Compare commits
No commits in common. "47d0644e1a0ee5494c908e994f8eebc541f8a8ee" and "68dd195c1b8fdba3fccf166a1c3c2d7ca5a912fe" have entirely different histories.
47d0644e1a
...
68dd195c1b
7
TODO
7
TODO
|
|
@ -234,6 +234,9 @@ Features:
|
|||
* systemd-repart: allow sizing partitions as factor of available RAM, so that
|
||||
we can reasonably size swap partitions for hibernation.
|
||||
|
||||
* systemd-repart: allow running mkfs before making partitions pop up +
|
||||
encryption via LUKS to allow booting into an empty root with only /usr mounted in
|
||||
|
||||
* systemd-repart: allow managing the gpt read-only partition flag + auto-mount flag
|
||||
|
||||
* systemd-repart: allow boolean option that ensures that if existing partition
|
||||
|
|
@ -249,6 +252,10 @@ Features:
|
|||
* systemd-repart: add per-partition option to fail if partition already exist,
|
||||
i.e. is not added new. Similar, add option to fail if partition does not exist yet.
|
||||
|
||||
* systemd-repart: add --size=auto for generating/resizing images of minimal
|
||||
size, i.e. where the image file is sized exactly as large as necessary taking
|
||||
SizeMin= into account, but not a single byte larger.
|
||||
|
||||
* systemd-repart: allow disabling growing of specific partitions, or making
|
||||
them (think ESP: we don't ever want to grow it, since we cannot resize vfat)
|
||||
|
||||
|
|
|
|||
|
|
@ -151,8 +151,6 @@ All execution-related settings are available for transient units.
|
|||
✓ TimerSlackNSec=
|
||||
✓ NoNewPrivileges=
|
||||
✓ KeyringMode=
|
||||
✓ ProtectProc=
|
||||
✓ ProcSubset=
|
||||
✓ SystemCallFilter=
|
||||
✓ SystemCallArchitectures=
|
||||
✓ SystemCallErrorNumber=
|
||||
|
|
|
|||
|
|
@ -55,11 +55,11 @@
|
|||
partition slot greater than the highest slot number currently in use. Any existing partitions that have
|
||||
no matching partition file are left as they are.</para>
|
||||
|
||||
<para>Note that these definitions may only be used to created and initialize new partitions or grow
|
||||
existing ones. In the latter case it will not grow the contained files systems however; separate
|
||||
mechanisms, such as
|
||||
<citerefentry><refentrytitle>systemd-growfs</refentrytitle><manvolnum>8</manvolnum></citerefentry> may be
|
||||
used to grow the file systems inside of these partitions.</para>
|
||||
<para>Note that these partition definition files do not describe the contents of the partitions, such as
|
||||
the file system used. Separate mechanisms, such as
|
||||
<citerefentry><refentrytitle>systemd-growfs</refentrytitle><manvolnum>8</manvolnum></citerefentry> and
|
||||
<command>systemd-makefs</command> maybe be used to initialize or grow the file systems inside of these
|
||||
partitions.</para>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
|
|
@ -327,72 +327,7 @@
|
|||
data is never overwritten. Note that the data is copied in before the partition table is updated,
|
||||
i.e. before the partition actually is persistently created. This provides robustness: it is
|
||||
guaranteed that the partition either doesn't exist or exists fully populated; it is not possible that
|
||||
the partition exists but is not or only partially populated.</para>
|
||||
|
||||
<para>This option cannot be combined with <varname>Format=</varname> or
|
||||
<varname>CopyFiles=</varname>.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><varname>Format=</varname></term>
|
||||
|
||||
<listitem><para>Takes a file system name, such as <literal>ext4</literal>, <literal>btrfs</literal>,
|
||||
<literal>xfs</literal> or <literal>vfat</literal>, or the special value <literal>swap</literal>. If
|
||||
specified and the partition is newly created it is formatted with the specified file system (or as
|
||||
swap device). The file system UUID and label are automatically derived from the partition UUID and
|
||||
label. If this option is used, the size allocation algorithm is slightly altered: the partition is
|
||||
created as least as big as required for the minimal file system of the specified type (or 4KiB if the
|
||||
minimal size is not known).</para>
|
||||
|
||||
<para>This option has no effect if the partition already exists.</para>
|
||||
|
||||
<para>Similar to the behaviour of <varname>CopyBlocks=</varname> the file system is formatted before
|
||||
the partition is created, ensuring that the partition only ever exists with a fully initialized
|
||||
file system.</para>
|
||||
|
||||
<para>This option cannot be combined with <varname>CopyBlocks=</varname>.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><varname>CopyFiles=</varname></term>
|
||||
|
||||
<listitem><para>Takes a pair of colon separated absolute file system paths. The first path refers to
|
||||
a source file or directory on the host, the second path refers to a target in the file system of the
|
||||
newly created partition and formatted file system. This setting may be used to copy files or
|
||||
directories from the host into the file system that is created due to the <varname>Format=</varname>
|
||||
option. If <varname>CopyFiles=</varname> is used without <varname>Format=</varname> specified
|
||||
explicitly, <literal>Format=</literal> with a suitable default is implied (currently
|
||||
<literal>ext4</literal>, but this may change in the future). This option may be used multiple times
|
||||
to copy multiple files or directories from host into the newly formatted file system. The colon and
|
||||
second path may be omitted in which case the source path is also used as the target path (relative to
|
||||
the root of the newly created file system). If the source path refers to a directory it is copied
|
||||
recursively.</para>
|
||||
|
||||
<para>This option has no effect if the partition already exists: it cannot be used to copy additional
|
||||
files into an existing partition, it may only be used to populate a file system created anew.</para>
|
||||
|
||||
<para>The copy operation is executed before the file system is registered in the partition table,
|
||||
thus ensuring that a file system populated this way only ever exists fully initialized.</para>
|
||||
|
||||
<para>This option cannot be combined with <varname>CopyBlocks=</varname>.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><varname>Encrypt=</varname></term>
|
||||
|
||||
<listitem><para>Takes a boolean parameter, defaulting to false. If true the partition will be
|
||||
formatted with a LUKS2 superblock, before the blocks configured with <varname>CopyBlocks=</varname>
|
||||
are copied in or the file system configured with <varname>Format=</varname> is created.</para>
|
||||
|
||||
<para>The LUKS2 UUID is automatically derived from the partition UUID in a stable fashion. A single
|
||||
key is added to the LUKS2 superblock, configurable with the <option>--key-file=</option> switch to
|
||||
<command>systemd-repart</command>.</para>
|
||||
|
||||
<para>When used this slightly alters the size allocation logic as the implicit, minimal size limits
|
||||
of <varname>Format=</varname> and <varname>CopyBlocks=</varname> are increased by the space necessary
|
||||
for the LUKS2 superblock (see above).</para>
|
||||
|
||||
<para>This option has no effect if the partition already exists.</para></listitem>
|
||||
the partition exists but is not or only partially populated.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
|
|
|||
|
|
@ -241,8 +241,6 @@ manpages = [
|
|||
'sd_bus_error_free',
|
||||
'sd_bus_error_get_errno',
|
||||
'sd_bus_error_has_name',
|
||||
'sd_bus_error_has_names',
|
||||
'sd_bus_error_has_names_sentinel',
|
||||
'sd_bus_error_is_set',
|
||||
'sd_bus_error_move',
|
||||
'sd_bus_error_set',
|
||||
|
|
|
|||
|
|
@ -31,8 +31,6 @@
|
|||
<refname>sd_bus_error_move</refname>
|
||||
<refname>sd_bus_error_is_set</refname>
|
||||
<refname>sd_bus_error_has_name</refname>
|
||||
<refname>sd_bus_error_has_names_sentinel</refname>
|
||||
<refname>sd_bus_error_has_names</refname>
|
||||
|
||||
<refpurpose>sd-bus error handling</refpurpose>
|
||||
</refnamediv>
|
||||
|
|
@ -130,16 +128,6 @@
|
|||
<paramdef>const sd_bus_error *<parameter>e</parameter></paramdef>
|
||||
<paramdef>const char *<parameter>name</parameter></paramdef>
|
||||
</funcprototype>
|
||||
|
||||
<funcprototype>
|
||||
<funcdef>int <function>sd_bus_error_has_names_sentinel</function></funcdef>
|
||||
<paramdef>const sd_bus_error *<parameter>e</parameter></paramdef>
|
||||
<paramdef>...</paramdef>
|
||||
</funcprototype>
|
||||
|
||||
<para>
|
||||
#define sd_bus_error_has_names(e, ...) sd_bus_error_has_names_sentinel(e, ..., NULL)
|
||||
</para>
|
||||
</funcsynopsis>
|
||||
|
||||
</refsynopsisdiv>
|
||||
|
|
@ -280,12 +268,6 @@
|
|||
<parameter>name</parameter> has been set,
|
||||
<constant>false</constant> otherwise.</para>
|
||||
|
||||
<para><function>sd_bus_error_has_names_sentinel()</function> is similar to
|
||||
<function>sd_bus_error_has_name()</function>, but takes multiple names to check against. The list must be
|
||||
terminated with <constant>NULL</constant>. <function>sd_bus_error_has_names()</function>
|
||||
is a macro wrapper around <function>sd_bus_error_has_names_sentinel()</function> that adds the
|
||||
<constant>NULL</constant> sentinel automatically.</para>
|
||||
|
||||
<para><function>sd_bus_error_free()</function> will destroy
|
||||
resources held by <parameter>e</parameter>. The parameter itself
|
||||
will not be deallocated, and must be <citerefentry
|
||||
|
|
@ -325,10 +307,11 @@
|
|||
<structfield>name</structfield> field are
|
||||
non-<constant>NULL</constant>, zero otherwise.</para>
|
||||
|
||||
<para><function>sd_bus_error_has_name()</function>, <function>sd_bus_error_has_names()</function>, and
|
||||
<function>sd_bus_error_has_names_sentinel()</function> return a non-zero value when <parameter>e</parameter> is
|
||||
non-<constant>NULL</constant> and the <structfield>name</structfield> field is equal to one of the given
|
||||
names, zero otherwise.</para>
|
||||
<para><function>sd_bus_error_has_name()</function> returns a
|
||||
non-zero value when <parameter>e</parameter> is
|
||||
non-<constant>NULL</constant> and the
|
||||
<structfield>name</structfield> field is equal to
|
||||
<parameter>name</parameter>, zero otherwise.</para>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
|
|
|
|||
|
|
@ -202,26 +202,13 @@
|
|||
<varlistentry>
|
||||
<term><option>--size=</option></term>
|
||||
|
||||
<listitem><para>Takes a size in bytes, using the usual K, M, G, T suffixes, or the special value
|
||||
<literal>auto</literal>. If used the specified device node path must refer to a regular file, which
|
||||
is then grown to the specified size if smaller, before any change is made to the partition table. If
|
||||
specified as <literal>auto</literal> the minimal size for the disk image is automatically determined
|
||||
(i.e. the minimal sizes of all partitions are summed up, taking space for additional metadata into
|
||||
account). This switch is not supported if the specified node is a block device. This switch has no
|
||||
effect if the file is already as large as the specified size or larger. The specified size is
|
||||
implicitly rounded up to multiples of 4096. When used with <option>--empty=create</option> this
|
||||
specifies the initial size of the loopback file to create.</para>
|
||||
|
||||
<para>The <option>--size=auto</option> option takes the sizes of pre-existing partitions into
|
||||
account. However, it does not accomodate for partition tables that are not tightly packed: the
|
||||
configured partitions might still not fit into the backing device if empty space exists between
|
||||
pre-existing partitions (or before the first partition) that cannot be fully filled by partitions to
|
||||
grow or create.</para>
|
||||
|
||||
<para>Also note that the automatic size determination does not take files or directories specified
|
||||
with <option>CopyFiles=</option> into account: operation might fail if the specified files or
|
||||
directories require more disk space then the configured per-partition minimal size
|
||||
limit.</para></listitem>
|
||||
<listitem><para>Takes a size in bytes, using the usual K, M, G, T suffixes. If used the specified
|
||||
device node path must refer to a regular file, which is then grown to the specified size if smaller,
|
||||
before any change is made to the partition table. This is not supported if the specified node is a
|
||||
block device. This switch has no effect if the file is already as large as the specified size or
|
||||
larger. The specified size is implicitly rounded up to multiples of 4096. When used with
|
||||
<option>--empty=create</option> this specifies the initial size of the loopback file to
|
||||
create.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
|
@ -296,18 +283,6 @@
|
|||
<filename>/run/repart.d/*.conf</filename>.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--key-file=</option></term>
|
||||
|
||||
<listitem><para>Takes a file system path. Configures the encryption key to use when setting up LUKS2
|
||||
volumes configured with the <varname>Encrypt=</varname> setting in partition files. Should refer to a
|
||||
regular file containing the key, or an <constant>AF_UNIX</constant> stream socket in the file
|
||||
system. In the latter case a connection is made to it and the key read from it. If this switch is not
|
||||
specified the empty key (i.e. zero length key) is used. This behaviour is useful for setting up encrypted
|
||||
partitions during early first boot that receive their user-supplied password only in a later setup
|
||||
step.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<xi:include href="standard-options.xml" xpointer="help" />
|
||||
<xi:include href="standard-options.xml" xpointer="version" />
|
||||
</variablelist>
|
||||
|
|
|
|||
|
|
@ -267,55 +267,6 @@
|
|||
<xi:include href="system-only.xml" xpointer="singular"/></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><varname>ProtectProc=</varname></term>
|
||||
|
||||
<listitem><para>Takes one of <literal>noaccess</literal>, <literal>invisible</literal>,
|
||||
<literal>ptraceable</literal> or <literal>default</literal> (which it defaults to). When set, this
|
||||
controls the <literal>hidepid=</literal> mount option of the <literal>procfs</literal> instance for
|
||||
the unit that controls which directories with process metainformation
|
||||
(<filename>/proc/<replaceable>PID</replaceable></filename>) are visible and accessible: when set to
|
||||
<literal>noaccess</literal> the ability to access most of other users' process metadata in
|
||||
<filename>/proc/</filename> is taken away for processes of the service. When set to
|
||||
<literal>invisible</literal> processes owned by other users are hidden from
|
||||
<filename>/proc/</filename>. If <literal>ptraceable</literal> all processes that cannot be
|
||||
<function>ptrace()</function>'ed by a process are hidden to it. If <literal>default</literal> no
|
||||
restrictions on <filename>/proc/</filename> access or visibility are made. For further details see
|
||||
<ulink url="https://www.kernel.org/doc/html/latest/filesystems/proc.html#mount-options">The /proc
|
||||
Filesystem</ulink>. It is generally recommended to run most system services with this option set to
|
||||
<literal>invisible</literal>. This option is implemented via file system namespacing, and thus cannot
|
||||
be used with services that shall be able to install mount points in the host file system
|
||||
hierarchy. It also cannot be used for services that need to access metainformation about other users'
|
||||
processes. This option implies <varname>MountAPIVFS=</varname>.</para>
|
||||
|
||||
<para>If the kernel doesn't support per-mount point <option>hidepid=</option> mount options this
|
||||
setting remains without effect, and the unit's processes will be able to access and see other process
|
||||
as if the option was not used.</para>
|
||||
|
||||
<xi:include href="system-only.xml" xpointer="singular"/></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><varname>ProcSubset=</varname></term>
|
||||
|
||||
<listitem><para>Takes one of <literal>all</literal> (the default) and <literal>pid</literal>. If
|
||||
the latter all files and directories not directly associated with process management and introspection
|
||||
are made invisible in the <filename>/proc/</filename> file system configured for the unit's
|
||||
processes. This controls the <literal>subset=</literal> mount option of the <literal>procfs</literal>
|
||||
instance for the unit. For further details see <ulink
|
||||
url="https://www.kernel.org/doc/html/latest/filesystems/proc.html#mount-options">The /proc
|
||||
Filesystem</ulink>. Note that Linux exposes various kernel APIs via <filename>/proc/</filename>,
|
||||
which are made unavailable with this setting. Since these APIs are used frequently this option is
|
||||
useful only in a few, specific cases, and is not suitable for most non-trivial programs.</para>
|
||||
|
||||
<para>Much like <varname>ProtectProc=</varname> above, this is implemented via file system mount
|
||||
namespacing, and hence the same restrictions apply: it is only available to system services, it
|
||||
disables mount propagation to the host mount table, and it implies
|
||||
<varname>MountAPIVFS=</varname>. Also, like <varname>ProtectProc=</varname> this setting is gracefully
|
||||
disabled if the used kernel does not support the <literal>subset=</literal> mount option of
|
||||
<literal>procfs</literal>.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><varname>BindPaths=</varname></term>
|
||||
<term><varname>BindReadOnlyPaths=</varname></term>
|
||||
|
|
@ -2030,10 +1981,6 @@ RestrictNamespaces=~cgroup net</programlisting>
|
|||
<entry>@timer</entry>
|
||||
<entry>System calls for scheduling operations by time (<citerefentry project='man-pages'><refentrytitle>alarm</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>timer_create</refentrytitle><manvolnum>2</manvolnum></citerefentry>, …)</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry>@known</entry>
|
||||
<entry>All system calls defined by the kernel. This list is defined statically in systemd based on a kernel version that was available when this systmed version was released. It will become progressively more out-of-date as the kernel is updated.</entry>
|
||||
</row>
|
||||
</tbody>
|
||||
</tgroup>
|
||||
</table>
|
||||
|
|
|
|||
15
meson.build
15
meson.build
|
|
@ -1625,15 +1625,8 @@ install_libsystemd_static = static_library(
|
|||
libgcrypt],
|
||||
c_args : libsystemd_c_args + (static_libsystemd_pic ? [] : ['-fno-PIC']))
|
||||
|
||||
############################################################
|
||||
|
||||
autosuspend_update_sh = find_program('tools/autosuspend-update.sh')
|
||||
hwdb_update_sh = find_program('tools/hwdb-update.sh')
|
||||
# Generate autosuspend rules
|
||||
make_autosuspend_rules_py = find_program('tools/make-autosuspend-rules.py')
|
||||
make_directive_index_py = find_program('tools/make-directive-index.py')
|
||||
make_man_index_py = find_program('tools/make-man-index.py')
|
||||
syscall_names_update_sh = find_program('tools/syscall-names-update.sh')
|
||||
xml_helper_py = find_program('tools/xml_helper.py')
|
||||
|
||||
############################################################
|
||||
|
||||
|
|
@ -3336,6 +3329,12 @@ run_target(
|
|||
|
||||
############################################################
|
||||
|
||||
make_directive_index_py = find_program('tools/make-directive-index.py')
|
||||
make_man_index_py = find_program('tools/make-man-index.py')
|
||||
xml_helper_py = find_program('tools/xml_helper.py')
|
||||
hwdb_update_sh = find_program('tools/hwdb-update.sh')
|
||||
autosuspend_update_sh = find_program('tools/autosuspend-update.sh')
|
||||
|
||||
subdir('sysctl.d')
|
||||
subdir('sysusers.d')
|
||||
subdir('tmpfiles.d')
|
||||
|
|
|
|||
|
|
@ -21,13 +21,10 @@ rules = files('''
|
|||
75-net-description.rules
|
||||
75-probe_mtd.rules
|
||||
78-sound-card.rules
|
||||
80-drivers.rules
|
||||
80-net-setup-link.rules
|
||||
'''.split())
|
||||
|
||||
if conf.get('HAVE_KMOD') == 1
|
||||
rules += files('80-drivers.rules')
|
||||
endif
|
||||
|
||||
install_data(rules,
|
||||
install_dir : udevrulesdir)
|
||||
|
||||
|
|
|
|||
|
|
@ -26,11 +26,11 @@ _journalctl_fields() {
|
|||
_journalctl_none() {
|
||||
local -a _commands _files _jrnl_none
|
||||
# Setting use-cache will slow this down considerably
|
||||
_commands=( ${(f)"$(_call_program commands "$service $_sys_service_mgr -F _EXE" 2>/dev/null)"} )
|
||||
_commands=( ${"$(_call_program commands "$service $_sys_service_mgr -F _EXE" 2>/dev/null)"} )
|
||||
_jrnl_none='yes'
|
||||
_alternative : \
|
||||
'files:/dev files:_files -W /dev -P /dev/' \
|
||||
'commands:commands:compadd -a _commands' \
|
||||
"commands:commands:($_commands[@])" \
|
||||
'fields:fields:_journalctl_fields'
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -50,8 +50,6 @@ struct security_info {
|
|||
bool ip_filters_custom_egress;
|
||||
|
||||
char *keyring_mode;
|
||||
char *protect_proc;
|
||||
char *proc_subset;
|
||||
bool lock_personality;
|
||||
bool memory_deny_write_execute;
|
||||
bool no_new_privileges;
|
||||
|
|
@ -137,8 +135,6 @@ static void security_info_free(struct security_info *i) {
|
|||
free(i->root_image);
|
||||
|
||||
free(i->keyring_mode);
|
||||
free(i->protect_proc);
|
||||
free(i->proc_subset);
|
||||
free(i->notify_access);
|
||||
|
||||
free(i->device_policy);
|
||||
|
|
@ -392,44 +388,6 @@ static int assess_keyring_mode(
|
|||
return 0;
|
||||
}
|
||||
|
||||
static int assess_protect_proc(
|
||||
const struct security_assessor *a,
|
||||
const struct security_info *info,
|
||||
const void *data,
|
||||
uint64_t *ret_badness,
|
||||
char **ret_description) {
|
||||
|
||||
assert(ret_badness);
|
||||
assert(ret_description);
|
||||
|
||||
if (streq_ptr(info->protect_proc, "noaccess"))
|
||||
*ret_badness = 1;
|
||||
else if (STRPTR_IN_SET(info->protect_proc, "invisible", "ptraceable"))
|
||||
*ret_badness = 0;
|
||||
else
|
||||
*ret_badness = 3;
|
||||
|
||||
*ret_description = NULL;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int assess_proc_subset(
|
||||
const struct security_assessor *a,
|
||||
const struct security_info *info,
|
||||
const void *data,
|
||||
uint64_t *ret_badness,
|
||||
char **ret_description) {
|
||||
|
||||
assert(ret_badness);
|
||||
assert(ret_description);
|
||||
|
||||
*ret_badness = !streq_ptr(info->proc_subset, "pid");
|
||||
*ret_description = NULL;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int assess_notify_access(
|
||||
const struct security_assessor *a,
|
||||
const struct security_info *info,
|
||||
|
|
@ -1191,24 +1149,6 @@ static const struct security_assessor security_assessor_table[] = {
|
|||
.range = 1,
|
||||
.assess = assess_keyring_mode,
|
||||
},
|
||||
{
|
||||
.id = "ProtectProc=",
|
||||
.url = "https://www.freedesktop.org/software/systemd/man/systemd.exec.html#ProtectProc=",
|
||||
.description_good = "Service has restricted access to process tree (/proc hidepid=)",
|
||||
.description_bad = "Service has full access to process tree (/proc hidepid=)",
|
||||
.weight = 1000,
|
||||
.range = 3,
|
||||
.assess = assess_protect_proc,
|
||||
},
|
||||
{
|
||||
.id = "ProcSubset=",
|
||||
.url = "https://www.freedesktop.org/software/systemd/man/systemd.exec.html#ProcSubset=",
|
||||
.description_good = "Service has no access to non-process /proc files (/proc subset=)",
|
||||
.description_bad = "Service has full access to non-process /proc files (/proc subset=)",
|
||||
.weight = 10,
|
||||
.range = 1,
|
||||
.assess = assess_proc_subset,
|
||||
},
|
||||
{
|
||||
.id = "NotifyAccess=",
|
||||
.url = "https://www.freedesktop.org/software/systemd/man/systemd.exec.html#NotifyAccess=",
|
||||
|
|
@ -1968,8 +1908,6 @@ static int acquire_security_info(sd_bus *bus, const char *name, struct security_
|
|||
{ "IPEgressFilterPath", "as", property_read_ip_filters, 0 },
|
||||
{ "Id", "s", NULL, offsetof(struct security_info, id) },
|
||||
{ "KeyringMode", "s", NULL, offsetof(struct security_info, keyring_mode) },
|
||||
{ "ProtectProc", "s", NULL, offsetof(struct security_info, protect_proc) },
|
||||
{ "ProcSubset", "s", NULL, offsetof(struct security_info, proc_subset) },
|
||||
{ "LoadState", "s", NULL, offsetof(struct security_info, load_state) },
|
||||
{ "LockPersonality", "b", NULL, offsetof(struct security_info, lock_personality) },
|
||||
{ "MemoryDenyWriteExecute", "b", NULL, offsetof(struct security_info, memory_deny_write_execute) },
|
||||
|
|
|
|||
|
|
@ -223,7 +223,7 @@ int verify_units(char **filenames, UnitFileScope scope, bool check_man, bool run
|
|||
_cleanup_(manager_freep) Manager *m = NULL;
|
||||
Unit *units[strv_length(filenames)];
|
||||
_cleanup_free_ char *var = NULL;
|
||||
int r, k, i, count = 0;
|
||||
int r = 0, k, i, count = 0;
|
||||
char **filename;
|
||||
|
||||
if (strv_isempty(filenames))
|
||||
|
|
|
|||
|
|
@ -899,7 +899,7 @@ static bool times_in_range(const struct unit_times *times, const struct boot_tim
|
|||
static int list_dependencies_one(sd_bus *bus, const char *name, unsigned level, char ***units, unsigned branches) {
|
||||
_cleanup_strv_free_ char **deps = NULL;
|
||||
char **c;
|
||||
int r;
|
||||
int r = 0;
|
||||
usec_t service_longest = 0;
|
||||
int to_print = 0;
|
||||
struct unit_times *times;
|
||||
|
|
|
|||
|
|
@ -33,49 +33,39 @@ static inline int missing_pivot_root(const char *new_root, const char *put_old)
|
|||
|
||||
/* ======================================================================= */
|
||||
|
||||
#if defined __x86_64__
|
||||
# define systemd_NR_memfd_create 319
|
||||
#elif defined __arm__
|
||||
# define systemd_NR_memfd_create 385
|
||||
#elif defined __aarch64__
|
||||
# define systemd_NR_memfd_create 279
|
||||
#elif defined(__powerpc__)
|
||||
# define systemd_NR_memfd_create 360
|
||||
#elif defined __s390__
|
||||
# define systemd_NR_memfd_create 350
|
||||
#elif defined _MIPS_SIM
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||
# define systemd_NR_memfd_create 4354
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_NABI32
|
||||
# define systemd_NR_memfd_create 6318
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI64
|
||||
# define systemd_NR_memfd_create 5314
|
||||
# endif
|
||||
#elif defined __i386__
|
||||
# define systemd_NR_memfd_create 356
|
||||
#elif defined __arc__
|
||||
# define systemd_NR_memfd_create 279
|
||||
#else
|
||||
# warning "memfd_create() syscall number unknown for your architecture"
|
||||
#endif
|
||||
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
#if defined __NR_memfd_create && __NR_memfd_create >= 0
|
||||
# if defined systemd_NR_memfd_create
|
||||
assert_cc(__NR_memfd_create == systemd_NR_memfd_create);
|
||||
# endif
|
||||
#else
|
||||
# if defined __NR_memfd_create
|
||||
# undef __NR_memfd_create
|
||||
# endif
|
||||
# if defined systemd_NR_memfd_create
|
||||
# define __NR_memfd_create systemd_NR_memfd_create
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#if !HAVE_MEMFD_CREATE
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
# if ! (defined __NR_memfd_create && __NR_memfd_create >= 0)
|
||||
# if defined __NR_memfd_create
|
||||
# undef __NR_memfd_create
|
||||
# endif
|
||||
# if defined __x86_64__
|
||||
# define __NR_memfd_create 319
|
||||
# elif defined __arm__
|
||||
# define __NR_memfd_create 385
|
||||
# elif defined __aarch64__
|
||||
# define __NR_memfd_create 279
|
||||
# elif defined __s390__
|
||||
# define __NR_memfd_create 350
|
||||
# elif defined _MIPS_SIM
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||
# define __NR_memfd_create 4354
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_NABI32
|
||||
# define __NR_memfd_create 6318
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI64
|
||||
# define __NR_memfd_create 5314
|
||||
# endif
|
||||
# elif defined __i386__
|
||||
# define __NR_memfd_create 356
|
||||
# elif defined __arc__
|
||||
# define __NR_memfd_create 279
|
||||
# else
|
||||
# warning "__NR_memfd_create unknown for your architecture"
|
||||
# endif
|
||||
# endif
|
||||
|
||||
static inline int missing_memfd_create(const char *name, unsigned int flags) {
|
||||
# ifdef __NR_memfd_create
|
||||
return syscall(__NR_memfd_create, name, flags);
|
||||
|
|
@ -90,53 +80,45 @@ static inline int missing_memfd_create(const char *name, unsigned int flags) {
|
|||
|
||||
/* ======================================================================= */
|
||||
|
||||
#if defined __x86_64__
|
||||
# define systemd_NR_getrandom 318
|
||||
#elif defined(__i386__)
|
||||
# define systemd_NR_getrandom 355
|
||||
#elif defined(__arm__)
|
||||
# define systemd_NR_getrandom 384
|
||||
#elif defined(__aarch64__)
|
||||
# define systemd_NR_getrandom 278
|
||||
#elif defined(__ia64__)
|
||||
# define systemd_NR_getrandom 1339
|
||||
#elif defined(__m68k__)
|
||||
# define systemd_NR_getrandom 352
|
||||
#elif defined(__s390x__)
|
||||
# define systemd_NR_getrandom 349
|
||||
#elif defined(__powerpc__)
|
||||
# define systemd_NR_getrandom 359
|
||||
#elif defined _MIPS_SIM
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||
# define systemd_NR_getrandom 4353
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_NABI32
|
||||
# define systemd_NR_getrandom 6317
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI64
|
||||
# define systemd_NR_getrandom 5313
|
||||
# endif
|
||||
#elif defined(__arc__)
|
||||
# define systemd_NR_getrandom 278
|
||||
#else
|
||||
# warning "getrandom() syscall number unknown for your architecture"
|
||||
#endif
|
||||
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
#if defined __NR_getrandom && __NR_getrandom >= 0
|
||||
# if defined systemd_NR_getrandom
|
||||
assert_cc(__NR_getrandom == systemd_NR_getrandom);
|
||||
# endif
|
||||
#else
|
||||
# if defined __NR_getrandom
|
||||
# undef __NR_getrandom
|
||||
# endif
|
||||
# if defined systemd_NR_getrandom
|
||||
# define __NR_getrandom systemd_NR_getrandom
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#if !HAVE_GETRANDOM
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
# if ! (defined __NR_getrandom && __NR_getrandom >= 0)
|
||||
# if defined __NR_getrandom
|
||||
# undef __NR_getrandom
|
||||
# endif
|
||||
# if defined __x86_64__
|
||||
# define __NR_getrandom 318
|
||||
# elif defined(__i386__)
|
||||
# define __NR_getrandom 355
|
||||
# elif defined(__arm__)
|
||||
# define __NR_getrandom 384
|
||||
# elif defined(__aarch64__)
|
||||
# define __NR_getrandom 278
|
||||
# elif defined(__ia64__)
|
||||
# define __NR_getrandom 1339
|
||||
# elif defined(__m68k__)
|
||||
# define __NR_getrandom 352
|
||||
# elif defined(__s390x__)
|
||||
# define __NR_getrandom 349
|
||||
# elif defined(__powerpc__)
|
||||
# define __NR_getrandom 359
|
||||
# elif defined _MIPS_SIM
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||
# define __NR_getrandom 4353
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_NABI32
|
||||
# define __NR_getrandom 6317
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI64
|
||||
# define __NR_getrandom 5313
|
||||
# endif
|
||||
# elif defined(__arc__)
|
||||
# define __NR_getrandom 278
|
||||
# else
|
||||
# warning "__NR_getrandom unknown for your architecture"
|
||||
# endif
|
||||
# endif
|
||||
|
||||
static inline int missing_getrandom(void *buffer, size_t count, unsigned flags) {
|
||||
# ifdef __NR_getrandom
|
||||
return syscall(__NR_getrandom, buffer, count, flags);
|
||||
|
|
@ -151,14 +133,9 @@ static inline int missing_getrandom(void *buffer, size_t count, unsigned flags)
|
|||
|
||||
/* ======================================================================= */
|
||||
|
||||
/* The syscall has been defined since forever, but the glibc wrapper was missing. */
|
||||
#if !HAVE_GETTID
|
||||
static inline pid_t missing_gettid(void) {
|
||||
# if defined __NR_gettid && __NR_gettid >= 0
|
||||
return (pid_t) syscall(__NR_gettid);
|
||||
# else
|
||||
# error "__NR_gettid not defined"
|
||||
# endif
|
||||
}
|
||||
|
||||
# define gettid missing_gettid
|
||||
|
|
@ -166,39 +143,27 @@ static inline pid_t missing_gettid(void) {
|
|||
|
||||
/* ======================================================================= */
|
||||
|
||||
#if defined(__x86_64__)
|
||||
# define systemd_NR_name_to_handle_at 303
|
||||
#elif defined(__i386__)
|
||||
# define systemd_NR_name_to_handle_at 341
|
||||
#elif defined(__arm__)
|
||||
# define systemd_NR_name_to_handle_at 370
|
||||
#elif defined __aarch64__
|
||||
# define systemd_NR_name_to_handle_at 264
|
||||
#elif defined(__powerpc__)
|
||||
# define systemd_NR_name_to_handle_at 345
|
||||
#elif defined __s390__ || defined __s390x__
|
||||
# define systemd_NR_name_to_handle_at 335
|
||||
#elif defined(__arc__)
|
||||
# define systemd_NR_name_to_handle_at 264
|
||||
#else
|
||||
# warning "name_to_handle_at number is not defined"
|
||||
#endif
|
||||
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
#if defined __NR_name_to_handle_at && __NR_name_to_handle_at >= 0
|
||||
# if defined systemd_NR_name_to_handle_at
|
||||
assert_cc(__NR_name_to_handle_at == systemd_NR_name_to_handle_at);
|
||||
# endif
|
||||
#else
|
||||
# if defined __NR_name_to_handle_at
|
||||
# undef __NR_name_to_handle_at
|
||||
# endif
|
||||
# if defined systemd_NR_name_to_handle_at
|
||||
# define __NR_name_to_handle_at systemd_NR_name_to_handle_at
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#if !HAVE_NAME_TO_HANDLE_AT
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
# if ! (defined __NR_name_to_handle_at && __NR_name_to_handle_at >= 0)
|
||||
# if defined __NR_name_to_handle_at
|
||||
# undef __NR_name_to_handle_at
|
||||
# endif
|
||||
# if defined(__x86_64__)
|
||||
# define __NR_name_to_handle_at 303
|
||||
# elif defined(__i386__)
|
||||
# define __NR_name_to_handle_at 341
|
||||
# elif defined(__arm__)
|
||||
# define __NR_name_to_handle_at 370
|
||||
# elif defined(__powerpc__)
|
||||
# define __NR_name_to_handle_at 345
|
||||
# elif defined(__arc__)
|
||||
# define __NR_name_to_handle_at 264
|
||||
# else
|
||||
# error "__NR_name_to_handle_at is not defined"
|
||||
# endif
|
||||
# endif
|
||||
|
||||
struct file_handle {
|
||||
unsigned int handle_bytes;
|
||||
int handle_type;
|
||||
|
|
@ -219,39 +184,23 @@ static inline int missing_name_to_handle_at(int fd, const char *name, struct fil
|
|||
|
||||
/* ======================================================================= */
|
||||
|
||||
#if defined __aarch64__
|
||||
# define systemd_NR_setns 268
|
||||
#elif defined __arm__
|
||||
# define systemd_NR_setns 375
|
||||
#elif defined(__x86_64__)
|
||||
# define systemd_NR_setns 308
|
||||
#elif defined(__i386__)
|
||||
# define systemd_NR_setns 346
|
||||
#elif defined(__powerpc__)
|
||||
# define systemd_NR_setns 350
|
||||
#elif defined __s390__ || defined __s390x__
|
||||
# define systemd_NR_setns 339
|
||||
#elif defined(__arc__)
|
||||
# define systemd_NR_setns 268
|
||||
#else
|
||||
# warning "setns() syscall number unknown for your architecture"
|
||||
#endif
|
||||
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
#if defined __NR_setns && __NR_setns >= 0
|
||||
# if defined systemd_NR_setns
|
||||
assert_cc(__NR_setns == systemd_NR_setns);
|
||||
# endif
|
||||
#else
|
||||
# if defined __NR_setns
|
||||
# undef __NR_setns
|
||||
# endif
|
||||
# if defined systemd_NR_setns
|
||||
# define __NR_setns systemd_NR_setns
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#if !HAVE_SETNS
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
# if ! (defined __NR_setns && __NR_setns >= 0)
|
||||
# if defined __NR_setns
|
||||
# undef __NR_setns
|
||||
# endif
|
||||
# if defined(__x86_64__)
|
||||
# define __NR_setns 308
|
||||
# elif defined(__i386__)
|
||||
# define __NR_setns 346
|
||||
# elif defined(__arc__)
|
||||
# define __NR_setns 268
|
||||
# else
|
||||
# error "__NR_setns is not defined"
|
||||
# endif
|
||||
# endif
|
||||
|
||||
static inline int missing_setns(int fd, int nstype) {
|
||||
# ifdef __NR_setns
|
||||
return syscall(__NR_setns, fd, nstype);
|
||||
|
|
@ -276,49 +225,41 @@ static inline pid_t raw_getpid(void) {
|
|||
|
||||
/* ======================================================================= */
|
||||
|
||||
#if defined __x86_64__
|
||||
# define systemd_NR_renameat2 316
|
||||
#elif defined __arm__
|
||||
# define systemd_NR_renameat2 382
|
||||
#elif defined __aarch64__
|
||||
# define systemd_NR_renameat2 276
|
||||
#elif defined _MIPS_SIM
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||
# define systemd_NR_renameat2 4351
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_NABI32
|
||||
# define systemd_NR_renameat2 6315
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI64
|
||||
# define systemd_NR_renameat2 5311
|
||||
# endif
|
||||
#elif defined __i386__
|
||||
# define systemd_NR_renameat2 353
|
||||
#elif defined __powerpc64__
|
||||
# define systemd_NR_renameat2 357
|
||||
#elif defined __s390__ || defined __s390x__
|
||||
# define systemd_NR_renameat2 347
|
||||
#elif defined __arc__
|
||||
# define systemd_NR_renameat2 276
|
||||
#else
|
||||
# warning "renameat2() syscall number unknown for your architecture"
|
||||
#endif
|
||||
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
#if defined __NR_renameat2 && __NR_renameat2 >= 0
|
||||
# if defined systemd_NR_renameat2
|
||||
assert_cc(__NR_renameat2 == systemd_NR_renameat2);
|
||||
# endif
|
||||
#else
|
||||
# if defined __NR_renameat2
|
||||
# undef __NR_renameat2
|
||||
# endif
|
||||
# if defined systemd_NR_renameat2
|
||||
# define __NR_renameat2 systemd_NR_renameat2
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#if !HAVE_RENAMEAT2
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
# if ! (defined __NR_renameat2 && __NR_renameat2 >= 0)
|
||||
# if defined __NR_renameat2
|
||||
# undef __NR_renameat2
|
||||
# endif
|
||||
# if defined __x86_64__
|
||||
# define __NR_renameat2 316
|
||||
# elif defined __arm__
|
||||
# define __NR_renameat2 382
|
||||
# elif defined __aarch64__
|
||||
# define __NR_renameat2 276
|
||||
# elif defined _MIPS_SIM
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||
# define __NR_renameat2 4351
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_NABI32
|
||||
# define __NR_renameat2 6315
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI64
|
||||
# define __NR_renameat2 5311
|
||||
# endif
|
||||
# elif defined __i386__
|
||||
# define __NR_renameat2 353
|
||||
# elif defined __powerpc64__
|
||||
# define __NR_renameat2 357
|
||||
# elif defined __s390__ || defined __s390x__
|
||||
# define __NR_renameat2 347
|
||||
# elif defined __arc__
|
||||
# define __NR_renameat2 276
|
||||
# else
|
||||
# warning "__NR_renameat2 unknown for your architecture"
|
||||
# endif
|
||||
# endif
|
||||
|
||||
static inline int missing_renameat2(int oldfd, const char *oldname, int newfd, const char *newname, unsigned flags) {
|
||||
# ifdef __NR_renameat2
|
||||
return syscall(__NR_renameat2, oldfd, oldname, newfd, newname, flags);
|
||||
|
|
@ -385,39 +326,31 @@ static inline key_serial_t missing_request_key(const char *type, const char *des
|
|||
|
||||
/* ======================================================================= */
|
||||
|
||||
#if defined(__x86_64__)
|
||||
# define systemd_NR_copy_file_range 326
|
||||
#elif defined(__i386__)
|
||||
# define systemd_NR_copy_file_range 377
|
||||
#elif defined __s390__
|
||||
# define systemd_NR_copy_file_range 375
|
||||
#elif defined __arm__
|
||||
# define systemd_NR_copy_file_range 391
|
||||
#elif defined __aarch64__
|
||||
# define systemd_NR_copy_file_range 285
|
||||
#elif defined __powerpc__
|
||||
# define systemd_NR_copy_file_range 379
|
||||
#elif defined __arc__
|
||||
# define systemd_NR_copy_file_range 285
|
||||
#else
|
||||
# warning "copy_file_range() syscall number unknown for your architecture"
|
||||
#endif
|
||||
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
#if defined __NR_copy_file_range && __NR_copy_file_range >= 0
|
||||
# if defined systemd_NR_copy_file_range
|
||||
assert_cc(__NR_copy_file_range == systemd_NR_copy_file_range);
|
||||
# endif
|
||||
#else
|
||||
# if defined __NR_copy_file_range
|
||||
# undef __NR_copy_file_range
|
||||
# endif
|
||||
# if defined systemd_NR_copy_file_range
|
||||
# define __NR_copy_file_range systemd_NR_copy_file_range
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#if !HAVE_COPY_FILE_RANGE
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
# if ! (defined __NR_copy_file_range && __NR_copy_file_range >= 0)
|
||||
# if defined __NR_copy_file_range
|
||||
# undef __NR_copy_file_range
|
||||
# endif
|
||||
# if defined(__x86_64__)
|
||||
# define __NR_copy_file_range 326
|
||||
# elif defined(__i386__)
|
||||
# define __NR_copy_file_range 377
|
||||
# elif defined __s390__
|
||||
# define __NR_copy_file_range 375
|
||||
# elif defined __arm__
|
||||
# define __NR_copy_file_range 391
|
||||
# elif defined __aarch64__
|
||||
# define __NR_copy_file_range 285
|
||||
# elif defined __powerpc__
|
||||
# define __NR_copy_file_range 379
|
||||
# elif defined __arc__
|
||||
# define __NR_copy_file_range 285
|
||||
# else
|
||||
# warning "__NR_copy_file_range not defined for your architecture"
|
||||
# endif
|
||||
# endif
|
||||
|
||||
static inline ssize_t missing_copy_file_range(int fd_in, loff_t *off_in,
|
||||
int fd_out, loff_t *off_out,
|
||||
size_t len,
|
||||
|
|
@ -435,41 +368,31 @@ static inline ssize_t missing_copy_file_range(int fd_in, loff_t *off_in,
|
|||
|
||||
/* ======================================================================= */
|
||||
|
||||
#if defined __i386__
|
||||
# define systemd_NR_bpf 357
|
||||
#elif defined __x86_64__
|
||||
# define systemd_NR_bpf 321
|
||||
#elif defined __aarch64__
|
||||
# define systemd_NR_bpf 280
|
||||
#elif defined __arm__
|
||||
# define systemd_NR_bpf 386
|
||||
#elif defined(__powerpc__)
|
||||
# define systemd_NR_bpf 361
|
||||
#elif defined __sparc__
|
||||
# define systemd_NR_bpf 349
|
||||
#elif defined __s390__
|
||||
# define systemd_NR_bpf 351
|
||||
#elif defined __tilegx__
|
||||
# define systemd_NR_bpf 280
|
||||
#else
|
||||
# warning "bpf() syscall number unknown for your architecture"
|
||||
#endif
|
||||
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
#if defined __NR_bpf && __NR_bpf >= 0
|
||||
# if defined systemd_NR_bpf
|
||||
assert_cc(__NR_bpf == systemd_NR_bpf);
|
||||
# endif
|
||||
#else
|
||||
# if defined __NR_bpf
|
||||
# undef __NR_bpf
|
||||
# endif
|
||||
# if defined systemd_NR_bpf
|
||||
# define __NR_bpf systemd_NR_bpf
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#if !HAVE_BPF
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
# if ! (defined __NR_bpf && __NR_bpf >= 0)
|
||||
# if defined __NR_bpf
|
||||
# undef __NR_bpf
|
||||
# endif
|
||||
# if defined __i386__
|
||||
# define __NR_bpf 357
|
||||
# elif defined __x86_64__
|
||||
# define __NR_bpf 321
|
||||
# elif defined __aarch64__
|
||||
# define __NR_bpf 280
|
||||
# elif defined __arm__
|
||||
# define __NR_bpf 386
|
||||
# elif defined __sparc__
|
||||
# define __NR_bpf 349
|
||||
# elif defined __s390__
|
||||
# define __NR_bpf 351
|
||||
# elif defined __tilegx__
|
||||
# define __NR_bpf 280
|
||||
# else
|
||||
# warning "__NR_bpf not defined for your architecture"
|
||||
# endif
|
||||
# endif
|
||||
|
||||
union bpf_attr;
|
||||
|
||||
static inline int missing_bpf(int cmd, union bpf_attr *attr, size_t size) {
|
||||
|
|
@ -487,84 +410,69 @@ static inline int missing_bpf(int cmd, union bpf_attr *attr, size_t size) {
|
|||
/* ======================================================================= */
|
||||
|
||||
#ifndef __IGNORE_pkey_mprotect
|
||||
# if defined __i386__
|
||||
# define systemd_NR_pkey_mprotect 380
|
||||
# elif defined __x86_64__
|
||||
# define systemd_NR_pkey_mprotect 329
|
||||
# elif defined __aarch64__
|
||||
# define systemd_NR_pkey_mprotect 288
|
||||
# elif defined __arm__
|
||||
# define systemd_NR_pkey_mprotect 394
|
||||
# elif defined __powerpc__
|
||||
# define systemd_NR_pkey_mprotect 386
|
||||
# elif defined __s390__
|
||||
# define systemd_NR_pkey_mprotect 384
|
||||
# elif defined _MIPS_SIM
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||
# define systemd_NR_pkey_mprotect 4363
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_NABI32
|
||||
# define systemd_NR_pkey_mprotect 6327
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI64
|
||||
# define systemd_NR_pkey_mprotect 5323
|
||||
# endif
|
||||
# else
|
||||
# warning "pkey_mprotect() syscall number unknown for your architecture"
|
||||
# endif
|
||||
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
# if defined __NR_pkey_mprotect && __NR_pkey_mprotect >= 0
|
||||
# if defined systemd_NR_pkey_mprotect
|
||||
assert_cc(__NR_pkey_mprotect == systemd_NR_pkey_mprotect);
|
||||
# endif
|
||||
# else
|
||||
# if ! (defined __NR_pkey_mprotect && __NR_pkey_mprotect >= 0)
|
||||
# if defined __NR_pkey_mprotect
|
||||
# undef __NR_pkey_mprotect
|
||||
# endif
|
||||
# if defined systemd_NR_pkey_mprotect
|
||||
# define __NR_pkey_mprotect systemd_NR_pkey_mprotect
|
||||
# if defined __i386__
|
||||
# define __NR_pkey_mprotect 380
|
||||
# elif defined __x86_64__
|
||||
# define __NR_pkey_mprotect 329
|
||||
# elif defined __arm__
|
||||
# define __NR_pkey_mprotect 394
|
||||
# elif defined __aarch64__
|
||||
# define __NR_pkey_mprotect 394
|
||||
# elif defined __powerpc__
|
||||
# define __NR_pkey_mprotect 386
|
||||
# elif defined __s390__
|
||||
# define __NR_pkey_mprotect 384
|
||||
# elif defined _MIPS_SIM
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||
# define __NR_pkey_mprotect 4363
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_NABI32
|
||||
# define __NR_pkey_mprotect 6327
|
||||
# endif
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI64
|
||||
# define __NR_pkey_mprotect 5323
|
||||
# endif
|
||||
# else
|
||||
# warning "__NR_pkey_mprotect not defined for your architecture"
|
||||
# endif
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/* ======================================================================= */
|
||||
|
||||
#if defined __aarch64__
|
||||
# define systemd_NR_statx 291
|
||||
#elif defined __arm__
|
||||
# define systemd_NR_statx 397
|
||||
#elif defined __alpha__
|
||||
# define systemd_NR_statx 522
|
||||
#elif defined __i386__ || defined __powerpc64__
|
||||
# define systemd_NR_statx 383
|
||||
#elif defined __s390__ || defined __s390x__
|
||||
# define systemd_NR_statx 379
|
||||
#elif defined __sparc__
|
||||
# define systemd_NR_statx 360
|
||||
#elif defined __x86_64__
|
||||
# define systemd_NR_statx 332
|
||||
#else
|
||||
# warning "statx() syscall number unknown for your architecture"
|
||||
#if !HAVE_STATX
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
# if ! (defined __NR_statx && __NR_statx >= 0)
|
||||
# if defined __NR_statx
|
||||
# undef __NR_statx
|
||||
# endif
|
||||
# if defined __aarch64__ || defined __arm__
|
||||
# define __NR_statx 397
|
||||
# elif defined __alpha__
|
||||
# define __NR_statx 522
|
||||
# elif defined __i386__ || defined __powerpc64__
|
||||
# define __NR_statx 383
|
||||
# elif defined __sparc__
|
||||
# define __NR_statx 360
|
||||
# elif defined __x86_64__
|
||||
# define __NR_statx 332
|
||||
# else
|
||||
# warning "__NR_statx not defined for your architecture"
|
||||
# endif
|
||||
# endif
|
||||
|
||||
struct statx;
|
||||
#endif
|
||||
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
#if defined __NR_statx && __NR_statx >= 0
|
||||
# if defined systemd_NR_statx
|
||||
assert_cc(__NR_statx == systemd_NR_statx);
|
||||
# endif
|
||||
#else
|
||||
# if defined __NR_statx
|
||||
# undef __NR_statx
|
||||
# endif
|
||||
# if defined systemd_NR_statx
|
||||
# define __NR_statx systemd_NR_statx
|
||||
# endif
|
||||
#endif
|
||||
/* This typedef is supposed to be always defined. */
|
||||
typedef struct statx struct_statx;
|
||||
|
||||
#if !HAVE_STATX
|
||||
struct statx;
|
||||
|
||||
static inline ssize_t missing_statx(int dfd, const char *filename, unsigned flags, unsigned int mask, struct statx *buffer) {
|
||||
# ifdef __NR_statx
|
||||
return syscall(__NR_statx, dfd, filename, flags, mask, buffer);
|
||||
|
|
@ -573,18 +481,12 @@ static inline ssize_t missing_statx(int dfd, const char *filename, unsigned flag
|
|||
return -1;
|
||||
# endif
|
||||
}
|
||||
#endif
|
||||
|
||||
/* This typedef is supposed to be always defined. */
|
||||
typedef struct statx struct_statx;
|
||||
|
||||
#if !HAVE_STATX
|
||||
# define statx(dfd, filename, flags, mask, buffer) missing_statx(dfd, filename, flags, mask, buffer)
|
||||
#endif
|
||||
|
||||
/* ======================================================================= */
|
||||
|
||||
#if !HAVE_SET_MEMPOLICY
|
||||
|
||||
enum {
|
||||
MPOL_DEFAULT,
|
||||
MPOL_PREFERRED,
|
||||
|
|
@ -625,28 +527,19 @@ static inline long missing_get_mempolicy(int *mode, unsigned long *nodemask,
|
|||
# define get_mempolicy missing_get_mempolicy
|
||||
#endif
|
||||
|
||||
/* ======================================================================= */
|
||||
|
||||
/* should be always defined, see kernel 39036cd2727395c3369b1051005da74059a85317 */
|
||||
#if defined(__alpha__)
|
||||
# define systemd_NR_pidfd_send_signal 534
|
||||
#else
|
||||
# define systemd_NR_pidfd_send_signal 424
|
||||
#endif
|
||||
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
#if defined __NR_pidfd_send_signal && __NR_pidfd_send_signal >= 0
|
||||
# if defined systemd_NR_pidfd_send_signal
|
||||
assert_cc(__NR_pidfd_send_signal == systemd_NR_pidfd_send_signal);
|
||||
# endif
|
||||
#else
|
||||
# if defined __NR_pidfd_send_signal
|
||||
# undef __NR_pidfd_send_signal
|
||||
# endif
|
||||
# define __NR_pidfd_send_signal systemd_NR_pidfd_send_signal
|
||||
#endif
|
||||
|
||||
#if !HAVE_PIDFD_SEND_SIGNAL
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
# if ! (defined __NR_pidfd_send_signal && __NR_pidfd_send_signal >= 0)
|
||||
# if defined __NR_pidfd_send_signal
|
||||
# undef __NR_pidfd_send_signal
|
||||
# endif
|
||||
/* should be always defined, see kernel 39036cd2727395c3369b1051005da74059a85317 */
|
||||
# if defined(__alpha__)
|
||||
# define __NR_pidfd_send_signal 534
|
||||
# else
|
||||
# define __NR_pidfd_send_signal 424
|
||||
# endif
|
||||
# endif
|
||||
static inline int missing_pidfd_send_signal(int fd, int sig, siginfo_t *info, unsigned flags) {
|
||||
# ifdef __NR_pidfd_open
|
||||
return syscall(__NR_pidfd_send_signal, fd, sig, info, flags);
|
||||
|
|
@ -659,26 +552,19 @@ static inline int missing_pidfd_send_signal(int fd, int sig, siginfo_t *info, un
|
|||
# define pidfd_send_signal missing_pidfd_send_signal
|
||||
#endif
|
||||
|
||||
/* should be always defined, see kernel 7615d9e1780e26e0178c93c55b73309a5dc093d7 */
|
||||
#if defined(__alpha__)
|
||||
# define systemd_NR_pidfd_open 544
|
||||
#else
|
||||
# define systemd_NR_pidfd_open 434
|
||||
#endif
|
||||
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
#if defined __NR_pidfd_open && __NR_pidfd_open >= 0
|
||||
# if defined systemd_NR_pidfd_open
|
||||
assert_cc(__NR_pidfd_open == systemd_NR_pidfd_open);
|
||||
# endif
|
||||
#else
|
||||
# if defined __NR_pidfd_open
|
||||
# undef __NR_pidfd_open
|
||||
# endif
|
||||
# define __NR_pidfd_open systemd_NR_pidfd_open
|
||||
#endif
|
||||
|
||||
#if !HAVE_PIDFD_OPEN
|
||||
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
|
||||
# if ! (defined __NR_pidfd_open && __NR_pidfd_open >= 0)
|
||||
# if defined __NR_pidfd_open
|
||||
# undef __NR_pidfd_open
|
||||
# endif
|
||||
/* should be always defined, see kernel 7615d9e1780e26e0178c93c55b73309a5dc093d7 */
|
||||
# if defined(__alpha__)
|
||||
# define __NR_pidfd_open 544
|
||||
# else
|
||||
# define __NR_pidfd_open 434
|
||||
# endif
|
||||
# endif
|
||||
static inline int missing_pidfd_open(pid_t pid, unsigned flags) {
|
||||
# ifdef __NR_pidfd_open
|
||||
return syscall(__NR_pidfd_open, pid, flags);
|
||||
|
|
@ -691,15 +577,9 @@ static inline int missing_pidfd_open(pid_t pid, unsigned flags) {
|
|||
# define pidfd_open missing_pidfd_open
|
||||
#endif
|
||||
|
||||
/* ======================================================================= */
|
||||
|
||||
#if !HAVE_RT_SIGQUEUEINFO
|
||||
static inline int missing_rt_sigqueueinfo(pid_t tgid, int sig, siginfo_t *info) {
|
||||
# if defined __NR_rt_sigqueueinfo && __NR_rt_sigqueueinfo >= 0
|
||||
return syscall(__NR_rt_sigqueueinfo, tgid, sig, info);
|
||||
# else
|
||||
# error "__NR_rt_sigqueueinfo not defined"
|
||||
# endif
|
||||
}
|
||||
|
||||
# define rt_sigqueueinfo missing_rt_sigqueueinfo
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
#include <string.h>
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "fd-util.h"
|
||||
#include "format-util.h"
|
||||
#include "fs-util.h"
|
||||
#include "macro.h"
|
||||
|
|
@ -188,54 +187,3 @@ int mkdir_p(const char *path, mode_t mode) {
|
|||
int mkdir_p_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags) {
|
||||
return mkdir_p_internal(prefix, path, mode, uid, gid, flags, mkdir_errno_wrapper);
|
||||
}
|
||||
|
||||
int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m) {
|
||||
_cleanup_free_ char *pp = NULL;
|
||||
_cleanup_close_ int dfd = -1;
|
||||
const char *bn;
|
||||
int r;
|
||||
|
||||
pp = dirname_malloc(p);
|
||||
if (!pp)
|
||||
return -ENOMEM;
|
||||
|
||||
/* Not top-level? */
|
||||
if (!(path_equal(pp, "/") || isempty(pp) || path_equal(pp, "."))) {
|
||||
|
||||
/* Recurse up */
|
||||
r = mkdir_p_root(root, pp, uid, gid, m);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
||||
bn = basename(p);
|
||||
if (path_equal(bn, "/") || isempty(bn) || path_equal(bn, "."))
|
||||
return 0;
|
||||
|
||||
if (!filename_is_valid(bn))
|
||||
return -EINVAL;
|
||||
|
||||
dfd = chase_symlinks_and_open(pp, root, CHASE_PREFIX_ROOT, O_RDONLY|O_CLOEXEC|O_DIRECTORY, NULL);
|
||||
if (dfd < 0)
|
||||
return dfd;
|
||||
|
||||
if (mkdirat(dfd, bn, m) < 0) {
|
||||
if (errno == EEXIST)
|
||||
return 0;
|
||||
|
||||
return -errno;
|
||||
}
|
||||
|
||||
if (uid_is_valid(uid) || gid_is_valid(gid)) {
|
||||
_cleanup_close_ int nfd = -1;
|
||||
|
||||
nfd = openat(dfd, bn, O_RDONLY|O_CLOEXEC|O_DIRECTORY);
|
||||
if (nfd < 0)
|
||||
return -errno;
|
||||
|
||||
if (fchown(nfd, uid, gid) < 0)
|
||||
return -errno;
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,5 +26,3 @@ typedef int (*mkdir_func_t)(const char *pathname, mode_t mode);
|
|||
int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir);
|
||||
int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir);
|
||||
int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir);
|
||||
|
||||
int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m);
|
||||
|
|
|
|||
|
|
@ -726,6 +726,18 @@ int fsck_exists(const char *fstype) {
|
|||
return binary_is_good(checker);
|
||||
}
|
||||
|
||||
int mkfs_exists(const char *fstype) {
|
||||
const char *mkfs;
|
||||
|
||||
assert(fstype);
|
||||
|
||||
if (streq(fstype, "auto"))
|
||||
return -EINVAL;
|
||||
|
||||
mkfs = strjoina("mkfs.", fstype);
|
||||
return binary_is_good(mkfs);
|
||||
}
|
||||
|
||||
int parse_path_argument_and_warn(const char *path, bool suppress_root, char **arg) {
|
||||
char *p;
|
||||
int r;
|
||||
|
|
|
|||
|
|
@ -85,6 +85,7 @@ int find_binary(const char *name, char **filename);
|
|||
bool paths_check_timestamp(const char* const* paths, usec_t *paths_ts_usec, bool update);
|
||||
|
||||
int fsck_exists(const char *fstype);
|
||||
int mkfs_exists(const char *fstype);
|
||||
|
||||
/* Iterates through the path prefixes of the specified path, going up
|
||||
* the tree, to root. Also returns "" (and not "/"!) for the root
|
||||
|
|
|
|||
|
|
@ -47,8 +47,6 @@ static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_exec_input, exec_input, ExecInp
|
|||
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode);
|
||||
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_exec_preserve_mode, exec_preserve_mode, ExecPreserveMode);
|
||||
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_exec_keyring_mode, exec_keyring_mode, ExecKeyringMode);
|
||||
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_protect_proc, protect_proc, ProtectProc);
|
||||
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_proc_subset, proc_subset, ProcSubset);
|
||||
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_protect_home, protect_home, ProtectHome);
|
||||
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_protect_system, protect_system, ProtectSystem);
|
||||
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_personality, personality, unsigned long);
|
||||
|
|
@ -1018,8 +1016,6 @@ const sd_bus_vtable bus_exec_vtable[] = {
|
|||
SD_BUS_PROPERTY("TemporaryFileSystem", "a(ss)", property_get_temporary_filesystems, 0, SD_BUS_VTABLE_PROPERTY_CONST),
|
||||
SD_BUS_PROPERTY("MountAPIVFS", "b", bus_property_get_bool, offsetof(ExecContext, mount_apivfs), SD_BUS_VTABLE_PROPERTY_CONST),
|
||||
SD_BUS_PROPERTY("KeyringMode", "s", property_get_exec_keyring_mode, offsetof(ExecContext, keyring_mode), SD_BUS_VTABLE_PROPERTY_CONST),
|
||||
SD_BUS_PROPERTY("ProtectProc", "s", property_get_protect_proc, offsetof(ExecContext, protect_proc), SD_BUS_VTABLE_PROPERTY_CONST),
|
||||
SD_BUS_PROPERTY("ProcSubset", "s", property_get_proc_subset, offsetof(ExecContext, proc_subset), SD_BUS_VTABLE_PROPERTY_CONST),
|
||||
SD_BUS_PROPERTY("ProtectHostname", "b", bus_property_get_bool, offsetof(ExecContext, protect_hostname), SD_BUS_VTABLE_PROPERTY_CONST),
|
||||
SD_BUS_PROPERTY("NetworkNamespacePath", "s", NULL, offsetof(ExecContext, network_namespace_path), SD_BUS_VTABLE_PROPERTY_CONST),
|
||||
|
||||
|
|
@ -1358,8 +1354,6 @@ static BUS_DEFINE_SET_TRANSIENT_PARSE(utmp_mode, ExecUtmpMode, exec_utmp_mode_fr
|
|||
static BUS_DEFINE_SET_TRANSIENT_PARSE(protect_system, ProtectSystem, protect_system_from_string);
|
||||
static BUS_DEFINE_SET_TRANSIENT_PARSE(protect_home, ProtectHome, protect_home_from_string);
|
||||
static BUS_DEFINE_SET_TRANSIENT_PARSE(keyring_mode, ExecKeyringMode, exec_keyring_mode_from_string);
|
||||
static BUS_DEFINE_SET_TRANSIENT_PARSE(protect_proc, ProtectProc, protect_proc_from_string);
|
||||
static BUS_DEFINE_SET_TRANSIENT_PARSE(proc_subset, ProcSubset, proc_subset_from_string);
|
||||
static BUS_DEFINE_SET_TRANSIENT_PARSE(preserve_mode, ExecPreserveMode, exec_preserve_mode_from_string);
|
||||
static BUS_DEFINE_SET_TRANSIENT_PARSE_PTR(personality, unsigned long, parse_personality);
|
||||
static BUS_DEFINE_SET_TRANSIENT_TO_STRING_ALLOC(secure_bits, "i", int32_t, int, "%" PRIi32, secure_bits_to_string_alloc_with_check);
|
||||
|
|
@ -1712,12 +1706,6 @@ int bus_exec_context_set_transient_property(
|
|||
if (streq(name, "KeyringMode"))
|
||||
return bus_set_transient_keyring_mode(u, name, &c->keyring_mode, message, flags, error);
|
||||
|
||||
if (streq(name, "ProtectProc"))
|
||||
return bus_set_transient_protect_proc(u, name, &c->protect_proc, message, flags, error);
|
||||
|
||||
if (streq(name, "ProcSubset"))
|
||||
return bus_set_transient_proc_subset(u, name, &c->proc_subset, message, flags, error);
|
||||
|
||||
if (streq(name, "RuntimeDirectoryPreserve"))
|
||||
return bus_set_transient_preserve_mode(u, name, &c->runtime_directory_preserve_mode, message, flags, error);
|
||||
|
||||
|
|
|
|||
|
|
@ -1948,9 +1948,7 @@ static bool exec_needs_mount_namespace(
|
|||
context->protect_kernel_tunables ||
|
||||
context->protect_kernel_modules ||
|
||||
context->protect_kernel_logs ||
|
||||
context->protect_control_groups ||
|
||||
context->protect_proc != PROTECT_PROC_DEFAULT ||
|
||||
context->proc_subset != PROC_SUBSET_ALL)
|
||||
context->protect_control_groups)
|
||||
return true;
|
||||
|
||||
if (context->root_directory) {
|
||||
|
|
@ -2652,10 +2650,6 @@ static int apply_mount_namespace(
|
|||
.protect_hostname = context->protect_hostname,
|
||||
.mount_apivfs = context->mount_apivfs,
|
||||
.private_mounts = context->private_mounts,
|
||||
.protect_home = context->protect_home,
|
||||
.protect_system = context->protect_system,
|
||||
.protect_proc = context->protect_proc,
|
||||
.proc_subset = context->proc_subset,
|
||||
};
|
||||
} else if (!context->dynamic_user && root_dir)
|
||||
/*
|
||||
|
|
@ -2686,6 +2680,8 @@ static int apply_mount_namespace(
|
|||
tmp_dir,
|
||||
var_tmp_dir,
|
||||
context->log_namespace,
|
||||
needs_sandboxing ? context->protect_home : PROTECT_HOME_NO,
|
||||
needs_sandboxing ? context->protect_system : PROTECT_SYSTEM_NO,
|
||||
context->mount_flags,
|
||||
context->root_hash, context->root_hash_size, context->root_hash_path,
|
||||
context->root_hash_sig, context->root_hash_sig_size, context->root_hash_sig_path,
|
||||
|
|
@ -4605,9 +4601,7 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) {
|
|||
"%sRestrictRealtime: %s\n"
|
||||
"%sRestrictSUIDSGID: %s\n"
|
||||
"%sKeyringMode: %s\n"
|
||||
"%sProtectHostname: %s\n"
|
||||
"%sProtectProc: %s\n"
|
||||
"%sProcSubset: %s\n",
|
||||
"%sProtectHostname: %s\n",
|
||||
prefix, c->umask,
|
||||
prefix, c->working_directory ? c->working_directory : "/",
|
||||
prefix, c->root_directory ? c->root_directory : "/",
|
||||
|
|
@ -4629,9 +4623,7 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) {
|
|||
prefix, yes_no(c->restrict_realtime),
|
||||
prefix, yes_no(c->restrict_suid_sgid),
|
||||
prefix, exec_keyring_mode_to_string(c->keyring_mode),
|
||||
prefix, yes_no(c->protect_hostname),
|
||||
prefix, protect_proc_to_string(c->protect_proc),
|
||||
prefix, proc_subset_to_string(c->proc_subset));
|
||||
prefix, yes_no(c->protect_hostname));
|
||||
|
||||
if (c->root_image)
|
||||
fprintf(f, "%sRootImage: %s\n", prefix, c->root_image);
|
||||
|
|
|
|||
|
|
@ -260,9 +260,6 @@ struct ExecContext {
|
|||
|
||||
char *log_namespace;
|
||||
|
||||
ProtectProc protect_proc; /* hidepid= */
|
||||
ProcSubset proc_subset; /* subset= */
|
||||
|
||||
bool private_tmp;
|
||||
bool private_network;
|
||||
bool private_devices;
|
||||
|
|
|
|||
|
|
@ -73,8 +73,6 @@ $1.AmbientCapabilities, config_parse_capability_set, 0,
|
|||
$1.TimerSlackNSec, config_parse_nsec, 0, offsetof($1, exec_context.timer_slack_nsec)
|
||||
$1.NoNewPrivileges, config_parse_bool, 0, offsetof($1, exec_context.no_new_privileges)
|
||||
$1.KeyringMode, config_parse_exec_keyring_mode, 0, offsetof($1, exec_context.keyring_mode)
|
||||
$1.ProtectProc, config_parse_protect_proc, 0, offsetof($1, exec_context.protect_proc)
|
||||
$1.ProcSubset, config_parse_proc_subset, 0, offsetof($1, exec_context.proc_subset)
|
||||
m4_ifdef(`HAVE_SECCOMP',
|
||||
`$1.SystemCallFilter, config_parse_syscall_filter, 0, offsetof($1, exec_context)
|
||||
$1.SystemCallArchitectures, config_parse_syscall_archs, 0, offsetof($1, exec_context.syscall_archs)
|
||||
|
|
@ -267,6 +265,7 @@ Unit.SuccessAction, config_parse_emergency_action, 0,
|
|||
Unit.FailureActionExitStatus, config_parse_exit_status, 0, offsetof(Unit, failure_action_exit_status)
|
||||
Unit.SuccessActionExitStatus, config_parse_exit_status, 0, offsetof(Unit, success_action_exit_status)
|
||||
Unit.RebootArgument, config_parse_unit_string_printf, 0, offsetof(Unit, reboot_arg)
|
||||
m4_dnl Also add any conditions to condition_definitions[] in src/analyze/analyze-condition.c.
|
||||
Unit.ConditionPathExists, config_parse_unit_condition_path, CONDITION_PATH_EXISTS, offsetof(Unit, conditions)
|
||||
Unit.ConditionPathExistsGlob, config_parse_unit_condition_path, CONDITION_PATH_EXISTS_GLOB, offsetof(Unit, conditions)
|
||||
Unit.ConditionPathIsDirectory, config_parse_unit_condition_path, CONDITION_PATH_IS_DIRECTORY, offsetof(Unit, conditions)
|
||||
|
|
|
|||
|
|
@ -118,8 +118,6 @@ DEFINE_CONFIG_PARSE(config_parse_exec_secure_bits, secure_bits_from_string, "Fai
|
|||
DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode, collect_mode, CollectMode, "Failed to parse garbage collection mode");
|
||||
DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy, cgroup_device_policy, CGroupDevicePolicy, "Failed to parse device policy");
|
||||
DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode, exec_keyring_mode, ExecKeyringMode, "Failed to parse keyring mode");
|
||||
DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_proc, protect_proc, ProtectProc, "Failed to parse /proc/ protection mode");
|
||||
DEFINE_CONFIG_PARSE_ENUM(config_parse_proc_subset, proc_subset, ProcSubset, "Failed to parse /proc/ subset mode");
|
||||
DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode");
|
||||
DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode, job_mode, JobMode, "Failed to parse job mode");
|
||||
DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access, notify_access, NotifyAccess, "Failed to parse notify access specifier");
|
||||
|
|
|
|||
|
|
@ -108,8 +108,6 @@ CONFIG_PARSER_PROTOTYPE(config_parse_user_group_strv_compat);
|
|||
CONFIG_PARSER_PROTOTYPE(config_parse_restrict_namespaces);
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_bind_paths);
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_exec_keyring_mode);
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_protect_proc);
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_proc_subset);
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_job_timeout_sec);
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_job_running_timeout_sec);
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_log_extra_fields);
|
||||
|
|
|
|||
|
|
@ -97,7 +97,7 @@ static const MountEntry protect_kernel_tunables_table[] = {
|
|||
{ "/proc/latency_stats", READONLY, true },
|
||||
{ "/proc/mtrr", READONLY, true },
|
||||
{ "/proc/scsi", READONLY, true },
|
||||
{ "/proc/sys", READONLY, true },
|
||||
{ "/proc/sys", READONLY, false },
|
||||
{ "/proc/sysrq-trigger", READONLY, true },
|
||||
{ "/proc/timer_stats", READONLY, true },
|
||||
{ "/sys", READONLY, false },
|
||||
|
|
@ -863,66 +863,33 @@ static int mount_sysfs(const MountEntry *m) {
|
|||
return 1;
|
||||
}
|
||||
|
||||
static int mount_procfs(const MountEntry *m, const NamespaceInfo *ns_info) {
|
||||
const char *entry_path;
|
||||
static int mount_procfs(const MountEntry *m) {
|
||||
int r;
|
||||
|
||||
assert(m);
|
||||
assert(ns_info);
|
||||
|
||||
entry_path = mount_entry_path(m);
|
||||
(void) mkdir_p_label(mount_entry_path(m), 0755);
|
||||
|
||||
/* Mount a new instance, so that we get the one that matches our user namespace, if we are running in
|
||||
* one. i.e we don't reuse existing mounts here under any condition, we want a new instance owned by
|
||||
* our user namespace and with our hidepid= settings applied. Hence, let's get rid of everything
|
||||
* mounted on /proc/ first. */
|
||||
r = path_is_mount_point(mount_entry_path(m), NULL, 0);
|
||||
if (r < 0)
|
||||
return log_debug_errno(r, "Unable to determine whether /proc is already mounted: %m");
|
||||
if (r > 0) /* make this a NOP if /proc is already a mount point */
|
||||
return 0;
|
||||
|
||||
(void) mkdir_p_label(entry_path, 0755);
|
||||
(void) umount_recursive(entry_path, 0);
|
||||
|
||||
if (ns_info->protect_proc != PROTECT_PROC_DEFAULT ||
|
||||
ns_info->proc_subset != PROC_SUBSET_ALL) {
|
||||
_cleanup_free_ char *opts = NULL;
|
||||
|
||||
/* Starting with kernel 5.8 procfs' hidepid= logic is truly per-instance (previously it
|
||||
* pretended to be per-instance but actually was per-namespace), hence let's make use of it
|
||||
* if requested. To make sure this logic succeeds only on kernels where hidepid= is
|
||||
* per-instance, we'll exclusively use the textual value for hidepid=, since support was
|
||||
* added in the same commit: if it's supported it is thus also per-instance. */
|
||||
|
||||
opts = strjoin("hidepid=",
|
||||
ns_info->protect_proc == PROTECT_PROC_DEFAULT ? "off" :
|
||||
protect_proc_to_string(ns_info->protect_proc),
|
||||
ns_info->proc_subset == PROC_SUBSET_PID ? ",subset=pid" : "");
|
||||
if (!opts)
|
||||
return -ENOMEM;
|
||||
|
||||
if (mount("proc", entry_path, "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, opts) < 0) {
|
||||
if (errno != EINVAL)
|
||||
return log_debug_errno(errno, "Failed to mount %s (options=%s): %m", mount_entry_path(m), opts);
|
||||
|
||||
/* If this failed with EINVAL then this likely means the textual hidepid= stuff is
|
||||
* not supported by the kernel, and thus the per-instance hidepid= neither, which
|
||||
* means we really don't want to use it, since it would affect our host's /proc
|
||||
* mount. Hence let's gracefully fallback to a classic, unrestricted version. */
|
||||
} else
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (mount("proc", entry_path, "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL) < 0)
|
||||
return log_debug_errno(errno, "Failed to mount %s (no options): %m", mount_entry_path(m));
|
||||
/* Mount a new instance, so that we get the one that matches our user namespace, if we are running in one */
|
||||
if (mount("proc", mount_entry_path(m), "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL) < 0)
|
||||
return log_debug_errno(errno, "Failed to mount %s: %m", mount_entry_path(m));
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int mount_tmpfs(const MountEntry *m) {
|
||||
const char *entry_path, *inner_path;
|
||||
int r;
|
||||
const char *entry_path = mount_entry_path(m);
|
||||
const char *source_path = m->path_const;
|
||||
|
||||
assert(m);
|
||||
|
||||
entry_path = mount_entry_path(m);
|
||||
inner_path = m->path_const;
|
||||
|
||||
/* First, get rid of everything that is below if there is anything. Then, overmount with our new tmpfs */
|
||||
|
||||
(void) mkdir_p_label(entry_path, 0755);
|
||||
|
|
@ -931,9 +898,9 @@ static int mount_tmpfs(const MountEntry *m) {
|
|||
if (mount("tmpfs", entry_path, "tmpfs", m->flags, mount_entry_options(m)) < 0)
|
||||
return log_debug_errno(errno, "Failed to mount %s: %m", entry_path);
|
||||
|
||||
r = label_fix_container(entry_path, inner_path, 0);
|
||||
r = label_fix_container(entry_path, source_path, 0);
|
||||
if (r < 0)
|
||||
return log_debug_errno(r, "Failed to fix label of '%s' as '%s': %m", entry_path, inner_path);
|
||||
return log_debug_errno(r, "Failed to fix label of '%s' as '%s': %m", entry_path, source_path);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
|
@ -1028,8 +995,7 @@ static int follow_symlink(
|
|||
|
||||
static int apply_mount(
|
||||
const char *root_directory,
|
||||
MountEntry *m,
|
||||
const NamespaceInfo *ns_info) {
|
||||
MountEntry *m) {
|
||||
|
||||
_cleanup_free_ char *inaccessible = NULL;
|
||||
bool rbind = true, make = false;
|
||||
|
|
@ -1037,7 +1003,6 @@ static int apply_mount(
|
|||
int r;
|
||||
|
||||
assert(m);
|
||||
assert(ns_info);
|
||||
|
||||
log_debug("Applying namespace mount on %s", mount_entry_path(m));
|
||||
|
||||
|
|
@ -1142,7 +1107,7 @@ static int apply_mount(
|
|||
return mount_sysfs(m);
|
||||
|
||||
case PROCFS:
|
||||
return mount_procfs(m, ns_info);
|
||||
return mount_procfs(m);
|
||||
|
||||
case MOUNT_IMAGES:
|
||||
return mount_images(m);
|
||||
|
|
@ -1254,9 +1219,7 @@ static bool namespace_info_mount_apivfs(const NamespaceInfo *ns_info) {
|
|||
|
||||
return ns_info->mount_apivfs ||
|
||||
ns_info->protect_control_groups ||
|
||||
ns_info->protect_kernel_tunables ||
|
||||
ns_info->protect_proc != PROTECT_PROC_DEFAULT ||
|
||||
ns_info->proc_subset != PROC_SUBSET_ALL;
|
||||
ns_info->protect_kernel_tunables;
|
||||
}
|
||||
|
||||
static size_t namespace_calculate_mounts(
|
||||
|
|
@ -1270,23 +1233,25 @@ static size_t namespace_calculate_mounts(
|
|||
size_t n_mount_images,
|
||||
const char* tmp_dir,
|
||||
const char* var_tmp_dir,
|
||||
const char* log_namespace) {
|
||||
const char* log_namespace,
|
||||
ProtectHome protect_home,
|
||||
ProtectSystem protect_system) {
|
||||
|
||||
size_t protect_home_cnt;
|
||||
size_t protect_system_cnt =
|
||||
(ns_info->protect_system == PROTECT_SYSTEM_STRICT ?
|
||||
(protect_system == PROTECT_SYSTEM_STRICT ?
|
||||
ELEMENTSOF(protect_system_strict_table) :
|
||||
((ns_info->protect_system == PROTECT_SYSTEM_FULL) ?
|
||||
((protect_system == PROTECT_SYSTEM_FULL) ?
|
||||
ELEMENTSOF(protect_system_full_table) :
|
||||
((ns_info->protect_system == PROTECT_SYSTEM_YES) ?
|
||||
((protect_system == PROTECT_SYSTEM_YES) ?
|
||||
ELEMENTSOF(protect_system_yes_table) : 0)));
|
||||
|
||||
protect_home_cnt =
|
||||
(ns_info->protect_home == PROTECT_HOME_YES ?
|
||||
(protect_home == PROTECT_HOME_YES ?
|
||||
ELEMENTSOF(protect_home_yes_table) :
|
||||
((ns_info->protect_home == PROTECT_HOME_READ_ONLY) ?
|
||||
((protect_home == PROTECT_HOME_READ_ONLY) ?
|
||||
ELEMENTSOF(protect_home_read_only_table) :
|
||||
((ns_info->protect_home == PROTECT_HOME_TMPFS) ?
|
||||
((protect_home == PROTECT_HOME_TMPFS) ?
|
||||
ELEMENTSOF(protect_home_tmpfs_table) : 0)));
|
||||
|
||||
return !!tmp_dir + !!var_tmp_dir +
|
||||
|
|
@ -1390,6 +1355,8 @@ int setup_namespace(
|
|||
const char* tmp_dir,
|
||||
const char* var_tmp_dir,
|
||||
const char *log_namespace,
|
||||
ProtectHome protect_home,
|
||||
ProtectSystem protect_system,
|
||||
unsigned long mount_flags,
|
||||
const void *root_hash,
|
||||
size_t root_hash_size,
|
||||
|
|
@ -1422,10 +1389,10 @@ int setup_namespace(
|
|||
|
||||
/* Make the whole image read-only if we can determine that we only access it in a read-only fashion. */
|
||||
if (root_read_only(read_only_paths,
|
||||
ns_info->protect_system) &&
|
||||
protect_system) &&
|
||||
home_read_only(read_only_paths, inaccessible_paths, empty_directories,
|
||||
bind_mounts, n_bind_mounts, temporary_filesystems, n_temporary_filesystems,
|
||||
ns_info->protect_home) &&
|
||||
protect_home) &&
|
||||
strv_isempty(read_write_paths))
|
||||
dissect_image_flags |= DISSECT_IMAGE_READ_ONLY;
|
||||
|
||||
|
|
@ -1494,7 +1461,8 @@ int setup_namespace(
|
|||
n_temporary_filesystems,
|
||||
n_mount_images,
|
||||
tmp_dir, var_tmp_dir,
|
||||
log_namespace);
|
||||
log_namespace,
|
||||
protect_home, protect_system);
|
||||
|
||||
if (n_mounts > 0) {
|
||||
m = mounts = new0(MountEntry, n_mounts);
|
||||
|
|
@ -1591,11 +1559,11 @@ int setup_namespace(
|
|||
};
|
||||
}
|
||||
|
||||
r = append_protect_home(&m, ns_info->protect_home, ns_info->ignore_protect_paths);
|
||||
r = append_protect_home(&m, protect_home, ns_info->ignore_protect_paths);
|
||||
if (r < 0)
|
||||
goto finish;
|
||||
|
||||
r = append_protect_system(&m, ns_info->protect_system, false);
|
||||
r = append_protect_system(&m, protect_system, false);
|
||||
if (r < 0)
|
||||
goto finish;
|
||||
|
||||
|
|
@ -1752,7 +1720,7 @@ int setup_namespace(
|
|||
break;
|
||||
}
|
||||
|
||||
r = apply_mount(root, m, ns_info);
|
||||
r = apply_mount(root, m);
|
||||
if (r < 0) {
|
||||
if (error_path && mount_entry_path(m))
|
||||
*error_path = strdup(mount_entry_path(m));
|
||||
|
|
@ -2272,19 +2240,3 @@ static const char* const namespace_type_table[] = {
|
|||
};
|
||||
|
||||
DEFINE_STRING_TABLE_LOOKUP(namespace_type, NamespaceType);
|
||||
|
||||
static const char* const protect_proc_table[_PROTECT_PROC_MAX] = {
|
||||
[PROTECT_PROC_DEFAULT] = "default",
|
||||
[PROTECT_PROC_NOACCESS] = "noaccess",
|
||||
[PROTECT_PROC_INVISIBLE] = "invisible",
|
||||
[PROTECT_PROC_PTRACEABLE] = "ptraceable",
|
||||
};
|
||||
|
||||
DEFINE_STRING_TABLE_LOOKUP(protect_proc, ProtectProc);
|
||||
|
||||
static const char* const proc_subset_table[_PROC_SUBSET_MAX] = {
|
||||
[PROC_SUBSET_ALL] = "all",
|
||||
[PROC_SUBSET_PID] = "pid",
|
||||
};
|
||||
|
||||
DEFINE_STRING_TABLE_LOOKUP(proc_subset, ProcSubset);
|
||||
|
|
|
|||
|
|
@ -47,22 +47,6 @@ typedef enum ProtectSystem {
|
|||
_PROTECT_SYSTEM_INVALID = -1
|
||||
} ProtectSystem;
|
||||
|
||||
typedef enum ProtectProc {
|
||||
PROTECT_PROC_DEFAULT,
|
||||
PROTECT_PROC_NOACCESS, /* hidepid=noaccess */
|
||||
PROTECT_PROC_INVISIBLE, /* hidepid=invisible */
|
||||
PROTECT_PROC_PTRACEABLE, /* hidepid=ptraceable */
|
||||
_PROTECT_PROC_MAX,
|
||||
_PROTECT_PROC_INVALID = -1,
|
||||
} ProtectProc;
|
||||
|
||||
typedef enum ProcSubset {
|
||||
PROC_SUBSET_ALL,
|
||||
PROC_SUBSET_PID, /* subset=pid */
|
||||
_PROC_SUBSET_MAX,
|
||||
_PROC_SUBSET_INVALID = -1,
|
||||
} ProcSubset;
|
||||
|
||||
struct NamespaceInfo {
|
||||
bool ignore_protect_paths:1;
|
||||
bool private_dev:1;
|
||||
|
|
@ -73,10 +57,6 @@ struct NamespaceInfo {
|
|||
bool protect_kernel_logs:1;
|
||||
bool mount_apivfs:1;
|
||||
bool protect_hostname:1;
|
||||
ProtectHome protect_home;
|
||||
ProtectSystem protect_system;
|
||||
ProtectProc protect_proc;
|
||||
ProcSubset proc_subset;
|
||||
};
|
||||
|
||||
struct BindMount {
|
||||
|
|
@ -118,6 +98,8 @@ int setup_namespace(
|
|||
const char *tmp_dir,
|
||||
const char *var_tmp_dir,
|
||||
const char *log_namespace,
|
||||
ProtectHome protect_home,
|
||||
ProtectSystem protect_system,
|
||||
unsigned long mount_flags,
|
||||
const void *root_hash,
|
||||
size_t root_hash_size,
|
||||
|
|
@ -153,12 +135,6 @@ ProtectHome protect_home_from_string(const char *s) _pure_;
|
|||
const char* protect_system_to_string(ProtectSystem p) _const_;
|
||||
ProtectSystem protect_system_from_string(const char *s) _pure_;
|
||||
|
||||
const char* protect_proc_to_string(ProtectProc i) _const_;
|
||||
ProtectProc protect_proc_from_string(const char *s) _pure_;
|
||||
|
||||
const char* proc_subset_to_string(ProcSubset i) _const_;
|
||||
ProcSubset proc_subset_from_string(const char *s) _pure_;
|
||||
|
||||
void bind_mount_free_many(BindMount *b, size_t n);
|
||||
int bind_mount_add(BindMount **b, size_t *n, const BindMount *item);
|
||||
|
||||
|
|
|
|||
|
|
@ -24,7 +24,6 @@
|
|||
#include "memory-util.h"
|
||||
#include "missing_magic.h"
|
||||
#include "mkdir.h"
|
||||
#include "mkfs-util.h"
|
||||
#include "mount-util.h"
|
||||
#include "openssl-util.h"
|
||||
#include "parse-util.h"
|
||||
|
|
@ -1372,6 +1371,71 @@ int home_trim_luks(UserRecord *h) {
|
|||
return 0;
|
||||
}
|
||||
|
||||
static int run_mkfs(
|
||||
const char *node,
|
||||
const char *fstype,
|
||||
const char *label,
|
||||
sd_id128_t uuid,
|
||||
bool discard) {
|
||||
|
||||
int r;
|
||||
|
||||
assert(node);
|
||||
assert(fstype);
|
||||
assert(label);
|
||||
|
||||
r = mkfs_exists(fstype);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to check if mkfs for file system %s exists: %m", fstype);
|
||||
if (r == 0)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EPROTONOSUPPORT), "No mkfs for file system %s installed.", fstype);
|
||||
|
||||
r = safe_fork("(mkfs)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_STDOUT_TO_STDERR, NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
const char *mkfs;
|
||||
char suuid[37];
|
||||
|
||||
/* Child */
|
||||
|
||||
mkfs = strjoina("mkfs.", fstype);
|
||||
id128_to_uuid_string(uuid, suuid);
|
||||
|
||||
if (streq(fstype, "ext4"))
|
||||
execlp(mkfs, mkfs,
|
||||
"-L", label,
|
||||
"-U", suuid,
|
||||
"-I", "256",
|
||||
"-O", "has_journal",
|
||||
"-m", "0",
|
||||
"-E", discard ? "lazy_itable_init=1,discard" : "lazy_itable_init=1,nodiscard",
|
||||
node, NULL);
|
||||
else if (streq(fstype, "btrfs")) {
|
||||
if (discard)
|
||||
execlp(mkfs, mkfs, "-L", label, "-U", suuid, node, NULL);
|
||||
else
|
||||
execlp(mkfs, mkfs, "-L", label, "-U", suuid, "--nodiscard", node, NULL);
|
||||
} else if (streq(fstype, "xfs")) {
|
||||
const char *j;
|
||||
|
||||
j = strjoina("uuid=", suuid);
|
||||
if (discard)
|
||||
execlp(mkfs, mkfs, "-L", label, "-m", j, "-m", "reflink=1", node, NULL);
|
||||
else
|
||||
execlp(mkfs, mkfs, "-L", label, "-m", j, "-m", "reflink=1", "-K", node, NULL);
|
||||
} else {
|
||||
log_error("Cannot make file system: %s", fstype);
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
log_error_errno(errno, "Failed to execute %s: %m", mkfs);
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static struct crypt_pbkdf_type* build_good_pbkdf(struct crypt_pbkdf_type *buffer, UserRecord *hr) {
|
||||
assert(buffer);
|
||||
assert(hr);
|
||||
|
|
@ -2019,7 +2083,7 @@ int home_create_luks(
|
|||
|
||||
log_info("Setting up LUKS device %s completed.", dm_node);
|
||||
|
||||
r = make_filesystem(dm_node, fstype, user_record_user_name_and_realm(h), fs_uuid, user_record_luks_discard(h));
|
||||
r = run_mkfs(dm_node, fstype, user_record_user_name_and_realm(h), fs_uuid, user_record_luks_discard(h));
|
||||
if (r < 0)
|
||||
goto fail;
|
||||
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@
|
|||
|
||||
#include "bus-common-errors.h"
|
||||
#include "bus-locator.h"
|
||||
#include "bus-util.h"
|
||||
#include "errno-util.h"
|
||||
#include "fd-util.h"
|
||||
#include "home-util.h"
|
||||
|
|
@ -154,7 +153,8 @@ static int acquire_user_record(
|
|||
|
||||
r = bus_call_method(bus, bus_home_mgr, "GetUserRecordByName", &error, &reply, "s", username);
|
||||
if (r < 0) {
|
||||
if (bus_error_is_unknown_service(&error)) {
|
||||
if (sd_bus_error_has_name(&error, SD_BUS_ERROR_SERVICE_UNKNOWN) ||
|
||||
sd_bus_error_has_name(&error, SD_BUS_ERROR_NAME_HAS_NO_OWNER)) {
|
||||
pam_syslog(handle, LOG_DEBUG, "systemd-homed is not available: %s", bus_error_message(&error, r));
|
||||
goto user_unknown;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -85,13 +85,10 @@ fi
|
|||
KERNEL_VERSION="$1"
|
||||
KERNEL_IMAGE="$2"
|
||||
|
||||
# Reuse directory created without a machine ID present if it exists.
|
||||
if [[ -d /efi/Default ]] || [[ -d /boot/Default ]] || [[ -d /boot/efi/Default ]]; then
|
||||
MACHINE_ID="Default"
|
||||
elif [[ -f /etc/machine-id ]]; then
|
||||
if [[ -f /etc/machine-id ]]; then
|
||||
read MACHINE_ID < /etc/machine-id
|
||||
else
|
||||
MACHINE_ID="Default"
|
||||
MACHINE_ID="Linux"
|
||||
fi
|
||||
|
||||
if [[ ! $COMMAND ]] || [[ ! $KERNEL_VERSION ]]; then
|
||||
|
|
|
|||
|
|
@ -727,8 +727,3 @@ global:
|
|||
sd_event_add_time_relative;
|
||||
sd_event_source_set_time_relative;
|
||||
} LIBSYSTEMD_246;
|
||||
|
||||
LIBSYSTEMD_248 {
|
||||
global:
|
||||
sd_bus_error_has_names_sentinel;
|
||||
} LIBSYSTEMD_247;
|
||||
|
|
|
|||
|
|
@ -13,7 +13,6 @@
|
|||
#include "errno-list.h"
|
||||
#include "errno-util.h"
|
||||
#include "string-util.h"
|
||||
#include "strv.h"
|
||||
#include "util.h"
|
||||
|
||||
BUS_ERROR_MAP_ELF_REGISTER const sd_bus_error_map bus_standard_errors[] = {
|
||||
|
|
@ -356,23 +355,11 @@ _public_ int sd_bus_error_has_name(const sd_bus_error *e, const char *name) {
|
|||
return streq_ptr(e->name, name);
|
||||
}
|
||||
|
||||
_public_ int sd_bus_error_has_names_sentinel(const sd_bus_error *e, ...) {
|
||||
if (!e || !e->name)
|
||||
_public_ int sd_bus_error_get_errno(const sd_bus_error* e) {
|
||||
if (!e)
|
||||
return 0;
|
||||
|
||||
va_list ap;
|
||||
const char *p;
|
||||
|
||||
va_start(ap, e);
|
||||
while ((p = va_arg(ap, const char *)))
|
||||
if (streq(p, e->name))
|
||||
break;
|
||||
va_end(ap);
|
||||
return !!p;
|
||||
}
|
||||
|
||||
_public_ int sd_bus_error_get_errno(const sd_bus_error* e) {
|
||||
if (!e || !e->name)
|
||||
if (!e->name)
|
||||
return 0;
|
||||
|
||||
return bus_error_name_to_errno(e->name);
|
||||
|
|
|
|||
|
|
@ -22,11 +22,6 @@ static void test_error(void) {
|
|||
assert_se(streq(error.name, SD_BUS_ERROR_NOT_SUPPORTED));
|
||||
assert_se(streq(error.message, "xxx"));
|
||||
assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_NOT_SUPPORTED));
|
||||
assert_se(sd_bus_error_has_names_sentinel(&error, SD_BUS_ERROR_NOT_SUPPORTED, NULL));
|
||||
assert_se(sd_bus_error_has_names(&error, SD_BUS_ERROR_NOT_SUPPORTED));
|
||||
assert_se(sd_bus_error_has_names(&error, SD_BUS_ERROR_NOT_SUPPORTED, SD_BUS_ERROR_FILE_NOT_FOUND));
|
||||
assert_se(sd_bus_error_has_names(&error, SD_BUS_ERROR_FILE_NOT_FOUND, SD_BUS_ERROR_NOT_SUPPORTED, NULL));
|
||||
assert_se(!sd_bus_error_has_names(&error, SD_BUS_ERROR_FILE_NOT_FOUND));
|
||||
assert_se(sd_bus_error_get_errno(&error) == EOPNOTSUPP);
|
||||
assert_se(sd_bus_error_is_set(&error));
|
||||
sd_bus_error_free(&error);
|
||||
|
|
@ -37,7 +32,6 @@ static void test_error(void) {
|
|||
assert_se(error.name == NULL);
|
||||
assert_se(error.message == NULL);
|
||||
assert_se(!sd_bus_error_has_name(&error, SD_BUS_ERROR_FILE_NOT_FOUND));
|
||||
assert_se(!sd_bus_error_has_names(&error, SD_BUS_ERROR_FILE_NOT_FOUND));
|
||||
assert_se(sd_bus_error_get_errno(&error) == 0);
|
||||
assert_se(!sd_bus_error_is_set(&error));
|
||||
|
||||
|
|
@ -45,7 +39,6 @@ static void test_error(void) {
|
|||
assert_se(streq(error.name, SD_BUS_ERROR_FILE_NOT_FOUND));
|
||||
assert_se(streq(error.message, "yyy -1"));
|
||||
assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_FILE_NOT_FOUND));
|
||||
assert_se(sd_bus_error_has_names(&error, SD_BUS_ERROR_FILE_NOT_FOUND));
|
||||
assert_se(sd_bus_error_get_errno(&error) == ENOENT);
|
||||
assert_se(sd_bus_error_is_set(&error));
|
||||
|
||||
|
|
@ -58,7 +51,6 @@ static void test_error(void) {
|
|||
assert_se(streq(error.message, second.message));
|
||||
assert_se(sd_bus_error_get_errno(&second) == ENOENT);
|
||||
assert_se(sd_bus_error_has_name(&second, SD_BUS_ERROR_FILE_NOT_FOUND));
|
||||
assert_se(sd_bus_error_has_names(&second, SD_BUS_ERROR_FILE_NOT_FOUND));
|
||||
assert_se(sd_bus_error_is_set(&second));
|
||||
|
||||
sd_bus_error_free(&error);
|
||||
|
|
|
|||
|
|
@ -4093,8 +4093,8 @@ int manager_stop_unit(Manager *manager, const char *unit, sd_bus_error *error, c
|
|||
&reply,
|
||||
"ss", unit, "fail");
|
||||
if (r < 0) {
|
||||
if (sd_bus_error_has_names(error, BUS_ERROR_NO_SUCH_UNIT,
|
||||
BUS_ERROR_LOAD_FAILED)) {
|
||||
if (sd_bus_error_has_name(error, BUS_ERROR_NO_SUCH_UNIT) ||
|
||||
sd_bus_error_has_name(error, BUS_ERROR_LOAD_FAILED)) {
|
||||
|
||||
*job = NULL;
|
||||
sd_bus_error_free(error);
|
||||
|
|
@ -4129,9 +4129,9 @@ int manager_abandon_scope(Manager *manager, const char *scope, sd_bus_error *ret
|
|||
NULL,
|
||||
NULL);
|
||||
if (r < 0) {
|
||||
if (sd_bus_error_has_names(&error, BUS_ERROR_NO_SUCH_UNIT,
|
||||
BUS_ERROR_LOAD_FAILED,
|
||||
BUS_ERROR_SCOPE_NOT_RUNNING))
|
||||
if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_UNIT) ||
|
||||
sd_bus_error_has_name(&error, BUS_ERROR_LOAD_FAILED) ||
|
||||
sd_bus_error_has_name(&error, BUS_ERROR_SCOPE_NOT_RUNNING))
|
||||
return 0;
|
||||
|
||||
sd_bus_error_move(ret_error, &error);
|
||||
|
|
@ -4180,14 +4180,14 @@ int manager_unit_is_active(Manager *manager, const char *unit, sd_bus_error *ret
|
|||
if (r < 0) {
|
||||
/* systemd might have dropped off momentarily, let's
|
||||
* not make this an error */
|
||||
if (sd_bus_error_has_names(&error, SD_BUS_ERROR_NO_REPLY,
|
||||
SD_BUS_ERROR_DISCONNECTED))
|
||||
if (sd_bus_error_has_name(&error, SD_BUS_ERROR_NO_REPLY) ||
|
||||
sd_bus_error_has_name(&error, SD_BUS_ERROR_DISCONNECTED))
|
||||
return true;
|
||||
|
||||
/* If the unit is already unloaded then it's not
|
||||
* active */
|
||||
if (sd_bus_error_has_names(&error, BUS_ERROR_NO_SUCH_UNIT,
|
||||
BUS_ERROR_LOAD_FAILED))
|
||||
if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_UNIT) ||
|
||||
sd_bus_error_has_name(&error, BUS_ERROR_LOAD_FAILED))
|
||||
return false;
|
||||
|
||||
sd_bus_error_move(ret_error, &error);
|
||||
|
|
@ -4219,8 +4219,8 @@ int manager_job_is_active(Manager *manager, const char *path, sd_bus_error *ret_
|
|||
&reply,
|
||||
"s");
|
||||
if (r < 0) {
|
||||
if (sd_bus_error_has_names(&error, SD_BUS_ERROR_NO_REPLY,
|
||||
SD_BUS_ERROR_DISCONNECTED))
|
||||
if (sd_bus_error_has_name(&error, SD_BUS_ERROR_NO_REPLY) ||
|
||||
sd_bus_error_has_name(&error, SD_BUS_ERROR_DISCONNECTED))
|
||||
return true;
|
||||
|
||||
if (sd_bus_error_has_name(&error, SD_BUS_ERROR_UNKNOWN_OBJECT))
|
||||
|
|
|
|||
|
|
@ -1464,8 +1464,8 @@ int manager_stop_unit(Manager *manager, const char *unit, sd_bus_error *error, c
|
|||
|
||||
r = bus_call_method(manager->bus, bus_systemd_mgr, "StopUnit", error, &reply, "ss", unit, "fail");
|
||||
if (r < 0) {
|
||||
if (sd_bus_error_has_names(error, BUS_ERROR_NO_SUCH_UNIT,
|
||||
BUS_ERROR_LOAD_FAILED)) {
|
||||
if (sd_bus_error_has_name(error, BUS_ERROR_NO_SUCH_UNIT) ||
|
||||
sd_bus_error_has_name(error, BUS_ERROR_LOAD_FAILED)) {
|
||||
|
||||
if (job)
|
||||
*job = NULL;
|
||||
|
|
@ -1526,12 +1526,12 @@ int manager_unit_is_active(Manager *manager, const char *unit) {
|
|||
&reply,
|
||||
"s");
|
||||
if (r < 0) {
|
||||
if (sd_bus_error_has_names(&error, SD_BUS_ERROR_NO_REPLY,
|
||||
SD_BUS_ERROR_DISCONNECTED))
|
||||
if (sd_bus_error_has_name(&error, SD_BUS_ERROR_NO_REPLY) ||
|
||||
sd_bus_error_has_name(&error, SD_BUS_ERROR_DISCONNECTED))
|
||||
return true;
|
||||
|
||||
if (sd_bus_error_has_names(&error, BUS_ERROR_NO_SUCH_UNIT,
|
||||
BUS_ERROR_LOAD_FAILED))
|
||||
if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_UNIT) ||
|
||||
sd_bus_error_has_name(&error, BUS_ERROR_LOAD_FAILED))
|
||||
return false;
|
||||
|
||||
return r;
|
||||
|
|
@ -1562,8 +1562,8 @@ int manager_job_is_active(Manager *manager, const char *path) {
|
|||
&reply,
|
||||
"s");
|
||||
if (r < 0) {
|
||||
if (sd_bus_error_has_names(&error, SD_BUS_ERROR_NO_REPLY,
|
||||
SD_BUS_ERROR_DISCONNECTED))
|
||||
if (sd_bus_error_has_name(&error, SD_BUS_ERROR_NO_REPLY) ||
|
||||
sd_bus_error_has_name(&error, SD_BUS_ERROR_DISCONNECTED))
|
||||
return true;
|
||||
|
||||
if (sd_bus_error_has_name(&error, SD_BUS_ERROR_UNKNOWN_OBJECT))
|
||||
|
|
|
|||
|
|
@ -510,8 +510,8 @@ static int acquire_link_bitrates(sd_bus *bus, LinkInfo *link) {
|
|||
|
||||
r = link_get_property(bus, link, &error, &reply, "org.freedesktop.network1.Link", "BitRates");
|
||||
if (r < 0) {
|
||||
bool quiet = sd_bus_error_has_names(&error, SD_BUS_ERROR_UNKNOWN_PROPERTY,
|
||||
BUS_ERROR_SPEED_METER_INACTIVE);
|
||||
bool quiet = sd_bus_error_has_name(&error, SD_BUS_ERROR_UNKNOWN_PROPERTY) ||
|
||||
sd_bus_error_has_name(&error, BUS_ERROR_SPEED_METER_INACTIVE);
|
||||
|
||||
return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING,
|
||||
r, "Failed to query link bit rates: %s", bus_error_message(&error, r));
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@
|
|||
|
||||
#if HAVE_SECCOMP
|
||||
|
||||
static int add_syscall_filters(
|
||||
static int seccomp_add_default_syscall_filter(
|
||||
scmp_filter_ctx ctx,
|
||||
uint32_t arch,
|
||||
uint64_t cap_list_retain,
|
||||
|
|
@ -139,7 +139,6 @@ static int add_syscall_filters(
|
|||
*/
|
||||
};
|
||||
|
||||
_cleanup_strv_free_ char **added = NULL;
|
||||
char **p;
|
||||
int r;
|
||||
|
||||
|
|
@ -147,37 +146,18 @@ static int add_syscall_filters(
|
|||
if (allow_list[i].capability != 0 && (cap_list_retain & (1ULL << allow_list[i].capability)) == 0)
|
||||
continue;
|
||||
|
||||
r = seccomp_add_syscall_filter_item(ctx,
|
||||
allow_list[i].name,
|
||||
SCMP_ACT_ALLOW,
|
||||
syscall_deny_list,
|
||||
false,
|
||||
&added);
|
||||
r = seccomp_add_syscall_filter_item(ctx, allow_list[i].name, SCMP_ACT_ALLOW, syscall_deny_list, false);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to add syscall filter item %s: %m", allow_list[i].name);
|
||||
}
|
||||
|
||||
STRV_FOREACH(p, syscall_allow_list) {
|
||||
r = seccomp_add_syscall_filter_item(ctx, *p, SCMP_ACT_ALLOW, syscall_deny_list, true, &added);
|
||||
r = seccomp_add_syscall_filter_item(ctx, *p, SCMP_ACT_ALLOW, syscall_deny_list, true);
|
||||
if (r < 0)
|
||||
log_warning_errno(r, "Failed to add rule for system call %s on %s, ignoring: %m",
|
||||
*p, seccomp_arch_to_string(arch));
|
||||
}
|
||||
|
||||
/* The default action is ENOSYS. Respond with EPERM to all other "known" but not allow-listed
|
||||
* syscalls. */
|
||||
r = seccomp_add_syscall_filter_item(ctx, "@known", SCMP_ACT_ERRNO(EPERM), added, true, NULL);
|
||||
if (r < 0)
|
||||
log_warning_errno(r, "Failed to add rule for @known set on %s, ignoring: %m",
|
||||
seccomp_arch_to_string(arch));
|
||||
|
||||
#if (SCMP_VER_MAJOR == 2 && SCMP_VER_MINOR >= 5) || SCMP_VER_MAJOR > 2
|
||||
/* We have a large filter here, so let's turn on the binary tree mode if possible. */
|
||||
r = seccomp_attr_set(ctx, SCMP_FLTATR_CTL_OPTIMIZE, 2);
|
||||
if (r < 0)
|
||||
return r;
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
@ -195,13 +175,11 @@ int setup_seccomp(uint64_t cap_list_retain, char **syscall_allow_list, char **sy
|
|||
|
||||
log_debug("Applying allow list on architecture: %s", seccomp_arch_to_string(arch));
|
||||
|
||||
/* We install ENOSYS as the default action, but it will only apply to syscalls which are not
|
||||
* in the @known set, see above. */
|
||||
r = seccomp_init_for_arch(&seccomp, arch, SCMP_ACT_ERRNO(ENOSYS));
|
||||
r = seccomp_init_for_arch(&seccomp, arch, SCMP_ACT_ERRNO(EPERM));
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to allocate seccomp object: %m");
|
||||
|
||||
r = add_syscall_filters(seccomp, arch, cap_list_retain, syscall_allow_list, syscall_deny_list);
|
||||
r = seccomp_add_default_syscall_filter(seccomp, arch, cap_list_retain, syscall_allow_list, syscall_deny_list);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
|
|
|
|||
|
|
@ -23,14 +23,12 @@ NSS_GETHOSTBYNAME_PROTOTYPES(resolve);
|
|||
NSS_GETHOSTBYADDR_PROTOTYPES(resolve);
|
||||
|
||||
static bool bus_error_shall_fallback(sd_bus_error *e) {
|
||||
return sd_bus_error_has_names(e,
|
||||
SD_BUS_ERROR_SERVICE_UNKNOWN,
|
||||
SD_BUS_ERROR_NAME_HAS_NO_OWNER,
|
||||
SD_BUS_ERROR_NO_REPLY,
|
||||
SD_BUS_ERROR_ACCESS_DENIED,
|
||||
SD_BUS_ERROR_DISCONNECTED,
|
||||
SD_BUS_ERROR_TIMEOUT,
|
||||
BUS_ERROR_NO_SUCH_UNIT);
|
||||
return sd_bus_error_has_name(e, SD_BUS_ERROR_SERVICE_UNKNOWN) ||
|
||||
sd_bus_error_has_name(e, SD_BUS_ERROR_NAME_HAS_NO_OWNER) ||
|
||||
sd_bus_error_has_name(e, SD_BUS_ERROR_NO_REPLY) ||
|
||||
sd_bus_error_has_name(e, SD_BUS_ERROR_ACCESS_DENIED) ||
|
||||
sd_bus_error_has_name(e, SD_BUS_ERROR_DISCONNECTED) ||
|
||||
sd_bus_error_has_name(e, SD_BUS_ERROR_TIMEOUT);
|
||||
}
|
||||
|
||||
static int count_addresses(sd_bus_message *m, int af, const char **canonical) {
|
||||
|
|
|
|||
|
|
@ -11,15 +11,40 @@
|
|||
#include "dissect-image.h"
|
||||
#include "fd-util.h"
|
||||
#include "main-func.h"
|
||||
#include "mkfs-util.h"
|
||||
#include "process-util.h"
|
||||
#include "signal-util.h"
|
||||
#include "string-util.h"
|
||||
|
||||
static int makefs(const char *type, const char *device) {
|
||||
const char *mkfs;
|
||||
pid_t pid;
|
||||
int r;
|
||||
|
||||
if (streq(type, "swap"))
|
||||
mkfs = "/sbin/mkswap";
|
||||
else
|
||||
mkfs = strjoina("/sbin/mkfs.", type);
|
||||
if (access(mkfs, X_OK) != 0)
|
||||
return log_error_errno(errno, "%s is not executable: %m", mkfs);
|
||||
|
||||
r = safe_fork("(mkfs)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
const char *cmdline[3] = { mkfs, device, NULL };
|
||||
|
||||
/* Child */
|
||||
|
||||
execv(cmdline[0], (char**) cmdline);
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
return wait_for_terminate_and_check(mkfs, pid, WAIT_LOG);
|
||||
}
|
||||
|
||||
static int run(int argc, char *argv[]) {
|
||||
_cleanup_free_ char *device = NULL, *fstype = NULL, *detected = NULL;
|
||||
_cleanup_free_ char *device = NULL, *type = NULL, *detected = NULL;
|
||||
_cleanup_close_ int lock_fd = -1;
|
||||
sd_id128_t uuid;
|
||||
struct stat st;
|
||||
int r;
|
||||
|
||||
|
|
@ -30,8 +55,8 @@ static int run(int argc, char *argv[]) {
|
|||
"This program expects two arguments.");
|
||||
|
||||
/* type and device must be copied because makefs calls safe_fork, which clears argv[] */
|
||||
fstype = strdup(argv[1]);
|
||||
if (!fstype)
|
||||
type = strdup(argv[1]);
|
||||
if (!type)
|
||||
return log_oom();
|
||||
|
||||
device = strdup(argv[2]);
|
||||
|
|
@ -60,11 +85,7 @@ static int run(int argc, char *argv[]) {
|
|||
return 0;
|
||||
}
|
||||
|
||||
r = sd_id128_randomize(&uuid);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to generate UUID for file system: %m");
|
||||
|
||||
return make_filesystem(device, fstype, basename(device), uuid, true);
|
||||
return makefs(type, device);
|
||||
}
|
||||
|
||||
DEFINE_MAIN_FUNCTION(run);
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -154,57 +154,6 @@ EOF
|
|||
|
||||
cmp --bytes=41943040 --ignore-initial=0:$((512*4194264)) $D/block-copy $D/zzz
|
||||
|
||||
if [ `id -u` == 0 ] && type -P cryptsetup diff losetup > /dev/null ; then
|
||||
echo "### Testing Format=/Encrypt=/CopyFiles="
|
||||
|
||||
# These tests require privileges unfortunately
|
||||
|
||||
cat >$D/definitions/extra3.conf <<EOF
|
||||
[Partition]
|
||||
Type=linux-generic
|
||||
Label=luks-format-copy
|
||||
UUID=7b93d1f2-595d-4ce3-b0b9-837fbd9e63b0
|
||||
Format=ext4
|
||||
Encrypt=yes
|
||||
CopyFiles=$D/definitions:/def
|
||||
SizeMinBytes=48M
|
||||
EOF
|
||||
|
||||
$repart $D/zzz --size=auto --dry-run=no --seed=$SEED --definitions=$D/definitions
|
||||
|
||||
sfdisk -d $D/zzz | grep -v -e 'sector-size' -e '^$' >$D/populated5
|
||||
|
||||
cmp $D/populated5 - <<EOF
|
||||
label: gpt
|
||||
label-id: EF7F7EE2-47B3-4251-B1A1-09EA8BF12D5D
|
||||
device: $D/zzz
|
||||
unit: sectors
|
||||
first-lba: 2048
|
||||
last-lba: 6389726
|
||||
$D/zzz1 : start= 2048, size= 591856, type=933AC7E1-2EB4-4F13-B844-0E14E2AEF915, uuid=A6005774-F558-4330-A8E5-D6D2C01C01D6, name="home-first"
|
||||
$D/zzz2 : start= 593904, size= 591856, type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709, uuid=CE9C76EB-A8F1-40FF-813C-11DCA6C0A55B, name="root-x86-64"
|
||||
$D/zzz3 : start= 1185760, size= 591864, type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709, uuid=AC60A837-550C-43BD-B5C4-9CB73B884E79, name="root-x86-64-2"
|
||||
$D/zzz4 : start= 1777624, size= 131072, type=0657FD6D-A4AB-43C4-84E5-0933C84B4F4F, uuid=2AA78CDB-59C7-4173-AF11-C7453737A5D1, name="swap"
|
||||
$D/zzz5 : start= 1908696, size= 2285568, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, uuid=A0A1A2A3-A4A5-A6A7-A8A9-AAABACADAEAF, name="custom_label"
|
||||
$D/zzz6 : start= 4194264, size= 2097152, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, uuid=2A1D97E1-D0A3-46CC-A26E-ADC643926617, name="block-copy"
|
||||
$D/zzz7 : start= 6291416, size= 98304, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, uuid=7B93D1F2-595D-4CE3-B0B9-837FBD9E63B0, name="luks-format-copy"
|
||||
EOF
|
||||
|
||||
LOOP=`losetup -P --show --find $D/zzz`
|
||||
VOLUME=test-repart-$RANDOM
|
||||
|
||||
touch $D/empty-password
|
||||
cryptsetup open --type=luks2 --key-file=$D/empty-password ${LOOP}p7 $VOLUME
|
||||
mkdir $D/mount
|
||||
mount -t ext4 /dev/mapper/$VOLUME $D/mount
|
||||
diff -r $D/mount/def $D/definitions > /dev/null
|
||||
umount $D/mount
|
||||
cryptsetup close $VOLUME
|
||||
losetup -d $LOOP
|
||||
else
|
||||
echo "### Skipping Format=/Encrypt=/CopyFiles= test, lacking privileges or missing cryptsetup/diff/losetup"
|
||||
fi
|
||||
|
||||
echo "### Testing json output ###"
|
||||
$repart $D/zzz --size=3G --dry-run=no --seed=$SEED --definitions=$D/definitions --json=help
|
||||
$repart $D/zzz --size=3G --dry-run=no --seed=$SEED --definitions=$D/definitions --json=pretty
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
#include "bus-internal.h"
|
||||
#include "bus-message.h"
|
||||
#include "bus-polkit.h"
|
||||
#include "bus-util.h"
|
||||
#include "strv.h"
|
||||
#include "user-util.h"
|
||||
|
||||
|
|
@ -124,7 +123,7 @@ int bus_test_polkit(
|
|||
r = sd_bus_call(call->bus, request, 0, ret_error, &reply);
|
||||
if (r < 0) {
|
||||
/* Treat no PK available as access denied */
|
||||
if (bus_error_is_unknown_service(ret_error)) {
|
||||
if (sd_bus_error_has_name(ret_error, SD_BUS_ERROR_SERVICE_UNKNOWN)) {
|
||||
sd_bus_error_free(ret_error);
|
||||
return -EACCES;
|
||||
}
|
||||
|
|
@ -297,7 +296,8 @@ int bus_verify_polkit_async(
|
|||
e = sd_bus_message_get_error(q->reply);
|
||||
|
||||
/* Treat no PK available as access denied */
|
||||
if (bus_error_is_unknown_service(e))
|
||||
if (sd_bus_error_has_name(e, SD_BUS_ERROR_SERVICE_UNKNOWN) ||
|
||||
sd_bus_error_has_name(e, SD_BUS_ERROR_NAME_HAS_NO_OWNER))
|
||||
return -EACCES;
|
||||
|
||||
/* Copy error from polkit reply */
|
||||
|
|
|
|||
|
|
@ -855,8 +855,6 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con
|
|||
"RuntimeDirectoryPreserve",
|
||||
"Personality",
|
||||
"KeyringMode",
|
||||
"ProtectProc",
|
||||
"ProcSubset",
|
||||
"NetworkNamespacePath",
|
||||
"LogNamespace"))
|
||||
return bus_append_string(m, field, eq);
|
||||
|
|
|
|||
|
|
@ -14,13 +14,14 @@
|
|||
#include "sd-event.h"
|
||||
#include "sd-id128.h"
|
||||
|
||||
#include "bus-common-errors.h"
|
||||
/* #include "alloc-util.h" */
|
||||
#include "bus-internal.h"
|
||||
#include "bus-label.h"
|
||||
#include "bus-util.h"
|
||||
#include "path-util.h"
|
||||
#include "socket-util.h"
|
||||
#include "stdio-util.h"
|
||||
/* #include "string-util.h" */
|
||||
|
||||
static int name_owner_change_callback(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) {
|
||||
sd_event *e = userdata;
|
||||
|
|
@ -152,13 +153,6 @@ int bus_name_has_owner(sd_bus *c, const char *name, sd_bus_error *error) {
|
|||
return has_owner;
|
||||
}
|
||||
|
||||
bool bus_error_is_unknown_service(const sd_bus_error *error) {
|
||||
return sd_bus_error_has_names(error,
|
||||
SD_BUS_ERROR_SERVICE_UNKNOWN,
|
||||
SD_BUS_ERROR_NAME_HAS_NO_OWNER,
|
||||
BUS_ERROR_NO_SUCH_UNIT);
|
||||
}
|
||||
|
||||
int bus_check_peercred(sd_bus *c) {
|
||||
struct ucred ucred;
|
||||
int fd, r;
|
||||
|
|
|
|||
|
|
@ -28,7 +28,6 @@ typedef bool (*check_idle_t)(void *userdata);
|
|||
int bus_event_loop_with_idle(sd_event *e, sd_bus *bus, const char *name, usec_t timeout, check_idle_t check_idle, void *userdata);
|
||||
|
||||
int bus_name_has_owner(sd_bus *c, const char *name, sd_bus_error *error);
|
||||
bool bus_error_is_unknown_service(const sd_bus_error *error);
|
||||
|
||||
int bus_check_peercred(sd_bus *c);
|
||||
|
||||
|
|
|
|||
|
|
@ -1017,13 +1017,6 @@ static int mount_partition(
|
|||
}
|
||||
|
||||
if (directory) {
|
||||
if (!FLAGS_SET(flags, DISSECT_IMAGE_READ_ONLY)) {
|
||||
/* Automatically create missing mount points, if necessary. */
|
||||
r = mkdir_p_root(where, directory, uid_shift, (gid_t) uid_shift, 0755);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
||||
r = chase_symlinks(directory, where, CHASE_PREFIX_ROOT, &chased, NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
|
@ -1069,7 +1062,7 @@ static int mount_partition(
|
|||
}
|
||||
|
||||
int dissected_image_mount(DissectedImage *m, const char *where, uid_t uid_shift, DissectImageFlags flags) {
|
||||
int r, xbootldr_mounted;
|
||||
int r, boot_mounted;
|
||||
|
||||
assert(m);
|
||||
assert(where);
|
||||
|
|
@ -1123,47 +1116,29 @@ int dissected_image_mount(DissectedImage *m, const char *where, uid_t uid_shift,
|
|||
if (r < 0)
|
||||
return r;
|
||||
|
||||
xbootldr_mounted = mount_partition(m->partitions + PARTITION_XBOOTLDR, where, "/boot", uid_shift, flags);
|
||||
if (xbootldr_mounted < 0)
|
||||
return xbootldr_mounted;
|
||||
boot_mounted = mount_partition(m->partitions + PARTITION_XBOOTLDR, where, "/boot", uid_shift, flags);
|
||||
if (boot_mounted < 0)
|
||||
return boot_mounted;
|
||||
|
||||
if (m->partitions[PARTITION_ESP].found) {
|
||||
int esp_done = false;
|
||||
|
||||
/* Mount the ESP to /efi if it exists. If it doesn't exist, use /boot instead, but only if it
|
||||
* exists and is empty, and we didn't already mount the XBOOTLDR partition into it. */
|
||||
|
||||
r = chase_symlinks("/efi", where, CHASE_PREFIX_ROOT, NULL, NULL);
|
||||
if (r < 0) {
|
||||
if (r != -ENOENT)
|
||||
return r;
|
||||
|
||||
/* /efi doesn't exist. Let's see if /boot is suitable then */
|
||||
|
||||
if (!xbootldr_mounted) {
|
||||
_cleanup_free_ char *p = NULL;
|
||||
|
||||
r = chase_symlinks("/boot", where, CHASE_PREFIX_ROOT, &p, NULL);
|
||||
if (r < 0) {
|
||||
if (r != -ENOENT)
|
||||
return r;
|
||||
} else if (dir_is_empty(p) > 0) {
|
||||
/* It exists and is an empty directory. Let's mount the ESP there. */
|
||||
r = mount_partition(m->partitions + PARTITION_ESP, where, "/boot", uid_shift, flags);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
esp_done = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!esp_done) {
|
||||
/* OK, let's mount the ESP now to /efi (possibly creating the dir if missing) */
|
||||
|
||||
if (r >= 0) {
|
||||
r = mount_partition(m->partitions + PARTITION_ESP, where, "/efi", uid_shift, flags);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
} else if (boot_mounted <= 0) {
|
||||
_cleanup_free_ char *p = NULL;
|
||||
|
||||
r = chase_symlinks("/boot", where, CHASE_PREFIX_ROOT, &p, NULL);
|
||||
if (r >= 0 && dir_is_empty(p) > 0) {
|
||||
r = mount_partition(m->partitions + PARTITION_ESP, where, "/boot", uid_shift, flags);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,14 +0,0 @@
|
|||
#!/usr/bin/env python3
|
||||
import sys
|
||||
import os
|
||||
|
||||
s390 = 's390' in os.uname().machine
|
||||
arm = 'arm' in os.uname().machine
|
||||
|
||||
for line in open(sys.argv[1]):
|
||||
if line.startswith('s390_') and not s390:
|
||||
continue
|
||||
if line.startswith('arm_') and not arm:
|
||||
continue
|
||||
|
||||
print('"{}\\0"'.format(line.strip()))
|
||||
|
|
@ -76,10 +76,12 @@ static bool unit_file_install_info_has_also(const UnitFileInstallInfo *i) {
|
|||
}
|
||||
|
||||
void unit_file_presets_freep(UnitFilePresets *p) {
|
||||
size_t i;
|
||||
|
||||
if (!p)
|
||||
return;
|
||||
|
||||
for (size_t i = 0; i < p->n_rules; i++) {
|
||||
for (i = 0; i < p->n_rules; i++) {
|
||||
free(p->rules[i].pattern);
|
||||
strv_free(p->rules[i].instances);
|
||||
}
|
||||
|
|
@ -288,9 +290,11 @@ int unit_file_changes_add(
|
|||
}
|
||||
|
||||
void unit_file_changes_free(UnitFileChange *changes, size_t n_changes) {
|
||||
size_t i;
|
||||
|
||||
assert(changes || n_changes == 0);
|
||||
|
||||
for (size_t i = 0; i < n_changes; i++) {
|
||||
for (i = 0; i < n_changes; i++) {
|
||||
free(changes[i].path);
|
||||
free(changes[i].source);
|
||||
}
|
||||
|
|
@ -299,13 +303,14 @@ void unit_file_changes_free(UnitFileChange *changes, size_t n_changes) {
|
|||
}
|
||||
|
||||
void unit_file_dump_changes(int r, const char *verb, const UnitFileChange *changes, size_t n_changes, bool quiet) {
|
||||
size_t i;
|
||||
bool logged = false;
|
||||
|
||||
assert(changes || n_changes == 0);
|
||||
/* If verb is not specified, errors are not allowed! */
|
||||
assert(verb || r >= 0);
|
||||
|
||||
for (size_t i = 0; i < n_changes; i++) {
|
||||
for (i = 0; i < n_changes; i++) {
|
||||
assert(verb || changes[i].type >= 0);
|
||||
|
||||
switch(changes[i].type) {
|
||||
|
|
@ -3050,17 +3055,20 @@ static int pattern_match_multiple_instances(
|
|||
|
||||
/* Compose a list of specified instances when unit name is a template */
|
||||
if (unit_name_is_valid(unit_name, UNIT_NAME_TEMPLATE)) {
|
||||
_cleanup_free_ char *prefix = NULL;
|
||||
_cleanup_strv_free_ char **out_strv = NULL;
|
||||
|
||||
char **iter;
|
||||
|
||||
r = unit_name_to_prefix(unit_name, &prefix);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
STRV_FOREACH(iter, rule.instances) {
|
||||
_cleanup_free_ char *name = NULL;
|
||||
|
||||
r = unit_name_replace_instance(unit_name, *iter, &name);
|
||||
r = unit_name_build(prefix, *iter, ".service", &name);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = strv_consume(&out_strv, TAKE_PTR(name));
|
||||
r = strv_extend(&out_strv, name);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
|
@ -3083,11 +3091,12 @@ static int pattern_match_multiple_instances(
|
|||
|
||||
static int query_presets(const char *name, const UnitFilePresets *presets, char ***instance_name_list) {
|
||||
PresetAction action = PRESET_UNKNOWN;
|
||||
|
||||
size_t i;
|
||||
char **s;
|
||||
if (!unit_name_is_valid(name, UNIT_NAME_ANY))
|
||||
return -EINVAL;
|
||||
|
||||
for (size_t i = 0; i < presets->n_rules; i++)
|
||||
for (i = 0; i < presets->n_rules; i++)
|
||||
if (pattern_match_multiple_instances(presets->rules[i], name, instance_name_list) > 0 ||
|
||||
fnmatch(presets->rules[i].pattern, name, FNM_NOESCAPE) == 0) {
|
||||
action = presets->rules[i].action;
|
||||
|
|
@ -3099,11 +3108,10 @@ static int query_presets(const char *name, const UnitFilePresets *presets, char
|
|||
log_debug("Preset files don't specify rule for %s. Enabling.", name);
|
||||
return 1;
|
||||
case PRESET_ENABLE:
|
||||
if (instance_name_list && *instance_name_list) {
|
||||
char **s;
|
||||
if (instance_name_list && *instance_name_list)
|
||||
STRV_FOREACH(s, *instance_name_list)
|
||||
log_debug("Preset files say enable %s.", *s);
|
||||
} else
|
||||
else
|
||||
log_debug("Preset files say enable %s.", name);
|
||||
return 1;
|
||||
case PRESET_DISABLE:
|
||||
|
|
|
|||
|
|
@ -47,42 +47,18 @@ static int loop_configure(int fd, const struct loop_config *c) {
|
|||
if (!ERRNO_IS_NOT_SUPPORTED(errno) && errno != EINVAL)
|
||||
return -errno;
|
||||
} else {
|
||||
bool good = true;
|
||||
|
||||
if (c->info.lo_sizelimit != 0) {
|
||||
/* Kernel 5.8 vanilla doesn't properly propagate the size limit into the block
|
||||
* device. If it's used, let's immediately check if it had the desired effect
|
||||
* hence. And if not use classic LOOP_SET_STATUS64. */
|
||||
uint64_t z;
|
||||
|
||||
if (ioctl(fd, BLKGETSIZE64, &z) < 0) {
|
||||
r = -errno;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (z != c->info.lo_sizelimit) {
|
||||
log_debug("LOOP_CONFIGURE is broken, doesn't honour .lo_sizelimit. Falling back to LOOP_SET_STATUS64.");
|
||||
good = false;
|
||||
}
|
||||
}
|
||||
|
||||
if (FLAGS_SET(c->info.lo_flags, LO_FLAGS_PARTSCAN)) {
|
||||
/* Kernel 5.8 vanilla doesn't properly propagate the partition scanning flag into the
|
||||
* block device. Let's hence verify if things work correctly here before
|
||||
* returning. */
|
||||
|
||||
r = blockdev_partscan_enabled(fd);
|
||||
if (r < 0)
|
||||
goto fail;
|
||||
if (r == 0) {
|
||||
log_debug("LOOP_CONFIGURE is broken, doesn't honour LO_FLAGS_PARTSCAN. Falling back to LOOP_SET_STATUS64.");
|
||||
good = false;
|
||||
}
|
||||
}
|
||||
|
||||
if (good)
|
||||
if (!FLAGS_SET(c->info.lo_flags, LO_FLAGS_PARTSCAN))
|
||||
return 0;
|
||||
|
||||
/* Kernel 5.8 vanilla doesn't properly propagate the partition scanning flag into the
|
||||
* block device. Let's hence verify if things work correctly here before returning. */
|
||||
|
||||
r = blockdev_partscan_enabled(fd);
|
||||
if (r < 0)
|
||||
goto fail;
|
||||
if (r > 0)
|
||||
return 0; /* All is good. */
|
||||
|
||||
/* Otherwise, undo the attachment and use the old APIs */
|
||||
(void) ioctl(fd, LOOP_CLR_FD);
|
||||
}
|
||||
|
|
@ -496,18 +472,3 @@ int loop_device_flock(LoopDevice *d, int operation) {
|
|||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int loop_device_sync(LoopDevice *d) {
|
||||
assert(d);
|
||||
|
||||
/* We also do this implicitly in loop_device_unref(). Doing this explicitly here has the benefit that
|
||||
* we can check the return value though. */
|
||||
|
||||
if (d->fd < 0)
|
||||
return -EBADF;
|
||||
|
||||
if (fsync(d->fd) < 0)
|
||||
return -errno;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,4 +26,3 @@ void loop_device_relinquish(LoopDevice *d);
|
|||
int loop_device_refresh_size(LoopDevice *d, uint64_t offset, uint64_t size);
|
||||
|
||||
int loop_device_flock(LoopDevice *d, int operation);
|
||||
int loop_device_sync(LoopDevice *d);
|
||||
|
|
|
|||
|
|
@ -166,8 +166,6 @@ shared_sources = files('''
|
|||
macvlan-util.c
|
||||
macvlan-util.h
|
||||
main-func.h
|
||||
mkfs-util.c
|
||||
mkfs-util.h
|
||||
module-util.h
|
||||
mount-util.c
|
||||
mount-util.h
|
||||
|
|
@ -266,16 +264,6 @@ endif
|
|||
test_tables_h = files('test-tables.h')
|
||||
shared_sources += test_tables_h
|
||||
|
||||
generate_syscall_list = find_program('generate-syscall-list.py')
|
||||
fname = 'syscall-list.h'
|
||||
syscall_list_h = custom_target(
|
||||
fname,
|
||||
input : 'syscall-names.text',
|
||||
output : fname,
|
||||
command : [generate_syscall_list,
|
||||
'@INPUT@'],
|
||||
capture : true)
|
||||
|
||||
if conf.get('HAVE_ACL') == 1
|
||||
shared_sources += files('acl-util.c')
|
||||
endif
|
||||
|
|
@ -286,7 +274,6 @@ endif
|
|||
|
||||
if conf.get('HAVE_SECCOMP') == 1
|
||||
shared_sources += files('seccomp-util.c')
|
||||
shared_sources += syscall_list_h
|
||||
endif
|
||||
|
||||
if conf.get('HAVE_LIBIPTC') == 1
|
||||
|
|
@ -391,9 +378,3 @@ libshared = shared_library(
|
|||
dependencies : libshared_deps,
|
||||
install : true,
|
||||
install_dir : rootlibexecdir)
|
||||
|
||||
############################################################
|
||||
|
||||
run_target(
|
||||
'syscall-names-update',
|
||||
command : [syscall_names_update_sh, meson.current_source_dir()])
|
||||
|
|
|
|||
|
|
@ -1,135 +0,0 @@
|
|||
/* SPDX-License-Identifier: LGPL-2.1+ */
|
||||
|
||||
#include "id128-util.h"
|
||||
#include "mkfs-util.h"
|
||||
#include "path-util.h"
|
||||
#include "process-util.h"
|
||||
#include "stdio-util.h"
|
||||
#include "string-util.h"
|
||||
|
||||
int mkfs_exists(const char *fstype) {
|
||||
const char *mkfs;
|
||||
int r;
|
||||
|
||||
assert(fstype);
|
||||
|
||||
if (STR_IN_SET(fstype, "auto", "swap")) /* these aren't real file system types, refuse early */
|
||||
return -EINVAL;
|
||||
|
||||
mkfs = strjoina("mkfs.", fstype);
|
||||
if (!filename_is_valid(mkfs)) /* refuse file system types with slashes and similar */
|
||||
return -EINVAL;
|
||||
|
||||
r = find_binary(mkfs, NULL);
|
||||
if (r == -ENOENT)
|
||||
return false;
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
int make_filesystem(
|
||||
const char *node,
|
||||
const char *fstype,
|
||||
const char *label,
|
||||
sd_id128_t uuid,
|
||||
bool discard) {
|
||||
|
||||
_cleanup_free_ char *mkfs = NULL;
|
||||
int r;
|
||||
|
||||
assert(node);
|
||||
assert(fstype);
|
||||
assert(label);
|
||||
|
||||
if (streq(fstype, "swap")) {
|
||||
r = find_binary("mkswap", &mkfs);
|
||||
if (r == -ENOENT)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EPROTONOSUPPORT), "mkswap binary not available.");
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to determine whether mkswap binary exists: %m");
|
||||
} else {
|
||||
r = mkfs_exists(fstype);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to determine whether mkfs binary for %s exists: %m", fstype);
|
||||
if (r == 0)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EPROTONOSUPPORT), "mkfs binary for %s is not available.", fstype);
|
||||
|
||||
mkfs = strjoin("mkfs.", fstype);
|
||||
if (!mkfs)
|
||||
return log_oom();
|
||||
}
|
||||
|
||||
r = safe_fork("(mkfs)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_STDOUT_TO_STDERR, NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
char suuid[ID128_UUID_STRING_MAX];
|
||||
|
||||
/* Child */
|
||||
id128_to_uuid_string(uuid, suuid);
|
||||
|
||||
if (streq(fstype, "ext4"))
|
||||
(void) execlp(mkfs, mkfs,
|
||||
"-L", label,
|
||||
"-U", suuid,
|
||||
"-I", "256",
|
||||
"-O", "has_journal",
|
||||
"-m", "0",
|
||||
"-E", discard ? "lazy_itable_init=1,discard" : "lazy_itable_init=1,nodiscard",
|
||||
node, NULL);
|
||||
|
||||
else if (streq(fstype, "btrfs")) {
|
||||
if (discard)
|
||||
(void) execlp(mkfs, mkfs, "-L", label, "-U", suuid, node, NULL);
|
||||
else
|
||||
(void) execlp(mkfs, mkfs, "-L", label, "-U", suuid, "--nodiscard", node, NULL);
|
||||
|
||||
} else if (streq(fstype, "xfs")) {
|
||||
const char *j;
|
||||
|
||||
j = strjoina("uuid=", suuid);
|
||||
if (discard)
|
||||
(void) execlp(mkfs, mkfs, "-L", label, "-m", j, "-m", "reflink=1", node, NULL);
|
||||
else
|
||||
(void) execlp(mkfs, mkfs, "-L", label, "-m", j, "-m", "reflink=1", "-K", node, NULL);
|
||||
|
||||
} else if (streq(fstype, "vfat")) {
|
||||
char mangled_label[8 + 3 + 1], vol_id[8 + 1];
|
||||
|
||||
/* Classic FAT only allows 11 character uppercase labels */
|
||||
strncpy(mangled_label, label, sizeof(mangled_label)-1);
|
||||
mangled_label[sizeof(mangled_label)-1] = 0;
|
||||
ascii_strupper(mangled_label);
|
||||
|
||||
xsprintf(vol_id, "%08" PRIx32,
|
||||
((uint32_t) uuid.bytes[0] << 24) |
|
||||
((uint32_t) uuid.bytes[1] << 16) |
|
||||
((uint32_t) uuid.bytes[2] << 8) |
|
||||
((uint32_t) uuid.bytes[3])); /* Take first 32 byte of UUID */
|
||||
|
||||
(void) execlp(mkfs, mkfs,
|
||||
"-i", vol_id,
|
||||
"-n", mangled_label,
|
||||
"-F", "32", /* yes, we force FAT32 here */
|
||||
node, NULL);
|
||||
|
||||
} else if (streq(fstype, "swap")) {
|
||||
|
||||
(void) execlp(mkfs, mkfs,
|
||||
"-L", label,
|
||||
"-U", suuid,
|
||||
node, NULL);
|
||||
|
||||
} else
|
||||
/* Generic fallback for all other file systems */
|
||||
(void) execlp(mkfs, mkfs, node, NULL);
|
||||
|
||||
log_error_errno(errno, "Failed to execute %s: %m", mkfs);
|
||||
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
/* SPDX-License-Identifier: LGPL-2.1+ */
|
||||
#pragma once
|
||||
|
||||
#include <stdbool.h>
|
||||
|
||||
#include "sd-id128.h"
|
||||
|
||||
int mkfs_exists(const char *fstype);
|
||||
|
||||
int make_filesystem(const char *node, const char *fstype, const char *label, sd_id128_t uuid, bool discard);
|
||||
|
|
@ -902,50 +902,30 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = {
|
|||
"timerfd_settime64\0"
|
||||
"times\0"
|
||||
},
|
||||
[SYSCALL_FILTER_SET_KNOWN] = {
|
||||
.name = "@known",
|
||||
.help = "All known syscalls declared in the kernel",
|
||||
.value =
|
||||
#include "syscall-list.h"
|
||||
},
|
||||
};
|
||||
|
||||
const SyscallFilterSet *syscall_filter_set_find(const char *name) {
|
||||
unsigned i;
|
||||
|
||||
if (isempty(name) || name[0] != '@')
|
||||
return NULL;
|
||||
|
||||
for (unsigned i = 0; i < _SYSCALL_FILTER_SET_MAX; i++)
|
||||
for (i = 0; i < _SYSCALL_FILTER_SET_MAX; i++)
|
||||
if (streq(syscall_filter_sets[i].name, name))
|
||||
return syscall_filter_sets + i;
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
static int add_syscall_filter_set(
|
||||
scmp_filter_ctx seccomp,
|
||||
const SyscallFilterSet *set,
|
||||
uint32_t action,
|
||||
char **exclude,
|
||||
bool log_missing,
|
||||
char ***added);
|
||||
|
||||
int seccomp_add_syscall_filter_item(
|
||||
scmp_filter_ctx *seccomp,
|
||||
const char *name,
|
||||
uint32_t action,
|
||||
char **exclude,
|
||||
bool log_missing,
|
||||
char ***added) {
|
||||
static int seccomp_add_syscall_filter_set(scmp_filter_ctx seccomp, const SyscallFilterSet *set, uint32_t action, char **exclude, bool log_missing);
|
||||
|
||||
int seccomp_add_syscall_filter_item(scmp_filter_ctx *seccomp, const char *name, uint32_t action, char **exclude, bool log_missing) {
|
||||
assert(seccomp);
|
||||
assert(name);
|
||||
|
||||
if (strv_contains(exclude, name))
|
||||
return 0;
|
||||
|
||||
/* Any syscalls that are handled are added to the *added strv. The pointer
|
||||
* must be either NULL or point to a valid pre-initialized possibly-empty strv. */
|
||||
|
||||
if (name[0] == '@') {
|
||||
const SyscallFilterSet *other;
|
||||
|
||||
|
|
@ -955,7 +935,7 @@ int seccomp_add_syscall_filter_item(
|
|||
"Filter set %s is not known!",
|
||||
name);
|
||||
|
||||
return add_syscall_filter_set(seccomp, other, action, exclude, log_missing, added);
|
||||
return seccomp_add_syscall_filter_set(seccomp, other, action, exclude, log_missing);
|
||||
|
||||
} else {
|
||||
int id, r;
|
||||
|
|
@ -979,34 +959,25 @@ int seccomp_add_syscall_filter_item(
|
|||
return r;
|
||||
}
|
||||
|
||||
if (added) {
|
||||
r = strv_extend(added, name);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
static int add_syscall_filter_set(
|
||||
static int seccomp_add_syscall_filter_set(
|
||||
scmp_filter_ctx seccomp,
|
||||
const SyscallFilterSet *set,
|
||||
uint32_t action,
|
||||
char **exclude,
|
||||
bool log_missing,
|
||||
char ***added) {
|
||||
bool log_missing) {
|
||||
|
||||
const char *sys;
|
||||
int r;
|
||||
|
||||
/* Any syscalls that are handled are added to the *added strv. It needs to be initialized. */
|
||||
|
||||
assert(seccomp);
|
||||
assert(set);
|
||||
|
||||
NULSTR_FOREACH(sys, set->value) {
|
||||
r = seccomp_add_syscall_filter_item(seccomp, sys, action, exclude, log_missing, added);
|
||||
r = seccomp_add_syscall_filter_item(seccomp, sys, action, exclude, log_missing);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
|
@ -1032,7 +1003,7 @@ int seccomp_load_syscall_filter_set(uint32_t default_action, const SyscallFilter
|
|||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = add_syscall_filter_set(seccomp, set, action, NULL, log_missing, NULL);
|
||||
r = seccomp_add_syscall_filter_set(seccomp, set, action, NULL, log_missing);
|
||||
if (r < 0)
|
||||
return log_debug_errno(r, "Failed to add filter set: %m");
|
||||
|
||||
|
|
@ -1189,6 +1160,7 @@ int seccomp_restrict_namespaces(unsigned long retain) {
|
|||
|
||||
SECCOMP_FOREACH_LOCAL_ARCH(arch) {
|
||||
_cleanup_(seccomp_releasep) scmp_filter_ctx seccomp = NULL;
|
||||
unsigned i;
|
||||
|
||||
log_debug("Operating on architecture: %s", seccomp_arch_to_string(arch));
|
||||
|
||||
|
|
@ -1218,7 +1190,7 @@ int seccomp_restrict_namespaces(unsigned long retain) {
|
|||
continue;
|
||||
}
|
||||
|
||||
for (unsigned i = 0; namespace_flag_map[i].name; i++) {
|
||||
for (i = 0; namespace_flag_map[i].name; i++) {
|
||||
unsigned long f;
|
||||
|
||||
f = namespace_flag_map[i].flag;
|
||||
|
|
@ -1412,7 +1384,7 @@ int seccomp_restrict_address_families(Set *address_families, bool allow_list) {
|
|||
return r;
|
||||
|
||||
if (allow_list) {
|
||||
int first = 0, last = 0;
|
||||
int af, first = 0, last = 0;
|
||||
void *afp;
|
||||
|
||||
/* If this is an allow list, we first block the address families that are out of
|
||||
|
|
@ -1420,7 +1392,7 @@ int seccomp_restrict_address_families(Set *address_families, bool allow_list) {
|
|||
* highest address family in the set. */
|
||||
|
||||
SET_FOREACH(afp, address_families, i) {
|
||||
int af = PTR_TO_INT(afp);
|
||||
af = PTR_TO_INT(afp);
|
||||
|
||||
if (af <= 0 || af >= af_max())
|
||||
continue;
|
||||
|
|
@ -1474,7 +1446,7 @@ int seccomp_restrict_address_families(Set *address_families, bool allow_list) {
|
|||
}
|
||||
|
||||
/* Block everything between the first and last entry */
|
||||
for (int af = 1; af < af_max(); af++) {
|
||||
for (af = 1; af < af_max(); af++) {
|
||||
|
||||
if (set_contains(address_families, INT_TO_PTR(af)))
|
||||
continue;
|
||||
|
|
@ -1501,6 +1473,7 @@ int seccomp_restrict_address_families(Set *address_families, bool allow_list) {
|
|||
* then combined in OR checks. */
|
||||
|
||||
SET_FOREACH(af, address_families, i) {
|
||||
|
||||
r = seccomp_rule_add_exact(
|
||||
seccomp,
|
||||
SCMP_ACT_ERRNO(EAFNOSUPPORT),
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ typedef struct SyscallFilterSet {
|
|||
} SyscallFilterSet;
|
||||
|
||||
enum {
|
||||
/* Please leave DEFAULT first and KNOWN last, but sort the rest alphabetically */
|
||||
/* Please leave DEFAULT first, but sort the rest alphabetically */
|
||||
SYSCALL_FILTER_SET_DEFAULT,
|
||||
SYSCALL_FILTER_SET_AIO,
|
||||
SYSCALL_FILTER_SET_BASIC_IO,
|
||||
|
|
@ -50,7 +50,6 @@ enum {
|
|||
SYSCALL_FILTER_SET_SYNC,
|
||||
SYSCALL_FILTER_SET_SYSTEM_SERVICE,
|
||||
SYSCALL_FILTER_SET_TIMER,
|
||||
SYSCALL_FILTER_SET_KNOWN,
|
||||
_SYSCALL_FILTER_SET_MAX
|
||||
};
|
||||
|
||||
|
|
@ -60,13 +59,7 @@ const SyscallFilterSet *syscall_filter_set_find(const char *name);
|
|||
|
||||
int seccomp_filter_set_add(Hashmap *s, bool b, const SyscallFilterSet *set);
|
||||
|
||||
int seccomp_add_syscall_filter_item(
|
||||
scmp_filter_ctx *ctx,
|
||||
const char *name,
|
||||
uint32_t action,
|
||||
char **exclude,
|
||||
bool log_missing,
|
||||
char ***added);
|
||||
int seccomp_add_syscall_filter_item(scmp_filter_ctx *ctx, const char *name, uint32_t action, char **exclude, bool log_missing);
|
||||
|
||||
int seccomp_load_syscall_filter_set(uint32_t default_action, const SyscallFilterSet *set, uint32_t action, bool log_missing);
|
||||
int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, uint32_t action, bool log_missing);
|
||||
|
|
|
|||
|
|
@ -1,597 +0,0 @@
|
|||
_llseek
|
||||
_newselect
|
||||
_sysctl
|
||||
accept
|
||||
accept4
|
||||
access
|
||||
acct
|
||||
add_key
|
||||
adjtimex
|
||||
alarm
|
||||
arc_gettls
|
||||
arc_settls
|
||||
arc_usr_cmpxchg
|
||||
arch_prctl
|
||||
arm_fadvise64_64
|
||||
arm_sync_file_range
|
||||
atomic_barrier
|
||||
atomic_cmpxchg_32
|
||||
bdflush
|
||||
bfin_spinlock
|
||||
bind
|
||||
bpf
|
||||
brk
|
||||
cache_sync
|
||||
cachectl
|
||||
cacheflush
|
||||
capget
|
||||
capset
|
||||
chdir
|
||||
chmod
|
||||
chown
|
||||
chown32
|
||||
chroot
|
||||
clock_adjtime
|
||||
clock_adjtime64
|
||||
clock_getres
|
||||
clock_getres_time64
|
||||
clock_gettime
|
||||
clock_gettime64
|
||||
clock_nanosleep
|
||||
clock_nanosleep_time64
|
||||
clock_settime
|
||||
clock_settime64
|
||||
clone
|
||||
clone2
|
||||
clone3
|
||||
close
|
||||
close_range
|
||||
connect
|
||||
copy_file_range
|
||||
creat
|
||||
create_module
|
||||
delete_module
|
||||
dipc
|
||||
dup
|
||||
dup2
|
||||
dup3
|
||||
epoll_create
|
||||
epoll_create1
|
||||
epoll_ctl
|
||||
epoll_ctl_old
|
||||
epoll_pwait
|
||||
epoll_wait
|
||||
epoll_wait_old
|
||||
eventfd
|
||||
eventfd2
|
||||
exec_with_loader
|
||||
execv
|
||||
execve
|
||||
execveat
|
||||
exit
|
||||
exit_group
|
||||
faccessat
|
||||
faccessat2
|
||||
fadvise64
|
||||
fadvise64_64
|
||||
fallocate
|
||||
fanotify_init
|
||||
fanotify_mark
|
||||
fchdir
|
||||
fchmod
|
||||
fchmodat
|
||||
fchown
|
||||
fchown32
|
||||
fchownat
|
||||
fcntl
|
||||
fcntl64
|
||||
fdatasync
|
||||
fgetxattr
|
||||
finit_module
|
||||
flistxattr
|
||||
flock
|
||||
fork
|
||||
fp_udfiex_crtl
|
||||
fremovexattr
|
||||
fsconfig
|
||||
fsetxattr
|
||||
fsmount
|
||||
fsopen
|
||||
fspick
|
||||
fstat
|
||||
fstat64
|
||||
fstatat64
|
||||
fstatfs
|
||||
fstatfs64
|
||||
fsync
|
||||
ftruncate
|
||||
ftruncate64
|
||||
futex
|
||||
futex_time64
|
||||
futimesat
|
||||
get_kernel_syms
|
||||
get_mempolicy
|
||||
get_robust_list
|
||||
get_thread_area
|
||||
getcpu
|
||||
getcwd
|
||||
getdents
|
||||
getdents64
|
||||
getdomainname
|
||||
getdtablesize
|
||||
getegid
|
||||
getegid32
|
||||
geteuid
|
||||
geteuid32
|
||||
getgid
|
||||
getgid32
|
||||
getgroups
|
||||
getgroups32
|
||||
gethostname
|
||||
getitimer
|
||||
getpagesize
|
||||
getpeername
|
||||
getpgid
|
||||
getpgrp
|
||||
getpid
|
||||
getpmsg
|
||||
getppid
|
||||
getpriority
|
||||
getrandom
|
||||
getresgid
|
||||
getresgid32
|
||||
getresuid
|
||||
getresuid32
|
||||
getrlimit
|
||||
getrusage
|
||||
getsid
|
||||
getsockname
|
||||
getsockopt
|
||||
gettid
|
||||
gettimeofday
|
||||
getuid
|
||||
getuid32
|
||||
getunwind
|
||||
getxattr
|
||||
getxgid
|
||||
getxpid
|
||||
getxuid
|
||||
idle
|
||||
init_module
|
||||
inotify_add_watch
|
||||
inotify_init
|
||||
inotify_init1
|
||||
inotify_rm_watch
|
||||
io_cancel
|
||||
io_destroy
|
||||
io_getevents
|
||||
io_pgetevents
|
||||
io_pgetevents_time64
|
||||
io_setup
|
||||
io_submit
|
||||
io_uring_enter
|
||||
io_uring_register
|
||||
io_uring_setup
|
||||
ioctl
|
||||
ioperm
|
||||
iopl
|
||||
ioprio_get
|
||||
ioprio_set
|
||||
ipc
|
||||
kcmp
|
||||
kern_features
|
||||
kexec_file_load
|
||||
kexec_load
|
||||
keyctl
|
||||
kill
|
||||
lchown
|
||||
lchown32
|
||||
lgetxattr
|
||||
link
|
||||
linkat
|
||||
listen
|
||||
listxattr
|
||||
llistxattr
|
||||
lookup_dcookie
|
||||
lremovexattr
|
||||
lseek
|
||||
lsetxattr
|
||||
lstat
|
||||
lstat64
|
||||
madvise
|
||||
mbind
|
||||
membarrier
|
||||
memfd_create
|
||||
memory_ordering
|
||||
migrate_pages
|
||||
mincore
|
||||
mkdir
|
||||
mkdirat
|
||||
mknod
|
||||
mknodat
|
||||
mlock
|
||||
mlock2
|
||||
mlockall
|
||||
mmap
|
||||
mmap2
|
||||
modify_ldt
|
||||
mount
|
||||
move_mount
|
||||
move_pages
|
||||
mprotect
|
||||
mq_getsetattr
|
||||
mq_notify
|
||||
mq_open
|
||||
mq_timedreceive
|
||||
mq_timedreceive_time64
|
||||
mq_timedsend
|
||||
mq_timedsend_time64
|
||||
mq_unlink
|
||||
mremap
|
||||
msgctl
|
||||
msgget
|
||||
msgrcv
|
||||
msgsnd
|
||||
msync
|
||||
multiplexer
|
||||
munlock
|
||||
munlockall
|
||||
munmap
|
||||
name_to_handle_at
|
||||
nanosleep
|
||||
newfstatat
|
||||
nfsservctl
|
||||
ni_syscall
|
||||
nice
|
||||
old_adjtimex
|
||||
old_getpagesize
|
||||
oldfstat
|
||||
oldlstat
|
||||
oldolduname
|
||||
oldstat
|
||||
oldumount
|
||||
olduname
|
||||
open
|
||||
open_by_handle_at
|
||||
open_tree
|
||||
openat
|
||||
openat2
|
||||
or1k_atomic
|
||||
osf_adjtime
|
||||
osf_afs_syscall
|
||||
osf_alt_plock
|
||||
osf_alt_setsid
|
||||
osf_alt_sigpending
|
||||
osf_asynch_daemon
|
||||
osf_audcntl
|
||||
osf_audgen
|
||||
osf_chflags
|
||||
osf_execve
|
||||
osf_exportfs
|
||||
osf_fchflags
|
||||
osf_fdatasync
|
||||
osf_fpathconf
|
||||
osf_fstat
|
||||
osf_fstatfs
|
||||
osf_fstatfs64
|
||||
osf_fuser
|
||||
osf_getaddressconf
|
||||
osf_getdirentries
|
||||
osf_getdomainname
|
||||
osf_getfh
|
||||
osf_getfsstat
|
||||
osf_gethostid
|
||||
osf_getitimer
|
||||
osf_getlogin
|
||||
osf_getmnt
|
||||
osf_getrusage
|
||||
osf_getsysinfo
|
||||
osf_gettimeofday
|
||||
osf_kloadcall
|
||||
osf_kmodcall
|
||||
osf_lstat
|
||||
osf_memcntl
|
||||
osf_mincore
|
||||
osf_mount
|
||||
osf_mremap
|
||||
osf_msfs_syscall
|
||||
osf_msleep
|
||||
osf_mvalid
|
||||
osf_mwakeup
|
||||
osf_naccept
|
||||
osf_nfssvc
|
||||
osf_ngetpeername
|
||||
osf_ngetsockname
|
||||
osf_nrecvfrom
|
||||
osf_nrecvmsg
|
||||
osf_nsendmsg
|
||||
osf_ntp_adjtime
|
||||
osf_ntp_gettime
|
||||
osf_old_creat
|
||||
osf_old_fstat
|
||||
osf_old_getpgrp
|
||||
osf_old_killpg
|
||||
osf_old_lstat
|
||||
osf_old_open
|
||||
osf_old_sigaction
|
||||
osf_old_sigblock
|
||||
osf_old_sigreturn
|
||||
osf_old_sigsetmask
|
||||
osf_old_sigvec
|
||||
osf_old_stat
|
||||
osf_old_vadvise
|
||||
osf_old_vtrace
|
||||
osf_old_wait
|
||||
osf_oldquota
|
||||
osf_pathconf
|
||||
osf_pid_block
|
||||
osf_pid_unblock
|
||||
osf_plock
|
||||
osf_priocntlset
|
||||
osf_profil
|
||||
osf_proplist_syscall
|
||||
osf_reboot
|
||||
osf_revoke
|
||||
osf_sbrk
|
||||
osf_security
|
||||
osf_select
|
||||
osf_set_program_attributes
|
||||
osf_set_speculative
|
||||
osf_sethostid
|
||||
osf_setitimer
|
||||
osf_setlogin
|
||||
osf_setsysinfo
|
||||
osf_settimeofday
|
||||
osf_shmat
|
||||
osf_signal
|
||||
osf_sigprocmask
|
||||
osf_sigsendset
|
||||
osf_sigstack
|
||||
osf_sigwaitprim
|
||||
osf_sstk
|
||||
osf_stat
|
||||
osf_statfs
|
||||
osf_statfs64
|
||||
osf_subsys_info
|
||||
osf_swapctl
|
||||
osf_swapon
|
||||
osf_syscall
|
||||
osf_sysinfo
|
||||
osf_table
|
||||
osf_uadmin
|
||||
osf_usleep_thread
|
||||
osf_uswitch
|
||||
osf_utc_adjtime
|
||||
osf_utc_gettime
|
||||
osf_utimes
|
||||
osf_utsname
|
||||
osf_wait4
|
||||
osf_waitid
|
||||
pause
|
||||
pciconfig_iobase
|
||||
pciconfig_read
|
||||
pciconfig_write
|
||||
perf_event_open
|
||||
perfctr
|
||||
perfmonctl
|
||||
personality
|
||||
pidfd_getfd
|
||||
pidfd_open
|
||||
pidfd_send_signal
|
||||
pipe
|
||||
pipe2
|
||||
pivot_root
|
||||
pkey_alloc
|
||||
pkey_free
|
||||
pkey_mprotect
|
||||
poll
|
||||
ppoll
|
||||
ppoll_time64
|
||||
prctl
|
||||
pread64
|
||||
preadv
|
||||
preadv2
|
||||
prlimit64
|
||||
process_vm_readv
|
||||
process_vm_writev
|
||||
pselect6
|
||||
pselect6_time64
|
||||
ptrace
|
||||
pwrite64
|
||||
pwritev
|
||||
pwritev2
|
||||
query_module
|
||||
quotactl
|
||||
read
|
||||
readahead
|
||||
readdir
|
||||
readlink
|
||||
readlinkat
|
||||
readv
|
||||
reboot
|
||||
recv
|
||||
recvfrom
|
||||
recvmmsg
|
||||
recvmmsg_time64
|
||||
recvmsg
|
||||
remap_file_pages
|
||||
removexattr
|
||||
rename
|
||||
renameat
|
||||
renameat2
|
||||
request_key
|
||||
restart_syscall
|
||||
riscv_flush_icache
|
||||
rmdir
|
||||
rseq
|
||||
rt_sigaction
|
||||
rt_sigpending
|
||||
rt_sigprocmask
|
||||
rt_sigqueueinfo
|
||||
rt_sigreturn
|
||||
rt_sigsuspend
|
||||
rt_sigtimedwait
|
||||
rt_sigtimedwait_time64
|
||||
rt_tgsigqueueinfo
|
||||
rtas
|
||||
s390_guarded_storage
|
||||
s390_pci_mmio_read
|
||||
s390_pci_mmio_write
|
||||
s390_runtime_instr
|
||||
s390_sthyi
|
||||
sched_get_affinity
|
||||
sched_get_priority_max
|
||||
sched_get_priority_min
|
||||
sched_getaffinity
|
||||
sched_getattr
|
||||
sched_getparam
|
||||
sched_getscheduler
|
||||
sched_rr_get_interval
|
||||
sched_rr_get_interval_time64
|
||||
sched_set_affinity
|
||||
sched_setaffinity
|
||||
sched_setattr
|
||||
sched_setparam
|
||||
sched_setscheduler
|
||||
sched_yield
|
||||
seccomp
|
||||
select
|
||||
semctl
|
||||
semget
|
||||
semop
|
||||
semtimedop
|
||||
semtimedop_time64
|
||||
send
|
||||
sendfile
|
||||
sendfile64
|
||||
sendmmsg
|
||||
sendmsg
|
||||
sendto
|
||||
set_mempolicy
|
||||
set_robust_list
|
||||
set_thread_area
|
||||
set_tid_address
|
||||
setdomainname
|
||||
setfsgid
|
||||
setfsgid32
|
||||
setfsuid
|
||||
setfsuid32
|
||||
setgid
|
||||
setgid32
|
||||
setgroups
|
||||
setgroups32
|
||||
sethae
|
||||
sethostname
|
||||
setitimer
|
||||
setns
|
||||
setpgid
|
||||
setpgrp
|
||||
setpriority
|
||||
setregid
|
||||
setregid32
|
||||
setresgid
|
||||
setresgid32
|
||||
setresuid
|
||||
setresuid32
|
||||
setreuid
|
||||
setreuid32
|
||||
setrlimit
|
||||
setsid
|
||||
setsockopt
|
||||
settimeofday
|
||||
setuid
|
||||
setuid32
|
||||
setxattr
|
||||
sgetmask
|
||||
shmat
|
||||
shmctl
|
||||
shmdt
|
||||
shmget
|
||||
shutdown
|
||||
sigaction
|
||||
sigaltstack
|
||||
signal
|
||||
signalfd
|
||||
signalfd4
|
||||
sigpending
|
||||
sigprocmask
|
||||
sigreturn
|
||||
sigsuspend
|
||||
socket
|
||||
socketcall
|
||||
socketpair
|
||||
splice
|
||||
spu_create
|
||||
spu_run
|
||||
ssetmask
|
||||
stat
|
||||
stat64
|
||||
statfs
|
||||
statfs64
|
||||
statx
|
||||
stime
|
||||
subpage_prot
|
||||
swapcontext
|
||||
swapoff
|
||||
swapon
|
||||
switch_endian
|
||||
symlink
|
||||
symlinkat
|
||||
sync
|
||||
sync_file_range
|
||||
sync_file_range2
|
||||
syncfs
|
||||
sys_debug_setcontext
|
||||
syscall
|
||||
sysfs
|
||||
sysinfo
|
||||
syslog
|
||||
sysmips
|
||||
tee
|
||||
tgkill
|
||||
time
|
||||
timer_create
|
||||
timer_delete
|
||||
timer_getoverrun
|
||||
timer_gettime
|
||||
timer_gettime64
|
||||
timer_settime
|
||||
timer_settime64
|
||||
timerfd
|
||||
timerfd_create
|
||||
timerfd_gettime
|
||||
timerfd_gettime64
|
||||
timerfd_settime
|
||||
timerfd_settime64
|
||||
times
|
||||
tkill
|
||||
truncate
|
||||
truncate64
|
||||
udftrap
|
||||
ugetrlimit
|
||||
umask
|
||||
umount
|
||||
umount2
|
||||
uname
|
||||
unlink
|
||||
unlinkat
|
||||
unshare
|
||||
uselib
|
||||
userfaultfd
|
||||
ustat
|
||||
utime
|
||||
utimensat
|
||||
utimensat_time64
|
||||
utimes
|
||||
utimesat
|
||||
utrap_install
|
||||
vfork
|
||||
vhangup
|
||||
vm86
|
||||
vm86old
|
||||
vmsplice
|
||||
wait4
|
||||
waitid
|
||||
waitpid
|
||||
write
|
||||
writev
|
||||
|
|
@ -160,8 +160,11 @@ static int lock_all_homes(void) {
|
|||
|
||||
r = sd_bus_call(bus, m, DEFAULT_TIMEOUT_USEC, &error, NULL);
|
||||
if (r < 0) {
|
||||
if (bus_error_is_unknown_service(&error))
|
||||
return log_debug("systemd-homed is not running, skipping locking of home directories.");
|
||||
if (sd_bus_error_has_name(&error, SD_BUS_ERROR_SERVICE_UNKNOWN) ||
|
||||
sd_bus_error_has_name(&error, SD_BUS_ERROR_NAME_HAS_NO_OWNER)) {
|
||||
log_debug("systemd-homed is not running, skipping locking of home directories.");
|
||||
return 0;
|
||||
}
|
||||
|
||||
return log_error_errno(r, "Failed to lock home directories: %s", bus_error_message(&error, r));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -279,17 +279,17 @@ static int translate_bus_error_to_exit_status(int r, const sd_bus_error *error)
|
|||
if (!sd_bus_error_is_set(error))
|
||||
return r;
|
||||
|
||||
if (sd_bus_error_has_names(error, SD_BUS_ERROR_ACCESS_DENIED,
|
||||
BUS_ERROR_ONLY_BY_DEPENDENCY,
|
||||
BUS_ERROR_NO_ISOLATION,
|
||||
BUS_ERROR_TRANSACTION_IS_DESTRUCTIVE))
|
||||
if (sd_bus_error_has_name(error, SD_BUS_ERROR_ACCESS_DENIED) ||
|
||||
sd_bus_error_has_name(error, BUS_ERROR_ONLY_BY_DEPENDENCY) ||
|
||||
sd_bus_error_has_name(error, BUS_ERROR_NO_ISOLATION) ||
|
||||
sd_bus_error_has_name(error, BUS_ERROR_TRANSACTION_IS_DESTRUCTIVE))
|
||||
return EXIT_NOPERMISSION;
|
||||
|
||||
if (sd_bus_error_has_name(error, BUS_ERROR_NO_SUCH_UNIT))
|
||||
return EXIT_NOTINSTALLED;
|
||||
|
||||
if (sd_bus_error_has_names(error, BUS_ERROR_JOB_TYPE_NOT_APPLICABLE,
|
||||
SD_BUS_ERROR_NOT_SUPPORTED))
|
||||
if (sd_bus_error_has_name(error, BUS_ERROR_JOB_TYPE_NOT_APPLICABLE) ||
|
||||
sd_bus_error_has_name(error, SD_BUS_ERROR_NOT_SUPPORTED))
|
||||
return EXIT_NOTIMPLEMENTED;
|
||||
|
||||
if (sd_bus_error_has_name(error, BUS_ERROR_LOAD_FAILED))
|
||||
|
|
@ -552,8 +552,8 @@ static int get_unit_list(
|
|||
return bus_log_create_error(r);
|
||||
|
||||
r = sd_bus_call(bus, m, 0, &error, &reply);
|
||||
if (r < 0 && (sd_bus_error_has_names(&error, SD_BUS_ERROR_UNKNOWN_METHOD,
|
||||
SD_BUS_ERROR_ACCESS_DENIED))) {
|
||||
if (r < 0 && (sd_bus_error_has_name(&error, SD_BUS_ERROR_UNKNOWN_METHOD) ||
|
||||
sd_bus_error_has_name(&error, SD_BUS_ERROR_ACCESS_DENIED))) {
|
||||
/* Fallback to legacy ListUnitsFiltered method */
|
||||
fallback = true;
|
||||
log_debug_errno(r, "Failed to list units: %s Falling back to ListUnitsFiltered method.", bus_error_message(&error, r));
|
||||
|
|
@ -2945,9 +2945,9 @@ fail:
|
|||
|
||||
log_error_errno(r, "Failed to %s %s: %s", job_type, name, bus_error_message(error, r));
|
||||
|
||||
if (!sd_bus_error_has_names(error, BUS_ERROR_NO_SUCH_UNIT,
|
||||
BUS_ERROR_UNIT_MASKED,
|
||||
BUS_ERROR_JOB_TYPE_NOT_APPLICABLE))
|
||||
if (!sd_bus_error_has_name(error, BUS_ERROR_NO_SUCH_UNIT) &&
|
||||
!sd_bus_error_has_name(error, BUS_ERROR_UNIT_MASKED) &&
|
||||
!sd_bus_error_has_name(error, BUS_ERROR_JOB_TYPE_NOT_APPLICABLE))
|
||||
log_error("See %s logs and 'systemctl%s status%s %s' for details.",
|
||||
arg_scope == UNIT_FILE_SYSTEM ? "system" : "user",
|
||||
arg_scope == UNIT_FILE_SYSTEM ? "" : " --user",
|
||||
|
|
|
|||
|
|
@ -458,8 +458,6 @@ int sd_bus_error_copy(sd_bus_error *dest, const sd_bus_error *e);
|
|||
int sd_bus_error_move(sd_bus_error *dest, sd_bus_error *e);
|
||||
int sd_bus_error_is_set(const sd_bus_error *e);
|
||||
int sd_bus_error_has_name(const sd_bus_error *e, const char *name);
|
||||
int sd_bus_error_has_names_sentinel(const sd_bus_error *e, ...) _sd_sentinel_;
|
||||
#define sd_bus_error_has_names(e, ...) sd_bus_error_has_names_sentinel(e, __VA_ARGS__, NULL)
|
||||
|
||||
#define SD_BUS_ERROR_MAP(_name, _code) \
|
||||
{ \
|
||||
|
|
|
|||
|
|
@ -163,6 +163,8 @@ static void test_protect_kernel_logs(void) {
|
|||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
PROTECT_HOME_NO,
|
||||
PROTECT_SYSTEM_NO,
|
||||
0,
|
||||
NULL,
|
||||
0,
|
||||
|
|
|
|||
|
|
@ -36,8 +36,6 @@ int main(int argc, char *argv[]) {
|
|||
.protect_control_groups = true,
|
||||
.protect_kernel_tunables = true,
|
||||
.protect_kernel_modules = true,
|
||||
.protect_proc = PROTECT_PROC_NOACCESS,
|
||||
.proc_subset = PROC_SUBSET_PID,
|
||||
};
|
||||
|
||||
char *root_directory;
|
||||
|
|
@ -78,6 +76,8 @@ int main(int argc, char *argv[]) {
|
|||
tmp_dir,
|
||||
var_tmp_dir,
|
||||
NULL,
|
||||
PROTECT_HOME_NO,
|
||||
PROTECT_SYSTEM_NO,
|
||||
0,
|
||||
NULL,
|
||||
0,
|
||||
|
|
|
|||
|
|
@ -124,9 +124,7 @@ static void test_filter_sets(void) {
|
|||
int fd, r;
|
||||
|
||||
/* If we look at the default set (or one that includes it), allow-list instead of deny-list */
|
||||
if (IN_SET(i, SYSCALL_FILTER_SET_DEFAULT,
|
||||
SYSCALL_FILTER_SET_SYSTEM_SERVICE,
|
||||
SYSCALL_FILTER_SET_KNOWN))
|
||||
if (IN_SET(i, SYSCALL_FILTER_SET_DEFAULT, SYSCALL_FILTER_SET_SYSTEM_SERVICE))
|
||||
r = seccomp_load_syscall_filter_set(SCMP_ACT_ERRNO(EUCLEAN), syscall_filter_sets + i, SCMP_ACT_ALLOW, true);
|
||||
else
|
||||
r = seccomp_load_syscall_filter_set(SCMP_ACT_ALLOW, syscall_filter_sets + i, SCMP_ACT_ERRNO(EUCLEAN), true);
|
||||
|
|
@ -150,25 +148,22 @@ static void test_filter_sets(void) {
|
|||
}
|
||||
|
||||
static void test_filter_sets_ordered(void) {
|
||||
size_t i;
|
||||
|
||||
log_info("/* %s */", __func__);
|
||||
|
||||
/* Ensure "@default" always remains at the beginning of the list */
|
||||
assert_se(SYSCALL_FILTER_SET_DEFAULT == 0);
|
||||
assert_se(streq(syscall_filter_sets[0].name, "@default"));
|
||||
|
||||
/* Ensure "@known" always remains at the end of the list */
|
||||
assert_se(SYSCALL_FILTER_SET_KNOWN == _SYSCALL_FILTER_SET_MAX - 1);
|
||||
assert_se(streq(syscall_filter_sets[SYSCALL_FILTER_SET_KNOWN].name, "@known"));
|
||||
|
||||
for (size_t i = 0; i < _SYSCALL_FILTER_SET_MAX; i++) {
|
||||
for (i = 0; i < _SYSCALL_FILTER_SET_MAX; i++) {
|
||||
const char *k, *p = NULL;
|
||||
|
||||
/* Make sure each group has a description */
|
||||
assert_se(!isempty(syscall_filter_sets[0].help));
|
||||
|
||||
/* Make sure the groups are ordered alphabetically, except for the first and last entries */
|
||||
assert_se(i < 2 || i == _SYSCALL_FILTER_SET_MAX - 1 ||
|
||||
strcmp(syscall_filter_sets[i-1].name, syscall_filter_sets[i].name) < 0);
|
||||
/* Make sure the groups are ordered alphabetically, except for the first entry */
|
||||
assert_se(i < 2 || strcmp(syscall_filter_sets[i-1].name, syscall_filter_sets[i].name) < 0);
|
||||
|
||||
NULSTR_FOREACH(k, syscall_filter_sets[i].value) {
|
||||
|
||||
|
|
|
|||
|
|
@ -782,8 +782,6 @@ KEYMAP=
|
|||
KEYMAP_TOGGLE=
|
||||
KeepFree=
|
||||
KeyringMode=
|
||||
ProtectProc=
|
||||
ProcSubset=
|
||||
KillExcludeUsers=
|
||||
KillOnlyUsers=
|
||||
KillSignal=
|
||||
|
|
|
|||
|
|
@ -1,6 +0,0 @@
|
|||
#!/bin/sh
|
||||
set -eu
|
||||
|
||||
cd "$1"
|
||||
|
||||
curl -L -o syscall-names.text 'https://raw.githubusercontent.com/hrw/syscalls-table/master/syscall-names.text'
|
||||
|
|
@ -23,12 +23,11 @@ NoNewPrivileges=yes
|
|||
PrivateDevices=yes
|
||||
PrivateNetwork=yes
|
||||
PrivateTmp=yes
|
||||
ProtectProc=invisible
|
||||
ProtectControlGroups=yes
|
||||
ProtectHome=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelTunables=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectSystem=strict
|
||||
ReadWritePaths=/etc
|
||||
RestrictAddressFamilies=AF_UNIX
|
||||
|
|
|
|||
|
|
@ -19,13 +19,12 @@ LockPersonality=yes
|
|||
MemoryDenyWriteExecute=yes
|
||||
PrivateDevices=yes
|
||||
PrivateNetwork=yes
|
||||
ProtectProc=invisible
|
||||
ProtectControlGroups=yes
|
||||
ProtectHome=yes
|
||||
ProtectHostname=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelTunables=yes
|
||||
ProtectKernelLogs=yes
|
||||
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
|
||||
RestrictNamespaces=yes
|
||||
RestrictRealtime=yes
|
||||
|
|
|
|||
|
|
@ -21,14 +21,13 @@ NoNewPrivileges=yes
|
|||
PrivateDevices=yes
|
||||
PrivateNetwork=yes
|
||||
PrivateTmp=yes
|
||||
ProtectProc=invisible
|
||||
ProtectClock=yes
|
||||
ProtectControlGroups=yes
|
||||
ProtectHome=yes
|
||||
ProtectHostname=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelTunables=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectSystem=strict
|
||||
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
|
||||
RestrictNamespaces=yes
|
||||
|
|
|
|||
|
|
@ -19,13 +19,12 @@ ExecStart=@rootlibexecdir@/systemd-journal-upload --save-state
|
|||
LockPersonality=yes
|
||||
MemoryDenyWriteExecute=yes
|
||||
PrivateDevices=yes
|
||||
ProtectProc=invisible
|
||||
ProtectControlGroups=yes
|
||||
ProtectHome=yes
|
||||
ProtectHostname=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelTunables=yes
|
||||
ProtectKernelLogs=yes
|
||||
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
|
||||
RestrictNamespaces=yes
|
||||
RestrictRealtime=yes
|
||||
|
|
|
|||
|
|
@ -23,13 +23,12 @@ NoNewPrivileges=yes
|
|||
PrivateDevices=yes
|
||||
PrivateNetwork=yes
|
||||
PrivateTmp=yes
|
||||
ProtectProc=invisible
|
||||
ProtectControlGroups=yes
|
||||
ProtectHome=yes
|
||||
ProtectHostname=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelTunables=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectSystem=strict
|
||||
ReadWritePaths=/etc
|
||||
RestrictAddressFamilies=AF_UNIX
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ DeviceAllow=char-drm rw
|
|||
DeviceAllow=char-input rw
|
||||
DeviceAllow=char-tty rw
|
||||
DeviceAllow=char-vcs rw
|
||||
# Make sure the DeviceAllow= lines above can work correctly when referenceing char-drm
|
||||
ExecStart=@rootlibexecdir@/systemd-logind
|
||||
FileDescriptorStoreMax=512
|
||||
IPAddressDeny=any
|
||||
|
|
@ -35,13 +36,12 @@ LockPersonality=yes
|
|||
MemoryDenyWriteExecute=yes
|
||||
NoNewPrivileges=yes
|
||||
PrivateTmp=yes
|
||||
ProtectProc=invisible
|
||||
ProtectClock=yes
|
||||
ProtectControlGroups=yes
|
||||
ProtectHome=yes
|
||||
ProtectHostname=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectSystem=strict
|
||||
ReadWritePaths=/etc /run
|
||||
Restart=always
|
||||
|
|
|
|||
|
|
@ -26,15 +26,13 @@ ExecStart=!!@rootlibexecdir@/systemd-networkd
|
|||
LockPersonality=yes
|
||||
MemoryDenyWriteExecute=yes
|
||||
NoNewPrivileges=yes
|
||||
ProtectProc=invisible
|
||||
ProtectClock=yes
|
||||
ProtectControlGroups=yes
|
||||
ProtectHome=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectSystem=strict
|
||||
Restart=on-failure
|
||||
RestartKillSignal=SIGUSR2
|
||||
RestartSec=0
|
||||
RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 AF_PACKET AF_ALG
|
||||
RestrictNamespaces=yes
|
||||
|
|
@ -46,6 +44,7 @@ SystemCallArchitectures=native
|
|||
SystemCallErrorNumber=EPERM
|
||||
SystemCallFilter=@system-service
|
||||
Type=notify
|
||||
RestartKillSignal=SIGUSR2
|
||||
User=systemd-network
|
||||
@SERVICE_WATCHDOG@
|
||||
|
||||
|
|
|
|||
|
|
@ -28,13 +28,12 @@ MemoryDenyWriteExecute=yes
|
|||
NoNewPrivileges=yes
|
||||
PrivateDevices=yes
|
||||
PrivateTmp=yes
|
||||
ProtectProc=invisible
|
||||
ProtectClock=yes
|
||||
ProtectControlGroups=yes
|
||||
ProtectHome=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelTunables=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectSystem=strict
|
||||
Restart=always
|
||||
RestartSec=0
|
||||
|
|
|
|||
|
|
@ -22,13 +22,12 @@ LockPersonality=yes
|
|||
MemoryDenyWriteExecute=yes
|
||||
NoNewPrivileges=yes
|
||||
PrivateTmp=yes
|
||||
ProtectProc=invisible
|
||||
ProtectControlGroups=yes
|
||||
ProtectHome=yes
|
||||
ProtectHostname=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelTunables=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectSystem=strict
|
||||
ReadWritePaths=/etc
|
||||
RestrictAddressFamilies=AF_UNIX
|
||||
|
|
|
|||
|
|
@ -27,13 +27,12 @@ MemoryDenyWriteExecute=yes
|
|||
NoNewPrivileges=yes
|
||||
PrivateDevices=yes
|
||||
PrivateTmp=yes
|
||||
ProtectProc=invisible
|
||||
ProtectControlGroups=yes
|
||||
ProtectHome=yes
|
||||
ProtectHostname=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelTunables=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectSystem=strict
|
||||
Restart=always
|
||||
RestartSec=0
|
||||
|
|
|
|||
|
|
@ -24,7 +24,6 @@ LockPersonality=yes
|
|||
MemoryDenyWriteExecute=yes
|
||||
NoNewPrivileges=yes
|
||||
PrivateDevices=yes
|
||||
ProtectProc=invisible
|
||||
ProtectControlGroups=yes
|
||||
ProtectHome=yes
|
||||
ProtectHostname=yes
|
||||
|
|
|
|||
Loading…
Reference in New Issue