util: Add better user lookup functions

When looking up users in fscrypt, we often want to proceed even if the requested uid doesn't appear to be a valid user on the system. This mainly occurs when a user is deleted, but they still have a login protector on disk. Thus, GetUser() with a bad uid creates a fake user with a pretty placeholder name. The corresponding call sites of util.EffectiveUser are changed (often simplifying logic). Various documentation is updated and typos are fixed.
author: Joseph Richey <joerichey94@gmail.com> 2017-10-19 03:15:28 -0700
committer: Joseph Richey <joerichey94@gmail.com> 2017-10-19 03:34:51 -0700
commit: b7de8535f899f2b88d61f4f1264fe6a272196536 (patch)
tree: 4caf8a0e426caf45440b5115664baba12749a11f /pam
parent: 7885d63f644bb49d8da1d8313d5f4870d586a9c1 (diff)
1 files changed, 3 insertions, 5 deletions
diff --git a/pam/pam.go b/pam/pam.go
index 0f20f30..adcb0c2 100644
--- a/pam/pam.go
+++ b/pam/pam.go
@@ -52,8 +52,9 @@ type Handle struct {
 func NewHandle(pamh unsafe.Pointer) (*Handle, error) {
 	var err error
 	h := &Handle{
-		handle: (*C.pam_handle_t)(pamh),
-		status: C.PAM_SUCCESS,
+		handle:   (*C.pam_handle_t)(pamh),
+		status:   C.PAM_SUCCESS,
+		OrigUser: util.CurrentUser(),
 	}
 
 	var pamUsername *C.char
@@ -65,9 +66,6 @@ func NewHandle(pamh unsafe.Pointer) (*Handle, error) {
 	if h.PamUser, err = user.Lookup(C.GoString(pamUsername)); err != nil {
 		return nil, err
 	}
-	if h.OrigUser, err = util.EffectiveUser(); err != nil {
-		return nil, err
-	}
 	return h, nil
 }
author	Joseph Richey <joerichey94@gmail.com>	2017-10-19 03:15:28 -0700
committer	Joseph Richey <joerichey94@gmail.com>	2017-10-19 03:34:51 -0700
commit	b7de8535f899f2b88d61f4f1264fe6a272196536 (patch)
tree	4caf8a0e426caf45440b5115664baba12749a11f /pam
parent	7885d63f644bb49d8da1d8313d5f4870d586a9c1 (diff)