Compare commits

...

11 Commits

Author SHA1 Message Date
Lennart Poettering 76410e9849 update TODO 2020-04-28 20:02:50 +02:00
Lennart Poettering 04d1ee0f7e main: bump RLIMIT_MEMLOCK by physical RAM size
Let's allow more memory to be locked on beefy machines than on small
ones. The previous limit of 64M is the lower bound still. This
effectively means on a 4GB machine we can lock 512M, which should be
more than enough, but still not lock up the machine entirely under
pressure.

Fixes: #15053
2020-04-28 19:54:21 +02:00
Lennart Poettering dcff2fa5d1 nspawn: be more careful with creating/chowning directories to overmount
We should never re-chown selinuxfs.

Fixes: #15475
2020-04-28 19:40:46 +02:00
Lennart Poettering c98fef264b update TODO 2020-04-28 19:38:55 +02:00
Daan De Meyer bac1b83217 sd-bus: Add sd_bus_query_sender_creds/privilege docs 2020-04-28 19:38:04 +02:00
Zbigniew Jędrzejewski-Szmek 2344aefccf
Merge pull request #15618 from keszybz/help-output
Small adjustments to --help output
2020-04-28 19:31:16 +02:00
Daan De Meyer 8653422b6a sd-bus: Add sd_bus_get_creds_mask docs 2020-04-28 19:30:49 +02:00
Zbigniew Jędrzejewski-Szmek c11428adf9 homectl: say "home area" in more places
Follow-up for b5947b5b10.
2020-04-28 09:56:24 +02:00
Zbigniew Jędrzejewski-Szmek 460e5af05d meson: test userdbctl and homectl --help 2020-04-28 09:56:24 +02:00
Zbigniew Jędrzejewski-Szmek 7009610ff5 userdbctl: make --help fit in 80 columns 2020-04-28 09:56:24 +02:00
Zbigniew Jędrzejewski-Szmek 6164ec4c93 meson: modernize indentation
By using a newline after executable( and run_target(, we get less
indentation and the indentation level does not change when the returned
object is saved to a variable.
2020-04-28 09:53:51 +02:00
12 changed files with 1359 additions and 1120 deletions

9
TODO
View File

@ -22,6 +22,9 @@ Janitorial Clean-ups:
Features:
* busctl: maybe expose a verb "ping" for pinging a dbus service to see if it
exists and responds.
* homed: add homed.conf setting DefaultStorage= or so
* homed: maybe pre-create ~/.cache as subvol so that it can have separate quota
@ -35,10 +38,6 @@ Features:
thus allows defining OS images which can be A/B updated and we default to the
newest version automatically, both in nspawn and in sd-boot
* drop sd_bus_message_set_priority() from sd-bus API and documentation as much
as we can, it's a kdbus left-over and unlikely to come back on AF_UNIX, since
it's not really implementable there.
* cryptsetup/homed: also support FIDO2 HMAC password logic for unlocking
devices. (see: https://github.com/mjec/fido2-hmac-secret)
@ -136,6 +135,8 @@ Features:
* userdb: allow username prefix searches in varlink API, allow realname and
realname substr searches in varlink API
* userdb: allow uid/gid range checks
* userdb: allow existence checks
* pid: activation by journal search expression

View File

@ -359,7 +359,9 @@ manpages = [
['sd_bus_message_verify_type', '3', [], ''],
['sd_bus_negotiate_fds',
'3',
['sd_bus_negotiate_creds', 'sd_bus_negotiate_timestamp'],
['sd_bus_get_creds_mask',
'sd_bus_negotiate_creds',
'sd_bus_negotiate_timestamp'],
''],
['sd_bus_new',
'3',
@ -376,6 +378,7 @@ manpages = [
['sd_bus_path_decode', 'sd_bus_path_decode_many', 'sd_bus_path_encode_many'],
''],
['sd_bus_process', '3', [], ''],
['sd_bus_query_sender_creds', '3', ['sd_bus_query_sender_privilege'], ''],
['sd_bus_reply_method_error',
'3',
['sd_bus_reply_method_errno',

View File

@ -74,6 +74,7 @@
<citerefentry><refentrytitle>sd_bus_get_address</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_allow_interactive_authorization</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_bus_id</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_creds_mask</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_current_handler</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_current_message</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_current_slot</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
@ -138,6 +139,8 @@
<citerefentry><refentrytitle>sd_bus_new</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_path_encode</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_process</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_query_sender_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_query_sender_privilege</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_reply_method_return</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_reply_method_error</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_request_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>,

View File

@ -19,6 +19,7 @@
<refname>sd_bus_negotiate_fds</refname>
<refname>sd_bus_negotiate_timestamp</refname>
<refname>sd_bus_negotiate_creds</refname>
<refname>sd_bus_get_creds_mask</refname>
<refpurpose>Control feature negotiation on bus connections</refpurpose>
</refnamediv>
@ -45,69 +46,69 @@
<paramdef>int <parameter>b</parameter></paramdef>
<paramdef>uint64_t <parameter>mask</parameter></paramdef>
</funcprototype>
<funcprototype>
<funcdef>int <function>sd_bus_get_creds_mask</function></funcdef>
<paramdef>sd_bus *<parameter>bus</parameter></paramdef>
<paramdef>uint64_t *<parameter>mask</parameter></paramdef>
</funcprototype>
</funcsynopsis>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para><function>sd_bus_negotiate_fds()</function> controls whether
file descriptor passing shall be negotiated for the specified bus
connection. It takes a bus object and a boolean, which, when true,
enables file descriptor passing, and, when false, disables
it. Note that not all transports and servers support file
descriptor passing. In particular, networked transports generally
do not support file descriptor passing. To find out whether file
descriptor passing is available after negotiation, use
<para><function>sd_bus_negotiate_fds()</function> controls whether file descriptor passing shall be
negotiated for the specified bus connection. It takes a bus object and a boolean, which, when true,
enables file descriptor passing, and, when false, disables it. Note that not all transports and servers
support file descriptor passing. In particular, networked transports generally do not support file
descriptor passing. To find out whether file descriptor passing is available after negotiation, use
<citerefentry><refentrytitle>sd_bus_can_send</refentrytitle><manvolnum>3</manvolnum></citerefentry>
and pass <constant>SD_BUS_TYPE_UNIX_FD</constant>. Note that file
descriptor passing is always enabled for both sending and
receiving or for neither, but never only in one direction. By
default, file descriptor passing is negotiated for all
connections.</para>
and pass <constant>SD_BUS_TYPE_UNIX_FD</constant>. Note that file descriptor passing is always enabled
for both sending and receiving or for neither, but never only in one direction. By default, file
descriptor passing is negotiated for all connections.</para>
<para><function>sd_bus_negotiate_timestamp()</function> controls whether implicit sender
timestamps shall be attached automatically to all incoming messages. Takes a bus object and a
boolean, which, when true, enables timestamping, and, when false, disables it. Use
<para><function>sd_bus_negotiate_timestamp()</function> controls whether implicit sender timestamps shall
be attached automatically to all incoming messages. Takes a bus object and a boolean, which, when true,
enables timestamping, and, when false, disables it. Use
<citerefentry><refentrytitle>sd_bus_message_get_monotonic_usec</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_message_get_realtime_usec</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_message_get_seqnum</refentrytitle><manvolnum>3</manvolnum></citerefentry>
to query the timestamps of incoming messages. If negotiation is disabled or not supported, these
calls will fail with <constant>-ENODATA</constant>. Note that currently no transports support
timestamping of messages. By default, message timestamping is not negotiated for
connections.</para>
to query the timestamps of incoming messages. If negotiation is disabled or not supported, these calls
will fail with <constant>-ENODATA</constant>. Note that currently no transports support timestamping of
messages. By default, message timestamping is not negotiated for connections.</para>
<para><function>sd_bus_negotiate_creds()</function> controls whether and which implicit sender
credentials shall be attached automatically to all incoming messages. Takes a bus object and a
boolean indicating whether to enable or disable the credential parts encoded in the bit mask
value argument. Note that not all transports support attaching sender credentials to messages,
or do not support all types of sender credential parameters, or might suppress them under
certain circumstances for individual messages. Specifically, dbus1 only supports
<constant>SD_BUS_CREDS_UNIQUE_NAME</constant>. The sender credentials are suitable for
authorization decisions. By default, only <constant>SD_BUS_CREDS_WELL_KNOWN_NAMES</constant> and
<constant>SD_BUS_CREDS_UNIQUE_NAME</constant> are enabled. In fact, these two credential fields
are always sent along and cannot be turned off.</para>
credentials shall be attached automatically to all incoming messages. Takes a bus object and a boolean
indicating whether to enable or disable the credential parts encoded in the bit mask value argument. Note
that not all transports support attaching sender credentials to messages, or do not support all types of
sender credential parameters, or might suppress them under certain circumstances for individual messages.
Specifically, dbus1 only supports <constant>SD_BUS_CREDS_UNIQUE_NAME</constant>. The sender credentials
are suitable for authorization decisions. By default, only
<constant>SD_BUS_CREDS_WELL_KNOWN_NAMES</constant> and <constant>SD_BUS_CREDS_UNIQUE_NAME</constant> are
enabled. In fact, these two credential fields are always sent along and cannot be turned off.</para>
<para>The <function>sd_bus_negotiate_fds()</function> function may
be called only before the connection has been started with
<para><function>sd_bus_get_creds_mask()</function> returns the set of sender credentials that was
negotiated to be attached to all incoming messages in <parameter>mask</parameter>. This value is an
upper boundary only. Hence, always make sure to explicitly check which credentials are attached to a
specific message before using it.</para>
<para>The <function>sd_bus_negotiate_fds()</function> function may be called only before the connection
has been started with
<citerefentry><refentrytitle>sd_bus_start</refentrytitle><manvolnum>3</manvolnum></citerefentry>. Both
<function>sd_bus_negotiate_timestamp()</function> and
<function>sd_bus_negotiate_creds()</function> may also be called
after a connection has been set up. Note that, when operating on a
connection that is shared between multiple components of the same
program (for example via
<citerefentry><refentrytitle>sd_bus_default</refentrytitle><manvolnum>3</manvolnum></citerefentry>),
it is highly recommended to only enable additional per message
metadata fields, but never disable them again, in order not to
disable functionality needed by other components.</para>
<function>sd_bus_negotiate_timestamp()</function> and <function>sd_bus_negotiate_creds()</function> may
also be called after a connection has been set up. Note that, when operating on a connection that is
shared between multiple components of the same program (for example via
<citerefentry><refentrytitle>sd_bus_default</refentrytitle><manvolnum>3</manvolnum></citerefentry>), it
is highly recommended to only enable additional per message metadata fields, but never disable them
again, in order not to disable functionality needed by other components.</para>
</refsect1>
<refsect1>
<title>Return Value</title>
<para>On success, these functions return 0 or a
positive integer. On failure, they return a negative errno-style
error code.</para>
<para>On success, these functions return a non-negative integer. On failure, they return a negative
errno-style error code.</para>
<refsect2>
<title>Errors</title>
@ -120,6 +121,24 @@
<listitem><para>The bus connection has already been started.</para></listitem>
</varlistentry>
<varlistentry>
<term><constant>-EINVAL</constant></term>
<listitem><para>An argument is invalid.</para></listitem>
</varlistentry>
<varlistentry>
<term><constant>-ENOPKG</constant></term>
<listitem><para>The bus cannot be resolved.</para></listitem>
</varlistentry>
<varlistentry>
<term><constant>-ECHILD</constant></term>
<listitem><para>The bus was created in a different process.</para></listitem>
</varlistentry>
</variablelist>
</refsect2>
</refsect1>

View File

@ -0,0 +1,133 @@
<?xml version='1.0'?> <!--*-nxml-*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!-- SPDX-License-Identifier: LGPL-2.1+ -->
<refentry id="sd_bus_query_sender_creds" xmlns:xi="http://www.w3.org/2001/XInclude">
<refentryinfo>
<title>sd_bus_query_sender_creds</title>
<productname>systemd</productname>
</refentryinfo>
<refmeta>
<refentrytitle>sd_bus_query_sender_creds</refentrytitle>
<manvolnum>3</manvolnum>
</refmeta>
<refnamediv>
<refname>sd_bus_query_sender_creds</refname>
<refname>sd_bus_query_sender_privilege</refname>
<refpurpose>Query bus message sender credentials/privileges</refpurpose>
</refnamediv>
<refsynopsisdiv>
<funcsynopsis>
<funcsynopsisinfo>#include &lt;systemd/sd-bus.h&gt;</funcsynopsisinfo>
<funcprototype>
<funcdef>int <function>sd_bus_query_sender_creds</function></funcdef>
<paramdef>sd_bus_message *<parameter>m</parameter></paramdef>
<paramdef>uint64_t <parameter>mask</parameter></paramdef>
<paramdef>sd_bus_creds **<parameter>creds</parameter></paramdef>
</funcprototype>
<funcprototype>
<funcdef>sd_bus_error* <function>sd_bus_query_sender_privilege</function></funcdef>
<paramdef>sd_bus_message *<parameter>m</parameter></paramdef>
<paramdef>int <parameter>capability</parameter></paramdef>
</funcprototype>
</funcsynopsis>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para><function>sd_bus_query_sender_creds()</function> returns the credentials of the message
<parameter>m</parameter>. The <parameter>mask</parameter> parameter is a combo of
<constant index='false'>SD_BUS_CREDS_*</constant> flags that indicate which credential info the caller is
interested in. See
<citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>
for a list of possible flags. First, this message checks if the requested credentials are attached to the
message itself. If not but the message contains the pid of the sender, this function tries to figure out
the missing credentials via other means (starting from the pid). If the pid isn't available but the
message has a sender, this function calls
<citerefentry><refentrytitle>sd_bus_get_name_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
to get the requested credentials. If the message has no sender (when a direct connection is used), this
function calls
<citerefentry><refentrytitle>sd_bus_get_owner_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
to get the requested credentials. On success, the requested credentials are stored in
<parameter>creds</parameter>. Ownership of the credentials object in <parameter>creds</parameter> is
transferred to the caller and should be freed by calling
<citerefentry><refentrytitle>sd_bus_creds_unref</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
</para>
<para><function>sd_bus_query_sender_privilege()</function> checks if the message <parameter>m</parameter>
has the requested privileges. If <parameter>capability</parameter> is a non-negative integer, this
function checks if the message has the capability with the same value. See
<citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
for a list of capabilities. If <parameter>capability</parameter> is a negative integer, this function
returns whether the sender of the message runs as the same user as the receiver of the message, or if the
sender of the message runs as root and the receiver of the message does not run as root. On success and
if the message has the requested privileges, this function returns a positive integer. If the message
does not have the requested privileges, this function returns zero.</para>
</refsect1>
<refsect1>
<title>Return Value</title>
<para>On success, these functions return a non-negative integer. On failure, they return a negative
errno-style error code.</para>
<refsect2>
<title>Errors</title>
<para>Returned errors may indicate the following problems:</para>
<variablelist>
<varlistentry>
<term><constant>-EINVAL</constant></term>
<listitem><para>The message <parameter>m</parameter> or an output parameter is
<constant>NULL</constant>.</para></listitem>
</varlistentry>
<varlistentry>
<term><constant>-ENOTCONN</constant></term>
<listitem><para>The bus of <parameter>m</parameter> is not connected.</para></listitem>
</varlistentry>
<varlistentry>
<term><constant>-ECHILD</constant></term>
<listitem><para>The bus of <parameter>m</parameter> was created in a different process.
</para></listitem>
</varlistentry>
<varlistentry>
<term><constant>-EPERM</constant></term>
<listitem><para>The message <parameter>m</parameter> is not sealed.</para></listitem>
</varlistentry>
</variablelist>
</refsect2>
</refsect1>
<xi:include href="libsystemd-pkgconfig.xml" />
<refsect1>
<title>See Also</title>
<para>
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_name_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_owner_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_creds_unref</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
</para>
</refsect1>
</refentry>

File diff suppressed because it is too large Load Diff

View File

@ -1208,6 +1208,7 @@ static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
static int bump_rlimit_memlock(struct rlimit *saved_rlimit) {
struct rlimit new_rlimit;
uint64_t mm;
int r;
/* BPF_MAP_TYPE_LPM_TRIE bpf maps are charged against RLIMIT_MEMLOCK, even if we have CAP_IPC_LOCK which should
@ -1218,9 +1219,12 @@ static int bump_rlimit_memlock(struct rlimit *saved_rlimit) {
* must be unsigned, hence this is a given, but let's make this clear here. */
assert_cc(RLIM_INFINITY > 0);
mm = physical_memory() / 8; /* Let's scale how much we allow to be locked by the amount of physical
* RAM. We allow an eigth to be locked by us, just to pick a value. */
new_rlimit = (struct rlimit) {
.rlim_cur = MAX(HIGH_RLIMIT_MEMLOCK, saved_rlimit->rlim_cur),
.rlim_max = MAX(HIGH_RLIMIT_MEMLOCK, saved_rlimit->rlim_max),
.rlim_cur = MAX3(HIGH_RLIMIT_MEMLOCK, saved_rlimit->rlim_cur, mm),
.rlim_max = MAX3(HIGH_RLIMIT_MEMLOCK, saved_rlimit->rlim_max, mm),
};
if (saved_rlimit->rlim_max >= new_rlimit.rlim_cur &&

View File

@ -190,9 +190,9 @@ static int list_homes(int argc, char *argv[], void *userdata) {
if (arg_legend && !arg_json) {
if (table_get_rows(table) > 1)
printf("\n%zu homes listed.\n", table_get_rows(table) - 1);
printf("\n%zu home areas listed.\n", table_get_rows(table) - 1);
else
printf("No homes.\n");
printf("No home areas.\n");
}
return 0;
@ -2134,20 +2134,20 @@ static int help(int argc, char *argv[], void *userdata) {
printf("%1$s [OPTIONS...] COMMAND ...\n\n"
"%2$sCreate, manipulate or inspect home directories.%3$s\n"
"\n%4$sCommands:%5$s\n"
" list List homes\n"
" activate USER… Activate home\n"
" deactivate USER… Deactivate home\n"
" inspect USER… Inspect home\n"
" authenticate USER… Authenticate home\n"
" list List home areas\n"
" activate USER… Activate a home area\n"
" deactivate USER… Deactivate a home area\n"
" inspect USER… Inspect a home area\n"
" authenticate USER… Authenticate a home area\n"
" create USER Create a home area\n"
" remove USER… Remove a home area\n"
" update USER Update a home area\n"
" passwd USER Change password of a home area\n"
" resize USER SIZE Resize a home area\n"
" lock USER… Temporarily lock an active home\n"
" unlock USER… Unlock a temporarily locked home\n"
" lock-all Lock all suitable homes\n"
" with USER [COMMAND…] Run shell or command with access to home\n"
" lock USER… Temporarily lock an active home area\n"
" unlock USER… Unlock a temporarily locked home area\n"
" lock-all Lock all suitable home areas\n"
" with USER [COMMAND…] Run shell or command with access to a home area\n"
"\n%4$sOptions:%5$s\n"
" -h --help Show this help\n"
" --version Show package version\n"
@ -2248,7 +2248,7 @@ static int help(int argc, char *argv[], void *userdata) {
"\n%4$sCIFS User Record Properties:%5$s\n"
" --cifs-domain=DOMAIN CIFS (Windows) domain\n"
" --cifs-user-name=USER CIFS (Windows) user name\n"
" --cifs-service=SERVICE CIFS (Windows) service to mount as home\n"
" --cifs-service=SERVICE CIFS (Windows) service to mount as home area\n"
"\n%4$sLogin Behaviour User Record Properties:%5$s\n"
" --stop-delay=SECS How long to leave user services running after\n"
" logout\n"

View File

@ -569,7 +569,7 @@ int mount_all(const char *dest,
static const MountPoint mount_table[] = {
/* First we list inner child mounts (i.e. mounts applied *after* entering user namespacing) */
{ "proc", "/proc", "proc", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
MOUNT_FATAL|MOUNT_IN_USERNS },
MOUNT_FATAL|MOUNT_IN_USERNS|MOUNT_MKDIR },
{ "/proc/sys", "/proc/sys", NULL, NULL, MS_BIND,
MOUNT_FATAL|MOUNT_IN_USERNS|MOUNT_APPLY_APIVFS_RO }, /* Bind mount first ... */
@ -599,23 +599,23 @@ int mount_all(const char *dest,
PROC_READ_ONLY("/proc/scsi"),
{ "mqueue", "/dev/mqueue", "mqueue", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
MOUNT_IN_USERNS },
MOUNT_IN_USERNS|MOUNT_MKDIR },
/* Then we list outer child mounts (i.e. mounts applied *before* entering user namespacing) */
{ "tmpfs", "/tmp", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
MOUNT_FATAL|MOUNT_APPLY_TMPFS_TMP },
MOUNT_FATAL|MOUNT_APPLY_TMPFS_TMP|MOUNT_MKDIR },
{ "tmpfs", "/sys", "tmpfs", "mode=555", MS_NOSUID|MS_NOEXEC|MS_NODEV,
MOUNT_FATAL|MOUNT_APPLY_APIVFS_NETNS },
MOUNT_FATAL|MOUNT_APPLY_APIVFS_NETNS|MOUNT_MKDIR },
{ "sysfs", "/sys", "sysfs", NULL, MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV,
MOUNT_FATAL|MOUNT_APPLY_APIVFS_RO }, /* skipped if above was mounted */
MOUNT_FATAL|MOUNT_APPLY_APIVFS_RO|MOUNT_MKDIR }, /* skipped if above was mounted */
{ "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
MOUNT_FATAL }, /* skipped if above was mounted */
MOUNT_FATAL|MOUNT_MKDIR }, /* skipped if above was mounted */
{ "tmpfs", "/dev", "tmpfs", "mode=755", MS_NOSUID|MS_STRICTATIME,
MOUNT_FATAL },
MOUNT_FATAL|MOUNT_MKDIR },
{ "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
MOUNT_FATAL },
MOUNT_FATAL|MOUNT_MKDIR },
{ "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
MOUNT_FATAL },
MOUNT_FATAL|MOUNT_MKDIR },
#if HAVE_SELINUX
{ "/sys/fs/selinux", "/sys/fs/selinux", NULL, NULL, MS_BIND,
@ -663,17 +663,19 @@ int mount_all(const char *dest,
continue;
}
r = mkdir_userns_p(dest, where, 0755, (use_userns && !in_userns) ? uid_shift : UID_INVALID);
if (r < 0 && r != -EEXIST) {
if (fatal && r != -EROFS)
return log_error_errno(r, "Failed to create directory %s: %m", where);
if (FLAGS_SET(mount_table[k].mount_settings, MOUNT_MKDIR)) {
r = mkdir_userns_p(dest, where, 0755, (use_userns && !in_userns) ? uid_shift : UID_INVALID);
if (r < 0 && r != -EEXIST) {
if (fatal && r != -EROFS)
return log_error_errno(r, "Failed to create directory %s: %m", where);
log_debug_errno(r, "Failed to create directory %s: %m", where);
/* If we failed mkdir() or chown() due to the root
* directory being read only, attempt to mount this fs
* anyway and let mount_verbose log any errors */
if (r != -EROFS)
continue;
log_debug_errno(r, "Failed to create directory %s: %m", where);
/* If we failed mkdir() or chown() due to the root directory being read only,
* attempt to mount this fs anyway and let mount_verbose log any errors */
if (r != -EROFS)
continue;
}
}
o = mount_table[k].options;

View File

@ -16,6 +16,7 @@ typedef enum MountSettingsMask {
MOUNT_APPLY_TMPFS_TMP = 1 << 5, /* if set, /tmp will be mounted as tmpfs */
MOUNT_ROOT_ONLY = 1 << 6, /* if set, only root mounts are mounted */
MOUNT_NON_ROOT_ONLY = 1 << 7, /* if set, only non-root mounts are mounted */
MOUNT_MKDIR = 1 << 8, /* if set, make directory to mount over first */
} MountSettingsMask;
typedef enum CustomMountType {

View File

@ -385,8 +385,8 @@ int sd_bus_emit_interfaces_added(sd_bus *bus, const char *path, const char *inte
int sd_bus_emit_interfaces_removed_strv(sd_bus *bus, const char *path, char **interfaces);
int sd_bus_emit_interfaces_removed(sd_bus *bus, const char *path, const char *interface, ...) _sd_sentinel_;
int sd_bus_query_sender_creds(sd_bus_message *call, uint64_t mask, sd_bus_creds **creds);
int sd_bus_query_sender_privilege(sd_bus_message *call, int capability);
int sd_bus_query_sender_creds(sd_bus_message *m, uint64_t mask, sd_bus_creds **creds);
int sd_bus_query_sender_privilege(sd_bus_message *m, int capability);
int sd_bus_match_signal(sd_bus *bus, sd_bus_slot **ret, const char *sender, const char *path, const char *interface, const char *member, sd_bus_message_handler_t callback, void *userdata);
int sd_bus_match_signal_async(sd_bus *bus, sd_bus_slot **ret, const char *sender, const char *path, const char *interface, const char *member, sd_bus_message_handler_t match_callback, sd_bus_message_handler_t add_callback, void *userdata);

View File

@ -581,24 +581,24 @@ static int help(int argc, char *argv[], void *userdata) {
printf("%s [OPTIONS...] COMMAND ...\n\n"
"%sShow user and group information.%s\n"
"\nCommands:\n"
" user [USER…] Inspect user\n"
" group [GROUP…] Inspect group\n"
" users-in-group [GROUP…] Show users that are members of specified group(s)\n"
" groups-of-user [USER…] Show groups the specified user(s) is a member of\n"
" services Show enabled database services\n"
" user [USER…] Inspect user\n"
" group [GROUP…] Inspect group\n"
" users-in-group [GROUP…] Show users that are members of specified group(s)\n"
" groups-of-user [USER…] Show groups the specified user(s) is a member of\n"
" services Show enabled database services\n"
"\nOptions:\n"
" -h --help Show this help\n"
" --version Show package version\n"
" --no-pager Do not pipe output into a pager\n"
" --no-legend Do not show the headers and footers\n"
" --output=MODE Select output mode (classic, friendly, table, json)\n"
" -j Equivalent to --output=json\n"
" -h --help Show this help\n"
" --version Show package version\n"
" --no-pager Do not pipe output into a pager\n"
" --no-legend Do not show the headers and footers\n"
" --output=MODE Select output mode (classic, friendly, table, json)\n"
" -j Equivalent to --output=json\n"
" -s --service=SERVICE[:SERVICE…]\n"
" Query the specified service\n"
" --with-nss=BOOL Control whether to include glibc NSS data\n"
" -N Disable inclusion of glibc NSS data and disable synthesizing\n"
" (Same as --with-nss=no --synthesize=no)\n"
" --synthesize=BOOL Synthesize root/nobody user\n"
" Query the specified service\n"
" --with-nss=BOOL Control whether to include glibc NSS data\n"
" -N Do not synthesize or include glibc NSS data\n"
" (Same as --synthesize=no --with-nss=no)\n"
" --synthesize=BOOL Synthesize root/nobody user\n"
"\nSee the %s for details.\n"
, program_invocation_short_name
, ansi_highlight(), ansi_normal()