X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fcore%2Fexecute.c;h=5767037acde73250f8437d0bf98e24143fc2cb3e;hb=a6b26d9011de60e1c41f51e8d2aab1d2f7bbf0f5;hp=f7353579e9ff4fa517c8d3e19ed1ace52618b7dd;hpb=e62d8c3944745ed276e6d4f33153009860e5cfc5;p=elogind.git diff --git a/src/core/execute.c b/src/core/execute.c index f7353579e..5767037ac 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -205,7 +205,10 @@ static int open_null_as(int flags, int nfd) { static int connect_logger_as(const ExecContext *context, ExecOutput output, const char *ident, const char *unit_id, int nfd) { int fd, r; - union sockaddr_union sa; + union sockaddr_union sa = { + .un.sun_family = AF_UNIX, + .un.sun_path = "/run/systemd/journal/stdout", + }; assert(context); assert(output < _EXEC_OUTPUT_MAX); @@ -216,10 +219,6 @@ static int connect_logger_as(const ExecContext *context, ExecOutput output, cons if (fd < 0) return -errno; - zero(sa); - sa.un.sun_family = AF_UNIX; - strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path)); - r = connect(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path)); if (r < 0) { close_nointr_nofail(fd); @@ -938,7 +937,7 @@ static int apply_seccomp(uint32_t *syscall_filter) { int i; unsigned n; struct sock_filter *f; - struct sock_fprog prog; + struct sock_fprog prog = {}; assert(syscall_filter); @@ -970,7 +969,6 @@ static int apply_seccomp(uint32_t *syscall_filter) { memcpy(f + (ELEMENTSOF(header) + 2*n), footer, sizeof(footer)); /* Third: install the filter */ - zero(prog); prog.len = ELEMENTSOF(header) + ELEMENTSOF(footer) + 2*n; prog.filter = f; if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog) < 0) @@ -999,7 +997,7 @@ int exec_spawn(ExecCommand *command, int r; char *line; int socket_fd; - char _cleanup_strv_free_ **files_env = NULL; + _cleanup_strv_free_ char **files_env = NULL; assert(command); assert(context); @@ -1038,15 +1036,21 @@ int exec_spawn(ExecCommand *command, return log_oom(); log_struct_unit(LOG_DEBUG, - unit_id, - "MESSAGE=About to execute %s", line, - NULL); + unit_id, + "EXECUTABLE=%s", command->path, + "MESSAGE=About to execute: %s", line, + NULL); free(line); r = cgroup_bonding_realize_list(cgroup_bondings); if (r < 0) return r; + /* We must initialize the attributes in the parent, before we + fork, because we really need them initialized before making + the process a member of the group (which we do in both the + child and the parent), and we cannot really apply them twice + (due to 'append' style attributes) */ cgroup_attribute_apply_list(cgroup_attributes, cgroup_bondings); if (context->private_tmp && !context->tmp_dir && !context->var_tmp_dir) { @@ -1065,7 +1069,7 @@ int exec_spawn(ExecCommand *command, const char *username = NULL, *home = NULL; uid_t uid = (uid_t) -1; gid_t gid = (gid_t) -1; - char _cleanup_strv_free_ **our_env = NULL, **pam_env = NULL, + _cleanup_strv_free_ char **our_env = NULL, **pam_env = NULL, **final_env = NULL, **final_argv = NULL; unsigned n_env = 0; bool set_access = false; @@ -1195,7 +1199,7 @@ int exec_spawn(ExecCommand *command, snprintf(t, sizeof(t), "%i", context->oom_score_adjust); char_array_0(t); - if (write_one_line_file("/proc/self/oom_score_adj", t) < 0) { + if (write_string_file("/proc/self/oom_score_adj", t) < 0) { err = -errno; r = EXIT_OOM_ADJUST; goto fail_child; @@ -1210,10 +1214,9 @@ int exec_spawn(ExecCommand *command, } if (context->cpu_sched_set) { - struct sched_param param; - - zero(param); - param.sched_priority = context->cpu_sched_priority; + struct sched_param param = { + .sched_priority = context->cpu_sched_priority, + }; r = sched_setscheduler(0, context->cpu_sched_policy | @@ -1270,7 +1273,12 @@ int exec_spawn(ExecCommand *command, if (cgroup_bondings && context->control_group_modify) { err = cgroup_bonding_set_group_access_list(cgroup_bondings, 0755, uid, gid); if (err >= 0) - err = cgroup_bonding_set_task_access_list(cgroup_bondings, 0644, uid, gid, context->control_group_persistent); + err = cgroup_bonding_set_task_access_list( + cgroup_bondings, + 0644, + uid, + gid, + context->control_group_persistent); if (err < 0) { r = EXIT_CGROUP; goto fail_child; @@ -1281,7 +1289,12 @@ int exec_spawn(ExecCommand *command, } if (cgroup_bondings && !set_access && context->control_group_persistent >= 0) { - err = cgroup_bonding_set_task_access_list(cgroup_bondings, (mode_t) -1, (uid_t) -1, (uid_t) -1, context->control_group_persistent); + err = cgroup_bonding_set_task_access_list( + cgroup_bondings, + (mode_t) -1, + (uid_t) -1, + (uid_t) -1, + context->control_group_persistent); if (err < 0) { r = EXIT_CGROUP; goto fail_child; @@ -1349,7 +1362,7 @@ int exec_spawn(ExecCommand *command, goto fail_child; } } else { - char _cleanup_free_ *d = NULL; + _cleanup_free_ char *d = NULL; if (asprintf(&d, "%s/%s", context->root_directory ? context->root_directory : "", @@ -1504,6 +1517,20 @@ int exec_spawn(ExecCommand *command, final_env = strv_env_clean(final_env); + if (_unlikely_(log_get_max_level() >= LOG_PRI(LOG_DEBUG))) { + line = exec_command_line(final_argv); + if (line) { + log_open(); + log_struct_unit(LOG_DEBUG, + unit_id, + "EXECUTABLE=%s", command->path, + "MESSAGE=Executing: %s", line, + NULL); + log_close(); + free(line); + line = NULL; + } + } execve(command->path, final_argv, final_env); err = -errno; r = EXIT_EXEC; @@ -1535,8 +1562,7 @@ int exec_spawn(ExecCommand *command, * outside of the cgroup) and in the parent (so that we can be * sure that when we kill the cgroup the process will be * killed too). */ - if (cgroup_bondings) - cgroup_bonding_install_list(cgroup_bondings, pid, cgroup_suffix); + cgroup_bonding_install_list(cgroup_bondings, pid, cgroup_suffix); exec_status_start(&command->exec_status, pid); @@ -1701,7 +1727,7 @@ int exec_context_load_environment(const ExecContext *c, char ***l) { int k; bool ignore = false; char **p; - glob_t pglob; + _cleanup_globfree_ glob_t pglob = {}; int count, n; fn = *i; @@ -1712,7 +1738,6 @@ int exec_context_load_environment(const ExecContext *c, char ***l) { } if (!path_is_absolute(fn)) { - if (ignore) continue; @@ -1721,10 +1746,8 @@ int exec_context_load_environment(const ExecContext *c, char ***l) { } /* Filename supports globbing, take all matching files */ - zero(pglob); errno = 0; if (glob(fn, 0, NULL, &pglob) != 0) { - globfree(&pglob); if (ignore) continue; @@ -1733,7 +1756,6 @@ int exec_context_load_environment(const ExecContext *c, char ***l) { } count = pglob.gl_pathc; if (count == 0) { - globfree(&pglob); if (ignore) continue; @@ -1741,15 +1763,17 @@ int exec_context_load_environment(const ExecContext *c, char ***l) { return -EINVAL; } for (n = 0; n < count; n++) { - k = load_env_file(pglob.gl_pathv[n], &p); + k = load_env_file(pglob.gl_pathv[n], NULL, &p); if (k < 0) { if (ignore) continue; strv_free(r); - globfree(&pglob); return k; } + /* Log invalid environment variables with filename */ + if (p) + p = strv_env_clean_log(p, pglob.gl_pathv[n]); if (r == NULL) r = p; @@ -1759,16 +1783,12 @@ int exec_context_load_environment(const ExecContext *c, char ***l) { m = strv_env_merge(2, r, p); strv_free(r); strv_free(p); - - if (!m) { - globfree(&pglob); + if (!m) return -ENOMEM; - } r = m; } } - globfree(&pglob); } *l = r;