#include <sys/param.h>
#include <glob.h>
#include <fnmatch.h>
+#include <sys/capability.h>
#include "log.h"
#include "util.h"
#include "label.h"
#include "set.h"
#include "conf-files.h"
+#include "capability.h"
/* This reads all files listed in /etc/tmpfiles.d/?*.conf and creates
* them in the file system. This is intended to be used to create
"/run/tmpfiles.d",
"/usr/local/lib/tmpfiles.d",
"/usr/lib/tmpfiles.d",
+#ifdef HAVE_SPLIT_USR
+ "/lib/tmpfiles.d",
+#endif
NULL
};
sub_path = NULL;
if (asprintf(&sub_path, "%s/%s", p, dent->d_name) < 0) {
- log_error("Out of memory");
- r = -ENOMEM;
+ r = log_oom();
goto finish;
}
case CREATE_BLOCK_DEVICE:
case CREATE_CHAR_DEVICE: {
- mode_t file_type = (i->type == CREATE_BLOCK_DEVICE ? S_IFBLK : S_IFCHR);
+ mode_t file_type;
+
+ if (have_effective_cap(CAP_MKNOD) == 0) {
+ /* In a container we lack CAP_MKNOD. We
+ shouldnt attempt to create the device node in
+ that case to avoid noise, and we don't support
+ virtualized devices in containers anyway. */
+
+ log_debug("We lack CAP_MKNOD, skipping creation of device node %s.", i->path);
+ return 0;
+ }
+
+ file_type = (i->type == CREATE_BLOCK_DEVICE ? S_IFBLK : S_IFCHR);
u = umask(0);
label_context_set(i->path, file_type);
case RECURSIVE_REMOVE_PATH:
/* FIXME: we probably should use dir_cleanup() here
* instead of rm_rf() so that 'x' is honoured. */
- r = rm_rf(instance, false, i->type == RECURSIVE_REMOVE_PATH, false);
+ r = rm_rf_dangerous(instance, false, i->type == RECURSIVE_REMOVE_PATH, false);
if (r < 0 && r != -ENOENT) {
log_error("rm_rf(%s): %s", instance, strerror(-r));
return r;
assert(buffer);
i = new0(Item, 1);
- if (!i) {
- log_error("Out of memory");
- return -ENOMEM;
- }
+ if (!i)
+ return log_oom();
if (sscanf(buffer,
"%c "
n += strspn(buffer+n, WHITESPACE);
if (buffer[n] != 0 && (buffer[n] != '-' || buffer[n+1] != 0)) {
i->argument = unquote(buffer+n, "\"");
- if (!i->argument) {
- log_error("Out of memory");
- return -ENOMEM;
- }
+ if (!i->argument)
+ return log_oom();
}
}
if (user && !streq(user, "-")) {
const char *u = user;
- r = get_user_creds(&u, &i->uid, NULL, NULL);
+ r = get_user_creds(&u, &i->uid, NULL, NULL, NULL);
if (r < 0) {
log_error("[%s:%u] Unknown user '%s'.", fname, line, user);
goto finish;
return strdup(fragment);
STRV_FOREACH(p, search_paths) {
- resolved_path = join(*p, "/", fragment, NULL);
+ resolved_path = strjoin(*p, "/", fragment, NULL);
if (resolved_path == NULL) {
- log_error("Out of memory");
+ log_oom();
return NULL;
}
globs = hashmap_new(string_hash_func, string_compare_func);
if (!items || !globs) {
- log_error("Out of memory");
+ log_oom();
r = EXIT_FAILURE;
goto finish;
}