mirror of
https://github.com/systemd/systemd
synced 2026-03-19 03:24:45 +01:00
Compare commits
21 Commits
5fcca42f18
...
30b9fa495c
| Author | SHA1 | Date | |
|---|---|---|---|
|
30b9fa495c | ||
|
|
ce2c72daa1 | ||
|
|
5b603f4d06 | ||
|
|
dc3078e3a9 | ||
|
|
52ecf376fa | ||
|
|
e6703a9aa4 | ||
|
|
8b4278d12e | ||
|
|
7c6e377bc0 | ||
|
|
aa284132bc | ||
|
|
704f774ff5 | ||
|
|
a7e07aeaac | ||
|
|
1dcdb3e439 | ||
|
|
831a1be45c | ||
|
|
8f80b4dc2a | ||
|
|
1908e1543a | ||
|
|
2262b1c025 | ||
|
|
d5ed05a2ce | ||
|
|
18842be4be | ||
|
|
143c5c1ad7 | ||
|
|
17ce971a9c | ||
|
|
46e3fef1a8 |
31
.clang-tidy
31
.clang-tidy
@ -2,10 +2,33 @@
|
||||
---
|
||||
Checks: '
|
||||
-*,
|
||||
misc-header-include-cycle,
|
||||
readability-duplicate-include,
|
||||
bugprone-argument-comment,
|
||||
misc-include-cleaner
|
||||
bugprone-chained-comparison,
|
||||
bugprone-integer-division,
|
||||
bugprone-misplaced-operator-in-strlen-in-alloc,
|
||||
bugprone-misplaced-pointer-arithmetic-in-alloc,
|
||||
bugprone-posix-return,
|
||||
bugprone-redundant-branch-condition,
|
||||
bugprone-sizeof-expression,
|
||||
bugprone-suspicious-enum-usage,
|
||||
bugprone-suspicious-semicolon,
|
||||
bugprone-suspicious-string-compare,
|
||||
bugprone-swapped-arguments,
|
||||
bugprone-tautological-type-limits,
|
||||
bugprone-unused-return-value,
|
||||
misc-header-include-cycle,
|
||||
misc-include-cleaner,
|
||||
misc-misplaced-const,
|
||||
misc-use-internal-linkage,
|
||||
readability-avoid-const-params-in-decls,
|
||||
readability-const-return-type,
|
||||
readability-duplicate-include,
|
||||
readability-inconsistent-declaration-parameter-name,
|
||||
readability-misleading-indentation,
|
||||
readability-named-parameter,
|
||||
readability-redundant-casting,
|
||||
readability-redundant-declaration,
|
||||
readability-redundant-function-ptr-dereference
|
||||
'
|
||||
CheckOptions:
|
||||
misc-include-cleaner.MissingIncludes: 'false'
|
||||
@ -28,7 +51,9 @@ CheckOptions:
|
||||
varlink-idl-common\.h;
|
||||
unistd\.h
|
||||
'
|
||||
misc-header-include-cycle.IgnoredFilesList: 'glib-2.0'
|
||||
WarningsAsErrors: '*'
|
||||
ExcludeHeaderFilterRegex: 'blkid\.h|gmessages\.h|gstring\.h'
|
||||
HeaderFileExtensions:
|
||||
- h
|
||||
ImplementationFileExtensions:
|
||||
|
||||
1
.github/workflows/build-test.sh
vendored
1
.github/workflows/build-test.sh
vendored
@ -17,6 +17,7 @@ ARGS=(
|
||||
"--optimization=3 -Db_lto=false -Dtpm2=disabled -Dlibfido2=disabled -Dp11kit=disabled -Defi=false -Dbootloader=disabled"
|
||||
"--optimization=3 -Dfexecve=true -Dstandalone-binaries=true -Dstatic-libsystemd=true -Dstatic-libudev=true"
|
||||
"-Db_ndebug=true"
|
||||
"--auto-features=disabled -Dcompat-mutable-uid-boundaries=true"
|
||||
)
|
||||
PACKAGES=(
|
||||
cryptsetup-bin
|
||||
|
||||
2
.github/workflows/linter.yml
vendored
2
.github/workflows/linter.yml
vendored
@ -77,7 +77,7 @@ jobs:
|
||||
mkosi box -- ruff check src/core/generate-bpf-delegate-configs.py src/boot/generate-hwids-section.py src/test/generate-sym-test.py src/ukify/ukify.py test/integration-tests/integration-test-wrapper.py
|
||||
|
||||
- name: Configure meson
|
||||
run: mkosi box -- env CC=clang CXX=clang++ meson setup -Dlocalegen-path=/usr/bin/locale-gen -Dcompat-mutable-uid-boundaries=true build
|
||||
run: mkosi box -- env CC=clang CXX=clang++ meson setup build
|
||||
|
||||
- name: Run clang-tidy
|
||||
run: mkosi box -- meson test -C build --suite=clang-tidy --print-errorlogs --no-stdsplit --quiet
|
||||
|
||||
@ -1715,7 +1715,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
|
||||
<listitem>
|
||||
<para>Shut down and reboot the system.</para>
|
||||
|
||||
<para>This command mostly equivalent to <command>systemctl start reboot.target
|
||||
<para>This command is mostly equivalent to <command>systemctl start reboot.target
|
||||
--job-mode=replace-irreversibly --no-block</command>, but also prints a wall message to all
|
||||
users. This command is asynchronous; it will return after the reboot operation is enqueued,
|
||||
without waiting for it to complete.</para>
|
||||
|
||||
@ -28,7 +28,6 @@ typedef void* (*mfree_func_t)(void *p);
|
||||
})
|
||||
|
||||
#define _DEFINE_TRIVIAL_REF_FUNC(type, name, scope) \
|
||||
/* NOLINTNEXTLINE (readability-inconsistent-declaration-parameter-name) */ \
|
||||
scope type *name##_ref(type *p) { \
|
||||
if (!p) \
|
||||
return NULL; \
|
||||
@ -43,7 +42,6 @@ typedef void* (*mfree_func_t)(void *p);
|
||||
}
|
||||
|
||||
#define _DEFINE_TRIVIAL_UNREF_FUNC(type, name, free_func, scope) \
|
||||
/* NOLINTNEXTLINE (readability-inconsistent-declaration-parameter-name) */ \
|
||||
scope type *name##_unref(type *p) { \
|
||||
if (!p) \
|
||||
return NULL; \
|
||||
|
||||
@ -38,4 +38,4 @@ int fs_type_from_string(const char *name, const statfs_f_type_t **ret);
|
||||
bool fs_in_group(const struct statfs *s, enum FilesystemGroups fs_group);
|
||||
|
||||
/* gperf prototypes */
|
||||
const struct FilesystemMagic* filesystems_gperf_lookup(const char *key, GPERF_LEN_TYPE length);
|
||||
const struct FilesystemMagic* filesystems_gperf_lookup(const char *str, GPERF_LEN_TYPE length);
|
||||
|
||||
@ -1135,17 +1135,17 @@ bool oom_score_adjust_is_valid(int oa) {
|
||||
return oa >= OOM_SCORE_ADJ_MIN && oa <= OOM_SCORE_ADJ_MAX;
|
||||
}
|
||||
|
||||
unsigned long personality_from_string(const char *p) {
|
||||
unsigned long personality_from_string(const char *s) {
|
||||
Architecture architecture;
|
||||
|
||||
if (!p)
|
||||
if (!s)
|
||||
return PERSONALITY_INVALID;
|
||||
|
||||
/* Parse a personality specifier. We use our own identifiers that indicate specific ABIs, rather than just
|
||||
* hints regarding the register size, since we want to keep things open for multiple locally supported ABIs for
|
||||
* the same register size. */
|
||||
|
||||
architecture = architecture_from_string(p);
|
||||
architecture = architecture_from_string(s);
|
||||
if (architecture < 0)
|
||||
return PERSONALITY_INVALID;
|
||||
|
||||
@ -1247,8 +1247,8 @@ bool nice_is_valid(int n) {
|
||||
return n >= PRIO_MIN && n < PRIO_MAX;
|
||||
}
|
||||
|
||||
bool sched_policy_is_valid(int i) {
|
||||
return IN_SET(i, SCHED_OTHER, SCHED_BATCH, SCHED_IDLE, SCHED_FIFO, SCHED_RR, SCHED_EXT);
|
||||
bool sched_policy_is_valid(int policy) {
|
||||
return IN_SET(policy, SCHED_OTHER, SCHED_BATCH, SCHED_IDLE, SCHED_FIFO, SCHED_RR, SCHED_EXT);
|
||||
}
|
||||
|
||||
bool sched_policy_supported(int policy) {
|
||||
@ -1407,7 +1407,7 @@ int pidref_safe_fork_full(
|
||||
int except_fds[],
|
||||
size_t n_except_fds,
|
||||
ForkFlags flags,
|
||||
PidRef *ret_pid) {
|
||||
PidRef *ret) {
|
||||
|
||||
pid_t original_pid, pid;
|
||||
sigset_t saved_ss, ss;
|
||||
@ -1421,7 +1421,7 @@ int pidref_safe_fork_full(
|
||||
(flags & (FORK_WAIT|FORK_DEATHSIG_SIGTERM|FORK_DEATHSIG_SIGINT|FORK_DEATHSIG_SIGKILL)) == 0);
|
||||
|
||||
/* A wrapper around fork(), that does a couple of important initializations in addition to mere
|
||||
* forking. If provided, ret_pid is initialized in both the parent and the child process, both times
|
||||
* forking. If provided, ret is initialized in both the parent and the child process, both times
|
||||
* referencing the child process. Returns == 0 in the child and > 0 in the parent. */
|
||||
|
||||
prio = flags & FORK_LOG ? LOG_ERR : LOG_DEBUG;
|
||||
@ -1465,7 +1465,7 @@ int pidref_safe_fork_full(
|
||||
if (!r) {
|
||||
/* Not a reaper process, hence do a double fork() so we are reparented to one */
|
||||
|
||||
if (ret_pid && socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, pidref_transport_fds) < 0)
|
||||
if (ret && socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, pidref_transport_fds) < 0)
|
||||
return log_full_errno(prio, errno, "Failed to allocate pidref socket: %m");
|
||||
|
||||
pid = fork();
|
||||
@ -1499,7 +1499,7 @@ int pidref_safe_fork_full(
|
||||
if (n < 0)
|
||||
return log_full_errno(prio, n, "Failed to receive child pidref: %m");
|
||||
|
||||
*ret_pid = (PidRef) { .pid = pid, .fd = pidfd };
|
||||
*ret = (PidRef) { .pid = pid, .fd = pidfd };
|
||||
}
|
||||
|
||||
return 1; /* return in the parent */
|
||||
@ -1569,20 +1569,16 @@ int pidref_safe_fork_full(
|
||||
return -EPROTO;
|
||||
|
||||
/* If we are in the parent and successfully waited, then the process doesn't exist anymore. */
|
||||
if (ret_pid)
|
||||
*ret_pid = PIDREF_NULL;
|
||||
if (ret)
|
||||
*ret = PIDREF_NULL;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (ret_pid) {
|
||||
if (FLAGS_SET(flags, _FORK_PID_ONLY))
|
||||
*ret_pid = PIDREF_MAKE_FROM_PID(pid);
|
||||
else {
|
||||
r = pidref_set_pid(ret_pid, pid);
|
||||
if (ret) {
|
||||
r = pidref_set_pid(ret, pid);
|
||||
if (r < 0) /* Let's not fail for this, no matter what, the process exists after all, and that's key */
|
||||
*ret_pid = PIDREF_MAKE_FROM_PID(pid);
|
||||
}
|
||||
*ret = PIDREF_MAKE_FROM_PID(pid);
|
||||
}
|
||||
|
||||
return 1;
|
||||
@ -1763,45 +1759,17 @@ int pidref_safe_fork_full(
|
||||
if (FLAGS_SET(flags, FORK_FREEZE))
|
||||
freeze();
|
||||
|
||||
if (ret_pid) {
|
||||
if (FLAGS_SET(flags, _FORK_PID_ONLY))
|
||||
*ret_pid = PIDREF_MAKE_FROM_PID(getpid_cached());
|
||||
else {
|
||||
r = pidref_set_self(ret_pid);
|
||||
if (ret) {
|
||||
r = pidref_set_self(ret);
|
||||
if (r < 0) {
|
||||
log_full_errno(prio, r, "Failed to acquire PID reference on ourselves: %m");
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int safe_fork_full(
|
||||
const char *name,
|
||||
const int stdio_fds[3],
|
||||
int except_fds[],
|
||||
size_t n_except_fds,
|
||||
ForkFlags flags,
|
||||
pid_t *ret_pid) {
|
||||
|
||||
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
|
||||
int r;
|
||||
|
||||
/* Getting the detached child process pid without pidfd is racy, so don't allow it if not returning
|
||||
* a pidref to the caller. */
|
||||
assert(!FLAGS_SET(flags, FORK_DETACH) || !ret_pid);
|
||||
|
||||
r = pidref_safe_fork_full(name, stdio_fds, except_fds, n_except_fds, flags|_FORK_PID_ONLY, ret_pid ? &pidref : NULL);
|
||||
if (r < 0 || !ret_pid)
|
||||
return r;
|
||||
|
||||
*ret_pid = pidref.pid;
|
||||
|
||||
return r;
|
||||
}
|
||||
|
||||
int namespace_fork_full(
|
||||
const char *outer_name,
|
||||
const char *inner_name,
|
||||
|
||||
@ -101,8 +101,8 @@ bool oom_score_adjust_is_valid(int oa);
|
||||
* personality we're interested in. */
|
||||
#define OPINIONATED_PERSONALITY_MASK 0xFFUL
|
||||
|
||||
unsigned long personality_from_string(const char *p);
|
||||
const char* personality_to_string(unsigned long);
|
||||
unsigned long personality_from_string(const char *s);
|
||||
const char* personality_to_string(unsigned long p);
|
||||
|
||||
int safe_personality(unsigned long p);
|
||||
int opinionated_personality(unsigned long *ret);
|
||||
@ -124,10 +124,10 @@ int pid_compare_func(const pid_t *a, const pid_t *b);
|
||||
|
||||
bool nice_is_valid(int n) _const_;
|
||||
|
||||
bool sched_policy_is_valid(int i) _const_;
|
||||
bool sched_policy_supported(int i);
|
||||
int sched_get_priority_min_safe(int i);
|
||||
int sched_get_priority_max_safe(int i);
|
||||
bool sched_policy_is_valid(int policy) _const_;
|
||||
bool sched_policy_supported(int policy);
|
||||
int sched_get_priority_min_safe(int policy);
|
||||
int sched_get_priority_max_safe(int policy);
|
||||
|
||||
#define PID_AUTOMATIC ((pid_t) INT_MIN) /* special value indicating "acquire pid from connection peer" */
|
||||
|
||||
@ -176,8 +176,6 @@ typedef enum ForkFlags {
|
||||
FORK_NEW_PIDNS = 1 << 21, /* Run child in its own PID namespace 💣 DO NOT USE IN THREADED PROGRAMS! 💣 */
|
||||
FORK_FREEZE = 1 << 22, /* Don't return in child, just call freeze() instead */
|
||||
FORK_ALLOW_DLOPEN = 1 << 23, /* Do not block dlopen() in child */
|
||||
|
||||
_FORK_PID_ONLY = 1 << 24, /* Don't open a pidfd referencing the child process */
|
||||
} ForkFlags;
|
||||
|
||||
int pidref_safe_fork_full(
|
||||
@ -186,22 +184,10 @@ int pidref_safe_fork_full(
|
||||
int except_fds[],
|
||||
size_t n_except_fds,
|
||||
ForkFlags flags,
|
||||
PidRef *ret_pid);
|
||||
PidRef *ret);
|
||||
|
||||
static inline int pidref_safe_fork(const char *name, ForkFlags flags, PidRef *ret_pid) {
|
||||
return pidref_safe_fork_full(name, NULL, NULL, 0, flags, ret_pid);
|
||||
}
|
||||
|
||||
int safe_fork_full(
|
||||
const char *name,
|
||||
const int stdio_fds[3],
|
||||
int except_fds[],
|
||||
size_t n_except_fds,
|
||||
ForkFlags flags,
|
||||
pid_t *ret_pid);
|
||||
|
||||
static inline int safe_fork(const char *name, ForkFlags flags, pid_t *ret_pid) {
|
||||
return safe_fork_full(name, NULL, NULL, 0, flags, ret_pid);
|
||||
static inline int pidref_safe_fork(const char *name, ForkFlags flags, PidRef *ret) {
|
||||
return pidref_safe_fork_full(name, NULL, NULL, 0, flags, ret);
|
||||
}
|
||||
|
||||
int namespace_fork_full(
|
||||
|
||||
@ -15,7 +15,6 @@ ssize_t string_table_lookup_from_string_fallback(const char * const *table, size
|
||||
|
||||
/* For basic lookup tables with strictly enumerated entries */
|
||||
#define _DEFINE_STRING_TABLE_LOOKUP_TO_STRING(name, type, scope) \
|
||||
/* NOLINTNEXTLINE (readability-inconsistent-declaration-parameter-name) */ \
|
||||
scope const char* name##_to_string(type i) { \
|
||||
return string_table_lookup_to_string(name##_table, ELEMENTSOF(name##_table), i); \
|
||||
}
|
||||
@ -31,7 +30,6 @@ ssize_t string_table_lookup_from_string_fallback(const char * const *table, size
|
||||
}
|
||||
|
||||
#define _DEFINE_STRING_TABLE_LOOKUP_TO_STRING_FALLBACK(name, type, max, scope) \
|
||||
/* NOLINTNEXTLINE (readability-inconsistent-declaration-parameter-name) */ \
|
||||
scope int name##_to_string_alloc(type i, char **ret) { \
|
||||
return string_table_lookup_to_string_fallback(name##_table, ELEMENTSOF(name##_table), i, max, ret); \
|
||||
}
|
||||
|
||||
@ -124,7 +124,7 @@ bool terminal_is_dumb(void);
|
||||
bool dev_console_colors_enabled(void);
|
||||
|
||||
int get_ctty_devnr(pid_t pid, dev_t *ret);
|
||||
int get_ctty(pid_t, dev_t *ret_devnr, char **ret);
|
||||
int get_ctty(pid_t pid, dev_t *ret_devnr, char **ret);
|
||||
|
||||
int getttyname_malloc(int fd, char **ret);
|
||||
int getttyname_harder(int fd, char **ret);
|
||||
|
||||
@ -173,7 +173,7 @@ char* save_timezone(void);
|
||||
|
||||
bool clock_supported(clockid_t clock);
|
||||
|
||||
usec_t usec_shift_clock(usec_t, clockid_t from, clockid_t to);
|
||||
usec_t usec_shift_clock(usec_t x, clockid_t from, clockid_t to);
|
||||
|
||||
int get_timezone(char **ret);
|
||||
const char* etc_localtime(void);
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
|
||||
#if ENABLE_COMPAT_MUTABLE_UID_BOUNDARIES
|
||||
#include <threads.h>
|
||||
|
||||
#include "chase.h"
|
||||
@ -7,6 +8,8 @@
|
||||
#include "fileio.h"
|
||||
#include "log.h"
|
||||
#include "string-util.h"
|
||||
#endif
|
||||
|
||||
#include "uid-classification.h"
|
||||
#include "user-util.h"
|
||||
|
||||
|
||||
@ -5,7 +5,6 @@
|
||||
#include "macro-fundamental.h"
|
||||
|
||||
#define _DEFINE_STRING_TABLE_LOOKUP_TO_STRING(name,type,scope) \
|
||||
/* NOLINTNEXTLINE (readability-inconsistent-declaration-parameter-name) */ \
|
||||
scope const char* name##_to_string(type i) { \
|
||||
assert(i >= 0 && i < (type) ELEMENTSOF(name##_table)); \
|
||||
return name##_table[i]; \
|
||||
|
||||
@ -655,12 +655,13 @@ static int asynchronous_expire(int dev_autofs_fd, int ioctl_fd) {
|
||||
* child's PID, we are PID1/autoreaper after all, hence when it dies we'll automatically clean it up
|
||||
* anyway. */
|
||||
|
||||
r = safe_fork_full("(sd-expire)",
|
||||
r = pidref_safe_fork_full(
|
||||
"(sd-expire)",
|
||||
/* stdio_fds= */ NULL,
|
||||
(int[]) { dev_autofs_fd, ioctl_fd },
|
||||
/* n_except_fds= */ 2,
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG,
|
||||
/* ret_pid= */ NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r != 0)
|
||||
return r;
|
||||
|
||||
|
||||
@ -1416,7 +1416,7 @@ static int setup_pam(
|
||||
|
||||
parent_pid = getpid_cached();
|
||||
|
||||
r = safe_fork("(sd-pam)", 0, NULL);
|
||||
r = pidref_safe_fork("(sd-pam)", /* flags= */ 0, /* ret= */ NULL);
|
||||
if (r < 0)
|
||||
goto fail;
|
||||
if (r == 0) {
|
||||
|
||||
@ -4133,7 +4133,7 @@ static int manager_run_generators(Manager *m) {
|
||||
if (is_dir("/tmp", /* follow= */ false) > 0 && !MANAGER_IS_TEST_RUN(m))
|
||||
flags |= FORK_PRIVATE_TMP;
|
||||
|
||||
r = safe_fork("(sd-gens)", flags, NULL);
|
||||
r = pidref_safe_fork("(sd-gens)", flags, /* ret= */ NULL);
|
||||
if (r == 0) {
|
||||
r = manager_execute_generators(m, paths, /* remount_ro= */ true);
|
||||
_exit(r >= 0 ? EXIT_SUCCESS : EXIT_FAILURE);
|
||||
|
||||
@ -3502,7 +3502,6 @@ static int is_extension_overlay(const char *path, int fd) {
|
||||
static int unpeel_get_fd(const char *mount_path, int *ret_fd) {
|
||||
_cleanup_close_pair_ int pipe_fds[2] = EBADF_PAIR;
|
||||
_cleanup_close_ int fs_fd = -EBADF;
|
||||
pid_t pid;
|
||||
int r;
|
||||
|
||||
assert(mount_path);
|
||||
@ -3513,7 +3512,7 @@ static int unpeel_get_fd(const char *mount_path, int *ret_fd) {
|
||||
return log_debug_errno(errno, "Failed to create socket pair: %m");
|
||||
|
||||
/* Clone mount namespace here to unpeel without affecting live process */
|
||||
r = safe_fork("(sd-ns-unpeel)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, &pid);
|
||||
r = pidref_safe_fork("(sd-ns-unpeel)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, /* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
@ -3903,9 +3902,10 @@ int refresh_extensions_in_namespace(
|
||||
* overlays to obtain FDs the underlying directories, over which we will reapply the overlays
|
||||
* 3. In the child again, receive the FDs and reapply the overlays
|
||||
*/
|
||||
r = safe_fork("(sd-ns-refresh-exts)",
|
||||
r = pidref_safe_fork(
|
||||
"(sd-ns-refresh-exts)",
|
||||
FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE,
|
||||
NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
|
||||
@ -5540,7 +5540,6 @@ int unit_set_exec_params(Unit *u, ExecParameters *p) {
|
||||
|
||||
int unit_fork_helper_process_full(Unit *u, const char *name, bool into_cgroup, ForkFlags flags, PidRef *ret) {
|
||||
CGroupRuntime *crt = NULL;
|
||||
pid_t pid;
|
||||
int r;
|
||||
|
||||
assert(u);
|
||||
@ -5548,8 +5547,8 @@ int unit_fork_helper_process_full(Unit *u, const char *name, bool into_cgroup, F
|
||||
assert(ret);
|
||||
|
||||
/* Forks off a helper process and makes sure it is a member of the unit's cgroup, if configured to
|
||||
* do so. Returns == 0 in the child, and > 0 in the parent. The pid parameter is always filled in
|
||||
* with the child's PID. */
|
||||
* do so. Returns == 0 in the child, and > 0 in the parent. The pidref parameter is always filled in
|
||||
* with the child's PID reference. */
|
||||
|
||||
if (into_cgroup) {
|
||||
r = unit_realize_cgroup(u);
|
||||
@ -5559,19 +5558,11 @@ int unit_fork_helper_process_full(Unit *u, const char *name, bool into_cgroup, F
|
||||
crt = unit_get_cgroup_runtime(u);
|
||||
}
|
||||
|
||||
r = safe_fork(name, FORK_REOPEN_LOG|FORK_DEATHSIG_SIGTERM|flags, &pid);
|
||||
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
|
||||
r = pidref_safe_fork(name, FORK_REOPEN_LOG|FORK_DEATHSIG_SIGTERM|flags, &pidref);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r > 0) {
|
||||
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
|
||||
int q;
|
||||
|
||||
/* Parent */
|
||||
|
||||
q = pidref_set_pid(&pidref, pid);
|
||||
if (q < 0)
|
||||
return q;
|
||||
|
||||
*ret = TAKE_PIDREF(pidref);
|
||||
return r;
|
||||
}
|
||||
@ -5589,6 +5580,7 @@ int unit_fork_helper_process_full(Unit *u, const char *name, bool into_cgroup, F
|
||||
}
|
||||
}
|
||||
|
||||
*ret = TAKE_PIDREF(pidref);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -1785,7 +1785,7 @@ static int action_with(DissectedImage *m, LoopDevice *d) {
|
||||
return log_error_errno(r, "Failed to unlock loopback block device: %m");
|
||||
}
|
||||
|
||||
rcode = safe_fork("(with)", FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_WAIT, NULL);
|
||||
rcode = pidref_safe_fork("(with)", FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_WAIT, /* ret= */ NULL);
|
||||
if (rcode == 0) {
|
||||
/* Child */
|
||||
|
||||
|
||||
@ -398,7 +398,7 @@ assert_cc(sizeof(long long) == sizeof(intmax_t));
|
||||
#define STRLEN(x) (sizeof(""x"") - sizeof(typeof(x[0])))
|
||||
|
||||
DISABLE_WARNING_REDUNDANT_DECLS;
|
||||
void free(void *p);
|
||||
void free(void *p); /* NOLINT (readability-redundant-declaration) */
|
||||
REENABLE_WARNING;
|
||||
|
||||
#define mfree(memory) \
|
||||
|
||||
@ -2233,9 +2233,10 @@ int home_killall(Home *h) {
|
||||
assert(h->uid > 0); /* We never should be UID 0 */
|
||||
|
||||
/* Let's kill everything matching the specified UID */
|
||||
r = safe_fork("(sd-killer)",
|
||||
r = pidref_safe_fork(
|
||||
"(sd-killer)",
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_WAIT|FORK_LOG|FORK_REOPEN_LOG,
|
||||
NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
|
||||
@ -115,9 +115,10 @@ int home_flush_keyring_fscrypt(UserRecord *h) {
|
||||
if (!uid_is_valid(h->uid))
|
||||
return 0;
|
||||
|
||||
r = safe_fork("(sd-delkey)",
|
||||
r = pidref_safe_fork(
|
||||
"(sd-delkey)",
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_REOPEN_LOG,
|
||||
NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
@ -409,9 +410,10 @@ int home_setup_fscrypt(
|
||||
/* Also install the access key in the user's own keyring */
|
||||
|
||||
if (uid_is_valid(h->uid)) {
|
||||
r = safe_fork("(sd-addkey)",
|
||||
r = pidref_safe_fork(
|
||||
"(sd-addkey)",
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_REOPEN_LOG,
|
||||
NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to install encryption key in user's keyring: %m");
|
||||
if (r == 0) {
|
||||
|
||||
@ -2665,7 +2665,7 @@ static int ext4_offline_resize_fs(
|
||||
r = pidref_safe_fork(
|
||||
"(e2resize)",
|
||||
FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS,
|
||||
/* ret_pid= */ NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
|
||||
@ -682,7 +682,7 @@ static int acquire_home(
|
||||
|
||||
if (FLAGS_SET(flags, ACQUIRE_MUST_AUTHENTICATE))
|
||||
pam_syslog(pamh, LOG_ERR, "Failed to prompt for password/prompt.");
|
||||
else if (debug)
|
||||
else
|
||||
pam_debug_syslog(pamh, debug, "Failed to prompt for password/prompt.");
|
||||
|
||||
return home_not_active || home_locked ? PAM_PERM_DENIED : PAM_CONV_ERR;
|
||||
|
||||
@ -301,12 +301,12 @@ int import_mangle_os_tree_fd_foreign(
|
||||
assert(tree_fd >= 0);
|
||||
assert(userns_fd >= 0);
|
||||
|
||||
r = safe_fork_full(
|
||||
r = pidref_safe_fork_full(
|
||||
"mangle-tree",
|
||||
/* stdio_fds= */ NULL,
|
||||
(int[]) { userns_fd, tree_fd }, 2,
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_REOPEN_LOG|FORK_WAIT,
|
||||
/* ret_pid= */ NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
@ -401,12 +401,12 @@ int import_copy_foreign(
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = safe_fork_full(
|
||||
r = pidref_safe_fork_full(
|
||||
"copy-tree",
|
||||
/* stdio_fds= */ NULL,
|
||||
(int[]) { *userns_fd, source_fd, target_fd }, 3,
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_REOPEN_LOG|FORK_WAIT,
|
||||
/* ret_pid= */ NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
@ -459,12 +459,12 @@ int import_remove_tree_foreign(const char *path, int *userns_fd) {
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = safe_fork_full(
|
||||
r = pidref_safe_fork_full(
|
||||
"rm-tree",
|
||||
/* stdio_fds= */ NULL,
|
||||
(int[]) { *userns_fd, tree_fd }, 2,
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_REOPEN_LOG|FORK_WAIT,
|
||||
/* ret_pid= */ NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
|
||||
@ -288,12 +288,15 @@ static int tar_pull_make_local_copy(TarPull *p) {
|
||||
if (fstat(directory_fd, &st) < 0)
|
||||
return log_error_errno(errno, "Failed to stat '%s': %m", p->final_path);
|
||||
|
||||
if (uid_is_foreign(st.st_uid)) {
|
||||
if (!uid_is_foreign(st.st_uid))
|
||||
return log_error_errno(
|
||||
SYNTHETIC_ERRNO(EINVAL),
|
||||
"Image tree '%s' is not owned by the foreign UID range, refusing.",
|
||||
p->final_path);
|
||||
|
||||
r = mountfsd_mount_directory_fd(directory_fd, p->userns_fd, DISSECT_IMAGE_FOREIGN_UID, &p->tree_fd);
|
||||
if (r < 0)
|
||||
return r;
|
||||
} else
|
||||
p->tree_fd = TAKE_FD(directory_fd);
|
||||
}
|
||||
|
||||
_cleanup_close_ int directory_fd = -EBADF;
|
||||
|
||||
@ -125,16 +125,17 @@ DEFINE_PRIVATE_HASH_OPS_WITH_VALUE_DESTRUCTOR(
|
||||
**********************************************************************/
|
||||
|
||||
static int spawn_child(const char *child, char **argv) {
|
||||
pid_t child_pid;
|
||||
int fd[2], r;
|
||||
|
||||
if (pipe(fd) < 0)
|
||||
return log_error_errno(errno, "Failed to create pager pipe: %m");
|
||||
|
||||
r = safe_fork_full("(remote)",
|
||||
r = pidref_safe_fork_full(
|
||||
"(remote)",
|
||||
(int[]) {STDIN_FILENO, fd[1], STDERR_FILENO },
|
||||
NULL, 0,
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, &child_pid);
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE,
|
||||
/* ret= */ NULL);
|
||||
if (r < 0) {
|
||||
safe_close_pair(fd);
|
||||
return r;
|
||||
|
||||
@ -342,7 +342,7 @@ static int on_first_event(sd_event_source *s, void *userdata) {
|
||||
return r;
|
||||
|
||||
if (arg_follow && !c->has_cursor && !arg_since_set) {
|
||||
r = sd_journal_get_cursor(c->journal, /* ret_cursor= */ NULL);
|
||||
r = sd_journal_get_cursor(c->journal, /* ret= */ NULL);
|
||||
if (r == -EADDRNOTAVAIL) {
|
||||
/* If we shall operate in --follow mode, and we are unable to get a cursor after
|
||||
* doing our first round of output, then this means there was no data to show
|
||||
|
||||
@ -1026,7 +1026,10 @@ static int connect_as(int fd, const struct sockaddr *sa, socklen_t salen, uid_t
|
||||
if (pipe2(pfd, O_CLOEXEC) < 0)
|
||||
return -errno;
|
||||
|
||||
r = safe_fork("(sd-setresuid)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL|FORK_WAIT, /* ret_pid= */ NULL);
|
||||
r = pidref_safe_fork(
|
||||
"(sd-setresuid)",
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL|FORK_WAIT,
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
|
||||
@ -26,7 +26,7 @@ static void test_bus_fork(void) {
|
||||
assert_se(bus->n_ref == 1);
|
||||
|
||||
/* Check that after a fork the cleanup functions return NULL */
|
||||
r = safe_fork("(bus-fork-test)", FORK_WAIT|FORK_LOG, NULL);
|
||||
r = pidref_safe_fork("(bus-fork-test)", FORK_WAIT|FORK_LOG, NULL);
|
||||
if (r == 0) {
|
||||
assert_se(bus);
|
||||
ASSERT_RETURN_EXPECTED_SE(sd_bus_is_ready(bus) == -ECHILD);
|
||||
|
||||
@ -39,7 +39,10 @@ TEST(mdio_bus) {
|
||||
if (running_in_chroot() > 0)
|
||||
return (void) log_tests_skipped("Running in chroot");
|
||||
|
||||
ASSERT_OK(r = safe_fork("(mdio_bus)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REOPEN_LOG|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork(
|
||||
"(mdio_bus)",
|
||||
FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REOPEN_LOG|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE,
|
||||
NULL));
|
||||
if (r == 0) {
|
||||
const char *syspath = "/sys/bus/mdio_bus/drivers/Qualcomm Atheros AR8031!AR8033";
|
||||
const char *id = "+drivers:mdio_bus:Qualcomm Atheros AR8031!AR8033";
|
||||
|
||||
@ -851,7 +851,7 @@ TEST(fork) {
|
||||
ASSERT_OK_ZERO(sd_event_prepare(e));
|
||||
|
||||
/* Check that after a fork the cleanup functions return NULL */
|
||||
r = safe_fork("(bus-fork-test)", FORK_WAIT|FORK_LOG, NULL);
|
||||
r = pidref_safe_fork("(bus-fork-test)", FORK_WAIT|FORK_LOG, NULL);
|
||||
if (r == 0) {
|
||||
ASSERT_NOT_NULL(e);
|
||||
ASSERT_NULL(sd_event_ref(e));
|
||||
|
||||
@ -1232,7 +1232,7 @@ _public_ int sd_journal_previous_skip(sd_journal *j, uint64_t skip) {
|
||||
return real_journal_next_skip(j, DIRECTION_UP, skip);
|
||||
}
|
||||
|
||||
_public_ int sd_journal_get_cursor(sd_journal *j, char **ret_cursor) {
|
||||
_public_ int sd_journal_get_cursor(sd_journal *j, char **ret) {
|
||||
Object *o;
|
||||
int r;
|
||||
|
||||
@ -1246,10 +1246,10 @@ _public_ int sd_journal_get_cursor(sd_journal *j, char **ret_cursor) {
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
if (!ret_cursor)
|
||||
if (!ret)
|
||||
return 0;
|
||||
|
||||
if (asprintf(ret_cursor,
|
||||
if (asprintf(ret,
|
||||
"s=%s;i=%"PRIx64";b=%s;m=%"PRIx64";t=%"PRIx64";x=%"PRIx64,
|
||||
SD_ID128_TO_STRING(j->current_file->header->seqnum_id), le64toh(o->entry.seqnum),
|
||||
SD_ID128_TO_STRING(o->entry.boot_id), le64toh(o->entry.monotonic),
|
||||
@ -2813,7 +2813,7 @@ static bool field_is_valid(const char *field) {
|
||||
return true;
|
||||
}
|
||||
|
||||
_public_ int sd_journal_get_data(sd_journal *j, const char *field, const void **data, size_t *length) {
|
||||
_public_ int sd_journal_get_data(sd_journal *j, const char *field, const void **ret_data, size_t *ret_size) {
|
||||
JournalFile *f;
|
||||
size_t field_length;
|
||||
Object *o;
|
||||
@ -2822,8 +2822,8 @@ _public_ int sd_journal_get_data(sd_journal *j, const char *field, const void **
|
||||
assert_return(j, -EINVAL);
|
||||
assert_return(!journal_origin_changed(j), -ECHILD);
|
||||
assert_return(field, -EINVAL);
|
||||
assert_return(data, -EINVAL);
|
||||
assert_return(length, -EINVAL);
|
||||
assert_return(ret_data, -EINVAL);
|
||||
assert_return(ret_size, -EINVAL);
|
||||
assert_return(field_is_valid(field), -EINVAL);
|
||||
|
||||
f = j->current_file;
|
||||
@ -2856,8 +2856,8 @@ _public_ int sd_journal_get_data(sd_journal *j, const char *field, const void **
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
*data = d;
|
||||
*length = l;
|
||||
*ret_data = d;
|
||||
*ret_size = l;
|
||||
|
||||
return 0;
|
||||
}
|
||||
@ -2865,15 +2865,15 @@ _public_ int sd_journal_get_data(sd_journal *j, const char *field, const void **
|
||||
return -ENOENT;
|
||||
}
|
||||
|
||||
_public_ int sd_journal_enumerate_data(sd_journal *j, const void **data, size_t *length) {
|
||||
_public_ int sd_journal_enumerate_data(sd_journal *j, const void **ret_data, size_t *ret_size) {
|
||||
JournalFile *f;
|
||||
Object *o;
|
||||
int r;
|
||||
|
||||
assert_return(j, -EINVAL);
|
||||
assert_return(!journal_origin_changed(j), -ECHILD);
|
||||
assert_return(data, -EINVAL);
|
||||
assert_return(length, -EINVAL);
|
||||
assert_return(ret_data, -EINVAL);
|
||||
assert_return(ret_size, -EINVAL);
|
||||
|
||||
f = j->current_file;
|
||||
if (!f)
|
||||
@ -2901,8 +2901,8 @@ _public_ int sd_journal_enumerate_data(sd_journal *j, const void **data, size_t
|
||||
return r;
|
||||
assert(r > 0);
|
||||
|
||||
*data = d;
|
||||
*length = l;
|
||||
*ret_data = d;
|
||||
*ret_size = l;
|
||||
|
||||
j->current_field++;
|
||||
|
||||
@ -2912,11 +2912,11 @@ _public_ int sd_journal_enumerate_data(sd_journal *j, const void **data, size_t
|
||||
return 0;
|
||||
}
|
||||
|
||||
_public_ int sd_journal_enumerate_available_data(sd_journal *j, const void **data, size_t *length) {
|
||||
_public_ int sd_journal_enumerate_available_data(sd_journal *j, const void **ret_data, size_t *ret_size) {
|
||||
for (;;) {
|
||||
int r;
|
||||
|
||||
r = sd_journal_enumerate_data(j, data, length);
|
||||
r = sd_journal_enumerate_data(j, ret_data, ret_size);
|
||||
if (r >= 0)
|
||||
return r;
|
||||
if (!JOURNAL_ERRNO_IS_UNAVAILABLE_FIELD(r))
|
||||
@ -3469,11 +3469,11 @@ _public_ int sd_journal_enumerate_unique(
|
||||
}
|
||||
}
|
||||
|
||||
_public_ int sd_journal_enumerate_available_unique(sd_journal *j, const void **data, size_t *size) {
|
||||
_public_ int sd_journal_enumerate_available_unique(sd_journal *j, const void **ret_data, size_t *ret_size) {
|
||||
for (;;) {
|
||||
int r;
|
||||
|
||||
r = sd_journal_enumerate_unique(j, data, size);
|
||||
r = sd_journal_enumerate_unique(j, ret_data, ret_size);
|
||||
if (r >= 0)
|
||||
return r;
|
||||
if (!JOURNAL_ERRNO_IS_UNAVAILABLE_FIELD(r))
|
||||
@ -3492,12 +3492,12 @@ _public_ void sd_journal_restart_unique(sd_journal *j) {
|
||||
j->unique_file_lost = false;
|
||||
}
|
||||
|
||||
_public_ int sd_journal_enumerate_fields(sd_journal *j, const char **field) {
|
||||
_public_ int sd_journal_enumerate_fields(sd_journal *j, const char **ret) {
|
||||
int r;
|
||||
|
||||
assert_return(j, -EINVAL);
|
||||
assert_return(!journal_origin_changed(j), -ECHILD);
|
||||
assert_return(field, -EINVAL);
|
||||
assert_return(ret, -EINVAL);
|
||||
|
||||
if (!j->fields_file) {
|
||||
if (j->fields_file_lost)
|
||||
@ -3549,7 +3549,7 @@ _public_ int sd_journal_enumerate_fields(sd_journal *j, const char **field) {
|
||||
/* Proceed with next file */
|
||||
j->fields_file = ordered_hashmap_next(j->files, f->path);
|
||||
if (!j->fields_file) {
|
||||
*field = NULL;
|
||||
*ret = NULL;
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -3629,7 +3629,7 @@ _public_ int sd_journal_enumerate_fields(sd_journal *j, const char **field) {
|
||||
if (!field_is_valid(j->fields_buffer))
|
||||
return -EBADMSG;
|
||||
|
||||
*field = j->fields_buffer;
|
||||
*ret = j->fields_buffer;
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
@ -43,7 +43,7 @@ int main(int argc, char *argv[]) {
|
||||
assert_se(sd_journal_seek_head(j) == 0);
|
||||
assert_se(j->current_location.type == LOCATION_HEAD);
|
||||
|
||||
r = safe_fork("(journal-fork-test)", FORK_WAIT|FORK_LOG, NULL);
|
||||
r = pidref_safe_fork("(journal-fork-test)", FORK_WAIT|FORK_LOG, NULL);
|
||||
if (r == 0) {
|
||||
assert_se(j);
|
||||
ASSERT_RETURN_EXPECTED_SE(sd_journal_get_realtime_usec(j, NULL) == -ECHILD);
|
||||
|
||||
@ -55,30 +55,28 @@ static bool rtnl_message_type_is_nsid(uint16_t type) {
|
||||
}
|
||||
|
||||
#define DEFINE_RTNL_MESSAGE_SETTER(class, header_type, element, name, value_type) \
|
||||
/* NOLINTNEXTLINE (readability-inconsistent-declaration-parameter-name) */ \
|
||||
int sd_rtnl_message_##class##_set_##name(sd_netlink_message *m, value_type value) { \
|
||||
int sd_rtnl_message_##class##_set_##name(sd_netlink_message *m, value_type name) { \
|
||||
assert_return(m, -EINVAL); \
|
||||
assert_return(m->hdr, -EINVAL); \
|
||||
assert_return(rtnl_message_type_is_##class(m->hdr->nlmsg_type), -EINVAL); \
|
||||
\
|
||||
header_type *hdr = NLMSG_DATA(m->hdr); \
|
||||
hdr->element = value; \
|
||||
hdr->element = name; \
|
||||
return 0; \
|
||||
}
|
||||
|
||||
#define DEFINE_RTNL_MESSAGE_PREFIXLEN_SETTER(class, header_type, family_element, element, name, value_type) \
|
||||
/* NOLINTNEXTLINE (readability-inconsistent-declaration-parameter-name) */ \
|
||||
int sd_rtnl_message_##class##_set_##name(sd_netlink_message *m, value_type value) { \
|
||||
int sd_rtnl_message_##class##_set_##name(sd_netlink_message *m, value_type name) { \
|
||||
assert_return(m, -EINVAL); \
|
||||
assert_return(m->hdr, -EINVAL); \
|
||||
assert_return(rtnl_message_type_is_##class(m->hdr->nlmsg_type), -EINVAL); \
|
||||
\
|
||||
header_type *hdr = NLMSG_DATA(m->hdr); \
|
||||
\
|
||||
if (value > FAMILY_ADDRESS_SIZE_SAFE(hdr->family_element) * 8) \
|
||||
if (name > FAMILY_ADDRESS_SIZE_SAFE(hdr->family_element) * 8) \
|
||||
return -ERANGE; \
|
||||
\
|
||||
hdr->element = value; \
|
||||
hdr->element = name; \
|
||||
return 0; \
|
||||
}
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ extern "C" {
|
||||
* allows custom logging
|
||||
*/
|
||||
struct udev;
|
||||
struct udev* udev_ref(struct udev *udev);
|
||||
struct udev* udev_ref(struct udev *p);
|
||||
struct udev* udev_unref(struct udev *udev);
|
||||
struct udev* udev_new(void);
|
||||
void udev_set_log_fn(
|
||||
@ -63,8 +63,8 @@ const char* udev_list_entry_get_value(struct udev_list_entry *list_entry);
|
||||
* access to sysfs/kernel devices
|
||||
*/
|
||||
struct udev_device;
|
||||
struct udev_device* udev_device_ref(struct udev_device *udev_device);
|
||||
struct udev_device* udev_device_unref(struct udev_device *udev_device);
|
||||
struct udev_device* udev_device_ref(struct udev_device *p);
|
||||
struct udev_device* udev_device_unref(struct udev_device *p);
|
||||
struct udev* udev_device_get_udev(struct udev_device *udev_device);
|
||||
struct udev_device* udev_device_new_from_syspath(struct udev *udev, const char *syspath);
|
||||
struct udev_device* udev_device_new_from_devnum(struct udev *udev, char type, dev_t devnum);
|
||||
@ -108,8 +108,8 @@ int udev_device_has_current_tag(struct udev_device *udev_device, const char *tag
|
||||
* access to kernel uevents and udev events
|
||||
*/
|
||||
struct udev_monitor;
|
||||
struct udev_monitor* udev_monitor_ref(struct udev_monitor *udev_monitor);
|
||||
struct udev_monitor* udev_monitor_unref(struct udev_monitor *udev_monitor);
|
||||
struct udev_monitor* udev_monitor_ref(struct udev_monitor *p);
|
||||
struct udev_monitor* udev_monitor_unref(struct udev_monitor *p);
|
||||
struct udev* udev_monitor_get_udev(struct udev_monitor *udev_monitor);
|
||||
/* kernel and udev generated events over netlink */
|
||||
struct udev_monitor* udev_monitor_new_from_netlink(struct udev *udev, const char *name);
|
||||
@ -133,8 +133,8 @@ int udev_monitor_filter_remove(struct udev_monitor *udev_monitor);
|
||||
* search sysfs for specific devices and provide a sorted list
|
||||
*/
|
||||
struct udev_enumerate;
|
||||
struct udev_enumerate* udev_enumerate_ref(struct udev_enumerate *udev_enumerate);
|
||||
struct udev_enumerate* udev_enumerate_unref(struct udev_enumerate *udev_enumerate);
|
||||
struct udev_enumerate* udev_enumerate_ref(struct udev_enumerate *p);
|
||||
struct udev_enumerate* udev_enumerate_unref(struct udev_enumerate *p);
|
||||
struct udev* udev_enumerate_get_udev(struct udev_enumerate *udev_enumerate);
|
||||
struct udev_enumerate* udev_enumerate_new(struct udev *udev);
|
||||
/* device properties filter */
|
||||
@ -160,8 +160,8 @@ struct udev_list_entry* udev_enumerate_get_list_entry(struct udev_enumerate *ude
|
||||
* access to the currently running udev events
|
||||
*/
|
||||
struct udev_queue;
|
||||
struct udev_queue* udev_queue_ref(struct udev_queue *udev_queue);
|
||||
struct udev_queue* udev_queue_unref(struct udev_queue *udev_queue);
|
||||
struct udev_queue* udev_queue_ref(struct udev_queue *p);
|
||||
struct udev_queue* udev_queue_unref(struct udev_queue *p);
|
||||
struct udev* udev_queue_get_udev(struct udev_queue *udev_queue);
|
||||
struct udev_queue* udev_queue_new(struct udev *udev);
|
||||
unsigned long long int udev_queue_get_kernel_seqnum(struct udev_queue *udev_queue) __attribute__((__deprecated__));
|
||||
@ -184,8 +184,8 @@ struct udev_list_entry* udev_queue_get_queued_list_entry(struct udev_queue *udev
|
||||
*/
|
||||
struct udev_hwdb;
|
||||
struct udev_hwdb* udev_hwdb_new(struct udev *udev);
|
||||
struct udev_hwdb* udev_hwdb_ref(struct udev_hwdb *hwdb);
|
||||
struct udev_hwdb* udev_hwdb_unref(struct udev_hwdb *hwdb);
|
||||
struct udev_hwdb* udev_hwdb_ref(struct udev_hwdb *p);
|
||||
struct udev_hwdb* udev_hwdb_unref(struct udev_hwdb *p);
|
||||
struct udev_list_entry* udev_hwdb_get_properties_list_entry(struct udev_hwdb *hwdb, const char *modalias, unsigned flags);
|
||||
|
||||
/*
|
||||
|
||||
@ -6,7 +6,6 @@
|
||||
#include "sd-bus.h"
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "copy.h"
|
||||
#include "env-file.h"
|
||||
#include "errno-util.h"
|
||||
#include "escape.h"
|
||||
@ -19,13 +18,17 @@
|
||||
#include "localed-util.h"
|
||||
#include "log.h"
|
||||
#include "mkdir-label.h"
|
||||
#include "process-util.h"
|
||||
#include "stat-util.h"
|
||||
#include "string-util.h"
|
||||
#include "strv.h"
|
||||
#include "tmpfile-util.h"
|
||||
#include "xkbcommon-util.h"
|
||||
|
||||
#if HAVE_LOCALEGEN
|
||||
#include "copy.h"
|
||||
#include "process-util.h"
|
||||
#endif
|
||||
|
||||
int x11_context_verify_and_warn(const X11Context *xc, int log_level, sd_bus_error *error) {
|
||||
int r;
|
||||
|
||||
@ -573,10 +576,12 @@ int locale_gen_enable_locale(const char *locale) {
|
||||
|
||||
int locale_gen_run(void) {
|
||||
#if HAVE_LOCALEGEN
|
||||
pid_t pid;
|
||||
int r;
|
||||
|
||||
r = safe_fork("(sd-localegen)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_WAIT, &pid);
|
||||
r = pidref_safe_fork(
|
||||
"(locale-gen)",
|
||||
FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_WAIT,
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
|
||||
@ -9,6 +9,7 @@
|
||||
#include "alloc-util.h"
|
||||
#include "bus-message-util.h"
|
||||
#include "device-util.h"
|
||||
#include "event-util.h"
|
||||
#include "format-util.h"
|
||||
#include "hash-funcs.h"
|
||||
#include "logind.h"
|
||||
@ -42,8 +43,6 @@ typedef struct BrightnessWriter {
|
||||
sd_device *device;
|
||||
char *path;
|
||||
|
||||
pid_t child;
|
||||
|
||||
uint32_t brightness;
|
||||
bool again;
|
||||
|
||||
@ -111,8 +110,6 @@ static int on_brightness_writer_exit(sd_event_source *s, const siginfo_t *si, vo
|
||||
assert(s);
|
||||
assert(si);
|
||||
|
||||
assert(si->si_pid == w->child);
|
||||
w->child = 0;
|
||||
w->child_event_source = sd_event_source_unref(w->child_event_source);
|
||||
|
||||
brightness_writer_reply(w,
|
||||
@ -142,10 +139,13 @@ static int brightness_writer_fork(BrightnessWriter *w) {
|
||||
|
||||
assert(w);
|
||||
assert(w->manager);
|
||||
assert(w->child == 0);
|
||||
assert(!w->child_event_source);
|
||||
|
||||
r = safe_fork("(sd-bright)", FORK_DEATHSIG_SIGKILL|FORK_REARRANGE_STDIO|FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_REOPEN_LOG, &w->child);
|
||||
_cleanup_(pidref_done_sigkill_wait) PidRef pidref = PIDREF_NULL;
|
||||
r = pidref_safe_fork(
|
||||
"(sd-bright)",
|
||||
FORK_DEATHSIG_SIGKILL|FORK_REARRANGE_STDIO|FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_REOPEN_LOG,
|
||||
&pidref);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
@ -163,9 +163,15 @@ static int brightness_writer_fork(BrightnessWriter *w) {
|
||||
_exit(EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
r = sd_event_add_child(w->manager->event, &w->child_event_source, w->child, WEXITED, on_brightness_writer_exit, w);
|
||||
r = event_add_child_pidref(w->manager->event, &w->child_event_source, &pidref, WEXITED, on_brightness_writer_exit, w);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to watch brightness writer child " PID_FMT ": %m", w->child);
|
||||
return log_error_errno(r, "Failed to watch brightness writer child " PID_FMT ": %m", pidref.pid);
|
||||
|
||||
r = sd_event_source_set_child_process_own(w->child_event_source, true);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to take ownership of child process: %m");
|
||||
|
||||
pidref_done(&pidref);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -15,6 +15,7 @@
|
||||
#include "log.h"
|
||||
#include "mountfsd-manager.h"
|
||||
#include "pidfd-util.h"
|
||||
#include "pidref.h"
|
||||
#include "process-util.h"
|
||||
#include "set.h"
|
||||
#include "signal-util.h"
|
||||
@ -125,19 +126,19 @@ Manager* manager_free(Manager *m) {
|
||||
static int start_one_worker(Manager *m) {
|
||||
_cleanup_(sd_event_source_disable_unrefp) sd_event_source *source = NULL;
|
||||
bool fixed;
|
||||
pid_t pid;
|
||||
int r;
|
||||
|
||||
assert(m);
|
||||
|
||||
fixed = set_size(m->workers_fixed) < MOUNTFS_WORKERS_MIN;
|
||||
|
||||
r = safe_fork_full(
|
||||
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
|
||||
r = pidref_safe_fork_full(
|
||||
"(sd-worker)",
|
||||
/* stdio_fds= */ NULL,
|
||||
&m->listen_fd, 1,
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_REOPEN_LOG|FORK_LOG|FORK_CLOSE_ALL_FDS,
|
||||
&pid);
|
||||
&pidref);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to fork new worker child: %m");
|
||||
if (r == 0) {
|
||||
@ -158,7 +159,7 @@ static int start_one_worker(Manager *m) {
|
||||
safe_close(m->listen_fd);
|
||||
}
|
||||
|
||||
r = setenvf("LISTEN_PID", /* overwrite= */ true, PID_FMT, pid);
|
||||
r = setenvf("LISTEN_PID", /* overwrite= */ true, PID_FMT, pidref.pid);
|
||||
if (r < 0) {
|
||||
log_error_errno(r, "Failed to set $LISTEN_PID: %m");
|
||||
_exit(EXIT_FAILURE);
|
||||
@ -194,9 +195,9 @@ static int start_one_worker(Manager *m) {
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
r = sd_event_add_child(m->event, &source, pid, WEXITED, on_worker_exit, m);
|
||||
r = event_add_child_pidref(m->event, &source, &pidref, WEXITED, on_worker_exit, m);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to watch child " PID_FMT ": %m", pid);
|
||||
return log_error_errno(r, "Failed to watch child " PID_FMT ": %m", pidref.pid);
|
||||
|
||||
r = set_ensure_put(
|
||||
fixed ? &m->workers_fixed : &m->workers_dynamic,
|
||||
|
||||
@ -513,7 +513,10 @@ static int netns_fork_and_wait(int netns_fd, int *ret_original_netns_fd) {
|
||||
|
||||
assert(netns_fd >= 0);
|
||||
|
||||
r = safe_fork("(sd-netns)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_LOG|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, NULL);
|
||||
r = pidref_safe_fork(
|
||||
"(sd-netns)",
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_LOG|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE,
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to fork process (sd-netns): %m");
|
||||
if (r == 0) {
|
||||
|
||||
@ -22,6 +22,7 @@
|
||||
#include "nsresourced-manager.h"
|
||||
#include "parse-util.h"
|
||||
#include "pidfd-util.h"
|
||||
#include "pidref.h"
|
||||
#include "process-util.h"
|
||||
#include "recurse-dir.h"
|
||||
#include "set.h"
|
||||
@ -162,19 +163,19 @@ static size_t manager_current_workers(Manager *m) {
|
||||
static int start_one_worker(Manager *m) {
|
||||
_cleanup_(sd_event_source_disable_unrefp) sd_event_source *source = NULL;
|
||||
bool fixed;
|
||||
pid_t pid;
|
||||
int r;
|
||||
|
||||
assert(m);
|
||||
|
||||
fixed = set_size(m->workers_fixed) < NSRESOURCE_WORKERS_MIN;
|
||||
|
||||
r = safe_fork_full(
|
||||
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
|
||||
r = pidref_safe_fork_full(
|
||||
"(sd-worker)",
|
||||
/* stdio_fds= */ NULL,
|
||||
&m->listen_fd, 1,
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_REOPEN_LOG|FORK_LOG|FORK_CLOSE_ALL_FDS,
|
||||
&pid);
|
||||
&pidref);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to fork new worker child: %m");
|
||||
if (r == 0) {
|
||||
@ -195,7 +196,7 @@ static int start_one_worker(Manager *m) {
|
||||
safe_close(m->listen_fd);
|
||||
}
|
||||
|
||||
r = setenvf("LISTEN_PID", /* overwrite= */ true, PID_FMT, pid);
|
||||
r = setenvf("LISTEN_PID", /* overwrite= */ true, PID_FMT, pidref.pid);
|
||||
if (r < 0) {
|
||||
log_error_errno(r, "Failed to set $LISTEN_PID: %m");
|
||||
_exit(EXIT_FAILURE);
|
||||
@ -243,9 +244,9 @@ static int start_one_worker(Manager *m) {
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
r = sd_event_add_child(m->event, &source, pid, WEXITED, on_worker_exit, m);
|
||||
r = event_add_child_pidref(m->event, &source, &pidref, WEXITED, on_worker_exit, m);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to watch child " PID_FMT ": %m", pid);
|
||||
return log_error_errno(r, "Failed to watch child " PID_FMT ": %m", pidref.pid);
|
||||
|
||||
r = set_ensure_put(
|
||||
fixed ? &m->workers_fixed : &m->workers_dynamic,
|
||||
|
||||
@ -12,6 +12,7 @@
|
||||
#include "oomd-util.h"
|
||||
#include "parse-util.h"
|
||||
#include "path-util.h"
|
||||
#include "pidref.h"
|
||||
#include "process-util.h"
|
||||
#include "set.h"
|
||||
#include "tests.h"
|
||||
@ -39,11 +40,10 @@ static int enter_cgroup_root_cached(void) {
|
||||
return saved_result;
|
||||
}
|
||||
|
||||
static int fork_and_sleep(unsigned sleep_min) {
|
||||
pid_t pid;
|
||||
static int fork_and_sleep(unsigned sleep_min, PidRef *ret) {
|
||||
int r;
|
||||
|
||||
ASSERT_OK(r = safe_fork("(test-oom-child)", /* flags= */ 0, &pid));
|
||||
r = pidref_safe_fork("(test-oom-child)", FORK_LOG|FORK_DEATHSIG_SIGKILL, ret);
|
||||
if (r == 0) {
|
||||
usec_t timeout = usec_add(now(CLOCK_MONOTONIC), sleep_min * USEC_PER_MINUTE);
|
||||
for (;;) {
|
||||
@ -56,7 +56,7 @@ static int fork_and_sleep(unsigned sleep_min) {
|
||||
}
|
||||
}
|
||||
|
||||
return pid;
|
||||
return r;
|
||||
}
|
||||
|
||||
TEST(oomd_cgroup_kill) {
|
||||
@ -81,12 +81,12 @@ TEST(oomd_cgroup_kill) {
|
||||
/* Do this twice to also check the increment behavior on the xattrs */
|
||||
for (size_t i = 0; i < 2; i++) {
|
||||
_cleanup_free_ char *v = NULL;
|
||||
pid_t pid[2];
|
||||
_cleanup_(pidref_done) PidRef one = PIDREF_NULL, two = PIDREF_NULL;
|
||||
|
||||
for (size_t j = 0; j < 2; j++) {
|
||||
pid[j] = fork_and_sleep(5);
|
||||
ASSERT_OK(cg_attach(subcgroup, pid[j]));
|
||||
}
|
||||
ASSERT_OK(fork_and_sleep(5, &one));
|
||||
ASSERT_OK(cg_attach(subcgroup, one.pid));
|
||||
ASSERT_OK(fork_and_sleep(5, &two));
|
||||
ASSERT_OK(cg_attach(subcgroup, two.pid));
|
||||
|
||||
ASSERT_OK_POSITIVE(oomd_cgroup_kill(subcgroup, false /* recurse */, false /* dry run */));
|
||||
|
||||
|
||||
@ -99,7 +99,10 @@ static int run(int argc, char *argv[]) {
|
||||
return log_oom();
|
||||
}
|
||||
|
||||
r = safe_fork("(quotacheck)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_WAIT|FORK_LOG, NULL);
|
||||
r = pidref_safe_fork(
|
||||
"(quotacheck)",
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_WAIT|FORK_LOG,
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
|
||||
@ -15,6 +15,7 @@
|
||||
#include "main-func.h"
|
||||
#include "mount-setup.h"
|
||||
#include "path-util.h"
|
||||
#include "pidref.h"
|
||||
#include "process-util.h"
|
||||
#include "signal-util.h"
|
||||
|
||||
@ -42,15 +43,17 @@ static int track_pid(Hashmap **h, const char *path, pid_t pid) {
|
||||
}
|
||||
|
||||
static int do_remount(const char *path, bool force_rw, Hashmap **pids) {
|
||||
pid_t pid;
|
||||
int r;
|
||||
|
||||
assert(path);
|
||||
|
||||
log_debug("Remounting %s...", path);
|
||||
|
||||
r = safe_fork(force_rw ? "(remount-rw)" : "(remount)",
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid);
|
||||
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
|
||||
r = pidref_safe_fork(
|
||||
force_rw ? "(remount-rw)" : "(remount)",
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG,
|
||||
&pidref);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
@ -65,7 +68,7 @@ static int do_remount(const char *path, bool force_rw, Hashmap **pids) {
|
||||
}
|
||||
|
||||
/* Parent */
|
||||
return track_pid(pids, path, pid);
|
||||
return track_pid(pids, path, pidref.pid);
|
||||
}
|
||||
|
||||
static int remount_by_fstab(Hashmap **ret_pids) {
|
||||
|
||||
@ -6719,7 +6719,10 @@ static int partition_populate_filesystem(Context *context, Partition *p, const c
|
||||
|
||||
(void) dlopen_libmount();
|
||||
|
||||
r = safe_fork("(sd-copy)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, NULL);
|
||||
r = pidref_safe_fork(
|
||||
"(sd-copy)",
|
||||
FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE,
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
|
||||
@ -8,7 +8,6 @@
|
||||
#include <string.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/wait.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "sd-event.h"
|
||||
@ -20,6 +19,7 @@
|
||||
#include "fd-util.h"
|
||||
#include "log.h"
|
||||
#include "path-util.h"
|
||||
#include "pidref.h"
|
||||
#include "process-util.h"
|
||||
#include "random-util.h"
|
||||
#include "resolved-dns-server.h"
|
||||
@ -121,7 +121,6 @@ static void *tcp_dns_server(void *p) {
|
||||
* Spawns a DNS TLS server using the command line "openssl s_server" tool.
|
||||
*/
|
||||
static void *tls_dns_server(void *p) {
|
||||
pid_t openssl_pid;
|
||||
int r;
|
||||
_cleanup_close_ int fd_server = -EBADF, fd_tls = -EBADF;
|
||||
_cleanup_free_ char *cert_path = NULL, *key_path = NULL;
|
||||
@ -145,12 +144,13 @@ static void *tls_dns_server(void *p) {
|
||||
fd_tls = fd[1];
|
||||
}
|
||||
|
||||
r = safe_fork_full("(test-resolved-stream-tls-openssl)",
|
||||
_cleanup_(pidref_done) PidRef openssl_pidref = PIDREF_NULL;
|
||||
r = ASSERT_OK(pidref_safe_fork_full(
|
||||
"(test-resolved-stream-tls-openssl)",
|
||||
(int[]) { fd_tls, fd_tls, STDOUT_FILENO },
|
||||
NULL, 0,
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG|FORK_REOPEN_LOG,
|
||||
&openssl_pid);
|
||||
assert_se(r >= 0);
|
||||
&openssl_pidref));
|
||||
if (r == 0) {
|
||||
/* Child */
|
||||
execlp("openssl", "openssl", "s_server", "-accept", bind_str,
|
||||
@ -165,8 +165,8 @@ static void *tls_dns_server(void *p) {
|
||||
|
||||
/* Once the test is done kill the TLS server to release the port */
|
||||
assert_se(pthread_mutex_lock(server_lock) == 0);
|
||||
assert_se(kill(openssl_pid, SIGTERM) >= 0);
|
||||
assert_se(waitpid(openssl_pid, NULL, 0) >= 0);
|
||||
assert_se(pidref_kill(&openssl_pidref, SIGTERM) >= 0);
|
||||
assert_se(pidref_wait_for_terminate(&openssl_pidref, NULL) >= 0);
|
||||
assert_se(pthread_mutex_unlock(server_lock) == 0);
|
||||
}
|
||||
|
||||
@ -333,7 +333,7 @@ static int try_isolate_network(void) {
|
||||
/* First test if CLONE_NEWUSER/CLONE_NEWNET can actually work for us, i.e. we can open the namespaces
|
||||
* and then still access the build dir we are run from. We do that in a child process since it's
|
||||
* nasty if we have to go back from the namespace once we entered it and realized it cannot work. */
|
||||
r = safe_fork("(usernstest)", FORK_DEATHSIG_SIGKILL|FORK_LOG|FORK_WAIT, NULL);
|
||||
r = pidref_safe_fork("(usernstest)", FORK_DEATHSIG_SIGKILL|FORK_LOG|FORK_WAIT, NULL);
|
||||
if (r == 0) { /* child */
|
||||
_cleanup_free_ char *rt = NULL, *d = NULL;
|
||||
|
||||
|
||||
@ -149,7 +149,7 @@ int asynchronous_rm_rf(const char *p, RemoveFlags flags) {
|
||||
/* Forks off a child that destroys the specified path. This will be best effort only, i.e. the child
|
||||
* will attempt to do its thing, but we won't wait for it or check its success. */
|
||||
|
||||
r = safe_fork("(sd-rmrf)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DETACH, NULL);
|
||||
r = pidref_safe_fork("(sd-rmrf)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DETACH, /* ret= */ NULL);
|
||||
if (r != 0)
|
||||
return r;
|
||||
|
||||
|
||||
@ -1155,12 +1155,12 @@ static int unprivileged_remove(Image *i) {
|
||||
if (r < 0)
|
||||
return r;
|
||||
/* Fork off child that moves into userns and does the copying */
|
||||
r = safe_fork_full(
|
||||
r = pidref_safe_fork_full(
|
||||
"rm-tree",
|
||||
/* stdio_fds= */ NULL,
|
||||
(int[]) { userns_fd, tree_fd, }, 2,
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_REOPEN_LOG,
|
||||
/* ret_pid= */ NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return log_debug_errno(r, "Process that was supposed to remove tree failed: %m");
|
||||
if (r == 0) {
|
||||
@ -1508,12 +1508,12 @@ static int unpriviled_clone(Image *i, const char *new_path) {
|
||||
return r;
|
||||
|
||||
/* Fork off child that moves into userns and does the copying */
|
||||
r = safe_fork_full(
|
||||
r = pidref_safe_fork_full(
|
||||
"clone-tree",
|
||||
/* stdio_fds= */ NULL,
|
||||
(int[]) { userns_fd, tree_fd, target_fd }, 3,
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_REOPEN_LOG,
|
||||
/* ret_pid= */ NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return log_debug_errno(r, "Process that was supposed to clone tree failed: %m");
|
||||
if (r == 0) {
|
||||
|
||||
@ -313,7 +313,10 @@ static int run_editor(const EditFileContext *context) {
|
||||
|
||||
assert(context);
|
||||
|
||||
r = safe_fork("(editor)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG|FORK_LOG|FORK_WAIT, NULL);
|
||||
r = pidref_safe_fork(
|
||||
"(editor)",
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG|FORK_LOG|FORK_WAIT,
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) { /* Child */
|
||||
|
||||
@ -857,12 +857,12 @@ int parse_elf_object(
|
||||
* bound since the core files have an upper size limit. It's also not doing any
|
||||
* system call or interacting with the system in any way, besides reading from
|
||||
* the file descriptor and writing into these four pipes. */
|
||||
r = safe_fork_full("(sd-parse-elf)",
|
||||
NULL,
|
||||
r = pidref_safe_fork_full("(sd-parse-elf)",
|
||||
/* stdio_fds= */ NULL,
|
||||
(int[]){ fd, error_pipe[1], return_pipe[1], package_metadata_pipe[1], dlopen_metadata_pipe[1] },
|
||||
5,
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE|FORK_NEW_USERNS|FORK_WAIT|FORK_REOPEN_LOG,
|
||||
NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0) {
|
||||
if (r == -EPROTO) { /* We should have the errno from the child, but don't clobber original error */
|
||||
ssize_t k;
|
||||
|
||||
@ -45,11 +45,11 @@ typedef struct JournalImporter {
|
||||
#define JOURNAL_IMPORTER_INIT(_fd) { .fd = (_fd), .iovw = {} }
|
||||
#define JOURNAL_IMPORTER_MAKE(_fd) (JournalImporter) JOURNAL_IMPORTER_INIT(_fd)
|
||||
|
||||
void journal_importer_cleanup(JournalImporter *);
|
||||
int journal_importer_process_data(JournalImporter *);
|
||||
int journal_importer_push_data(JournalImporter *, const char *data, size_t size);
|
||||
void journal_importer_drop_iovw(JournalImporter *);
|
||||
bool journal_importer_eof(const JournalImporter *);
|
||||
void journal_importer_cleanup(JournalImporter *imp);
|
||||
int journal_importer_process_data(JournalImporter *imp);
|
||||
int journal_importer_push_data(JournalImporter *imp, const char *data, size_t size);
|
||||
void journal_importer_drop_iovw(JournalImporter *imp);
|
||||
bool journal_importer_eof(const JournalImporter *imp);
|
||||
|
||||
static inline size_t journal_importer_bytes_remaining(const JournalImporter *imp) {
|
||||
return imp->filled;
|
||||
|
||||
@ -152,7 +152,10 @@ static int do_mcopy(const char *node, const char *root) {
|
||||
if (strv_extend(&argv, "::") < 0)
|
||||
return log_oom();
|
||||
|
||||
r = safe_fork("(mcopy)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS, NULL);
|
||||
r = pidref_safe_fork(
|
||||
"(mcopy)",
|
||||
FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS,
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
@ -683,13 +686,13 @@ int make_filesystem(
|
||||
log_debug("Executing mkfs command: %s", strna(j));
|
||||
}
|
||||
|
||||
r = safe_fork_full(
|
||||
r = pidref_safe_fork_full(
|
||||
"(mkfs)",
|
||||
stdio_fds,
|
||||
/* except_fds= */ NULL,
|
||||
/* n_except_fds= */ 0,
|
||||
fork_flags,
|
||||
/* ret_pid= */ NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
|
||||
@ -1452,12 +1452,12 @@ int mount_fd_clone(int mount_fd, bool recursive, int *replacement_fd) {
|
||||
return log_debug_errno(errno, "Failed to open pipe: %m");
|
||||
|
||||
/* Fork a child. Note that we set FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE here, i.e. get a new mount namespace */
|
||||
r = safe_fork_full(
|
||||
r = pidref_safe_fork_full(
|
||||
"(sd-clonemnt)",
|
||||
/* stdio_fds= */ NULL,
|
||||
(int[]) { mount_fd, transfer_fds[1], errno_pipe_fds[1] }, 3,
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_REOPEN_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE,
|
||||
/* ret_pid= */ NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0) {
|
||||
errno_pipe_fds[1] = safe_close(errno_pipe_fds[1]);
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@
|
||||
#include "strv.h"
|
||||
#include "terminal-util.h"
|
||||
|
||||
static pid_t pager_pid = 0;
|
||||
static PidRef pager_pidref = PIDREF_NULL;
|
||||
|
||||
static int stored_stdout = -1;
|
||||
static int stored_stderr = -1;
|
||||
@ -103,7 +103,7 @@ void pager_open(PagerFlags flags) {
|
||||
if (flags & PAGER_DISABLE)
|
||||
return;
|
||||
|
||||
if (pager_pid > 0)
|
||||
if (pidref_is_set(&pager_pidref))
|
||||
return;
|
||||
|
||||
if (terminal_is_dumb())
|
||||
@ -150,7 +150,10 @@ void pager_open(PagerFlags flags) {
|
||||
}
|
||||
|
||||
/* We set SIGINT as PR_DEATHSIG signal here, to match the "K" parameter we set in $LESS, which enables SIGINT behaviour. */
|
||||
r = safe_fork("(pager)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGINT|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pager_pid);
|
||||
r = pidref_safe_fork(
|
||||
"(pager)",
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGINT|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG,
|
||||
&pager_pidref);
|
||||
if (r < 0)
|
||||
return;
|
||||
if (r == 0) {
|
||||
@ -272,7 +275,7 @@ void pager_open(PagerFlags flags) {
|
||||
|
||||
void pager_close(void) {
|
||||
|
||||
if (pager_pid <= 0)
|
||||
if (!pidref_is_set(&pager_pidref))
|
||||
return;
|
||||
|
||||
/* Inform pager that we are done */
|
||||
@ -288,15 +291,13 @@ void pager_close(void) {
|
||||
stored_stderr = safe_close(stored_stderr);
|
||||
stdout_redirected = stderr_redirected = false;
|
||||
|
||||
(void) kill(pager_pid, SIGCONT);
|
||||
_cleanup_(pidref_done) PidRef pidref = PIDREF_MAKE_FROM_PID(pager_pid);
|
||||
(void) pidref_set_pid(&pidref, pager_pid);
|
||||
(void) pidref_wait_for_terminate(&pidref, NULL);
|
||||
TAKE_PID(pager_pid);
|
||||
(void) pidref_kill(&pager_pidref, SIGCONT);
|
||||
(void) pidref_wait_for_terminate(&pager_pidref, /* ret_si= */ NULL);
|
||||
pidref_done(&pager_pidref);
|
||||
}
|
||||
|
||||
bool pager_have(void) {
|
||||
return pager_pid > 0;
|
||||
return pidref_is_set(&pager_pidref);
|
||||
}
|
||||
|
||||
int show_man_page(const char *desc, bool null_stdio) {
|
||||
|
||||
@ -611,7 +611,10 @@ int main(int argc, char *argv[]) {
|
||||
/* We cheat and exec kexec to avoid doing all its work */
|
||||
log_info("Rebooting with kexec.");
|
||||
|
||||
r = safe_fork("(sd-kexec)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_WAIT, NULL);
|
||||
r = pidref_safe_fork(
|
||||
"(sd-kexec)",
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_WAIT,
|
||||
/* ret= */ NULL);
|
||||
if (r == 0) {
|
||||
/* Child */
|
||||
|
||||
|
||||
@ -18,6 +18,7 @@
|
||||
#include "log.h"
|
||||
#include "main-func.h"
|
||||
#include "pidfd-util.h"
|
||||
#include "pidref.h"
|
||||
#include "pretty-print.h"
|
||||
#include "process-util.h"
|
||||
#include "socket-netlink.h"
|
||||
@ -238,7 +239,6 @@ static int exec_process(char * const *argv, int start_fd, size_t n_fds) {
|
||||
|
||||
static int fork_and_exec_process(char * const *argv, int fd) {
|
||||
_cleanup_free_ char *joined = NULL;
|
||||
pid_t child_pid;
|
||||
int r;
|
||||
|
||||
assert(!strv_isempty(argv));
|
||||
@ -248,9 +248,11 @@ static int fork_and_exec_process(char * const *argv, int fd) {
|
||||
if (!joined)
|
||||
return log_oom();
|
||||
|
||||
r = safe_fork("(activate)",
|
||||
_cleanup_(pidref_done) PidRef child_pidref = PIDREF_NULL;
|
||||
r = pidref_safe_fork(
|
||||
"(activate)",
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG,
|
||||
&child_pid);
|
||||
&child_pidref);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
@ -259,7 +261,7 @@ static int fork_and_exec_process(char * const *argv, int fd) {
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
log_info("Spawned '%s' as PID " PID_FMT ".", joined, child_pid);
|
||||
log_info("Spawned '%s' as PID " PID_FMT ".", joined, child_pidref.pid);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -557,7 +557,10 @@ static int unmerge(
|
||||
return r;
|
||||
need_to_reload = r > 0;
|
||||
|
||||
r = safe_fork("(sd-unmerge)", FORK_WAIT|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_NEW_MOUNTNS, /* ret_pid= */ NULL);
|
||||
r = pidref_safe_fork(
|
||||
"(sd-unmerge)",
|
||||
FORK_WAIT|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_NEW_MOUNTNS,
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
|
||||
#include "systemctl.h"
|
||||
|
||||
int daemon_reload(enum action, bool graceful);
|
||||
int daemon_reload(enum action action, bool graceful);
|
||||
|
||||
int verb_daemon_reload(int argc, char *argv[], void *userdata);
|
||||
|
||||
@ -27,9 +27,8 @@ int verb_preset_all(int argc, char *argv[], void *userdata) {
|
||||
|
||||
r = unit_file_preset_all(arg_runtime_scope, unit_file_flags_from_args(), arg_root, arg_preset_mode, &changes, &n_changes);
|
||||
install_changes_dump(r, "preset", changes, n_changes, arg_quiet);
|
||||
|
||||
if (r > 0)
|
||||
r = 0;
|
||||
if (r < 0)
|
||||
return r;
|
||||
} else {
|
||||
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
|
||||
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
|
||||
|
||||
@ -26,7 +26,6 @@ static int load_kexec_kernel(void) {
|
||||
_cleanup_(boot_config_free) BootConfig config = BOOT_CONFIG_NULL;
|
||||
_cleanup_free_ char *kernel = NULL, *initrd = NULL, *options = NULL;
|
||||
const BootEntry *e;
|
||||
pid_t pid;
|
||||
int r;
|
||||
|
||||
if (kexec_loaded()) {
|
||||
@ -89,7 +88,10 @@ static int load_kexec_kernel(void) {
|
||||
if (arg_dry_run)
|
||||
return 0;
|
||||
|
||||
r = safe_fork("(kexec)", FORK_WAIT|FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid);
|
||||
r = pidref_safe_fork(
|
||||
"(kexec)",
|
||||
FORK_WAIT|FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG,
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
|
||||
@ -104,9 +104,9 @@ int sd_journal_get_seqnum(sd_journal *j, uint64_t *ret_seqnum, sd_id128_t *ret_s
|
||||
int sd_journal_set_data_threshold(sd_journal *j, size_t sz);
|
||||
int sd_journal_get_data_threshold(sd_journal *j, size_t *sz);
|
||||
|
||||
int sd_journal_get_data(sd_journal *j, const char *field, const void **data, size_t *length);
|
||||
int sd_journal_enumerate_data(sd_journal *j, const void **data, size_t *length);
|
||||
int sd_journal_enumerate_available_data(sd_journal *j, const void **data, size_t *length);
|
||||
int sd_journal_get_data(sd_journal *j, const char *field, const void **ret_data, size_t *ret_size);
|
||||
int sd_journal_enumerate_data(sd_journal *j, const void **ret_data, size_t *ret_size);
|
||||
int sd_journal_enumerate_available_data(sd_journal *j, const void **ret_data, size_t *ret_size);
|
||||
void sd_journal_restart_data(sd_journal *j);
|
||||
|
||||
int sd_journal_add_match(sd_journal *j, const void *data, size_t size);
|
||||
@ -120,20 +120,20 @@ int sd_journal_seek_monotonic_usec(sd_journal *j, sd_id128_t boot_id, uint64_t u
|
||||
int sd_journal_seek_realtime_usec(sd_journal *j, uint64_t usec);
|
||||
int sd_journal_seek_cursor(sd_journal *j, const char *cursor);
|
||||
|
||||
int sd_journal_get_cursor(sd_journal *j, char **ret_cursor);
|
||||
int sd_journal_get_cursor(sd_journal *j, char **ret);
|
||||
int sd_journal_test_cursor(sd_journal *j, const char *cursor);
|
||||
|
||||
int sd_journal_get_cutoff_realtime_usec(sd_journal *j, uint64_t *from, uint64_t *to);
|
||||
int sd_journal_get_cutoff_monotonic_usec(sd_journal *j, const sd_id128_t boot_id, uint64_t *from, uint64_t *to);
|
||||
int sd_journal_get_cutoff_monotonic_usec(sd_journal *j, sd_id128_t boot_id, uint64_t *from, uint64_t *to);
|
||||
|
||||
int sd_journal_get_usage(sd_journal *j, uint64_t *ret_bytes);
|
||||
|
||||
int sd_journal_query_unique(sd_journal *j, const char *field);
|
||||
int sd_journal_enumerate_unique(sd_journal *j, const void **data, size_t *length);
|
||||
int sd_journal_enumerate_available_unique(sd_journal *j, const void **data, size_t *length);
|
||||
int sd_journal_enumerate_unique(sd_journal *j, const void **ret_data, size_t *ret_size);
|
||||
int sd_journal_enumerate_available_unique(sd_journal *j, const void **ret_data, size_t *ret_size);
|
||||
void sd_journal_restart_unique(sd_journal *j);
|
||||
|
||||
int sd_journal_enumerate_fields(sd_journal *j, const char **field);
|
||||
int sd_journal_enumerate_fields(sd_journal *j, const char **ret);
|
||||
void sd_journal_restart_fields(sd_journal *j);
|
||||
|
||||
int sd_journal_get_fd(sd_journal *j);
|
||||
|
||||
@ -335,7 +335,7 @@ int sd_json_variant_strv(sd_json_variant *v, char ***ret);
|
||||
int sd_json_variant_unbase64(sd_json_variant *v, void **ret, size_t *ret_size);
|
||||
int sd_json_variant_unhex(sd_json_variant *v, void **ret, size_t *ret_size);
|
||||
|
||||
const char* sd_json_variant_type_to_string(sd_json_variant_type_t t);
|
||||
const char* sd_json_variant_type_to_string(sd_json_variant_type_t i);
|
||||
sd_json_variant_type_t sd_json_variant_type_from_string(const char *s);
|
||||
|
||||
static __inline__ int sd_json_format_enabled(sd_json_format_flags_t flags) {
|
||||
|
||||
@ -63,7 +63,7 @@ static void test_rename_process_one(const char *p, int ret) {
|
||||
|
||||
log_info("/* %s(%s) */", __func__, p);
|
||||
|
||||
r = ASSERT_OK(safe_fork("(rename)", FORK_WAIT|FORK_LOG|FORK_DEATHSIG_SIGKILL, /* ret_pid= */ NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(rename)", FORK_WAIT|FORK_LOG|FORK_DEATHSIG_SIGKILL, /* ret= */ NULL));
|
||||
|
||||
if (r == 0) {
|
||||
/* child */
|
||||
@ -80,7 +80,7 @@ TEST(rename_process_invalid) {
|
||||
TEST(rename_process_multi) {
|
||||
int r;
|
||||
|
||||
r = ASSERT_OK(safe_fork("(rename)", FORK_WAIT|FORK_LOG|FORK_DEATHSIG_SIGKILL, /* ret_pid= */ NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(rename)", FORK_WAIT|FORK_LOG|FORK_DEATHSIG_SIGKILL, /* ret= */ NULL));
|
||||
|
||||
if (r == 0) {
|
||||
/* child */
|
||||
|
||||
@ -42,8 +42,10 @@ TEST(asynchronous_close) {
|
||||
asynchronous_close(fd);
|
||||
wait_fd_closed(fd);
|
||||
|
||||
r = safe_fork("(subreaper)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_LOG|FORK_WAIT, NULL);
|
||||
ASSERT_OK(r);
|
||||
r = ASSERT_OK(pidref_safe_fork(
|
||||
"(subreaper)",
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_LOG|FORK_WAIT,
|
||||
NULL));
|
||||
|
||||
if (r == 0) {
|
||||
/* child */
|
||||
@ -84,8 +86,10 @@ TEST(asynchronous_rm_rf) {
|
||||
/* Do this once more, from a subreaper. Which is nice, because we can watch the async child even
|
||||
* though detached */
|
||||
|
||||
r = safe_fork("(subreaper)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REOPEN_LOG|FORK_LOG|FORK_WAIT, NULL);
|
||||
ASSERT_OK(r);
|
||||
r = ASSERT_OK(pidref_safe_fork(
|
||||
"(subreaper)",
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REOPEN_LOG|FORK_LOG|FORK_WAIT,
|
||||
NULL));
|
||||
|
||||
if (r == 0) {
|
||||
_cleanup_free_ char *tt = NULL, *kk = NULL;
|
||||
|
||||
@ -224,8 +224,10 @@ static void test_capability_get_ambient(void) {
|
||||
if (r <= 0)
|
||||
return (void) log_tests_skipped("Lacking CAP_LINUX_IMMUTABLE, skipping getambient test.");
|
||||
|
||||
r = safe_fork("(getambient)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_LOG, NULL);
|
||||
ASSERT_OK(r);
|
||||
r = ASSERT_OK(pidref_safe_fork(
|
||||
"(getambient)",
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_LOG,
|
||||
NULL));
|
||||
|
||||
if (r == 0) {
|
||||
int x, y;
|
||||
|
||||
@ -494,7 +494,7 @@ TEST(setenv_systemd_exec_pid) {
|
||||
TEST(getenv_steal_erase) {
|
||||
int r;
|
||||
|
||||
r = safe_fork("(sd-getenvstealerase)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL);
|
||||
r = pidref_safe_fork("(sd-getenvstealerase)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL);
|
||||
if (r == 0) {
|
||||
_cleanup_strv_free_ char **l = NULL;
|
||||
|
||||
|
||||
@ -17,6 +17,7 @@
|
||||
#include "cpu-set-util.h"
|
||||
#include "dropin.h"
|
||||
#include "errno-list.h"
|
||||
#include "event-util.h"
|
||||
#include "extract-word.h"
|
||||
#include "fd-util.h"
|
||||
#include "fileio.h"
|
||||
@ -671,11 +672,9 @@ reenable:
|
||||
}
|
||||
|
||||
static int on_spawn_timeout(sd_event_source *s, uint64_t usec, void *userdata) {
|
||||
pid_t *pid = userdata;
|
||||
PidRef *pidref = ASSERT_PTR(userdata);
|
||||
|
||||
ASSERT_NOT_NULL(pid);
|
||||
|
||||
(void) kill(*pid, SIGKILL);
|
||||
(void) pidref_kill(pidref, SIGKILL);
|
||||
|
||||
return 1;
|
||||
}
|
||||
@ -700,7 +699,6 @@ static int find_libraries(const char *exec, char ***ret) {
|
||||
_cleanup_close_pair_ int outpipe[2] = EBADF_PAIR, errpipe[2] = EBADF_PAIR;
|
||||
_cleanup_strv_free_ char **libraries = NULL;
|
||||
_cleanup_free_ char *result = NULL;
|
||||
pid_t pid;
|
||||
int r;
|
||||
|
||||
ASSERT_NOT_NULL(exec);
|
||||
@ -709,10 +707,13 @@ static int find_libraries(const char *exec, char ***ret) {
|
||||
ASSERT_OK_ERRNO(pipe2(outpipe, O_NONBLOCK|O_CLOEXEC));
|
||||
ASSERT_OK_ERRNO(pipe2(errpipe, O_NONBLOCK|O_CLOEXEC));
|
||||
|
||||
r = safe_fork_full("(spawn-ldd)",
|
||||
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
|
||||
r = pidref_safe_fork_full(
|
||||
"(spawn-ldd)",
|
||||
(int[]) { -EBADF, outpipe[1], errpipe[1] },
|
||||
NULL, 0,
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG, &pid);
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG,
|
||||
&pidref);
|
||||
ASSERT_OK(r);
|
||||
if (r == 0) {
|
||||
execlp("ldd", "ldd", exec, NULL);
|
||||
@ -725,12 +726,12 @@ static int find_libraries(const char *exec, char ***ret) {
|
||||
ASSERT_OK(sd_event_new(&e));
|
||||
|
||||
ASSERT_OK(sd_event_add_time_relative(e, NULL, CLOCK_MONOTONIC,
|
||||
10 * USEC_PER_SEC, USEC_PER_SEC, on_spawn_timeout, &pid));
|
||||
10 * USEC_PER_SEC, USEC_PER_SEC, on_spawn_timeout, &pidref));
|
||||
ASSERT_OK(sd_event_add_io(e, &stdout_source, outpipe[0], EPOLLIN, on_spawn_io, &result));
|
||||
ASSERT_OK(sd_event_source_set_enabled(stdout_source, SD_EVENT_ONESHOT));
|
||||
ASSERT_OK(sd_event_add_io(e, &stderr_source, errpipe[0], EPOLLIN, on_spawn_io, NULL));
|
||||
ASSERT_OK(sd_event_source_set_enabled(stderr_source, SD_EVENT_ONESHOT));
|
||||
ASSERT_OK(sd_event_add_child(e, &sigchld_source, pid, WEXITED, on_spawn_exit, NULL));
|
||||
ASSERT_OK(event_add_child_pidref(e, &sigchld_source, &pidref, WEXITED, on_spawn_exit, NULL));
|
||||
/* Child exit should be processed after IO is complete */
|
||||
ASSERT_OK(sd_event_source_set_priority(sigchld_source, SD_EVENT_PRIORITY_NORMAL + 1));
|
||||
|
||||
@ -1464,7 +1465,8 @@ static void run_tests(RuntimeScope scope, char **patterns) {
|
||||
static int prepare_ns(const char *process_name) {
|
||||
int r;
|
||||
|
||||
r = safe_fork(process_name,
|
||||
r = pidref_safe_fork(
|
||||
process_name,
|
||||
FORK_RESET_SIGNALS|
|
||||
FORK_CLOSE_ALL_FDS|
|
||||
FORK_DEATHSIG_SIGTERM|
|
||||
|
||||
@ -157,10 +157,9 @@ TEST(fd_move_above_stdio) {
|
||||
}
|
||||
|
||||
TEST(rearrange_stdio) {
|
||||
pid_t pid;
|
||||
int r;
|
||||
|
||||
r = safe_fork("rearrange", FORK_WAIT|FORK_LOG, &pid);
|
||||
r = pidref_safe_fork("rearrange", FORK_WAIT|FORK_LOG, NULL);
|
||||
assert_se(r >= 0);
|
||||
|
||||
if (r == 0) {
|
||||
@ -335,27 +334,28 @@ static void test_close_all_fds_inner(int (*func)(const int except[], size_t n_ex
|
||||
}
|
||||
|
||||
TEST(close_all_fds) {
|
||||
ForkFlags flags = FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT;
|
||||
int r;
|
||||
|
||||
ASSERT_OK(r = safe_fork("(caf-plain)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(caf-plain)", flags, NULL));
|
||||
if (r == 0) {
|
||||
test_close_all_fds_inner(close_all_fds);
|
||||
_exit(EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
ASSERT_OK(r = safe_fork("(caf-nomalloc)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL));
|
||||
ASSERT_OK(r = pidref_safe_fork("(caf-nomalloc)", flags, NULL));
|
||||
if (r == 0) {
|
||||
test_close_all_fds_inner(close_all_fds_without_malloc);
|
||||
_exit(EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
ASSERT_OK(r = safe_fork("(caf-proc)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL));
|
||||
ASSERT_OK(r = pidref_safe_fork("(caf-proc)", flags, NULL));
|
||||
if (r == 0) {
|
||||
test_close_all_fds_inner(close_all_fds_by_proc);
|
||||
_exit(EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
ASSERT_OK(r = safe_fork("(caf-frugal)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL));
|
||||
ASSERT_OK(r = pidref_safe_fork("(caf-frugal)", flags, NULL));
|
||||
if (r == 0) {
|
||||
test_close_all_fds_inner(close_all_fds_frugal);
|
||||
_exit(EXIT_SUCCESS);
|
||||
|
||||
@ -12,10 +12,12 @@
|
||||
|
||||
#include "bus-locator.h"
|
||||
#include "bus-wait-for-jobs.h"
|
||||
#include "event-util.h"
|
||||
#include "fd-util.h"
|
||||
#include "format-util.h"
|
||||
#include "hashmap.h"
|
||||
#include "path-util.h"
|
||||
#include "pidref.h"
|
||||
#include "process-util.h"
|
||||
#include "random-util.h"
|
||||
#include "rm-rf.h"
|
||||
@ -198,7 +200,6 @@ TEST(real_pressure) {
|
||||
_cleanup_free_ char *scope = NULL;
|
||||
const char *object;
|
||||
int r;
|
||||
pid_t pid;
|
||||
|
||||
r = sd_bus_open_system(&bus);
|
||||
if (r < 0)
|
||||
@ -227,14 +228,15 @@ TEST(real_pressure) {
|
||||
|
||||
assert_se(pipe2(pipe_fd, O_CLOEXEC) >= 0);
|
||||
|
||||
r = safe_fork("(eat-memory)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM, &pid);
|
||||
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
|
||||
r = pidref_safe_fork("(eat-memory)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM, &pidref);
|
||||
assert_se(r >= 0);
|
||||
if (r == 0) {
|
||||
real_pressure_eat_memory(pipe_fd[0]);
|
||||
_exit(EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
assert_se(sd_event_add_child(e, &cs, pid, WEXITED, real_pressure_child_callback, NULL) >= 0);
|
||||
assert_se(event_add_child_pidref(e, &cs, &pidref, WEXITED, real_pressure_child_callback, NULL) >= 0);
|
||||
assert_se(sd_event_source_set_child_process_own(cs, true) >= 0);
|
||||
|
||||
assert_se(unsetenv("MEMORY_PRESSURE_WATCH") >= 0);
|
||||
|
||||
@ -80,7 +80,7 @@ TEST(mkdir_p_safe) {
|
||||
p = mfree(p);
|
||||
ASSERT_NOT_NULL(p = path_join(tmp, "zero-mode/should-fail-to-create-child"));
|
||||
ASSERT_OK(mkdir_parents_safe(tmp, p, 0000, UID_INVALID, GID_INVALID, 0));
|
||||
ASSERT_OK(r = safe_fork("(test-mkdir-no-cap)", FORK_DEATHSIG_SIGTERM | FORK_WAIT | FORK_LOG, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(test-mkdir-no-cap)", FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_LOG, NULL));
|
||||
if (r == 0) {
|
||||
(void) capability_bounding_set_drop(0, /* right_now= */ true);
|
||||
ASSERT_ERROR(mkdir_p_safe(tmp, p, 0000, UID_INVALID, GID_INVALID, 0), EACCES);
|
||||
|
||||
@ -160,7 +160,7 @@ TEST(bind_remount_recursive) {
|
||||
assert_se(mkdir(subdir, 0755) >= 0);
|
||||
|
||||
FOREACH_STRING(p, "/usr", "/sys", "/", tmp) {
|
||||
ASSERT_OK(r = safe_fork("(bind-remount-recursive)", FORK_COMMON_FLAGS, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(bind-remount-recursive)", FORK_COMMON_FLAGS, NULL));
|
||||
if (r == 0) { /* child */
|
||||
struct statvfs svfs;
|
||||
|
||||
@ -196,7 +196,7 @@ TEST(bind_remount_one) {
|
||||
|
||||
CHECK_PRIV;
|
||||
|
||||
ASSERT_OK(r = safe_fork("(remount-one-with-mountinfo)", FORK_COMMON_FLAGS, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(remount-one-with-mountinfo)", FORK_COMMON_FLAGS, NULL));
|
||||
if (r == 0) { /* child */
|
||||
_cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
|
||||
|
||||
@ -211,7 +211,7 @@ TEST(bind_remount_one) {
|
||||
_exit(EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
ASSERT_OK(r = safe_fork("(remount-one)", FORK_COMMON_FLAGS, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(remount-one)", FORK_COMMON_FLAGS, NULL));
|
||||
if (r == 0) { /* child */
|
||||
assert_se(bind_remount_one("/run", MS_RDONLY, MS_RDONLY) >= 0);
|
||||
assert_se(bind_remount_one("/run", MS_NOEXEC, MS_RDONLY|MS_NOEXEC) >= 0);
|
||||
@ -291,7 +291,7 @@ TEST(make_mount_switch_root) {
|
||||
};
|
||||
|
||||
FOREACH_ELEMENT(i, table) {
|
||||
ASSERT_OK(r = safe_fork("(switch-root)", FORK_COMMON_FLAGS, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(switch-root)", FORK_COMMON_FLAGS, NULL));
|
||||
if (r == 0) {
|
||||
assert_se(make_mount_point(i->path) >= 0);
|
||||
assert_se(mount_switch_root_full(i->path, /* mount_propagation_flag= */ 0, i->force_ms_move) >= 0);
|
||||
@ -335,7 +335,7 @@ TEST(umount_recursive) {
|
||||
CHECK_PRIV;
|
||||
|
||||
FOREACH_ELEMENT(t, test_table) {
|
||||
ASSERT_OK(r = safe_fork("(umount-rec)", FORK_COMMON_FLAGS, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(umount-rec)", FORK_COMMON_FLAGS, NULL));
|
||||
if (r == 0) { /* child */
|
||||
_cleanup_(mnt_free_tablep) struct libmnt_table *table = NULL;
|
||||
_cleanup_(mnt_free_iterp) struct libmnt_iter *iter = NULL;
|
||||
@ -392,7 +392,7 @@ TEST(fd_make_mount_point) {
|
||||
assert_se(s);
|
||||
assert_se(mkdir(s, 0700) >= 0);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(make-mount-point)", FORK_COMMON_FLAGS, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(make-mount-point)", FORK_COMMON_FLAGS, NULL));
|
||||
if (r == 0) {
|
||||
_cleanup_close_ int fd = -EBADF, fd2 = -EBADF;
|
||||
|
||||
@ -423,7 +423,7 @@ TEST(bind_mount_submounts) {
|
||||
assert_se(mkdtemp_malloc(NULL, &a) >= 0);
|
||||
assert_se(mkdtemp_malloc(NULL, &b) >= 0);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(bind-mount-submounts)", FORK_COMMON_FLAGS, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(bind-mount-submounts)", FORK_COMMON_FLAGS, NULL));
|
||||
if (r == 0) {
|
||||
char *x;
|
||||
|
||||
@ -512,7 +512,7 @@ TEST(path_is_network_fs_harder) {
|
||||
_cleanup_(rm_rf_physical_and_freep) char *t = NULL;
|
||||
assert_se(mkdtemp_malloc("/tmp/test-mount-util.path_is_network_fs_harder.XXXXXXX", &t) >= 0);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(path-is-network-fs-harder)", FORK_COMMON_FLAGS, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(path-is-network-fs-harder)", FORK_COMMON_FLAGS, NULL));
|
||||
if (r == 0) {
|
||||
ASSERT_OK(mount_nofollow_verbose(LOG_INFO, "tmpfs", t, "tmpfs", 0, NULL));
|
||||
ASSERT_OK_ZERO(path_is_network_fs_harder(t));
|
||||
@ -554,7 +554,7 @@ TEST(mount_fd_clone) {
|
||||
/* Set up a socket pair to transfer the mount fd from the child (in a different mountns) to us. */
|
||||
ASSERT_OK_ERRNO(socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, fds));
|
||||
|
||||
r = ASSERT_OK(safe_fork_full(
|
||||
r = ASSERT_OK(pidref_safe_fork_full(
|
||||
"(mount-fd-clone-setup)",
|
||||
/* stdio_fds= */ NULL,
|
||||
&fds[1], 1,
|
||||
@ -588,7 +588,7 @@ TEST(mount_fd_clone) {
|
||||
_cleanup_free_ char *target = ASSERT_NOT_NULL(path_join(t, "target"));
|
||||
ASSERT_OK_ERRNO(mkdir(target, 0755));
|
||||
|
||||
r = ASSERT_OK(safe_fork_full(
|
||||
r = ASSERT_OK(pidref_safe_fork_full(
|
||||
"(mount-fd-clone-verify)",
|
||||
/* stdio_fds= */ NULL,
|
||||
&first_clone, 1,
|
||||
|
||||
@ -220,7 +220,7 @@ TEST(protect_kernel_logs) {
|
||||
}
|
||||
ASSERT_OK(r);
|
||||
|
||||
r = ASSERT_OK(safe_fork("(protect)", FORK_WAIT|FORK_LOG|FORK_DEATHSIG_SIGKILL, /* ret_pid= */ NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(protect)", FORK_WAIT|FORK_LOG|FORK_DEATHSIG_SIGKILL, /* ret= */ NULL));
|
||||
|
||||
if (r == 0) {
|
||||
_cleanup_close_ int fd = -EBADF;
|
||||
|
||||
@ -490,7 +490,7 @@ static int run(int argc, char **argv) {
|
||||
/* Testing with several syscalls filtered, and check if the nss modules gracefully handle failures in
|
||||
* masked syscalls. See issue #38582. */
|
||||
|
||||
ASSERT_OK(r = safe_fork("(with-seccomp)", FORK_LOG | FORK_WAIT, /* ret_pid= */ NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(with-seccomp)", FORK_LOG|FORK_WAIT, /* ret= */ NULL));
|
||||
if (r == 0) {
|
||||
_cleanup_hashmap_free_ Hashmap *filter = NULL;
|
||||
ASSERT_NOT_NULL(filter = hashmap_new(NULL));
|
||||
|
||||
@ -475,7 +475,10 @@ static void test_find_executable_exec_one(const char *path) {
|
||||
if (path_is_absolute(path))
|
||||
ASSERT_STREQ(t, path);
|
||||
|
||||
r = ASSERT_OK(safe_fork("(find-exec)", FORK_LOG|FORK_DEATHSIG_SIGKILL|FORK_WAIT, /* ret_pid= */ NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork(
|
||||
"(find-exec)",
|
||||
FORK_LOG|FORK_DEATHSIG_SIGKILL|FORK_WAIT,
|
||||
/* ret= */ NULL));
|
||||
|
||||
if (r == 0) {
|
||||
r = fexecve_or_execve(fd, t, STRV_MAKE(t, "--version"), STRV_MAKE(NULL));
|
||||
|
||||
@ -285,7 +285,7 @@ TEST(pid_get_cmdline_harder) {
|
||||
}
|
||||
#endif
|
||||
|
||||
r = ASSERT_OK(safe_fork("(cmdline)", FORK_WAIT|FORK_LOG|FORK_DEATHSIG_SIGKILL, /* ret_pid= */ NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(cmdline)", FORK_WAIT|FORK_LOG|FORK_DEATHSIG_SIGKILL, /* ret= */ NULL));
|
||||
if (r == 0) {
|
||||
r = detach_mount_namespace();
|
||||
if (r < 0) {
|
||||
@ -573,7 +573,7 @@ TEST(getpid_cached) {
|
||||
ASSERT_EQ(a, b);
|
||||
ASSERT_EQ(a, c);
|
||||
|
||||
r = ASSERT_OK(safe_fork("(getpid)", FORK_WAIT|FORK_LOG|FORK_DEATHSIG_SIGKILL, /* ret_pid= */ NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(getpid)", FORK_WAIT|FORK_LOG|FORK_DEATHSIG_SIGKILL, /* ret= */ NULL));
|
||||
|
||||
if (r == 0) {
|
||||
/* In child */
|
||||
@ -619,12 +619,13 @@ TEST(getpid_measure) {
|
||||
log_info("getpid_cached(): %lf μs each", (double) q / iterations);
|
||||
}
|
||||
|
||||
TEST(safe_fork) {
|
||||
TEST(pidref_safe_fork) {
|
||||
_cleanup_(pidref_done) PidRef child = PIDREF_NULL;
|
||||
siginfo_t status;
|
||||
pid_t pid;
|
||||
int r;
|
||||
|
||||
r = safe_fork("(test-child)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_REOPEN_LOG, &pid);
|
||||
r = pidref_safe_fork("(test-child)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_REOPEN_LOG, &child);
|
||||
ASSERT_OK(r);
|
||||
|
||||
if (r == 0) {
|
||||
@ -634,9 +635,6 @@ TEST(safe_fork) {
|
||||
_exit(88);
|
||||
}
|
||||
|
||||
_cleanup_(pidref_done) PidRef child = PIDREF_NULL;
|
||||
ASSERT_OK(pidref_set_pid(&child, pid));
|
||||
|
||||
ASSERT_OK(pidref_wait_for_terminate(&child, &status));
|
||||
ASSERT_EQ(status.si_code, CLD_EXITED);
|
||||
ASSERT_EQ(status.si_status, 88);
|
||||
@ -710,8 +708,10 @@ TEST(ioprio_class_from_to_string) {
|
||||
TEST(setpriority_closest) {
|
||||
int r;
|
||||
|
||||
r = safe_fork("(test-setprio)",
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_LOG|FORK_REOPEN_LOG, NULL);
|
||||
r = pidref_safe_fork(
|
||||
"(test-setprio)",
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_LOG|FORK_REOPEN_LOG,
|
||||
NULL);
|
||||
ASSERT_OK(r);
|
||||
|
||||
if (r == 0) {
|
||||
@ -909,7 +909,10 @@ TEST(get_process_threads) {
|
||||
int r;
|
||||
|
||||
/* Run this test in a child, so that we can guarantee there's exactly one thread around in the child */
|
||||
r = safe_fork("(nthreads)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_LOG, NULL);
|
||||
r = pidref_safe_fork(
|
||||
"(nthreads)",
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_LOG,
|
||||
NULL);
|
||||
ASSERT_OK(r);
|
||||
|
||||
if (r == 0) {
|
||||
@ -953,8 +956,10 @@ TEST(get_process_threads) {
|
||||
TEST(is_reaper_process) {
|
||||
int r;
|
||||
|
||||
r = safe_fork("(regular)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG|FORK_WAIT, NULL);
|
||||
ASSERT_OK(r);
|
||||
r = ASSERT_OK(pidref_safe_fork(
|
||||
"(regular)",
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG|FORK_WAIT,
|
||||
NULL));
|
||||
if (r == 0) {
|
||||
/* child */
|
||||
|
||||
@ -962,8 +967,10 @@ TEST(is_reaper_process) {
|
||||
_exit(EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
r = safe_fork("(newpid)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG|FORK_WAIT, NULL);
|
||||
ASSERT_OK(r);
|
||||
r = ASSERT_OK(pidref_safe_fork(
|
||||
"(newpid)",
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG|FORK_WAIT,
|
||||
NULL));
|
||||
if (r == 0) {
|
||||
/* child */
|
||||
|
||||
@ -974,8 +981,10 @@ TEST(is_reaper_process) {
|
||||
}
|
||||
}
|
||||
|
||||
r = safe_fork("(newpid1)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG|FORK_WAIT, NULL);
|
||||
ASSERT_OK(r);
|
||||
r = ASSERT_OK(pidref_safe_fork(
|
||||
"(newpid1)",
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG|FORK_WAIT,
|
||||
NULL));
|
||||
if (r == 0) {
|
||||
/* grandchild, which is PID1 in a pidns */
|
||||
ASSERT_OK_EQ(getpid_cached(), 1);
|
||||
@ -986,8 +995,10 @@ TEST(is_reaper_process) {
|
||||
_exit(EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
r = safe_fork("(subreaper)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG|FORK_WAIT, NULL);
|
||||
ASSERT_OK(r);
|
||||
r = ASSERT_OK(pidref_safe_fork(
|
||||
"(subreaper)",
|
||||
FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG|FORK_WAIT,
|
||||
NULL));
|
||||
if (r == 0) {
|
||||
/* child */
|
||||
ASSERT_OK(make_reaper_process(true));
|
||||
|
||||
@ -26,13 +26,13 @@ static void sfdisk(const char *sfdisk_path, LoopDevice *loop, const char *defini
|
||||
_cleanup_close_ int memfd = memfd_new_and_seal("sfdisk", definition, SIZE_MAX);
|
||||
ASSERT_OK(memfd);
|
||||
|
||||
r = safe_fork_full(
|
||||
r = pidref_safe_fork_full(
|
||||
"(sfdisk)",
|
||||
(int[]) { memfd, STDOUT_FILENO, STDERR_FILENO },
|
||||
/* except_fds= */ NULL,
|
||||
/* n_except_fds= */ 0,
|
||||
FORK_CLOSE_ALL_FDS|FORK_RESET_SIGNALS|FORK_REARRANGE_STDIO|FORK_LOG|FORK_WAIT,
|
||||
/* ret_pid= */ NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r == 0) {
|
||||
/* child */
|
||||
execl(sfdisk_path, "fdisk", "--no-tell-kernel", "--no-reread", loop->node, NULL);
|
||||
|
||||
@ -155,7 +155,10 @@ TEST(pid_getrlimit) {
|
||||
assert_se(getrlimit(resource, &direct) >= 0);
|
||||
|
||||
/* We fork off a child so that getrlimit() doesn't work anymore */
|
||||
r = safe_fork("(getrlimit)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL|FORK_LOG|FORK_WAIT, /* ret_pid= */ NULL);
|
||||
r = pidref_safe_fork(
|
||||
"(getrlimit)",
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL|FORK_LOG|FORK_WAIT,
|
||||
/* ret= */ NULL);
|
||||
assert_se(r >= 0);
|
||||
|
||||
if (r == 0) {
|
||||
|
||||
@ -102,7 +102,7 @@ TEST(rm_rf_chmod) {
|
||||
/* This test only works unpriv (as only then the access mask for the owning user matters),
|
||||
* hence drop privs here */
|
||||
|
||||
ASSERT_OK(r = safe_fork("(setresuid)", FORK_DEATHSIG_SIGTERM|FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(setresuid)", FORK_DEATHSIG_SIGTERM|FORK_WAIT, NULL));
|
||||
|
||||
if (r == 0) {
|
||||
/* child */
|
||||
|
||||
@ -197,7 +197,7 @@ TEST(filter_sets) {
|
||||
|
||||
log_info("Testing %s", syscall_filter_sets[i].name);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(filter_sets)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(filter_sets)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
int fd;
|
||||
|
||||
@ -295,7 +295,7 @@ TEST(restrict_namespace) {
|
||||
|
||||
CHECK_SECCOMP(/* skip_container= */ false);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(restrict-namespace)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(restrict-namespace)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
|
||||
assert_se(seccomp_restrict_namespaces(CLONE_NEWNS|CLONE_NEWNET) >= 0);
|
||||
@ -357,7 +357,7 @@ TEST(protect_sysctl) {
|
||||
if (!streq(seccomp, "0"))
|
||||
log_warning("Warning: seccomp filter detected, results may be unreliable for %s", __func__);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(protect-sysctl)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(protect-sysctl)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
#if defined __NR__sysctl && __NR__sysctl >= 0
|
||||
assert_se(syscall(__NR__sysctl, NULL) < 0);
|
||||
@ -388,7 +388,7 @@ TEST(protect_syslog) {
|
||||
/* in containers syslog() is likely missing anyway */
|
||||
CHECK_SECCOMP(/* skip_container= */ true);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(protect-syslog)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(protect-syslog)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
#if defined __NR_syslog && __NR_syslog >= 0
|
||||
assert_se(syscall(__NR_syslog, -1, NULL, 0) < 0);
|
||||
@ -411,7 +411,7 @@ TEST(restrict_address_families) {
|
||||
|
||||
CHECK_SECCOMP(/* skip_container= */ false);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(restrict-address-families)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(restrict-address-families)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
int fd;
|
||||
Set *s;
|
||||
@ -488,7 +488,7 @@ TEST(restrict_realtime) {
|
||||
/* in containers RT privs are likely missing anyway */
|
||||
CHECK_SECCOMP(/* skip_container= */ true);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(restrict-realtime)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(restrict-realtime)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
/* On some CI environments, the restriction may be already enabled. */
|
||||
if (sched_setscheduler(0, SCHED_FIFO, &(struct sched_param) { .sched_priority = 1 }) < 0) {
|
||||
@ -542,7 +542,7 @@ TEST(memory_deny_write_execute_mmap) {
|
||||
return;
|
||||
#endif
|
||||
|
||||
ASSERT_OK(r = safe_fork("(memory_deny_write_execute_mmap)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(memory_deny_write_execute_mmap)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
void *p;
|
||||
|
||||
@ -606,7 +606,7 @@ TEST(memory_deny_write_execute_shmat) {
|
||||
shmid = shmget(IPC_PRIVATE, page_size(), 0);
|
||||
assert_se(shmid >= 0);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(memory-deny-write-execute)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(memory-deny-write-execute)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
void *p;
|
||||
|
||||
@ -648,7 +648,7 @@ TEST(restrict_archs) {
|
||||
|
||||
CHECK_SECCOMP(/* skip_container= */ false);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(restrict-archs)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(restrict-archs)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
_cleanup_set_free_ Set *s = NULL;
|
||||
|
||||
@ -675,7 +675,7 @@ TEST(load_syscall_filter_set_raw) {
|
||||
|
||||
CHECK_SECCOMP(/* skip_container= */ false);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(load-filter)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(load-filter)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
_cleanup_hashmap_free_ Hashmap *s = NULL;
|
||||
|
||||
@ -777,7 +777,7 @@ TEST(native_syscalls_filtered) {
|
||||
|
||||
CHECK_SECCOMP(/* skip_container= */ false);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(native-syscalls)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(native-syscalls)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
_cleanup_set_free_ Set *arch_s = NULL;
|
||||
_cleanup_hashmap_free_ Hashmap *s = NULL;
|
||||
@ -830,7 +830,7 @@ TEST(lock_personality) {
|
||||
log_info("current personality=0x%lX", (unsigned long) safe_personality(PERSONALITY_INVALID));
|
||||
log_info("current opinionated personality=0x%lX", current_opinionated);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(lock-personality)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(lock-personality)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
unsigned long current;
|
||||
|
||||
@ -900,7 +900,7 @@ TEST(restrict_suid_sgid) {
|
||||
|
||||
CHECK_SECCOMP(/* skip_container= */ false);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(suid-sgid)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(suid-sgid)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
char path[] = "/tmp/suidsgidXXXXXX", dir[] = "/tmp/suidsgiddirXXXXXX";
|
||||
int fd = -EBADF, k = -EBADF;
|
||||
@ -1124,7 +1124,7 @@ TEST(seccomp_suppress_sync) {
|
||||
|
||||
CHECK_SECCOMP(/* skip_container= */ false);
|
||||
|
||||
ASSERT_OK(r = safe_fork("(suppress-sync)", FORK_LOG | FORK_WAIT, NULL));
|
||||
r = ASSERT_OK(pidref_safe_fork("(suppress-sync)", FORK_LOG|FORK_WAIT, NULL));
|
||||
if (r == 0) {
|
||||
test_seccomp_suppress_sync_child();
|
||||
_exit(EXIT_SUCCESS);
|
||||
|
||||
@ -153,8 +153,7 @@ TEST(in_addr_is_multicast) {
|
||||
TEST(getpeercred_getpeergroups) {
|
||||
int r;
|
||||
|
||||
r = safe_fork("(getpeercred)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL);
|
||||
assert_se(r >= 0);
|
||||
r = ASSERT_OK(pidref_safe_fork("(getpeercred)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL));
|
||||
|
||||
if (r == 0) {
|
||||
static const gid_t gids[] = { 3, 4, 5, 6, 7 };
|
||||
@ -220,8 +219,7 @@ TEST(passfd_read) {
|
||||
|
||||
assert_se(socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) >= 0);
|
||||
|
||||
r = safe_fork("(passfd_read)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL);
|
||||
assert_se(r >= 0);
|
||||
r = ASSERT_OK(pidref_safe_fork("(passfd_read)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL));
|
||||
|
||||
if (r == 0) {
|
||||
/* Child */
|
||||
@ -262,8 +260,7 @@ TEST(passfd_contents_read) {
|
||||
|
||||
assert_se(socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) >= 0);
|
||||
|
||||
r = safe_fork("(passfd_contents_read)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL);
|
||||
assert_se(r >= 0);
|
||||
r = ASSERT_OK(pidref_safe_fork("(passfd_contents_read)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL));
|
||||
|
||||
if (r == 0) {
|
||||
/* Child */
|
||||
@ -314,8 +311,7 @@ TEST(pass_many_fds_contents_read) {
|
||||
|
||||
assert_se(socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) >= 0);
|
||||
|
||||
r = safe_fork("(passfd_contents_read)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL);
|
||||
assert_se(r >= 0);
|
||||
r = ASSERT_OK(pidref_safe_fork("(passfd_contents_read)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL));
|
||||
|
||||
if (r == 0) {
|
||||
/* Child */
|
||||
@ -374,7 +370,7 @@ TEST(receive_nopassfd) {
|
||||
|
||||
assert_se(socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) >= 0);
|
||||
|
||||
r = safe_fork("(receive_nopassfd)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL);
|
||||
r = ASSERT_OK(pidref_safe_fork("(receive_nopassfd)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL));
|
||||
assert_se(r >= 0);
|
||||
|
||||
if (r == 0) {
|
||||
@ -410,8 +406,7 @@ TEST(send_nodata_nofd) {
|
||||
|
||||
assert_se(socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) >= 0);
|
||||
|
||||
r = safe_fork("(send_nodata_nofd)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL);
|
||||
assert_se(r >= 0);
|
||||
r = ASSERT_OK(pidref_safe_fork("(send_nodata_nofd)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL));
|
||||
|
||||
if (r == 0) {
|
||||
/* Child */
|
||||
@ -443,8 +438,7 @@ TEST(send_emptydata) {
|
||||
|
||||
assert_se(socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) >= 0);
|
||||
|
||||
r = safe_fork("(send_emptydata)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL);
|
||||
assert_se(r >= 0);
|
||||
r = ASSERT_OK(pidref_safe_fork("(send_emptydata)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL));
|
||||
|
||||
if (r == 0) {
|
||||
/* Child */
|
||||
|
||||
@ -385,7 +385,8 @@ TEST(terminal_new_session) {
|
||||
ASSERT_OK(pty_fd = openpt_allocate(O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK, NULL));
|
||||
ASSERT_OK(peer_fd = pty_open_peer(pty_fd, O_RDWR|O_NOCTTY|O_CLOEXEC));
|
||||
|
||||
r = safe_fork_full("test-term-session",
|
||||
r = pidref_safe_fork_full(
|
||||
"test-term-session",
|
||||
(int[]) { peer_fd, peer_fd, peer_fd },
|
||||
NULL, 0,
|
||||
FORK_DEATHSIG_SIGKILL|FORK_LOG|FORK_WAIT|FORK_REARRANGE_STDIO,
|
||||
|
||||
@ -30,6 +30,7 @@
|
||||
#include "main-func.h"
|
||||
#include "mkdir-label.h"
|
||||
#include "path-util.h"
|
||||
#include "pidref.h"
|
||||
#include "pretty-print.h"
|
||||
#include "process-util.h"
|
||||
#include "set.h"
|
||||
@ -570,18 +571,18 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
* and its own controlling terminal. If one of the tasks does handle a password, the remaining tasks will be
|
||||
* terminated.
|
||||
*/
|
||||
static int ask_on_this_console(const char *tty, char **arguments, pid_t *ret_pid) {
|
||||
static int ask_on_this_console(const char *tty, char **arguments, PidRef *ret) {
|
||||
int r;
|
||||
|
||||
assert(tty);
|
||||
assert(arguments);
|
||||
assert(ret_pid);
|
||||
assert(ret);
|
||||
|
||||
assert_se(sigaction(SIGCHLD, &sigaction_nop_nocldstop, NULL) >= 0);
|
||||
assert_se(sigaction(SIGHUP, &sigaction_default, NULL) >= 0);
|
||||
assert_se(sigprocmask_many(SIG_UNBLOCK, NULL, SIGHUP, SIGCHLD) >= 0);
|
||||
|
||||
r = safe_fork("(sd-passwd)", FORK_RESET_SIGNALS|FORK_KEEP_NOTIFY_SOCKET|FORK_LOG, ret_pid);
|
||||
r = pidref_safe_fork("(sd-passwd)", FORK_RESET_SIGNALS|FORK_KEEP_NOTIFY_SOCKET|FORK_LOG, ret);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
@ -691,13 +692,13 @@ static int ask_on_consoles(char *argv[]) {
|
||||
|
||||
/* Start an agent on each console. */
|
||||
STRV_FOREACH(tty, consoles) {
|
||||
pid_t pid;
|
||||
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
|
||||
|
||||
r = ask_on_this_console(*tty, arguments, &pid);
|
||||
r = ask_on_this_console(*tty, arguments, &pidref);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
if (set_put(pids, PID_TO_PTR(pid)) < 0)
|
||||
if (set_put(pids, PID_TO_PTR(pidref.pid)) < 0)
|
||||
return log_oom();
|
||||
}
|
||||
|
||||
|
||||
@ -16,6 +16,7 @@
|
||||
#include "log.h"
|
||||
#include "mkdir.h"
|
||||
#include "pidfd-util.h"
|
||||
#include "pidref.h"
|
||||
#include "process-util.h"
|
||||
#include "set.h"
|
||||
#include "signal-util.h"
|
||||
@ -143,19 +144,19 @@ static size_t manager_current_workers(Manager *m) {
|
||||
static int start_one_worker(Manager *m) {
|
||||
_cleanup_(sd_event_source_disable_unrefp) sd_event_source *source = NULL;
|
||||
bool fixed;
|
||||
pid_t pid;
|
||||
int r;
|
||||
|
||||
assert(m);
|
||||
|
||||
fixed = set_size(m->workers_fixed) < USERDB_WORKERS_MIN;
|
||||
|
||||
r = safe_fork_full(
|
||||
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
|
||||
r = pidref_safe_fork_full(
|
||||
"(sd-worker)",
|
||||
/* stdio_fds= */ NULL,
|
||||
&m->listen_fd, 1,
|
||||
FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_REOPEN_LOG|FORK_LOG|FORK_CLOSE_ALL_FDS,
|
||||
&pid);
|
||||
&pidref);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to fork new worker child: %m");
|
||||
if (r == 0) {
|
||||
@ -176,7 +177,7 @@ static int start_one_worker(Manager *m) {
|
||||
safe_close(m->listen_fd);
|
||||
}
|
||||
|
||||
r = setenvf("LISTEN_PID", /* overwrite= */ true, PID_FMT, pid);
|
||||
r = setenvf("LISTEN_PID", /* overwrite= */ true, PID_FMT, pidref.pid);
|
||||
if (r < 0) {
|
||||
log_error_errno(r, "Failed to set $LISTEN_PID: %m");
|
||||
_exit(EXIT_FAILURE);
|
||||
@ -212,9 +213,9 @@ static int start_one_worker(Manager *m) {
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
r = sd_event_add_child(m->event, &source, pid, WEXITED, on_worker_exit, m);
|
||||
r = event_add_child_pidref(m->event, &source, &pidref, WEXITED, on_worker_exit, m);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to watch child " PID_FMT ": %m", pid);
|
||||
return log_error_errno(r, "Failed to watch child " PID_FMT ": %m", pidref.pid);
|
||||
|
||||
r = set_ensure_put(
|
||||
fixed ? &m->workers_fixed : &m->workers_dynamic,
|
||||
|
||||
@ -1274,7 +1274,7 @@ static int start_tpm(
|
||||
if (!argv)
|
||||
return log_oom();
|
||||
|
||||
r = safe_fork("(swtpm-setup)", FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_WAIT, NULL);
|
||||
r = pidref_safe_fork("(swtpm-setup)", FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_WAIT, /* ret= */ NULL);
|
||||
if (r == 0) {
|
||||
/* Child */
|
||||
execvp(argv[0], argv);
|
||||
@ -1287,7 +1287,7 @@ static int start_tpm(
|
||||
strv_remove(argv, "--profile-name");
|
||||
strv_remove(argv, "default-v2");
|
||||
|
||||
r = safe_fork("(swtpm-setup)", FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_WAIT, NULL);
|
||||
r = pidref_safe_fork("(swtpm-setup)", FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_WAIT, /* ret= */ NULL);
|
||||
if (r == 0) {
|
||||
/* Child */
|
||||
execvp(argv[0], argv);
|
||||
@ -1739,10 +1739,10 @@ static int generate_ssh_keypair(const char *key_path, const char *key_type) {
|
||||
log_debug("Executing: %s", joined);
|
||||
}
|
||||
|
||||
r = safe_fork(
|
||||
r = pidref_safe_fork(
|
||||
ssh_keygen,
|
||||
FORK_WAIT|FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE|FORK_REARRANGE_STDIO,
|
||||
NULL);
|
||||
/* ret= */ NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user