X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fcore%2Fexecute.c;h=f7353579e9ff4fa517c8d3e19ed1ace52618b7dd;hp=18e25fa6e69dd14ad7cf3dae0dde69b53da3195c;hb=e62d8c3944745ed276e6d4f33153009860e5cfc5;hpb=c17ec25e4d9bd6c8e8617416f813e25b2ebbafc5

diff --git a/src/core/execute.c b/src/core/execute.c
index 18e25fa6e..f7353579e 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -40,6 +40,7 @@
 #include <sys/poll.h>
 #include <linux/seccomp-bpf.h>
 #include <glob.h>
+#include <libgen.h>
 
 #ifdef HAVE_PAM
 #include <security/pam_appl.h>
@@ -670,9 +671,9 @@ static int enforce_user(const ExecContext *context, uid_t uid) {
 
                 /* First step: If we need to keep capabilities but
                  * drop privileges we need to make sure we keep our
-                 * caps, whiel we drop privileges. */
+                 * caps, while we drop privileges. */
                 if (uid != 0) {
-                        int sb = context->secure_bits|SECURE_KEEP_CAPS;
+                        int sb = context->secure_bits | 1<<SECURE_KEEP_CAPS;
 
                         if (prctl(PR_GET_SECUREBITS) != sb)
                                 if (prctl(PR_SET_SECUREBITS, sb) < 0)
@@ -1214,8 +1215,12 @@ int exec_spawn(ExecCommand *command,
                         zero(param);
                         param.sched_priority = context->cpu_sched_priority;
 
-                        if (sched_setscheduler(0, context->cpu_sched_policy |
-                                               (context->cpu_sched_reset_on_fork ? SCHED_RESET_ON_FORK : 0), &param) < 0) {
+                        r = sched_setscheduler(0,
+                                               context->cpu_sched_policy |
+                                               (context->cpu_sched_reset_on_fork ?
+                                                SCHED_RESET_ON_FORK : 0),
+                                               &param);
+                        if (r < 0) {
                                 err = -errno;
                                 r = EXIT_SETSCHEDULER;
                                 goto fail_child;
@@ -1436,7 +1441,8 @@ int exec_spawn(ExecCommand *command,
                         }
                 }
 
-                if (!(our_env = new0(char*, 7))) {
+                our_env = new0(char*, 7);
+                if (!our_env) {
                         err = -ENOMEM;
                         r = EXIT_MEMORY;
                         goto fail_child;
@@ -1476,20 +1482,21 @@ int exec_spawn(ExecCommand *command,
 
                 assert(n_env <= 7);
 
-                if (!(final_env = strv_env_merge(
-                                      5,
-                                      environment,
-                                      our_env,
-                                      context->environment,
-                                      files_env,
-                                      pam_env,
-                                      NULL))) {
+                final_env = strv_env_merge(5,
+                                           environment,
+                                           our_env,
+                                           context->environment,
+                                           files_env,
+                                           pam_env,
+                                           NULL);
+                if (!final_env) {
                         err = -ENOMEM;
                         r = EXIT_MEMORY;
                         goto fail_child;
                 }
 
-                if (!(final_argv = replace_env_argv(argv, final_env))) {
+                final_argv = replace_env_argv(argv, final_env);
+                if (!final_argv) {
                         err = -ENOMEM;
                         r = EXIT_MEMORY;
                         goto fail_child;
@@ -1518,10 +1525,10 @@ int exec_spawn(ExecCommand *command,
         }
 
         log_struct_unit(LOG_DEBUG,
-                   unit_id,
-                   "MESSAGE=Forked %s as %lu",
-                          command->path, (unsigned long) pid,
-                   NULL);
+                        unit_id,
+                        "MESSAGE=Forked %s as %lu",
+                        command->path, (unsigned long) pid,
+                        NULL);
 
         /* We add the new process to the cgroup both in the child (so
          * that we can be sure that no user code is ever executed
@@ -1551,19 +1558,31 @@ void exec_context_init(ExecContext *c) {
 }
 
 void exec_context_tmp_dirs_done(ExecContext *c) {
-        assert(c);
+        char* dirs[] = {c->tmp_dir ? c->tmp_dir : c->var_tmp_dir,
+                        c->tmp_dir ? c->var_tmp_dir : NULL,
+                        NULL};
+        char **dirp;
 
-        if (c->tmp_dir) {
-                rm_rf_dangerous(c->tmp_dir, false, true, false);
-                free(c->tmp_dir);
-                c->tmp_dir = NULL;
-        }
+        for(dirp = dirs; *dirp; dirp++) {
+                char *dir;
+                int r;
 
-        if (c->var_tmp_dir) {
-                rm_rf_dangerous(c->var_tmp_dir, false, true, false);
-                free(c->var_tmp_dir);
-                c->var_tmp_dir = NULL;
+                r = rm_rf_dangerous(*dirp, false, true, false);
+                dir = dirname(*dirp);
+                if (r < 0)
+                        log_warning("Failed to remove content of temporary directory %s: %s",
+                                    dir, strerror(-r));
+                else {
+                        r = rmdir(dir);
+                        if (r < 0)
+                                log_warning("Failed to remove  temporary directory %s: %s",
+                                            dir, strerror(-r));
+                }
+
+                free(*dirp);
         }
+
+        c->tmp_dir = c->var_tmp_dir = NULL;
 }
 
 void exec_context_done(ExecContext *c, bool reloading_or_reexecuting) {
@@ -1950,12 +1969,12 @@ void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) {
         if (c->secure_bits)
                 fprintf(f, "%sSecure Bits:%s%s%s%s%s%s\n",
                         prefix,
-                        (c->secure_bits & SECURE_KEEP_CAPS) ? " keep-caps" : "",
-                        (c->secure_bits & SECURE_KEEP_CAPS_LOCKED) ? " keep-caps-locked" : "",
-                        (c->secure_bits & SECURE_NO_SETUID_FIXUP) ? " no-setuid-fixup" : "",
-                        (c->secure_bits & SECURE_NO_SETUID_FIXUP_LOCKED) ? " no-setuid-fixup-locked" : "",
-                        (c->secure_bits & SECURE_NOROOT) ? " noroot" : "",
-                        (c->secure_bits & SECURE_NOROOT_LOCKED) ? "noroot-locked" : "");
+                        (c->secure_bits & 1<<SECURE_KEEP_CAPS) ? " keep-caps" : "",
+                        (c->secure_bits & 1<<SECURE_KEEP_CAPS_LOCKED) ? " keep-caps-locked" : "",
+                        (c->secure_bits & 1<<SECURE_NO_SETUID_FIXUP) ? " no-setuid-fixup" : "",
+                        (c->secure_bits & 1<<SECURE_NO_SETUID_FIXUP_LOCKED) ? " no-setuid-fixup-locked" : "",
+                        (c->secure_bits & 1<<SECURE_NOROOT) ? " noroot" : "",
+                        (c->secure_bits & 1<<SECURE_NOROOT_LOCKED) ? "noroot-locked" : "");
 
         if (c->capability_bounding_set_drop) {
                 unsigned long l;