static int ask_for_confirmation(char *response, char **argv) {
int saved_stdout = -1, saved_stdin = -1, r;
- char *line;
+ _cleanup_free_ char *line = NULL;
r = setup_confirm_stdio(&saved_stdin, &saved_stdout);
if (r < 0)
return -ENOMEM;
r = ask(response, "yns", "Execute %s? [Yes, No, Skip] ", line);
- free(line);
restore_confirm_stdio(&saved_stdin, &saved_stdout);
return -ENOMEM;
our_env[n_env++] = x;
- if (asprintf(&x, "WATCHDOG_USEC=%llu", (unsigned long long) watchdog_usec) < 0)
+ if (asprintf(&x, "WATCHDOG_USEC="USEC_FMT, watchdog_usec) < 0)
return -ENOMEM;
our_env[n_env++] = x;
}
!strv_isempty(context->inaccessible_dirs) ||
context->mount_flags != 0 ||
(context->private_tmp && runtime && (runtime->tmp_dir || runtime->var_tmp_dir)) ||
- context->private_devices) {
+ context->private_devices ||
+ context->protect_system != PROTECT_SYSTEM_NO ||
+ context->protect_home != PROTECT_HOME_NO) {
char *tmp = NULL, *var = NULL;
tmp,
var,
context->private_devices,
+ context->protect_home,
+ context->protect_system,
context->mount_flags);
-
if (err < 0) {
r = EXIT_NAMESPACE;
goto fail_child;
}
static bool tty_may_match_dev_console(const char *tty) {
- char *active = NULL, *console;
- bool b;
+ _cleanup_free_ char *active = NULL;
+ char *console;
if (startswith(tty, "/dev/"))
tty += 5;
return true;
/* "tty0" means the active VC, so it may be the same sometimes */
- b = streq(console, tty) || (streq(console, "tty0") && tty_is_vc(tty));
- free(active);
-
- return b;
+ return streq(console, tty) || (streq(console, "tty0") && tty_is_vc(tty));
}
bool exec_context_may_touch_console(ExecContext *ec) {
"%sPrivateTmp: %s\n"
"%sPrivateNetwork: %s\n"
"%sPrivateDevices: %s\n"
+ "%sProtectHome: %s\n"
+ "%sProtectSystem: %s\n"
"%sIgnoreSIGPIPE: %s\n",
prefix, c->umask,
prefix, c->working_directory ? c->working_directory : "/",
prefix, yes_no(c->private_tmp),
prefix, yes_no(c->private_network),
prefix, yes_no(c->private_devices),
+ prefix, protect_home_to_string(c->protect_home),
+ prefix, protect_system_to_string(c->protect_system),
prefix, yes_no(c->ignore_sigpipe));
STRV_FOREACH(e, c->environment)
for (i = 0; i < RLIM_NLIMITS; i++)
if (c->rlimit[i])
- fprintf(f, "%s%s: %llu\n", prefix, rlimit_to_string(i), (unsigned long long) c->rlimit[i]->rlim_max);
+ fprintf(f, "%s%s: "RLIM_FMT"\n",
+ prefix, rlimit_to_string(i), c->rlimit[i]->rlim_max);
if (c->ioprio_set) {
_cleanup_free_ char *class_str = NULL;
}
void exec_command_dump(ExecCommand *c, FILE *f, const char *prefix) {
- char *p2;
+ _cleanup_free_ char *p2 = NULL;
const char *prefix2;
- char *cmd;
+ _cleanup_free_ char *cmd = NULL;
assert(c);
assert(f);
"%sCommand Line: %s\n",
prefix, cmd ? cmd : strerror(ENOMEM));
- free(cmd);
-
exec_status_dump(&c->exec_status, f, prefix2);
-
- free(p2);
}
void exec_command_dump_list(ExecCommand *c, FILE *f, const char *prefix) {