summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile.am4
-rw-r--r--src/core/machine-id-setup.c1
-rw-r--r--src/nspawn/nspawn.c7
-rw-r--r--src/shared/base-filesystem.c82
-rw-r--r--src/shared/base-filesystem.h24
5 files changed, 117 insertions, 1 deletions
diff --git a/Makefile.am b/Makefile.am
index 37a164e562..bc56d7500d 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -827,7 +827,9 @@ libsystemd_shared_la_SOURCES = \
src/shared/eventfd-util.c \
src/shared/eventfd-util.h \
src/shared/copy.c \
- src/shared/copy.h
+ src/shared/copy.h \
+ src/shared/base-filesystem.c \
+ src/shared/base-filesystem.h
nodist_libsystemd_shared_la_SOURCES = \
src/shared/errno-from-name.h \
diff --git a/src/core/machine-id-setup.c b/src/core/machine-id-setup.c
index e2e6d02269..f154800484 100644
--- a/src/core/machine-id-setup.c
+++ b/src/core/machine-id-setup.c
@@ -181,6 +181,7 @@ int machine_id_setup(const char *root) {
* will be owned by root it doesn't matter much, but maybe
* people look. */
+ mkdir_parents(etc_machine_id, 0755);
fd = open(etc_machine_id, O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
if (fd >= 0)
writable = true;
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 212f7223bb..501bccae87 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -89,6 +89,7 @@
#include "gpt.h"
#include "siphash24.h"
#include "copy.h"
+#include "base-filesystem.h"
#ifdef HAVE_SECCOMP
#include "seccomp-util.h"
@@ -3008,6 +3009,12 @@ int main(int argc, char *argv[]) {
srv_device, srv_device_rw) < 0)
goto child_fail;
+ r = base_filesystem_create(arg_directory);
+ if (r < 0) {
+ log_error("creating base filesystem failed: %s", strerror(-r));
+ goto child_fail;
+ }
+
/* Turn directory into bind mount */
if (mount(arg_directory, arg_directory, "bind", MS_BIND|MS_REC, NULL) < 0) {
log_error("Failed to make bind mount: %m");
diff --git a/src/shared/base-filesystem.c b/src/shared/base-filesystem.c
new file mode 100644
index 0000000000..a2201017e0
--- /dev/null
+++ b/src/shared/base-filesystem.c
@@ -0,0 +1,82 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+ This file is part of systemd.
+
+ Copyright 2014 Kay Sievers
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <errno.h>
+#include <sys/stat.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+#include <unistd.h>
+
+#include "base-filesystem.h"
+#include "log.h"
+#include "macro.h"
+#include "util.h"
+#include "label.h"
+#include "mkdir.h"
+
+typedef struct BaseFilesystem {
+ const char *dir;
+ mode_t mode;
+ const char *target;
+} BaseFilesystem;
+
+static const BaseFilesystem table[] = {
+ { "bin", 0, "usr/bin" },
+ { "lib", 0, "usr/lib" },
+ { "lib64", 0, "usr/lib64" },
+ { "root", 0755, NULL },
+ { "sbin", 0, "usr/sbin" },
+};
+
+int base_filesystem_create(const char *root) {
+ _cleanup_close_ int fd = -1;
+ unsigned i;
+ int r;
+
+ fd = open(root, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW);
+ if (fd < 0)
+ return -errno;
+
+ for (i = 0; i < ELEMENTSOF(table); i ++) {
+ if (table[i].target) {
+ /* check if target exists */
+ if (faccessat(fd, table[i].target, F_OK, AT_SYMLINK_NOFOLLOW) < 0)
+ continue;
+
+ r = symlinkat(table[i].target, fd, table[i].dir);
+ if (r < 0 && errno != EEXIST) {
+ log_error("Failed to create symlink at %s/%s: %m", root, table[i].dir);
+ return -errno;
+ }
+ continue;
+ }
+
+ RUN_WITH_UMASK(0000)
+ r = mkdirat(fd, table[i].dir, table[i].mode);
+ if (r < 0 && errno != EEXIST) {
+ log_error("Failed to create directory at %s/%s: %m", root, table[i].dir);
+ return -errno;
+ }
+ }
+
+ return 0;
+}
diff --git a/src/shared/base-filesystem.h b/src/shared/base-filesystem.h
new file mode 100644
index 0000000000..03201f7083
--- /dev/null
+++ b/src/shared/base-filesystem.h
@@ -0,0 +1,24 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+#pragma once
+
+/***
+ This file is part of systemd.
+
+ Copyright 2014 Kay Sievers
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+int base_filesystem_create(const char *root);