diff options
author | Lennart Poettering <lennart@poettering.net> | 2010-06-21 23:27:18 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2010-06-21 23:27:18 +0200 |
commit | 8c6db8336536916d0476ff8233e0abf40a2f6aab (patch) | |
tree | 66ea4c87f407d9ed24eed9539cf9a5275045add2 /src | |
parent | 96551bae6107936a4576b9b4b391abbc9963bdfe (diff) |
pam: implement systemd PAM module and generelize cgroup API for that a bit
Diffstat (limited to 'src')
-rw-r--r-- | src/cgroup-util.c | 694 | ||||
-rw-r--r-- | src/cgroup-util.h | 54 | ||||
-rw-r--r-- | src/cgroup.c | 318 | ||||
-rw-r--r-- | src/cgroup.h | 9 | ||||
-rw-r--r-- | src/manager.c | 4 | ||||
-rw-r--r-- | src/pam-module.c | 466 | ||||
-rw-r--r-- | src/test-cgroup.c | 84 | ||||
-rw-r--r-- | src/util.c | 169 | ||||
-rw-r--r-- | src/util.h | 8 | ||||
-rw-r--r-- | src/utmp-wtmp.c | 6 |
10 files changed, 1522 insertions, 290 deletions
diff --git a/src/cgroup-util.c b/src/cgroup-util.c new file mode 100644 index 0000000000..9337817b6b --- /dev/null +++ b/src/cgroup-util.c @@ -0,0 +1,694 @@ +/*-*- Mode: C; c-basic-offset: 8 -*-*/ + +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <errno.h> +#include <unistd.h> +#include <signal.h> +#include <string.h> +#include <stdlib.h> + +#include <libcgroup.h> + +#include "cgroup-util.h" +#include "log.h" +#include "set.h" +#include "macro.h" +#include "util.h" + +int cg_translate_error(int error, int _errno) { + + switch (error) { + + case ECGROUPNOTCOMPILED: + case ECGROUPNOTMOUNTED: + case ECGROUPNOTEXIST: + case ECGROUPNOTCREATED: + return -ENOENT; + + case ECGINVAL: + return -EINVAL; + + case ECGROUPNOTALLOWED: + return -EPERM; + + case ECGOTHER: + return -_errno; + } + + return -EIO; +} + +static struct cgroup* cg_new(const char *controller, const char *path) { + struct cgroup *cgroup; + + assert(path); + assert(controller); + + if (!(cgroup = cgroup_new_cgroup(path))) + return NULL; + + if (!cgroup_add_controller(cgroup, controller)) { + cgroup_free(&cgroup); + return NULL; + } + + return cgroup; +} + +int cg_kill(const char *controller, const char *path, int sig, bool ignore_self) { + bool killed = false, done = false; + Set *s; + pid_t my_pid; + int r, ret = 0; + + assert(controller); + assert(path); + assert(sig >= 0); + + /* This goes through the tasks list and kills them all. This + * is repeated until no further processes are added to the + * tasks list, to properly handle forking processes */ + + if (!(s = set_new(trivial_hash_func, trivial_compare_func))) + return -ENOMEM; + + my_pid = getpid(); + + do { + void *iterator = NULL; + pid_t pid = 0; + + done = true; + + r = cgroup_get_task_begin(path, controller, &iterator, &pid); + while (r == 0) { + + if (pid == my_pid && ignore_self) + goto next; + + if (set_get(s, INT_TO_PTR(pid)) == INT_TO_PTR(pid)) + goto next; + + /* If we haven't killed this process yet, kill + * it */ + + if (kill(pid, sig) < 0 && errno != ESRCH) { + if (ret == 0) + ret = -errno; + } + + killed = true; + done = false; + + if ((r = set_put(s, INT_TO_PTR(pid))) < 0) + goto loop_exit; + + next: + r = cgroup_get_task_next(&iterator, &pid); + } + + if (r == 0 || r == ECGEOF) + r = 0; + else if (r == ECGOTHER && errno == ENOENT) + r = -ESRCH; + else + r = cg_translate_error(r, errno); + + loop_exit: + assert_se(cgroup_get_task_end(&iterator) == 0); + + /* To avoid racing against processes which fork + * quicker than we can kill them we repeat this until + * no new pids need to be killed. */ + + } while (!done && r >= 0); + + set_free(s); + + if (ret < 0) + return ret; + + if (r < 0) + return r; + + return !!killed; +} + +int cg_kill_recursive(const char *controller, const char *path, int sig, bool ignore_self) { + struct cgroup_file_info info; + int level = 0, r, ret = 0; + void *iterator = NULL; + bool killed = false; + + assert(path); + assert(controller); + assert(sig >= 0); + + zero(info); + + r = cgroup_walk_tree_begin(controller, path, 0, &iterator, &info, &level); + while (r == 0) { + int k; + char *p; + + if (info.type != CGROUP_FILE_TYPE_DIR) + goto next; + + if (asprintf(&p, "%s/%s", path, info.path) < 0) { + ret = -ENOMEM; + break; + } + + k = cg_kill(controller, p, sig, ignore_self); + free(p); + + if (k < 0) { + if (ret == 0) + ret = k; + } else if (k > 0) + killed = true; + + next: + + r = cgroup_walk_tree_next(0, &iterator, &info, level); + } + + if (ret == 0) { + if (r == 0 || r == ECGEOF) + ret = !!killed; + else if (r == ECGOTHER && errno == ENOENT) + ret = -ESRCH; + else + ret = cg_translate_error(r, errno); + } + + assert_se(cgroup_walk_tree_end(&iterator) == 0); + + return ret; +} + +int cg_kill_recursive_and_wait(const char *controller, const char *path) { + unsigned i; + + assert(path); + assert(controller); + + /* This safely kills all processes; first it sends a SIGTERM, + * then checks 8 times after 50ms whether the group is + * now empty, and finally kills everything that is left with + * SIGKILL */ + + for (i = 0; i < 10; i++) { +int sig, r; + + if (i <= 0) + sig = SIGTERM; + else if (i >= 9) + sig = SIGKILL; + else + sig = 0; + + if ((r = cg_kill_recursive(controller, path, sig, true)) <= 0) + return r; + + usleep(50 * USEC_PER_MSEC); + } + + return 0; +} + +int cg_migrate(const char *controller, const char *from, const char *to, bool ignore_self) { + bool migrated = false, done = false; + struct cgroup *dest; + int r, ret = 0; + pid_t my_pid; + + assert(controller); + assert(from); + assert(to); + + if (!(dest = cg_new(controller, to))) + return -ENOMEM; + + my_pid = getpid(); + + do { + void *iterator = NULL; + pid_t pid = 0; + + done = true; + + r = cgroup_get_task_begin(from, controller, &iterator, &pid); + while (r == 0) { + + if (pid == my_pid && ignore_self) + goto next; + + if ((r = cgroup_attach_task_pid(dest, pid)) != 0) { + if (ret == 0) + r = cg_translate_error(r, errno); + } + + migrated = true; + done = false; + + next: + + r = cgroup_get_task_next(&iterator, &pid); + } + + if (r == 0 || r == ECGEOF) + r = 0; + else if (r == ECGOTHER && errno == ENOENT) + r = -ESRCH; + else + r = cg_translate_error(r, errno); + + assert_se(cgroup_get_task_end(&iterator) == 0); + + } while (!done && r >= 0); + + cgroup_free(&dest); + + if (ret < 0) + return ret; + + if (r < 0) + return r; + + return !!migrated; +} + +int cg_migrate_recursive(const char *controller, const char *from, const char *to, bool ignore_self) { + struct cgroup_file_info info; + int level = 0, r, ret = 0; + void *iterator = NULL; + bool migrated = false; + + assert(controller); + assert(from); + assert(to); + + zero(info); + + r = cgroup_walk_tree_begin(controller, from, 0, &iterator, &info, &level); + while (r == 0) { + int k; + char *p; + + if (info.type != CGROUP_FILE_TYPE_DIR) + goto next; + + if (asprintf(&p, "%s/%s", from, info.path) < 0) { + ret = -ENOMEM; + break; + } + + k = cg_migrate(controller, p, to, ignore_self); + free(p); + + if (k < 0) { + if (ret == 0) + ret = k; + } else if (k > 0) + migrated = true; + + next: + r = cgroup_walk_tree_next(0, &iterator, &info, level); + } + + if (ret == 0) { + if (r == 0 || r == ECGEOF) + r = !!migrated; + else if (r == ECGOTHER && errno == ENOENT) + r = -ESRCH; + else + r = cg_translate_error(r, errno); + } + + assert_se(cgroup_walk_tree_end(&iterator) == 0); + + return ret; +} + +int cg_get_path(const char *controller, const char *path, const char *suffix, char **fs) { + char *mp; + int r; + + assert(controller); + assert(path); + + if ((r = cgroup_get_subsys_mount_point(controller, &mp)) != 0) + return cg_translate_error(r, errno); + + if (suffix) + r = asprintf(fs, "%s/%s/%s", mp, path, suffix); + else + r = asprintf(fs, "%s/%s", mp, path); + + free(mp); + + return r < 0 ? -ENOMEM : 0; +} + +int cg_trim(const char *controller, const char *path, bool delete_root) { + char *fs; + int r; + + assert(controller); + assert(path); + + if ((r = cg_get_path(controller, path, NULL, &fs)) < 0) + return r; + + r = rm_rf(fs, true, delete_root); + free(fs); + + return r; +} + +int cg_delete(const char *controller, const char *path) { + struct cgroup *cg; + int r; + + assert(controller); + assert(path); + + if (!(cg = cg_new(controller, path))) + return -ENOMEM; + + if ((r = cgroup_delete_cgroup_ext(cg, CGFLAG_DELETE_RECURSIVE|CGFLAG_DELETE_IGNORE_MIGRATION)) != 0) { + r = cg_translate_error(r, errno); + goto finish; + } + + r = 0; + +finish: + cgroup_free(&cg); + + return r; +} + +int cg_create(const char *controller, const char *path) { + struct cgroup *cg; + int r; + + assert(controller); + assert(path); + + if (!(cg = cg_new(controller, path))) + return -ENOMEM; + + if ((r = cgroup_create_cgroup(cg, 1)) != 0) { + r = cg_translate_error(r, errno); + goto finish; + } + + r = 0; + +finish: + cgroup_free(&cg); + + return r; +} + +int cg_attach(const char *controller, const char *path, pid_t pid) { + struct cgroup *cg; + int r; + + assert(controller); + assert(path); + assert(pid >= 0); + + if (!(cg = cg_new(controller, path))) + return -ENOMEM; + + if (pid == 0) + pid = getpid(); + + if ((r = cgroup_attach_task_pid(cg, pid))) { + r = cg_translate_error(r, errno); + goto finish; + } + + r = 0; + +finish: + cgroup_free(&cg); + + return r; +} + +int cg_create_and_attach(const char *controller, const char *path, pid_t pid) { + struct cgroup *cg; + int r; + + assert(controller); + assert(path); + assert(pid >= 0); + + if (!(cg = cg_new(controller, path))) + return -ENOMEM; + + if ((r = cgroup_create_cgroup(cg, 1)) != 0) { + r = cg_translate_error(r, errno); + goto finish; + } + + if (pid == 0) + pid = getpid(); + + if ((r = cgroup_attach_task_pid(cg, pid))) { + r = cg_translate_error(r, errno); + goto finish; + } + + r = 0; + +finish: + cgroup_free(&cg); + + return r; +} + +int cg_set_group_access(const char *controller, const char *path, mode_t mode, uid_t uid, gid_t gid) { + char *fs; + int r; + + assert(controller); + assert(path); + + if ((r = cg_get_path(controller, path, NULL, &fs)) < 0) + return r; + + r = chmod_and_chown(fs, mode, uid, gid); + free(fs); + + return r; +} + +int cg_set_task_access(const char *controller, const char *path, mode_t mode, uid_t uid, gid_t gid) { + char *fs; + int r; + + assert(controller); + assert(path); + + if ((r = cg_get_path(controller, path, "tasks", &fs)) < 0) + return r; + + r = chmod_and_chown(fs, mode, uid, gid); + free(fs); + + return r; +} + +int cg_get_by_pid(const char *controller, pid_t pid, char **path) { + int r; + char *p = NULL; + + assert(controller); + assert(pid > 0); + assert(path); + + if ((r = cgroup_get_current_controller_path(pid, controller, &p)) != 0) + return cg_translate_error(r, errno); + + assert(p); + + *path = p; + return 0; +} + +int cg_install_release_agent(const char *controller, const char *agent) { + char *mp = NULL, *path = NULL, *contents = NULL, *line = NULL, *sc; + int r; + + assert(controller); + assert(agent); + + if ((r = cgroup_get_subsys_mount_point(controller, &mp)) != 0) + return cg_translate_error(r, errno); + + if (asprintf(&path, "%s/release_agent", mp) < 0) { + r = -ENOMEM; + goto finish; + } + + if ((r = read_one_line_file(path, &contents)) < 0) + goto finish; + + sc = strstrip(contents); + + if (sc[0] == 0) { + + if (asprintf(&line, "%s\n", agent) < 0) { + r = -ENOMEM; + goto finish; + } + + if ((r = write_one_line_file(path, line)) < 0) + goto finish; + + } else if (!streq(sc, agent)) { + r = -EEXIST; + goto finish; + } + + free(path); + path = NULL; + if (asprintf(&path, "%s/notify_on_release", mp) < 0) { + r = -ENOMEM; + goto finish; + } + + free(contents); + contents = NULL; + if ((r = read_one_line_file(path, &contents)) < 0) + goto finish; + + sc = strstrip(contents); + + if (streq(sc, "0")) { + if ((r = write_one_line_file(path, "1\n")) < 0) + goto finish; + } else if (!streq(sc, "1")) { + r = -EIO; + goto finish; + } + + r = 0; + +finish: + free(mp); + free(path); + free(contents); + free(line); + + return r; +} + +int cg_is_empty(const char *controller, const char *path, bool ignore_self) { + void *iterator = NULL; + pid_t pid = 0; + int r; + + assert(controller); + assert(path); + + r = cgroup_get_task_begin(path, controller, &iterator, &pid); + while (r == 0) { + + if (ignore_self&& pid == getpid()) + goto next; + + break; + + next: + r = cgroup_get_task_next(&iterator, &pid); + } + + + if (r == ECGEOF) + r = 1; + else if (r != 0) + r = cg_translate_error(r, errno); + else + r = 0; + + assert_se(cgroup_get_task_end(&iterator) == 0); + + return r; +} + +int cg_is_empty_recursive(const char *controller, const char *path, bool ignore_self) { + struct cgroup_file_info info; + int level = 0, r, ret = 0; + void *iterator = NULL; + bool empty = true; + + assert(controller); + assert(path); + + zero(info); + + r = cgroup_walk_tree_begin(controller, path, 0, &iterator, &info, &level); + while (r == 0) { + int k; + char *p; + + if (info.type != CGROUP_FILE_TYPE_DIR) + goto next; + + if (asprintf(&p, "%s/%s", path, info.path) < 0) { + ret = -ENOMEM; + break; + } + + k = cg_is_empty(controller, p, ignore_self); + free(p); + + if (k < 0) { + ret = k; + break; + } else if (k == 0) { + empty = false; + break; + } + + next: + r = cgroup_walk_tree_next(0, &iterator, &info, level); + } + + if (ret == 0) { + if (r == 0 || r == ECGEOF) + ret = !!empty; + else if (r == ECGOTHER && errno == ENOENT) + ret = -ESRCH; + else + ret = cg_translate_error(r, errno); + } + + assert_se(cgroup_walk_tree_end(&iterator) == 0); + + return ret; +} diff --git a/src/cgroup-util.h b/src/cgroup-util.h new file mode 100644 index 0000000000..4ada71bc17 --- /dev/null +++ b/src/cgroup-util.h @@ -0,0 +1,54 @@ +/*-*- Mode: C; c-basic-offset: 8 -*-*/ + +#ifndef foocgrouputilhfoo +#define foocgrouputilhfoo + +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <sys/types.h> + +int cg_translate_error(int error, int _errno); + +int cg_kill(const char *controller, const char *path, int sig, bool ignore_self); +int cg_kill_recursive(const char *controller, const char *path, int sig, bool ignore_self); +int cg_kill_recursive_and_wait(const char *controller, const char *path); + +int cg_migrate(const char *controller, const char *from, const char *to, bool ignore_self); +int cg_migrate_recursive(const char *controller, const char *from, const char *to, bool ignore_self); + +int cg_get_path(const char *controller, const char *path, const char *suffix, char **fs); +int cg_get_by_pid(const char *controller, pid_t pid, char **path); + +int cg_trim(const char *controller, const char *path, bool delete_root); +int cg_delete(const char *controller, const char *path); + +int cg_create(const char *controller, const char *path); +int cg_attach(const char *controller, const char *path, pid_t pid); +int cg_create_and_attach(const char *controller, const char *path, pid_t pid); + +int cg_set_group_access(const char *controller, const char *path, mode_t mode, uid_t uid, gid_t gid); +int cg_set_task_access(const char *controller, const char *path, mode_t mode, uid_t uid, gid_t gid); + +int cg_install_release_agent(const char *controller, const char *agent); + +int cg_is_empty(const char *controller, const char *path, bool ignore_self); +int cg_is_empty_recursive(const char *controller, const char *path, bool ignore_self); + +#endif diff --git a/src/cgroup.c b/src/cgroup.c index 291db4e6c9..27130a9c39 100644 --- a/src/cgroup.c +++ b/src/cgroup.c @@ -26,32 +26,12 @@ #include <signal.h> #include <sys/mount.h> +#include <libcgroup.h> + #include "cgroup.h" +#include "cgroup-util.h" #include "log.h" -static int translate_error(int error, int _errno) { - - switch (error) { - - case ECGROUPNOTCOMPILED: - case ECGROUPNOTMOUNTED: - case ECGROUPNOTEXIST: - case ECGROUPNOTCREATED: - return -ENOENT; - - case ECGINVAL: - return -EINVAL; - - case ECGROUPNOTALLOWED: - return -EPERM; - - case ECGOTHER: - return -_errno; - } - - return -EIO; -} - int cgroup_bonding_realize(CGroupBonding *b) { int r; @@ -59,39 +39,27 @@ int cgroup_bonding_realize(CGroupBonding *b) { assert(b->path); assert(b->controller); - if (b->cgroup) + if (b->realized) return 0; - if (!(b->cgroup = cgroup_new_cgroup(b->path))) - return -ENOMEM; + if ((r = cg_create(b->controller, b->path)) < 0) + return r; - if (!cgroup_add_controller(b->cgroup, b->controller)) { - r = -ENOMEM; - goto fail; - } + b->realized = true; - if ((r = cgroup_create_cgroup(b->cgroup, true)) != 0) { - r = translate_error(r, errno); - goto fail; - } + if (b->only_us && b->clean_up) + cg_trim(b->controller, b->path, false); return 0; - -fail: - cgroup_free(&b->cgroup); - b->cgroup = NULL; - return r; } int cgroup_bonding_realize_list(CGroupBonding *first) { CGroupBonding *b; + int r; - LIST_FOREACH(by_unit, b, first) { - int r; - + LIST_FOREACH(by_unit, b, first) if ((r = cgroup_bonding_realize(b)) < 0) return r; - } return 0; } @@ -113,11 +81,12 @@ void cgroup_bonding_free(CGroupBonding *b) { hashmap_remove(b->unit->meta.manager->cgroup_bondings, b->path); } - if (b->cgroup) { - if (b->only_us && b->clean_up && cgroup_bonding_is_empty(b) > 0) - cgroup_delete_cgroup_ext(b->cgroup, true); + if (b->realized && b->only_us && b->clean_up) { - cgroup_free(&b->cgroup); + if (cgroup_bonding_is_empty(b) > 0) + cg_delete(b->controller, b->path); + else + cg_trim(b->controller, b->path, false); } free(b->controller); @@ -138,109 +107,36 @@ int cgroup_bonding_install(CGroupBonding *b, pid_t pid) { assert(b); assert(pid >= 0); - if (pid == 0) - pid = getpid(); - - if (!b->cgroup) - return -ENOENT; - - if ((r = cgroup_attach_task_pid(b->cgroup, pid))) - return translate_error(r, errno); + if ((r = cg_create_and_attach(b->controller, b->path, pid)) < 0) + return r; + b->realized = true; return 0; } int cgroup_bonding_install_list(CGroupBonding *first, pid_t pid) { CGroupBonding *b; + int r; - LIST_FOREACH(by_unit, b, first) { - int r; - + LIST_FOREACH(by_unit, b, first) if ((r = cgroup_bonding_install(b, pid)) < 0) return r; - } return 0; } int cgroup_bonding_kill(CGroupBonding *b, int sig) { int r; - Set *s; - bool done; - bool killed = false; assert(b); - assert(sig > 0); - - if (!b->only_us) - return -EAGAIN; - - if (!(s = set_new(trivial_hash_func, trivial_compare_func))) - return -ENOMEM; - - do { - void *iterator; - pid_t pid; - - done = true; - - if ((r = cgroup_get_task_begin(b->path, b->controller, &iterator, &pid)) != 0) { - if (r == ECGEOF) { - r = 0; - goto kill_done; - } else { - if (r == ECGOTHER && errno == ENOENT) - r = ESRCH; - else - r = translate_error(r, errno); - break; - } - } - - for (;;) { - if (set_get(s, INT_TO_PTR(pid)) != INT_TO_PTR(pid)) { - - /* If we haven't killed this process - * yet, kill it */ - - if (kill(pid, sig) < 0 && errno != ESRCH) { - r = -errno; - break; - } - - killed = true; - done = false; - - if ((r = set_put(s, INT_TO_PTR(pid))) < 0) - break; - } - - if ((r = cgroup_get_task_next(&iterator, &pid)) != 0) { + assert(sig >= 0); - if (r == ECGEOF) - r = 0; - else - r = translate_error(r, errno); - - break; - } - } - - kill_done: - assert_se(cgroup_get_task_end(&iterator) == 0); - - /* To avoid racing against processes which fork - * quicker than we can kill them we repeat this until - * no new pids need to be killed. */ - - } while (!done && r >= 0); - - set_free(s); - - if (r < 0) + if ((r = cgroup_bonding_realize(b)) < 0) return r; - return killed ? 0 : -ESRCH; + assert(b->realized); + + return cg_kill_recursive(b->controller, b->path, sig, true); } int cgroup_bonding_kill_list(CGroupBonding *first, int sig) { @@ -249,7 +145,7 @@ int cgroup_bonding_kill_list(CGroupBonding *first, int sig) { LIST_FOREACH(by_unit, b, first) { if ((r = cgroup_bonding_kill(b, sig)) < 0) { - if (r == -EAGAIN || -ESRCH) + if (r == -EAGAIN || r == -ESRCH) continue; return r; @@ -264,33 +160,19 @@ int cgroup_bonding_kill_list(CGroupBonding *first, int sig) { /* Returns 1 if the group is empty, 0 if it is not, -EAGAIN if we * cannot know */ int cgroup_bonding_is_empty(CGroupBonding *b) { - void *iterator; - pid_t pid; int r; assert(b); - r = cgroup_get_task_begin(b->path, b->controller, &iterator, &pid); - - if (r == 0 || r == ECGEOF) - cgroup_get_task_end(&iterator); + if ((r = cg_is_empty_recursive(b->controller, b->path, true)) < 0) + return r; - /* Hmm, no PID in this group? Then it is definitely empty */ - if (r == ECGEOF) + /* If it is empty it is empty */ + if (r > 0) return 1; - /* Some error? Let's return it */ - if (r != 0) - return translate_error(r, errno); - - /* It's not empty, and we are the only user, then it is - * definitely not empty */ - if (b->only_us) - return 0; - - /* There are PIDs in the group but we aren't the only users, - * hence we cannot say */ - return -EAGAIN; + /* It's not only us using this cgroup, so we just don't know */ + return b->only_us ? 0 : -EAGAIN; } int cgroup_bonding_is_empty_list(CGroupBonding *first) { @@ -313,99 +195,6 @@ int cgroup_bonding_is_empty_list(CGroupBonding *first) { return -EAGAIN; } -static int install_release_agent(Manager *m, const char *mount_point) { - char *p, *c, *sc; - int r; - - assert(m); - assert(mount_point); - - if (asprintf(&p, "%s/release_agent", mount_point) < 0) - return -ENOMEM; - - if ((r = read_one_line_file(p, &c)) < 0) { - free(p); - return r; - } - - sc = strstrip(c); - - if (sc[0] == 0) { - if ((r = write_one_line_file(p, CGROUP_AGENT_PATH "\n" )) < 0) { - free(p); - free(c); - return r; - } - } else if (!streq(sc, CGROUP_AGENT_PATH)) { - free(p); - free(c); - return -EEXIST; - } - - free(c); - free(p); - - if (asprintf(&p, "%s/notify_on_release", mount_point) < 0) - return -ENOMEM; - - if ((r = read_one_line_file(p, &c)) < 0) { - free(p); - return r; - } - - sc = strstrip(c); - - if (streq(sc, "0")) { - if ((r = write_one_line_file(p, "1\n")) < 0) { - free(p); - free(c); - return r; - } - } else if (!streq(sc, "1")) { - free(p); - free(c); - return -EIO; - } - - free(p); - free(c); - - return 0; -} - -static int create_hierarchy_cgroup(Manager *m) { - struct cgroup *cg; - int r; - - assert(m); - - if (!(cg = cgroup_new_cgroup(m->cgroup_hierarchy))) - return -ENOMEM; - - if (!(cgroup_add_controller(cg, m->cgroup_controller))) { - r = -ENOMEM; - goto finish; - } - - if ((r = cgroup_create_cgroup(cg, true)) != 0) { - log_error("Failed to create cgroup hierarchy group: %s", cgroup_strerror(r)); - r = translate_error(r, errno); - goto finish; - } - - if ((r = cgroup_attach_task(cg)) != 0) { - log_error("Failed to add ourselves to hierarchy group: %s", cgroup_strerror(r)); - r = translate_error(r, errno); - goto finish; - } - - r = 0; - -finish: - cgroup_free(&cg); - return r; -} - int manager_setup_cgroup(Manager *m) { char *cp; int r; @@ -416,7 +205,7 @@ int manager_setup_cgroup(Manager *m) { if ((r = cgroup_init()) != 0) { log_error("Failed to initialize libcg: %s", cgroup_strerror(r)); - return translate_error(r, errno); + return cg_translate_error(r, errno); } free(m->cgroup_controller); @@ -426,12 +215,12 @@ int manager_setup_cgroup(Manager *m) { free(m->cgroup_mount_point); m->cgroup_mount_point = NULL; if ((r = cgroup_get_subsys_mount_point(m->cgroup_controller, &m->cgroup_mount_point))) - return translate_error(r, errno); + return cg_translate_error(r, errno); pid = getpid(); if ((r = cgroup_get_current_controller_path(pid, m->cgroup_controller, &cp))) - return translate_error(r, errno); + return cg_translate_error(r, errno); snprintf(suffix, sizeof(suffix), "/systemd-%u", (unsigned) pid); char_array_0(suffix); @@ -457,12 +246,12 @@ int manager_setup_cgroup(Manager *m) { m->cgroup_mount_point, m->cgroup_hierarchy); - if ((r = install_release_agent(m, m->cgroup_mount_point)) < 0) + if ((r = cg_install_release_agent(m->cgroup_controller, CGROUP_AGENT_PATH)) < 0) log_warning("Failed to install release agent, ignoring: %s", strerror(-r)); else log_debug("Installed release agent, or already installed."); - if ((r = create_hierarchy_cgroup(m)) < 0) + if ((r = cg_create_and_attach(m->cgroup_controller, m->cgroup_hierarchy, 0)) < 0) log_error("Failed to create root cgroup hierarchy: %s", strerror(-r)); else log_debug("Created root group."); @@ -470,33 +259,13 @@ int manager_setup_cgroup(Manager *m) { return r; } -int manager_shutdown_cgroup(Manager *m, bool delete) { - struct cgroup *cg; - int r; - +int manager_shutdown_cgroup(Manager *m) { assert(m); - if (!m->cgroup_hierarchy) + if (!m->cgroup_controller || !m->cgroup_hierarchy) return 0; - if (!(cg = cgroup_new_cgroup(m->cgroup_hierarchy))) - return -ENOMEM; - - if (!(cgroup_add_controller(cg, m->cgroup_controller))) { - r = -ENOMEM; - goto finish; - } - - /* Often enough we won't be able to delete the cgroup we - * ourselves are in, hence ignore all errors here */ - if (delete) - cgroup_delete_cgroup_ext(cg, CGFLAG_DELETE_IGNORE_MIGRATION|CGFLAG_DELETE_RECURSIVE); - r = 0; - -finish: - cgroup_free(&cg); - return r; - + return cg_delete(m->cgroup_controller, m->cgroup_hierarchy); } int cgroup_notify_empty(Manager *m, const char *group) { @@ -541,15 +310,12 @@ Unit* cgroup_unit_by_pid(Manager *m, pid_t pid) { if (pid <= 1) return NULL; - if ((r = cgroup_get_current_controller_path(pid, m->cgroup_controller, &group))) + if ((r = cg_get_by_pid(m->cgroup_controller, pid, &group))) return NULL; l = hashmap_get(m->cgroup_bondings, group); free(group); - if (!l) - return NULL; - LIST_FOREACH(by_path, b, l) { if (!b->unit) diff --git a/src/cgroup.h b/src/cgroup.h index 67c7cc3501..11d2aba8cf 100644 --- a/src/cgroup.h +++ b/src/cgroup.h @@ -22,8 +22,6 @@ along with systemd; If not, see <http://www.gnu.org/licenses/>. ***/ -#include <libcgroup.h> - typedef struct CGroupBonding CGroupBonding; #include "unit.h" @@ -35,8 +33,6 @@ struct CGroupBonding { Unit *unit; - struct cgroup *cgroup; - /* For the Unit::cgroup_bondings list */ LIST_FIELDS(CGroupBonding, by_unit); @@ -48,6 +44,9 @@ struct CGroupBonding { /* When our tasks are the only ones in this group */ bool only_us:1; + + /* This cgroup is realized */ + bool realized:1; }; int cgroup_bonding_realize(CGroupBonding *b); @@ -72,7 +71,7 @@ char *cgroup_bonding_to_string(CGroupBonding *b); #include "manager.h" int manager_setup_cgroup(Manager *m); -int manager_shutdown_cgroup(Manager *m, bool delete); +int manager_shutdown_cgroup(Manager *m); int cgroup_notify_empty(Manager *m, const char *group); diff --git a/src/manager.c b/src/manager.c index 554dd8e866..f1a79b5e89 100644 --- a/src/manager.c +++ b/src/manager.c @@ -32,7 +32,6 @@ #include <sys/reboot.h> #include <sys/ioctl.h> #include <linux/kd.h> -#include <libcgroup.h> #include <termios.h> #include <fcntl.h> #include <sys/types.h> @@ -421,7 +420,8 @@ void manager_free(Manager *m) { /* If we reexecute ourselves, we keep the root cgroup * around */ - manager_shutdown_cgroup(m, m->exit_code != MANAGER_REEXECUTE); + if (m->exit_code != MANAGER_REEXECUTE) + manager_shutdown_cgroup(m); bus_done(m); diff --git a/src/pam-module.c b/src/pam-module.c new file mode 100644 index 0000000000..5157897a71 --- /dev/null +++ b/src/pam-module.c @@ -0,0 +1,466 @@ +/*-*- Mode: C; c-basic-offset: 8 -*-*/ + +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <errno.h> +#include <fcntl.h> +#include <sys/file.h> +#include <pwd.h> + +#include <security/pam_modules.h> +#include <security/_pam_macros.h> +#include <security/pam_modutil.h> +#include <security/pam_ext.h> +#include <security/pam_misc.h> + +#include <libcgroup.h> + +#include "util.h" +#include "cgroup-util.h" +#include "macro.h" +#include "sd-daemon.h" + +static int parse_argv(pam_handle_t *handle, + int argc, const char **argv, + bool *create_session, + bool *kill_session, + bool *kill_user) { + + unsigned i; + + assert(argc >= 0); + assert(argc == 0 || argv); + + for (i = 0; i < (unsigned) argc; i++) { + int k; + + if (startswith(argv[i], "create-session=")) { + if ((k = parse_boolean(argv[i] + 15)) < 0) { + pam_syslog(handle, LOG_ERR, "Failed to parse create-session= argument."); + return k; + } + + if (create_session) + *create_session = k; + } else if (startswith(argv[i], "kill-session=")) { + if ((k = parse_boolean(argv[i] + 13)) < 0) { + pam_syslog(handle, LOG_ERR, "Failed to parse kill-session= argument."); + return k; + } + + if (kill_session) + *kill_session = k; + + } else if (startswith(argv[i], "kill-user=")) { + if ((k = parse_boolean(argv[i] + 10)) < 0) { + pam_syslog(handle, LOG_ERR, "Failed to parse kill-user= argument."); + return k; + } + + if (kill_user) + *kill_user = k; + } else { + pam_syslog(handle, LOG_ERR, "Unknown parameter '%s'.", argv[i]); + return -EINVAL; + } + } + + if (kill_session && *kill_session && kill_user) + *kill_user = true; + + return 0; +} + +static int open_file_and_lock(const char *fn) { + int fd; + + assert(fn); + + if ((fd = open(fn, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW|O_CREAT, 0600)) < 0) + return -errno; + + if (flock(fd, LOCK_EX) < 0) + return -errno; + + return fd; +} + +static uint32_t combine32(unsigned long long u) { + uint32_t r = 0; + unsigned i; + + for (i = 0; i < sizeof(u)/4; i ++) + r ^= (uint32_t) ((u >> (i*32)) & 0xFFFFFFFFULL); + + return r; +} + +static char *generate_session_cookie(void) { + char *machine; + char *cookie; + unsigned long long r; + usec_t u; + int k; + + if (getmachineid_malloc(&machine) < 0) + if (!(machine = gethostname_malloc())) + return NULL; + + r = random_ull(); + u = now(CLOCK_REALTIME); + + k = asprintf(&cookie, "%s-%lu-%lu", + machine, + (unsigned long) combine32(r), + (unsigned long) combine32((unsigned long long) u)); + free(machine); + + return k < 0 ? NULL : cookie; +} + +static int get_user_data( + pam_handle_t *handle, + const char **ret_username, + struct passwd **ret_pw) { + + const char *username; + struct passwd *pw; + int r; + + assert(handle); + assert(ret_username); + assert(ret_pw); + + if ((r = pam_get_user(handle, &username, NULL)) != PAM_SUCCESS) { + pam_syslog(handle, LOG_ERR, "Failed to get user name."); + return r; + } + + if (!username || !*username) { + pam_syslog(handle, LOG_ERR, "User name not valid."); + return PAM_AUTH_ERR; + } + + if (!(pw = pam_modutil_getpwnam(handle, username))) { + pam_syslog(handle, LOG_ERR, "Failed to get user data."); + return PAM_USER_UNKNOWN; + } + + *ret_pw = pw; + *ret_username = username; + + return PAM_SUCCESS; +} + +static int create_user_group(pam_handle_t *handle, const char *group, struct passwd *pw, bool attach) { + int r; + + assert(handle); + assert(group); + + if (attach) + r = cg_create_and_attach("name=systemd", group, 0); + else + r = cg_create("name=systemd", group); + + if (r < 0) { + pam_syslog(handle, LOG_ERR, "Failed to create cgroup: %s", strerror(-r)); + return PAM_SESSION_ERR; + } + + if ((r = cg_set_task_access("name=systemd", group, 0755, pw->pw_uid, pw->pw_gid)) < 0 || + (r = cg_set_group_access("name=systemd", group, 0755, pw->pw_uid, pw->pw_gid)) < 0) { + pam_syslog(handle, LOG_ERR, "Failed to change access modes: %s", strerror(-r)); + return PAM_SESSION_ERR; + } + + return PAM_SUCCESS; +} + +_public_ PAM_EXTERN int pam_sm_open_session( + pam_handle_t *handle, + int flags, + int argc, const char **argv) { + + const char *username = NULL; + struct passwd *pw; + int r; + char *buf = NULL; + int lock_fd = -1; + bool create_session = true; + + assert(handle); + + pam_syslog(handle, LOG_INFO, "pam-systemd initializing"); + + if (parse_argv(handle, argc, argv, &create_session, NULL, NULL) < 0) + return PAM_SESSION_ERR; + + /* Make this a NOP on non-systemd systems */ + if (sd_booted() <= 0) + return PAM_SUCCESS; + + if ((r = cgroup_init()) != 0) { + pam_syslog(handle, LOG_ERR, "libcgroup initialization failed: %s", cgroup_strerror(r)); + r = PAM_SESSION_ERR; + goto finish; + } + + if ((r = get_user_data(handle, &username, &pw)) != PAM_SUCCESS) + goto finish; + + if (safe_mkdir(RUNTIME_DIR "/user", 0755, 0, 0) < 0) { + pam_syslog(handle, LOG_ERR, "Failed to create runtime directory: %m"); + r = PAM_SYSTEM_ERR; + goto finish; + } + + if ((lock_fd = open_file_and_lock(RUNTIME_DIR "/user/.pam-systemd-lock")) < 0) { + pam_syslog(handle, LOG_ERR, "Failed to lock runtime directory: %m"); + r = PAM_SYSTEM_ERR; + goto finish; + } + + /* Create /var/run/$USER */ + free(buf); + if (asprintf(&buf, RUNTIME_DIR "/user/%s", username) < 0) { + r = PAM_BUF_ERR; + goto finish; + } + + if (safe_mkdir(buf, 0700, pw->pw_uid, pw->pw_gid) < 0) { + pam_syslog(handle, LOG_WARNING, "Failed to create runtime directory: %m"); + r = PAM_SYSTEM_ERR; + goto finish; + } else if ((r = pam_misc_setenv(handle, "XDG_RUNTIME_DIR", buf, 0)) != PAM_SUCCESS) { + pam_syslog(handle, LOG_ERR, "Failed to set runtime dir."); + goto finish; + } + + free(buf); + buf = NULL; + + if (create_session) { + const char *cookie; + + /* Reuse or create XDG session ID */ + if (!(cookie = pam_getenv(handle, "XDG_SESSION_COOKIE"))) { + if (!(buf = generate_session_cookie())) { + r = PAM_BUF_ERR; + goto finish; + } + + if ((r = pam_misc_setenv(handle, "XDG_SESSION_COOKIE", buf, 0)) != PAM_SUCCESS) { + pam_syslog(handle, LOG_ERR, "Failed to set cookie."); + goto finish; + } + + if (!(cookie = pam_getenv(handle, "XDG_SESSION_COOKIE"))) { + pam_syslog(handle, LOG_ERR, "Failed to get cookie."); + r = PAM_SESSION_ERR; + goto finish; + } + } + + r = asprintf(&buf, "/user/%s/%s", username, cookie); + } else + r = asprintf(&buf, "/user/%s/no-session", username); + + if (r < 0) { + r = PAM_BUF_ERR; + goto finish; + } + + if ((r = create_user_group(handle, buf, pw, true)) != PAM_SUCCESS) + goto finish; + + r = PAM_SUCCESS; + +finish: + free(buf); + + if (lock_fd >= 0) + close_nointr_nofail(lock_fd); + + return r; +} + +static int session_remains(pam_handle_t *handle, const char *user_path) { + struct cgroup_file_info info; + int level = 0, r; + void *iterator = NULL; + bool remains = false; + + zero(info); + + r = cgroup_walk_tree_begin("name=systemd", user_path, 0, &iterator, &info, &level); + while (r == 0) { + + if (info.type != CGROUP_FILE_TYPE_DIR) + goto next; + + if (streq(info.path, "")) + goto next; + + if (streq(info.path, "no-session")) + goto next; + + remains = true; + break; + + next: + + r = cgroup_walk_tree_next(0, &iterator, &info, level); + } + + + if (remains) + r = 1; + else if (r == 0 || r == ECGEOF) + r = 0; + else + r = cg_translate_error(r, errno); + + assert_se(cgroup_walk_tree_end(&iterator) == 0); + + return r; +} + +_public_ PAM_EXTERN int pam_sm_close_session( + pam_handle_t *handle, + int flags, + int argc, const char **argv) { + + const char *username = NULL; + bool kill_session = false; + bool kill_user = false; + int lock_fd = -1, r; + char *session_path = NULL, *nosession_path = NULL, *user_path = NULL; + const char *cookie; + struct passwd *pw; + + assert(handle); + + if (parse_argv(handle, argc, argv, NULL, &kill_session, &kill_user) < 0) + return PAM_SESSION_ERR; + + /* Make this a NOP on non-systemd systems */ + if (sd_booted() <= 0) + return PAM_SUCCESS; + + if ((r = get_user_data(handle, &username, &pw)) != PAM_SUCCESS) + goto finish; + + if ((lock_fd = open_file_and_lock(RUNTIME_DIR "/user/.pam-systemd-lock")) < 0) { + pam_syslog(handle, LOG_ERR, "Failed to lock runtime directory: %m"); + r = PAM_SYSTEM_ERR; + goto finish; + } + + if (asprintf(&user_path, "/user/%s", username) < 0) { + r = PAM_BUF_ERR; + goto finish; + } + + if ((cookie = pam_getenv(handle, "XDG_SESSION_COOKIE"))) { + + if (asprintf(&session_path, "/user/%s/%s", username, cookie) < 0 || + asprintf(&nosession_path, "/user/%s/no-session", username) < 0) { + r = PAM_BUF_ERR; + goto finish; + } + + if (kill_session) { + pam_syslog(handle, LOG_INFO, "KILLING ENTER"); + + /* Kill processes in session cgroup */ + if ((r = cg_kill_recursive_and_wait("name=systemd", session_path)) < 0) + pam_syslog(handle, LOG_ERR, "Failed to kill session cgroup: %s", strerror(-r)); + + pam_syslog(handle, LOG_INFO, "KILLING EXIT"); + + } else { + /* Migrate processes from session to + * no-session cgroup. First, try to create the + * no-session group in case it doesn't exist + * yet. */ + create_user_group(handle, nosession_path, pw, 0); + + if ((r = cg_migrate_recursive("name=systemd", session_path, nosession_path, false)) < 0) + pam_syslog(handle, LOG_ERR, "Failed to migrate session cgroup: %s", strerror(-r)); + } + + /* Delete session cgroup */ + if (r < 0) + pam_syslog(handle, LOG_INFO, "Couldn't empty session cgroup, not deleting."); + else { + if ((r = cg_delete("name=systemd", session_path)) < 0) + pam_syslog(handle, LOG_ERR, "Failed to delete session cgroup: %s", strerror(-r)); + } + } + + /* GC user tree */ + cg_trim("name=systemd", user_path, false); + + if ((r = session_remains(handle, user_path)) < 0) + pam_syslog(handle, LOG_ERR, "Failed to determine whether a session remains: %s", strerror(-r)); + + /* Kill user processes not attached to any session */ + if (kill_user && r == 0) { + + /* Kill no-session cgroup */ + if ((r = cg_kill_recursive_and_wait("name=systemd", user_path)) < 0) + pam_syslog(handle, LOG_ERR, "Failed to kill user cgroup: %s", strerror(-r)); + } else { + + if ((r = cg_is_empty_recursive("name=systemd", user_path, true)) < 0) + pam_syslog(handle, LOG_ERR, "Failed to check user cgroup: %s", strerror(-r)); + + /* If we managed to kill somebody, don't cleanup the cgroup. */ + if (r == 0) + r = -EBUSY; + } + + if (r >= 0) { + const char *runtime_dir; + + /* Remove user cgroup */ + if ((r = cg_delete("name=systemd", user_path)) < 0) + pam_syslog(handle, LOG_ERR, "Failed to delete user cgroup: %s", strerror(-r)); + + /* This will migrate us to the /user cgroup. */ + + if ((runtime_dir = pam_getenv(handle, "XDG_RUNTIME_DIR"))) + if ((r = rm_rf(runtime_dir, false, true)) < 0) + pam_syslog(handle, LOG_ERR, "Failed to remove runtime directory: %s", strerror(-r)); + } + + r = PAM_SUCCESS; + +finish: + if (lock_fd >= 0) + close_nointr_nofail(lock_fd); + + free(session_path); + free(nosession_path); + free(user_path); + + return r; +} diff --git a/src/test-cgroup.c b/src/test-cgroup.c new file mode 100644 index 0000000000..389df6d398 --- /dev/null +++ b/src/test-cgroup.c @@ -0,0 +1,84 @@ +/*-*- Mode: C; c-basic-offset: 8 -*-*/ + +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <unistd.h> +#include <string.h> + +#include <libcgroup.h> + +#include "cgroup-util.h" +#include "util.h" +#include "log.h" + +int main(int argc, char*argv[]) { + char *path; + + assert_se(cgroup_init() == 0); + + assert_se(cg_create("name=systemd", "/test-a") == 0); + assert_se(cg_create("name=systemd", "/test-a") == 0); + assert_se(cg_create("name=systemd", "/test-b") == 0); + assert_se(cg_create("name=systemd", "/test-b/test-c") == 0); + assert_se(cg_create_and_attach("name=systemd", "/test-b", 0) == 0); + + assert_se(cg_get_by_pid("name=systemd", getpid(), &path) == 0); + assert_se(streq(path, "/test-b")); + free(path); + + assert_se(cg_attach("name=systemd", "/test-a", 0) == 0); + + assert_se(cg_get_by_pid("name=systemd", getpid(), &path) == 0); + assert_se(path_equal(path, "/test-a")); + free(path); + + assert_se(cg_create_and_attach("name=systemd", "/test-b/test-d", 0) == 0); + + assert_se(cg_get_by_pid("name=systemd", getpid(), &path) == 0); + assert_se(path_equal(path, "/test-b/test-d")); + free(path); + + assert_se(cg_get_path("name=systemd", "/test-b/test-d", NULL, &path) == 0); + assert_se(path_equal(path, "/cgroup/systemd/test-b/test-d")); + free(path); + + assert_se(cg_is_empty("name=systemd", "/test-a", false) > 0); + assert_se(cg_is_empty("name=systemd", "/test-b", false) > 0); + assert_se(cg_is_empty_recursive("name=systemd", "/test-a", false) > 0); + assert_se(cg_is_empty_recursive("name=systemd", "/test-b", false) == 0); + + assert_se(cg_kill_recursive("name=systemd", "/test-a", 0, false) == 0); + assert_se(cg_kill_recursive("name=systemd", "/test-b", 0, false) > 0); + + assert_se(cg_migrate_recursive("name=systemd", "/test-b", "/test-a", false) == 0); + + assert_se(cg_is_empty_recursive("name=systemd", "/test-a", false) == 0); + assert_se(cg_is_empty_recursive("name=systemd", "/test-b", false) > 0); + + assert_se(cg_kill_recursive("name=systemd", "/test-a", 0, false) > 0); + assert_se(cg_kill_recursive("name=systemd", "/test-b", 0, false) == 0); + + cg_trim("name=systemd", "/", false); + + assert_se(cg_delete("name=systemd", "/test-b") < 0); + assert_se(cg_delete("name=systemd", "/test-a") == 0); + + return 0; +} diff --git a/src/util.c b/src/util.c index 6fa9dec3a6..11ab074569 100644 --- a/src/util.c +++ b/src/util.c @@ -846,6 +846,28 @@ char *file_in_same_dir(const char *path, const char *filename) { return r; } +int safe_mkdir(const char *path, mode_t mode, uid_t uid, gid_t gid) { + struct stat st; + + if (mkdir(path, mode) >= 0) + if (chmod_and_chown(path, mode, uid, gid) < 0) + return -errno; + + if (lstat(path, &st) < 0) + return -errno; + + if ((st.st_mode & 0777) != mode || + st.st_uid != uid || + st.st_gid != gid || + !S_ISDIR(st.st_mode)) { + errno = EEXIST; + return -errno; + } + + return 0; +} + + int mkdir_parents(const char *path, mode_t mode) { const char *p, *e; @@ -2325,6 +2347,18 @@ char* gethostname_malloc(void) { return strdup(u.sysname); } +int getmachineid_malloc(char **b) { + int r; + + assert(b); + + if ((r = read_one_line_file("/var/lib/dbus/machine-id", b)) < 0) + return r; + + strstrip(*b); + return 0; +} + char* getlogname_malloc(void) { uid_t uid; long bufsize; @@ -2361,11 +2395,13 @@ char* getlogname_malloc(void) { return name; } -char *getttyname_malloc(void) { - char path[PATH_MAX], *p; +int getttyname_malloc(char **r) { + char path[PATH_MAX], *p, *c; + + assert(r); if (ttyname_r(STDIN_FILENO, path, sizeof(path)) < 0) - return strdup("unknown"); + return -errno; char_array_0(path); @@ -2373,7 +2409,132 @@ char *getttyname_malloc(void) { if (startswith(path, "/dev/")) p += 5; - return strdup(p); + if (!(c = strdup(p))) + return -ENOMEM; + + *r = c; + return 0; +} + +static int rm_rf_children(int fd, bool only_dirs) { + DIR *d; + int ret = 0; + + assert(fd >= 0); + + /* This returns the first error we run into, but nevertheless + * tries to go on */ + + if (!(d = fdopendir(fd))) { + close_nointr_nofail(fd); + return -errno; + } + + for (;;) { + struct dirent buf, *de; + bool is_dir; + int r; + + if ((r = readdir_r(d, &buf, &de)) != 0) { + if (ret == 0) + ret = -r; + break; + } + + if (!de) + break; + + if (streq(de->d_name, ".") || streq(de->d_name, "..")) + continue; + + if (de->d_type == DT_UNKNOWN) { + struct stat st; + + if (fstatat(fd, de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) { + if (ret == 0) + ret = -errno; + continue; + } + + is_dir = S_ISDIR(st.st_mode); + } else + is_dir = de->d_type == DT_DIR; + + if (is_dir) { + int subdir_fd; + + if ((subdir_fd = openat(fd, de->d_name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC)) < 0) { + if (ret == 0) + ret = -errno; + continue; + } + + if ((r = rm_rf_children(subdir_fd, only_dirs)) < 0) { + if (ret == 0) + ret = r; + } + + if (unlinkat(fd, de->d_name, AT_REMOVEDIR) < 0) { + if (ret == 0) + ret = -errno; + } + } else if (!only_dirs) { + + if (unlinkat(fd, de->d_name, 0) < 0) { + if (ret == 0) + ret = -errno; + } + } + } + + closedir(d); + + return ret; +} + +int rm_rf(const char *path, bool only_dirs, bool delete_root) { + int fd; + int r; + + assert(path); + + if ((fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC)) < 0) { + + if (errno != ENOTDIR) + return -errno; + + if (delete_root && !only_dirs) + if (unlink(path) < 0) + return -errno; + + return 0; + } + + r = rm_rf_children(fd, only_dirs); + + if (delete_root) + if (rmdir(path) < 0) { + if (r == 0) + r = -errno; + } + + return r; +} + +int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid) { + assert(path); + + /* Under the assumption that we are running privileged we + * first change the access mode and only then hand out + * ownership to avoid a window where access is too open. */ + + if (chmod(path, mode) < 0) + return -errno; + + if (chown(path, uid, gid) < 0) + return -errno; + + return 0; } static const char *const ioprio_class_table[] = { diff --git a/src/util.h b/src/util.h index 9af2ca8ae6..864d98fa63 100644 --- a/src/util.h +++ b/src/util.h @@ -160,6 +160,7 @@ char *delete_chars(char *s, const char *bad); char *truncate_nl(char *s); char *file_in_same_dir(const char *path, const char *filename); +int safe_mkdir(const char *path, mode_t mode, uid_t uid, gid_t gid); int mkdir_parents(const char *path, mode_t mode); int mkdir_p(const char *path, mode_t mode); @@ -263,7 +264,12 @@ void sigset_add_many(sigset_t *ss, ...); char* gethostname_malloc(void); char* getlogname_malloc(void); -char *getttyname_malloc(void); +int getttyname_malloc(char **r); +int getmachineid_malloc(char **r); + +int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid); + +int rm_rf(const char *path, bool only_dirs, bool delete_root); const char *ioprio_class_to_string(int i); int ioprio_class_from_string(const char *s); diff --git a/src/utmp-wtmp.c b/src/utmp-wtmp.c index d7cda82d5a..45da79c681 100644 --- a/src/utmp-wtmp.c +++ b/src/utmp-wtmp.c @@ -296,12 +296,14 @@ int utmp_wall(const char *message) { time_t t; if (!(hn = gethostname_malloc()) || - !(un = getlogname_malloc()) || - !(tty = getttyname_malloc())) { + !(un = getlogname_malloc())) { r = -ENOMEM; goto finish; } + if ((r = getttyname_malloc(&tty)) < 0) + goto finish; + time(&t); assert_se(ctime_r(&t, date)); delete_chars(date, "\n\r"); |