1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
31 #include <sys/resource.h>
32 #include <linux/sched.h>
33 #include <sys/types.h>
37 #include <sys/ioctl.h>
39 #include <linux/tiocl.h>
42 #include <sys/inotify.h>
46 #include <sys/prctl.h>
47 #include <sys/utsname.h>
49 #include <netinet/ip.h>
58 #include <linux/magic.h>
67 #include "path-util.h"
68 #include "exit-status.h"
72 char **saved_argv = NULL;
74 size_t page_size(void) {
75 static __thread size_t pgsz = 0;
78 if (_likely_(pgsz > 0))
81 assert_se((r = sysconf(_SC_PAGESIZE)) > 0);
88 bool streq_ptr(const char *a, const char *b) {
90 /* Like streq(), but tries to make sense of NULL pointers */
101 usec_t now(clockid_t clock_id) {
104 assert_se(clock_gettime(clock_id, &ts) == 0);
106 return timespec_load(&ts);
109 dual_timestamp* dual_timestamp_get(dual_timestamp *ts) {
112 ts->realtime = now(CLOCK_REALTIME);
113 ts->monotonic = now(CLOCK_MONOTONIC);
118 dual_timestamp* dual_timestamp_from_realtime(dual_timestamp *ts, usec_t u) {
127 delta = (int64_t) now(CLOCK_REALTIME) - (int64_t) u;
129 ts->monotonic = now(CLOCK_MONOTONIC);
131 if ((int64_t) ts->monotonic > delta)
132 ts->monotonic -= delta;
140 usec_t timespec_load(const struct timespec *ts) {
144 (usec_t) ts->tv_sec * USEC_PER_SEC +
145 (usec_t) ts->tv_nsec / NSEC_PER_USEC;
148 struct timespec *timespec_store(struct timespec *ts, usec_t u) {
151 ts->tv_sec = (time_t) (u / USEC_PER_SEC);
152 ts->tv_nsec = (long int) ((u % USEC_PER_SEC) * NSEC_PER_USEC);
157 usec_t timeval_load(const struct timeval *tv) {
161 (usec_t) tv->tv_sec * USEC_PER_SEC +
162 (usec_t) tv->tv_usec;
165 struct timeval *timeval_store(struct timeval *tv, usec_t u) {
168 tv->tv_sec = (time_t) (u / USEC_PER_SEC);
169 tv->tv_usec = (suseconds_t) (u % USEC_PER_SEC);
174 bool endswith(const char *s, const char *postfix) {
181 pl = strlen(postfix);
189 return memcmp(s + sl - pl, postfix, pl) == 0;
192 bool startswith(const char *s, const char *prefix) {
207 return memcmp(s, prefix, pl) == 0;
210 bool startswith_no_case(const char *s, const char *prefix) {
226 for(i = 0; i < pl; ++i) {
227 if (tolower(s[i]) != tolower(prefix[i]))
234 bool first_word(const char *s, const char *word) {
249 if (memcmp(s, word, wl) != 0)
253 strchr(WHITESPACE, s[wl]);
256 int close_nointr(int fd) {
271 void close_nointr_nofail(int fd) {
272 int saved_errno = errno;
274 /* like close_nointr() but cannot fail, and guarantees errno
277 assert_se(close_nointr(fd) == 0);
282 void close_many(const int fds[], unsigned n_fd) {
285 for (i = 0; i < n_fd; i++)
286 close_nointr_nofail(fds[i]);
289 int parse_boolean(const char *v) {
292 if (streq(v, "1") || v[0] == 'y' || v[0] == 'Y' || v[0] == 't' || v[0] == 'T' || !strcasecmp(v, "on"))
294 else if (streq(v, "0") || v[0] == 'n' || v[0] == 'N' || v[0] == 'f' || v[0] == 'F' || !strcasecmp(v, "off"))
300 int parse_pid(const char *s, pid_t* ret_pid) {
301 unsigned long ul = 0;
308 if ((r = safe_atolu(s, &ul)) < 0)
313 if ((unsigned long) pid != ul)
323 int parse_uid(const char *s, uid_t* ret_uid) {
324 unsigned long ul = 0;
331 if ((r = safe_atolu(s, &ul)) < 0)
336 if ((unsigned long) uid != ul)
343 int safe_atou(const char *s, unsigned *ret_u) {
351 l = strtoul(s, &x, 0);
353 if (!x || *x || errno)
354 return errno ? -errno : -EINVAL;
356 if ((unsigned long) (unsigned) l != l)
359 *ret_u = (unsigned) l;
363 int safe_atoi(const char *s, int *ret_i) {
371 l = strtol(s, &x, 0);
373 if (!x || *x || errno)
374 return errno ? -errno : -EINVAL;
376 if ((long) (int) l != l)
383 int safe_atollu(const char *s, long long unsigned *ret_llu) {
385 unsigned long long l;
391 l = strtoull(s, &x, 0);
393 if (!x || *x || errno)
394 return errno ? -errno : -EINVAL;
400 int safe_atolli(const char *s, long long int *ret_lli) {
408 l = strtoll(s, &x, 0);
410 if (!x || *x || errno)
411 return errno ? -errno : -EINVAL;
417 /* Split a string into words. */
418 char *split(const char *c, size_t *l, const char *separator, char **state) {
421 current = *state ? *state : (char*) c;
423 if (!*current || *c == 0)
426 current += strspn(current, separator);
427 *l = strcspn(current, separator);
430 return (char*) current;
433 /* Split a string into words, but consider strings enclosed in '' and
434 * "" as words even if they include spaces. */
435 char *split_quoted(const char *c, size_t *l, char **state) {
437 bool escaped = false;
439 current = *state ? *state : (char*) c;
441 if (!*current || *c == 0)
444 current += strspn(current, WHITESPACE);
446 if (*current == '\'') {
449 for (e = current; *e; e++) {
459 *state = *e == 0 ? e : e+1;
460 } else if (*current == '\"') {
463 for (e = current; *e; e++) {
473 *state = *e == 0 ? e : e+1;
475 for (e = current; *e; e++) {
480 else if (strchr(WHITESPACE, *e))
487 return (char*) current;
490 int get_parent_of_pid(pid_t pid, pid_t *_ppid) {
493 char fn[PATH_MAX], line[LINE_MAX], *p;
499 assert_se(snprintf(fn, sizeof(fn)-1, "/proc/%lu/stat", (unsigned long) pid) < (int) (sizeof(fn)-1));
502 if (!(f = fopen(fn, "re")))
505 if (!(fgets(line, sizeof(line), f))) {
506 r = feof(f) ? -EIO : -errno;
513 /* Let's skip the pid and comm fields. The latter is enclosed
514 * in () but does not escape any () in its value, so let's
515 * skip over it manually */
517 if (!(p = strrchr(line, ')')))
528 if ((long unsigned) (pid_t) ppid != ppid)
531 *_ppid = (pid_t) ppid;
536 int get_starttime_of_pid(pid_t pid, unsigned long long *st) {
539 char fn[PATH_MAX], line[LINE_MAX], *p;
544 assert_se(snprintf(fn, sizeof(fn)-1, "/proc/%lu/stat", (unsigned long) pid) < (int) (sizeof(fn)-1));
547 if (!(f = fopen(fn, "re")))
550 if (!(fgets(line, sizeof(line), f))) {
551 r = feof(f) ? -EIO : -errno;
558 /* Let's skip the pid and comm fields. The latter is enclosed
559 * in () but does not escape any () in its value, so let's
560 * skip over it manually */
562 if (!(p = strrchr(line, ')')))
583 "%*d " /* priority */
585 "%*d " /* num_threads */
586 "%*d " /* itrealvalue */
587 "%llu " /* starttime */,
594 int write_one_line_file(const char *fn, const char *line) {
606 if (fputs(line, f) < 0) {
611 if (!endswith(line, "\n"))
629 int fchmod_umask(int fd, mode_t m) {
634 r = fchmod(fd, m & (~u)) < 0 ? -errno : 0;
640 int write_one_line_file_atomic(const char *fn, const char *line) {
648 r = fopen_temporary(fn, &f, &p);
652 fchmod_umask(fileno(f), 0644);
655 if (fputs(line, f) < 0) {
660 if (!endswith(line, "\n"))
671 if (rename(p, fn) < 0)
687 int read_one_line_file(const char *fn, char **line) {
690 char t[LINE_MAX], *c;
699 if (!fgets(t, sizeof(t), f)) {
725 int read_full_file(const char *fn, char **contents, size_t *size) {
732 if (!(f = fopen(fn, "re")))
735 if (fstat(fileno(f), &st) < 0) {
741 if (st.st_size > 4*1024*1024) {
746 n = st.st_size > 0 ? st.st_size : LINE_MAX;
753 if (!(t = realloc(buf, n+1))) {
759 k = fread(buf + l, 1, n - l, f);
774 if (n > 4*1024*1024) {
798 const char *separator, ...) {
801 char *contents = NULL, *p;
806 if ((r = read_full_file(fname, &contents, NULL)) < 0)
811 const char *key = NULL;
813 p += strspn(p, separator);
814 p += strspn(p, WHITESPACE);
819 if (!strchr(COMMENTS, *p)) {
823 va_start(ap, separator);
824 while ((key = va_arg(ap, char *))) {
828 value = va_arg(ap, char **);
831 if (strncmp(p, key, n) != 0 ||
836 n = strcspn(p, separator);
839 strchr(QUOTES, p[0]) &&
841 v = strndup(p+1, n-2);
852 /* return empty value strings as NULL */
869 p += strcspn(p, separator);
888 if (!(f = fopen(fname, "re")))
892 char l[LINE_MAX], *p, *u;
895 if (!fgets(l, sizeof(l), f)) {
908 if (strchr(COMMENTS, *p))
911 if (!(u = normalize_env_assignment(p))) {
912 log_error("Out of memory");
917 t = strv_append(m, u);
921 log_error("Out of memory");
944 int write_env_file(const char *fname, char **l) {
949 r = fopen_temporary(fname, &f, &p);
953 fchmod_umask(fileno(f), 0644);
969 if (rename(p, fname) < 0)
984 char *truncate_nl(char *s) {
987 s[strcspn(s, NEWLINE)] = 0;
991 int get_process_comm(pid_t pid, char **name) {
997 r = read_one_line_file("/proc/self/comm", name);
1000 if (asprintf(&p, "/proc/%lu/comm", (unsigned long) pid) < 0)
1003 r = read_one_line_file(p, name);
1010 int get_process_cmdline(pid_t pid, size_t max_length, bool comm_fallback, char **line) {
1017 assert(max_length > 0);
1021 f = fopen("/proc/self/cmdline", "re");
1024 if (asprintf(&p, "/proc/%lu/cmdline", (unsigned long) pid) < 0)
1034 r = new(char, max_length);
1042 while ((c = getc(f)) != EOF) {
1064 size_t n = MIN(left-1, 3U);
1065 memcpy(k, "...", n);
1072 /* Kernel threads have no argv[] */
1082 h = get_process_comm(pid, &t);
1086 r = join("[", t, "]", NULL);
1097 int is_kernel_thread(pid_t pid) {
1107 if (asprintf(&p, "/proc/%lu/cmdline", (unsigned long) pid) < 0)
1116 count = fread(&c, 1, 1, f);
1120 /* Kernel threads have an empty cmdline */
1123 return eof ? 1 : -errno;
1128 int get_process_exe(pid_t pid, char **name) {
1134 r = readlink_malloc("/proc/self/exe", name);
1137 if (asprintf(&p, "/proc/%lu/exe", (unsigned long) pid) < 0)
1140 r = readlink_malloc(p, name);
1147 int get_process_uid(pid_t pid, uid_t *uid) {
1157 if (asprintf(&p, "/proc/%lu/status", (unsigned long) pid) < 0)
1167 char line[LINE_MAX], *l;
1169 if (!fgets(line, sizeof(line), f)) {
1179 if (startswith(l, "Uid:")) {
1181 l += strspn(l, WHITESPACE);
1183 l[strcspn(l, WHITESPACE)] = 0;
1185 r = parse_uid(l, uid);
1198 char *strnappend(const char *s, const char *suffix, size_t b) {
1206 return strndup(suffix, b);
1216 if (!(r = new(char, a+b+1)))
1220 memcpy(r+a, suffix, b);
1226 char *strappend(const char *s, const char *suffix) {
1227 return strnappend(s, suffix, suffix ? strlen(suffix) : 0);
1230 int readlink_malloc(const char *p, char **r) {
1240 if (!(c = new(char, l)))
1243 if ((n = readlink(p, c, l-1)) < 0) {
1249 if ((size_t) n < l-1) {
1260 int readlink_and_make_absolute(const char *p, char **r) {
1267 if ((j = readlink_malloc(p, &target)) < 0)
1270 k = file_in_same_dir(p, target);
1280 int readlink_and_canonicalize(const char *p, char **r) {
1287 j = readlink_and_make_absolute(p, &t);
1291 s = canonicalize_file_name(t);
1298 path_kill_slashes(*r);
1303 int reset_all_signal_handlers(void) {
1306 for (sig = 1; sig < _NSIG; sig++) {
1307 struct sigaction sa;
1309 if (sig == SIGKILL || sig == SIGSTOP)
1313 sa.sa_handler = SIG_DFL;
1314 sa.sa_flags = SA_RESTART;
1316 /* On Linux the first two RT signals are reserved by
1317 * glibc, and sigaction() will return EINVAL for them. */
1318 if ((sigaction(sig, &sa, NULL) < 0))
1319 if (errno != EINVAL)
1326 char *strstrip(char *s) {
1329 /* Drops trailing whitespace. Modifies the string in
1330 * place. Returns pointer to first non-space character */
1332 s += strspn(s, WHITESPACE);
1334 for (e = strchr(s, 0); e > s; e --)
1335 if (!strchr(WHITESPACE, e[-1]))
1343 char *delete_chars(char *s, const char *bad) {
1346 /* Drops all whitespace, regardless where in the string */
1348 for (f = s, t = s; *f; f++) {
1349 if (strchr(bad, *f))
1360 bool in_charset(const char *s, const char* charset) {
1366 for (i = s; *i; i++)
1367 if (!strchr(charset, *i))
1373 char *file_in_same_dir(const char *path, const char *filename) {
1380 /* This removes the last component of path and appends
1381 * filename, unless the latter is absolute anyway or the
1384 if (path_is_absolute(filename))
1385 return strdup(filename);
1387 if (!(e = strrchr(path, '/')))
1388 return strdup(filename);
1390 k = strlen(filename);
1391 if (!(r = new(char, e-path+1+k+1)))
1394 memcpy(r, path, e-path+1);
1395 memcpy(r+(e-path)+1, filename, k+1);
1400 int rmdir_parents(const char *path, const char *stop) {
1409 /* Skip trailing slashes */
1410 while (l > 0 && path[l-1] == '/')
1416 /* Skip last component */
1417 while (l > 0 && path[l-1] != '/')
1420 /* Skip trailing slashes */
1421 while (l > 0 && path[l-1] == '/')
1427 if (!(t = strndup(path, l)))
1430 if (path_startswith(stop, t)) {
1439 if (errno != ENOENT)
1447 char hexchar(int x) {
1448 static const char table[16] = "0123456789abcdef";
1450 return table[x & 15];
1453 int unhexchar(char c) {
1455 if (c >= '0' && c <= '9')
1458 if (c >= 'a' && c <= 'f')
1459 return c - 'a' + 10;
1461 if (c >= 'A' && c <= 'F')
1462 return c - 'A' + 10;
1467 char octchar(int x) {
1468 return '0' + (x & 7);
1471 int unoctchar(char c) {
1473 if (c >= '0' && c <= '7')
1479 char decchar(int x) {
1480 return '0' + (x % 10);
1483 int undecchar(char c) {
1485 if (c >= '0' && c <= '9')
1491 char *cescape(const char *s) {
1497 /* Does C style string escaping. */
1499 r = new(char, strlen(s)*4 + 1);
1503 for (f = s, t = r; *f; f++)
1549 /* For special chars we prefer octal over
1550 * hexadecimal encoding, simply because glib's
1551 * g_strescape() does the same */
1552 if ((*f < ' ') || (*f >= 127)) {
1554 *(t++) = octchar((unsigned char) *f >> 6);
1555 *(t++) = octchar((unsigned char) *f >> 3);
1556 *(t++) = octchar((unsigned char) *f);
1567 char *cunescape_length(const char *s, size_t length) {
1573 /* Undoes C style string escaping */
1575 r = new(char, length+1);
1579 for (f = s, t = r; f < s + length; f++) {
1622 /* This is an extension of the XDG syntax files */
1627 /* hexadecimal encoding */
1630 a = unhexchar(f[1]);
1631 b = unhexchar(f[2]);
1633 if (a < 0 || b < 0) {
1634 /* Invalid escape code, let's take it literal then */
1638 *(t++) = (char) ((a << 4) | b);
1653 /* octal encoding */
1656 a = unoctchar(f[0]);
1657 b = unoctchar(f[1]);
1658 c = unoctchar(f[2]);
1660 if (a < 0 || b < 0 || c < 0) {
1661 /* Invalid escape code, let's take it literal then */
1665 *(t++) = (char) ((a << 6) | (b << 3) | c);
1673 /* premature end of string.*/
1678 /* Invalid escape code, let's take it literal then */
1690 char *cunescape(const char *s) {
1691 return cunescape_length(s, strlen(s));
1694 char *xescape(const char *s, const char *bad) {
1698 /* Escapes all chars in bad, in addition to \ and all special
1699 * chars, in \xFF style escaping. May be reversed with
1702 if (!(r = new(char, strlen(s)*4+1)))
1705 for (f = s, t = r; *f; f++) {
1707 if ((*f < ' ') || (*f >= 127) ||
1708 (*f == '\\') || strchr(bad, *f)) {
1711 *(t++) = hexchar(*f >> 4);
1712 *(t++) = hexchar(*f);
1722 char *bus_path_escape(const char *s) {
1728 /* Escapes all chars that D-Bus' object path cannot deal
1729 * with. Can be reverse with bus_path_unescape() */
1731 if (!(r = new(char, strlen(s)*3+1)))
1734 for (f = s, t = r; *f; f++) {
1736 if (!(*f >= 'A' && *f <= 'Z') &&
1737 !(*f >= 'a' && *f <= 'z') &&
1738 !(*f >= '0' && *f <= '9')) {
1740 *(t++) = hexchar(*f >> 4);
1741 *(t++) = hexchar(*f);
1751 char *bus_path_unescape(const char *f) {
1756 if (!(r = strdup(f)))
1759 for (t = r; *f; f++) {
1764 if ((a = unhexchar(f[1])) < 0 ||
1765 (b = unhexchar(f[2])) < 0) {
1766 /* Invalid escape code, let's take it literal then */
1769 *(t++) = (char) ((a << 4) | b);
1781 char *ascii_strlower(char *t) {
1786 for (p = t; *p; p++)
1787 if (*p >= 'A' && *p <= 'Z')
1788 *p = *p - 'A' + 'a';
1793 bool ignore_file(const char *filename) {
1797 filename[0] == '.' ||
1798 streq(filename, "lost+found") ||
1799 streq(filename, "aquota.user") ||
1800 streq(filename, "aquota.group") ||
1801 endswith(filename, "~") ||
1802 endswith(filename, ".rpmnew") ||
1803 endswith(filename, ".rpmsave") ||
1804 endswith(filename, ".rpmorig") ||
1805 endswith(filename, ".dpkg-old") ||
1806 endswith(filename, ".dpkg-new") ||
1807 endswith(filename, ".swp");
1810 int fd_nonblock(int fd, bool nonblock) {
1815 if ((flags = fcntl(fd, F_GETFL, 0)) < 0)
1819 flags |= O_NONBLOCK;
1821 flags &= ~O_NONBLOCK;
1823 if (fcntl(fd, F_SETFL, flags) < 0)
1829 int fd_cloexec(int fd, bool cloexec) {
1834 if ((flags = fcntl(fd, F_GETFD, 0)) < 0)
1838 flags |= FD_CLOEXEC;
1840 flags &= ~FD_CLOEXEC;
1842 if (fcntl(fd, F_SETFD, flags) < 0)
1848 static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) {
1851 assert(n_fdset == 0 || fdset);
1853 for (i = 0; i < n_fdset; i++)
1860 int close_all_fds(const int except[], unsigned n_except) {
1865 assert(n_except == 0 || except);
1867 d = opendir("/proc/self/fd");
1872 /* When /proc isn't available (for example in chroots)
1873 * the fallback is brute forcing through the fd
1876 assert_se(getrlimit(RLIMIT_NOFILE, &rl) >= 0);
1877 for (fd = 3; fd < (int) rl.rlim_max; fd ++) {
1879 if (fd_in_set(fd, except, n_except))
1882 if (close_nointr(fd) < 0)
1883 if (errno != EBADF && r == 0)
1890 while ((de = readdir(d))) {
1893 if (ignore_file(de->d_name))
1896 if (safe_atoi(de->d_name, &fd) < 0)
1897 /* Let's better ignore this, just in case */
1906 if (fd_in_set(fd, except, n_except))
1909 if (close_nointr(fd) < 0) {
1910 /* Valgrind has its own FD and doesn't want to have it closed */
1911 if (errno != EBADF && r == 0)
1920 bool chars_intersect(const char *a, const char *b) {
1923 /* Returns true if any of the chars in a are in b. */
1924 for (p = a; *p; p++)
1931 char *format_timestamp(char *buf, size_t l, usec_t t) {
1941 sec = (time_t) (t / USEC_PER_SEC);
1943 if (strftime(buf, l, "%a, %d %b %Y %H:%M:%S %z", localtime_r(&sec, &tm)) <= 0)
1949 char *format_timestamp_pretty(char *buf, size_t l, usec_t t) {
1952 n = now(CLOCK_REALTIME);
1954 if (t <= 0 || t > n || t + USEC_PER_DAY*7 <= t)
1959 if (d >= USEC_PER_YEAR)
1960 snprintf(buf, l, "%llu years and %llu months ago",
1961 (unsigned long long) (d / USEC_PER_YEAR),
1962 (unsigned long long) ((d % USEC_PER_YEAR) / USEC_PER_MONTH));
1963 else if (d >= USEC_PER_MONTH)
1964 snprintf(buf, l, "%llu months and %llu days ago",
1965 (unsigned long long) (d / USEC_PER_MONTH),
1966 (unsigned long long) ((d % USEC_PER_MONTH) / USEC_PER_DAY));
1967 else if (d >= USEC_PER_WEEK)
1968 snprintf(buf, l, "%llu weeks and %llu days ago",
1969 (unsigned long long) (d / USEC_PER_WEEK),
1970 (unsigned long long) ((d % USEC_PER_WEEK) / USEC_PER_DAY));
1971 else if (d >= 2*USEC_PER_DAY)
1972 snprintf(buf, l, "%llu days ago", (unsigned long long) (d / USEC_PER_DAY));
1973 else if (d >= 25*USEC_PER_HOUR)
1974 snprintf(buf, l, "1 day and %lluh ago",
1975 (unsigned long long) ((d - USEC_PER_DAY) / USEC_PER_HOUR));
1976 else if (d >= 6*USEC_PER_HOUR)
1977 snprintf(buf, l, "%lluh ago",
1978 (unsigned long long) (d / USEC_PER_HOUR));
1979 else if (d >= USEC_PER_HOUR)
1980 snprintf(buf, l, "%lluh %llumin ago",
1981 (unsigned long long) (d / USEC_PER_HOUR),
1982 (unsigned long long) ((d % USEC_PER_HOUR) / USEC_PER_MINUTE));
1983 else if (d >= 5*USEC_PER_MINUTE)
1984 snprintf(buf, l, "%llumin ago",
1985 (unsigned long long) (d / USEC_PER_MINUTE));
1986 else if (d >= USEC_PER_MINUTE)
1987 snprintf(buf, l, "%llumin %llus ago",
1988 (unsigned long long) (d / USEC_PER_MINUTE),
1989 (unsigned long long) ((d % USEC_PER_MINUTE) / USEC_PER_SEC));
1990 else if (d >= USEC_PER_SEC)
1991 snprintf(buf, l, "%llus ago",
1992 (unsigned long long) (d / USEC_PER_SEC));
1993 else if (d >= USEC_PER_MSEC)
1994 snprintf(buf, l, "%llums ago",
1995 (unsigned long long) (d / USEC_PER_MSEC));
1997 snprintf(buf, l, "%lluus ago",
1998 (unsigned long long) d);
2000 snprintf(buf, l, "now");
2006 char *format_timespan(char *buf, size_t l, usec_t t) {
2007 static const struct {
2011 { "w", USEC_PER_WEEK },
2012 { "d", USEC_PER_DAY },
2013 { "h", USEC_PER_HOUR },
2014 { "min", USEC_PER_MINUTE },
2015 { "s", USEC_PER_SEC },
2016 { "ms", USEC_PER_MSEC },
2026 if (t == (usec_t) -1)
2030 snprintf(p, l, "0");
2035 /* The result of this function can be parsed with parse_usec */
2037 for (i = 0; i < ELEMENTSOF(table); i++) {
2041 if (t < table[i].usec)
2047 k = snprintf(p, l, "%s%llu%s", p > buf ? " " : "", (unsigned long long) (t / table[i].usec), table[i].suffix);
2048 n = MIN((size_t) k, l);
2061 bool fstype_is_network(const char *fstype) {
2062 static const char * const table[] = {
2074 for (i = 0; i < ELEMENTSOF(table); i++)
2075 if (streq(table[i], fstype))
2084 if ((fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC)) < 0)
2089 TIOCL_GETKMSGREDIRECT,
2093 if (ioctl(fd, TIOCLINUX, tiocl) < 0) {
2098 vt = tiocl[0] <= 0 ? 1 : tiocl[0];
2101 if (ioctl(fd, VT_ACTIVATE, vt) < 0)
2105 close_nointr_nofail(fd);
2109 int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) {
2110 struct termios old_termios, new_termios;
2112 char line[LINE_MAX];
2117 if (tcgetattr(fileno(f), &old_termios) >= 0) {
2118 new_termios = old_termios;
2120 new_termios.c_lflag &= ~ICANON;
2121 new_termios.c_cc[VMIN] = 1;
2122 new_termios.c_cc[VTIME] = 0;
2124 if (tcsetattr(fileno(f), TCSADRAIN, &new_termios) >= 0) {
2127 if (t != (usec_t) -1) {
2128 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0) {
2129 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
2134 k = fread(&c, 1, 1, f);
2136 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
2142 *need_nl = c != '\n';
2149 if (t != (usec_t) -1)
2150 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0)
2153 if (!fgets(line, sizeof(line), f))
2158 if (strlen(line) != 1)
2168 int ask(char *ret, const char *replies, const char *text, ...) {
2175 on_tty = isatty(STDOUT_FILENO);
2181 bool need_nl = true;
2184 fputs(ANSI_HIGHLIGHT_ON, stdout);
2191 fputs(ANSI_HIGHLIGHT_OFF, stdout);
2195 r = read_one_char(stdin, &c, (usec_t) -1, &need_nl);
2198 if (r == -EBADMSG) {
2199 puts("Bad input, please try again.");
2210 if (strchr(replies, c)) {
2215 puts("Read unexpected character, please try again.");
2219 int reset_terminal_fd(int fd, bool switch_to_text) {
2220 struct termios termios;
2223 /* Set terminal to some sane defaults */
2227 /* We leave locked terminal attributes untouched, so that
2228 * Plymouth may set whatever it wants to set, and we don't
2229 * interfere with that. */
2231 /* Disable exclusive mode, just in case */
2232 ioctl(fd, TIOCNXCL);
2234 /* Switch to text mode */
2236 ioctl(fd, KDSETMODE, KD_TEXT);
2238 /* Enable console unicode mode */
2239 ioctl(fd, KDSKBMODE, K_UNICODE);
2241 if (tcgetattr(fd, &termios) < 0) {
2246 /* We only reset the stuff that matters to the software. How
2247 * hardware is set up we don't touch assuming that somebody
2248 * else will do that for us */
2250 termios.c_iflag &= ~(IGNBRK | BRKINT | ISTRIP | INLCR | IGNCR | IUCLC);
2251 termios.c_iflag |= ICRNL | IMAXBEL | IUTF8;
2252 termios.c_oflag |= ONLCR;
2253 termios.c_cflag |= CREAD;
2254 termios.c_lflag = ISIG | ICANON | IEXTEN | ECHO | ECHOE | ECHOK | ECHOCTL | ECHOPRT | ECHOKE;
2256 termios.c_cc[VINTR] = 03; /* ^C */
2257 termios.c_cc[VQUIT] = 034; /* ^\ */
2258 termios.c_cc[VERASE] = 0177;
2259 termios.c_cc[VKILL] = 025; /* ^X */
2260 termios.c_cc[VEOF] = 04; /* ^D */
2261 termios.c_cc[VSTART] = 021; /* ^Q */
2262 termios.c_cc[VSTOP] = 023; /* ^S */
2263 termios.c_cc[VSUSP] = 032; /* ^Z */
2264 termios.c_cc[VLNEXT] = 026; /* ^V */
2265 termios.c_cc[VWERASE] = 027; /* ^W */
2266 termios.c_cc[VREPRINT] = 022; /* ^R */
2267 termios.c_cc[VEOL] = 0;
2268 termios.c_cc[VEOL2] = 0;
2270 termios.c_cc[VTIME] = 0;
2271 termios.c_cc[VMIN] = 1;
2273 if (tcsetattr(fd, TCSANOW, &termios) < 0)
2277 /* Just in case, flush all crap out */
2278 tcflush(fd, TCIOFLUSH);
2283 int reset_terminal(const char *name) {
2286 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
2290 r = reset_terminal_fd(fd, true);
2291 close_nointr_nofail(fd);
2296 int open_terminal(const char *name, int mode) {
2301 * If a TTY is in the process of being closed opening it might
2302 * cause EIO. This is horribly awful, but unlikely to be
2303 * changed in the kernel. Hence we work around this problem by
2304 * retrying a couple of times.
2306 * https://bugs.launchpad.net/ubuntu/+source/linux/+bug/554172/comments/245
2310 fd = open(name, mode);
2317 /* Max 1s in total */
2321 usleep(50 * USEC_PER_MSEC);
2330 close_nointr_nofail(fd);
2335 close_nointr_nofail(fd);
2342 int flush_fd(int fd) {
2343 struct pollfd pollfd;
2347 pollfd.events = POLLIN;
2354 if ((r = poll(&pollfd, 1, 0)) < 0) {
2365 if ((l = read(fd, buf, sizeof(buf))) < 0) {
2370 if (errno == EAGAIN)
2381 int acquire_terminal(
2385 bool ignore_tiocstty_eperm,
2388 int fd = -1, notify = -1, r, wd = -1;
2393 /* We use inotify to be notified when the tty is closed. We
2394 * create the watch before checking if we can actually acquire
2395 * it, so that we don't lose any event.
2397 * Note: strictly speaking this actually watches for the
2398 * device being closed, it does *not* really watch whether a
2399 * tty loses its controlling process. However, unless some
2400 * rogue process uses TIOCNOTTY on /dev/tty *after* closing
2401 * its tty otherwise this will not become a problem. As long
2402 * as the administrator makes sure not configure any service
2403 * on the same tty as an untrusted user this should not be a
2404 * problem. (Which he probably should not do anyway.) */
2406 if (timeout != (usec_t) -1)
2407 ts = now(CLOCK_MONOTONIC);
2409 if (!fail && !force) {
2410 notify = inotify_init1(IN_CLOEXEC | (timeout != (usec_t) -1 ? IN_NONBLOCK : 0));
2416 wd = inotify_add_watch(notify, name, IN_CLOSE);
2425 r = flush_fd(notify);
2430 /* We pass here O_NOCTTY only so that we can check the return
2431 * value TIOCSCTTY and have a reliable way to figure out if we
2432 * successfully became the controlling process of the tty */
2433 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
2437 /* First, try to get the tty */
2438 r = ioctl(fd, TIOCSCTTY, force);
2440 /* Sometimes it makes sense to ignore TIOCSCTTY
2441 * returning EPERM, i.e. when very likely we already
2442 * are have this controlling terminal. */
2443 if (r < 0 && errno == EPERM && ignore_tiocstty_eperm)
2446 if (r < 0 && (force || fail || errno != EPERM)) {
2456 assert(notify >= 0);
2459 uint8_t inotify_buffer[sizeof(struct inotify_event) + FILENAME_MAX];
2461 struct inotify_event *e;
2463 if (timeout != (usec_t) -1) {
2466 n = now(CLOCK_MONOTONIC);
2467 if (ts + timeout < n) {
2472 r = fd_wait_for_event(fd, POLLIN, ts + timeout - n);
2482 l = read(notify, inotify_buffer, sizeof(inotify_buffer));
2485 if (errno == EINTR || errno == EAGAIN)
2492 e = (struct inotify_event*) inotify_buffer;
2497 if (e->wd != wd || !(e->mask & IN_CLOSE)) {
2502 step = sizeof(struct inotify_event) + e->len;
2503 assert(step <= (size_t) l);
2505 e = (struct inotify_event*) ((uint8_t*) e + step);
2512 /* We close the tty fd here since if the old session
2513 * ended our handle will be dead. It's important that
2514 * we do this after sleeping, so that we don't enter
2515 * an endless loop. */
2516 close_nointr_nofail(fd);
2520 close_nointr_nofail(notify);
2522 r = reset_terminal_fd(fd, true);
2524 log_warning("Failed to reset terminal: %s", strerror(-r));
2530 close_nointr_nofail(fd);
2533 close_nointr_nofail(notify);
2538 int release_terminal(void) {
2540 struct sigaction sa_old, sa_new;
2542 if ((fd = open("/dev/tty", O_RDWR|O_NOCTTY|O_NDELAY|O_CLOEXEC)) < 0)
2545 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
2546 * by our own TIOCNOTTY */
2549 sa_new.sa_handler = SIG_IGN;
2550 sa_new.sa_flags = SA_RESTART;
2551 assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0);
2553 if (ioctl(fd, TIOCNOTTY) < 0)
2556 assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0);
2558 close_nointr_nofail(fd);
2562 int sigaction_many(const struct sigaction *sa, ...) {
2567 while ((sig = va_arg(ap, int)) > 0)
2568 if (sigaction(sig, sa, NULL) < 0)
2575 int ignore_signals(int sig, ...) {
2576 struct sigaction sa;
2581 sa.sa_handler = SIG_IGN;
2582 sa.sa_flags = SA_RESTART;
2584 if (sigaction(sig, &sa, NULL) < 0)
2588 while ((sig = va_arg(ap, int)) > 0)
2589 if (sigaction(sig, &sa, NULL) < 0)
2596 int default_signals(int sig, ...) {
2597 struct sigaction sa;
2602 sa.sa_handler = SIG_DFL;
2603 sa.sa_flags = SA_RESTART;
2605 if (sigaction(sig, &sa, NULL) < 0)
2609 while ((sig = va_arg(ap, int)) > 0)
2610 if (sigaction(sig, &sa, NULL) < 0)
2617 int close_pipe(int p[]) {
2623 a = close_nointr(p[0]);
2628 b = close_nointr(p[1]);
2632 return a < 0 ? a : b;
2635 ssize_t loop_read(int fd, void *buf, size_t nbytes, bool do_poll) {
2644 while (nbytes > 0) {
2647 if ((k = read(fd, p, nbytes)) <= 0) {
2649 if (k < 0 && errno == EINTR)
2652 if (k < 0 && errno == EAGAIN && do_poll) {
2653 struct pollfd pollfd;
2657 pollfd.events = POLLIN;
2659 if (poll(&pollfd, 1, -1) < 0) {
2663 return n > 0 ? n : -errno;
2666 if (pollfd.revents != POLLIN)
2667 return n > 0 ? n : -EIO;
2672 return n > 0 ? n : (k < 0 ? -errno : 0);
2683 ssize_t loop_write(int fd, const void *buf, size_t nbytes, bool do_poll) {
2692 while (nbytes > 0) {
2695 k = write(fd, p, nbytes);
2698 if (k < 0 && errno == EINTR)
2701 if (k < 0 && errno == EAGAIN && do_poll) {
2702 struct pollfd pollfd;
2706 pollfd.events = POLLOUT;
2708 if (poll(&pollfd, 1, -1) < 0) {
2712 return n > 0 ? n : -errno;
2715 if (pollfd.revents != POLLOUT)
2716 return n > 0 ? n : -EIO;
2721 return n > 0 ? n : (k < 0 ? -errno : 0);
2732 int parse_usec(const char *t, usec_t *usec) {
2733 static const struct {
2737 { "sec", USEC_PER_SEC },
2738 { "s", USEC_PER_SEC },
2739 { "min", USEC_PER_MINUTE },
2740 { "hr", USEC_PER_HOUR },
2741 { "h", USEC_PER_HOUR },
2742 { "d", USEC_PER_DAY },
2743 { "w", USEC_PER_WEEK },
2744 { "msec", USEC_PER_MSEC },
2745 { "ms", USEC_PER_MSEC },
2746 { "m", USEC_PER_MINUTE },
2749 { "", USEC_PER_SEC }, /* default is sec */
2765 l = strtoll(p, &e, 10);
2776 e += strspn(e, WHITESPACE);
2778 for (i = 0; i < ELEMENTSOF(table); i++)
2779 if (startswith(e, table[i].suffix)) {
2780 r += (usec_t) l * table[i].usec;
2781 p = e + strlen(table[i].suffix);
2785 if (i >= ELEMENTSOF(table))
2795 int parse_nsec(const char *t, nsec_t *nsec) {
2796 static const struct {
2800 { "sec", NSEC_PER_SEC },
2801 { "s", NSEC_PER_SEC },
2802 { "min", NSEC_PER_MINUTE },
2803 { "hr", NSEC_PER_HOUR },
2804 { "h", NSEC_PER_HOUR },
2805 { "d", NSEC_PER_DAY },
2806 { "w", NSEC_PER_WEEK },
2807 { "msec", NSEC_PER_MSEC },
2808 { "ms", NSEC_PER_MSEC },
2809 { "m", NSEC_PER_MINUTE },
2810 { "usec", NSEC_PER_USEC },
2811 { "us", NSEC_PER_USEC },
2814 { "", 1ULL }, /* default is nsec */
2830 l = strtoll(p, &e, 10);
2841 e += strspn(e, WHITESPACE);
2843 for (i = 0; i < ELEMENTSOF(table); i++)
2844 if (startswith(e, table[i].suffix)) {
2845 r += (nsec_t) l * table[i].nsec;
2846 p = e + strlen(table[i].suffix);
2850 if (i >= ELEMENTSOF(table))
2860 int parse_bytes(const char *t, off_t *bytes) {
2861 static const struct {
2867 { "M", 1024ULL*1024ULL },
2868 { "G", 1024ULL*1024ULL*1024ULL },
2869 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
2870 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2871 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2888 l = strtoll(p, &e, 10);
2899 e += strspn(e, WHITESPACE);
2901 for (i = 0; i < ELEMENTSOF(table); i++)
2902 if (startswith(e, table[i].suffix)) {
2903 r += (off_t) l * table[i].factor;
2904 p = e + strlen(table[i].suffix);
2908 if (i >= ELEMENTSOF(table))
2918 int make_stdio(int fd) {
2923 r = dup2(fd, STDIN_FILENO);
2924 s = dup2(fd, STDOUT_FILENO);
2925 t = dup2(fd, STDERR_FILENO);
2928 close_nointr_nofail(fd);
2930 if (r < 0 || s < 0 || t < 0)
2933 fd_cloexec(STDIN_FILENO, false);
2934 fd_cloexec(STDOUT_FILENO, false);
2935 fd_cloexec(STDERR_FILENO, false);
2940 int make_null_stdio(void) {
2943 if ((null_fd = open("/dev/null", O_RDWR|O_NOCTTY)) < 0)
2946 return make_stdio(null_fd);
2949 bool is_device_path(const char *path) {
2951 /* Returns true on paths that refer to a device, either in
2952 * sysfs or in /dev */
2955 path_startswith(path, "/dev/") ||
2956 path_startswith(path, "/sys/");
2959 int dir_is_empty(const char *path) {
2962 struct dirent buf, *de;
2964 if (!(d = opendir(path)))
2968 if ((r = readdir_r(d, &buf, &de)) > 0) {
2978 if (!ignore_file(de->d_name)) {
2988 unsigned long long random_ull(void) {
2993 if ((fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY)) < 0)
2996 r = loop_read(fd, &ull, sizeof(ull), true);
2997 close_nointr_nofail(fd);
2999 if (r != sizeof(ull))
3005 return random() * RAND_MAX + random();
3008 void rename_process(const char name[8]) {
3011 /* This is a like a poor man's setproctitle(). It changes the
3012 * comm field, argv[0], and also the glibc's internally used
3013 * name of the process. For the first one a limit of 16 chars
3014 * applies, to the second one usually one of 10 (i.e. length
3015 * of "/sbin/init"), to the third one one of 7 (i.e. length of
3016 * "systemd"). If you pass a longer string it will be
3019 prctl(PR_SET_NAME, name);
3021 if (program_invocation_name)
3022 strncpy(program_invocation_name, name, strlen(program_invocation_name));
3024 if (saved_argc > 0) {
3028 strncpy(saved_argv[0], name, strlen(saved_argv[0]));
3030 for (i = 1; i < saved_argc; i++) {
3034 memset(saved_argv[i], 0, strlen(saved_argv[i]));
3039 void sigset_add_many(sigset_t *ss, ...) {
3046 while ((sig = va_arg(ap, int)) > 0)
3047 assert_se(sigaddset(ss, sig) == 0);
3051 char* gethostname_malloc(void) {
3054 assert_se(uname(&u) >= 0);
3056 if (!isempty(u.nodename) && !streq(u.nodename, "(none)"))
3057 return strdup(u.nodename);
3059 return strdup(u.sysname);
3062 bool hostname_is_set(void) {
3065 assert_se(uname(&u) >= 0);
3067 return !isempty(u.nodename) && !streq(u.nodename, "(none)");
3070 char* getlogname_malloc(void) {
3074 struct passwd pwbuf, *pw = NULL;
3077 if (isatty(STDIN_FILENO) && fstat(STDIN_FILENO, &st) >= 0)
3082 /* Shortcut things to avoid NSS lookups */
3084 return strdup("root");
3086 if ((bufsize = sysconf(_SC_GETPW_R_SIZE_MAX)) <= 0)
3089 if (!(buf = malloc(bufsize)))
3092 if (getpwuid_r(uid, &pwbuf, buf, bufsize, &pw) == 0 && pw) {
3093 name = strdup(pw->pw_name);
3100 if (asprintf(&name, "%lu", (unsigned long) uid) < 0)
3106 int getttyname_malloc(int fd, char **r) {
3107 char path[PATH_MAX], *c;
3112 if ((k = ttyname_r(fd, path, sizeof(path))) != 0)
3117 if (!(c = strdup(startswith(path, "/dev/") ? path + 5 : path)))
3124 int getttyname_harder(int fd, char **r) {
3128 if ((k = getttyname_malloc(fd, &s)) < 0)
3131 if (streq(s, "tty")) {
3133 return get_ctty(0, NULL, r);
3140 int get_ctty_devnr(pid_t pid, dev_t *d) {
3142 char line[LINE_MAX], *p, *fn;
3143 unsigned long ttynr;
3146 if (asprintf(&fn, "/proc/%lu/stat", (unsigned long) (pid <= 0 ? getpid() : pid)) < 0)
3149 f = fopen(fn, "re");
3154 if (!fgets(line, sizeof(line), f)) {
3155 k = feof(f) ? -EIO : -errno;
3162 p = strrchr(line, ')');
3172 "%*d " /* session */
3181 int get_ctty(pid_t pid, dev_t *_devnr, char **r) {
3183 char fn[PATH_MAX], *s, *b, *p;
3188 k = get_ctty_devnr(pid, &devnr);
3192 snprintf(fn, sizeof(fn), "/dev/char/%u:%u", major(devnr), minor(devnr));
3195 if ((k = readlink_malloc(fn, &s)) < 0) {
3200 /* This is an ugly hack */
3201 if (major(devnr) == 136) {
3202 if (asprintf(&b, "pts/%lu", (unsigned long) minor(devnr)) < 0)
3212 /* Probably something like the ptys which have no
3213 * symlink in /dev/char. Let's return something
3214 * vaguely useful. */
3216 if (!(b = strdup(fn + 5)))
3226 if (startswith(s, "/dev/"))
3228 else if (startswith(s, "../"))
3246 int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
3252 /* This returns the first error we run into, but nevertheless
3253 * tries to go on. This closes the passed fd. */
3257 close_nointr_nofail(fd);
3259 return errno == ENOENT ? 0 : -errno;
3263 struct dirent buf, *de;
3264 bool is_dir, keep_around;
3268 r = readdir_r(d, &buf, &de);
3269 if (r != 0 && ret == 0) {
3277 if (streq(de->d_name, ".") || streq(de->d_name, ".."))
3280 if (de->d_type == DT_UNKNOWN ||
3282 (de->d_type == DT_DIR && root_dev)) {
3283 if (fstatat(fd, de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
3284 if (ret == 0 && errno != ENOENT)
3289 is_dir = S_ISDIR(st.st_mode);
3292 (st.st_uid == 0 || st.st_uid == getuid()) &&
3293 (st.st_mode & S_ISVTX);
3295 is_dir = de->d_type == DT_DIR;
3296 keep_around = false;
3302 /* if root_dev is set, remove subdirectories only, if device is same as dir */
3303 if (root_dev && st.st_dev != root_dev->st_dev)
3306 subdir_fd = openat(fd, de->d_name,
3307 O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
3308 if (subdir_fd < 0) {
3309 if (ret == 0 && errno != ENOENT)
3314 r = rm_rf_children(subdir_fd, only_dirs, honour_sticky, root_dev);
3315 if (r < 0 && ret == 0)
3319 if (unlinkat(fd, de->d_name, AT_REMOVEDIR) < 0) {
3320 if (ret == 0 && errno != ENOENT)
3324 } else if (!only_dirs && !keep_around) {
3326 if (unlinkat(fd, de->d_name, 0) < 0) {
3327 if (ret == 0 && errno != ENOENT)
3338 int rm_rf(const char *path, bool only_dirs, bool delete_root, bool honour_sticky) {
3345 assert(!streq(path, "/"));
3347 fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
3350 if (errno != ENOTDIR)
3353 if (delete_root && !only_dirs)
3354 if (unlink(path) < 0 && errno != ENOENT)
3360 r = rm_rf_children(fd, only_dirs, honour_sticky, NULL);
3364 if (honour_sticky && file_is_priv_sticky(path) > 0)
3367 if (rmdir(path) < 0 && errno != ENOENT) {
3376 int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid) {
3379 /* Under the assumption that we are running privileged we
3380 * first change the access mode and only then hand out
3381 * ownership to avoid a window where access is too open. */
3383 if (mode != (mode_t) -1)
3384 if (chmod(path, mode) < 0)
3387 if (uid != (uid_t) -1 || gid != (gid_t) -1)
3388 if (chown(path, uid, gid) < 0)
3394 int fchmod_and_fchown(int fd, mode_t mode, uid_t uid, gid_t gid) {
3397 /* Under the assumption that we are running privileged we
3398 * first change the access mode and only then hand out
3399 * ownership to avoid a window where access is too open. */
~ianmdlvl / elogind.git / blob