udev: set default rules permissions only at "add" events

[elogind.git] / src / core / execute.c

diff --git a/src/core/execute.c b/src/core/execute.c
index 76284700d7b3044b425775587b8296d62edd9038..1413c9110ee71dccdebb6eddc4d477e215755981 100644 (file)
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -39,6 +39,7 @@
 #include <linux/oom.h>
 #include <sys/poll.h>
 #include <linux/seccomp-bpf.h>
+#include <glob.h>
 
 #ifdef HAVE_PAM
 #include <security/pam_appl.h>
@@ -956,7 +957,7 @@ static int apply_seccomp(uint32_t *syscall_filter) {
         for (i = 0, n = 0; i < syscall_max(); i++)
                 if (syscall_filter[i >> 4] & (1 << (i & 31))) {
                         struct sock_filter item[] = {
-                                BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, i, 0, 1),
+                                BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, INDEX_TO_SYSCALL(i), 0, 1),
                                 BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW)
                         };
 
@@ -1023,8 +1024,8 @@ int exec_spawn(ExecCommand *command,
 
         r = exec_context_load_environment(context, &files_env);
         if (r < 0) {
-                log_struct(LOG_ERR,
-                           "UNIT=%s", unit_id,
+                log_struct_unit(LOG_ERR,
+                           unit_id,
                            "MESSAGE=Failed to load environment files: %s", strerror(-r),
                            "ERRNO=%d", -r,
                            NULL);
@@ -1038,8 +1039,8 @@ int exec_spawn(ExecCommand *command,
         if (!line)
                 return log_oom();
 
-        log_struct(LOG_DEBUG,
-                   "UNIT=%s", unit_id,
+        log_struct_unit(LOG_DEBUG,
+                   unit_id,
                    "MESSAGE=About to execute %s", line,
                    NULL);
         free(line);
@@ -1511,8 +1512,8 @@ int exec_spawn(ExecCommand *command,
                 _exit(r);
         }
 
-        log_struct(LOG_DEBUG,
-                   "UNIT=%s", unit_id,
+        log_struct_unit(LOG_DEBUG,
+                   unit_id,
                    "MESSAGE=Forked %s as %lu",
                           command->path, (unsigned long) pid,
                    NULL);
@@ -1657,6 +1658,8 @@ int exec_context_load_environment(const ExecContext *c, char ***l) {
                 int k;
                 bool ignore = false;
                 char **p;
+                glob_t pglob;
+                int count, n;
 
                 fn = *i;
 
@@ -1674,29 +1677,55 @@ int exec_context_load_environment(const ExecContext *c, char ***l) {
                         return -EINVAL;
                 }
 
-                if ((k = load_env_file(fn, &p)) < 0) {
+                /* Filename supports globbing, take all matching files */
+                zero(pglob);
+                errno = 0;
+                if (glob(fn, 0, NULL, &pglob) != 0) {
+                        globfree(&pglob);
+                        if (ignore)
+                                continue;
 
+                        strv_free(r);
+                        return errno ? -errno : -EINVAL;
+                }
+                count = pglob.gl_pathc;
+                if (count == 0) {
+                        globfree(&pglob);
                         if (ignore)
                                 continue;
 
                         strv_free(r);
-                        return k;
+                        return -EINVAL;
                 }
+                for (n = 0; n < count; n++) {
+                        k = load_env_file(pglob.gl_pathv[n], &p);
+                        if (k < 0) {
+                                if (ignore)
+                                        continue;
 
-                if (r == NULL)
-                        r = p;
-                else {
-                        char **m;
+                                strv_free(r);
+                                globfree(&pglob);
+                                return k;
+                         }
 
-                        m = strv_env_merge(2, r, p);
-                        strv_free(r);
-                        strv_free(p);
+                        if (r == NULL)
+                                r = p;
+                        else {
+                                char **m;
+
+                                m = strv_env_merge(2, r, p);
+                                strv_free(r);
+                                strv_free(p);
 
-                        if (!m)
-                                return -ENOMEM;
+                                if (!m) {
+                                        globfree(&pglob);
+                                        return -ENOMEM;
+                                }
 
-                        r = m;
+                                r = m;
+                        }
                 }
+                globfree(&pglob);
         }
 
         *l = r;
@@ -1798,7 +1827,7 @@ void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) {
                         prefix, c->cpu_sched_priority,
                         prefix, yes_no(c->cpu_sched_reset_on_fork));
                 free(policy_str);
-       }
+        }
 
         if (c->cpuset) {
                 fprintf(f, "%sCPUAffinity:", prefix);