[thirdparty/systemd.git] / src / basic / os-util.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include "alloc-util.h"
#include "chase.h"
#include "dirent-util.h"
#include "env-file.h"
#include "env-util.h"
#include "fd-util.h"
#include "fileio.h"
#include "fs-util.h"
#include "glyph-util.h"
#include "macro.h"
#include "os-util.h"
#include "parse-util.h"
#include "path-util.h"
#include "stat-util.h"
#include "string-table.h"
#include "string-util.h"
#include "strv.h"
#include "utf8.h"
#include "xattr-util.h"

static const char* const image_class_table[_IMAGE_CLASS_MAX] = {
        [IMAGE_MACHINE]  = "machine",
        [IMAGE_PORTABLE] = "portable",
        [IMAGE_SYSEXT]   = "extension",
        [IMAGE_CONFEXT]  = "confext",
};

DEFINE_STRING_TABLE_LOOKUP(image_class, ImageClass);

/* Helper struct for naming simplicity and reusability */
static const struct {
        const char *release_file_directory;
        const char *release_file_path_prefix;
} image_class_release_info[_IMAGE_CLASS_MAX] = {
        [IMAGE_SYSEXT] = {
                .release_file_directory = "/usr/lib/extension-release.d/",
                .release_file_path_prefix = "/usr/lib/extension-release.d/extension-release.",
        },
        [IMAGE_CONFEXT] = {
                .release_file_directory = "/etc/extension-release.d/",
                .release_file_path_prefix = "/etc/extension-release.d/extension-release.",
        }
};

bool image_name_is_valid(const char *s) {
        if (!filename_is_valid(s))
                return false;

        if (string_has_cc(s, NULL))
                return false;

        if (!utf8_is_valid(s))
                return false;

        /* Temporary files for atomically creating new files */
        if (startswith(s, ".#"))
                return false;

        return true;
}

int path_is_extension_tree(ImageClass image_class, const char *path, const char *extension, bool relax_extension_release_check) {
        int r;

        assert(path);

        /* Does the path exist at all? If not, generate an error immediately. This is useful so that a missing root dir
         * always results in -ENOENT, and we can properly distinguish the case where the whole root doesn't exist from
         * the case where just the os-release file is missing. */
        if (laccess(path, F_OK) < 0)
                return -errno;

        /* We use /usr/lib/extension-release.d/extension-release[.NAME] as flag for something being a system extension,
         * /etc/extension-release.d/extension-release[.NAME] as flag for something being a system configuration, and finally,
         * and {/etc|/usr/lib}/os-release as a flag for something being an OS (when not an extension). */
        r = open_extension_release(path, image_class, extension, relax_extension_release_check, NULL, NULL);
        if (r == -ENOENT) /* We got nothing */
                return 0;
        if (r < 0)
                return r;

        return 1;
}

static int extension_release_strict_xattr_value(int extension_release_fd, const char *extension_release_dir_path, const char *filename) {
        int r;

        assert(extension_release_fd >= 0);
        assert(extension_release_dir_path);
        assert(filename);

        /* No xattr or cannot parse it? Then skip this. */
        _cleanup_free_ char *extension_release_xattr = NULL;
        r = fgetxattr_malloc(extension_release_fd, "user.extension-release.strict", &extension_release_xattr);
        if (r < 0) {
                if (!ERRNO_IS_XATTR_ABSENT(r))
                        return log_debug_errno(r,
                                               "%s/%s: Failed to read 'user.extension-release.strict' extended attribute from file, ignoring: %m",
                                               extension_release_dir_path, filename);

                return log_debug_errno(r, "%s/%s does not have user.extension-release.strict xattr, ignoring.", extension_release_dir_path, filename);
        }

        /* Explicitly set to request strict matching? Skip it. */
        r = parse_boolean(extension_release_xattr);
        if (r < 0)
                return log_debug_errno(r,
                                       "%s/%s: Failed to parse 'user.extension-release.strict' extended attribute from file, ignoring: %m",
                                       extension_release_dir_path, filename);
        if (r > 0) {
                log_debug("%s/%s: 'user.extension-release.strict' attribute is true, ignoring file.",
                          extension_release_dir_path, filename);
                return true;
        }

        log_debug("%s/%s: 'user.extension-release.strict' attribute is false%s",
                  extension_release_dir_path, filename,
                  special_glyph(SPECIAL_GLYPH_ELLIPSIS));

        return false;
}

int open_os_release_at(int rfd, char **ret_path, int *ret_fd) {
        const char *e;
        int r;

        assert(rfd >= 0 || rfd == AT_FDCWD);

        e = secure_getenv("SYSTEMD_OS_RELEASE");
        if (e)
                return chaseat(rfd, e, CHASE_AT_RESOLVE_IN_ROOT, ret_path, ret_fd);

        FOREACH_STRING(path, "/etc/os-release", "/usr/lib/os-release") {
                r = chaseat(rfd, path, CHASE_AT_RESOLVE_IN_ROOT, ret_path, ret_fd);
                if (r != -ENOENT)
                        return r;
        }

        return -ENOENT;
}

int open_os_release(const char *root, char **ret_path, int *ret_fd) {
        _cleanup_close_ int rfd = -EBADF, fd = -EBADF;
        _cleanup_free_ char *p = NULL;
        int r;

        rfd = open(empty_to_root(root), O_CLOEXEC | O_DIRECTORY | O_PATH);
        if (rfd < 0)
                return -errno;

        r = open_os_release_at(rfd, ret_path ? &p : NULL, ret_fd ? &fd : NULL);
        if (r < 0)
                return r;

        if (ret_path) {
                r = path_prefix_root_cwd(p, root, ret_path);
                if (r < 0)
                        return r;
        }

        if (ret_fd)
                *ret_fd = TAKE_FD(fd);

        return 0;
}

int open_extension_release_at(
                int rfd,
                ImageClass image_class,
                const char *extension,
                bool relax_extension_release_check,
                char **ret_path,
                int *ret_fd) {

        _cleanup_free_ char *dir_path = NULL, *path_found = NULL;
        _cleanup_close_ int fd_found = -EBADF;
        _cleanup_closedir_ DIR *dir = NULL;
        bool found = false;
        const char *p;
        int r;

        assert(rfd >= 0 || rfd == AT_FDCWD);
        assert(!extension || (image_class >= 0 && image_class < _IMAGE_CLASS_MAX));

        if (!extension)
                return open_os_release_at(rfd, ret_path, ret_fd);

        if (!IN_SET(image_class, IMAGE_SYSEXT, IMAGE_CONFEXT))
                return -EINVAL;

        if (!image_name_is_valid(extension))
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "The extension name %s is invalid.", extension);

        p = strjoina(image_class_release_info[image_class].release_file_path_prefix, extension);
        r = chaseat(rfd, p, CHASE_AT_RESOLVE_IN_ROOT, ret_path, ret_fd);
        log_full_errno_zerook(LOG_DEBUG, MIN(r, 0), "Checking for %s: %m", p);
        if (r != -ENOENT)
                return r;

        /* Cannot find the expected extension-release file? The image filename might have been mangled on
         * deployment, so fallback to checking for any file in the extension-release.d directory, and return
         * the first one with a user.extension-release xattr instead. The user.extension-release.strict
         * xattr is checked to ensure the author of the image considers it OK if names do not match. */

        p = image_class_release_info[image_class].release_file_directory;
        r = chase_and_opendirat(rfd, p, CHASE_AT_RESOLVE_IN_ROOT, &dir_path, &dir);
        if (r < 0)
                return log_debug_errno(r, "Cannot open %s, ignoring: %m", p);

        FOREACH_DIRENT(de, dir, return -errno) {
                _cleanup_close_ int fd = -EBADF;
                const char *image_name;

                if (!IN_SET(de->d_type, DT_REG, DT_UNKNOWN))
                        continue;

                image_name = startswith(de->d_name, "extension-release.");
                if (!image_name)
                        continue;

                if (!image_name_is_valid(image_name)) {
                        log_debug("%s/%s is not a valid release file name, ignoring.", dir_path, de->d_name);
                        continue;
                }

                /* We already chased the directory, and checked that this is a real file, so we shouldn't
                 * fail to open it. */
                fd = openat(dirfd(dir), de->d_name, O_PATH|O_CLOEXEC|O_NOFOLLOW);
                if (fd < 0)
                        return log_debug_errno(errno, "Failed to open release file %s/%s: %m", dir_path, de->d_name);

                /* Really ensure it is a regular file after we open it. */
                r = fd_verify_regular(fd);
                if (r < 0) {
                        log_debug_errno(r, "%s/%s is not a regular file, ignoring: %m", dir_path, de->d_name);
                        continue;
                }

                if (!relax_extension_release_check &&
                    extension_release_strict_xattr_value(fd, dir_path, de->d_name) != 0)
                        continue;

                /* We already found what we were looking for, but there's another candidate? We treat this as
                 * an error, as we want to enforce that there are no ambiguities in case we are in the
                 * fallback path. */
                if (found)
                        return -ENOTUNIQ;

                found = true;

                if (ret_fd)
                        fd_found = TAKE_FD(fd);

                if (ret_path) {
                        path_found = path_join(dir_path, de->d_name);
                        if (!path_found)
                                return -ENOMEM;
                }
        }
        if (!found)
                return -ENOENT;

        if (ret_fd)
                *ret_fd = TAKE_FD(fd_found);
        if (ret_path)
                *ret_path = TAKE_PTR(path_found);

        return 0;
}

int open_extension_release(
                const char *root,
                ImageClass image_class,
                const char *extension,
                bool relax_extension_release_check,
                char **ret_path,
                int *ret_fd) {

        _cleanup_close_ int rfd = -EBADF, fd = -EBADF;
        _cleanup_free_ char *p = NULL;
        int r;

        rfd = open(empty_to_root(root), O_CLOEXEC | O_DIRECTORY | O_PATH);
        if (rfd < 0)
                return -errno;

        r = open_extension_release_at(rfd, image_class, extension, relax_extension_release_check,
                                      ret_path ? &p : NULL, ret_fd ? &fd : NULL);
        if (r < 0)
                return r;

        if (ret_path) {
                r = path_prefix_root_cwd(p, root, ret_path);
                if (r < 0)
                        return r;
        }

        if (ret_fd)
                *ret_fd = TAKE_FD(fd);

        return 0;
}

static int parse_extension_release_atv(
                int rfd,
                ImageClass image_class,
                const char *extension,
                bool relax_extension_release_check,
                va_list ap) {

        _cleanup_close_ int fd = -EBADF;
        _cleanup_free_ char *p = NULL;
        int r;

        assert(rfd >= 0 || rfd == AT_FDCWD);

        r = open_extension_release_at(rfd, image_class, extension, relax_extension_release_check, &p, &fd);
        if (r < 0)
                return r;

        return parse_env_file_fdv(fd, p, ap);
}

int parse_extension_release_at_sentinel(
                int rfd,
                ImageClass image_class,
                bool relax_extension_release_check,
                const char *extension,
                ...) {

        va_list ap;
        int r;

        assert(rfd >= 0 || rfd == AT_FDCWD);

        va_start(ap, extension);
        r = parse_extension_release_atv(rfd, image_class, extension, relax_extension_release_check, ap);
        va_end(ap);
        return r;
}

int parse_extension_release_sentinel(
                const char *root,
                ImageClass image_class,
                bool relax_extension_release_check,
                const char *extension,
                ...) {

        _cleanup_close_ int rfd = -EBADF;
        va_list ap;
        int r;

        rfd = open(empty_to_root(root), O_CLOEXEC | O_DIRECTORY | O_PATH);
        if (rfd < 0)
                return -errno;

        va_start(ap, extension);
        r = parse_extension_release_atv(rfd, image_class, extension, relax_extension_release_check, ap);
        va_end(ap);
        return r;
}

int load_os_release_pairs_with_prefix(const char *root, const char *prefix, char ***ret) {
        _cleanup_strv_free_ char **os_release_pairs = NULL, **os_release_pairs_prefixed = NULL;
        int r;

        r = load_os_release_pairs(root, &os_release_pairs);
        if (r < 0)
                return r;

        STRV_FOREACH_PAIR(p, q, os_release_pairs) {
                char *line;

                /* We strictly return only the four main ID fields and ignore the rest */
                if (!STR_IN_SET(*p, "ID", "VERSION_ID", "BUILD_ID", "VARIANT_ID"))
                        continue;

                ascii_strlower(*p);
                line = strjoin(prefix, *p, "=", *q);
                if (!line)
                        return -ENOMEM;
                r = strv_consume(&os_release_pairs_prefixed, line);
                if (r < 0)
                        return r;
        }

        *ret = TAKE_PTR(os_release_pairs_prefixed);

        return 0;
}

int load_extension_release_pairs(const char *root, ImageClass image_class, const char *extension, bool relax_extension_release_check, char ***ret) {
        _cleanup_close_ int fd = -EBADF;
        _cleanup_free_ char *p = NULL;
        int r;

        r = open_extension_release(root, image_class, extension, relax_extension_release_check, &p, &fd);
        if (r < 0)
                return r;

        return load_env_file_pairs_fd(fd, p, ret);
}

int os_release_support_ended(const char *support_end, bool quiet, usec_t *ret_eol) {
        _cleanup_free_ char *_support_end_alloc = NULL;
        int r;

        if (!support_end) {
                /* If the caller has the variably handy, they can pass it in. If not, we'll read it
                 * ourselves. */

                r = parse_os_release(NULL,
                                     "SUPPORT_END", &_support_end_alloc);
                if (r < 0 && r != -ENOENT)
                        return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING, r,
                                              "Failed to read os-release file, ignoring: %m");

                support_end = _support_end_alloc;
        }

        if (isempty(support_end)) /* An empty string is a explicit way to say "no EOL exists" */
                return false;  /* no end date defined */

        struct tm tm = {};
        const char *k = strptime(support_end, "%Y-%m-%d", &tm);
        if (!k || *k)
                return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING, SYNTHETIC_ERRNO(EINVAL),
                                      "Failed to parse SUPPORT_END= in os-release file, ignoring: %m");

        time_t eol = timegm(&tm);
        if (eol == (time_t) -1)
                return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING, SYNTHETIC_ERRNO(EINVAL),
                                      "Failed to convert SUPPORT_END= in os-release file, ignoring: %m");

        if (ret_eol)
                *ret_eol = eol * USEC_PER_SEC;

        return DIV_ROUND_UP(now(CLOCK_REALTIME), USEC_PER_SEC) > (usec_t) eol;
}

const char *os_release_pretty_name(const char *pretty_name, const char *name) {
        /* Distills a "pretty" name to show from os-release data. First argument is supposed to be the
         * PRETTY_NAME= field, the second one the NAME= field. This function is trivial, of course, and
         * exists mostly to ensure we use the same logic wherever possible. */

        return empty_to_null(pretty_name) ?:
                empty_to_null(name) ?: "Linux";
}
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
d58ad743 LP	2
d58ad743 LP	3	#include "alloc-util.h"
f461a28d	4	#include "chase.h"
9a4b883b	5	#include "dirent-util.h"
686d13b9	6	#include "env-file.h"
7eda2d7f	7	#include "env-util.h"
d58ad743	8	#include "fd-util.h"
4fa744a3	9	#include "fileio.h"
d58ad743	10	#include "fs-util.h"
28e5e1e9	11	#include "glyph-util.h"
d58ad743 LP	12	#include "macro.h"
d58ad743 LP	13	#include "os-util.h"
9a4b883b	14	#include "parse-util.h"
6ef06723	15	#include "path-util.h"
9a4b883b	16	#include "stat-util.h"
c2cd9508	17	#include "string-table.h"
d58ad743	18	#include "string-util.h"
686d13b9	19	#include "strv.h"
6ef06723	20	#include "utf8.h"
9a4b883b	21	#include "xattr-util.h"
6ef06723	22
c2cd9508 YW	23	static const char* const image_class_table[_IMAGE_CLASS_MAX] = {
	24	[IMAGE_MACHINE] = "machine",
	25	[IMAGE_PORTABLE] = "portable",
	26	[IMAGE_SYSEXT] = "extension",
	27	[IMAGE_CONFEXT] = "confext",
	28	};
	29
	30	DEFINE_STRING_TABLE_LOOKUP(image_class, ImageClass);
	31
b60e0f57	32	/* Helper struct for naming simplicity and reusability */
	33	static const struct {
	34	const char *release_file_directory;
	35	const char *release_file_path_prefix;
	36	} image_class_release_info[_IMAGE_CLASS_MAX] = {
	37	[IMAGE_SYSEXT] = {
	38	.release_file_directory = "/usr/lib/extension-release.d/",
	39	.release_file_path_prefix = "/usr/lib/extension-release.d/extension-release.",
	40	},
	41	[IMAGE_CONFEXT] = {
	42	.release_file_directory = "/etc/extension-release.d/",
	43	.release_file_path_prefix = "/etc/extension-release.d/extension-release.",
	44	}
	45	};
	46
6ef06723 ZJS	47	bool image_name_is_valid(const char *s) {
	48	if (!filename_is_valid(s))
	49	return false;
	50
	51	if (string_has_cc(s, NULL))
	52	return false;
	53
	54	if (!utf8_is_valid(s))
	55	return false;
	56
	57	/* Temporary files for atomically creating new files */
	58	if (startswith(s, ".#"))
	59	return false;
	60
	61	return true;
	62	}
d58ad743	63
b60e0f57	64	int path_is_extension_tree(ImageClass image_class, const char path, const char extension, bool relax_extension_release_check) {
d58ad743 LP	65	int r;
	66
	67	assert(path);
	68
	69	/* Does the path exist at all? If not, generate an error immediately. This is useful so that a missing root dir
5238e957	70	* always results in -ENOENT, and we can properly distinguish the case where the whole root doesn't exist from
d58ad743 LP	71	* the case where just the os-release file is missing. */
	72	if (laccess(path, F_OK) < 0)
	73	return -errno;
	74
9a4b883b	75	/* We use /usr/lib/extension-release.d/extension-release[.NAME] as flag for something being a system extension,
b60e0f57	76	* /etc/extension-release.d/extension-release[.NAME] as flag for something being a system configuration, and finally,
9a4b883b	77	* and {/etc\|/usr/lib}/os-release as a flag for something being an OS (when not an extension). */
b60e0f57	78	r = open_extension_release(path, image_class, extension, relax_extension_release_check, NULL, NULL);
d58ad743 LP	79	if (r == -ENOENT) /* We got nothing */
	80	return 0;
	81	if (r < 0)
	82	return r;
	83
	84	return 1;
	85	}
	86
192a9b70 LB	87	static int extension_release_strict_xattr_value(int extension_release_fd, const char extension_release_dir_path, const char filename) {
	88	int r;
	89
	90	assert(extension_release_fd >= 0);
	91	assert(extension_release_dir_path);
	92	assert(filename);
	93
	94	/* No xattr or cannot parse it? Then skip this. */
	95	_cleanup_free_ char *extension_release_xattr = NULL;
	96	r = fgetxattr_malloc(extension_release_fd, "user.extension-release.strict", &extension_release_xattr);
	97	if (r < 0) {
	98	if (!ERRNO_IS_XATTR_ABSENT(r))
	99	return log_debug_errno(r,
	100	"%s/%s: Failed to read 'user.extension-release.strict' extended attribute from file, ignoring: %m",
	101	extension_release_dir_path, filename);
	102
	103	return log_debug_errno(r, "%s/%s does not have user.extension-release.strict xattr, ignoring.", extension_release_dir_path, filename);
	104	}
	105
	106	/* Explicitly set to request strict matching? Skip it. */
	107	r = parse_boolean(extension_release_xattr);
	108	if (r < 0)
	109	return log_debug_errno(r,
	110	"%s/%s: Failed to parse 'user.extension-release.strict' extended attribute from file, ignoring: %m",
	111	extension_release_dir_path, filename);
	112	if (r > 0) {
	113	log_debug("%s/%s: 'user.extension-release.strict' attribute is true, ignoring file.",
	114	extension_release_dir_path, filename);
	115	return true;
	116	}
	117
	118	log_debug("%s/%s: 'user.extension-release.strict' attribute is false%s",
	119	extension_release_dir_path, filename,
	120	special_glyph(SPECIAL_GLYPH_ELLIPSIS));
	121
	122	return false;
	123	}
	124
538d878d	125	int open_os_release_at(int rfd, char *ret_path, int ret_fd) {
a84677e0 YW	126	const char *e;
	127	int r;
	128
538d878d YW	129	assert(rfd >= 0 \|\| rfd == AT_FDCWD);
538d878d YW	130
a84677e0 YW	131	e = secure_getenv("SYSTEMD_OS_RELEASE");
a84677e0 YW	132	if (e)
538d878d	133	return chaseat(rfd, e, CHASE_AT_RESOLVE_IN_ROOT, ret_path, ret_fd);
a84677e0 YW	134
a84677e0 YW	135	FOREACH_STRING(path, "/etc/os-release", "/usr/lib/os-release") {
538d878d	136	r = chaseat(rfd, path, CHASE_AT_RESOLVE_IN_ROOT, ret_path, ret_fd);
a84677e0 YW	137	if (r != -ENOENT)
	138	return r;
	139	}
	140
	141	return -ENOENT;
	142	}
	143
538d878d YW	144	int open_os_release(const char root, char ret_path, int ret_fd) {
	145	_cleanup_close_ int rfd = -EBADF, fd = -EBADF;
	146	_cleanup_free_ char *p = NULL;
	147	int r;
	148
	149	rfd = open(empty_to_root(root), O_CLOEXEC \| O_DIRECTORY \| O_PATH);
	150	if (rfd < 0)
	151	return -errno;
	152
	153	r = open_os_release_at(rfd, ret_path ? &p : NULL, ret_fd ? &fd : NULL);
	154	if (r < 0)
	155	return r;
	156
	157	if (ret_path) {
	158	r = path_prefix_root_cwd(p, root, ret_path);
	159	if (r < 0)
	160	return r;
	161	}
	162
	163	if (ret_fd)
	164	*ret_fd = TAKE_FD(fd);
	165
	166	return 0;
	167	}
	168
	169	int open_extension_release_at(
	170	int rfd,
a84677e0 YW	171	ImageClass image_class,
	172	const char *extension,
	173	bool relax_extension_release_check,
	174	char **ret_path,
	175	int *ret_fd) {
	176
61acfd83 YW	177	_cleanup_free_ char dir_path = NULL, path_found = NULL;
	178	_cleanup_close_ int fd_found = -EBADF;
	179	_cleanup_closedir_ DIR *dir = NULL;
c9d64f8a	180	bool found = false;
61acfd83	181	const char *p;
6f0f4d14	182	int r;
d58ad743	183
538d878d	184	assert(rfd >= 0 \|\| rfd == AT_FDCWD);
a84677e0	185	assert(!extension \|\| (image_class >= 0 && image_class < _IMAGE_CLASS_MAX));
b60e0f57	186
a84677e0	187	if (!extension)
538d878d	188	return open_os_release_at(rfd, ret_path, ret_fd);
6ddd0511	189
7421f20c YW	190	if (!IN_SET(image_class, IMAGE_SYSEXT, IMAGE_CONFEXT))
	191	return -EINVAL;
	192
a84677e0 YW	193	if (!image_name_is_valid(extension))
a84677e0 YW	194	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "The extension name %s is invalid.", extension);
ed15f8bc	195
61acfd83	196	p = strjoina(image_class_release_info[image_class].release_file_path_prefix, extension);
538d878d	197	r = chaseat(rfd, p, CHASE_AT_RESOLVE_IN_ROOT, ret_path, ret_fd);
61acfd83	198	log_full_errno_zerook(LOG_DEBUG, MIN(r, 0), "Checking for %s: %m", p);
7213c750 YW	199	if (r != -ENOENT)
7213c750 YW	200	return r;
9a4b883b	201
a84677e0 YW	202	/* Cannot find the expected extension-release file? The image filename might have been mangled on
	203	* deployment, so fallback to checking for any file in the extension-release.d directory, and return
	204	* the first one with a user.extension-release xattr instead. The user.extension-release.strict
	205	* xattr is checked to ensure the author of the image considers it OK if names do not match. */
9a4b883b	206
61acfd83	207	p = image_class_release_info[image_class].release_file_directory;
538d878d	208	r = chase_and_opendirat(rfd, p, CHASE_AT_RESOLVE_IN_ROOT, &dir_path, &dir);
7213c750	209	if (r < 0)
538d878d	210	return log_debug_errno(r, "Cannot open %s, ignoring: %m", p);
9a4b883b	211
61acfd83 YW	212	FOREACH_DIRENT(de, dir, return -errno) {
	213	_cleanup_close_ int fd = -EBADF;
	214	const char *image_name;
9a4b883b	215
7213c750 YW	216	if (!IN_SET(de->d_type, DT_REG, DT_UNKNOWN))
7213c750 YW	217	continue;
a84677e0	218
61acfd83	219	image_name = startswith(de->d_name, "extension-release.");
7213c750 YW	220	if (!image_name)
	221	continue;
	222
	223	if (!image_name_is_valid(image_name)) {
61acfd83	224	log_debug("%s/%s is not a valid release file name, ignoring.", dir_path, de->d_name);
7213c750 YW	225	continue;
	226	}
	227
	228	/* We already chased the directory, and checked that this is a real file, so we shouldn't
	229	* fail to open it. */
61acfd83 YW	230	fd = openat(dirfd(dir), de->d_name, O_PATH\|O_CLOEXEC\|O_NOFOLLOW);
	231	if (fd < 0)
	232	return log_debug_errno(errno, "Failed to open release file %s/%s: %m", dir_path, de->d_name);
7213c750 YW	233
7213c750 YW	234	/* Really ensure it is a regular file after we open it. */
61acfd83	235	r = fd_verify_regular(fd);
59c47075	236	if (r < 0) {
61acfd83	237	log_debug_errno(r, "%s/%s is not a regular file, ignoring: %m", dir_path, de->d_name);
7213c750 YW	238	continue;
	239	}
	240
61acfd83 YW	241	if (!relax_extension_release_check &&
	242	extension_release_strict_xattr_value(fd, dir_path, de->d_name) != 0)
	243	continue;
7213c750 YW	244
	245	/* We already found what we were looking for, but there's another candidate? We treat this as
	246	* an error, as we want to enforce that there are no ambiguities in case we are in the
	247	* fallback path. */
c9d64f8a YW	248	if (found)
c9d64f8a YW	249	return -ENOTUNIQ;
7213c750	250
c9d64f8a	251	found = true;
7213c750 YW	252
7213c750 YW	253	if (ret_fd)
61acfd83	254	fd_found = TAKE_FD(fd);
7213c750 YW	255
7213c750 YW	256	if (ret_path) {
61acfd83 YW	257	path_found = path_join(dir_path, de->d_name);
61acfd83 YW	258	if (!path_found)
7213c750	259	return -ENOMEM;
a84677e0	260	}
d58ad743	261	}
c9d64f8a YW	262	if (!found)
c9d64f8a YW	263	return -ENOENT;
d58ad743	264
396ec958	265	if (ret_fd)
61acfd83	266	*ret_fd = TAKE_FD(fd_found);
d58ad743	267	if (ret_path)
61acfd83	268	*ret_path = TAKE_PTR(path_found);
d58ad743 LP	269
	270	return 0;
	271	}
	272
538d878d	273	int open_extension_release(
f4a1d32c YW	274	const char *root,
f4a1d32c YW	275	ImageClass image_class,
538d878d	276	const char *extension,
f4a1d32c	277	bool relax_extension_release_check,
538d878d YW	278	char **ret_path,
	279	int *ret_fd) {
	280
	281	_cleanup_close_ int rfd = -EBADF, fd = -EBADF;
	282	_cleanup_free_ char *p = NULL;
	283	int r;
	284
	285	rfd = open(empty_to_root(root), O_CLOEXEC \| O_DIRECTORY \| O_PATH);
	286	if (rfd < 0)
	287	return -errno;
	288
	289	r = open_extension_release_at(rfd, image_class, extension, relax_extension_release_check,
	290	ret_path ? &p : NULL, ret_fd ? &fd : NULL);
	291	if (r < 0)
	292	return r;
	293
	294	if (ret_path) {
	295	r = path_prefix_root_cwd(p, root, ret_path);
	296	if (r < 0)
	297	return r;
	298	}
	299
	300	if (ret_fd)
	301	*ret_fd = TAKE_FD(fd);
	302
	303	return 0;
	304	}
	305
	306	static int parse_extension_release_atv(
	307	int rfd,
	308	ImageClass image_class,
f4a1d32c	309	const char *extension,
538d878d YW	310	bool relax_extension_release_check,
538d878d YW	311	va_list ap) {
f4a1d32c	312
53cbf5f9	313	_cleanup_close_ int fd = -EBADF;
d58ad743	314	_cleanup_free_ char *p = NULL;
d58ad743 LP	315	int r;
d58ad743 LP	316
538d878d YW	317	assert(rfd >= 0 \|\| rfd == AT_FDCWD);
	318
	319	r = open_extension_release_at(rfd, image_class, extension, relax_extension_release_check, &p, &fd);
d58ad743 LP	320	if (r < 0)
	321	return r;
	322
538d878d YW	323	return parse_env_file_fdv(fd, p, ap);
	324	}
	325
	326	int parse_extension_release_at_sentinel(
	327	int rfd,
	328	ImageClass image_class,
	329	bool relax_extension_release_check,
	330	const char *extension,
	331	...) {
	332
	333	va_list ap;
	334	int r;
	335
	336	assert(rfd >= 0 \|\| rfd == AT_FDCWD);
	337
	338	va_start(ap, extension);
	339	r = parse_extension_release_atv(rfd, image_class, extension, relax_extension_release_check, ap);
	340	va_end(ap);
	341	return r;
	342	}
	343
	344	int parse_extension_release_sentinel(
	345	const char *root,
	346	ImageClass image_class,
	347	bool relax_extension_release_check,
	348	const char *extension,
	349	...) {
	350
	351	_cleanup_close_ int rfd = -EBADF;
	352	va_list ap;
	353	int r;
	354
	355	rfd = open(empty_to_root(root), O_CLOEXEC \| O_DIRECTORY \| O_PATH);
	356	if (rfd < 0)
	357	return -errno;
	358
6ddd0511	359	va_start(ap, extension);
538d878d	360	r = parse_extension_release_atv(rfd, image_class, extension, relax_extension_release_check, ap);
d58ad743	361	va_end(ap);
d58ad743 LP	362	return r;
	363	}
	364
e1bb4b0d LB	365	int load_os_release_pairs_with_prefix(const char root, const char prefix, char ***ret) {
e1bb4b0d LB	366	_cleanup_strv_free_ char os_release_pairs = NULL, os_release_pairs_prefixed = NULL;
e1bb4b0d LB	367	int r;
	368
	369	r = load_os_release_pairs(root, &os_release_pairs);
	370	if (r < 0)
	371	return r;
	372
	373	STRV_FOREACH_PAIR(p, q, os_release_pairs) {
	374	char *line;
	375
2094cd49	376	/* We strictly return only the four main ID fields and ignore the rest */
e1bb4b0d LB	377	if (!STR_IN_SET(*p, "ID", "VERSION_ID", "BUILD_ID", "VARIANT_ID"))
	378	continue;
	379
	380	ascii_strlower(*p);
	381	line = strjoin(prefix, p, "=", q);
	382	if (!line)
	383	return -ENOMEM;
	384	r = strv_consume(&os_release_pairs_prefixed, line);
	385	if (r < 0)
	386	return r;
	387	}
	388
	389	*ret = TAKE_PTR(os_release_pairs_prefixed);
	390
	391	return 0;
	392	}
eb590035	393
b60e0f57	394	int load_extension_release_pairs(const char root, ImageClass image_class, const char extension, bool relax_extension_release_check, char ***ret) {
53cbf5f9	395	_cleanup_close_ int fd = -EBADF;
eb590035 LB	396	_cleanup_free_ char *p = NULL;
	397	int r;
	398
53cbf5f9	399	r = open_extension_release(root, image_class, extension, relax_extension_release_check, &p, &fd);
eb590035 LB	400	if (r < 0)
	401	return r;
	402
53cbf5f9	403	return load_env_file_pairs_fd(fd, p, ret);
eb590035	404	}
4bd03515	405
6bfe9b3b	406	int os_release_support_ended(const char support_end, bool quiet, usec_t ret_eol) {
4bd03515 ZJS	407	_cleanup_free_ char *_support_end_alloc = NULL;
	408	int r;
	409
	410	if (!support_end) {
	411	/* If the caller has the variably handy, they can pass it in. If not, we'll read it
	412	* ourselves. */
	413
	414	r = parse_os_release(NULL,
	415	"SUPPORT_END", &_support_end_alloc);
469af08f LP	416	if (r < 0 && r != -ENOENT)
469af08f LP	417	return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING, r,
4bd03515	418	"Failed to read os-release file, ignoring: %m");
4bd03515 ZJS	419
	420	support_end = _support_end_alloc;
	421	}
	422
a9bd4b4e LP	423	if (isempty(support_end)) /* An empty string is a explicit way to say "no EOL exists" */
a9bd4b4e LP	424	return false; /* no end date defined */
4bd03515	425
a9bd4b4e	426	struct tm tm = {};
4bd03515 ZJS	427	const char *k = strptime(support_end, "%Y-%m-%d", &tm);
	428	if (!k \|\| *k)
	429	return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING, SYNTHETIC_ERRNO(EINVAL),
	430	"Failed to parse SUPPORT_END= in os-release file, ignoring: %m");
	431
856ad0fd	432	time_t eol = timegm(&tm);
4bd03515 ZJS	433	if (eol == (time_t) -1)
	434	return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING, SYNTHETIC_ERRNO(EINVAL),
	435	"Failed to convert SUPPORT_END= in os-release file, ignoring: %m");
	436
6bfe9b3b LP	437	if (ret_eol)
	438	ret_eol = eol USEC_PER_SEC;
	439
	440	return DIV_ROUND_UP(now(CLOCK_REALTIME), USEC_PER_SEC) > (usec_t) eol;
4bd03515	441	}
02b7005e LP	442
	443	const char os_release_pretty_name(const char pretty_name, const char *name) {
	444	/* Distills a "pretty" name to show from os-release data. First argument is supposed to be the
	445	* PRETTY_NAME= field, the second one the NAME= field. This function is trivial, of course, and
	446	* exists mostly to ensure we use the same logic wherever possible. */
	447
	448	return empty_to_null(pretty_name) ?:
	449	empty_to_null(name) ?: "Linux";
	450	}