X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fcore%2Fload-fragment.c;h=e9659ca344a7e95bd181388bddcee126f6cbf0a5;hb=f131770b1465fbf423881f16ba85523a05f846fe;hp=b4da6a550eba27912a93996a5b2869511889c328;hpb=5369c77d2ee864ac0464d4adc0774ee70ba9c4bc;p=elogind.git diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c index b4da6a550..e9659ca34 100644 --- a/src/core/load-fragment.c +++ b/src/core/load-fragment.c @@ -59,12 +59,12 @@ #include "bus-error.h" #include "errno-list.h" #include "af-list.h" +#include "cap-list.h" #ifdef HAVE_SECCOMP #include "seccomp-util.h" #endif -#if !defined(HAVE_SYSV_COMPAT) || !defined(HAVE_SECCOMP) || !defined(HAVE_PAM) || !defined(HAVE_SELINUX) || !defined(HAVE_SMACK) || !defined(HAVE_APPARMOR) int config_parse_warn_compat( const char *unit, const char *filename, @@ -76,13 +76,25 @@ int config_parse_warn_compat( const char *rvalue, void *data, void *userdata) { + Disabled reason = ltype; + + switch(reason) { + case DISABLED_CONFIGURATION: + log_syntax(unit, LOG_DEBUG, filename, line, EINVAL, + "Support for option %s= has been disabled at compile time and it is ignored", lvalue); + break; + case DISABLED_LEGACY: + log_syntax(unit, LOG_INFO, filename, line, EINVAL, + "Support for option %s= has been removed and it is ignored", lvalue); + break; + case DISABLED_EXPERIMENTAL: + log_syntax(unit, LOG_INFO, filename, line, EINVAL, + "Support for option %s= has not yet been enabled and it is ignored", lvalue); + break; + }; - log_syntax(unit, LOG_DEBUG, filename, line, EINVAL, - "Support for option %s= has been disabled at compile time and is ignored", - lvalue); return 0; } -#endif int config_parse_unit_deps(const char *unit, const char *filename, @@ -288,7 +300,8 @@ int config_parse_socket_listen(const char *unit, void *data, void *userdata) { - SocketPort *p, *tail; + _cleanup_free_ SocketPort *p = NULL; + SocketPort *tail; Socket *s; int r; @@ -315,10 +328,9 @@ int config_parse_socket_listen(const char *unit, r = unit_full_printf(UNIT(s), rvalue, &p->path); if (r < 0) { p->path = strdup(rvalue); - if (!p->path) { - free(p); + if (!p->path) return log_oom(); - } else + else log_syntax(unit, LOG_ERR, filename, line, -r, "Failed to resolve unit specifiers on %s, ignoring: %s", rvalue, strerror(-r)); } @@ -334,11 +346,10 @@ int config_parse_socket_listen(const char *unit, log_syntax(unit, LOG_ERR, filename, line, -r, "Failed to resolve unit specifiers on %s, ignoring: %s", rvalue, strerror(-r)); - r = socket_address_parse_netlink(&p->address, k ? k : rvalue); + r = socket_address_parse_netlink(&p->address, k ?: rvalue); if (r < 0) { log_syntax(unit, LOG_ERR, filename, line, -r, "Failed to parse address value, ignoring: %s", rvalue); - free(p); return 0; } @@ -355,7 +366,6 @@ int config_parse_socket_listen(const char *unit, if (r < 0) { log_syntax(unit, LOG_ERR, filename, line, -r, "Failed to parse address value, ignoring: %s", rvalue); - free(p); return 0; } @@ -371,7 +381,6 @@ int config_parse_socket_listen(const char *unit, if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) { log_syntax(unit, LOG_ERR, filename, line, ENOTSUP, "Address family not supported, ignoring: %s", rvalue); - free(p); return 0; } } @@ -384,6 +393,7 @@ int config_parse_socket_listen(const char *unit, LIST_INSERT_AFTER(port, s->ports, tail, p); } else LIST_PREPEND(port, s->ports, p); + p = NULL; return 0; } @@ -528,8 +538,7 @@ int config_parse_exec(const char *unit, if (isempty(rvalue)) { /* An empty assignment resets the list */ - exec_command_free_list(*e); - *e = NULL; + *e = exec_command_free_list(*e); return 0; } @@ -538,9 +547,9 @@ int config_parse_exec(const char *unit, * overriding of argv[0]. */ for (;;) { int i; - const char *word, *state; + const char *word, *state, *reason; size_t l; - bool honour_argv0 = false, ignore = false; + bool separate_argv0 = false, ignore = false; path = NULL; nce = NULL; @@ -551,28 +560,23 @@ int config_parse_exec(const char *unit, if (rvalue[0] == 0) break; - for (i = 0; i < 2; i++) { - if (rvalue[0] == '-' && !ignore) { - ignore = true; - rvalue ++; - } - - if (rvalue[0] == '@' && !honour_argv0) { - honour_argv0 = true; - rvalue ++; - } - } - - if (*rvalue != '/') { - log_syntax(unit, LOG_ERR, filename, line, EINVAL, - "Executable path is not absolute, ignoring: %s", rvalue); - return 0; - } - k = 0; FOREACH_WORD_QUOTED(word, l, rvalue, state) { - if (strneq(word, ";", MAX(l, 1U))) - goto found; + if (k == 0) { + for (i = 0; i < 2; i++) { + if (*word == '-' && !ignore) { + ignore = true; + word ++; + } + + if (*word == '@' && !separate_argv0) { + separate_argv0 = true; + word ++; + } + } + } else + if (strneq(word, ";", MAX(l, 1U))) + goto found; k++; } @@ -583,58 +587,69 @@ int config_parse_exec(const char *unit, } found: - n = new(char*, k + !honour_argv0); + n = new(char*, k + !separate_argv0); if (!n) return log_oom(); k = 0; FOREACH_WORD_QUOTED(word, l, rvalue, state) { - if (strneq(word, ";", MAX(l, 1U))) - break; - else if (strneq(word, "\\;", MAX(l, 1U))) - word ++; + char *c; + unsigned skip; - if (honour_argv0 && word == rvalue) { - assert(!path); + if (separate_argv0 ? path == NULL : k == 0) { + /* first word, very special */ + skip = separate_argv0 + ignore; - path = strndup(word, l); - if (!path) { - r = log_oom(); - goto fail; - } + /* skip special chars in the beginning */ + assert(skip < l); - if (!utf8_is_valid(path)) { - log_invalid_utf8(unit, LOG_ERR, filename, line, EINVAL, rvalue); - r = 0; - goto fail; - } + } else if (strneq(word, ";", MAX(l, 1U))) + /* new commandline */ + break; - } else { - char *c; + else + skip = strneq(word, "\\;", MAX(l, 1U)); - c = n[k++] = cunescape_length(word, l); - if (!c) { - r = log_oom(); - goto fail; - } + c = cunescape_length(word + skip, l - skip); + if (!c) { + r = log_oom(); + goto fail; + } - if (!utf8_is_valid(c)) { - log_invalid_utf8(unit, LOG_ERR, filename, line, EINVAL, rvalue); - r = 0; - goto fail; - } + if (!utf8_is_valid(c)) { + log_invalid_utf8(unit, LOG_ERR, filename, line, EINVAL, rvalue); + r = 0; + goto fail; } + + /* where to stuff this? */ + if (separate_argv0 && path == NULL) + path = c; + else + n[k++] = c; } n[k] = NULL; - if (!n[0]) { - log_syntax(unit, LOG_ERR, filename, line, EINVAL, - "Invalid command line, ignoring: %s", rvalue); - r = 0; - goto fail; - } + log_debug("path: %s", path ?: n[0]); + if (!n[0]) + reason = "Empty executable name or zeroeth argument"; + else if (!string_is_safe(path ?: n[0])) + reason = "Executable path contains special characters"; + else if (!path_is_absolute(path ?: n[0])) + reason = "Executable path is not absolute"; + else if (endswith(path ?: n[0], "/")) + reason = "Executable path specifies a directory"; + else + goto ok; + + log_syntax(unit, LOG_ERR, filename, line, EINVAL, + "%s, ignoring: %s", reason, rvalue); + r = 0; + goto fail; + +ok: if (!path) { path = strdup(n[0]); if (!path) { @@ -643,8 +658,6 @@ int config_parse_exec(const char *unit, } } - assert(path_is_absolute(path)); - nce = new0(ExecCommand, 1); if (!nce) { r = log_oom(); @@ -1031,17 +1044,15 @@ int config_parse_bounding_set(const char *unit, FOREACH_WORD_QUOTED(word, l, rvalue, state) { _cleanup_free_ char *t = NULL; - int r; - cap_value_t cap; + int cap; t = strndup(word, l); if (!t) return log_oom(); - r = cap_from_name(t, &cap); - if (r < 0) { - log_syntax(unit, LOG_ERR, filename, line, errno, - "Failed to parse capability in bounding set, ignoring: %s", t); + cap = capability_from_name(t); + if (cap < 0) { + log_syntax(unit, LOG_ERR, filename, line, errno, "Failed to parse capability in bounding set, ignoring: %s", t); continue; } @@ -1315,6 +1326,56 @@ int config_parse_exec_apparmor_profile( return 0; } +int config_parse_exec_smack_process_label( + const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { + + ExecContext *c = data; + Unit *u = userdata; + bool ignore; + char *k; + int r; + + assert(filename); + assert(lvalue); + assert(rvalue); + assert(data); + + if (isempty(rvalue)) { + free(c->smack_process_label); + c->smack_process_label = NULL; + c->smack_process_label_ignore = false; + return 0; + } + + if (rvalue[0] == '-') { + ignore = true; + rvalue++; + } else + ignore = false; + + r = unit_name_printf(u, rvalue, &k); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, -r, + "Failed to resolve specifiers, ignoring: %s", strerror(-r)); + return 0; + } + + free(c->smack_process_label); + c->smack_process_label = k; + c->smack_process_label_ignore = ignore; + + return 0; +} + int config_parse_timer(const char *unit, const char *filename, unsigned line, @@ -1367,8 +1428,10 @@ int config_parse_timer(const char *unit, } v = new0(TimerValue, 1); - if (!v) + if (!v) { + calendar_spec_free(c); return log_oom(); + } v->base = b; v->value = u; @@ -1752,6 +1815,62 @@ int config_parse_bus_policy( return 0; } +int config_parse_bus_endpoint_policy( + const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { + + _cleanup_free_ char *name = NULL; + BusPolicyAccess access; + ExecContext *c = data; + char *access_str; + int r; + + assert(filename); + assert(lvalue); + assert(rvalue); + assert(data); + + name = strdup(rvalue); + if (!name) + return log_oom(); + + access_str = strpbrk(name, WHITESPACE); + if (!access_str) { + log_syntax(unit, LOG_ERR, filename, line, EINVAL, + "Invalid endpoint policy value '%s'", rvalue); + return 0; + } + + *access_str = '\0'; + access_str++; + access_str += strspn(access_str, WHITESPACE); + + access = bus_policy_access_from_string(access_str); + if (access <= _BUS_POLICY_ACCESS_INVALID || + access >= _BUS_POLICY_ACCESS_MAX) { + log_syntax(unit, LOG_ERR, filename, line, EINVAL, + "Invalid endpoint policy access type '%s'", access_str); + return 0; + } + + if (!c->bus_endpoint) { + r = bus_endpoint_new(&c->bus_endpoint); + + if (r < 0) + return r; + } + + return bus_endpoint_add_policy(c->bus_endpoint, name, access); +} + int config_parse_unit_env_file(const char *unit, const char *filename, unsigned line, @@ -1899,22 +2018,23 @@ int config_parse_ip_tos(const char *unit, return 0; } -int config_parse_unit_condition_path(const char *unit, - const char *filename, - unsigned line, - const char *section, - unsigned section_line, - const char *lvalue, - int ltype, - const char *rvalue, - void *data, - void *userdata) { +int config_parse_unit_condition_path( + const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { - ConditionType cond = ltype; - Unit *u = data; - bool trigger, negate; - Condition *c; _cleanup_free_ char *p = NULL; + Condition **list = data, *c; + ConditionType t = ltype; + bool trigger, negate; + Unit *u = userdata; int r; assert(filename); @@ -1924,8 +2044,7 @@ int config_parse_unit_condition_path(const char *unit, if (isempty(rvalue)) { /* Empty assignment resets the list */ - condition_free_list(u->conditions); - u->conditions = NULL; + *list = condition_free_list(*list); return 0; } @@ -1938,45 +2057,41 @@ int config_parse_unit_condition_path(const char *unit, rvalue++; r = unit_full_printf(u, rvalue, &p); - if (r < 0) - log_syntax(unit, LOG_ERR, filename, line, -r, - "Failed to resolve specifiers, ignoring: %s", rvalue); - if (!p) { - p = strdup(rvalue); - if (!p) - return log_oom(); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, -r, "Failed to resolve specifiers, ignoring: %s", rvalue); + return 0; } if (!path_is_absolute(p)) { - log_syntax(unit, LOG_ERR, filename, line, EINVAL, - "Path in condition not absolute, ignoring: %s", p); + log_syntax(unit, LOG_ERR, filename, line, EINVAL, "Path in condition not absolute, ignoring: %s", p); return 0; } - c = condition_new(cond, p, trigger, negate); + c = condition_new(t, p, trigger, negate); if (!c) return log_oom(); - LIST_PREPEND(conditions, u->conditions, c); + LIST_PREPEND(conditions, *list, c); return 0; } -int config_parse_unit_condition_string(const char *unit, - const char *filename, - unsigned line, - const char *section, - unsigned section_line, - const char *lvalue, - int ltype, - const char *rvalue, - void *data, - void *userdata) { +int config_parse_unit_condition_string( + const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { - ConditionType cond = ltype; - Unit *u = data; - bool trigger, negate; - Condition *c; _cleanup_free_ char *s = NULL; + Condition **list = data, *c; + ConditionType t = ltype; + bool trigger, negate; + Unit *u = userdata; int r; assert(filename); @@ -1986,8 +2101,7 @@ int config_parse_unit_condition_string(const char *unit, if (isempty(rvalue)) { /* Empty assignment resets the list */ - condition_free_list(u->conditions); - u->conditions = NULL; + *list = condition_free_list(*list); return 0; } @@ -2000,36 +2114,32 @@ int config_parse_unit_condition_string(const char *unit, rvalue++; r = unit_full_printf(u, rvalue, &s); - if (r < 0) - log_syntax(unit, LOG_ERR, filename, line, -r, - "Failed to resolve specifiers, ignoring: %s", rvalue); - if (!s) { - s = strdup(rvalue); - if (!s) - return log_oom(); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, -r, "Failed to resolve specifiers, ignoring: %s", rvalue); + return 0; } - c = condition_new(cond, s, trigger, negate); + c = condition_new(t, s, trigger, negate); if (!c) return log_oom(); - LIST_PREPEND(conditions, u->conditions, c); + LIST_PREPEND(conditions, *list, c); return 0; } -int config_parse_unit_condition_null(const char *unit, - const char *filename, - unsigned line, - const char *section, - unsigned section_line, - const char *lvalue, - int ltype, - const char *rvalue, - void *data, - void *userdata) { +int config_parse_unit_condition_null( + const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { - Unit *u = data; - Condition *c; + Condition **list = data, *c; bool trigger, negate; int b; @@ -2040,8 +2150,7 @@ int config_parse_unit_condition_null(const char *unit, if (isempty(rvalue)) { /* Empty assignment resets the list */ - condition_free_list(u->conditions); - u->conditions = NULL; + *list = condition_free_list(*list); return 0; } @@ -2055,9 +2164,7 @@ int config_parse_unit_condition_null(const char *unit, b = parse_boolean(rvalue); if (b < 0) { - log_syntax(unit, LOG_ERR, filename, line, -b, - "Failed to parse boolean value in condition, ignoring: %s", - rvalue); + log_syntax(unit, LOG_ERR, filename, line, -b, "Failed to parse boolean value in condition, ignoring: %s", rvalue); return 0; } @@ -2068,7 +2175,7 @@ int config_parse_unit_condition_null(const char *unit, if (!c) return log_oom(); - LIST_PREPEND(conditions, u->conditions, c); + LIST_PREPEND(conditions, *list, c); return 0; } @@ -2217,7 +2324,7 @@ int config_parse_syscall_filter( } if (!c->syscall_filter) { - c->syscall_filter = set_new(trivial_hash_func, trivial_compare_func); + c->syscall_filter = set_new(NULL); if (!c->syscall_filter) return log_oom(); @@ -2309,7 +2416,7 @@ int config_parse_syscall_archs( return 0; } - r = set_ensure_allocated(archs, trivial_hash_func, trivial_compare_func); + r = set_ensure_allocated(archs, NULL); if (r < 0) return log_oom(); @@ -2390,7 +2497,6 @@ int config_parse_address_families( void *userdata) { ExecContext *c = data; - Unit *u = userdata; bool invert = false; const char *word, *state; size_t l; @@ -2399,7 +2505,6 @@ int config_parse_address_families( assert(filename); assert(lvalue); assert(rvalue); - assert(u); if (isempty(rvalue)) { /* Empty assignment resets the list */ @@ -2415,7 +2520,7 @@ int config_parse_address_families( } if (!c->address_families) { - c->address_families = set_new(trivial_hash_func, trivial_compare_func); + c->address_families = set_new(NULL); if (!c->address_families) return log_oom(); @@ -2961,7 +3066,7 @@ int config_parse_runtime_directory( if (!n) return log_oom(); - if (!filename_is_safe(n)) { + if (!filename_is_valid(n)) { log_syntax(unit, LOG_ERR, filename, line, EINVAL, "Runtime directory is not valid, ignoring assignment: %s", rvalue); continue; @@ -3033,7 +3138,7 @@ int config_parse_set_status( } } - r = set_ensure_allocated(&status_set->status, NULL, NULL); + r = set_ensure_allocated(&status_set->status, NULL); if (r < 0) return log_oom(); @@ -3364,7 +3469,7 @@ static int load_from_path(Unit *u, const char *path) { assert(u); assert(path); - symlink_names = set_new(string_hash_func, string_compare_func); + symlink_names = set_new(&string_hash_ops); if (!symlink_names) return -ENOMEM; @@ -3481,7 +3586,7 @@ int unit_load_fragment(Unit *u) { return r; /* Try to find an alias we can load this with */ - if (u->load_state == UNIT_STUB) + if (u->load_state == UNIT_STUB) { SET_FOREACH(t, u->names, i) { if (t == u->id) @@ -3494,6 +3599,7 @@ int unit_load_fragment(Unit *u) { if (u->load_state != UNIT_STUB) break; } + } /* And now, try looking for it under the suggested (originally linked) path */ if (u->load_state == UNIT_STUB && u->fragment_path) { @@ -3523,7 +3629,7 @@ int unit_load_fragment(Unit *u) { if (r < 0) return r; - if (u->load_state == UNIT_STUB) + if (u->load_state == UNIT_STUB) { SET_FOREACH(t, u->names, i) { _cleanup_free_ char *z = NULL; @@ -3541,6 +3647,7 @@ int unit_load_fragment(Unit *u) { if (u->load_state != UNIT_STUB) break; } + } } return 0;