util/osuser: run getent on non-Linux Unixes

Remove the restriction that getent is skipped on non-Linux unixes. Improve validation of the parsed output from getent, in case unknown systems return unusable information. Fixes tailscale#12730. Signed-off-by: Ross Williams <ross@ross-williams.net>
nshalman · Jul 26, 2024 · 1bf82dd · 1bf82dd
1 parent 6840f47
commit 1bf82dd
Showing 1 changed file with 12 additions and 2 deletions.
diff --git a/util/osuser/user.go b/util/osuser/user.go
@@ -51,8 +51,10 @@ func LookupByUsername(username string) (*user.User, error) {
 type lookupStd func(string) (*user.User, error)
 
 func lookup(usernameOrUID string, std lookupStd, wantShell bool) (*user.User, string, error) {
-	// TODO(awly): we should use genet on more platforms, like FreeBSD.
-	if runtime.GOOS != "linux" {
+	// Skip getent entirely on Non-Unix platforms that won't ever have it.
+	// (Using HasPrefix for "wasip1", anticipating that WASI support will
+	// move beyond "preview 1" some day.)
+	if runtime.GOOS == "windows" || runtime.GOOS == "js" || strings.HasPrefix(runtime.GOOS, "wasi") {
 		u, err := std(usernameOrUID)
 		return u, "", err
 	}
@@ -129,6 +131,14 @@ func userLookupGetent(usernameOrUID string, std lookupStd) (*user.User, string,
 	for len(f) < 7 {
 		f = append(f, "")
 	}
+	var mandatoryFields = []int{0, 2, 3, 5}
+	for _, v := range mandatoryFields {
+		if f[v] == "" {
+			log.Printf("getent for user %q returned invalid output: %q", usernameOrUID, out)
+			u, err := std(usernameOrUID)
+			return u, "", err
+		}
+	}
 	return &user.User{
 		Username: f[0],
 		Uid:      f[2],