From b6af9225f7c6f5ca4fbc90c61f47b5ef8a851e97 Mon Sep 17 00:00:00 2001 From: Bastien Nocera Date: Wed, 7 Mar 2012 12:36:44 +0100 Subject: [PATCH] Filter users on nologin rather than minimal UID https://bugs.freedesktop.org/show_bug.cgi?id=44408 --- src/daemon.c | 14 +++++++++----- src/daemon.h | 2 +- src/user.c | 2 +- 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/src/daemon.c b/src/daemon.c index 8e52f02..5fe6aed 100644 --- a/src/daemon.c +++ b/src/daemon.c @@ -48,6 +48,7 @@ #define PATH_PASSWD "/etc/passwd" #define PATH_SHADOW "/etc/shadow" +#define PATH_NOLOGIN "/sbin/nologin" #define PATH_GDM_CUSTOM "/etc/gdm/custom.conf" #define USERDIR LOCALSTATEDIR "/lib/AccountsService/users" @@ -152,8 +153,11 @@ error_get_type (void) } gboolean -daemon_local_user_is_excluded (Daemon *daemon, const gchar *username, uid_t uid) +daemon_local_user_is_excluded (Daemon *daemon, const gchar *username, const gchar *shell) { + if (g_strcmp0 (shell, PATH_NOLOGIN) == 0) { + return TRUE; + } if (g_hash_table_lookup (daemon->priv->exclusions, username)) { return TRUE; } @@ -189,7 +193,7 @@ reload_wtmp_history (Daemon *daemon) if (daemon_local_user_is_excluded (daemon, wtmp_entry->ut_user, - wtmp_entry->ut_pid)) { + NULL)) { g_debug ("excluding user '%s'", wtmp_entry->ut_user); continue; } @@ -285,8 +289,8 @@ reload_passwd (Daemon *daemon) #else while ((pwent = getpwent ()) != NULL) { #endif - /* Skip users below MINIMAL_UID... */ - if (daemon_local_user_is_excluded (daemon, pwent->pw_name, pwent->pw_uid)) { + /* Skip system users... */ + if (daemon_local_user_is_excluded (daemon, pwent->pw_name, pwent->pw_shell)) { g_debug ("skipping user: %s", pwent->pw_name); continue; } @@ -814,7 +818,7 @@ finish_list_cached_users (gpointer user_data) g_hash_table_iter_init (&iter, data->daemon->priv->users); while (g_hash_table_iter_next (&iter, (gpointer *)&name, (gpointer *)&user)) { uid = user_local_get_uid (user); - if (!daemon_local_user_is_excluded (data->daemon, name, uid)) { + if (!daemon_local_user_is_excluded (data->daemon, name, NULL)) { g_debug ("user %s %ld not excluded\n", name, (long) uid); g_ptr_array_add (object_paths, (gpointer) user_local_get_object_path (user)); } diff --git a/src/daemon.h b/src/daemon.h index 441609f..996b452 100644 --- a/src/daemon.h +++ b/src/daemon.h @@ -77,7 +77,7 @@ User *daemon_local_find_user_by_name (Daemon *daemon, const gchar *name); gboolean daemon_local_user_is_excluded (Daemon *daemon, const gchar *name, - uid_t uid); + const gchar *shell); typedef void (*AuthorizedCallback) (Daemon *daemon, User *user, diff --git a/src/user.c b/src/user.c index 8e3ef37..6cc54e1 100644 --- a/src/user.c +++ b/src/user.c @@ -283,7 +283,7 @@ user_local_update_from_pwent (User *user, user->system_account = daemon_local_user_is_excluded (user->daemon, user->user_name, - user->uid); + pwent->pw_shell); g_object_thaw_notify (G_OBJECT (user)); -- 1.7.7.6