summaryrefslogtreecommitdiff
path: root/src/core
diff options
context:
space:
mode:
Diffstat (limited to 'src/core')
-rw-r--r--src/core/execute.c9
-rw-r--r--src/core/kmod-setup.c2
-rw-r--r--src/core/load-fragment-gperf.gperf.m44
-rw-r--r--src/core/load-fragment.c226
-rw-r--r--src/core/manager.c2
-rw-r--r--src/core/mount-setup.c2
-rw-r--r--src/core/service.c4
7 files changed, 119 insertions, 130 deletions
diff --git a/src/core/execute.c b/src/core/execute.c
index 444865da86..94cc101738 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -771,7 +771,7 @@ static int setup_pam(
};
pam_handle_t *handle = NULL;
- sigset_t ss, old_ss;
+ sigset_t old_ss;
int pam_code = PAM_SUCCESS;
int err;
char **e = NULL;
@@ -868,6 +868,11 @@ static int setup_pam(
/* Check if our parent process might already have
* died? */
if (getppid() == parent_pid) {
+ sigset_t ss;
+
+ assert_se(sigemptyset(&ss) >= 0);
+ assert_se(sigaddset(&ss, SIGTERM) >= 0);
+
for (;;) {
if (sigwait(&ss, &sig) < 0) {
if (errno == EINTR)
@@ -1509,7 +1514,6 @@ static int exec_child(
}
}
-#ifdef ENABLE_KDBUS
if (params->bus_endpoint_fd >= 0 && context->bus_endpoint) {
uid_t ep_uid = (uid == UID_INVALID) ? 0 : uid;
@@ -1519,7 +1523,6 @@ static int exec_child(
return r;
}
}
-#endif
/* If delegation is enabled we'll pass ownership of the cgroup
* (but only in systemd's own controller hierarchy!) to the
diff --git a/src/core/kmod-setup.c b/src/core/kmod-setup.c
index f5584b6b14..e7a6bdc8c4 100644
--- a/src/core/kmod-setup.c
+++ b/src/core/kmod-setup.c
@@ -66,10 +66,8 @@ int kmod_setup(void) {
/* this should never be a module */
{ "unix", "/proc/net/unix", true, true, NULL },
-#ifdef ENABLE_KDBUS
/* IPC is needed before we bring up any other services */
{ "kdbus", "/sys/fs/kdbus", false, false, is_kdbus_wanted },
-#endif
#ifdef HAVE_LIBIPTC
/* netfilter is needed by networkd, nspawn among others, and cannot be autoloaded */
diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4
index 66c9145aa6..aae81c80cb 100644
--- a/src/core/load-fragment-gperf.gperf.m4
+++ b/src/core/load-fragment-gperf.gperf.m4
@@ -229,9 +229,7 @@ Service.BusName, config_parse_bus_name, 0,
Service.FileDescriptorStoreMax, config_parse_unsigned, 0, offsetof(Service, n_fd_store_max)
Service.NotifyAccess, config_parse_notify_access, 0, offsetof(Service, notify_access)
Service.Sockets, config_parse_service_sockets, 0, 0
-m4_ifdef(`ENABLE_KDBUS',
-`Service.BusPolicy, config_parse_bus_endpoint_policy, 0, offsetof(Service, exec_context)',
-`Service.BusPolicy, config_parse_warn_compat, DISABLED_EXPERIMENTAL, 0')
+Service.BusPolicy, config_parse_bus_endpoint_policy, 0, offsetof(Service, exec_context)
EXEC_CONTEXT_CONFIG_ITEMS(Service)m4_dnl
CGROUP_CONTEXT_CONFIG_ITEMS(Service)m4_dnl
KILL_CONTEXT_CONFIG_ITEMS(Service)m4_dnl
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index df5fe6fb32..a48cb4029a 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -520,9 +520,9 @@ int config_parse_exec(
void *data,
void *userdata) {
- ExecCommand **e = data, *nce;
- char *path, **n;
- unsigned k;
+ ExecCommand **e = data;
+ const char *p;
+ bool semicolon;
int r;
assert(filename);
@@ -532,156 +532,154 @@ int config_parse_exec(
e += ltype;
+ rvalue += strspn(rvalue, WHITESPACE);
+ p = rvalue;
+
if (isempty(rvalue)) {
/* An empty assignment resets the list */
*e = exec_command_free_list(*e);
return 0;
}
- /* We accept an absolute path as first argument, or
- * alternatively an absolute prefixed with @ to allow
- * overriding of argv[0]. */
- for (;;) {
+ do {
int i;
- const char *word, *state, *reason;
- size_t l;
+ _cleanup_strv_free_ char **n = NULL;
+ size_t nlen = 0, nbufsize = 0;
+ _cleanup_free_ ExecCommand *nce = NULL;
+ _cleanup_free_ char *path = NULL, *firstword = NULL;
+ char *f;
bool separate_argv0 = false, ignore = false;
- path = NULL;
- nce = NULL;
- n = NULL;
+ semicolon = false;
- rvalue += strspn(rvalue, WHITESPACE);
+ r = unquote_first_word_and_warn(&p, &firstword, UNQUOTE_CUNESCAPE, unit, filename, line, rvalue);
+ if (r <= 0)
+ return 0;
- if (rvalue[0] == 0)
- break;
+ f = firstword;
+ for (i = 0; i < 2; i++) {
+ /* We accept an absolute path as first argument, or
+ * alternatively an absolute prefixed with @ to allow
+ * overriding of argv[0]. */
+ if (*f == '-' && !ignore)
+ ignore = true;
+ else if (*f == '@' && !separate_argv0)
+ separate_argv0 = true;
+ else
+ break;
+ f ++;
+ }
- k = 0;
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- if (k == 0) {
- for (i = 0; i < 2; i++) {
- if (*word == '-' && !ignore) {
- ignore = true;
- word ++;
- }
-
- if (*word == '@' && !separate_argv0) {
- separate_argv0 = true;
- word ++;
- }
- }
- } else if (strneq(word, ";", MAX(l, 1U)))
- goto found;
+ if (isempty(f)) {
+ /* First word is either "-" or "@" with no command. */
+ log_syntax(unit, LOG_ERR, filename, line, EINVAL,
+ "Empty path in command line, ignoring: \"%s\"", rvalue);
+ return 0;
+ }
- k++;
+ if (!string_is_safe(f)) {
+ log_syntax(unit, LOG_ERR, filename, line, EINVAL,
+ "Executable path contains special characters, ignoring: %s", rvalue);
+ return 0;
}
- if (!isempty(state)) {
- log_syntax(unit, LOG_ERR, filename, line, EINVAL, "Trailing garbage, ignoring.");
+ if (!path_is_absolute(f)) {
+ log_syntax(unit, LOG_ERR, filename, line, EINVAL,
+ "Executable path is not absolute, ignoring: %s", rvalue);
+ return 0;
+ }
+ if (endswith(f, "/")) {
+ log_syntax(unit, LOG_ERR, filename, line, EINVAL,
+ "Executable path specifies a directory, ignoring: %s", rvalue);
return 0;
}
- found:
- /* If separate_argv0, we'll move first element to path variable */
- n = new(char*, MAX(k + !separate_argv0, 1u));
- if (!n)
- return log_oom();
+ if (f == firstword) {
+ path = firstword;
+ firstword = NULL;
+ } else {
+ path = strdup(f);
+ if (!path)
+ return log_oom();
+ }
- k = 0;
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- char *c;
- unsigned skip;
-
- if (separate_argv0 ? path == NULL : k == 0) {
- /* first word, very special */
- skip = separate_argv0 + ignore;
-
- /* skip special chars in the beginning */
- if (l <= skip) {
- log_syntax(unit, LOG_ERR, filename, line, EINVAL,
- "Empty path in command line, ignoring: \"%s\"", rvalue);
- r = 0;
- goto fail;
- }
+ if (!separate_argv0) {
+ if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
+ return log_oom();
+ f = strdup(path);
+ if (!f)
+ return log_oom();
+ n[nlen++] = f;
+ n[nlen] = NULL;
+ }
- } else if (strneq(word, ";", MAX(l, 1U)))
- /* new commandline */
- break;
+ path_kill_slashes(path);
- else
- skip = strneq(word, "\\;", MAX(l, 1U));
+ for (;;) {
+ _cleanup_free_ char *word = NULL;
- r = cunescape_length(word + skip, l - skip, UNESCAPE_RELAX, &c);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to unescape command line, ignoring: %s", rvalue);
- r = 0;
- goto fail;
+ /* Check explicitly for an unquoted semicolon as
+ * command separator token. */
+ if (p[0] == ';' && (!p[1] || strchr(WHITESPACE, p[1]))) {
+ p ++;
+ p += strspn(p, WHITESPACE);
+ semicolon = true;
+ break;
}
- if (!utf8_is_valid(c)) {
- log_invalid_utf8(unit, LOG_ERR, filename, line, EINVAL, rvalue);
- r = 0;
- goto fail;
+ /* Check for \; explicitly, to not confuse it with \\;
+ * or "\;" or "\\;" etc. unquote_first_word would
+ * return the same for all of those. */
+ if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) {
+ p += 2;
+ p += strspn(p, WHITESPACE);
+ if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
+ return log_oom();
+ f = strdup(";");
+ if (!f)
+ return log_oom();
+ n[nlen++] = f;
+ n[nlen] = NULL;
+ continue;
}
- /* where to stuff this? */
- if (separate_argv0 && path == NULL)
- path = c;
- else
- n[k++] = c;
- }
+ r = unquote_first_word_and_warn(&p, &word, UNQUOTE_CUNESCAPE, unit, filename, line, rvalue);
+ if (r == 0)
+ break;
+ else if (r < 0)
+ return 0;
- n[k] = NULL;
+ if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
+ return log_oom();
+ n[nlen++] = word;
+ n[nlen] = NULL;
+ word = NULL;
+ }
- if (!n[0])
- reason = "Empty executable name or zeroeth argument";
- else if (!string_is_safe(path ?: n[0]))
- reason = "Executable path contains special characters";
- else if (!path_is_absolute(path ?: n[0]))
- reason = "Executable path is not absolute";
- else if (endswith(path ?: n[0], "/"))
- reason = "Executable path specifies a directory";
- else
- goto ok;
-
- log_syntax(unit, LOG_ERR, filename, line, EINVAL, "%s, ignoring: %s", reason, rvalue);
- r = 0;
- goto fail;
-
-ok:
- if (!path) {
- path = strdup(n[0]);
- if (!path) {
- r = log_oom();
- goto fail;
- }
+ if (!n || !n[0]) {
+ log_syntax(unit, LOG_ERR, filename, line, EINVAL,
+ "Empty executable name or zeroeth argument, ignoring: %s", rvalue);
+ return 0;
}
nce = new0(ExecCommand, 1);
- if (!nce) {
- r = log_oom();
- goto fail;
- }
+ if (!nce)
+ return log_oom();
nce->argv = n;
nce->path = path;
nce->ignore = ignore;
- path_kill_slashes(nce->path);
-
exec_command_append_list(e, nce);
- rvalue = state;
- }
-
- return 0;
+ /* Do not _cleanup_free_ these. */
+ n = NULL;
+ path = NULL;
+ nce = NULL;
-fail:
- n[k] = NULL;
- strv_free(n);
- free(path);
- free(nce);
+ rvalue = p;
+ } while (semicolon);
- return r;
+ return 0;
}
DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type");
diff --git a/src/core/manager.c b/src/core/manager.c
index eb80dd1b46..a1f37bbbb3 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -731,7 +731,6 @@ static int manager_setup_notify(Manager *m) {
}
static int manager_setup_kdbus(Manager *m) {
-#ifdef ENABLE_KDBUS
_cleanup_free_ char *p = NULL;
assert(m);
@@ -749,7 +748,6 @@ static int manager_setup_kdbus(Manager *m) {
return log_debug_errno(m->kdbus_fd, "Failed to set up kdbus: %m");
log_debug("Successfully set up kdbus on %s", p);
-#endif
return 0;
}
diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
index c35248eeae..42a6b952b9 100644
--- a/src/core/mount-setup.c
+++ b/src/core/mount-setup.c
@@ -104,10 +104,8 @@ static const MountPoint mount_table[] = {
{ "efivarfs", "/sys/firmware/efi/efivars", "efivarfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
is_efi_boot, MNT_NONE },
#endif
-#ifdef ENABLE_KDBUS
{ "kdbusfs", "/sys/fs/kdbus", "kdbusfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
NULL, MNT_IN_CONTAINER },
-#endif
};
/* These are API file systems that might be mounted by other software,
diff --git a/src/core/service.c b/src/core/service.c
index 71252e29e2..fa1e80b710 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -568,14 +568,12 @@ static int service_add_extras(Service *s) {
s->notify_access = NOTIFY_MAIN;
if (s->bus_name) {
-#ifdef ENABLE_KDBUS
const char *n;
n = strjoina(s->bus_name, ".busname");
r = unit_add_dependency_by_name(UNIT(s), UNIT_AFTER, n, NULL, true);
if (r < 0)
return r;
-#endif
r = unit_watch_bus_name(UNIT(s), s->bus_name);
if (r < 0)
@@ -1180,7 +1178,6 @@ static int service_spawn(
} else
path = UNIT(s)->cgroup_path;
-#ifdef ENABLE_KDBUS
if (s->exec_context.bus_endpoint) {
r = bus_kernel_create_endpoint(UNIT(s)->manager->running_as == MANAGER_SYSTEM ? "system" : "user",
UNIT(s)->id, &bus_endpoint_path);
@@ -1192,7 +1189,6 @@ static int service_spawn(
* as the service is running. */
exec_params.bus_endpoint_fd = s->bus_endpoint_fd = r;
}
-#endif
exec_params.argv = argv;
exec_params.fds = fds;
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2025-04-27 03:17:54 +0000