or("");
    let home = user.home_dir().to_str().unwrap_or("");
    let shell = user.shell().to_str().unwrap_or("");
    let uid = Uid::from_raw(user.uid());
    let gid = Gid::from_raw(user.primary_group_id());

    // PAM has to be provided a bunch of environment variables before
    // open_session. We pass any environment variables from our greeter
    // through here as well. This allows them to affect PAM (more
@@ -179,10 +171,10 @@ fn worker(sock: &UnixDatagram) -> Result<(), Error> {
    let prepared_env = [
        "XDG_SEAT=seat0".to_string(),
        format!("XDG_SESSION_CLASS={}", class),
        format!("USER={}", username),
        format!("LOGNAME={}", username),
        format!("HOME={}", home),
        format!("SHELL={}", shell),
        format!("USER={}", user.name),
        format!("LOGNAME={}", user.name),
        format!("HOME={}", user.dir.to_string_lossy()),
        format!("SHELL={}", user.shell.to_string_lossy()),
        format!("GREETD_SOCK={}", env::var("GREETD_SOCK").unwrap()),
        format!(
            "TERM={}",
@@ -198,7 +190,7 @@ fn worker(sock: &UnixDatagram) -> Result<(), Error> {
    pam.open_session(PamFlag::NONE)?;

    // Prepare some strings in C format that we'll need.
    let cusername = CString::new(username)?;
    let cusername = CString::new(user.name)?;
    let command = if source_profile {
        format!(
            "[ -f /etc/profile ] && . /etc/profile; [ -f $HOME/.profile ] && . $HOME/.profile; exec {}",
@@ -223,16 +215,16 @@ fn worker(sock: &UnixDatagram) -> Result<(), Error> {
            // this match arm.

            // Drop privileges to target user
            initgroups(&cusername, gid).expect("unable to init groups");
            setgid(gid).expect("unable to set GID");
            setuid(uid).expect("unable to set UID");
            initgroups(&cusername, user.gid).expect("unable to init groups");
            setgid(user.gid).expect("unable to set GID");
            setuid(user.uid).expect("unable to set UID");

            // Set our parent death signal. setuid/setgid above resets the
            // death signal, which is why we do this here.
            prctl(PrctlOption::SET_PDEATHSIG(libc::SIGTERM)).expect("unable to set death signal");

            // Change working directory
            if let Err(e) = env::set_current_dir(home) {
            if let Err(e) = env::set_current_dir(user.dir) {
                eprintln!("unable to set working directory: {}", e);
            }

-- 
2.41.0
Applied, thanks!