summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDidier Roche <didrocks@ubuntu.com>2014-11-24 09:43:29 +0100
committerLennart Poettering <lennart@poettering.net>2014-12-03 03:41:19 +0100
commit979ef53a268d6f54a309fc5c6015df5d4accbbd5 (patch)
treedceff9f60062e5e39173f735b4511236d90bd9b0
parent3543f8218b732132dff6d0dccb2ce357e4154801 (diff)
machine-id-setup: add a machine_id_commit call to commit on disk a transient machine-id
If /etc was read only at boot time with an empty /etc/machine-id, the latter will be mounted as a tmpfs and get reset at each boot. If the system becomes rw later, this functionality enables to commit in a race-free manner the transient machine-id to disk.
-rw-r--r--src/core/machine-id-setup.c79
-rw-r--r--src/core/machine-id-setup.h1
-rw-r--r--src/shared/util.c9
-rw-r--r--src/shared/util.h2
4 files changed, 91 insertions, 0 deletions
diff --git a/src/core/machine-id-setup.c b/src/core/machine-id-setup.c
index d8600bde2d..74582a5dcd 100644
--- a/src/core/machine-id-setup.c
+++ b/src/core/machine-id-setup.c
@@ -188,6 +188,85 @@ static int write_machine_id(int fd, char id[34]) {
return -errno;
}
+int machine_id_commit(const char *root) {
+ _cleanup_close_ int fd = -1, initial_mntns_fd = -1;
+ const char *etc_machine_id;
+ char id[34]; /* 32 + \n + \0 */
+ int r;
+
+ if (isempty(root))
+ etc_machine_id = "/etc/machine-id";
+ else {
+ char *x;
+
+ x = strappenda(root, "/etc/machine-id");
+ etc_machine_id = path_kill_slashes(x);
+ }
+
+ r = path_is_mount_point(etc_machine_id, false);
+ if (r < 0)
+ return log_error_errno(r, "Failed to determine wether %s is a mount point: %m", etc_machine_id);
+ if (r == 0) {
+ log_debug("%s is is not a mount point. Nothing to do.", etc_machine_id);
+ return 0;
+ }
+
+ /* Read existing machine-id */
+ fd = open(etc_machine_id, O_RDONLY|O_CLOEXEC|O_NOCTTY);
+ if (fd < 0)
+ return log_error_errno(errno, "Cannot open %s: %m", etc_machine_id);
+
+ r = get_valid_machine_id(fd, id);
+ if (r < 0)
+ return log_error_errno(r, "We didn't find a valid machine ID in %s.", etc_machine_id);
+
+ r = is_fd_on_temporary_fs(fd);
+ if (r < 0)
+ return log_error_errno(r, "Failed to determine whether %s is on a temporary file system: %m", etc_machine_id);
+ if (r == 0) {
+ log_error("%s is not on a temporary file system.", etc_machine_id);
+ return -EROFS;
+ }
+
+ fd = safe_close(fd);
+
+ /* Store current mount namespace */
+ r = namespace_open(0, NULL, &initial_mntns_fd, NULL, NULL);
+ if (r < 0)
+ return log_error_errno(r, "Can't fetch current mount namespace: %m");
+
+ /* Switch to a new mount namespace, isolate ourself and unmount etc_machine_id in our new namespace */
+ if (unshare(CLONE_NEWNS) < 0)
+ return log_error_errno(errno, "Failed to enter new namespace: %m");
+
+ if (mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL) < 0)
+ return log_error_errno(errno, "Couldn't make-rslave / mountpoint in our private namespace: %m");
+
+ if (umount(etc_machine_id) < 0)
+ return log_error_errno(errno, "Failed to unmount transient %s file in our private namespace: %m", etc_machine_id);
+
+ /* Update a persistent version of etc_machine_id */
+ fd = open(etc_machine_id, O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
+ if (fd < 0)
+ return log_error_errno(errno, "Cannot open for writing %s. This is mandatory to get a persistent machine-id: %m", etc_machine_id);
+
+ r = write_machine_id(fd, id);
+ if (r < 0)
+ return log_error_errno(r, "Cannot write %s: %m", etc_machine_id);
+
+ fd = safe_close(fd);
+
+ /* Return to initial namespace and proceed a lazy tmpfs unmount */
+ r = namespace_enter(-1, initial_mntns_fd, -1, -1);
+ if (r < 0)
+ return log_warning_errno(r, "Failed to switch back to initial mount namespace: %m.\nWe'll keep transient %s file until next reboot.", etc_machine_id);
+
+ if (umount2(etc_machine_id, MNT_DETACH) < 0)
+ return log_warning_errno(errno, "Failed to unmount transient %s file: %m.\nWe keep that mount until next reboot.", etc_machine_id);
+
+ return 0;
+}
+
int machine_id_setup(const char *root) {
const char *etc_machine_id, *run_machine_id;
_cleanup_close_ int fd = -1;
diff --git a/src/core/machine-id-setup.h b/src/core/machine-id-setup.h
index b0583eefc8..f7707c3bf9 100644
--- a/src/core/machine-id-setup.h
+++ b/src/core/machine-id-setup.h
@@ -21,4 +21,5 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
+int machine_id_commit(const char *root);
int machine_id_setup(const char *root);
diff --git a/src/shared/util.c b/src/shared/util.c
index 21651708d5..4fcbab97be 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -3052,6 +3052,15 @@ _pure_ static int is_temporary_fs(struct statfs *s) {
F_TYPE_EQUAL(s->f_type, RAMFS_MAGIC);
}
+int is_fd_on_temporary_fs(int fd) {
+ struct statfs s;
+
+ if (fstatfs(fd, &s) < 0)
+ return -errno;
+
+ return is_temporary_fs(&s);
+}
+
int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
struct statfs s;
diff --git a/src/shared/util.h b/src/shared/util.h
index b53a45da9d..0b7c77b1d4 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -454,6 +454,8 @@ int get_ctty(pid_t, dev_t *_devnr, char **r);
int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid);
int fchmod_and_fchown(int fd, mode_t mode, uid_t uid, gid_t gid);
+int is_fd_on_temporary_fs(int fd);
+
int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev);
int rm_rf_children_dangerous(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev);
int rm_rf(const char *path, bool only_dirs, bool delete_root, bool honour_sticky);