#include <sys/param.h>
#include <glob.h>
#include <fnmatch.h>
+#include <sys/capability.h>
#include "log.h"
#include "util.h"
#include "label.h"
#include "set.h"
#include "conf-files.h"
+#include "capability.h"
/* This reads all files listed in /etc/tmpfiles.d/?*.conf and creates
* them in the file system. This is intended to be used to create
sub_path = NULL;
if (asprintf(&sub_path, "%s/%s", p, dent->d_name) < 0) {
- log_error("Out of memory.");
- r = -ENOMEM;
+ r = log_oom();
goto finish;
}
case CREATE_BLOCK_DEVICE:
case CREATE_CHAR_DEVICE: {
- mode_t file_type = (i->type == CREATE_BLOCK_DEVICE ? S_IFBLK : S_IFCHR);
+ mode_t file_type;
+
+ if (have_effective_cap(CAP_MKNOD) == 0) {
+ /* In a container we lack CAP_MKNOD. We
+ shouldnt attempt to create the device node in
+ that case to avoid noise, and we don't support
+ virtualized devices in containers anyway. */
+
+ log_debug("We lack CAP_MKNOD, skipping creation of device node %s.", i->path);
+ return 0;
+ }
+
+ file_type = (i->type == CREATE_BLOCK_DEVICE ? S_IFBLK : S_IFCHR);
u = umask(0);
label_context_set(i->path, file_type);
assert(buffer);
i = new0(Item, 1);
- if (!i) {
- log_error("Out of memory.");
- return -ENOMEM;
- }
+ if (!i)
+ return log_oom();
if (sscanf(buffer,
"%c "
n += strspn(buffer+n, WHITESPACE);
if (buffer[n] != 0 && (buffer[n] != '-' || buffer[n+1] != 0)) {
i->argument = unquote(buffer+n, "\"");
- if (!i->argument) {
- log_error("Out of memory.");
- return -ENOMEM;
- }
+ if (!i->argument)
+ return log_oom();
}
}
STRV_FOREACH(p, search_paths) {
resolved_path = strjoin(*p, "/", fragment, NULL);
if (resolved_path == NULL) {
- log_error("Out of memory.");
+ log_oom();
return NULL;
}
globs = hashmap_new(string_hash_func, string_compare_func);
if (!items || !globs) {
- log_error("Out of memory.");
+ log_oom();
r = EXIT_FAILURE;
goto finish;
}
~ianmdlvl / elogind.git / blobdiff