user_mgr: Fix potential out-of-bounds access

If the sysconf method returns -1, an out-of-bounds access problem
will occur when declaring the following vector:
```
std::vector<char> buffer(buflen);
`

user_mgr: Fix potential out-of-bounds access

If the sysconf method returns -1, an out-of-bounds access problem
will occur when declaring the following vector:
```
std::vector<char> buffer(buflen);
```

Signed-off-by: George Liu <liuxiwei@ieisystem.com>
Change-Id: I1887cc418c40b01d839f9c0e25bef09a2605973b

show more ...

Fix MD001 warnings

The following warnings are generated by using markdownlint analysis:
```
docs/README.md:10 MD001/heading-increment Heading levels should only increment by one level at a time [Exp

Fix MD001 warnings

The following warnings are generated by using markdownlint analysis:
```
docs/README.md:10 MD001/heading-increment Heading levels should only increment by one level at a time [Expected: h3; Actual: h4]
```
Refer to markdown-lint [1] to fix MD001
[1]: https://github.com/updownpress/markdown-lint/blob/master/rules/001-header-increment.md

Signed-off-by: George Liu <liuxiwei@ieisystem.com>
Change-Id: I55d5132edb76bd2e46ea34d579b6a7b264581059

show more ...

Fix MD041 warnings

The following warnings are generated by using markdownlint analysis:
```
docs/README.md:1 MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading

Fix MD041 warnings

The following warnings are generated by using markdownlint analysis:
```
docs/README.md:1 MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "## To Build"]
```
Refer to markdown-lint [1] to fix MD041
[1]: https://github.com/updownpress/markdown-lint/blob/master/rules/041-first-line-h1.md

Signed-off-by: George Liu <liuxiwei@ieisystem.com>
Change-Id: I2bdb36a03a1e3d454f30f69ebbb95b21cacd32f8

show more ...

clang-format: re-format for clang-18

clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda forma

clang-format: re-format for clang-18

clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda formatting also changed, so we have made changes to the
organization default style format to better handle lambda formatting.

See I5e08687e696dd240402a2780158664b7113def0e for updated style.
See Iea0776aaa7edd483fa395e23de25ebf5a6288f71 for clang-18 enablement.

Change-Id: I75bbf0de40859a5e507455a52ceaef9be5b686c7
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Fix spelling mistakes using codespell

This commit corrects various spelling mistakes throughout the
repository. The corrections were made automatically using `codespell`[1]
tool.

[1]: https://githu

Fix spelling mistakes using codespell

This commit corrects various spelling mistakes throughout the
repository. The corrections were made automatically using `codespell`[1]
tool.

[1]: https://github.com/codespell-project/codespell

Change-Id: Ic3b71f8cc63e423ca725ce0480fa6686340207c9
Signed-off-by: Manojkiran Eda <manojkiran.eda@gmail.com>

show more ...

Fix MD040 warnings

The following warnings are generated by using markdownlint analysis:
```
MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
```
Refer

Fix MD040 warnings

The following warnings are generated by using markdownlint analysis:
```
MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
```
Refer to markdown-lint [1] to fix MD040
[1]: https://github.com/updownpress/markdown-lint/blob/master/rules/040-fenced-code-language.md

Signed-off-by: George Liu <liuxiwei@ieisystem.com>
Change-Id: Ib455fe1ac0113d54115f8a15ecb6cd4bfcc07681

show more ...

Fix spelling mistakes using codespell

This commit corrects various spelling mistakes throughout the
repository. The corrections were made automatically using `codespell`[1]
tool.

[1]: https://githu

Fix spelling mistakes using codespell

This commit corrects various spelling mistakes throughout the
repository. The corrections were made automatically using `codespell`[1]
tool.

[1]: https://github.com/codespell-project/codespell

Change-Id: I6959d908cd7b216568963488ead0f3d6ed4a6611
Signed-off-by: Manojkiran Eda <manojkiran.eda@gmail.com>

show more ...

Remove DEFAULT_CRYPT_ALGO meson configuration variables

This commit removes unused DEFAULT_CRYPT_ALGO meson configuration
variable

Change-Id: Ibc517e12f9cec20c951c4193797ff2beaec7e99f
Signed-off-by

Remove DEFAULT_CRYPT_ALGO meson configuration variables

This commit removes unused DEFAULT_CRYPT_ALGO meson configuration
variable

Change-Id: Ibc517e12f9cec20c951c4193797ff2beaec7e99f
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>

show more ...

OWNERS: Add Ravi Teja as a owner

I have worked on various features and fixed several issues in this
user-manager repository and redfish AccountService

I have a thorough understanding of LDAP and us

OWNERS: Add Ravi Teja as a owner

I have worked on various features and fixed several issues in this
user-manager repository and redfish AccountService

I have a thorough understanding of LDAP and user-manager
Thus, I am applying to be a maintainer of this repo. Hope i can
contribute more and help the OpenBMC community.

Here is my contributions in this repository
[1] https://github.com/openbmc/phosphor-user-manager/commits?author=raviteja-b

Change-Id: I50c689ebf5dbcb9f0ea28d3a8de0decdc0069b9b
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>

show more ...

Remove systemd meson configuration variables

This commit removes meson configuration variables which are not actually
configurable and can be hardcoded.

Change-Id: Id9d198bf6562e108b8a7472e770e6d8b

Remove systemd meson configuration variables

This commit removes meson configuration variables which are not actually
configurable and can be hardcoded.

Change-Id: Id9d198bf6562e108b8a7472e770e6d8bb84e2684
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>

show more ...

Remove web user group

This 'web' group is currently not doing anything and is considered to be
equivalent to 'redfish'.

Change-Id: I20a0a7e3a0bff3128e8e391317045a71038d119b
Signed-off-by: Ravi Teja

Remove web user group

This 'web' group is currently not doing anything and is considered to be
equivalent to 'redfish'.

Change-Id: I20a0a7e3a0bff3128e8e391317045a71038d119b
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>

show more ...

meson: Provide wrap file for boost

Currently local build on the system without boost can fail with
the following message:
"""
meson.build: ERROR: Dependency "boost" not found, tried system
"""
Provi

meson: Provide wrap file for boost

Currently local build on the system without boost can fail with
the following message:
"""
meson.build: ERROR: Dependency "boost" not found, tried system
"""
Provide "boost.wrap" file to fix the issue.

Change-Id: I596524f744cbe4ed0d43f464d23c67fef8886ee9
Signed-off-by: Konstantin Aladyshev <aladyshev22@gmail.com>

show more ...

meson: Add boost to the dependencies

Since the project uses boost library add it to meson dependencies.

Tested:
Local build no longer fails with a missing boost headers message on the
system withou

meson: Add boost to the dependencies

Since the project uses boost library add it to meson dependencies.

Tested:
Local build no longer fails with a missing boost headers message on the
system without boost, but fails at the "meson setup build" stage with
an appropriate message.

Change-Id: I872159dcec923d289626b532146c9eb8d5461e1c
Signed-off-by: Konstantin Aladyshev <aladyshev22@gmail.com>

show more ...

meson: Fix local cereal build

Currently local build is failing with a message:
"""
cereal| Exception: Failed to configure the CMake subproject: Could NOT
find Boost (missing: Boost_INCLUDE_DIR seria

meson: Fix local cereal build

Currently local build is failing with a message:
"""
cereal| Exception: Failed to configure the CMake subproject: Could NOT
find Boost (missing: Boost_INCLUDE_DIR serialization)
Subproject subprojects/cereal is buildable: NO (disabling)
"""
Since cereal requires boost only for the sandbox build and this
functionality is not needed, add option to skip building performance
sandbox comparison to solve the issue.

Tested:
"meson setup build" no longer fails with the cereal error.

Change-Id: Idbb40f930ee5633b2aac88ab6bd20dbafdbcad4e
Signed-off-by: Konstantin Aladyshev <aladyshev22@gmail.com>

show more ...

BugFix: user name contains invalid characters

There is an typo in the policy "[a-zA-z_]" configuration.
It it should be "[a-zA-Z_]"
BTW: Group name has the same issue, fix it by the way.

Tested: Cr

BugFix: user name contains invalid characters

There is an typo in the policy "[a-zA-z_]" configuration.
It it should be "[a-zA-Z_]"
BTW: Group name has the same issue, fix it by the way.

Tested: Create a username contains invalid characters like: ^, [, or ].

Before: invalid character can be added as username
ipmitool user list 1
ID Name Callin
4 ^test true
5 [test true
7 ]test true
8 _test true

After: error will be returned once user name has invalid character.
ipmitool user set name 4 ^test4
Set User Name command failed (user 4, name ^test4): Unspecified error

UnitTest is added.

Change-Id: I86b062faea84906dde7cf37a0d51631d78526cb1
Signed-off-by: nichanghao.nch <nichanghao@linux.alibaba.com>
Signed-off-by: Kwin Wang <wangkuiying.wky@alibaba-inc.com>

show more ...

build: use allowed over enabled

Meson feature options are typically in a tri-state of enabled, disabled,
or auto. The enabled and disabled functions on an option (from
`get_option`) no longer retur

build: use allowed over enabled

Meson feature options are typically in a tri-state of enabled, disabled,
or auto. The enabled and disabled functions on an option (from
`get_option`) no longer return true for auto features. Instead, the
expectation is to use `allowed()` which is true for both enabled and auto.

Switch all uses of `enabled` to `allowed`.

Change-Id: I50f949d6323c4ff17e48901a56f7e34a76ca46db
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Update README file

This commit updates meson build steps

Change-Id: Iae3d995e47075fe8d7d31d78afbe91f81183a530
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>

Add Ravi Teja as a reviewer

I have worked on various features and fixed several issues
in this user-manager repository.
I have thorough understanding of LDAP and user-manager

Here is my contributio

Add Ravi Teja as a reviewer

I have worked on various features and fixed several issues
in this user-manager repository.
I have thorough understanding of LDAP and user-manager

Here is my contribution in this repository
https://github.com/openbmc/phosphor-user-manager/commits?author=raviteja-b

Thus, I apply to be a reviewer of this repo. Hope I can contribute
more and help the OpenBMC community.

Change-Id: Id79f7884255ab99731c64e508f597955bf3a062f
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>

show more ...

clang-format: copy latest and re-format

clang-format-17 has some backwards incompatible changes that require
additional settings for best compatibility and re-running the formatter.
Copy the latest

clang-format: copy latest and re-format

clang-format-17 has some backwards incompatible changes that require
additional settings for best compatibility and re-running the formatter.
Copy the latest .clang-format from the docs repository and reformat the
repository.

Change-Id: I094854676307faf5395459925ff0750f1402e578
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Fix user account status for manually blocked users

User account status in web interface is displayed incorrectly
if account is disabled (or enabled) via ssh.

Test manually:
1. Create new user using

Fix user account status for manually blocked users

User account status in web interface is displayed incorrectly
if account is disabled (or enabled) via ssh.

Test manually:
1. Create new user using web interface
2. Change user account expiration date via ssh
chage -E 1970-01-01 <new user>
User account is blocked
3. Check user status in web interface.
Blocked user account status should be displayed as "Disabled".

Change-Id: I15e93a87653289b5ba76313895da0cf7e5dd2c7c
Signed-off-by: Denis Zlobin <zlobin.d.al@gmail.com>

show more ...

Change authority D-Bus names

Changing authority service references in code from 'ldap' to more
generic name, to comply with change in phosphor-certificate-manager.

Related change:
https://gerrit.op

Change authority D-Bus names

Changing authority service references in code from 'ldap' to more
generic name, to comply with change in phosphor-certificate-manager.

Related change:
https://gerrit.openbmc.org/c/openbmc/phosphor-certificate-manager/+/65458

Tested:
Adding, reading and removal of CA Certificate via Redfish works without
any noticeable regression.

Change-Id: Ia0517844c5f1d8eb55c4dec156f409fd6875a502
Signed-off-by: Michal Orzel <michalx.orzel@intel.com>

show more ...

meson_options.txt: Support for reading options from meson.options

Support has been added for reading options from meson.options instead
of meson_options.txt[1]. These are equivalent, but not using t

meson_options.txt: Support for reading options from meson.options

Support has been added for reading options from meson.options instead
of meson_options.txt[1]. These are equivalent, but not using the .txt
extension for a build file has a few advantages, chief among them
many tools and text editors expect a file with the .txt extension to
be plain text files, not build scripts.

[1] https://mesonbuild.com/Release-notes-for-1-1-0.html#support-for-reading-options-from-mesonoptions

Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: Iab40a5275372ff7587688058491ac80578e99ee9

show more ...

build: upgrade to C++23

Meson 1.1.1 and GCC-13 both support C++23 and a sufficient portion of
the standard has been implemented. Upgrade the build to leverage it.

Change-Id: I4e97f90311b6aab496bbc

build: upgrade to C++23

Meson 1.1.1 and GCC-13 both support C++23 and a sufficient portion of
the standard has been implemented. Upgrade the build to leverage it.

Change-Id: I4e97f90311b6aab496bbc029a8e765f28a880e47
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Update pam_pwhistory to use pwhistory.conf

With libpam 1.5.3, pam_pwhistory added support to get configuration
options from pwhistory.conf similar to faillock and pwquality.

This updates pam_pwhist

Update pam_pwhistory to use pwhistory.conf

With libpam 1.5.3, pam_pwhistory added support to get configuration
options from pwhistory.conf similar to faillock and pwquality.

This updates pam_pwhistory to use pwhistory.conf for the remember
setting.

pwhistory remember was the last setting directly using the
common-password file, so this also removes the two functions to get and
set PAM module arg values which resolves #16.

Tested:
Confirmed that getting and setting the RememberOldPasswordTimes D-Bus
property gets and sets the remember value in pwhistory.conf.

Change-Id: If8f90720c120c5c49e2b8b4a840a427d46ffc7d9
Signed-off-by: Jason M. Bills <jason.m.bills@intel.com>

show more ...

Remove Richard

Richard has left the project and asked that I remove him from the OWNERS
file.

Change-Id: I891f3711d5852b96319c73be0954f18ed7a3c956
Signed-off-by: Jason M. Bills <jason.m.bills@intel

Remove Richard

Richard has left the project and asked that I remove him from the OWNERS
file.

Change-Id: I891f3711d5852b96319c73be0954f18ed7a3c956
Signed-off-by: Jason M. Bills <jason.m.bills@intel.com>

show more ...