X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fcore%2Fsocket.c;h=0c03e8381826d88f83a6d380ed666b8449498e1d;hb=250a918dc4c8a15d927deecc3b3f6a0604657ae4;hp=2130e486865c686dcba251e861480bdda9b9efc2;hpb=d137a488afb59801177dc34c218f339bfbbdb044;p=elogind.git diff --git a/src/core/socket.c b/src/core/socket.c index 2130e4868..0c03e8381 100644 --- a/src/core/socket.c +++ b/src/core/socket.c @@ -50,6 +50,7 @@ #include "label.h" #include "exit-status.h" #include "def.h" +#include "smack-util.h" static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = { [SOCKET_DEAD] = UNIT_INACTIVE, @@ -109,7 +110,7 @@ void socket_free_ports(Socket *s) { assert(s); while ((p = s->ports)) { - LIST_REMOVE(SocketPort, port, s->ports, p); + LIST_REMOVE(port, s->ports, p); if (p->fd >= 0) { unit_unwatch_fd(UNIT(s), &p->fd_watch); @@ -258,53 +259,24 @@ static int socket_verify(Socket *s) { return 0; } -static bool socket_needs_mount(Socket *s, const char *prefix) { +static int socket_add_mount_links(Socket *s) { SocketPort *p; - - assert(s); - - LIST_FOREACH(port, p, s->ports) { - - if (p->type == SOCKET_SOCKET) { - if (socket_address_needs_mount(&p->address, prefix)) - return true; - } else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL) { - if (path_startswith(p->path, prefix)) - return true; - } - } - - return false; -} - -int socket_add_one_mount_link(Socket *s, Mount *m) { int r; assert(s); - assert(m); - - if (UNIT(s)->load_state != UNIT_LOADED || - UNIT(m)->load_state != UNIT_LOADED) - return 0; - if (!socket_needs_mount(s, m->where)) - return 0; - - r = unit_add_two_dependencies(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, UNIT(m), true); - if (r < 0) - return r; + LIST_FOREACH(port, p, s->ports) { + const char *path = NULL; - return 0; -} + if (p->type == SOCKET_SOCKET) + path = socket_address_get_path(&p->address); + else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL) + path = p->path; -static int socket_add_mount_links(Socket *s) { - Unit *other; - int r; - - assert(s); + if (!path) + continue; - LIST_FOREACH(units_by_type, other, UNIT(s)->manager->units_by_type[UNIT_MOUNT]) { - r = socket_add_one_mount_link(s, MOUNT(other)); + r = unit_require_mounts_for(UNIT(s), path); if (r < 0) return r; } @@ -803,17 +775,13 @@ static void socket_apply_socket_options(Socket *s, int fd) { log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m"); } -#ifdef HAVE_SMACK if (s->smack_ip_in) - if (fsetxattr(fd, "security.SMACK64IPIN", s->smack_ip_in, strlen(s->smack_ip_in), 0) < 0) - log_error_unit(UNIT(s)->id, - "fsetxattr(\"security.SMACK64IPIN\"): %m"); + if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0) + log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m"); if (s->smack_ip_out) - if (fsetxattr(fd, "security.SMACK64IPOUT", s->smack_ip_out, strlen(s->smack_ip_out), 0) < 0) - log_error_unit(UNIT(s)->id, - "fsetxattr(\"security.SMACK64IPOUT\"): %m"); -#endif + if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0) + log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m"); } static void socket_apply_fifo_options(Socket *s, int fd) { @@ -825,12 +793,9 @@ static void socket_apply_fifo_options(Socket *s, int fd) { log_warning_unit(UNIT(s)->id, "F_SETPIPE_SZ: %m"); -#ifdef HAVE_SMACK if (s->smack) - if (fsetxattr(fd, "security.SMACK64", s->smack, strlen(s->smack), 0) < 0) - log_error_unit(UNIT(s)->id, - "fsetxattr(\"security.SMACK64\"): %m"); -#endif + if (smack_label_fd(fd, s->smack) < 0) + log_error_unit(UNIT(s)->id, "smack_label_fd: %m"); } static int fifo_address_create( @@ -1226,11 +1191,9 @@ static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) { if (r < 0) goto fail; - argv = unit_full_printf_strv(UNIT(s), c->argv); - if (!argv) { - r = -ENOMEM; + r = unit_full_printf_strv(UNIT(s), c->argv, &argv); + if (r < 0) goto fail; - } r = exec_spawn(c, argv, @@ -1241,7 +1204,7 @@ static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) { true, true, UNIT(s)->manager->confirm_spawn, - UNIT(s)->cgroup_mask, + UNIT(s)->manager->cgroup_supported, UNIT(s)->cgroup_path, UNIT(s)->id, NULL,