Compare commits

..

No commits in common. "2b6a90d17f4c5983f6510e8675ae83008f62e0f5" and "d5d5b3f4a72913ef1f4841ed9373afba3510f620" have entirely different histories.

8 changed files with 32 additions and 56 deletions

View File

@ -629,9 +629,10 @@ static int clone_device_node(
} }
/* We're about to fallback to bind-mounting the device /* We're about to fallback to bind-mounting the device
* node. So create a dummy bind-mount target. * node. So create a dummy bind-mount target. */
* Do not prepare device-node SELinux label (see issue 13762) */ mac_selinux_create_file_prepare(d, 0);
r = mknod(dn, S_IFREG, 0); r = mknod(dn, S_IFREG, 0);
mac_selinux_create_file_clear();
if (r < 0 && errno != EEXIST) if (r < 0 && errno != EEXIST)
return log_debug_errno(errno, "mknod() fallback failed for '%s': %m", d); return log_debug_errno(errno, "mknod() fallback failed for '%s': %m", d);

View File

@ -223,7 +223,7 @@ int mac_selinux_generic_access_check(
r = getfilecon_raw(path, &fcon); r = getfilecon_raw(path, &fcon);
if (r < 0) { if (r < 0) {
log_warning_errno(errno, "SELinux getfilecon_raw on '%s' failed (tclass=%s perm=%s): %m", path, tclass, permission); log_warning_errno(errno, "SELinux getfilecon_raw on '%s' failed: %m (tclass=%s perm=%s)", path, tclass, permission);
r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get file context on %s.", path); r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get file context on %s.", path);
goto finish; goto finish;
} }
@ -232,7 +232,7 @@ int mac_selinux_generic_access_check(
} else { } else {
r = getcon_raw(&fcon); r = getcon_raw(&fcon);
if (r < 0) { if (r < 0) {
log_warning_errno(errno, "SELinux getcon_raw failed (tclass=%s perm=%s): %m", tclass, permission); log_warning_errno(errno, "SELinux getcon_raw failed: %m (tclass=%s perm=%s)", tclass, permission);
r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get current context."); r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get current context.");
goto finish; goto finish;
} }

View File

@ -5388,7 +5388,7 @@ static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other,
if (di.origin_mask == 0 && di.destination_mask == 0) { if (di.origin_mask == 0 && di.destination_mask == 0) {
/* No bit set anymore, let's drop the whole entry */ /* No bit set anymore, let's drop the whole entry */
assert_se(hashmap_remove(u->dependencies[d], other)); assert_se(hashmap_remove(u->dependencies[d], other));
log_unit_debug(u, "lost dependency %s=%s", unit_dependency_to_string(d), other->id); log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
} else } else
/* Mask was reduced, let's update the entry */ /* Mask was reduced, let's update the entry */
assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0); assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);

View File

@ -550,9 +550,10 @@ static int prompt_root_password(void) {
r = ask_password_tty(-1, msg1, NULL, 0, 0, NULL, &a); r = ask_password_tty(-1, msg1, NULL, 0, 0, NULL, &a);
if (r < 0) if (r < 0)
return log_error_errno(r, "Failed to query root password: %m"); return log_error_errno(r, "Failed to query root password: %m");
if (strv_length(a) != 1) if (strv_length(a) != 1) {
return log_error_errno(SYNTHETIC_ERRNO(EIO), log_warning("Received multiple passwords, where we expected one.");
"Received multiple passwords, where we expected one."); return -EINVAL;
}
if (isempty(*a)) { if (isempty(*a)) {
log_warning("No password entered, skipping."); log_warning("No password entered, skipping.");
@ -562,9 +563,6 @@ static int prompt_root_password(void) {
r = ask_password_tty(-1, msg2, NULL, 0, 0, NULL, &b); r = ask_password_tty(-1, msg2, NULL, 0, 0, NULL, &b);
if (r < 0) if (r < 0)
return log_error_errno(r, "Failed to query root password: %m"); return log_error_errno(r, "Failed to query root password: %m");
if (strv_length(b) != 1)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Received multiple passwords, where we expected one.");
if (!streq(*a, *b)) { if (!streq(*a, *b)) {
log_error("Entered passwords did not match, please try again."); log_error("Entered passwords did not match, please try again.");

View File

@ -394,10 +394,6 @@ finish:
return r; return r;
} }
#define NO_ECHO "(no echo) "
#define PRESS_TAB "(press TAB for no echo) "
#define SKIPPED "(skipped)"
int ask_password_tty( int ask_password_tty(
int ttyfd, int ttyfd,
const char *message, const char *message,
@ -413,7 +409,7 @@ int ask_password_tty(
_POLL_MAX, _POLL_MAX,
}; };
bool reset_tty = false, dirty = false, use_color = false, press_tab_visible = false; bool reset_tty = false, dirty = false, use_color = false;
_cleanup_close_ int cttyfd = -1, notify = -1; _cleanup_close_ int cttyfd = -1, notify = -1;
struct termios old_termios, new_termios; struct termios old_termios, new_termios;
char passphrase[LINE_MAX + 1] = {}, *x; char passphrase[LINE_MAX + 1] = {}, *x;
@ -469,13 +465,6 @@ int ask_password_tty(
(void) loop_write(ttyfd, message, strlen(message), false); (void) loop_write(ttyfd, message, strlen(message), false);
(void) loop_write(ttyfd, " ", 1, false); (void) loop_write(ttyfd, " ", 1, false);
if (!(flags & ASK_PASSWORD_SILENT)) {
if (use_color)
(void) loop_write(ttyfd, ANSI_GREY, STRLEN(ANSI_GREY), false);
(void) loop_write(ttyfd, PRESS_TAB, strlen(PRESS_TAB), false);
press_tab_visible = true;
}
if (use_color) if (use_color)
(void) loop_write(ttyfd, ANSI_NORMAL, STRLEN(ANSI_NORMAL), false); (void) loop_write(ttyfd, ANSI_NORMAL, STRLEN(ANSI_NORMAL), false);
@ -561,19 +550,13 @@ int ask_password_tty(
} }
if (press_tab_visible) {
assert(ttyfd >= 0);
backspace_chars(ttyfd, strlen(PRESS_TAB));
press_tab_visible = false;
}
/* We treat EOF, newline and NUL byte all as valid end markers */ /* We treat EOF, newline and NUL byte all as valid end markers */
if (n == 0 || c == '\n' || c == 0) if (n == 0 || c == '\n' || c == 0)
break; break;
if (c == 4) { /* C-d also known as EOT */ if (c == 4) { /* C-d also known as EOT */
if (ttyfd >= 0) if (ttyfd >= 0)
(void) loop_write(ttyfd, SKIPPED, strlen(SKIPPED), false); (void) loop_write(ttyfd, "(skipped)", 9, false);
goto skipped; goto skipped;
} }
@ -623,7 +606,7 @@ int ask_password_tty(
* first key (and only as first key), or ... */ * first key (and only as first key), or ... */
if (ttyfd >= 0) if (ttyfd >= 0)
(void) loop_write(ttyfd, NO_ECHO, strlen(NO_ECHO), false); (void) loop_write(ttyfd, "(no echo) ", 10, false);
} else if (ttyfd >= 0) } else if (ttyfd >= 0)
(void) loop_write(ttyfd, "\a", 1, false); (void) loop_write(ttyfd, "\a", 1, false);
@ -636,7 +619,7 @@ int ask_password_tty(
/* ... or by pressing TAB at any time. */ /* ... or by pressing TAB at any time. */
if (ttyfd >= 0) if (ttyfd >= 0)
(void) loop_write(ttyfd, NO_ECHO, strlen(NO_ECHO), false); (void) loop_write(ttyfd, "(no echo) ", 10, false);
} else if (p >= sizeof(passphrase)-1) { } else if (p >= sizeof(passphrase)-1) {
@ -675,15 +658,11 @@ int ask_password_tty(
goto finish; goto finish;
skipped: skipped:
if (strv_isempty(l)) if (keyname)
r = log_debug_errno(SYNTHETIC_ERRNO(ECANCELED), "Password query was cancelled."); (void) add_to_keyring_and_log(keyname, flags, l);
else {
if (keyname)
(void) add_to_keyring_and_log(keyname, flags, l);
*ret = TAKE_PTR(l); *ret = TAKE_PTR(l);
r = 0; r = 0;
}
finish: finish:
if (ttyfd >= 0 && reset_tty) { if (ttyfd >= 0 && reset_tty) {

View File

@ -580,7 +580,7 @@ static int remove_marked_symlinks_fd(
return -ENOMEM; return -ENOMEM;
path_simplify(p, false); path_simplify(p, false);
q = chase_symlinks(p, NULL, CHASE_NONEXISTENT, &dest, NULL); q = readlink_malloc(p, &dest);
if (q == -ENOENT) if (q == -ENOENT)
continue; continue;
if (q < 0) { if (q < 0) {
@ -1117,7 +1117,7 @@ static int config_parse_also(
void *data, void *data,
void *userdata) { void *userdata) {
UnitFileInstallInfo *info = userdata; UnitFileInstallInfo *info = userdata, *alsoinfo = NULL;
InstallContext *c = data; InstallContext *c = data;
int r; int r;
@ -1139,7 +1139,7 @@ static int config_parse_also(
if (r < 0) if (r < 0)
return r; return r;
r = install_info_add(c, printed, NULL, true, NULL); r = install_info_add(c, printed, NULL, true, &alsoinfo);
if (r < 0) if (r < 0)
return r; return r;

View File

@ -257,7 +257,7 @@ static int parse_file(OrderedHashmap **sysctl_options, const char *path, bool ig
existing = ordered_hashmap_get(*sysctl_options, p); existing = ordered_hashmap_get(*sysctl_options, p);
if (existing) { if (existing) {
if (streq_ptr(value, existing->value)) { if (streq(value, existing->value)) {
existing->ignore_failure = existing->ignore_failure || ignore_failure; existing->ignore_failure = existing->ignore_failure || ignore_failure;
continue; continue;
} }

View File

@ -1,26 +1,24 @@
/* SPDX-License-Identifier: LGPL-2.1+ */ /* SPDX-License-Identifier: LGPL-2.1+ */
#include "alloc-util.h"
#include "ask-password-api.h" #include "ask-password-api.h"
#include "log.h"
#include "strv.h" #include "strv.h"
#include "tests.h"
static void test_ask_password(void) { static void ask_password(void) {
int r; int r;
_cleanup_strv_free_ char **ret = NULL; _cleanup_strv_free_ char **ret = NULL;
r = ask_password_tty(-1, "hello?", "da key", 0, ASK_PASSWORD_CONSOLE_COLOR, NULL, &ret); r = ask_password_tty(-1, "hello?", "da key", 0, 0, NULL, &ret);
if (r == -ECANCELED) assert(r >= 0);
assert_se(ret == NULL); assert(strv_length(ret) == 1);
else {
assert_se(r >= 0); log_info("Got %s", *ret);
assert_se(strv_length(ret) == 1);
log_info("Got \"%s\"", *ret);
}
} }
int main(int argc, char **argv) { int main(int argc, char **argv) {
test_setup_logging(LOG_DEBUG); log_parse_environment();
test_ask_password(); ask_password();
return EXIT_SUCCESS; return EXIT_SUCCESS;
} }