userdbctl: Write empty JSON object into membership files

2026-04-14 08:25:20 +09:00 · 2025-10-30 22:49:03 +01:00
parent cfabf3eb3b
commit 3fbf4ac24b
1 changed files with 32 additions and 18 deletions
--- a/src/userdb/userdbctl.c
+++ b/src/userdb/userdbctl.c
@@ -18,6 +18,7 @@
 #include "format-table.h"
 #include "format-util.h"
 #include "fs-util.h"
+#include "io-util.h"
 #include "log.h"
 #include "main-func.h"
 #include "mkdir.h"
@@ -1196,6 +1197,31 @@ static int ssh_authorized_keys(int argc, char *argv[], void *userdata) {
        return r;
 }

+static int write_membership(int dir_fd, const char *dir, const char *user, const char *group) {
+        int r;
+
+        assert(dir_fd >= 0 || dir_fd == AT_FDCWD);
+        assert(dir);
+        assert(user);
+        assert(group);
+
+        _cleanup_free_ char *membership = strjoin(user, ":", group, ".membership");
+        if (!membership)
+                return log_oom();
+
+        _cleanup_close_ int fd = openat(dir_fd, membership, O_WRONLY|O_CREAT|O_CLOEXEC, 0644);
+        if (fd < 0)
+                return log_error_errno(errno, "Failed to create %s/%s: %m", dir, membership);
+
+        r = loop_write(fd, "{}\n", SIZE_MAX);
+        if (r < 0)
+                return log_error_errno(r, "Failed to write empty JSON object into %s/%s: %m", dir, membership);
+
+        log_info("Installed %s/%s from credential.", dir, membership);
+
+        return 0;
+}
+
 static int load_credential_one(
                int credential_dir_fd,
                const char *name,
@@ -1430,27 +1456,15 @@ static int load_credential_one(

        if (ur)
                STRV_FOREACH(g, ur->member_of) {
-                        _cleanup_free_ char *membership = strjoin(ur->user_name, ":", *g, ".membership");
-                        if (!membership)
-                                return log_oom();
-
-                        _cleanup_close_ int fd = openat(*userdb_dir_fd, membership, O_WRONLY|O_CREAT|O_CLOEXEC, 0644);
-                        if (fd < 0)
-                                return log_error_errno(errno, "Failed to create %s: %m", membership);
-
-                        log_info("Installed %s/%s from credential.", userdb_dir, membership);
+                        r = write_membership(*userdb_dir_fd, userdb_dir, ur->user_name, *g);
+                        if (r < 0)
+                                return r;
                }
        else
                STRV_FOREACH(u, gr->members) {
-                        _cleanup_free_ char *membership = strjoin(*u, ":", gr->group_name, ".membership");
-                        if (!membership)
-                                return log_oom();
-
-                        _cleanup_close_ int fd = openat(*userdb_dir_fd, membership, O_WRONLY|O_CREAT|O_CLOEXEC, 0644);
-                        if (fd < 0)
-                                return log_error_errno(errno, "Failed to create %s: %m", membership);
-
-                        log_info("Installed %s/%s from credential.", userdb_dir, membership);
+                        r = write_membership(*userdb_dir_fd, userdb_dir, *u, gr->group_name);
+                        if (r < 0)
+                                return r;
                }

        if (ur && user_record_disposition(ur) == USER_REGULAR) {