Compare commits
5 Commits
42a739a0b5
...
693040bde5
Author | SHA1 | Date |
---|---|---|
Zbigniew Jędrzejewski-Szmek | 693040bde5 | |
Uwe Kleine-König | 7600dbb870 | |
Valery0xff | 0335d110af | |
Topi Miettinen | efa2f3a18b | |
Topi Miettinen | de46b2be07 |
|
@ -1125,3 +1125,19 @@ bool path_strv_contains(char **l, const char *path) {
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool prefixed_path_strv_contains(char **l, const char *path) {
|
||||||
|
char **i, *j;
|
||||||
|
|
||||||
|
STRV_FOREACH(i, l) {
|
||||||
|
j = *i;
|
||||||
|
if (*j == '-')
|
||||||
|
j++;
|
||||||
|
if (*j == '+')
|
||||||
|
j++;
|
||||||
|
if (path_equal(j, path))
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
|
@ -173,3 +173,4 @@ static inline const char *empty_to_root(const char *path) {
|
||||||
}
|
}
|
||||||
|
|
||||||
bool path_strv_contains(char **l, const char *path);
|
bool path_strv_contains(char **l, const char *path);
|
||||||
|
bool prefixed_path_strv_contains(char **l, const char *path);
|
||||||
|
|
|
@ -5371,7 +5371,10 @@ static int exec_runtime_make(Manager *m, const ExecContext *c, const char *id, E
|
||||||
if (!c->private_network && !c->private_tmp && !c->network_namespace_path)
|
if (!c->private_network && !c->private_tmp && !c->network_namespace_path)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
if (c->private_tmp) {
|
if (c->private_tmp &&
|
||||||
|
!(prefixed_path_strv_contains(c->inaccessible_paths, "/tmp") &&
|
||||||
|
(prefixed_path_strv_contains(c->inaccessible_paths, "/var/tmp") ||
|
||||||
|
prefixed_path_strv_contains(c->inaccessible_paths, "/var")))) {
|
||||||
r = setup_tmp_dirs(id, &tmp_dir, &var_tmp_dir);
|
r = setup_tmp_dirs(id, &tmp_dir, &var_tmp_dir);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
|
@ -1192,7 +1192,7 @@ static bool root_read_only(
|
||||||
if (protect_system == PROTECT_SYSTEM_STRICT)
|
if (protect_system == PROTECT_SYSTEM_STRICT)
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
if (path_strv_contains(read_only_paths, "/"))
|
if (prefixed_path_strv_contains(read_only_paths, "/"))
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
|
@ -1217,9 +1217,9 @@ static bool home_read_only(
|
||||||
if (protect_home != PROTECT_HOME_NO)
|
if (protect_home != PROTECT_HOME_NO)
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
if (path_strv_contains(read_only_paths, "/home") ||
|
if (prefixed_path_strv_contains(read_only_paths, "/home") ||
|
||||||
path_strv_contains(inaccessible_paths, "/home") ||
|
prefixed_path_strv_contains(inaccessible_paths, "/home") ||
|
||||||
path_strv_contains(empty_directories, "/home"))
|
prefixed_path_strv_contains(empty_directories, "/home"))
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
for (i = 0; i < n_temporary_filesystems; i++)
|
for (i = 0; i < n_temporary_filesystems; i++)
|
||||||
|
|
|
@ -921,7 +921,7 @@ static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOp
|
||||||
op = OP_ASSIGN;
|
op = OP_ASSIGN;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, NULL);
|
r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, attr);
|
||||||
} else if (streq(key, "RUN")) {
|
} else if (streq(key, "RUN")) {
|
||||||
if (is_match || op == OP_REMOVE)
|
if (is_match || op == OP_REMOVE)
|
||||||
return log_token_invalid_op(rules, key);
|
return log_token_invalid_op(rules, key);
|
||||||
|
|
|
@ -559,6 +559,14 @@ static void event_run(Manager *manager, struct event *event) {
|
||||||
assert(manager);
|
assert(manager);
|
||||||
assert(event);
|
assert(event);
|
||||||
|
|
||||||
|
if (DEBUG_LOGGING) {
|
||||||
|
DeviceAction action;
|
||||||
|
|
||||||
|
r = device_get_action(event->dev, &action);
|
||||||
|
log_device_debug(event->dev, "Device (SEQNUM=%"PRIu64", ACTION=%s) ready for processing",
|
||||||
|
event->seqnum, r >= 0 ? device_action_to_string(action) : "<unknown>");
|
||||||
|
}
|
||||||
|
|
||||||
HASHMAP_FOREACH(worker, manager->workers, i) {
|
HASHMAP_FOREACH(worker, manager->workers, i) {
|
||||||
if (worker->state != WORKER_IDLE)
|
if (worker->state != WORKER_IDLE)
|
||||||
continue;
|
continue;
|
||||||
|
@ -770,6 +778,9 @@ static int is_device_busy(Manager *manager, struct event *event) {
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
set_delaying_seqnum:
|
set_delaying_seqnum:
|
||||||
|
log_device_debug(event->dev, "SEQNUM=%" PRIu64 " blocked by SEQNUM=%" PRIu64,
|
||||||
|
event->seqnum, loop_event->seqnum);
|
||||||
|
|
||||||
event->delaying_seqnum = loop_event->seqnum;
|
event->delaying_seqnum = loop_event->seqnum;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue