summaryrefslogtreecommitdiff
path: root/src/core
diff options
context:
space:
mode:
Diffstat (limited to 'src/core')
-rw-r--r--src/core/device.c62
-rw-r--r--src/core/load-fragment.c267
-rw-r--r--src/core/main.c2
-rw-r--r--src/core/namespace.c151
4 files changed, 257 insertions, 225 deletions
diff --git a/src/core/device.c b/src/core/device.c
index 498351af11..c572a6737c 100644
--- a/src/core/device.c
+++ b/src/core/device.c
@@ -256,39 +256,33 @@ static int device_update_description(Unit *u, struct udev_device *dev, const cha
}
static int device_add_udev_wants(Unit *u, struct udev_device *dev) {
- const char *wants;
- const char *word, *state;
- size_t l;
+ const char *wants, *property, *p;
int r;
- const char *property;
assert(u);
assert(dev);
property = MANAGER_IS_USER(u->manager) ? "SYSTEMD_USER_WANTS" : "SYSTEMD_WANTS";
wants = udev_device_get_property_value(dev, property);
- if (!wants)
- return 0;
-
- FOREACH_WORD_QUOTED(word, l, wants, state) {
- _cleanup_free_ char *n = NULL;
- char e[l+1];
+ for (p = wants;;) {
+ _cleanup_free_ char *word = NULL, *k = NULL;
- memcpy(e, word, l);
- e[l] = 0;
+ r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
+ if (r == 0)
+ return 0;
+ if (r == -ENOMEM)
+ return log_oom();
+ if (r < 0)
+ return log_unit_error_errno(u, r, "Failed to add parse %s: %m", property);
- r = unit_name_mangle(e, UNIT_NAME_NOGLOB, &n);
+ r = unit_name_mangle(word, UNIT_NAME_NOGLOB, &k);
if (r < 0)
- return log_unit_error_errno(u, r, "Failed to mangle unit name: %m");
+ return log_unit_error_errno(u, r, "Failed to mangle unit name \"%s\": %m", word);
- r = unit_add_dependency_by_name(u, UNIT_WANTS, n, NULL, true);
+ r = unit_add_dependency_by_name(u, UNIT_WANTS, k, NULL, true);
if (r < 0)
return log_unit_error_errno(u, r, "Failed to add wants dependency: %m");
}
- if (!isempty(state))
- log_unit_warning(u, "Property %s on %s has trailing garbage, ignoring.", property, strna(udev_device_get_syspath(dev)));
-
- return 0;
}
static int device_setup_unit(Manager *m, struct udev_device *dev, const char *path, bool main) {
@@ -423,26 +417,22 @@ static int device_process_new(Manager *m, struct udev_device *dev) {
/* Add additional units for all explicitly configured
* aliases */
alias = udev_device_get_property_value(dev, "SYSTEMD_ALIAS");
- if (alias) {
- const char *word, *state;
- size_t l;
-
- FOREACH_WORD_QUOTED(word, l, alias, state) {
- char e[l+1];
+ for (;;) {
+ _cleanup_free_ char *word = NULL, *k = NULL;
- memcpy(e, word, l);
- e[l] = 0;
+ r = extract_first_word(&alias, &word, NULL, EXTRACT_QUOTES);
+ if (r == 0)
+ return 0;
+ if (r == -ENOMEM)
+ return log_oom();
+ if (r < 0)
+ return log_warning_errno(r, "Failed to add parse SYSTEMD_ALIAS for %s: %m", sysfs);
- if (path_is_absolute(e))
- (void) device_setup_unit(m, dev, e, false);
- else
- log_warning("SYSTEMD_ALIAS for %s is not an absolute path, ignoring: %s", sysfs, e);
- }
- if (!isempty(state))
- log_warning("SYSTEMD_ALIAS for %s has trailing garbage, ignoring.", sysfs);
+ if (path_is_absolute(word))
+ (void) device_setup_unit(m, dev, word, false);
+ else
+ log_warning("SYSTEMD_ALIAS for %s is not an absolute path, ignoring: %s", sysfs, word);
}
-
- return 0;
}
static void device_update_found_one(Device *d, bool add, DeviceFound found, bool now) {
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index cbc826809e..75c048a23e 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -269,26 +269,33 @@ int config_parse_unit_path_strv_printf(
void *userdata) {
char ***x = data;
- const char *word, *state;
Unit *u = userdata;
- size_t l;
int r;
+ const char *p;
assert(filename);
assert(lvalue);
assert(rvalue);
assert(u);
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- _cleanup_free_ char *k = NULL;
- char t[l+1];
+ for (p = rvalue;;) {
+ _cleanup_free_ char *word = NULL, *k = NULL;
- memcpy(t, word, l);
- t[l] = 0;
+ r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
+ if (r == 0)
+ return 0;
+ if (r == -ENOMEM)
+ return log_oom();
+ if (r < 0) {
+ log_syntax(unit, LOG_WARNING, filename, line, r,
+ "Invalid syntax, ignoring: %s", rvalue);
+ return 0;
+ }
- r = unit_full_printf(u, t, &k);
+ r = unit_full_printf(u, word, &k);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", t);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to resolve unit specifiers on \"%s\", ignoring: %m", word);
return 0;
}
@@ -298,7 +305,8 @@ int config_parse_unit_path_strv_printf(
}
if (!path_is_absolute(k)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Symlink path %s is not absolute, ignoring: %m", k);
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "Symlink path is not absolute: %s", k);
return 0;
}
@@ -307,13 +315,8 @@ int config_parse_unit_path_strv_printf(
r = strv_push(x, k);
if (r < 0)
return log_oom();
-
k = NULL;
}
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, ignoring.");
-
- return 0;
}
int config_parse_socket_listen(const char *unit,
@@ -606,7 +609,7 @@ int config_parse_exec(
semicolon = false;
- r = extract_first_word_and_warn(&p, &firstword, WHITESPACE, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
+ r = extract_first_word_and_warn(&p, &firstword, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
if (r <= 0)
return 0;
@@ -695,7 +698,7 @@ int config_parse_exec(
continue;
}
- r = extract_first_word_and_warn(&p, &word, WHITESPACE, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
+ r = extract_first_word_and_warn(&p, &word, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
if (r == 0)
break;
else if (r < 0)
@@ -1062,8 +1065,8 @@ int config_parse_exec_secure_bits(const char *unit,
void *userdata) {
ExecContext *c = data;
- size_t l;
- const char *word, *state;
+ const char *p;
+ int r;
assert(filename);
assert(lvalue);
@@ -1076,28 +1079,38 @@ int config_parse_exec_secure_bits(const char *unit,
return 0;
}
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- if (first_word(word, "keep-caps"))
+ for (p = rvalue;;) {
+ _cleanup_free_ char *word = NULL;
+
+ r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
+ if (r == 0)
+ return 0;
+ if (r == -ENOMEM)
+ return log_oom();
+ if (r < 0) {
+ log_syntax(unit, LOG_WARNING, filename, line, r,
+ "Invalid syntax, ignoring: %s", rvalue);
+ return 0;
+ }
+
+ if (streq(word, "keep-caps"))
c->secure_bits |= 1<<SECURE_KEEP_CAPS;
- else if (first_word(word, "keep-caps-locked"))
+ else if (streq(word, "keep-caps-locked"))
c->secure_bits |= 1<<SECURE_KEEP_CAPS_LOCKED;
- else if (first_word(word, "no-setuid-fixup"))
+ else if (streq(word, "no-setuid-fixup"))
c->secure_bits |= 1<<SECURE_NO_SETUID_FIXUP;
- else if (first_word(word, "no-setuid-fixup-locked"))
+ else if (streq(word, "no-setuid-fixup-locked"))
c->secure_bits |= 1<<SECURE_NO_SETUID_FIXUP_LOCKED;
- else if (first_word(word, "noroot"))
+ else if (streq(word, "noroot"))
c->secure_bits |= 1<<SECURE_NOROOT;
- else if (first_word(word, "noroot-locked"))
+ else if (streq(word, "noroot-locked"))
c->secure_bits |= 1<<SECURE_NOROOT_LOCKED;
else {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse secure bits, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "Failed to parse secure bit \"%s\", ignoring.", word);
return 0;
}
}
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, garbage at the end, ignoring.");
-
- return 0;
}
int config_parse_capability_set(
@@ -1951,7 +1964,7 @@ int config_parse_user_group_strv(
for (;;) {
_cleanup_free_ char *word = NULL, *k = NULL;
- r = extract_first_word(&p, &word, WHITESPACE, 0);
+ r = extract_first_word(&p, &word, NULL, 0);
if (r == 0)
break;
if (r == -ENOMEM)
@@ -2210,10 +2223,8 @@ int config_parse_environ(const char *unit,
void *userdata) {
Unit *u = userdata;
- char*** env = data;
- const char *word, *state;
- size_t l;
- _cleanup_free_ char *k = NULL;
+ char ***env = data;
+ const char *p;
int r;
assert(filename);
@@ -2227,46 +2238,43 @@ int config_parse_environ(const char *unit,
return 0;
}
- if (u) {
- r = unit_full_printf(u, rvalue, &k);
+ for (p = rvalue;; ) {
+ _cleanup_free_ char *word = NULL, *k = NULL;
+
+ r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
+ if (r == 0)
+ return 0;
+ if (r == -ENOMEM)
+ return log_oom();
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_WARNING, filename, line, r,
+ "Invalid syntax, ignoring: %s", rvalue);
return 0;
}
- }
-
- if (!k) {
- k = strdup(rvalue);
- if (!k)
- return log_oom();
- }
-
- FOREACH_WORD_QUOTED(word, l, k, state) {
- _cleanup_free_ char *n = NULL;
- char **x;
- r = cunescape_length(word, l, 0, &n);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Couldn't unescape assignment, ignoring: %s", rvalue);
- continue;
+ if (u) {
+ r = unit_full_printf(u, word, &k);
+ if (r < 0) {
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to resolve specifiers, ignoring: %s", k);
+ continue;
+ }
+ } else {
+ k = word;
+ word = NULL;
}
- if (!env_assignment_is_valid(n)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid environment assignment, ignoring: %s", rvalue);
+ if (!env_assignment_is_valid(k)) {
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "Invalid environment assignment, ignoring: %s", k);
continue;
}
- x = strv_env_set(*env, n);
- if (!x)
+ r = strv_env_replace(env, k);
+ if (r < 0)
return log_oom();
-
- strv_free(*env);
- *env = x;
+ k = NULL;
}
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
-
- return 0;
}
int config_parse_pass_environ(const char *unit,
@@ -2300,7 +2308,7 @@ int config_parse_pass_environ(const char *unit,
for (;;) {
_cleanup_free_ char *word = NULL;
- r = extract_first_word(&rvalue, &word, WHITESPACE, EXTRACT_QUOTES);
+ r = extract_first_word(&rvalue, &word, NULL, EXTRACT_QUOTES);
if (r == 0)
break;
if (r == -ENOMEM)
@@ -2538,37 +2546,39 @@ int config_parse_unit_requires_mounts_for(
void *userdata) {
Unit *u = userdata;
- const char *word, *state;
- size_t l;
+ const char *p;
+ int r;
assert(filename);
assert(lvalue);
assert(rvalue);
assert(data);
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- int r;
- _cleanup_free_ char *n;
+ for (p = rvalue;; ) {
+ _cleanup_free_ char *word = NULL;
- n = strndup(word, l);
- if (!n)
+ r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
+ if (r == 0)
+ return 0;
+ if (r == -ENOMEM)
return log_oom();
+ if (r < 0) {
+ log_syntax(unit, LOG_WARNING, filename, line, r,
+ "Invalid syntax, ignoring: %s", rvalue);
+ return 0;
+ }
- if (!utf8_is_valid(n)) {
+ if (!utf8_is_valid(word)) {
log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
continue;
}
- r = unit_require_mounts_for(u, n);
+ r = unit_require_mounts_for(u, word);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add required mount for, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add required mount \"%s\", ignoring: %m", word);
continue;
}
}
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
-
- return 0;
}
int config_parse_documentation(const char *unit,
@@ -2760,8 +2770,7 @@ int config_parse_syscall_archs(
void *userdata) {
Set **archs = data;
- const char *word, *state;
- size_t l;
+ const char *p;
int r;
if (isempty(rvalue)) {
@@ -2773,30 +2782,32 @@ int config_parse_syscall_archs(
if (r < 0)
return log_oom();
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- _cleanup_free_ char *t = NULL;
+ for (p = rvalue;;) {
+ _cleanup_free_ char *word = NULL;
uint32_t a;
- t = strndup(word, l);
- if (!t)
+ r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
+ if (r == 0)
+ return 0;
+ if (r == -ENOMEM)
return log_oom();
+ if (r < 0) {
+ log_syntax(unit, LOG_WARNING, filename, line, r,
+ "Invalid syntax, ignoring: %s", rvalue);
+ return 0;
+ }
- r = seccomp_arch_from_string(t, &a);
+ r = seccomp_arch_from_string(word, &a);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse system call architecture, ignoring: %s", t);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to parse system call architecture \"%s\", ignoring: %m", word);
continue;
}
r = set_put(*archs, UINT32_TO_PTR(a + 1));
- if (r == 0)
- continue;
if (r < 0)
return log_oom();
}
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
-
- return 0;
}
int config_parse_syscall_errno(
@@ -2848,8 +2859,7 @@ int config_parse_address_families(
ExecContext *c = data;
bool invert = false;
- const char *word, *state;
- size_t l;
+ const char *p;
int r;
assert(filename);
@@ -2876,36 +2886,38 @@ int config_parse_address_families(
c->address_families_whitelist = !invert;
}
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- _cleanup_free_ char *t = NULL;
+ for (p = rvalue;;) {
+ _cleanup_free_ char *word = NULL;
int af;
- t = strndup(word, l);
- if (!t)
+ r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
+ if (r == 0)
+ return 0;
+ if (r == -ENOMEM)
return log_oom();
+ if (r < 0) {
+ log_syntax(unit, LOG_WARNING, filename, line, r,
+ "Invalid syntax, ignoring: %s", rvalue);
+ return 0;
+ }
- af = af_from_name(t);
+ af = af_from_name(word);
if (af <= 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse address family, ignoring: %s", t);
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "Failed to parse address family \"%s\", ignoring: %m", word);
continue;
}
/* If we previously wanted to forbid an address family and now
- * we want to allow it, then remove it from the list
+ * we want to allow it, then just remove it from the list.
*/
if (!invert == c->address_families_whitelist) {
r = set_put(c->address_families, INT_TO_PTR(af));
- if (r == 0)
- continue;
if (r < 0)
return log_oom();
} else
set_remove(c->address_families, INT_TO_PTR(af));
}
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
-
- return 0;
}
#endif
@@ -3622,8 +3634,7 @@ int config_parse_runtime_directory(
char***rt = data;
Unit *u = userdata;
- const char *word, *state;
- size_t l;
+ const char *p;
int r;
assert(filename);
@@ -3637,34 +3648,38 @@ int config_parse_runtime_directory(
return 0;
}
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- _cleanup_free_ char *t = NULL, *n = NULL;
+ for (p = rvalue;;) {
+ _cleanup_free_ char *word = NULL, *k = NULL;
- t = strndup(word, l);
- if (!t)
+ r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
+ if (r == 0)
+ return 0;
+ if (r == -ENOMEM)
return log_oom();
+ if (r < 0) {
+ log_syntax(unit, LOG_WARNING, filename, line, r,
+ "Invalid syntax, ignoring: %s", rvalue);
+ return 0;
+ }
- r = unit_name_printf(u, t, &n);
+ r = unit_name_printf(u, word, &k);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %m");
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to resolve specifiers in \"%s\", ignoring: %m", word);
continue;
}
- if (!filename_is_valid(n)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Runtime directory is not valid, ignoring assignment: %s", rvalue);
+ if (!filename_is_valid(k)) {
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "Runtime directory is not valid, ignoring assignment: %s", rvalue);
continue;
}
- r = strv_push(rt, n);
+ r = strv_push(rt, k);
if (r < 0)
return log_oom();
-
- n = NULL;
+ k = NULL;
}
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
-
- return 0;
}
int config_parse_set_status(
diff --git a/src/core/main.c b/src/core/main.c
index aaa352750c..f5f7df838d 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -574,7 +574,7 @@ static int config_parse_join_controllers(const char *unit,
char **l;
int r;
- r = extract_first_word(&rvalue, &word, WHITESPACE, EXTRACT_QUOTES);
+ r = extract_first_word(&rvalue, &word, NULL, EXTRACT_QUOTES);
if (r < 0) {
log_syntax(unit, LOG_ERR, filename, line, r, "Invalid value for %s: %s", lvalue, whole_rvalue);
return r;
diff --git a/src/core/namespace.c b/src/core/namespace.c
index db9a7aa5e7..f361e139ac 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -58,8 +58,7 @@ typedef enum MountMode {
} MountMode;
typedef struct BindMount {
- const char *path; /* stack memory, doesn't need to be freed explicitly */
- char *chased; /* malloc()ed memory, needs to be freed */
+ char *path;
MountMode mode;
bool ignore; /* Ignore if path does not exist */
} BindMount;
@@ -155,10 +154,23 @@ static const TargetMount protect_system_strict_table[] = {
{ "/root", READWRITE, true }, /* ProtectHome= */
};
-static void set_bind_mount(BindMount **p, const char *path, MountMode mode, bool ignore) {
- (*p)->path = path;
- (*p)->mode = mode;
- (*p)->ignore = ignore;
+static void set_bind_mount(BindMount *p, char *path, MountMode mode, bool ignore) {
+ p->path = path;
+ p->mode = mode;
+ p->ignore = ignore;
+}
+
+static int append_one_mount(BindMount **p, const char *root_directory,
+ const char *path, MountMode mode, bool ignore) {
+ char *lpath;
+ assert(p);
+
+ lpath = prefix_root(root_directory, path);
+ if (!lpath)
+ return -ENOMEM;
+
+ set_bind_mount((*p)++, lpath, mode, ignore);
+ return 0;
}
static int append_mounts(BindMount **p, char **strv, MountMode mode) {
@@ -168,6 +180,7 @@ static int append_mounts(BindMount **p, char **strv, MountMode mode) {
STRV_FOREACH(i, strv) {
bool ignore = false;
+ char *path;
if (IN_SET(mode, INACCESSIBLE, READONLY, READWRITE) && startswith(*i, "-")) {
(*i)++;
@@ -177,8 +190,11 @@ static int append_mounts(BindMount **p, char **strv, MountMode mode) {
if (!path_is_absolute(*i))
return -EINVAL;
- set_bind_mount(p, *i, mode, ignore);
- (*p)++;
+ path = strdup(*i);
+ if (!path)
+ return -ENOMEM;
+
+ set_bind_mount((*p)++, path, mode, ignore);
}
return 0;
@@ -196,13 +212,16 @@ static int append_target_mounts(BindMount **p, const char *root_directory, const
* declaration we do not support "-" at the beginning.
*/
const TargetMount *m = &mounts[i];
- const char *path = prefix_roota(root_directory, m->path);
+ char *path;
+
+ path = prefix_root(root_directory, m->path);
+ if (!path)
+ return -ENOMEM;
if (!path_is_absolute(path))
return -EINVAL;
- set_bind_mount(p, path, m->mode, m->ignore);
- (*p)++;
+ set_bind_mount((*p)++, path, m->mode, m->ignore);
}
return 0;
@@ -309,6 +328,7 @@ static void drop_duplicates(BindMount *m, unsigned *n) {
* above. */
if (previous && path_equal(f->path, previous->path)) {
log_debug("%s is duplicate.", f->path);
+ f->path = mfree(f->path);
continue;
}
@@ -336,6 +356,7 @@ static void drop_inaccessible(BindMount *m, unsigned *n) {
* it, as inaccessible paths really should drop the entire subtree. */
if (clear && path_startswith(f->path, clear)) {
log_debug("%s is masked by %s.", f->path, clear);
+ f->path = mfree(f->path);
continue;
}
@@ -375,6 +396,7 @@ static void drop_nop(BindMount *m, unsigned *n) {
/* We found it, let's see if it's the same mode, if so, we can drop this entry */
if (found && p->mode == f->mode) {
log_debug("%s is redundant by %s", f->path, p->path);
+ f->path = mfree(f->path);
continue;
}
}
@@ -401,6 +423,7 @@ static void drop_outside_root(const char *root_directory, BindMount *m, unsigned
if (!path_startswith(f->path, root_directory)) {
log_debug("%s is outside of root directory.", f->path);
+ f->path = mfree(f->path);
continue;
}
@@ -651,19 +674,23 @@ static int chase_all_symlinks(const char *root_directory, BindMount *m, unsigned
* chase the symlinks on our own first. This call wil do so for all entries and remove all entries where we
* can't resolve the path, and which have been marked for such removal. */
- for (f = m, t = m; f < m+*n; f++) {
+ for (f = m, t = m; f < m + *n; f++) {
+ _cleanup_free_ char *chased = NULL;
- r = chase_symlinks(f->path, root_directory, &f->chased);
- if (r == -ENOENT && f->ignore) /* Doesn't exist? Then remove it! */
+ r = chase_symlinks(f->path, root_directory, &chased);
+ if (r == -ENOENT && f->ignore) {
+ /* Doesn't exist? Then remove it! */
+ f->path = mfree(f->path);
continue;
+ }
if (r < 0)
return log_debug_errno(r, "Failed to chase symlinks for %s: %m", f->path);
- if (path_equal(f->path, f->chased))
- f->chased = mfree(f->chased);
- else {
- log_debug("Chased %s → %s", f->path, f->chased);
- f->path = f->chased;
+ if (!path_equal(f->path, chased)) {
+ log_debug("Chased %s → %s", f->path, chased);
+ r = free_and_replace(f->path, chased);
+ if (r < 0)
+ return r;
}
*t = *f;
@@ -724,96 +751,96 @@ int setup_namespace(
BindMount *m, *mounts = NULL;
bool make_slave = false;
- unsigned n;
+ unsigned n_mounts;
int r = 0;
if (mount_flags == 0)
mount_flags = MS_SHARED;
- n = namespace_calculate_mounts(ns_info,
- read_write_paths,
- read_only_paths,
- inaccessible_paths,
- tmp_dir, var_tmp_dir,
- protect_home, protect_system);
+ n_mounts = namespace_calculate_mounts(ns_info,
+ read_write_paths,
+ read_only_paths,
+ inaccessible_paths,
+ tmp_dir, var_tmp_dir,
+ protect_home, protect_system);
/* Set mount slave mode */
- if (root_directory || n > 0)
+ if (root_directory || n_mounts > 0)
make_slave = true;
- if (n > 0) {
- m = mounts = (BindMount *) alloca0(n * sizeof(BindMount));
+ if (n_mounts > 0) {
+ m = mounts = (BindMount *) alloca0(n_mounts * sizeof(BindMount));
r = append_mounts(&m, read_write_paths, READWRITE);
if (r < 0)
- return r;
+ goto finish;
r = append_mounts(&m, read_only_paths, READONLY);
if (r < 0)
- return r;
+ goto finish;
r = append_mounts(&m, inaccessible_paths, INACCESSIBLE);
if (r < 0)
- return r;
+ goto finish;
if (tmp_dir) {
- m->path = prefix_roota(root_directory, "/tmp");
- m->mode = PRIVATE_TMP;
- m++;
+ r = append_one_mount(&m, root_directory, "/tmp", PRIVATE_TMP, false);
+ if (r < 0)
+ goto finish;
}
if (var_tmp_dir) {
- m->path = prefix_roota(root_directory, "/var/tmp");
- m->mode = PRIVATE_VAR_TMP;
- m++;
+ r = append_one_mount(&m, root_directory, "/var/tmp", PRIVATE_VAR_TMP, false);
+ if (r < 0)
+ goto finish;
}
if (ns_info->private_dev) {
- m->path = prefix_roota(root_directory, "/dev");
- m->mode = PRIVATE_DEV;
- m++;
+ r = append_one_mount(&m, root_directory, "/dev", PRIVATE_DEV, false);
+ if (r < 0)
+ goto finish;
}
if (ns_info->protect_kernel_tunables) {
r = append_protect_kernel_tunables(&m, root_directory);
if (r < 0)
- return r;
+ goto finish;
}
if (ns_info->protect_kernel_modules) {
r = append_protect_kernel_modules(&m, root_directory);
if (r < 0)
- return r;
+ goto finish;
}
if (ns_info->protect_control_groups) {
- m->path = prefix_roota(root_directory, "/sys/fs/cgroup");
- m->mode = READONLY;
- m++;
+ r = append_one_mount(&m, root_directory, "/sys/fs/cgroup", READONLY, false);
+ if (r < 0)
+ goto finish;
}
r = append_protect_home(&m, root_directory, protect_home);
if (r < 0)
- return r;
+ goto finish;
r = append_protect_system(&m, root_directory, protect_system);
if (r < 0)
- return r;
+ goto finish;
- assert(mounts + n == m);
+ assert(mounts + n_mounts == m);
/* Resolve symlinks manually first, as mount() will always follow them relative to the host's
* root. Moreover we want to suppress duplicates based on the resolved paths. This of course is a bit
* racy. */
- r = chase_all_symlinks(root_directory, mounts, &n);
+ r = chase_all_symlinks(root_directory, mounts, &n_mounts);
if (r < 0)
goto finish;
- qsort(mounts, n, sizeof(BindMount), mount_path_compare);
+ qsort(mounts, n_mounts, sizeof(BindMount), mount_path_compare);
- drop_duplicates(mounts, &n);
- drop_outside_root(root_directory, mounts, &n);
- drop_inaccessible(mounts, &n);
- drop_nop(mounts, &n);
+ drop_duplicates(mounts, &n_mounts);
+ drop_outside_root(root_directory, mounts, &n_mounts);
+ drop_inaccessible(mounts, &n_mounts);
+ drop_nop(mounts, &n_mounts);
}
if (unshare(CLONE_NEWNS) < 0) {
@@ -843,25 +870,25 @@ int setup_namespace(
}
}
- if (n > 0) {
+ if (n_mounts > 0) {
char **blacklist;
unsigned j;
/* First round, add in all special mounts we need */
- for (m = mounts; m < mounts + n; ++m) {
+ for (m = mounts; m < mounts + n_mounts; ++m) {
r = apply_mount(m, tmp_dir, var_tmp_dir);
if (r < 0)
goto finish;
}
/* Create a blacklist we can pass to bind_mount_recursive() */
- blacklist = newa(char*, n+1);
- for (j = 0; j < n; j++)
+ blacklist = newa(char*, n_mounts+1);
+ for (j = 0; j < n_mounts; j++)
blacklist[j] = (char*) mounts[j].path;
blacklist[j] = NULL;
/* Second round, flip the ro bits if necessary. */
- for (m = mounts; m < mounts + n; ++m) {
+ for (m = mounts; m < mounts + n_mounts; ++m) {
r = make_read_only(m, blacklist);
if (r < 0)
goto finish;
@@ -886,8 +913,8 @@ int setup_namespace(
r = 0;
finish:
- for (m = mounts; m < mounts + n; m++)
- free(m->chased);
+ for (m = mounts; m < mounts + n_mounts; m++)
+ free(m->path);
return r;
}
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2025-04-11 06:14:44 +0000