X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fshared%2Futil.c;h=e1a11684565f4bc8780422af492238271a988fa1;hp=945f1525a266d73e70b4b188d3aac2da0bf27792;hb=e0333c7314e89c0bc268bd20c5e247a7c907ab34;hpb=7d5dd5e0cf2f0f2af39d72b1ee65651731bf0129 diff --git a/src/shared/util.c b/src/shared/util.c index 945f1525a..e1a116845 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -58,6 +58,7 @@ #include #include #include +#include #include #undef basename @@ -82,6 +83,7 @@ #include "gunicode.h" #include "virt.h" #include "def.h" +#include "missing.h" int saved_argc = 0; char **saved_argv = NULL; @@ -513,6 +515,31 @@ char *truncate_nl(char *s) { return s; } +int get_process_state(pid_t pid) { + const char *p; + char state; + int r; + _cleanup_free_ char *line = NULL; + + assert(pid >= 0); + + p = procfs_file_alloca(pid, "stat"); + r = read_one_line_file(p, &line); + if (r < 0) + return r; + + p = strrchr(line, ')'); + if (!p) + return -EIO; + + p++; + + if (sscanf(p, " %c", &state) != 1) + return -EIO; + + return (unsigned char) state; +} + int get_process_comm(pid_t pid, char **name) { const char *p; int r; @@ -761,28 +788,31 @@ char *strappend(const char *s, const char *suffix) { return strnappend(s, suffix, suffix ? strlen(suffix) : 0); } -int readlink_malloc(const char *p, char **r) { +int readlink_malloc(const char *p, char **ret) { size_t l = 100; + int r; assert(p); - assert(r); + assert(ret); for (;;) { char *c; ssize_t n; - if (!(c = new(char, l))) + c = new(char, l); + if (!c) return -ENOMEM; - if ((n = readlink(p, c, l-1)) < 0) { - int ret = -errno; + n = readlink(p, c, l-1); + if (n < 0) { + r = -errno; free(c); - return ret; + return r; } if ((size_t) n < l-1) { c[n] = 0; - *r = c; + *ret = c; return 0; } @@ -891,16 +921,9 @@ char *delete_chars(char *s, const char *bad) { } bool in_charset(const char *s, const char* charset) { - const char *i; - assert(s); assert(charset); - - for (i = s; *i; i++) - if (!strchr(charset, *i)) - return false; - - return true; + return s[strspn(s, charset)] == '\0'; } char *file_in_same_dir(const char *path, const char *filename) { @@ -2106,30 +2129,71 @@ ssize_t loop_write(int fd, const void *buf, size_t nbytes, bool do_poll) { return n; } -int parse_bytes(const char *t, off_t *bytes) { - static const struct { +int parse_size(const char *t, off_t base, off_t *size) { + + /* Soo, sometimes we want to parse IEC binary suffxies, and + * sometimes SI decimal suffixes. This function can parse + * both. Which one is the right way depends on the + * context. Wikipedia suggests that SI is customary for + * hardrware metrics and network speeds, while IEC is + * customary for most data sizes used by software and volatile + * (RAM) memory. Hence be careful which one you pick! + * + * In either case we use just K, M, G as suffix, and not Ki, + * Mi, Gi or so (as IEC would suggest). That's because that's + * frickin' ugly. But this means you really need to make sure + * to document which base you are parsing when you use this + * call. */ + + struct table { const char *suffix; unsigned long long factor; - } table[] = { - { "B", 1 }, - { "K", 1024ULL }, - { "M", 1024ULL*1024ULL }, - { "G", 1024ULL*1024ULL*1024ULL }, - { "T", 1024ULL*1024ULL*1024ULL*1024ULL }, - { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL }, + }; + + static const struct table iec[] = { { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL }, + { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL }, + { "T", 1024ULL*1024ULL*1024ULL*1024ULL }, + { "G", 1024ULL*1024ULL*1024ULL }, + { "M", 1024ULL*1024ULL }, + { "K", 1024ULL }, + { "B", 1 }, { "", 1 }, }; + static const struct table si[] = { + { "E", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL*1000ULL }, + { "P", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL }, + { "T", 1000ULL*1000ULL*1000ULL*1000ULL }, + { "G", 1000ULL*1000ULL*1000ULL }, + { "M", 1000ULL*1000ULL }, + { "K", 1000ULL }, + { "B", 1 }, + { "", 1 }, + }; + + const struct table *table; const char *p; unsigned long long r = 0; + unsigned n_entries, start_pos = 0; assert(t); - assert(bytes); + assert(base == 1000 || base == 1024); + assert(size); + + if (base == 1000) { + table = si; + n_entries = ELEMENTSOF(si); + } else { + table = iec; + n_entries = ELEMENTSOF(iec); + } p = t; do { long long l; + unsigned long long l2; + double frac = 0; char *e; unsigned i; @@ -2145,14 +2209,32 @@ int parse_bytes(const char *t, off_t *bytes) { if (e == p) return -EINVAL; + if (*e == '.') { + e++; + if (*e >= '0' && *e <= '9') { + char *e2; + + /* strotoull itself would accept space/+/- */ + l2 = strtoull(e, &e2, 10); + + if (errno == ERANGE) + return -errno; + + /* Ignore failure. E.g. 10.M is valid */ + frac = l2; + for (; e < e2; e++) + frac /= 10; + } + } + e += strspn(e, WHITESPACE); - for (i = 0; i < ELEMENTSOF(table); i++) + for (i = start_pos; i < n_entries; i++) if (startswith(e, table[i].suffix)) { unsigned long long tmp; - if ((unsigned long long) l > ULLONG_MAX / table[i].factor) + if ((unsigned long long) l + (frac > 0) > ULLONG_MAX / table[i].factor) return -ERANGE; - tmp = l * table[i].factor; + tmp = l * table[i].factor + (unsigned long long) (frac * table[i].factor); if (tmp > ULLONG_MAX - r) return -ERANGE; @@ -2161,15 +2243,17 @@ int parse_bytes(const char *t, off_t *bytes) { return -ERANGE; p = e + strlen(table[i].suffix); + + start_pos = i + 1; break; } - if (i >= ELEMENTSOF(table)) + if (i >= n_entries) return -EINVAL; } while (*p); - *bytes = r; + *size = r; return 0; } @@ -2255,25 +2339,37 @@ char* dirname_malloc(const char *path) { return dir; } -void random_bytes(void *p, size_t n) { - static bool srand_called = false; +int dev_urandom(void *p, size_t n) { _cleanup_close_ int fd; ssize_t k; - uint8_t *q; fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY); if (fd < 0) - goto fallback; + return errno == ENOENT ? -ENOSYS : -errno; k = loop_read(fd, p, n, true); - if (k < 0 || (size_t) k != n) - goto fallback; + if (k < 0) + return (int) k; + if ((size_t) k != n) + return -EIO; + + return 0; +} + +void random_bytes(void *p, size_t n) { + static bool srand_called = false; + uint8_t *q; + int r; - return; + r = dev_urandom(p, n); + if (r >= 0) + return; -fallback: + /* If some idiot made /dev/urandom unavailable to us, he'll + * get a PRNG instead. */ if (!srand_called) { + unsigned x = 0; #ifdef HAVE_SYS_AUXV_H /* The kernel provides us with a bit of entropy in @@ -2285,16 +2381,16 @@ fallback: auxv = (void*) getauxval(AT_RANDOM); if (auxv) - srand(*(unsigned*) auxv); - else + x ^= *(unsigned*) auxv; #endif - srand(time(NULL) + gettid()); + x ^= (unsigned) now(CLOCK_REALTIME); + x ^= (unsigned) gettid(); + + srand(x); srand_called = true; } - /* If some idiot made /dev/urandom unavailable to us, he'll - * get a PRNG instead. */ for (q = p; q < (uint8_t*) p + n; q ++) *q = rand(); } @@ -2325,7 +2421,7 @@ void rename_process(const char name[8]) { if (!saved_argv[i]) break; - memset(saved_argv[i], 0, strlen(saved_argv[i])); + memzero(saved_argv[i], strlen(saved_argv[i])); } } } @@ -2485,9 +2581,11 @@ int get_ctty_devnr(pid_t pid, dev_t *d) { } int get_ctty(pid_t pid, dev_t *_devnr, char **r) { - int k; - char fn[sizeof("/dev/char/")-1 + 2*DECIMAL_STR_MAX(unsigned) + 1 + 1], *s, *b, *p; + char fn[sizeof("/dev/char/")-1 + 2*DECIMAL_STR_MAX(unsigned) + 1 + 1], *b = NULL; + _cleanup_free_ char *s = NULL; + const char *p; dev_t devnr; + int k; assert(r); @@ -2505,14 +2603,8 @@ int get_ctty(pid_t pid, dev_t *_devnr, char **r) { /* This is an ugly hack */ if (major(devnr) == 136) { - if (asprintf(&b, "pts/%lu", (unsigned long) minor(devnr)) < 0) - return -ENOMEM; - - *r = b; - if (_devnr) - *_devnr = devnr; - - return 0; + asprintf(&b, "pts/%lu", (unsigned long) minor(devnr)); + goto finish; } /* Probably something like the ptys which have no @@ -2520,14 +2612,7 @@ int get_ctty(pid_t pid, dev_t *_devnr, char **r) { * vaguely useful. */ b = strdup(fn + 5); - if (!b) - return -ENOMEM; - - *r = b; - if (_devnr) - *_devnr = devnr; - - return 0; + goto finish; } if (startswith(s, "/dev/")) @@ -2538,8 +2623,8 @@ int get_ctty(pid_t pid, dev_t *_devnr, char **r) { p = s; b = strdup(p); - free(s); +finish: if (!b) return -ENOMEM; @@ -2888,24 +2973,6 @@ int status_printf(const char *status, bool ellipse, bool ephemeral, const char * return r; } -int status_welcome(void) { - _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL; - int r; - - r = parse_env_file("/etc/os-release", NEWLINE, - "PRETTY_NAME", &pretty_name, - "ANSI_COLOR", &ansi_color, - NULL); - - if (r < 0 && r != -ENOENT) - log_warning("Failed to read /etc/os-release: %s", strerror(-r)); - - return status_printf(NULL, false, false, - "\nWelcome to \x1B[%sm%s\x1B[0m!\n", - isempty(ansi_color) ? "1" : ansi_color, - isempty(pretty_name) ? "Linux" : pretty_name); -} - char *replace_env(const char *format, char **env) { enum { WORD, @@ -3124,19 +3191,27 @@ bool on_tty(void) { return cached_on_tty; } -int running_in_chroot(void) { - struct stat a = {}, b = {}; +int files_same(const char *filea, const char *fileb) { + struct stat a, b; - /* Only works as root */ - if (stat("/proc/1/root", &a) < 0) + if (stat(filea, &a) < 0) return -errno; - if (stat("/", &b) < 0) + if (stat(fileb, &b) < 0) return -errno; - return - a.st_dev != b.st_dev || - a.st_ino != b.st_ino; + return a.st_dev == b.st_dev && + a.st_ino == b.st_ino; +} + +int running_in_chroot(void) { + int ret; + + ret = files_same("/proc/1/root", "/"); + if (ret < 0) + return ret; + + return ret == 0; } static char *ascii_ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) { @@ -3445,25 +3520,21 @@ int signal_from_string_try_harder(const char *s) { static char *tag_to_udev_node(const char *tagvalue, const char *by) { _cleanup_free_ char *t = NULL, *u = NULL; - char *dn; size_t enc_len; u = unquote(tagvalue, "\"\'"); - if (u == NULL) + if (!u) return NULL; enc_len = strlen(u) * 4 + 1; t = new(char, enc_len); - if (t == NULL) + if (!t) return NULL; if (encode_devnode_name(u, t, enc_len) < 0) return NULL; - if (asprintf(&dn, "/dev/disk/by-%s/%s", by, t) < 0) - return NULL; - - return dn; + return strjoin("/dev/disk/by-", by, "/", t, NULL); } char *fstab_node_to_udev_node(const char *p) { @@ -3610,111 +3681,123 @@ bool dirent_is_file_with_suffix(const struct dirent *de, const char *suffix) { return endswith(de->d_name, suffix); } -void execute_directory(const char *directory, DIR *d, char *argv[]) { - DIR *_d = NULL; - struct dirent *de; - Hashmap *pids = NULL; +void execute_directory(const char *directory, DIR *d, usec_t timeout, char *argv[]) { + pid_t executor_pid; + int r; assert(directory); - /* Executes all binaries in a directory in parallel and - * waits for them to finish. */ + /* Executes all binaries in a directory in parallel and waits + * for them to finish. Optionally a timeout is applied. */ - if (!d) { - if (!(_d = opendir(directory))) { + executor_pid = fork(); + if (executor_pid < 0) { + log_error("Failed to fork: %m"); + return; - if (errno == ENOENT) - return; + } else if (executor_pid == 0) { + _cleanup_hashmap_free_free_ Hashmap *pids = NULL; + _cleanup_closedir_ DIR *_d = NULL; + struct dirent *de; + sigset_t ss; - log_error("Failed to enumerate directory %s: %m", directory); - return; - } + /* We fork this all off from a child process so that + * we can somewhat cleanly make use of SIGALRM to set + * a time limit */ - d = _d; - } + reset_all_signal_handlers(); - if (!(pids = hashmap_new(trivial_hash_func, trivial_compare_func))) { - log_error("Failed to allocate set."); - goto finish; - } + assert_se(sigemptyset(&ss) == 0); + assert_se(sigprocmask(SIG_SETMASK, &ss, NULL) == 0); - while ((de = readdir(d))) { - char *path; - pid_t pid; - int k; + assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0); - if (!dirent_is_file(de)) - continue; + if (!d) { + d = _d = opendir(directory); + if (!d) { + if (errno == ENOENT) + _exit(EXIT_SUCCESS); - if (asprintf(&path, "%s/%s", directory, de->d_name) < 0) { - log_oom(); - continue; + log_error("Failed to enumerate directory %s: %m", directory); + _exit(EXIT_FAILURE); + } } - if ((pid = fork()) < 0) { - log_error("Failed to fork: %m"); - free(path); - continue; + pids = hashmap_new(NULL, NULL); + if (!pids) { + log_oom(); + _exit(EXIT_FAILURE); } - if (pid == 0) { - char *_argv[2]; - /* Child */ + FOREACH_DIRENT(de, d, break) { + _cleanup_free_ char *path = NULL; + pid_t pid; - if (!argv) { - _argv[0] = path; - _argv[1] = NULL; - argv = _argv; - } else - argv[0] = path; + if (!dirent_is_file(de)) + continue; - execv(path, argv); + if (asprintf(&path, "%s/%s", directory, de->d_name) < 0) { + log_oom(); + _exit(EXIT_FAILURE); + } - log_error("Failed to execute %s: %m", path); - _exit(EXIT_FAILURE); - } + pid = fork(); + if (pid < 0) { + log_error("Failed to fork: %m"); + continue; + } else if (pid == 0) { + char *_argv[2]; - log_debug("Spawned %s as %lu", path, (unsigned long) pid); + assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0); - if ((k = hashmap_put(pids, UINT_TO_PTR(pid), path)) < 0) { - log_error("Failed to add PID to set: %s", strerror(-k)); - free(path); - } - } + if (!argv) { + _argv[0] = path; + _argv[1] = NULL; + argv = _argv; + } else + argv[0] = path; - while (!hashmap_isempty(pids)) { - pid_t pid = PTR_TO_UINT(hashmap_first_key(pids)); - siginfo_t si = {}; - char *path; + execv(path, argv); + log_error("Failed to execute %s: %m", path); + _exit(EXIT_FAILURE); + } - if (waitid(P_PID, pid, &si, WEXITED) < 0) { - if (errno == EINTR) - continue; + log_debug("Spawned %s as " PID_FMT ".", path, pid); - log_error("waitid() failed: %m"); - goto finish; + r = hashmap_put(pids, UINT_TO_PTR(pid), path); + if (r < 0) { + log_oom(); + _exit(EXIT_FAILURE); + } + + path = NULL; } - if ((path = hashmap_remove(pids, UINT_TO_PTR(si.si_pid)))) { - if (!is_clean_exit(si.si_code, si.si_status, NULL)) { - if (si.si_code == CLD_EXITED) - log_error("%s exited with exit status %i.", path, si.si_status); - else - log_error("%s terminated by signal %s.", path, signal_to_string(si.si_status)); - } else - log_debug("%s exited successfully.", path); + /* Abort execution of this process after the + * timout. We simply rely on SIGALRM as default action + * terminating the process, and turn on alarm(). */ + + if (timeout != (usec_t) -1) + alarm((timeout + USEC_PER_SEC - 1) / USEC_PER_SEC); - free(path); + while (!hashmap_isempty(pids)) { + _cleanup_free_ char *path = NULL; + pid_t pid; + + pid = PTR_TO_UINT(hashmap_first_key(pids)); + assert(pid > 0); + + path = hashmap_remove(pids, UINT_TO_PTR(pid)); + assert(path); + + wait_for_terminate_and_warn(path, pid); } - } -finish: - if (_d) - closedir(_d); + _exit(EXIT_SUCCESS); + } - if (pids) - hashmap_free_free(pids); + wait_for_terminate_and_warn(directory, executor_pid); } int kill_and_sigcont(pid_t pid, int sig) { @@ -3823,12 +3906,13 @@ char* hostname_cleanup(char *s, bool lowercase) { } int pipe_eof(int fd) { - int r; struct pollfd pollfd = { .fd = fd, .events = POLLIN|POLLHUP, }; + int r; + r = poll(&pollfd, 1, 0); if (r < 0) return -errno; @@ -3880,7 +3964,7 @@ int fopen_temporary(const char *path, FILE **_f, char **_temp_path) { t[k] = '.'; stpcpy(stpcpy(t+k+1, fn), "XXXXXX"); - fd = mkostemp(t, O_WRONLY|O_CLOEXEC); + fd = mkostemp_safe(t, O_WRONLY|O_CLOEXEC); if (fd < 0) { free(t); return -errno; @@ -4639,7 +4723,7 @@ static const char* const sched_policy_table[] = { DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(sched_policy, int, INT_MAX); -static const char* const rlimit_table[] = { +static const char* const rlimit_table[_RLIMIT_MAX] = { [RLIMIT_CPU] = "LimitCPU", [RLIMIT_FSIZE] = "LimitFSIZE", [RLIMIT_DATA] = "LimitDATA", @@ -5597,7 +5681,7 @@ static int search_and_fopen_internal(const char *path, const char *mode, char ** assert(mode); assert(_f); - if (!path_strv_canonicalize_uniq(search)) + if (!path_strv_canonicalize_absolute_uniq(search, NULL)) return -ENOMEM; STRV_FOREACH(i, search) { @@ -5779,7 +5863,7 @@ void* greedy_realloc0(void **p, size_t *allocated, size_t need) { return NULL; if (*allocated > prev) - memset(&q[prev], 0, *allocated - prev); + memzero(&q[prev], *allocated - prev); return q; } @@ -5825,20 +5909,6 @@ bool id128_is_valid(const char *s) { return true; } -void parse_user_at_host(char *arg, char **user, char **host) { - assert(arg); - assert(user); - assert(host); - - *host = strchr(arg, '@'); - if (*host == NULL) - *host = arg; - else { - *host[0]++ = '\0'; - *user = arg; - } -} - int split_pair(const char *s, const char *sep, char **l, char **r) { char *x, *a, *b; @@ -5871,7 +5941,7 @@ int split_pair(const char *s, const char *sep, char **l, char **r) { } int shall_restore_state(void) { - _cleanup_free_ char *line; + _cleanup_free_ char *line = NULL; char *w, *state; size_t l; int r; @@ -5882,18 +5952,33 @@ int shall_restore_state(void) { if (r == 0) /* Container ... */ return 1; - FOREACH_WORD_QUOTED(w, l, line, state) - if (l == 23 && strneq(w, "systemd.restore_state=0", 23)) - return 0; + r = 1; - return 1; + FOREACH_WORD_QUOTED(w, l, line, state) { + const char *e; + char n[l+1]; + int k; + + memcpy(n, w, l); + n[l] = 0; + + e = startswith(n, "systemd.restore_state="); + if (!e) + continue; + + k = parse_boolean(e); + if (k >= 0) + r = k; + } + + return r; } int proc_cmdline(char **ret) { int r; if (detect_container(NULL) > 0) { - char *buf, *p; + char *buf = NULL, *p; size_t sz = 0; r = read_full_file("/proc/1/cmdline", &buf, &sz); @@ -5904,7 +5989,7 @@ int proc_cmdline(char **ret) { if (*p == 0) *p = ' '; - *p = 0; + *p = 0; *ret = buf; return 1; } @@ -5916,6 +6001,43 @@ int proc_cmdline(char **ret) { return 1; } +int parse_proc_cmdline(int (*parse_item)(const char *key, const char *value)) { + _cleanup_free_ char *line = NULL; + char *w, *state; + size_t l; + int r; + + assert(parse_item); + + r = proc_cmdline(&line); + if (r < 0) + log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r)); + if (r <= 0) + return 0; + + FOREACH_WORD_QUOTED(w, l, line, state) { + char word[l+1], *value; + + memcpy(word, w, l); + word[l] = 0; + + /* Filter out arguments that are intended only for the + * initrd */ + if (!in_initrd() && startswith(word, "rd.")) + continue; + + value = strchr(word, '='); + if (value) + *(value++) = 0; + + r = parse_item(word, value); + if (r < 0) + return r; + } + + return 0; +} + int container_get_leader(const char *machine, pid_t *pid) { _cleanup_free_ char *s = NULL, *class = NULL; const char *p; @@ -6007,7 +6129,9 @@ int namespace_enter(int pidns_fd, int mntns_fd, int root_fd) { return 0; } -bool pid_valid(pid_t pid) { +bool pid_is_unwaited(pid_t pid) { + /* Checks whether a PID is still valid at all, including a zombie */ + if (pid <= 0) return false; @@ -6017,6 +6141,21 @@ bool pid_valid(pid_t pid) { return errno != ESRCH; } +bool pid_is_alive(pid_t pid) { + int r; + + /* Checks whether a PID is still valid and not a zombie */ + + if (pid <= 0) + return false; + + r = get_process_state(pid); + if (r == -ENOENT || r == 'Z') + return false; + + return true; +} + int getpeercred(int fd, struct ucred *ucred) { socklen_t n = sizeof(struct ucred); struct ucred u; @@ -6080,68 +6219,137 @@ int getpeersec(int fd, char **ret) { return 0; } -int writev_safe(int fd, const struct iovec *w, int j) { - for (int i = 0; i < j; i++) { - size_t written = 0; - - while (written < w[i].iov_len) { - ssize_t r; - - r = write(fd, (char*) w[i].iov_base + written, w[i].iov_len - written); - if (r < 0 && errno != -EINTR) - return -errno; - - written += r; - } - } - - return 0; -} - +/* This is much like like mkostemp() but is subject to umask(). */ int mkostemp_safe(char *pattern, int flags) { - char *s = pattern + strlen(pattern) - 6; - uint64_t tries = TMP_MAX; - int randfd, fd, i; - - assert(streq(s, "XXXXXX")); - - randfd = open("/dev/urandom", O_RDONLY); - if (randfd < 0) - return -ENOSYS; + _cleanup_umask_ mode_t u; + int fd; - while (tries--) { - fd = read(randfd, s, 6); - if (fd == 0) - return -ENOSYS; + assert(pattern); - for (i = 0; i < 6; i++) - s[i] = ALPHANUMERICAL[(unsigned) s[i] % strlen(ALPHANUMERICAL)]; + u = umask(077); - fd = open(pattern, flags|O_EXCL|O_CREAT, S_IRUSR|S_IWUSR); - if (fd >= 0) - return fd; - if (!IN_SET(errno, EEXIST, EINTR)) - return -errno; - } + fd = mkostemp(pattern, flags); + if (fd < 0) + return -errno; - return -EEXIST; + return fd; } int open_tmpfile(const char *path, int flags) { - int fd; char *p; + int fd; + + assert(path); #ifdef O_TMPFILE + /* Try O_TMPFILE first, if it is supported */ fd = open(path, flags|O_TMPFILE, S_IRUSR|S_IWUSR); if (fd >= 0) return fd; #endif + + /* Fall back to unguessable name + unlinking */ p = strappenda(path, "/systemd-tmp-XXXXXX"); - fd = mkostemp_safe(p, O_RDWR|O_CLOEXEC); + fd = mkostemp_safe(p, flags); if (fd < 0) return fd; unlink(p); return fd; } + +int fd_warn_permissions(const char *path, int fd) { + struct stat st; + + if (fstat(fd, &st) < 0) + return -errno; + + if (st.st_mode & 0111) + log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path); + + if (st.st_mode & 0002) + log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path); + + if (getpid() == 1 && (st.st_mode & 0044) != 0044) + log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path); + + return 0; +} + +unsigned long personality_from_string(const char *p) { + + /* Parse a personality specifier. We introduce our own + * identifiers that indicate specific ABIs, rather than just + * hints regarding the register size, since we want to keep + * things open for multiple locally supported ABIs for the + * same register size. We try to reuse the ABI identifiers + * used by libseccomp. */ + +#if defined(__x86_64__) + + if (streq(p, "x86")) + return PER_LINUX32; + + if (streq(p, "x86-64")) + return PER_LINUX; + +#elif defined(__i386__) + + if (streq(p, "x86")) + return PER_LINUX; +#endif + + /* personality(7) documents that 0xffffffffUL is used for + * querying the current personality, hence let's use that here + * as error indicator. */ + return 0xffffffffUL; +} + +const char* personality_to_string(unsigned long p) { + +#if defined(__x86_64__) + + if (p == PER_LINUX32) + return "x86"; + + if (p == PER_LINUX) + return "x86-64"; + +#elif defined(__i386__) + + if (p == PER_LINUX) + return "x86"; +#endif + + return NULL; +} + +uint64_t physical_memory(void) { + long mem; + + /* We return this as uint64_t in case we are running as 32bit + * process on a 64bit kernel with huge amounts of memory */ + + mem = sysconf(_SC_PHYS_PAGES); + assert(mem > 0); + + return (uint64_t) mem * (uint64_t) page_size(); +} + +char* mount_test_option(const char *haystack, const char *needle) { + + struct mntent me = { + .mnt_opts = (char*) haystack + }; + + assert(needle); + + /* Like glibc's hasmntopt(), but works on a string, not a + * struct mntent */ + + if (!haystack) + return NULL; + + return hasmntopt(&me, needle); +}