summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile.am13
-rw-r--r--src/basic/copy.c2
-rw-r--r--src/basic/util.c41
-rw-r--r--src/basic/util.h6
-rw-r--r--src/import/export-raw.c2
-rw-r--r--src/import/export-tar.c2
-rw-r--r--src/import/import-raw.c4
-rw-r--r--src/import/import-tar.c2
-rw-r--r--src/import/pull-dkr.c2
-rw-r--r--src/import/pull-raw.c6
-rw-r--r--src/import/pull-tar.c2
-rw-r--r--src/journal/coredump.c4
-rw-r--r--src/nspawn/nspawn.c6
-rw-r--r--src/shared/machine-pool.c2
-rw-r--r--src/systemctl/systemctl.c2
-rw-r--r--src/test/test-util.c37
-rw-r--r--src/tmpfiles/tmpfiles.c2
-rw-r--r--tmpfiles.d/systemd-nspawn.conf23
-rw-r--r--tmpfiles.d/var.conf1
19 files changed, 117 insertions, 42 deletions
diff --git a/Makefile.am b/Makefile.am
index a2e8709e52..1dd6dbd5e5 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1188,7 +1188,8 @@ libcore_la_CFLAGS = \
$(AUDIT_CFLAGS) \
$(KMOD_CFLAGS) \
$(APPARMOR_CFLAGS) \
- $(MOUNT_CFLAGS)
+ $(MOUNT_CFLAGS) \
+ $(SECCOMP_CFLAGS)
libcore_la_LIBADD = \
libshared.la \
@@ -1316,6 +1317,10 @@ src/resolve/dns_type-from-name.gperf: src/resolve/dns_type-list.txt
systemd_SOURCES = \
src/core/main.c
+systemd_CFLAGS = \
+ $(AM_CFLAGS) \
+ $(SECCOMP_CFLAGS)
+
systemd_LDADD = \
libcore.la
@@ -2183,7 +2188,8 @@ dist_tmpfiles_DATA = \
tmpfiles.d/tmp.conf \
tmpfiles.d/x11.conf \
tmpfiles.d/var.conf \
- tmpfiles.d/home.conf
+ tmpfiles.d/home.conf \
+ tmpfiles.d/systemd-nspawn.conf
if HAVE_SYSV_COMPAT
dist_tmpfiles_DATA += \
@@ -2737,7 +2743,8 @@ systemd_nspawn_SOURCES = \
systemd_nspawn_CFLAGS = \
$(AM_CFLAGS) \
- $(BLKID_CFLAGS)
+ $(BLKID_CFLAGS) \
+ $(SECCOMP_CFLAGS)
systemd_nspawn_LDADD = \
libshared.la \
diff --git a/src/basic/copy.c b/src/basic/copy.c
index 1282cb88be..230e7e4d3f 100644
--- a/src/basic/copy.c
+++ b/src/basic/copy.c
@@ -396,7 +396,7 @@ int copy_file_atomic(const char *from, const char *to, mode_t mode, bool replace
assert(from);
assert(to);
- r = tempfn_random(to, &t);
+ r = tempfn_random(to, NULL, &t);
if (r < 0)
return r;
diff --git a/src/basic/util.c b/src/basic/util.c
index 6f6906f877..b7c70af541 100644
--- a/src/basic/util.c
+++ b/src/basic/util.c
@@ -2521,7 +2521,7 @@ int fopen_temporary(const char *path, FILE **_f, char **_temp_path) {
assert(_f);
assert(_temp_path);
- r = tempfn_xxxxxx(path, &t);
+ r = tempfn_xxxxxx(path, NULL, &t);
if (r < 0)
return r;
@@ -2551,7 +2551,7 @@ int symlink_atomic(const char *from, const char *to) {
assert(from);
assert(to);
- r = tempfn_random(to, &t);
+ r = tempfn_random(to, NULL, &t);
if (r < 0)
return r;
@@ -2594,7 +2594,7 @@ int mknod_atomic(const char *path, mode_t mode, dev_t dev) {
assert(path);
- r = tempfn_random(path, &t);
+ r = tempfn_random(path, NULL, &t);
if (r < 0)
return r;
@@ -2615,7 +2615,7 @@ int mkfifo_atomic(const char *path, mode_t mode) {
assert(path);
- r = tempfn_random(path, &t);
+ r = tempfn_random(path, NULL, &t);
if (r < 0)
return r;
@@ -4969,7 +4969,7 @@ int fflush_and_check(FILE *f) {
return 0;
}
-int tempfn_xxxxxx(const char *p, char **ret) {
+int tempfn_xxxxxx(const char *p, const char *extra, char **ret) {
const char *fn;
char *t;
@@ -4981,24 +4981,27 @@ int tempfn_xxxxxx(const char *p, char **ret) {
* /foo/bar/waldo
*
* Into this:
- * /foo/bar/.#waldoXXXXXX
+ * /foo/bar/.#<extra>waldoXXXXXX
*/
fn = basename(p);
if (!filename_is_valid(fn))
return -EINVAL;
- t = new(char, strlen(p) + 2 + 6 + 1);
+ if (extra == NULL)
+ extra = "";
+
+ t = new(char, strlen(p) + 2 + strlen(extra) + 6 + 1);
if (!t)
return -ENOMEM;
- strcpy(stpcpy(stpcpy(mempcpy(t, p, fn - p), ".#"), fn), "XXXXXX");
+ strcpy(stpcpy(stpcpy(stpcpy(mempcpy(t, p, fn - p), ".#"), extra), fn), "XXXXXX");
*ret = path_kill_slashes(t);
return 0;
}
-int tempfn_random(const char *p, char **ret) {
+int tempfn_random(const char *p, const char *extra, char **ret) {
const char *fn;
char *t, *x;
uint64_t u;
@@ -5012,18 +5015,21 @@ int tempfn_random(const char *p, char **ret) {
* /foo/bar/waldo
*
* Into this:
- * /foo/bar/.#waldobaa2a261115984a9
+ * /foo/bar/.#<extra>waldobaa2a261115984a9
*/
fn = basename(p);
if (!filename_is_valid(fn))
return -EINVAL;
- t = new(char, strlen(p) + 2 + 16 + 1);
+ if (!extra)
+ extra = "";
+
+ t = new(char, strlen(p) + 2 + strlen(extra) + 16 + 1);
if (!t)
return -ENOMEM;
- x = stpcpy(stpcpy(mempcpy(t, p, fn - p), ".#"), fn);
+ x = stpcpy(stpcpy(stpcpy(mempcpy(t, p, fn - p), ".#"), extra), fn);
u = random_u64();
for (i = 0; i < 16; i++) {
@@ -5037,7 +5043,7 @@ int tempfn_random(const char *p, char **ret) {
return 0;
}
-int tempfn_random_child(const char *p, char **ret) {
+int tempfn_random_child(const char *p, const char *extra, char **ret) {
char *t, *x;
uint64_t u;
unsigned i;
@@ -5048,14 +5054,17 @@ int tempfn_random_child(const char *p, char **ret) {
/* Turns this:
* /foo/bar/waldo
* Into this:
- * /foo/bar/waldo/.#3c2b6219aa75d7d0
+ * /foo/bar/waldo/.#<extra>3c2b6219aa75d7d0
*/
- t = new(char, strlen(p) + 3 + 16 + 1);
+ if (!extra)
+ extra = "";
+
+ t = new(char, strlen(p) + 3 + strlen(extra) + 16 + 1);
if (!t)
return -ENOMEM;
- x = stpcpy(stpcpy(t, p), "/.#");
+ x = stpcpy(stpcpy(stpcpy(t, p), "/.#"), extra);
u = random_u64();
for (i = 0; i < 16; i++) {
diff --git a/src/basic/util.h b/src/basic/util.h
index 467ae234a0..7aca46d777 100644
--- a/src/basic/util.h
+++ b/src/basic/util.h
@@ -828,9 +828,9 @@ int bind_remount_recursive(const char *prefix, bool ro);
int fflush_and_check(FILE *f);
-int tempfn_xxxxxx(const char *p, char **ret);
-int tempfn_random(const char *p, char **ret);
-int tempfn_random_child(const char *p, char **ret);
+int tempfn_xxxxxx(const char *p, const char *extra, char **ret);
+int tempfn_random(const char *p, const char *extra, char **ret);
+int tempfn_random_child(const char *p, const char *extra, char **ret);
int take_password_lock(const char *root);
diff --git a/src/import/export-raw.c b/src/import/export-raw.c
index 4b6d8dac32..8f9c9bbc80 100644
--- a/src/import/export-raw.c
+++ b/src/import/export-raw.c
@@ -265,7 +265,7 @@ static int reflink_snapshot(int fd, const char *path) {
if (new_fd < 0) {
_cleanup_free_ char *t = NULL;
- r = tempfn_random(path, &t);
+ r = tempfn_random(path, NULL, &t);
if (r < 0)
return r;
diff --git a/src/import/export-tar.c b/src/import/export-tar.c
index d31295745f..5adc748c50 100644
--- a/src/import/export-tar.c
+++ b/src/import/export-tar.c
@@ -290,7 +290,7 @@ int tar_export_start(TarExport *e, const char *path, int fd, ImportCompressType
free(e->temp_path);
e->temp_path = NULL;
- r = tempfn_random(path, &e->temp_path);
+ r = tempfn_random(path, NULL, &e->temp_path);
if (r < 0)
return r;
diff --git a/src/import/import-raw.c b/src/import/import-raw.c
index 97e1254f09..43cd413042 100644
--- a/src/import/import-raw.c
+++ b/src/import/import-raw.c
@@ -180,7 +180,7 @@ static int raw_import_maybe_convert_qcow2(RawImport *i) {
return 0;
/* This is a QCOW2 image, let's convert it */
- r = tempfn_random(i->final_path, &t);
+ r = tempfn_random(i->final_path, NULL, &t);
if (r < 0)
return log_oom();
@@ -267,7 +267,7 @@ static int raw_import_open_disk(RawImport *i) {
if (!i->final_path)
return log_oom();
- r = tempfn_random(i->final_path, &i->temp_path);
+ r = tempfn_random(i->final_path, NULL, &i->temp_path);
if (r < 0)
return log_oom();
diff --git a/src/import/import-tar.c b/src/import/import-tar.c
index 12701bfcef..2bf0b0680c 100644
--- a/src/import/import-tar.c
+++ b/src/import/import-tar.c
@@ -223,7 +223,7 @@ static int tar_import_fork_tar(TarImport *i) {
if (!i->final_path)
return log_oom();
- r = tempfn_random(i->final_path, &i->temp_path);
+ r = tempfn_random(i->final_path, NULL, &i->temp_path);
if (r < 0)
return log_oom();
diff --git a/src/import/pull-dkr.c b/src/import/pull-dkr.c
index d7476dc340..78e3184c42 100644
--- a/src/import/pull-dkr.c
+++ b/src/import/pull-dkr.c
@@ -520,7 +520,7 @@ static int dkr_pull_job_on_open_disk(PullJob *j) {
assert(!i->temp_path);
assert(i->tar_pid <= 0);
- r = tempfn_random(i->final_path, &i->temp_path);
+ r = tempfn_random(i->final_path, NULL, &i->temp_path);
if (r < 0)
return log_oom();
diff --git a/src/import/pull-raw.c b/src/import/pull-raw.c
index b65bb0c034..5bfaf012c0 100644
--- a/src/import/pull-raw.c
+++ b/src/import/pull-raw.c
@@ -208,7 +208,7 @@ static int raw_pull_maybe_convert_qcow2(RawPull *i) {
return 0;
/* This is a QCOW2 image, let's convert it */
- r = tempfn_random(i->final_path, &t);
+ r = tempfn_random(i->final_path, NULL, &t);
if (r < 0)
return log_oom();
@@ -280,7 +280,7 @@ static int raw_pull_make_local_copy(RawPull *i) {
if (i->force_local)
(void) rm_rf(p, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME);
- r = tempfn_random(p, &tp);
+ r = tempfn_random(p, NULL, &tp);
if (r < 0)
return log_oom();
@@ -424,7 +424,7 @@ static int raw_pull_job_on_open_disk(PullJob *j) {
if (r < 0)
return log_oom();
- r = tempfn_random(i->final_path, &i->temp_path);
+ r = tempfn_random(i->final_path, NULL, &i->temp_path);
if (r < 0)
return log_oom();
diff --git a/src/import/pull-tar.c b/src/import/pull-tar.c
index 27a9af804d..a6605d248f 100644
--- a/src/import/pull-tar.c
+++ b/src/import/pull-tar.c
@@ -324,7 +324,7 @@ static int tar_pull_job_on_open_disk(PullJob *j) {
if (r < 0)
return log_oom();
- r = tempfn_random(i->final_path, &i->temp_path);
+ r = tempfn_random(i->final_path, NULL, &i->temp_path);
if (r < 0)
return log_oom();
diff --git a/src/journal/coredump.c b/src/journal/coredump.c
index 1c747aa2b4..62483a2a05 100644
--- a/src/journal/coredump.c
+++ b/src/journal/coredump.c
@@ -301,7 +301,7 @@ static int save_external_coredump(
if (r < 0)
return log_error_errno(r, "Failed to determine coredump file name: %m");
- r = tempfn_random(fn, &tmp);
+ r = tempfn_random(fn, NULL, &tmp);
if (r < 0)
return log_error_errno(r, "Failed to determine temporary file name: %m");
@@ -347,7 +347,7 @@ static int save_external_coredump(
goto uncompressed;
}
- r = tempfn_random(fn_compressed, &tmp_compressed);
+ r = tempfn_random(fn_compressed, NULL, &tmp_compressed);
if (r < 0) {
log_error_errno(r, "Failed to determine temporary file name for %s: %m", fn_compressed);
goto uncompressed;
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index fed77383c3..eea994d0b3 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -350,7 +350,7 @@ static int custom_mounts_prepare(void) {
if (m->read_only)
continue;
- r = tempfn_random(m->source, &m->work_dir);
+ r = tempfn_random(m->source, NULL, &m->work_dir);
if (r < 0)
return log_error_errno(r, "Failed to generate work directory from %s: %m", m->source);
}
@@ -4522,9 +4522,9 @@ int main(int argc, char *argv[]) {
goto finish;
}
if (r > 0)
- r = tempfn_random_child(arg_directory, &np);
+ r = tempfn_random_child(arg_directory, "machine.", &np);
else
- r = tempfn_random(arg_directory, &np);
+ r = tempfn_random(arg_directory, "machine.", &np);
if (r < 0) {
log_error_errno(r, "Failed to generate name for snapshot: %m");
goto finish;
diff --git a/src/shared/machine-pool.c b/src/shared/machine-pool.c
index 8c64908b1a..8af78f47d5 100644
--- a/src/shared/machine-pool.c
+++ b/src/shared/machine-pool.c
@@ -75,7 +75,7 @@ static int setup_machine_raw(uint64_t size, sd_bus_error *error) {
if (errno != ENOENT)
return sd_bus_error_set_errnof(error, errno, "Failed to open /var/lib/machines.raw: %m");
- r = tempfn_xxxxxx("/var/lib/machines.raw", &tmp);
+ r = tempfn_xxxxxx("/var/lib/machines.raw", NULL, &tmp);
if (r < 0)
return r;
diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
index a2eb435fce..40bea87dfa 100644
--- a/src/systemctl/systemctl.c
+++ b/src/systemctl/systemctl.c
@@ -5687,7 +5687,7 @@ static int create_edit_temp_file(const char *new_path, const char *original_path
assert(original_path);
assert(ret_tmp_fn);
- r = tempfn_random(new_path, &t);
+ r = tempfn_random(new_path, NULL, &t);
if (r < 0)
return log_error_errno(r, "Failed to determine temporary filename for \"%s\": %m", new_path);
diff --git a/src/test/test-util.c b/src/test/test-util.c
index 9d5516a18d..ed8db45115 100644
--- a/src/test/test-util.c
+++ b/src/test/test-util.c
@@ -1507,6 +1507,42 @@ static void test_parse_mode(void) {
assert_se(parse_mode("0", &m) >= 0 && m == 0);
}
+static void test_tempfn(void) {
+ char *ret = NULL, *p;
+
+ assert_se(tempfn_xxxxxx("/foo/bar/waldo", NULL, &ret) >= 0);
+ assert_se(streq_ptr(ret, "/foo/bar/.#waldoXXXXXX"));
+ free(ret);
+
+ assert_se(tempfn_xxxxxx("/foo/bar/waldo", "[miau]", &ret) >= 0);
+ assert_se(streq_ptr(ret, "/foo/bar/.#[miau]waldoXXXXXX"));
+ free(ret);
+
+ assert_se(tempfn_random("/foo/bar/waldo", NULL, &ret) >= 0);
+ assert_se(p = startswith(ret, "/foo/bar/.#waldo"));
+ assert_se(strlen(p) == 16);
+ assert_se(in_charset(p, "0123456789abcdef"));
+ free(ret);
+
+ assert_se(tempfn_random("/foo/bar/waldo", "[wuff]", &ret) >= 0);
+ assert_se(p = startswith(ret, "/foo/bar/.#[wuff]waldo"));
+ assert_se(strlen(p) == 16);
+ assert_se(in_charset(p, "0123456789abcdef"));
+ free(ret);
+
+ assert_se(tempfn_random_child("/foo/bar/waldo", NULL, &ret) >= 0);
+ assert_se(p = startswith(ret, "/foo/bar/waldo/.#"));
+ assert_se(strlen(p) == 16);
+ assert_se(in_charset(p, "0123456789abcdef"));
+ free(ret);
+
+ assert_se(tempfn_random_child("/foo/bar/waldo", "[kikiriki]", &ret) >= 0);
+ assert_se(p = startswith(ret, "/foo/bar/waldo/.#[kikiriki]"));
+ assert_se(strlen(p) == 16);
+ assert_se(in_charset(p, "0123456789abcdef"));
+ free(ret);
+}
+
int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
@@ -1582,6 +1618,7 @@ int main(int argc, char *argv[]) {
test_sparse_write();
test_shell_maybe_quote();
test_parse_mode();
+ test_tempfn();
return 0;
}
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
index f7dad8491e..027a5c2ca8 100644
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -1465,7 +1465,7 @@ static int remove_item_instance(Item *i, const char *instance) {
/* FIXME: we probably should use dir_cleanup() here
* instead of rm_rf() so that 'x' is honoured. */
log_debug("rm -rf \"%s\"", instance);
- r = rm_rf(instance, (i->type == RECURSIVE_REMOVE_PATH ? REMOVE_ROOT : 0) | REMOVE_PHYSICAL);
+ r = rm_rf(instance, (i->type == RECURSIVE_REMOVE_PATH ? REMOVE_ROOT|REMOVE_SUBVOLUME : 0) | REMOVE_PHYSICAL);
if (r < 0 && r != -ENOENT)
return log_error_errno(r, "rm_rf(%s): %m", instance);
diff --git a/tmpfiles.d/systemd-nspawn.conf b/tmpfiles.d/systemd-nspawn.conf
new file mode 100644
index 0000000000..5a3124a0fc
--- /dev/null
+++ b/tmpfiles.d/systemd-nspawn.conf
@@ -0,0 +1,23 @@
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+# See tmpfiles.d(5) for details
+
+v /var/lib/machines 0700 - - -
+
+# Remove old temporary snapshots, but only at boot. Ideally we'd have
+# "self-destroying" btrfs snapshots that go away if the last last
+# reference to it does. To mimic a scheme like this at least remove
+# the old snapshots on fresh boots, where we know they cannot be
+# referenced anymore. Note that we actually remove all temporary files
+# in /var/lib/machines/ at boot, which should be safe since the
+# directory has defined semantics. In the root directory (where
+# systemd-nspawn --ephemeral places snapshots) we are more strict, to
+# avoid removing unrelated temporary files.
+
+R! /var/lib/machines/.#*
+R! /.#machine.*
diff --git a/tmpfiles.d/var.conf b/tmpfiles.d/var.conf
index 814652a22c..472680c3bf 100644
--- a/tmpfiles.d/var.conf
+++ b/tmpfiles.d/var.conf
@@ -18,6 +18,5 @@ f /var/log/btmp 0600 root utmp -
d /var/cache 0755 - - -
d /var/lib 0755 - - -
-v /var/lib/machines 0700 - - -
d /var/spool 0755 - - -