X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fshared%2Futil.c;h=c396fc7c6d4ccdbee1ea35f2239f059053034130;hb=92d75ca419994f3924dc14117b71f8706d9e1f57;hp=ca9c2eb9d138486b0f6608226fd8d3137e5e8ba7;hpb=c51cf05646a11c65daf65c1123c77efb068f4f7b;p=elogind.git diff --git a/src/shared/util.c b/src/shared/util.c index ca9c2eb9d..c396fc7c6 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -41,7 +41,6 @@ #include #include #include -#include #include #include #include @@ -60,6 +59,7 @@ #include #include #include +#undef basename #include "macro.h" #include "util.h" @@ -73,6 +73,11 @@ #include "hashmap.h" #include "env-util.h" #include "fileio.h" +#include "device-nodes.h" +#include "utf8.h" +#include "gunicode.h" +#include "virt.h" +#include "def.h" int saved_argc = 0; char **saved_argv = NULL; @@ -128,40 +133,6 @@ char* endswith(const char *s, const char *postfix) { return (char*) s + sl - pl; } -char* startswith(const char *s, const char *prefix) { - const char *a, *b; - - assert(s); - assert(prefix); - - a = s, b = prefix; - for (;;) { - if (*b == 0) - return (char*) a; - if (*a != *b) - return NULL; - - a++, b++; - } -} - -char* startswith_no_case(const char *s, const char *prefix) { - const char *a, *b; - - assert(s); - assert(prefix); - - a = s, b = prefix; - for (;;) { - if (*b == 0) - return (char*) a; - if (tolower(*a) != tolower(*b)) - return NULL; - - a++, b++; - } -} - bool first_word(const char *s, const char *word) { size_t sl, wl; @@ -403,17 +374,21 @@ char *split(const char *c, size_t *l, const char *separator, char **state) { /* Split a string into words, but consider strings enclosed in '' and * "" as words even if they include spaces. */ char *split_quoted(const char *c, size_t *l, char **state) { - char *current, *e; + const char *current, *e; bool escaped = false; - current = *state ? *state : (char*) c; + assert(c); + assert(l); + assert(state); - if (!*current || *c == 0) - return NULL; + current = *state ? *state : c; current += strspn(current, WHITESPACE); - if (*current == '\'') { + if (*current == 0) + return NULL; + + else if (*current == '\'') { current ++; for (e = current; *e; e++) { @@ -426,7 +401,8 @@ char *split_quoted(const char *c, size_t *l, char **state) { } *l = e-current; - *state = *e == 0 ? e : e+1; + *state = (char*) (*e == 0 ? e : e+1); + } else if (*current == '\"') { current ++; @@ -440,7 +416,8 @@ char *split_quoted(const char *c, size_t *l, char **state) { } *l = e-current; - *state = *e == 0 ? e : e+1; + *state = (char*) (*e == 0 ? e : e+1); + } else { for (e = current; *e; e++) { if (escaped) @@ -451,7 +428,7 @@ char *split_quoted(const char *c, size_t *l, char **state) { break; } *l = e-current; - *state = e; + *state = (char*) e; } return (char*) current; @@ -521,7 +498,7 @@ int get_starttime_of_pid(pid_t pid, unsigned long long *st) { f = fopen(p, "re"); if (!f) - return -errno; + return errno == ENOENT ? -ESRCH : -errno; if (!fgets(line, sizeof(line), f)) { if (ferror(f)) @@ -587,6 +564,7 @@ char *truncate_nl(char *s) { int get_process_comm(pid_t pid, char **name) { const char *p; + int r; assert(name); assert(pid >= 0); @@ -596,7 +574,11 @@ int get_process_comm(pid_t pid, char **name) { else p = procfs_file_alloca(pid, "comm"); - return read_one_line_file(p, name); + r = read_one_line_file(p, name); + if (r == -ENOENT) + return -ESRCH; + + return r; } int get_process_cmdline(pid_t pid, size_t max_length, bool comm_fallback, char **line) { @@ -674,7 +656,7 @@ int get_process_cmdline(pid_t pid, size_t max_length, bool comm_fallback, char * /* Kernel threads have no argv[] */ if (r == NULL || r[0] == 0) { - char *t; + _cleanup_free_ char *t = NULL; int h; free(r); @@ -687,8 +669,6 @@ int get_process_cmdline(pid_t pid, size_t max_length, bool comm_fallback, char * return h; r = strjoin("[", t, "]", NULL); - free(t); - if (!r) return -ENOMEM; } @@ -728,9 +708,6 @@ int is_kernel_thread(pid_t pid) { int get_process_capeff(pid_t pid, char **capeff) { const char *p; - _cleanup_free_ char *status = NULL; - char *t = NULL; - int r; assert(capeff); assert(pid >= 0); @@ -740,25 +717,7 @@ int get_process_capeff(pid_t pid, char **capeff) { else p = procfs_file_alloca(pid, "status"); - r = read_full_file(p, &status, NULL); - if (r < 0) - return r; - - t = strstr(status, "\nCapEff:\t"); - if (!t) - return -ENOENT; - - for (t += strlen("\nCapEff:\t"); t[0] == '0'; t++) - continue; - - if (t[0] == '\n') - t--; - - *capeff = strndup(t, strchr(t, '\n') - t); - if (!*capeff) - return -ENOMEM; - - return 0; + return get_status_field(p, "\nCapEff:", capeff); } int get_process_exe(pid_t pid, char **name) { @@ -776,7 +735,7 @@ int get_process_exe(pid_t pid, char **name) { r = readlink_malloc(p, name); if (r < 0) - return r; + return r == -ENOENT ? -ESRCH : r; d = endswith(*name, " (deleted)"); if (d) @@ -1409,78 +1368,6 @@ char *xescape(const char *s, const char *bad) { return r; } -char *bus_path_escape(const char *s) { - char *r, *t; - const char *f; - - assert(s); - - /* Escapes all chars that D-Bus' object path cannot deal - * with. Can be reverse with bus_path_unescape(). We special - * case the empty string. */ - - if (*s == 0) - return strdup("_"); - - r = new(char, strlen(s)*3 + 1); - if (!r) - return NULL; - - for (f = s, t = r; *f; f++) { - - /* Escape everything that is not a-zA-Z0-9. We also - * escape 0-9 if it's the first character */ - - if (!(*f >= 'A' && *f <= 'Z') && - !(*f >= 'a' && *f <= 'z') && - !(f > s && *f >= '0' && *f <= '9')) { - *(t++) = '_'; - *(t++) = hexchar(*f >> 4); - *(t++) = hexchar(*f); - } else - *(t++) = *f; - } - - *t = 0; - - return r; -} - -char *bus_path_unescape(const char *f) { - char *r, *t; - - assert(f); - - /* Special case for the empty string */ - if (streq(f, "_")) - return strdup(""); - - r = new(char, strlen(f) + 1); - if (!r) - return NULL; - - for (t = r; *f; f++) { - - if (*f == '_') { - int a, b; - - if ((a = unhexchar(f[1])) < 0 || - (b = unhexchar(f[2])) < 0) { - /* Invalid escape code, let's take it literal then */ - *(t++) = '_'; - } else { - *(t++) = (char) ((a << 4) | b); - f += 2; - } - } else - *(t++) = *f; - } - - *t = 0; - - return r; -} - char *ascii_strlower(char *t) { char *p; @@ -2240,8 +2127,10 @@ ssize_t loop_read(int fd, void *buf, size_t nbytes, bool do_poll) { return n > 0 ? n : -errno; } - if (pollfd.revents != POLLIN) - return n > 0 ? n : -EIO; + /* We knowingly ignore the revents value here, + * and expect that any error/EOF is reported + * via read()/write() + */ continue; } @@ -2288,8 +2177,10 @@ ssize_t loop_write(int fd, const void *buf, size_t nbytes, bool do_poll) { return n > 0 ? n : -errno; } - if (pollfd.revents != POLLOUT) - return n > 0 ? n : -EIO; + /* We knowingly ignore the revents value here, + * and expect that any error/EOF is reported + * via read()/write() + */ continue; } @@ -2474,6 +2365,25 @@ fallback: return random() * RAND_MAX + random(); } +unsigned random_u(void) { + _cleanup_close_ int fd; + unsigned u; + ssize_t r; + + fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY); + if (fd < 0) + goto fallback; + + r = loop_read(fd, &u, sizeof(u), true); + if (r != sizeof(u)) + goto fallback; + + return u; + +fallback: + return random() * RAND_MAX + random(); +} + void rename_process(const char name[8]) { assert(name); @@ -2592,7 +2502,7 @@ int getttyname_malloc(int fd, char **r) { assert(r); k = ttyname_r(fd, path, sizeof(path)); - if (k != 0) + if (k > 0) return -k; char_array_0(path); @@ -2627,10 +2537,8 @@ int get_ctty_devnr(pid_t pid, dev_t *d) { char line[LINE_MAX], *p; unsigned long ttynr; const char *fn; - int k; assert(pid >= 0); - assert(d); if (pid == 0) fn = "/proc/self/stat"; @@ -2641,10 +2549,8 @@ int get_ctty_devnr(pid_t pid, dev_t *d) { if (!f) return -errno; - if (!fgets(line, sizeof(line), f)) { - k = feof(f) ? -EIO : -errno; - return k; - } + if (!fgets(line, sizeof(line), f)) + return feof(f) ? -EIO : -errno; p = strrchr(line, ')'); if (!p) @@ -2664,7 +2570,9 @@ int get_ctty_devnr(pid_t pid, dev_t *d) { if (major(ttynr) == 0 && minor(ttynr) == 0) return -ENOENT; - *d = (dev_t) ttynr; + if (d) + *d = (dev_t) ttynr; + return 0; } @@ -2954,11 +2862,13 @@ int fchmod_and_fchown(int fd, mode_t mode, uid_t uid, gid_t gid) { * first change the access mode and only then hand out * ownership to avoid a window where access is too open. */ - if (fchmod(fd, mode) < 0) - return -errno; + if (mode != (mode_t) -1) + if (fchmod(fd, mode) < 0) + return -errno; - if (fchown(fd, uid, gid) < 0) - return -errno; + if (uid != (uid_t) -1 || gid != (gid_t) -1) + if (fchown(fd, uid, gid) < 0) + return -errno; return 0; } @@ -3070,13 +2980,14 @@ int status_printf(const char *status, bool ellipse, bool ephemeral, const char * } int status_welcome(void) { - int r; _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL; + int r; r = parse_env_file("/etc/os-release", NEWLINE, "PRETTY_NAME", &pretty_name, "ANSI_COLOR", &ansi_color, NULL); + if (r < 0 && r != -ENOENT) log_warning("Failed to read /etc/os-release: %s", strerror(-r)); @@ -3319,7 +3230,7 @@ int running_in_chroot(void) { a.st_ino != b.st_ino; } -char *ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) { +static char *ascii_ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) { size_t x; char *r; @@ -3350,6 +3261,80 @@ char *ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigne return r; } +char *ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) { + size_t x; + char *e; + const char *i, *j; + unsigned k, len, len2; + + assert(s); + assert(percent <= 100); + assert(new_length >= 3); + + /* if no multibyte characters use ascii_ellipsize_mem for speed */ + if (ascii_is_valid(s)) + return ascii_ellipsize_mem(s, old_length, new_length, percent); + + if (old_length <= 3 || old_length <= new_length) + return strndup(s, old_length); + + x = (new_length * percent) / 100; + + if (x > new_length - 3) + x = new_length - 3; + + k = 0; + for (i = s; k < x && i < s + old_length; i = utf8_next_char(i)) { + int c; + + c = utf8_encoded_to_unichar(i); + if (c < 0) + return NULL; + k += unichar_iswide(c) ? 2 : 1; + } + + if (k > x) /* last character was wide and went over quota */ + x ++; + + for (j = s + old_length; k < new_length && j > i; ) { + int c; + + j = utf8_prev_char(j); + c = utf8_encoded_to_unichar(j); + if (c < 0) + return NULL; + k += unichar_iswide(c) ? 2 : 1; + } + assert(i <= j); + + /* we don't actually need to ellipsize */ + if (i == j) + return memdup(s, old_length + 1); + + /* make space for ellipsis */ + j = utf8_next_char(j); + + len = i - s; + len2 = s + old_length - j; + e = new(char, len + 3 + len2 + 1); + if (!e) + return NULL; + + /* + printf("old_length=%zu new_length=%zu x=%zu len=%u len2=%u k=%u\n", + old_length, new_length, x, len, len2, k); + */ + + memcpy(e, s, len); + e[len] = 0xe2; /* tri-dot ellipsis: … */ + e[len + 1] = 0x80; + e[len + 2] = 0xa6; + + memcpy(e + len + 3, j, len2 + 1); + + return e; +} + char *ellipsize(const char *s, size_t length, unsigned percent) { return ellipsize_mem(s, strlen(s), length, percent); } @@ -3550,26 +3535,23 @@ int signal_from_string_try_harder(const char *s) { } static char *tag_to_udev_node(const char *tagvalue, const char *by) { - char *dn, *t, *u; - int r; - - /* FIXME: to follow udev's logic 100% we need to leave valid - * UTF8 chars unescaped */ + _cleanup_free_ char *t = NULL, *u = NULL; + char *dn; + size_t enc_len; u = unquote(tagvalue, "\"\'"); if (u == NULL) return NULL; - t = xescape(u, "/ "); - free(u); - + enc_len = strlen(u) * 4 + 1; + t = new(char, enc_len); if (t == NULL) return NULL; - r = asprintf(&dn, "/dev/disk/by-%s/%s", by, t); - free(t); + if (encode_devnode_name(u, t, enc_len) < 0) + return NULL; - if (r < 0) + if (asprintf(&dn, "/dev/disk/by-%s/%s", by, t) < 0) return NULL; return dn; @@ -3655,12 +3637,21 @@ char *resolve_dev_console(char **active) { else tty = *active; + if (streq(tty, "tty0")) { + char *tmp; + + /* Get the active VC (e.g. tty1) */ + if (read_one_line_file("/sys/class/tty/tty0/active", &tmp) >= 0) { + free(*active); + tty = *active = tmp; + } + } + return tty; } bool tty_is_vc_resolve(const char *tty) { - char *active = NULL; - bool b; + _cleanup_free_ char *active = NULL; assert(tty); @@ -3673,10 +3664,7 @@ bool tty_is_vc_resolve(const char *tty) { return false; } - b = tty_is_vc(tty); - free(active); - - return b; + return tty_is_vc(tty); } const char *default_term_for_tty(const char *tty) { @@ -3974,8 +3962,8 @@ int fopen_temporary(const char *path, FILE **_f, char **_temp_path) { if (!t) return -ENOMEM; - fn = path_get_file_name(path); - k = fn-path; + fn = basename(path); + k = fn - path; memcpy(t, path, k); t[k] = '.'; stpcpy(stpcpy(t+k+1, fn), "XXXXXX"); @@ -4090,8 +4078,9 @@ int vt_disallocate(const char *name) { return 0; } -int copy_file(const char *from, const char *to) { - int r, fdf, fdt; +int copy_file(const char *from, const char *to, int flags) { + _cleanup_close_ int fdf = -1; + int r, fdt; assert(from); assert(to); @@ -4100,11 +4089,9 @@ int copy_file(const char *from, const char *to) { if (fdf < 0) return -errno; - fdt = open(to, O_WRONLY|O_CREAT|O_EXCL|O_CLOEXEC|O_NOCTTY, 0644); - if (fdt < 0) { - close_nointr_nofail(fdf); + fdt = open(to, flags|O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, 0644); + if (fdt < 0) return -errno; - } for (;;) { char buf[PIPE_BUF]; @@ -4114,7 +4101,6 @@ int copy_file(const char *from, const char *to) { if (n < 0) { r = -errno; - close_nointr_nofail(fdf); close_nointr(fdt); unlink(to); @@ -4129,15 +4115,13 @@ int copy_file(const char *from, const char *to) { if (n != k) { r = k < 0 ? k : (errno ? -errno : -EIO); - close_nointr_nofail(fdf); close_nointr(fdt); - unlink(to); + return r; } } - close_nointr_nofail(fdf); r = close_nointr(fdt); if (r < 0) { @@ -4164,7 +4148,7 @@ int symlink_atomic(const char *from, const char *to) { if (!t) return -ENOMEM; - fn = path_get_file_name(to); + fn = basename(to); k = fn-to; memcpy(t, to, k); t[k] = '.'; @@ -4425,7 +4409,7 @@ int glob_extend(char ***strv, const char *path) { char **p; errno = 0; - k = glob(optarg, GLOB_NOSORT|GLOB_BRACE, NULL, &g); + k = glob(path, GLOB_NOSORT|GLOB_BRACE, NULL, &g); if (k == GLOB_NOMATCH) return -ENOENT; @@ -4469,38 +4453,31 @@ int dirent_ensure_type(DIR *d, struct dirent *de) { } int in_search_path(const char *path, char **search) { - char **i, *parent; + char **i; + _cleanup_free_ char *parent = NULL; int r; r = path_get_parent(path, &parent); if (r < 0) return r; - r = 0; - - STRV_FOREACH(i, search) { - if (path_equal(parent, *i)) { - r = 1; - break; - } - } - - free(parent); + STRV_FOREACH(i, search) + if (path_equal(parent, *i)) + return 1; - return r; + return 0; } int get_files_in_directory(const char *path, char ***list) { - DIR *d; - int r = 0; - unsigned n = 0; - char **l = NULL; + _cleanup_closedir_ DIR *d = NULL; + size_t bufsize = 0, n = 0; + _cleanup_strv_free_ char **l = NULL; assert(path); /* Returns all files in a directory in *list, and the number * of files as return value. If list is NULL returns only the - * number */ + * number. */ d = opendir(path); if (!d) @@ -4512,11 +4489,9 @@ int get_files_in_directory(const char *path, char ***list) { int k; k = readdir_r(d, &buf.de, &de); - if (k != 0) { - r = -k; - goto finish; - } - + assert(k >= 0); + if (k > 0) + return -k; if (!de) break; @@ -4526,43 +4501,25 @@ int get_files_in_directory(const char *path, char ***list) { continue; if (list) { - if ((unsigned) r >= n) { - char **t; - - n = MAX(16, 2*r); - t = realloc(l, sizeof(char*) * n); - if (!t) { - r = -ENOMEM; - goto finish; - } - - l = t; - } - - assert((unsigned) r < n); + /* one extra slot is needed for the terminating NULL */ + if (!GREEDY_REALLOC(l, bufsize, n + 2)) + return -ENOMEM; - l[r] = strdup(de->d_name); - if (!l[r]) { - r = -ENOMEM; - goto finish; - } + l[n] = strdup(de->d_name); + if (!l[n]) + return -ENOMEM; - l[++r] = NULL; + l[++n] = NULL; } else - r++; + n++; } -finish: - if (d) - closedir(d); - - if (r >= 0) { - if (list) - *list = l; - } else - strv_free(l); + if (list) { + *list = l; + l = NULL; /* avoid freeing */ + } - return r; + return n; } char *strjoin(const char *x, ...) { @@ -4979,15 +4936,15 @@ int fd_inc_sndbuf(int fd, size_t n) { socklen_t l = sizeof(value); r = getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, &l); - if (r >= 0 && - l == sizeof(value) && - (size_t) value >= n*2) + if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2) return 0; + /* If we have the privileges we will ignore the kernel limit. */ + value = (int) n; - r = setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)); - if (r < 0) - return -errno; + if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0) + if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0) + return -errno; return 1; } @@ -4997,16 +4954,15 @@ int fd_inc_rcvbuf(int fd, size_t n) { socklen_t l = sizeof(value); r = getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, &l); - if (r >= 0 && - l == sizeof(value) && - (size_t) value >= n*2) + if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2) return 0; - value = (int) n; - r = setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)); - if (r < 0) - return -errno; + /* If we have the privileges we will ignore the kernel limit. */ + value = (int) n; + if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0) + if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0) + return -errno; return 1; } @@ -5263,10 +5219,10 @@ int make_console_stdio(void) { } int get_home_dir(char **_h) { - char *h; + struct passwd *p; const char *e; + char *h; uid_t u; - struct passwd *p; assert(_h); @@ -5309,6 +5265,53 @@ int get_home_dir(char **_h) { return 0; } +int get_shell(char **_s) { + struct passwd *p; + const char *e; + char *s; + uid_t u; + + assert(_s); + + /* Take the user specified one */ + e = getenv("SHELL"); + if (e) { + s = strdup(e); + if (!s) + return -ENOMEM; + + *_s = s; + return 0; + } + + /* Hardcode home directory for root to avoid NSS */ + u = getuid(); + if (u == 0) { + s = strdup("/bin/sh"); + if (!s) + return -ENOMEM; + + *_s = s; + return 0; + } + + /* Check the database... */ + errno = 0; + p = getpwuid(u); + if (!p) + return errno > 0 ? -errno : -ESRCH; + + if (!path_is_absolute(p->pw_shell)) + return -EINVAL; + + s = strdup(p->pw_shell); + if (!s) + return -ENOMEM; + + *_s = s; + return 0; +} + bool filename_is_safe(const char *p) { if (isempty(p)) @@ -5345,13 +5348,17 @@ bool string_is_safe(const char *p) { return true; } +/** + * Check if a string contains control characters. + * Spaces and tabs are not considered control characters. + */ bool string_has_cc(const char *p) { const char *t; assert(p); for (t = p; *t; t++) - if (*t > 0 && *t < ' ') + if (*t > 0 && *t < ' ' && *t != '\t') return true; return false; @@ -5419,7 +5426,7 @@ bool is_locale_utf8(void) { goto out; } - if(streq(set, "UTF-8")) { + if (streq(set, "UTF-8")) { cached_answer = true; goto out; } @@ -5452,6 +5459,7 @@ const char *draw_special_char(DrawSpecialChar ch) { [DRAW_TREE_RIGHT] = "\342\224\224\342\224\200", /* └─ */ [DRAW_TREE_SPACE] = " ", /* */ [DRAW_TRIANGULAR_BULLET] = "\342\200\243 ", /* ‣ */ + [DRAW_BLACK_CIRCLE] = "\342\227\217 ", /* ● */ }, /* ASCII fallback */ { [DRAW_TREE_VERT] = "| ", @@ -5459,6 +5467,7 @@ const char *draw_special_char(DrawSpecialChar ch) { [DRAW_TREE_RIGHT] = "`-", [DRAW_TREE_SPACE] = " ", [DRAW_TRIANGULAR_BULLET] = "> ", + [DRAW_BLACK_CIRCLE] = "* ", } }; @@ -5754,56 +5763,6 @@ int search_and_fopen_nulstr(const char *path, const char *mode, const char *sear return search_and_fopen_internal(path, mode, s, _f); } -int create_tmp_dir(char template[], char** dir_name) { - int r = 0; - char *d = NULL, *dt; - - assert(dir_name); - - RUN_WITH_UMASK(0077) { - d = mkdtemp(template); - } - if (!d) { - log_error("Can't create directory %s: %m", template); - return -errno; - } - - dt = strjoin(d, "/tmp", NULL); - if (!dt) { - r = log_oom(); - goto fail3; - } - - RUN_WITH_UMASK(0000) { - r = mkdir(dt, 0777); - } - if (r < 0) { - log_error("Can't create directory %s: %m", dt); - r = -errno; - goto fail2; - } - log_debug("Created temporary directory %s", dt); - - r = chmod(dt, 0777 | S_ISVTX); - if (r < 0) { - log_error("Failed to chmod %s: %m", dt); - r = -errno; - goto fail1; - } - log_debug("Set sticky bit on %s", dt); - - *dir_name = dt; - - return 0; -fail1: - rmdir(dt); -fail2: - free(dt); -fail3: - rmdir(template); - return r; -} - char *strextend(char **x, ...) { va_list ap; size_t f, l; @@ -5879,10 +5838,18 @@ void* greedy_realloc(void **p, size_t *allocated, size_t need) { size_t a; void *q; + assert(p); + assert(allocated); + if (*allocated >= need) return *p; a = MAX(64u, need * 2); + + /* check for overflows */ + if (a < need) + return NULL; + q = realloc(*p, a); if (!q) return NULL; @@ -5892,6 +5859,25 @@ void* greedy_realloc(void **p, size_t *allocated, size_t need) { return q; } +void* greedy_realloc0(void **p, size_t *allocated, size_t need) { + size_t prev; + uint8_t *q; + + assert(p); + assert(allocated); + + prev = *allocated; + + q = greedy_realloc(p, allocated, need); + if (!q) + return NULL; + + if (*allocated > prev) + memset(&q[prev], 0, *allocated - prev); + + return q; +} + bool id128_is_valid(const char *s) { size_t i, l; @@ -5977,3 +5963,116 @@ int split_pair(const char *s, const char *sep, char **l, char **r) { return 0; } + +int shall_restore_state(void) { + _cleanup_free_ char *line; + char *w, *state; + size_t l; + int r; + + r = proc_cmdline(&line); + if (r < 0) + return r; + if (r == 0) /* Container ... */ + return 1; + + FOREACH_WORD_QUOTED(w, l, line, state) + if (l == 23 && strneq(w, "systemd.restore_state=0", 23)) + return 0; + + return 1; +} + +int proc_cmdline(char **ret) { + int r; + + if (detect_container(NULL) > 0) { + *ret = NULL; + return 0; + } + + r = read_one_line_file("/proc/cmdline", ret); + if (r < 0) + return r; + + return 1; +} + +int container_get_leader(const char *machine, pid_t *pid) { + _cleanup_free_ char *s = NULL, *class = NULL; + const char *p; + pid_t leader; + int r; + + assert(machine); + assert(pid); + + p = strappenda("/run/systemd/machines/", machine); + r = parse_env_file(p, NEWLINE, "LEADER", &s, "CLASS", &class, NULL); + if (r == -ENOENT) + return -EHOSTDOWN; + if (r < 0) + return r; + if (!s) + return -EIO; + + if (!streq_ptr(class, "container")) + return -EIO; + + r = parse_pid(s, &leader); + if (r < 0) + return r; + if (leader <= 1) + return -EIO; + + *pid = leader; + return 0; +} + +int namespace_open(pid_t pid, int *namespace_fd, int *root_fd) { + _cleanup_close_ int nsfd = -1; + const char *ns, *root; + int rfd; + + assert(pid >= 0); + assert(namespace_fd); + assert(root_fd); + + ns = procfs_file_alloca(pid, "ns/mnt"); + nsfd = open(ns, O_RDONLY|O_NOCTTY|O_CLOEXEC); + if (nsfd < 0) + return -errno; + + root = procfs_file_alloca(pid, "root"); + rfd = open(root, O_RDONLY|O_NOCTTY|O_CLOEXEC|O_DIRECTORY); + if (rfd < 0) + return -errno; + + *namespace_fd = nsfd; + *root_fd = rfd; + nsfd = -1; + + return 0; +} + +int namespace_enter(int namespace_fd, int root_fd) { + assert(namespace_fd >= 0); + assert(root_fd >= 0); + + if (setns(namespace_fd, CLONE_NEWNS) < 0) + return -errno; + + if (fchdir(root_fd) < 0) + return -errno; + + if (chroot(".") < 0) + return -errno; + + if (setresgid(0, 0, 0) < 0) + return -errno; + + if (setresuid(0, 0, 0) < 0) + return -errno; + + return 0; +}