X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fupdate-done%2Fupdate-done.c;h=561963e5ebd9d534f8b05a952bacdd05cd1eec11;hp=10ba85ca924ca97ec3673dc84332ee87ddaaa07b;hb=d7b8eec7dc7fe307d3a08b32cf1a9ad4276ce6d5;hpb=8ea48dfcd33e8db0c01bf8c57c3bbcfdc3c86d4b diff --git a/src/update-done/update-done.c b/src/update-done/update-done.c index 10ba85ca9..561963e5e 100644 --- a/src/update-done/update-done.c +++ b/src/update-done/update-done.c @@ -20,6 +20,13 @@ ***/ #include "util.h" +#include "label.h" +#include "selinux-util.h" + +#define MESSAGE \ + "This file was created by systemd-update-done. Its only \n" \ + "purpose is to hold a timestamp of the time this directory\n" \ + "was updated. See systemd-update-done.service(8).\n" static int apply_timestamp(const char *path, struct timespec *ts) { struct timespec twice[2]; @@ -40,65 +47,67 @@ static int apply_timestamp(const char *path, struct timespec *ts) { if (utimensat(AT_FDCWD, path, twice, AT_SYMLINK_NOFOLLOW) < 0) { - if (errno == EROFS) { - log_debug("Can't update timestamp file %s, file system is read-only.", path); - return 0; - } + if (errno == EROFS) + return log_debug("Can't update timestamp file %s, file system is read-only.", path); - log_error("Failed to update timestamp on %s: %m", path); - return -errno; + return log_error_errno(errno, "Failed to update timestamp on %s: %m", path); } } else if (errno == ENOENT) { _cleanup_close_ int fd = -1; + int r; /* The timestamp file doesn't exist yet? Then let's create it. */ + r = mac_selinux_create_file_prepare(path, S_IFREG); + if (r < 0) + return log_error_errno(r, "Failed to set SELinux context for %s: %m", path); + fd = open(path, O_CREAT|O_EXCL|O_WRONLY|O_TRUNC|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0644); - if (fd < 0) { + mac_selinux_create_file_clear(); - if (errno == EROFS) { - log_debug("Can't create timestamp file %s, file system is read-only.", path); - return 0; - } + if (fd < 0) { + if (errno == EROFS) + return log_debug("Can't create timestamp file %s, file system is read-only.", path); - log_error("Failed to create timestamp file %s: %m", path); - return -errno; + return log_error_errno(errno, "Failed to create timestamp file %s: %m", path); } + (void) loop_write(fd, MESSAGE, strlen(MESSAGE), false); + twice[0] = *ts; twice[1] = *ts; - if (futimens(fd, twice) < 0) { - log_error("Failed to update timestamp on %s: %m", path); - return -errno; - } - } else { - log_error("Failed to stat() timestamp file %s: %m", path); - return -errno; - } + if (futimens(fd, twice) < 0) + return log_error_errno(errno, "Failed to update timestamp on %s: %m", path); + } else + log_error_errno(errno, "Failed to stat() timestamp file %s: %m", path); return 0; } int main(int argc, char *argv[]) { struct stat st; - int r, q; + int r, q = 0; log_set_target(LOG_TARGET_AUTO); log_parse_environment(); log_open(); if (stat("/usr", &st) < 0) { - log_error("Failed to stat /usr: %m"); + log_error_errno(errno, "Failed to stat /usr: %m"); return EXIT_FAILURE; } - r = apply_timestamp("/etc/.updated", &st.st_mtim); + r = mac_selinux_init(NULL); + if (r < 0) { + log_error_errno(r, "SELinux setup failed: %m"); + goto finish; + } + r = apply_timestamp("/etc/.updated", &st.st_mtim); q = apply_timestamp("/var/.updated", &st.st_mtim); - if (q < 0 && r == 0) - r = q; - return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; +finish: + return r < 0 || q < 0 ? EXIT_FAILURE : EXIT_SUCCESS; }