From 5dd6d0f8ff1681fff9369e0aa2532979954dbfde Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 20 Aug 2014 13:49:39 +0200 Subject: [PATCH] machine-id-setup: don't try to read UUID from VM/container manager if we operate on a root directory that's not / This should make sure no UUID from the host systemd-machine-id-setup is running on leaks onto a disk image that is provisioned with the tool. --- src/core/machine-id-setup.c | 79 +++++++++++++++++++------------------ 1 file changed, 41 insertions(+), 38 deletions(-) diff --git a/src/core/machine-id-setup.c b/src/core/machine-id-setup.c index 712f60cb1..efb074fcb 100644 --- a/src/core/machine-id-setup.c +++ b/src/core/machine-id-setup.c @@ -64,15 +64,16 @@ static int generate(char id[34], const char *root) { int fd, r; unsigned char *p; sd_id128_t buf; - char *q; + char *q; ssize_t k; - const char *vm_id; - _cleanup_free_ char *dbus_machine_id = NULL; + const char *vm_id, *dbus_machine_id; assert(id); - if (asprintf(&dbus_machine_id, "%s/var/lib/dbus/machine-id", root) < 0) - return log_oom(); + if (isempty(root)) + dbus_machine_id = "/var/lib/dbus/machine-id"; + else + dbus_machine_id = strappenda(root, "/var/lib/dbus/machine-id"); /* First, try reading the D-Bus machine id, unless it is a symlink */ fd = open(dbus_machine_id, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW); @@ -93,46 +94,48 @@ static int generate(char id[34], const char *root) { } } - /* If that didn't work, see if we are running in a container, - * and a machine ID was passed in via $container_uuid the way - * libvirt/LXC does it */ - r = detect_container(NULL); - if (r > 0) { - _cleanup_free_ char *e = NULL; - - r = getenv_for_pid(1, "container_uuid", &e); + if (isempty(root)) { + /* If that didn't work, see if we are running in a container, + * and a machine ID was passed in via $container_uuid the way + * libvirt/LXC does it */ + r = detect_container(NULL); if (r > 0) { - if (strlen(e) >= 36) { - r = shorten_uuid(id, e); - if (r >= 0) { - log_info("Initializing machine ID from container UUID."); - return 0; - } - } - } - - } else { - /* If we are not running in a container, see if we are - * running in qemu/kvm and a machine ID was passed in - * via -uuid on the qemu/kvm command line */ + _cleanup_free_ char *e = NULL; - r = detect_vm(&vm_id); - if (r > 0 && streq(vm_id, "kvm")) { - char uuid[37]; - - fd = open("/sys/class/dmi/id/product_uuid", O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW); - if (fd >= 0) { - k = loop_read(fd, uuid, 36, false); - safe_close(fd); - - if (k >= 36) { - r = shorten_uuid(id, uuid); + r = getenv_for_pid(1, "container_uuid", &e); + if (r > 0) { + if (strlen(e) >= 36) { + r = shorten_uuid(id, e); if (r >= 0) { - log_info("Initializing machine ID from KVM UUID."); + log_info("Initializing machine ID from container UUID."); return 0; } } } + + } else { + /* If we are not running in a container, see if we are + * running in qemu/kvm and a machine ID was passed in + * via -uuid on the qemu/kvm command line */ + + r = detect_vm(&vm_id); + if (r > 0 && streq(vm_id, "kvm")) { + char uuid[37]; + + fd = open("/sys/class/dmi/id/product_uuid", O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW); + if (fd >= 0) { + k = loop_read(fd, uuid, 36, false); + safe_close(fd); + + if (k >= 36) { + r = shorten_uuid(id, uuid); + if (r >= 0) { + log_info("Initializing machine ID from KVM UUID."); + return 0; + } + } + } + } } } -- 2.30.2