Compare commits

..

11 Commits

Author SHA1 Message Date
Lennart Poettering 76410e9849 update TODO 2020-04-28 20:02:50 +02:00
Lennart Poettering 04d1ee0f7e main: bump RLIMIT_MEMLOCK by physical RAM size
Let's allow more memory to be locked on beefy machines than on small
ones. The previous limit of 64M is the lower bound still. This
effectively means on a 4GB machine we can lock 512M, which should be
more than enough, but still not lock up the machine entirely under
pressure.

Fixes: #15053
2020-04-28 19:54:21 +02:00
Lennart Poettering dcff2fa5d1 nspawn: be more careful with creating/chowning directories to overmount
We should never re-chown selinuxfs.

Fixes: #15475
2020-04-28 19:40:46 +02:00
Lennart Poettering c98fef264b update TODO 2020-04-28 19:38:55 +02:00
Daan De Meyer bac1b83217 sd-bus: Add sd_bus_query_sender_creds/privilege docs 2020-04-28 19:38:04 +02:00
Zbigniew Jędrzejewski-Szmek 2344aefccf
Merge pull request #15618 from keszybz/help-output
Small adjustments to --help output
2020-04-28 19:31:16 +02:00
Daan De Meyer 8653422b6a sd-bus: Add sd_bus_get_creds_mask docs 2020-04-28 19:30:49 +02:00
Zbigniew Jędrzejewski-Szmek c11428adf9 homectl: say "home area" in more places
Follow-up for b5947b5b10.
2020-04-28 09:56:24 +02:00
Zbigniew Jędrzejewski-Szmek 460e5af05d meson: test userdbctl and homectl --help 2020-04-28 09:56:24 +02:00
Zbigniew Jędrzejewski-Szmek 7009610ff5 userdbctl: make --help fit in 80 columns 2020-04-28 09:56:24 +02:00
Zbigniew Jędrzejewski-Szmek 6164ec4c93 meson: modernize indentation
By using a newline after executable( and run_target(, we get less
indentation and the indentation level does not change when the returned
object is saved to a variable.
2020-04-28 09:53:51 +02:00
12 changed files with 1359 additions and 1120 deletions

9
TODO
View File

@ -22,6 +22,9 @@ Janitorial Clean-ups:
Features: Features:
* busctl: maybe expose a verb "ping" for pinging a dbus service to see if it
exists and responds.
* homed: add homed.conf setting DefaultStorage= or so * homed: add homed.conf setting DefaultStorage= or so
* homed: maybe pre-create ~/.cache as subvol so that it can have separate quota * homed: maybe pre-create ~/.cache as subvol so that it can have separate quota
@ -35,10 +38,6 @@ Features:
thus allows defining OS images which can be A/B updated and we default to the thus allows defining OS images which can be A/B updated and we default to the
newest version automatically, both in nspawn and in sd-boot newest version automatically, both in nspawn and in sd-boot
* drop sd_bus_message_set_priority() from sd-bus API and documentation as much
as we can, it's a kdbus left-over and unlikely to come back on AF_UNIX, since
it's not really implementable there.
* cryptsetup/homed: also support FIDO2 HMAC password logic for unlocking * cryptsetup/homed: also support FIDO2 HMAC password logic for unlocking
devices. (see: https://github.com/mjec/fido2-hmac-secret) devices. (see: https://github.com/mjec/fido2-hmac-secret)
@ -136,6 +135,8 @@ Features:
* userdb: allow username prefix searches in varlink API, allow realname and * userdb: allow username prefix searches in varlink API, allow realname and
realname substr searches in varlink API realname substr searches in varlink API
* userdb: allow uid/gid range checks
* userdb: allow existence checks * userdb: allow existence checks
* pid: activation by journal search expression * pid: activation by journal search expression

View File

@ -359,7 +359,9 @@ manpages = [
['sd_bus_message_verify_type', '3', [], ''], ['sd_bus_message_verify_type', '3', [], ''],
['sd_bus_negotiate_fds', ['sd_bus_negotiate_fds',
'3', '3',
['sd_bus_negotiate_creds', 'sd_bus_negotiate_timestamp'], ['sd_bus_get_creds_mask',
'sd_bus_negotiate_creds',
'sd_bus_negotiate_timestamp'],
''], ''],
['sd_bus_new', ['sd_bus_new',
'3', '3',
@ -376,6 +378,7 @@ manpages = [
['sd_bus_path_decode', 'sd_bus_path_decode_many', 'sd_bus_path_encode_many'], ['sd_bus_path_decode', 'sd_bus_path_decode_many', 'sd_bus_path_encode_many'],
''], ''],
['sd_bus_process', '3', [], ''], ['sd_bus_process', '3', [], ''],
['sd_bus_query_sender_creds', '3', ['sd_bus_query_sender_privilege'], ''],
['sd_bus_reply_method_error', ['sd_bus_reply_method_error',
'3', '3',
['sd_bus_reply_method_errno', ['sd_bus_reply_method_errno',

View File

@ -74,6 +74,7 @@
<citerefentry><refentrytitle>sd_bus_get_address</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_get_address</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_allow_interactive_authorization</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_get_allow_interactive_authorization</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_bus_id</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_get_bus_id</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_creds_mask</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_current_handler</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_get_current_handler</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_current_message</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_get_current_message</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_current_slot</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_get_current_slot</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
@ -138,6 +139,8 @@
<citerefentry><refentrytitle>sd_bus_new</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_new</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_path_encode</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_path_encode</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_process</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_process</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_query_sender_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_query_sender_privilege</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_reply_method_return</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_reply_method_return</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_reply_method_error</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_reply_method_error</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_request_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_request_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>,

View File

@ -19,6 +19,7 @@
<refname>sd_bus_negotiate_fds</refname> <refname>sd_bus_negotiate_fds</refname>
<refname>sd_bus_negotiate_timestamp</refname> <refname>sd_bus_negotiate_timestamp</refname>
<refname>sd_bus_negotiate_creds</refname> <refname>sd_bus_negotiate_creds</refname>
<refname>sd_bus_get_creds_mask</refname>
<refpurpose>Control feature negotiation on bus connections</refpurpose> <refpurpose>Control feature negotiation on bus connections</refpurpose>
</refnamediv> </refnamediv>
@ -45,69 +46,69 @@
<paramdef>int <parameter>b</parameter></paramdef> <paramdef>int <parameter>b</parameter></paramdef>
<paramdef>uint64_t <parameter>mask</parameter></paramdef> <paramdef>uint64_t <parameter>mask</parameter></paramdef>
</funcprototype> </funcprototype>
<funcprototype>
<funcdef>int <function>sd_bus_get_creds_mask</function></funcdef>
<paramdef>sd_bus *<parameter>bus</parameter></paramdef>
<paramdef>uint64_t *<parameter>mask</parameter></paramdef>
</funcprototype>
</funcsynopsis> </funcsynopsis>
</refsynopsisdiv> </refsynopsisdiv>
<refsect1> <refsect1>
<title>Description</title> <title>Description</title>
<para><function>sd_bus_negotiate_fds()</function> controls whether <para><function>sd_bus_negotiate_fds()</function> controls whether file descriptor passing shall be
file descriptor passing shall be negotiated for the specified bus negotiated for the specified bus connection. It takes a bus object and a boolean, which, when true,
connection. It takes a bus object and a boolean, which, when true, enables file descriptor passing, and, when false, disables it. Note that not all transports and servers
enables file descriptor passing, and, when false, disables support file descriptor passing. In particular, networked transports generally do not support file
it. Note that not all transports and servers support file descriptor passing. To find out whether file descriptor passing is available after negotiation, use
descriptor passing. In particular, networked transports generally
do not support file descriptor passing. To find out whether file
descriptor passing is available after negotiation, use
<citerefentry><refentrytitle>sd_bus_can_send</refentrytitle><manvolnum>3</manvolnum></citerefentry> <citerefentry><refentrytitle>sd_bus_can_send</refentrytitle><manvolnum>3</manvolnum></citerefentry>
and pass <constant>SD_BUS_TYPE_UNIX_FD</constant>. Note that file and pass <constant>SD_BUS_TYPE_UNIX_FD</constant>. Note that file descriptor passing is always enabled
descriptor passing is always enabled for both sending and for both sending and receiving or for neither, but never only in one direction. By default, file
receiving or for neither, but never only in one direction. By descriptor passing is negotiated for all connections.</para>
default, file descriptor passing is negotiated for all
connections.</para>
<para><function>sd_bus_negotiate_timestamp()</function> controls whether implicit sender <para><function>sd_bus_negotiate_timestamp()</function> controls whether implicit sender timestamps shall
timestamps shall be attached automatically to all incoming messages. Takes a bus object and a be attached automatically to all incoming messages. Takes a bus object and a boolean, which, when true,
boolean, which, when true, enables timestamping, and, when false, disables it. Use enables timestamping, and, when false, disables it. Use
<citerefentry><refentrytitle>sd_bus_message_get_monotonic_usec</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_message_get_monotonic_usec</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_message_get_realtime_usec</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_message_get_realtime_usec</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_message_get_seqnum</refentrytitle><manvolnum>3</manvolnum></citerefentry> <citerefentry><refentrytitle>sd_bus_message_get_seqnum</refentrytitle><manvolnum>3</manvolnum></citerefentry>
to query the timestamps of incoming messages. If negotiation is disabled or not supported, these to query the timestamps of incoming messages. If negotiation is disabled or not supported, these calls
calls will fail with <constant>-ENODATA</constant>. Note that currently no transports support will fail with <constant>-ENODATA</constant>. Note that currently no transports support timestamping of
timestamping of messages. By default, message timestamping is not negotiated for messages. By default, message timestamping is not negotiated for connections.</para>
connections.</para>
<para><function>sd_bus_negotiate_creds()</function> controls whether and which implicit sender <para><function>sd_bus_negotiate_creds()</function> controls whether and which implicit sender
credentials shall be attached automatically to all incoming messages. Takes a bus object and a credentials shall be attached automatically to all incoming messages. Takes a bus object and a boolean
boolean indicating whether to enable or disable the credential parts encoded in the bit mask indicating whether to enable or disable the credential parts encoded in the bit mask value argument. Note
value argument. Note that not all transports support attaching sender credentials to messages, that not all transports support attaching sender credentials to messages, or do not support all types of
or do not support all types of sender credential parameters, or might suppress them under sender credential parameters, or might suppress them under certain circumstances for individual messages.
certain circumstances for individual messages. Specifically, dbus1 only supports Specifically, dbus1 only supports <constant>SD_BUS_CREDS_UNIQUE_NAME</constant>. The sender credentials
<constant>SD_BUS_CREDS_UNIQUE_NAME</constant>. The sender credentials are suitable for are suitable for authorization decisions. By default, only
authorization decisions. By default, only <constant>SD_BUS_CREDS_WELL_KNOWN_NAMES</constant> and <constant>SD_BUS_CREDS_WELL_KNOWN_NAMES</constant> and <constant>SD_BUS_CREDS_UNIQUE_NAME</constant> are
<constant>SD_BUS_CREDS_UNIQUE_NAME</constant> are enabled. In fact, these two credential fields enabled. In fact, these two credential fields are always sent along and cannot be turned off.</para>
are always sent along and cannot be turned off.</para>
<para>The <function>sd_bus_negotiate_fds()</function> function may <para><function>sd_bus_get_creds_mask()</function> returns the set of sender credentials that was
be called only before the connection has been started with negotiated to be attached to all incoming messages in <parameter>mask</parameter>. This value is an
upper boundary only. Hence, always make sure to explicitly check which credentials are attached to a
specific message before using it.</para>
<para>The <function>sd_bus_negotiate_fds()</function> function may be called only before the connection
has been started with
<citerefentry><refentrytitle>sd_bus_start</refentrytitle><manvolnum>3</manvolnum></citerefentry>. Both <citerefentry><refentrytitle>sd_bus_start</refentrytitle><manvolnum>3</manvolnum></citerefentry>. Both
<function>sd_bus_negotiate_timestamp()</function> and <function>sd_bus_negotiate_timestamp()</function> and <function>sd_bus_negotiate_creds()</function> may
<function>sd_bus_negotiate_creds()</function> may also be called also be called after a connection has been set up. Note that, when operating on a connection that is
after a connection has been set up. Note that, when operating on a shared between multiple components of the same program (for example via
connection that is shared between multiple components of the same <citerefentry><refentrytitle>sd_bus_default</refentrytitle><manvolnum>3</manvolnum></citerefentry>), it
program (for example via is highly recommended to only enable additional per message metadata fields, but never disable them
<citerefentry><refentrytitle>sd_bus_default</refentrytitle><manvolnum>3</manvolnum></citerefentry>), again, in order not to disable functionality needed by other components.</para>
it is highly recommended to only enable additional per message
metadata fields, but never disable them again, in order not to
disable functionality needed by other components.</para>
</refsect1> </refsect1>
<refsect1> <refsect1>
<title>Return Value</title> <title>Return Value</title>
<para>On success, these functions return 0 or a <para>On success, these functions return a non-negative integer. On failure, they return a negative
positive integer. On failure, they return a negative errno-style errno-style error code.</para>
error code.</para>
<refsect2> <refsect2>
<title>Errors</title> <title>Errors</title>
@ -120,6 +121,24 @@
<listitem><para>The bus connection has already been started.</para></listitem> <listitem><para>The bus connection has already been started.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><constant>-EINVAL</constant></term>
<listitem><para>An argument is invalid.</para></listitem>
</varlistentry>
<varlistentry>
<term><constant>-ENOPKG</constant></term>
<listitem><para>The bus cannot be resolved.</para></listitem>
</varlistentry>
<varlistentry>
<term><constant>-ECHILD</constant></term>
<listitem><para>The bus was created in a different process.</para></listitem>
</varlistentry>
</variablelist> </variablelist>
</refsect2> </refsect2>
</refsect1> </refsect1>

View File

@ -0,0 +1,133 @@
<?xml version='1.0'?> <!--*-nxml-*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!-- SPDX-License-Identifier: LGPL-2.1+ -->
<refentry id="sd_bus_query_sender_creds" xmlns:xi="http://www.w3.org/2001/XInclude">
<refentryinfo>
<title>sd_bus_query_sender_creds</title>
<productname>systemd</productname>
</refentryinfo>
<refmeta>
<refentrytitle>sd_bus_query_sender_creds</refentrytitle>
<manvolnum>3</manvolnum>
</refmeta>
<refnamediv>
<refname>sd_bus_query_sender_creds</refname>
<refname>sd_bus_query_sender_privilege</refname>
<refpurpose>Query bus message sender credentials/privileges</refpurpose>
</refnamediv>
<refsynopsisdiv>
<funcsynopsis>
<funcsynopsisinfo>#include &lt;systemd/sd-bus.h&gt;</funcsynopsisinfo>
<funcprototype>
<funcdef>int <function>sd_bus_query_sender_creds</function></funcdef>
<paramdef>sd_bus_message *<parameter>m</parameter></paramdef>
<paramdef>uint64_t <parameter>mask</parameter></paramdef>
<paramdef>sd_bus_creds **<parameter>creds</parameter></paramdef>
</funcprototype>
<funcprototype>
<funcdef>sd_bus_error* <function>sd_bus_query_sender_privilege</function></funcdef>
<paramdef>sd_bus_message *<parameter>m</parameter></paramdef>
<paramdef>int <parameter>capability</parameter></paramdef>
</funcprototype>
</funcsynopsis>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para><function>sd_bus_query_sender_creds()</function> returns the credentials of the message
<parameter>m</parameter>. The <parameter>mask</parameter> parameter is a combo of
<constant index='false'>SD_BUS_CREDS_*</constant> flags that indicate which credential info the caller is
interested in. See
<citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>
for a list of possible flags. First, this message checks if the requested credentials are attached to the
message itself. If not but the message contains the pid of the sender, this function tries to figure out
the missing credentials via other means (starting from the pid). If the pid isn't available but the
message has a sender, this function calls
<citerefentry><refentrytitle>sd_bus_get_name_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
to get the requested credentials. If the message has no sender (when a direct connection is used), this
function calls
<citerefentry><refentrytitle>sd_bus_get_owner_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
to get the requested credentials. On success, the requested credentials are stored in
<parameter>creds</parameter>. Ownership of the credentials object in <parameter>creds</parameter> is
transferred to the caller and should be freed by calling
<citerefentry><refentrytitle>sd_bus_creds_unref</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
</para>
<para><function>sd_bus_query_sender_privilege()</function> checks if the message <parameter>m</parameter>
has the requested privileges. If <parameter>capability</parameter> is a non-negative integer, this
function checks if the message has the capability with the same value. See
<citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
for a list of capabilities. If <parameter>capability</parameter> is a negative integer, this function
returns whether the sender of the message runs as the same user as the receiver of the message, or if the
sender of the message runs as root and the receiver of the message does not run as root. On success and
if the message has the requested privileges, this function returns a positive integer. If the message
does not have the requested privileges, this function returns zero.</para>
</refsect1>
<refsect1>
<title>Return Value</title>
<para>On success, these functions return a non-negative integer. On failure, they return a negative
errno-style error code.</para>
<refsect2>
<title>Errors</title>
<para>Returned errors may indicate the following problems:</para>
<variablelist>
<varlistentry>
<term><constant>-EINVAL</constant></term>
<listitem><para>The message <parameter>m</parameter> or an output parameter is
<constant>NULL</constant>.</para></listitem>
</varlistentry>
<varlistentry>
<term><constant>-ENOTCONN</constant></term>
<listitem><para>The bus of <parameter>m</parameter> is not connected.</para></listitem>
</varlistentry>
<varlistentry>
<term><constant>-ECHILD</constant></term>
<listitem><para>The bus of <parameter>m</parameter> was created in a different process.
</para></listitem>
</varlistentry>
<varlistentry>
<term><constant>-EPERM</constant></term>
<listitem><para>The message <parameter>m</parameter> is not sealed.</para></listitem>
</varlistentry>
</variablelist>
</refsect2>
</refsect1>
<xi:include href="libsystemd-pkgconfig.xml" />
<refsect1>
<title>See Also</title>
<para>
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_name_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_get_owner_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd_bus_creds_unref</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
</para>
</refsect1>
</refentry>

File diff suppressed because it is too large Load Diff

View File

@ -1208,6 +1208,7 @@ static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
static int bump_rlimit_memlock(struct rlimit *saved_rlimit) { static int bump_rlimit_memlock(struct rlimit *saved_rlimit) {
struct rlimit new_rlimit; struct rlimit new_rlimit;
uint64_t mm;
int r; int r;
/* BPF_MAP_TYPE_LPM_TRIE bpf maps are charged against RLIMIT_MEMLOCK, even if we have CAP_IPC_LOCK which should /* BPF_MAP_TYPE_LPM_TRIE bpf maps are charged against RLIMIT_MEMLOCK, even if we have CAP_IPC_LOCK which should
@ -1218,9 +1219,12 @@ static int bump_rlimit_memlock(struct rlimit *saved_rlimit) {
* must be unsigned, hence this is a given, but let's make this clear here. */ * must be unsigned, hence this is a given, but let's make this clear here. */
assert_cc(RLIM_INFINITY > 0); assert_cc(RLIM_INFINITY > 0);
mm = physical_memory() / 8; /* Let's scale how much we allow to be locked by the amount of physical
* RAM. We allow an eigth to be locked by us, just to pick a value. */
new_rlimit = (struct rlimit) { new_rlimit = (struct rlimit) {
.rlim_cur = MAX(HIGH_RLIMIT_MEMLOCK, saved_rlimit->rlim_cur), .rlim_cur = MAX3(HIGH_RLIMIT_MEMLOCK, saved_rlimit->rlim_cur, mm),
.rlim_max = MAX(HIGH_RLIMIT_MEMLOCK, saved_rlimit->rlim_max), .rlim_max = MAX3(HIGH_RLIMIT_MEMLOCK, saved_rlimit->rlim_max, mm),
}; };
if (saved_rlimit->rlim_max >= new_rlimit.rlim_cur && if (saved_rlimit->rlim_max >= new_rlimit.rlim_cur &&

View File

@ -190,9 +190,9 @@ static int list_homes(int argc, char *argv[], void *userdata) {
if (arg_legend && !arg_json) { if (arg_legend && !arg_json) {
if (table_get_rows(table) > 1) if (table_get_rows(table) > 1)
printf("\n%zu homes listed.\n", table_get_rows(table) - 1); printf("\n%zu home areas listed.\n", table_get_rows(table) - 1);
else else
printf("No homes.\n"); printf("No home areas.\n");
} }
return 0; return 0;
@ -2134,20 +2134,20 @@ static int help(int argc, char *argv[], void *userdata) {
printf("%1$s [OPTIONS...] COMMAND ...\n\n" printf("%1$s [OPTIONS...] COMMAND ...\n\n"
"%2$sCreate, manipulate or inspect home directories.%3$s\n" "%2$sCreate, manipulate or inspect home directories.%3$s\n"
"\n%4$sCommands:%5$s\n" "\n%4$sCommands:%5$s\n"
" list List homes\n" " list List home areas\n"
" activate USER… Activate home\n" " activate USER… Activate a home area\n"
" deactivate USER… Deactivate home\n" " deactivate USER… Deactivate a home area\n"
" inspect USER… Inspect home\n" " inspect USER… Inspect a home area\n"
" authenticate USER… Authenticate home\n" " authenticate USER… Authenticate a home area\n"
" create USER Create a home area\n" " create USER Create a home area\n"
" remove USER… Remove a home area\n" " remove USER… Remove a home area\n"
" update USER Update a home area\n" " update USER Update a home area\n"
" passwd USER Change password of a home area\n" " passwd USER Change password of a home area\n"
" resize USER SIZE Resize a home area\n" " resize USER SIZE Resize a home area\n"
" lock USER… Temporarily lock an active home\n" " lock USER… Temporarily lock an active home area\n"
" unlock USER… Unlock a temporarily locked home\n" " unlock USER… Unlock a temporarily locked home area\n"
" lock-all Lock all suitable homes\n" " lock-all Lock all suitable home areas\n"
" with USER [COMMAND…] Run shell or command with access to home\n" " with USER [COMMAND…] Run shell or command with access to a home area\n"
"\n%4$sOptions:%5$s\n" "\n%4$sOptions:%5$s\n"
" -h --help Show this help\n" " -h --help Show this help\n"
" --version Show package version\n" " --version Show package version\n"
@ -2248,7 +2248,7 @@ static int help(int argc, char *argv[], void *userdata) {
"\n%4$sCIFS User Record Properties:%5$s\n" "\n%4$sCIFS User Record Properties:%5$s\n"
" --cifs-domain=DOMAIN CIFS (Windows) domain\n" " --cifs-domain=DOMAIN CIFS (Windows) domain\n"
" --cifs-user-name=USER CIFS (Windows) user name\n" " --cifs-user-name=USER CIFS (Windows) user name\n"
" --cifs-service=SERVICE CIFS (Windows) service to mount as home\n" " --cifs-service=SERVICE CIFS (Windows) service to mount as home area\n"
"\n%4$sLogin Behaviour User Record Properties:%5$s\n" "\n%4$sLogin Behaviour User Record Properties:%5$s\n"
" --stop-delay=SECS How long to leave user services running after\n" " --stop-delay=SECS How long to leave user services running after\n"
" logout\n" " logout\n"

View File

@ -569,7 +569,7 @@ int mount_all(const char *dest,
static const MountPoint mount_table[] = { static const MountPoint mount_table[] = {
/* First we list inner child mounts (i.e. mounts applied *after* entering user namespacing) */ /* First we list inner child mounts (i.e. mounts applied *after* entering user namespacing) */
{ "proc", "/proc", "proc", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, { "proc", "/proc", "proc", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
MOUNT_FATAL|MOUNT_IN_USERNS }, MOUNT_FATAL|MOUNT_IN_USERNS|MOUNT_MKDIR },
{ "/proc/sys", "/proc/sys", NULL, NULL, MS_BIND, { "/proc/sys", "/proc/sys", NULL, NULL, MS_BIND,
MOUNT_FATAL|MOUNT_IN_USERNS|MOUNT_APPLY_APIVFS_RO }, /* Bind mount first ... */ MOUNT_FATAL|MOUNT_IN_USERNS|MOUNT_APPLY_APIVFS_RO }, /* Bind mount first ... */
@ -599,23 +599,23 @@ int mount_all(const char *dest,
PROC_READ_ONLY("/proc/scsi"), PROC_READ_ONLY("/proc/scsi"),
{ "mqueue", "/dev/mqueue", "mqueue", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, { "mqueue", "/dev/mqueue", "mqueue", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
MOUNT_IN_USERNS }, MOUNT_IN_USERNS|MOUNT_MKDIR },
/* Then we list outer child mounts (i.e. mounts applied *before* entering user namespacing) */ /* Then we list outer child mounts (i.e. mounts applied *before* entering user namespacing) */
{ "tmpfs", "/tmp", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME, { "tmpfs", "/tmp", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
MOUNT_FATAL|MOUNT_APPLY_TMPFS_TMP }, MOUNT_FATAL|MOUNT_APPLY_TMPFS_TMP|MOUNT_MKDIR },
{ "tmpfs", "/sys", "tmpfs", "mode=555", MS_NOSUID|MS_NOEXEC|MS_NODEV, { "tmpfs", "/sys", "tmpfs", "mode=555", MS_NOSUID|MS_NOEXEC|MS_NODEV,
MOUNT_FATAL|MOUNT_APPLY_APIVFS_NETNS }, MOUNT_FATAL|MOUNT_APPLY_APIVFS_NETNS|MOUNT_MKDIR },
{ "sysfs", "/sys", "sysfs", NULL, MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV, { "sysfs", "/sys", "sysfs", NULL, MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV,
MOUNT_FATAL|MOUNT_APPLY_APIVFS_RO }, /* skipped if above was mounted */ MOUNT_FATAL|MOUNT_APPLY_APIVFS_RO|MOUNT_MKDIR }, /* skipped if above was mounted */
{ "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, { "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
MOUNT_FATAL }, /* skipped if above was mounted */ MOUNT_FATAL|MOUNT_MKDIR }, /* skipped if above was mounted */
{ "tmpfs", "/dev", "tmpfs", "mode=755", MS_NOSUID|MS_STRICTATIME, { "tmpfs", "/dev", "tmpfs", "mode=755", MS_NOSUID|MS_STRICTATIME,
MOUNT_FATAL }, MOUNT_FATAL|MOUNT_MKDIR },
{ "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME, { "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
MOUNT_FATAL }, MOUNT_FATAL|MOUNT_MKDIR },
{ "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME, { "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
MOUNT_FATAL }, MOUNT_FATAL|MOUNT_MKDIR },
#if HAVE_SELINUX #if HAVE_SELINUX
{ "/sys/fs/selinux", "/sys/fs/selinux", NULL, NULL, MS_BIND, { "/sys/fs/selinux", "/sys/fs/selinux", NULL, NULL, MS_BIND,
@ -663,18 +663,20 @@ int mount_all(const char *dest,
continue; continue;
} }
if (FLAGS_SET(mount_table[k].mount_settings, MOUNT_MKDIR)) {
r = mkdir_userns_p(dest, where, 0755, (use_userns && !in_userns) ? uid_shift : UID_INVALID); r = mkdir_userns_p(dest, where, 0755, (use_userns && !in_userns) ? uid_shift : UID_INVALID);
if (r < 0 && r != -EEXIST) { if (r < 0 && r != -EEXIST) {
if (fatal && r != -EROFS) if (fatal && r != -EROFS)
return log_error_errno(r, "Failed to create directory %s: %m", where); return log_error_errno(r, "Failed to create directory %s: %m", where);
log_debug_errno(r, "Failed to create directory %s: %m", where); log_debug_errno(r, "Failed to create directory %s: %m", where);
/* If we failed mkdir() or chown() due to the root
* directory being read only, attempt to mount this fs /* If we failed mkdir() or chown() due to the root directory being read only,
* anyway and let mount_verbose log any errors */ * attempt to mount this fs anyway and let mount_verbose log any errors */
if (r != -EROFS) if (r != -EROFS)
continue; continue;
} }
}
o = mount_table[k].options; o = mount_table[k].options;
if (streq_ptr(mount_table[k].type, "tmpfs")) { if (streq_ptr(mount_table[k].type, "tmpfs")) {

View File

@ -16,6 +16,7 @@ typedef enum MountSettingsMask {
MOUNT_APPLY_TMPFS_TMP = 1 << 5, /* if set, /tmp will be mounted as tmpfs */ MOUNT_APPLY_TMPFS_TMP = 1 << 5, /* if set, /tmp will be mounted as tmpfs */
MOUNT_ROOT_ONLY = 1 << 6, /* if set, only root mounts are mounted */ MOUNT_ROOT_ONLY = 1 << 6, /* if set, only root mounts are mounted */
MOUNT_NON_ROOT_ONLY = 1 << 7, /* if set, only non-root mounts are mounted */ MOUNT_NON_ROOT_ONLY = 1 << 7, /* if set, only non-root mounts are mounted */
MOUNT_MKDIR = 1 << 8, /* if set, make directory to mount over first */
} MountSettingsMask; } MountSettingsMask;
typedef enum CustomMountType { typedef enum CustomMountType {

View File

@ -385,8 +385,8 @@ int sd_bus_emit_interfaces_added(sd_bus *bus, const char *path, const char *inte
int sd_bus_emit_interfaces_removed_strv(sd_bus *bus, const char *path, char **interfaces); int sd_bus_emit_interfaces_removed_strv(sd_bus *bus, const char *path, char **interfaces);
int sd_bus_emit_interfaces_removed(sd_bus *bus, const char *path, const char *interface, ...) _sd_sentinel_; int sd_bus_emit_interfaces_removed(sd_bus *bus, const char *path, const char *interface, ...) _sd_sentinel_;
int sd_bus_query_sender_creds(sd_bus_message *call, uint64_t mask, sd_bus_creds **creds); int sd_bus_query_sender_creds(sd_bus_message *m, uint64_t mask, sd_bus_creds **creds);
int sd_bus_query_sender_privilege(sd_bus_message *call, int capability); int sd_bus_query_sender_privilege(sd_bus_message *m, int capability);
int sd_bus_match_signal(sd_bus *bus, sd_bus_slot **ret, const char *sender, const char *path, const char *interface, const char *member, sd_bus_message_handler_t callback, void *userdata); int sd_bus_match_signal(sd_bus *bus, sd_bus_slot **ret, const char *sender, const char *path, const char *interface, const char *member, sd_bus_message_handler_t callback, void *userdata);
int sd_bus_match_signal_async(sd_bus *bus, sd_bus_slot **ret, const char *sender, const char *path, const char *interface, const char *member, sd_bus_message_handler_t match_callback, sd_bus_message_handler_t add_callback, void *userdata); int sd_bus_match_signal_async(sd_bus *bus, sd_bus_slot **ret, const char *sender, const char *path, const char *interface, const char *member, sd_bus_message_handler_t match_callback, sd_bus_message_handler_t add_callback, void *userdata);

View File

@ -596,8 +596,8 @@ static int help(int argc, char *argv[], void *userdata) {
" -s --service=SERVICE[:SERVICE…]\n" " -s --service=SERVICE[:SERVICE…]\n"
" Query the specified service\n" " Query the specified service\n"
" --with-nss=BOOL Control whether to include glibc NSS data\n" " --with-nss=BOOL Control whether to include glibc NSS data\n"
" -N Disable inclusion of glibc NSS data and disable synthesizing\n" " -N Do not synthesize or include glibc NSS data\n"
" (Same as --with-nss=no --synthesize=no)\n" " (Same as --synthesize=no --with-nss=no)\n"
" --synthesize=BOOL Synthesize root/nobody user\n" " --synthesize=BOOL Synthesize root/nobody user\n"
"\nSee the %s for details.\n" "\nSee the %s for details.\n"
, program_invocation_short_name , program_invocation_short_name