summaryrefslogtreecommitdiff
path: root/src/tmpfiles/tmpfiles.c
AgeCommit message (Collapse)Author
2015-01-27tmpfiles: fix help textZbigniew Jędrzejewski-Szmek
The help text, apart from being too long, did not describe what the options really do.
2015-01-26tmpfiles: use casts instead of warning suppressionZbigniew Jędrzejewski-Szmek
This warning got its own name only in gcc5, so the suppression does not work in gcc4, and generates a warning of its own. Use a cast, which is ugly too, but less so.
2015-01-24tmpfiles: do not bump access times of directories we are cleaning upZbigniew Jędrzejewski-Szmek
Both plain opendir() and glob() will bump access time. Privileged option O_NOATIME can be used to prevent the access time from being updated. We already used it for subdirectories of the directories which we were cleaning up. But for the directories specified directly in the config files, we wouldn't do that. This means that, paradoxically, our own temporary directories for PrivateTmp would stay around forever, as long as one let systemd-tmpfiles-clean.service run regularly, because they had their own glob patterns specified. https://bugzilla.redhat.com/show_bug.cgi?id=1183684
2015-01-24tmpfiles: add debug statements for all actionsZbigniew Jędrzejewski-Szmek
systemd-tmpfiles can be used by users, but it can be quite hard to figure out the logic it follows, especially since the logic is in some places rather torturous. Hopefuly this will make it easier for users to understand what is happening.
2015-01-23tmpfiles: minor simplificationZbigniew Jędrzejewski-Szmek
2015-01-22shared/acl-util: add mask only when needed, always add base ACLsZbigniew Jędrzejewski-Szmek
For ACLs to be valid, a set of entries for user, group, and other must be always present. Always add those entries. While at it, only add the mask ACL if it is actually required, i.e. when at least on ACL for non-owner group or user exists.
2015-01-22tmpfiles: implement augmenting of existing ACLsZbigniew Jędrzejewski-Szmek
This is much more useful in practice (equivalent to setfacl -m).
2015-01-22tmpfiles: make t and a globby, add their recursive versions T and AZbigniew Jędrzejewski-Szmek
For types which adapt existing files it is generally more useful to accept globs. In analogy to z and Z, add recursive versions using uppercase letters. Technically, making a accept globs is backwards incompatible, but in practice it probably isn't yet widely used and we can assume that most people don't create files with wildcards in names. Functions which are used as callbacks, but not directly on items, are renamed not to have "item_" prefix.
2015-01-22tmpfiles: make recursive operation genericZbigniew Jędrzejewski-Szmek
2015-01-22tmpfiles: add 'a' type to set ACLsZbigniew Jędrzejewski-Szmek
2015-01-22tmpfiles: attach an array of items to each pathZbigniew Jędrzejewski-Szmek
The data structure used by tmpfiles is changed: instead of hashmaps mapping {path → Item*} we now have hashmaps containing {path -> ItemArray}, where ItemArray contains a pointer to an array of Items. For current code it doesn't matter much, but when we add new types it is easier to simply add a new Item for a given path, then to coalesce multiple lines into one Item. In the future, this change will also make it possible to remember the file and line where each Item originates, and use that in reporting errors. Currently this is not possible, since each Item can be created from multiple lines.
2015-01-22tmpfiles: make sure not to concatenate non-absolute pathZbigniew Jędrzejewski-Szmek
If the path is absolute was only checked later. Also do not check if path if absolute if we just specified it starting with a slash.
2015-01-22tmpfiles: detect all combinations of + and !Zbigniew Jędrzejewski-Szmek
The same algorithm as with - and @ in ExecStart= is used.
2015-01-22tmpfiles: simplificationZbigniew Jędrzejewski-Szmek
Certain conditions were checked more than once. Warning message is improved.
2015-01-18Add initialization helper for file_handle_unionZbigniew Jędrzejewski-Szmek
2015-01-06tmpfiles: make gcc shut upLennart Poettering
2015-01-06tmpfiles: finish with EXIT_FAILURE if anything failedZbigniew Jędrzejewski-Szmek
Return value is successful only if everything succeeded.
2015-01-05tmpfiles: fix 'D' linesLennart Poettering
https://bugs.freedesktop.org/show_bug.cgi?id=87953
2014-12-28tmpfiles: add new line type 'v' for creating btrfs subvolumesLennart Poettering
2014-12-25tmpfiles: remove spurious include of <sys/capability.h>Filipe Brandenburger
It does not use any functions from libcap directly. The CAP_MKNOD constant in use by this file comes from <linux/capability.h> imported through "missing.h". Tested that "systemd-tmpfiles" builds cleanly and works after this change.
2014-12-04tmpfiles, man: Add xattr support to tmpfilesMaciej Wereski
This patch makes it possible to set extended attributes on files created by tmpfiles. This can be especially used to set SMACK security labels on volatile files and directories. It is done by adding new line of type "t". Such line should contain attributes in Argument field, using following format: name=value All other fields are ignored. If value contains spaces, then it must be surrounded by quotation marks. User can also put quotation mark in value by escaping it with backslash. Example: D /var/run/cups - - - - t /var/run/cups - - - - security.SMACK64=printing
2014-11-28treewide: introduce UID_INVALID (and friends) as macro for (uid_t) -1Lennart Poettering
2014-11-28treewide: another round of simplificationsMichal Schmidt
Using the same scripts as in f647962d64e "treewide: yet more log_*_errno + return simplifications".
2014-11-28treewide: use log_*_errno whenever %m is in the format stringMichal Schmidt
If the format string contains %m, clearly errno must have a meaningful value, so we might as well use log_*_errno to have ERRNO= logged. Using: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\((".*%m.*")/log_\1_errno(errno, \2/' Plus some whitespace, linewrap, and indent adjustments.
2014-11-28treewide: a few more log_*_errno + return simplificationsMichal Schmidt
The one in tmpfiles.c:create_item() even looks like it fixes a bug.
2014-11-28treewide: yet more log_*_errno + return simplificationsMichal Schmidt
Using: find . -name '*.[ch]' | while read f; do perl -i.mmm -e \ 'local $/; local $_=<>; s/(if\s*\([^\n]+\))\s*{\n(\s*)(log_[a-z_]*_errno\(\s*([->a-zA-Z_]+)\s*,[^;]+);\s*return\s+\g4;\s+}/\1\n\2return \3;/msg; print;' $f done And a couple of manual whitespace fixups.
2014-11-28treewide: no need to negate errno for log_*_errno()Michal Schmidt
It corrrectly handles both positive and negative errno values.
2014-11-28treewide: auto-convert the simple cases to log_*_errno()Michal Schmidt
As a followup to 086891e5c1 "log: add an "error" parameter to all low-level logging calls and intrdouce log_error_errno() as log calls that take error numbers", use sed to convert the simple cases to use the new macros: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\("(.*)%s"(.*), strerror\(-([a-zA-Z_]+)\)\);/log_\1_errno(-\4, "\2%m"\3);/' Multi-line log_*() invocations are not covered. And we also should add log_unit_*_errno().
2014-11-26Introduce CONF_DIRS_NULSTR helper to define standard conf dirsJosh Triplett
Several different systemd tools define a nulstr containing a standard series of configuration file directories, in /etc, /run, /usr/local/lib, /usr/lib, and (#ifdef HAVE_SPLIT_USR) /lib. Factor that logic out into a new helper macro, CONF_DIRS_NULSTR.
2014-10-23selinux: clean up selinux label function namingLennart Poettering
2014-10-23mac: rename apis with mac_{selinux/smack}_ prefixWaLyong Cho
2014-10-12tmpfiles: compare return against correct errnoDave Reisner
name_to_handle_at returns -EOPNOTSUPP, not -ENOTSUP.
2014-10-01tmpfiles: use allocated buffer for pathZbigniew Jędrzejewski-Szmek
Paths can in principle be longer then PATH_MAX, so simply allocate the buffer with malloc(). CID #1237773
2014-09-26systemd-tmpfiles: Fix IGNORE_DIRECTORY_PATH age handlingRichard Weinberger
If one has a config like: d /tmp 1777 root root - X /tmp/important_mount All files below /tmp/important_mount will be deleted as the /tmp/important_mount item will spuriously inherit a max age of 0 from /tmp. /tmp has a max age of 0 but age_set is (of course) false. This affects also the PrivateTmp feature of systemd. All tmp files of such services will be deleted unconditionally and can cause service failures and data loss. Fix this by checking ->age_set in the IGNORE_DIRECTORY_PATH logic.
2014-09-15hashmap: introduce hash_ops to make struct Hashmap smallerMichal Schmidt
It is redundant to store 'hash' and 'compare' function pointers in struct Hashmap separately. The functions always comprise a pair. Store a single pointer to struct hash_ops instead. systemd keeps hundreds of hashmaps, so this saves a little bit of memory.
2014-08-18tmpfiles: only execute chmod()/chown() when neededMichael Olbrich
This avoids errors like this, when the paths are already there with the correct permissions and owner: chmod(/var/spool) failed: Read-only file system
2014-08-03Unify parse_argv styleZbigniew Jędrzejewski-Szmek
getopt is usually good at printing out a nice error message when commandline options are invalid. It distinguishes between an unknown option and a known option with a missing arg. It is better to let it do its job and not use opterr=0 unless we actually want to suppress messages. So remove opterr=0 in the few places where it wasn't really useful. When an error in options is encountered, we should not print a lengthy help() and overwhelm the user, when we know precisely what is wrong with the commandline. In addition, since help() prints to stdout, it should not be used except when requested with -h or --help. Also, simplify things here and there.
2014-06-20tmpfiles: copy/link /usr/share/factory/ files when the source argument is ↵Kay Sievers
omitted
2014-06-19tmpfiles: make sure "C" doesn't copy anything if the destination already existsLennart Poettering
Previously it would recursively copy the entire tree in, and descend into subdirectories even if the destination already exists. Let's do what the documentation says and not do that. If files down the tree shall be copied too, they should get their own "C" lines.
2014-06-19tmpfiles: do not fail when copying an empty directoryKay Sievers
2014-06-18tmpfiles: create directories already with the right label, instead of ↵Lennart Poettering
creating them first, and relabeling them afterwards
2014-06-18tmpfiles: w lines should allow following symlinksLennart Poettering
2014-06-18tmpfiles: add "+" modifier support to b, c, p lines in addition to LLennart Poettering
2014-06-16tmpfiles: add new "L+" command as stronger version of "L", that removes the ↵Lennart Poettering
destination before creating a symlink Also, make use of this for mtab as long as mount insists on creating it even if we invoke it with "-n".
2014-06-16tmpfiles: set up selinux label proeprly when creating fifosLennart Poettering
2014-06-13tmpfiles: skip mknod() on -EPERM (device cgroup)Kay Sievers
2014-06-12tmpfiles: minor modernizationsLennart Poettering
2014-06-11tmpfiles: add ability to mask access mode by pre-existing access mode on ↵Lennart Poettering
files/directories This way it makes a lot more sense to specify an access mode for "Z" lines.
2014-06-11tmpfiles: remove unnecessary functionLennart Poettering
2014-06-11tmpfiles: when processing lines, always process prefixes before suffixesLennart Poettering
If two lines refer to paths that are suffix and prefix of each other, then always process the prefix first, the suffix second. In all other cases strictly process rules in the order they appear in the files. This makes creating /var/run as symlink to /run a lot more fun, since it is automatically created first.