wrap OSICAT:USER-INFO with getent(1) fallback

Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>

2 files changed, 5 insertions, 1 deletions

diff --git a/src/connection/linux-namespace.lisp b/src/connection/linux-namespace.lisp
index 2924f2e..a17b4e4 100644
--- a/src/connection/linux-namespace.lisp
+++ b/src/connection/linux-namespace.lisp
@@ -277,6 +277,8 @@ setgroups(2) is denied in the namespace."
                  (let ((owner (get-userns-owner (caar ns-fds))))
                    (if (zerop owner)
                        (nix:setgroups nil)
+                       ;; We can't use USER:USER-INFO here because we can't
+                       ;; run commands using RUNLINES.
                        (alet (osicat:user-info owner)
                          ;; As a precaution, we could also setuid & setgid to
                          ;; OWNER here.  However, it ought to be meaningless
@@ -330,6 +332,8 @@ setgroups(2) is denied in the namespace."
                (nix:fchdir root-fd) (chroot ".")))
         (mapc #'nix:close opened-fds))
       (when uid
+        ;; We similarly can't use USER:USER-INFO here because we still can't
+        ;; run commands using RUNLINES.
         (alet (or (osicat:user-info uid)
                   (error "~&Could not look up user info for UID ~A." uid))
           (setf user (cdr (assoc :name it)))
diff --git a/src/connection/setuid.lisp b/src/connection/setuid.lisp
index fda100f..5c21020 100644
--- a/src/connection/setuid.lisp
+++ b/src/connection/setuid.lisp
@@ -25,7 +25,7 @@
     (error "~&SETUIDing requires a Lisp image running as root"))
   (informat 1 "~&SETUIDing to ~A" user)
   (let* ((ent
-           (or (osicat:user-info user)
+           (or (user:user-info user)
                (failed-change "~&Could not look up user info for ~A." user)))
 	 (xdg-cache-home
            (ensure-directory-pathname