X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Futil.c;h=0b0063ee0e6078a48cdec42f053be97c42a7742a;hp=ec5c7ca91aacbb19c807015c402fc5baed38cba1;hb=888c6216ca9239be260fd832f900b9fcd784f806;hpb=6319292f15478f763777738c9a98faa99ae819c1 diff --git a/src/util.c b/src/util.c index ec5c7ca91..0b0063ee0 100644 --- a/src/util.c +++ b/src/util.c @@ -1,4 +1,4 @@ -/*-*- Mode: C; c-basic-offset: 8 -*-*/ +/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ /*** This file is part of systemd. @@ -48,6 +48,7 @@ #include #include #include +#include #include "macro.h" #include "util.h" @@ -55,261 +56,7 @@ #include "missing.h" #include "log.h" #include "strv.h" - -#ifdef HAVE_SELINUX -#include -#include - -static struct selabel_handle *label_hnd = NULL; - -static inline int use_selinux(void) { - static int use_selinux_ind = -1; - - if (use_selinux_ind == -1) - use_selinux_ind = (is_selinux_enabled() == 1); - - return use_selinux_ind; -} - -static int label_get_file_label_from_path( - const char *label, - const char *path, - const char *class, - security_context_t *fcon) { - - security_context_t dir_con = NULL; - security_class_t sclass; - int r = 0; - - r = getfilecon(path, &dir_con); - if (r >= 0) { - r = -1; - if ((sclass = string_to_security_class(class)) != 0) - r = security_compute_create((security_context_t) label, dir_con, sclass, fcon); - } - if (r < 0) - r = -errno; - - freecon(dir_con); - return r; -} - -#endif - -int label_init(void) { - int r = 0; - -#ifdef HAVE_SELINUX - - if (!use_selinux()) - return 0; - - label_hnd = selabel_open(SELABEL_CTX_FILE, NULL, 0); - if (!label_hnd) { - log_full(security_getenforce() == 1 ? LOG_ERR : LOG_DEBUG, - "Failed to initialize SELinux context: %m"); - r = (security_getenforce() == 1) ? -errno : 0; - } -#endif - - return r; -} - -int label_fix(const char *path) { - int r = 0; - -#ifdef HAVE_SELINUX - struct stat st; - security_context_t fcon; - - if (!use_selinux() || !label_hnd) - return 0; - - r = lstat(path, &st); - if (r == 0) { - r = selabel_lookup_raw(label_hnd, &fcon, path, st.st_mode); - - if (r == 0) { - r = setfilecon(path, fcon); - freecon(fcon); - } - } - if (r < 0) { - log_full(security_getenforce() == 1 ? LOG_ERR : LOG_DEBUG, - "Unable to fix label of %s: %m", path); - r = (security_getenforce() == 1) ? -errno : 0; - } -#endif - - return r; -} - -void label_finish(void) { - -#ifdef HAVE_SELINUX - if (use_selinux() && label_hnd) - selabel_close(label_hnd); -#endif -} - -int label_get_socket_label_from_exe(const char *exe, char **label) { - - int r = 0; - -#ifdef HAVE_SELINUX - security_context_t mycon = NULL, fcon = NULL; - security_class_t sclass; - - if (!use_selinux()) { - *label = NULL; - return 0; - } - - r = getcon(&mycon); - if (r < 0) - goto fail; - - r = getfilecon(exe, &fcon); - if (r < 0) - goto fail; - - sclass = string_to_security_class("process"); - r = security_compute_create(mycon, fcon, sclass, (security_context_t *) label); - if (r == 0) - log_debug("SELinux Socket context for %s will be set to %s", exe, *label); - -fail: - if (r < 0 && security_getenforce() == 1) - r = -errno; - - freecon(mycon); - freecon(fcon); -#endif - - return r; -} - -int label_fifofile_set(const char *label, const char *path) { - int r = 0; - -#ifdef HAVE_SELINUX - security_context_t filecon = NULL; - - if (!use_selinux() || !label) - return 0; - - if (((r = label_get_file_label_from_path(label, path, "fifo_file", &filecon)) == 0)) { - if ((r = setfscreatecon(filecon)) < 0) { - log_error("Failed to set SELinux file context (%s) on %s: %m", label, path); - r = -errno; - } - - freecon(filecon); - } - - if (r < 0 && security_getenforce() == 0) - r = 0; -#endif - - return r; -} - -int label_socket_set(const char *label) { - -#ifdef HAVE_SELINUX - if (!use_selinux()) - return 0; - - if (setsockcreatecon((security_context_t) label) < 0) { - log_full(security_getenforce() == 1 ? LOG_ERR : LOG_DEBUG, - "Failed to set SELinux context (%s) on socket: %m", label); - - if (security_getenforce() == 1) - return -errno; - } -#endif - - return 0; -} - -void label_file_clear(void) { - -#ifdef HAVE_SELINUX - if (!use_selinux()) - return; - - setfscreatecon(NULL); -#endif -} - -void label_socket_clear(void) { - -#ifdef HAVE_SELINUX - if (!use_selinux()) - return; - - setsockcreatecon(NULL); -#endif -} - -void label_free(const char *label) { - -#ifdef HAVE_SELINUX - if (!use_selinux()) - return; - - freecon((security_context_t) label); -#endif -} - -static int label_mkdir( - const char *path, - mode_t mode) { - -#ifdef HAVE_SELINUX - int r; - security_context_t fcon = NULL; - - if (use_selinux() && label_hnd) { - if (path[0] == '/') { - r = selabel_lookup_raw(label_hnd, &fcon, path, mode); - } - else { - char *cwd = NULL; - char *newpath = NULL; - cwd = getcwd(NULL,0); - if ((! cwd) || (asprintf(&newpath, "%s/%s",cwd,path) < 0)) { - free(cwd); - return -errno; - } - r = selabel_lookup_raw(label_hnd, &fcon, newpath, mode); - free(cwd); - free(newpath); - } - - if (r == 0) - r = setfscreatecon(fcon); - - if ((r < 0) && (errno != ENOENT)) { - log_error("Failed to set security context %s for %s", fcon, path); - - if (security_getenforce() == 1) - goto finish; - } - } - r = mkdir(path, mode); - -finish: - if (use_selinux() && label_hnd) { - setfscreatecon(NULL); - freecon(fcon); - } - - return r; -#else - return mkdir(path, mode); -#endif -} +#include "label.h" bool streq_ptr(const char *a, const char *b) { @@ -1934,6 +1681,12 @@ char *format_timespan(char *buf, size_t l, usec_t t) { if (t == (usec_t) -1) return NULL; + if (t == 0) { + snprintf(p, l, "0"); + p[l-1] = 0; + return p; + } + /* The result of this function can be parsed with parse_usec */ for (i = 0; i < ELEMENTSOF(table); i++) { @@ -2740,18 +2493,6 @@ char* gethostname_malloc(void) { return strdup(u.sysname); } -int getmachineid_malloc(char **b) { - int r; - - assert(b); - - if ((r = read_one_line_file("/var/lib/dbus/machine-id", b)) < 0) - return r; - - strstrip(*b); - return 0; -} - char* getlogname_malloc(void) { uid_t uid; long bufsize; @@ -2790,11 +2531,12 @@ char* getlogname_malloc(void) { int getttyname_malloc(char **r) { char path[PATH_MAX], *p, *c; + int k; assert(r); - if (ttyname_r(STDIN_FILENO, path, sizeof(path)) < 0) - return -errno; + if ((k = ttyname_r(STDIN_FILENO, path, sizeof(path))) != 0) + return -k; char_array_0(path); @@ -3077,18 +2819,18 @@ char *replace_env(const char *format, char **env) { case VARIABLE: if (*e == '}') { - char *t; + const char *t; - if ((t = strv_env_get_with_length(env, word+2, e-word-2))) { - if (!(k = strappend(r, t))) - goto fail; + if (!(t = strv_env_get_with_length(env, word+2, e-word-2))) + t = ""; - free(r); - r = k; + if (!(k = strappend(r, t))) + goto fail; - word = e+1; - } + free(r); + r = k; + word = e+1; state = WORD; } break; @@ -3118,36 +2860,39 @@ char **replace_env_argv(char **argv, char **env) { STRV_FOREACH(i, argv) { /* If $FOO appears as single word, replace it by the split up variable */ - if ((*i)[0] == '$') { - char *e = strv_env_get(env, *i+1); + if ((*i)[0] == '$' && (*i)[1] != '{') { + char *e; + char **w, **m; + unsigned q; - if (e) { - char **w, **m; - unsigned q; + if ((e = strv_env_get(env, *i+1))) { if (!(m = strv_split_quoted(e))) { r[k] = NULL; strv_free(r); return NULL; } + } else + m = NULL; - q = strv_length(m); - l = l + q - 1; + q = strv_length(m); + l = l + q - 1; - if (!(w = realloc(r, sizeof(char*) * (l+1)))) { - r[k] = NULL; - strv_free(r); - strv_free(m); - return NULL; - } + if (!(w = realloc(r, sizeof(char*) * (l+1)))) { + r[k] = NULL; + strv_free(r); + strv_free(m); + return NULL; + } - r = w; + r = w; + if (m) { memcpy(r + k, m, q * sizeof(char*)); free(m); - - k += q; - continue; } + + k += q; + continue; } /* If ${FOO} appears as part of a word, replace it by the variable as-is */ @@ -3236,6 +2981,18 @@ char *ellipsize(const char *s, unsigned length, unsigned percent) { return r; } +int touch(const char *path) { + int fd; + + assert(path); + + if ((fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, 0666)) < 0) + return -errno; + + close_nointr_nofail(fd); + return 0; +} + static const char *const ioprio_class_table[] = { [IOPRIO_CLASS_NONE] = "none", [IOPRIO_CLASS_RT] = "realtime",