users

package

v0.6.1 Latest Latest Go to latest Published: Apr 3, 2026 License: GPL-3.0, LGPL-3.0 Imports: 22 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/canonical/authd

Links

Open Source Insights

Documentation ¶

Overview ¶

Code generated by "idlimitsgenerator"; DO NOT EDIT.

Package users support all common action on the system for user handling.

Index ¶

Variables
type Config
type IDGenerator
- func (g *IDGenerator) GenerateGID(lockedEntries *localentries.UserDBLocked, owner IDOwner) (uint32, func(), error)
- func (g *IDGenerator) GenerateUID(lockedEntries *localentries.UserDBLocked, owner IDOwner) (uint32, func(), error)
type IDGeneratorIface
type IDGeneratorMock
- func (g *IDGeneratorMock) GenerateGID(_ *localentries.UserDBLocked, _ IDOwner) (uint32, func(), error)
- func (g *IDGeneratorMock) GenerateUID(_ *localentries.UserDBLocked, _ IDOwner) (uint32, func(), error)
type IDOwner
type Manager
- func NewManager(config Config, dbDir string, args ...Option) (m *Manager, err error)
type NoDataFoundError
type Option
- func WithIDGenerator(g IDGeneratorIface) Option
type SetGroupIDResp
type SetUserIDResp

Constants ¶

This section is empty.

Variables ¶

View Source

var DefaultConfig = Config{
	UIDMin: 10000,
	UIDMax: 60000,
	GIDMin: 10000,
	GIDMax: 60000,
}

DefaultConfig is the default configuration for the user manager.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	UIDMin uint32 `mapstructure:"uid_min" yaml:"uid_min"`
	UIDMax uint32 `mapstructure:"uid_max" yaml:"uid_max"`
	GIDMin uint32 `mapstructure:"gid_min" yaml:"gid_min"`
	GIDMax uint32 `mapstructure:"gid_max" yaml:"gid_max"`
}

Config is the configuration for the user manager.

type IDGenerator ¶

type IDGenerator struct {
	UIDMin uint32
	UIDMax uint32
	GIDMin uint32
	GIDMax uint32
	// contains filtered or unexported fields
}

IDGenerator is an ID generator that generates UIDs and GIDs in a specific range.

func (*IDGenerator) GenerateGID ¶

func (g *IDGenerator) GenerateGID(lockedEntries *localentries.UserDBLocked, owner IDOwner) (uint32, func(), error)

GenerateGID generates a random GID in the configured range.

func (*IDGenerator) GenerateUID ¶

func (g *IDGenerator) GenerateUID(lockedEntries *localentries.UserDBLocked, owner IDOwner) (uint32, func(), error)

GenerateUID generates a random UID in the configured range.

type IDGeneratorIface ¶

type IDGeneratorIface interface {
	GenerateUID(lockedEntries *localentries.UserDBLocked, owner IDOwner) (uid uint32, cleanup func(), err error)
	GenerateGID(lockedEntries *localentries.UserDBLocked, owner IDOwner) (gid uint32, cleanup func(), err error)
}

IDGeneratorIface is the interface that must be implemented by the ID generator.

type IDGeneratorMock ¶

type IDGeneratorMock struct {
	UIDsToGenerate []uint32
	GIDsToGenerate []uint32
}

IDGeneratorMock is a mock implementation of the IDGenerator interface.

func (*IDGeneratorMock) GenerateGID ¶

func (g *IDGeneratorMock) GenerateGID(_ *localentries.UserDBLocked, _ IDOwner) (uint32, func(), error)

GenerateGID generates a GID.

func (*IDGeneratorMock) GenerateUID ¶

func (g *IDGeneratorMock) GenerateUID(_ *localentries.UserDBLocked, _ IDOwner) (uint32, func(), error)

GenerateUID generates a UID.

type IDOwner ¶

type IDOwner interface {
	UsedUIDs() ([]uint32, error)
	UsedGIDs() ([]uint32, error)
}

IDOwner is the interface that must be implemented by the IDs owner to provide the currently used UIDs and GIDs.

type Manager ¶

type Manager struct {
	// contains filtered or unexported fields
}

Manager is the manager for any user related operation.

func NewManager ¶

func NewManager(config Config, dbDir string, args ...Option) (m *Manager, err error)

NewManager creates a new user manager.

func (*Manager) AllGroups ¶

func (m *Manager) AllGroups() ([]types.GroupEntry, error)

AllGroups returns all groups.

func (*Manager) AllShadows ¶

func (m *Manager) AllShadows() ([]types.ShadowEntry, error)

AllShadows returns all shadow entries.

func (*Manager) AllUsers ¶

func (m *Manager) AllUsers() ([]types.UserEntry, error)

AllUsers returns all users.

func (*Manager) BrokerForUser ¶

func (m *Manager) BrokerForUser(username string) (string, error)

BrokerForUser returns the broker ID for the given user.

func (*Manager) GroupByID ¶

func (m *Manager) GroupByID(gid uint32) (types.GroupEntry, error)

GroupByID returns the group information for the given group ID.

func (*Manager) GroupByName ¶

func (m *Manager) GroupByName(groupname string) (types.GroupEntry, error)

GroupByName returns the group information for the given group name.

func (*Manager) IsUserLocked ¶

func (m *Manager) IsUserLocked(username string) (bool, error)

IsUserLocked returns true if the user with the given user name is locked, false otherwise.

func (*Manager) LockUser ¶

func (m *Manager) LockUser(username string) error

LockUser sets the "locked" field to true for the given user.

func (*Manager) RegisterUserPreAuth ¶

func (m *Manager) RegisterUserPreAuth(name string) (uid uint32, err error)

RegisterUserPreAuth registers a temporary user with a unique UID in our NSS handler (in memory, not in the database).

The temporary user record is removed when UpdateUser is called with the same username.

func (*Manager) SetGroupID ¶

func (m *Manager) SetGroupID(name string, gid uint32) (resp *SetGroupIDResp, err error)

SetGroupID updates the GID of the group with the given name to the specified GID.

func (*Manager) SetUserID ¶

func (m *Manager) SetUserID(name string, uid uint32) (resp *SetUserIDResp, err error)

SetUserID updates the UID of the user with the given name to the specified UID.

func (*Manager) ShadowByName ¶

func (m *Manager) ShadowByName(username string) (types.ShadowEntry, error)

ShadowByName returns the shadow information for the given user name.

func (*Manager) Stop ¶

func (m *Manager) Stop() error

Stop closes the underlying db.

func (*Manager) UnlockUser ¶

func (m *Manager) UnlockUser(username string) error

UnlockUser sets the "locked" field to false for the given user.

func (*Manager) UpdateBrokerForUser ¶

func (m *Manager) UpdateBrokerForUser(username, brokerID string) error

UpdateBrokerForUser updates the broker ID for the given user.

func (*Manager) UpdateUser ¶

func (m *Manager) UpdateUser(u types.UserInfo) (err error)

UpdateUser updates the user information in the db.

func (*Manager) UsedGIDs ¶

func (m *Manager) UsedGIDs() ([]uint32, error)

UsedGIDs returns all group IDs, including the GIDs of temporary pre-auth users.

func (*Manager) UsedUIDs ¶

func (m *Manager) UsedUIDs() ([]uint32, error)

UsedUIDs returns all user IDs, including the UIDs of temporary pre-auth users.

func (*Manager) UserByID ¶

func (m *Manager) UserByID(uid uint32) (types.UserEntry, error)

UserByID returns the user information for the given user ID.

func (*Manager) UserByName ¶

func (m *Manager) UserByName(username string) (types.UserEntry, error)

UserByName returns the user information for the given user name.

type NoDataFoundError ¶

type NoDataFoundError = db.NoDataFoundError

NoDataFoundError is the error returned when no entry is found in the db.

type Option ¶

type Option func(*options)

Option is a function that allows changing some of the default behaviors of the manager.

func WithIDGenerator ¶

func WithIDGenerator(g IDGeneratorIface) Option

WithIDGenerator makes the manager use a specific ID generator. This option is only useful in tests.

type SetGroupIDResp ¶

type SetGroupIDResp struct {
	IDChanged           bool
	HomeDirOwnerChanged bool
	Warnings            []string
}

SetGroupIDResp is the response type of SetGroupID.

type SetUserIDResp ¶

type SetUserIDResp struct {
	IDChanged           bool
	HomeDirOwnerChanged bool
	Warnings            []string
}

SetUserIDResp is the response type of SetUserID.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
db Package db handles transaction with an underlying database to store user and group information.	Package db handles transaction with an underlying database to store user and group information.
bbolt Package bbolt handles transaction with the deprecated bbolt database	Package bbolt handles transaction with the deprecated bbolt database
localentries Package localentries provides functions to access the local user and group database.	Package localentries provides functions to access the local user and group database.
testutils Package localgrouptestutils export users test functionalities used by other packages to change cmdline and group file.	Package localgrouptestutils export users test functionalities used by other packages to change cmdline and group file.
locking Package userslocking implements locking of the local user and group files (/etc/passwd, /etc/groups, /etc/shadow, /etc/gshadow) via the libc lckpwdf() function.	Package userslocking implements locking of the local user and group files (/etc/passwd, /etc/groups, /etc/shadow, /etc/gshadow) via the libc lckpwdf() function.
proc Package proc contains utilities for checking processes via /proc.	Package proc contains utilities for checking processes via /proc.
tempentries Package tempentries provides a temporary pre-authentication records.	Package tempentries provides a temporary pre-authentication records.
testutils Package userstestutils export db test functionalities used by other packages.	Package userstestutils export db test functionalities used by other packages.
types Package types provides types for the users package.	Package types provides types for the users package.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL