nixpkgs/pkgs/development/libraries/accountsservice/Disable-methods-that-change-files-in-etc.patch

127 lines
4.7 KiB
Diff

From 6f172007452b39bfda5062fc29ea5382671ac16e Mon Sep 17 00:00:00 2001
From: Alexander Ried <ried@mytum.de>
Date: Thu, 26 May 2016 19:54:21 +0200
Subject: [PATCH] Disable methods that change files in /etc
Only if environment variable NIXOS_USERS_PURE is set.
---
src/daemon.c | 10 ++++++++++
src/user.c | 35 +++++++++++++++++++++++++++++++++++
2 files changed, 45 insertions(+)
diff --git a/src/daemon.c b/src/daemon.c
index 861430f..aefaf2d 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -1378,6 +1378,11 @@ daemon_create_user (AccountsAccounts *accounts,
const gchar *real_name,
gint account_type)
{
+ if (getenv("NIXOS_USERS_PURE")) {
+ throw_error (context, ERROR_NOT_SUPPORTED, "Modifying users not supported without users.mutableUsers");
+ return;
+ }
+
Daemon *daemon = (Daemon *) accounts;
CreateUserData *data;
@@ -1581,6 +1586,11 @@ daemon_delete_user (AccountsAccounts *accounts,
gint64 uid,
gboolean remove_files)
{
+ if (getenv("NIXOS_USERS_PURE")) {
+ throw_error (context, ERROR_NOT_SUPPORTED, "Modifying users not supported without users.mutableUsers");
+ return;
+ }
+
Daemon *daemon = (Daemon *) accounts;
DeleteUserData *data;
diff --git a/src/user.c b/src/user.c
index 28170db..df947a1 100644
--- a/src/user.c
+++ b/src/user.c
@@ -1216,6 +1216,11 @@ user_set_real_name (AccountsUser *auser,
GDBusMethodInvocation *context,
const gchar *real_name)
{
+ if (getenv("NIXOS_USERS_PURE")) {
+ throw_error (context, ERROR_NOT_SUPPORTED, "Modifying users not supported without users.mutableUsers");
+ return;
+ }
+
User *user = (User *) auser;
int uid;
const gchar *action_id;
@@ -1293,6 +1298,11 @@ user_set_user_name (AccountsUser *auser,
GDBusMethodInvocation *context,
const gchar *user_name)
{
+ if (getenv("NIXOS_USERS_PURE")) {
+ throw_error (context, ERROR_NOT_SUPPORTED, "Modifying users not supported without users.mutableUsers");
+ return;
+ }
+
User *user = (User *) auser;
daemon_local_check_auth (user->daemon,
@@ -1945,6 +1955,11 @@ user_set_home_directory (AccountsUser *auser,
GDBusMethodInvocation *context,
const gchar *home_dir)
{
+ if (getenv("NIXOS_USERS_PURE")) {
+ throw_error (context, ERROR_NOT_SUPPORTED, "Modifying users not supported without users.mutableUsers");
+ return;
+ }
+
User *user = (User *) auser;
daemon_local_check_auth (user->daemon,
@@ -2000,6 +2015,11 @@ user_set_shell (AccountsUser *auser,
GDBusMethodInvocation *context,
const gchar *shell)
{
+ if (getenv("NIXOS_USERS_PURE")) {
+ throw_error (context, ERROR_NOT_SUPPORTED, "Modifying users not supported without users.mutableUsers");
+ return;
+ }
+
User *user = (User *) auser;
daemon_local_check_auth (user->daemon,
@@ -2249,6 +2269,11 @@ user_set_locked (AccountsUser *auser,
GDBusMethodInvocation *context,
gboolean locked)
{
+ if (getenv("NIXOS_USERS_PURE")) {
+ throw_error (context, ERROR_NOT_SUPPORTED, "Modifying users not supported without users.mutableUsers");
+ return;
+ }
+
User *user = (User *) auser;
daemon_local_check_auth (user->daemon,
@@ -2457,6 +2482,11 @@ user_set_password_mode (AccountsUser *auser,
GDBusMethodInvocation *context,
gint mode)
{
+ if (getenv("NIXOS_USERS_PURE")) {
+ throw_error (context, ERROR_NOT_SUPPORTED, "Modifying users not supported without users.mutableUsers");
+ return;
+ }
+
User *user = (User *) auser;
const gchar *action_id;
gint uid;
@@ -2550,6 +2580,11 @@ user_set_password (AccountsUser *auser,
const gchar *password,
const gchar *hint)
{
+ if (getenv("NIXOS_USERS_PURE")) {
+ throw_error (context, ERROR_NOT_SUPPORTED, "Modifying users not supported without users.mutableUsers");
+ return;
+ }
+
User *user = (User *) auser;
gchar **data;
const gchar *action_id;