journal: add ability to browse journals of running OS containers

This adds the new library call sd_journal_open_container() and a new
"-M" switch to journalctl. Particular care is taken that journalctl's
"-b" switch resolves to the current boot ID of the container, not the
host.

2 files changed, 6 insertions, 5 deletions

diff --git a/src/libsystemd-bus/bus-container.c b/src/libsystemd-bus/bus-container.c
index 25ea471a08..33478c02de 100644
--- a/src/libsystemd-bus/bus-container.c
+++ b/src/libsystemd-bus/bus-container.c
@@ -29,8 +29,9 @@
 #include "bus-container.h"
 
 int bus_container_connect(sd_bus *b) {
-        _cleanup_free_ char *p = NULL, *s = NULL, *ns = NULL, *root = NULL, *class = NULL;
+        _cleanup_free_ char *s = NULL, *ns = NULL, *root = NULL, *class = NULL;
         _cleanup_close_ int nsfd = -1, rootfd = -1;
+        char *p;
         siginfo_t si;
         pid_t leader, child;
         int r;
@@ -39,10 +40,7 @@ int bus_container_connect(sd_bus *b) {
         assert(b->input_fd < 0);
         assert(b->output_fd < 0);
 
-        p = strappend("/run/systemd/machines/", b->machine);
-        if (!p)
-                return -ENOMEM;
-
+        p = strappenda("/run/systemd/machines/", b->machine);
         r = parse_env_file(p, NEWLINE, "LEADER", &s, "CLASS", &class, NULL);
         if (r == -ENOENT)
                 return -EHOSTDOWN;
diff --git a/src/libsystemd-bus/sd-bus.c b/src/libsystemd-bus/sd-bus.c
index 0a2ce3eb8d..f991a09279 100644
--- a/src/libsystemd-bus/sd-bus.c
+++ b/src/libsystemd-bus/sd-bus.c
@@ -764,6 +764,9 @@ static int parse_container_address(sd_bus *b, const char **p, char **guid) {
         if (!machine)
                 return -EINVAL;
 
+        if (!filename_is_safe(machine))
+                return -EINVAL;
+
         free(b->machine);
         b->machine = machine;
         machine = NULL;