]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
9eb977db | 2 | |
9eb977db | 3 | #include <errno.h> |
11c3a366 | 4 | #include <limits.h> |
07630cea LP |
5 | #include <stdio.h> |
6 | #include <stdlib.h> | |
07630cea | 7 | #include <unistd.h> |
9eb977db | 8 | |
5f311f8c LP |
9 | /* When we include libgen.h because we need dirname() we immediately |
10 | * undefine basename() since libgen.h defines it as a macro to the | |
11 | * POSIX version which is really broken. We prefer GNU basename(). */ | |
12 | #include <libgen.h> | |
13 | #undef basename | |
14 | ||
b5efdb8a | 15 | #include "alloc-util.h" |
93cc7779 | 16 | #include "extract-word.h" |
bb0c0d6f | 17 | #include "fd-util.h" |
f4f15635 | 18 | #include "fs-util.h" |
5a46d55f | 19 | #include "glob-util.h" |
9eb977db | 20 | #include "log.h" |
07630cea | 21 | #include "macro.h" |
d8b4d14d | 22 | #include "nulstr-util.h" |
5a46d55f | 23 | #include "parse-util.h" |
3ffd4af2 | 24 | #include "path-util.h" |
8fcde012 | 25 | #include "stat-util.h" |
07630cea | 26 | #include "string-util.h" |
9eb977db | 27 | #include "strv.h" |
93cc7779 | 28 | #include "time-util.h" |
58a53add | 29 | #include "utf8.h" |
9eb977db | 30 | |
0f474365 | 31 | int path_split_and_make_absolute(const char *p, char ***ret) { |
9eb977db | 32 | char **l; |
0f474365 LP |
33 | int r; |
34 | ||
9eb977db | 35 | assert(p); |
0f474365 | 36 | assert(ret); |
9eb977db | 37 | |
116cc028 ZJS |
38 | l = strv_split(p, ":"); |
39 | if (!l) | |
ce9d6bcf | 40 | return -ENOMEM; |
9eb977db | 41 | |
0f474365 LP |
42 | r = path_strv_make_absolute_cwd(l); |
43 | if (r < 0) { | |
9eb977db | 44 | strv_free(l); |
0f474365 | 45 | return r; |
9eb977db KS |
46 | } |
47 | ||
0f474365 LP |
48 | *ret = l; |
49 | return r; | |
9eb977db KS |
50 | } |
51 | ||
52 | char *path_make_absolute(const char *p, const char *prefix) { | |
53 | assert(p); | |
54 | ||
55 | /* Makes every item in the list an absolute path by prepending | |
56 | * the prefix, if specified and necessary */ | |
57 | ||
81cce8de | 58 | if (path_is_absolute(p) || isempty(prefix)) |
9eb977db KS |
59 | return strdup(p); |
60 | ||
657ee2d8 | 61 | return path_join(prefix, p); |
9eb977db KS |
62 | } |
63 | ||
a2556d25 LP |
64 | int safe_getcwd(char **ret) { |
65 | char *cwd; | |
66 | ||
67 | cwd = get_current_dir_name(); | |
68 | if (!cwd) | |
69 | return negative_errno(); | |
70 | ||
71 | /* Let's make sure the directory is really absolute, to protect us from the logic behind | |
72 | * CVE-2018-1000001 */ | |
73 | if (cwd[0] != '/') { | |
74 | free(cwd); | |
75 | return -ENOMEDIUM; | |
76 | } | |
77 | ||
78 | *ret = cwd; | |
79 | return 0; | |
80 | } | |
81 | ||
0f474365 LP |
82 | int path_make_absolute_cwd(const char *p, char **ret) { |
83 | char *c; | |
d7249575 | 84 | int r; |
9eb977db KS |
85 | |
86 | assert(p); | |
0f474365 | 87 | assert(ret); |
9eb977db KS |
88 | |
89 | /* Similar to path_make_absolute(), but prefixes with the | |
90 | * current working directory. */ | |
91 | ||
92 | if (path_is_absolute(p)) | |
0f474365 LP |
93 | c = strdup(p); |
94 | else { | |
95 | _cleanup_free_ char *cwd = NULL; | |
9eb977db | 96 | |
d7249575 LP |
97 | r = safe_getcwd(&cwd); |
98 | if (r < 0) | |
99 | return r; | |
0f474365 | 100 | |
62a85ee0 | 101 | c = path_join(cwd, p); |
0f474365 LP |
102 | } |
103 | if (!c) | |
104 | return -ENOMEM; | |
9eb977db | 105 | |
0f474365 LP |
106 | *ret = c; |
107 | return 0; | |
9eb977db KS |
108 | } |
109 | ||
7cb9c51c | 110 | int path_make_relative(const char *from_dir, const char *to_path, char **_r) { |
48054262 YW |
111 | char *f, *t, *r, *p; |
112 | unsigned n_parents = 0; | |
7cb9c51c TK |
113 | |
114 | assert(from_dir); | |
115 | assert(to_path); | |
116 | assert(_r); | |
117 | ||
118 | /* Strips the common part, and adds ".." elements as necessary. */ | |
119 | ||
48054262 | 120 | if (!path_is_absolute(from_dir) || !path_is_absolute(to_path)) |
7cb9c51c TK |
121 | return -EINVAL; |
122 | ||
48054262 YW |
123 | f = strdupa(from_dir); |
124 | t = strdupa(to_path); | |
125 | ||
126 | path_simplify(f, true); | |
127 | path_simplify(t, true); | |
7cb9c51c TK |
128 | |
129 | /* Skip the common part. */ | |
130 | for (;;) { | |
2a5beb66 | 131 | size_t a, b; |
7cb9c51c | 132 | |
48054262 YW |
133 | f += *f == '/'; |
134 | t += *t == '/'; | |
7cb9c51c | 135 | |
48054262 YW |
136 | if (!*f) { |
137 | if (!*t) | |
7cb9c51c TK |
138 | /* from_dir equals to_path. */ |
139 | r = strdup("."); | |
140 | else | |
141 | /* from_dir is a parent directory of to_path. */ | |
48054262 | 142 | r = strdup(t); |
7cb9c51c TK |
143 | if (!r) |
144 | return -ENOMEM; | |
145 | ||
146 | *_r = r; | |
147 | return 0; | |
148 | } | |
149 | ||
48054262 | 150 | if (!*t) |
7cb9c51c TK |
151 | break; |
152 | ||
48054262 YW |
153 | a = strcspn(f, "/"); |
154 | b = strcspn(t, "/"); | |
7cb9c51c | 155 | |
48054262 | 156 | if (a != b || memcmp(f, t, a) != 0) |
7cb9c51c TK |
157 | break; |
158 | ||
48054262 YW |
159 | f += a; |
160 | t += b; | |
7cb9c51c TK |
161 | } |
162 | ||
163 | /* If we're here, then "from_dir" has one or more elements that need to | |
164 | * be replaced with "..". */ | |
165 | ||
166 | /* Count the number of necessary ".." elements. */ | |
48054262 | 167 | for (; *f;) { |
2a5beb66 LP |
168 | size_t w; |
169 | ||
48054262 | 170 | w = strcspn(f, "/"); |
2a5beb66 LP |
171 | |
172 | /* If this includes ".." we can't do a simple series of "..", refuse */ | |
48054262 | 173 | if (w == 2 && f[0] == '.' && f[1] == '.') |
2a5beb66 LP |
174 | return -EINVAL; |
175 | ||
48054262 YW |
176 | /* Count number of elements */ |
177 | n_parents++; | |
2a5beb66 | 178 | |
48054262 YW |
179 | f += w; |
180 | f += *f == '/'; | |
7cb9c51c TK |
181 | } |
182 | ||
48054262 | 183 | r = new(char, n_parents * 3 + strlen(t) + 1); |
7cb9c51c TK |
184 | if (!r) |
185 | return -ENOMEM; | |
186 | ||
2a5beb66 LP |
187 | for (p = r; n_parents > 0; n_parents--) |
188 | p = mempcpy(p, "../", 3); | |
7cb9c51c | 189 | |
48054262 YW |
190 | if (*t) |
191 | strcpy(p, t); | |
192 | else | |
193 | /* Remove trailing slash */ | |
194 | *(--p) = 0; | |
7cb9c51c TK |
195 | |
196 | *_r = r; | |
197 | return 0; | |
198 | } | |
199 | ||
cc4d7d81 ZJS |
200 | char* path_startswith_strv(const char *p, char **set) { |
201 | char **s, *t; | |
202 | ||
203 | STRV_FOREACH(s, set) { | |
204 | t = path_startswith(p, *s); | |
205 | if (t) | |
206 | return t; | |
207 | } | |
208 | ||
209 | return NULL; | |
210 | } | |
211 | ||
0f474365 | 212 | int path_strv_make_absolute_cwd(char **l) { |
9eb977db | 213 | char **s; |
0f474365 | 214 | int r; |
9eb977db KS |
215 | |
216 | /* Goes through every item in the string list and makes it | |
217 | * absolute. This works in place and won't rollback any | |
218 | * changes on failure. */ | |
219 | ||
220 | STRV_FOREACH(s, l) { | |
221 | char *t; | |
222 | ||
0f474365 LP |
223 | r = path_make_absolute_cwd(*s, &t); |
224 | if (r < 0) | |
225 | return r; | |
9eb977db | 226 | |
858d36c1 | 227 | path_simplify(t, false); |
32a8f700 | 228 | free_and_replace(*s, t); |
9eb977db KS |
229 | } |
230 | ||
0f474365 | 231 | return 0; |
9eb977db KS |
232 | } |
233 | ||
e1873695 | 234 | char **path_strv_resolve(char **l, const char *root) { |
9eb977db KS |
235 | char **s; |
236 | unsigned k = 0; | |
237 | bool enomem = false; | |
e1873695 | 238 | int r; |
9eb977db KS |
239 | |
240 | if (strv_isempty(l)) | |
241 | return l; | |
242 | ||
243 | /* Goes through every item in the string list and canonicalize | |
244 | * the path. This works in place and won't rollback any | |
245 | * changes on failure. */ | |
246 | ||
247 | STRV_FOREACH(s, l) { | |
12ed81d9 | 248 | _cleanup_free_ char *orig = NULL; |
e1873695 | 249 | char *t, *u; |
9eb977db | 250 | |
12ed81d9 ZJS |
251 | if (!path_is_absolute(*s)) { |
252 | free(*s); | |
9eb977db | 253 | continue; |
12ed81d9 | 254 | } |
112cfb18 | 255 | |
e1873695 | 256 | if (root) { |
12ed81d9 | 257 | orig = *s; |
c6134d3e | 258 | t = path_join(root, orig); |
112cfb18 MM |
259 | if (!t) { |
260 | enomem = true; | |
261 | continue; | |
262 | } | |
12ed81d9 | 263 | } else |
112cfb18 | 264 | t = *s; |
9eb977db | 265 | |
a5648b80 | 266 | r = chase_symlinks(t, root, 0, &u, NULL); |
e1873695 LP |
267 | if (r == -ENOENT) { |
268 | if (root) { | |
ae2a15bc | 269 | u = TAKE_PTR(orig); |
874310b7 | 270 | free(t); |
e1873695 LP |
271 | } else |
272 | u = t; | |
273 | } else if (r < 0) { | |
274 | free(t); | |
874310b7 | 275 | |
e1873695 LP |
276 | if (r == -ENOMEM) |
277 | enomem = true; | |
278 | ||
279 | continue; | |
280 | } else if (root) { | |
12ed81d9 ZJS |
281 | char *x; |
282 | ||
283 | free(t); | |
e1873695 | 284 | x = path_startswith(u, root); |
12ed81d9 ZJS |
285 | if (x) { |
286 | /* restore the slash if it was lost */ | |
287 | if (!startswith(x, "/")) | |
288 | *(--x) = '/'; | |
289 | ||
290 | t = strdup(x); | |
291 | free(u); | |
292 | if (!t) { | |
293 | enomem = true; | |
294 | continue; | |
295 | } | |
296 | u = t; | |
297 | } else { | |
298 | /* canonicalized path goes outside of | |
299 | * prefix, keep the original path instead */ | |
3b319885 | 300 | free_and_replace(u, orig); |
12ed81d9 | 301 | } |
91a6489d LP |
302 | } else |
303 | free(t); | |
9eb977db KS |
304 | |
305 | l[k++] = u; | |
306 | } | |
307 | ||
308 | l[k] = NULL; | |
309 | ||
310 | if (enomem) | |
311 | return NULL; | |
312 | ||
313 | return l; | |
314 | } | |
315 | ||
e1873695 | 316 | char **path_strv_resolve_uniq(char **l, const char *root) { |
112cfb18 | 317 | |
fabe5c0e LP |
318 | if (strv_isempty(l)) |
319 | return l; | |
320 | ||
e1873695 | 321 | if (!path_strv_resolve(l, root)) |
fabe5c0e LP |
322 | return NULL; |
323 | ||
324 | return strv_uniq(l); | |
325 | } | |
326 | ||
858d36c1 | 327 | char *path_simplify(char *path, bool kill_dots) { |
9eb977db | 328 | char *f, *t; |
858d36c1 | 329 | bool slash = false, ignore_slash = false, absolute; |
9eb977db | 330 | |
858d36c1 YW |
331 | assert(path); |
332 | ||
333 | /* Removes redundant inner and trailing slashes. Also removes unnecessary dots | |
334 | * if kill_dots is true. Modifies the passed string in-place. | |
9eb977db | 335 | * |
afbae3e9 TH |
336 | * ///foo//./bar/. becomes /foo/./bar/. (if kill_dots is false) |
337 | * ///foo//./bar/. becomes /foo/bar (if kill_dots is true) | |
338 | * .//./foo//./bar/. becomes ././foo/./bar/. (if kill_dots is false) | |
339 | * .//./foo//./bar/. becomes foo/bar (if kill_dots is true) | |
9eb977db KS |
340 | */ |
341 | ||
afbae3e9 TH |
342 | if (isempty(path)) |
343 | return path; | |
344 | ||
858d36c1 YW |
345 | absolute = path_is_absolute(path); |
346 | ||
347 | f = path; | |
348 | if (kill_dots && *f == '.' && IN_SET(f[1], 0, '/')) { | |
349 | ignore_slash = true; | |
350 | f++; | |
351 | } | |
352 | ||
353 | for (t = path; *f; f++) { | |
9eb977db KS |
354 | |
355 | if (*f == '/') { | |
356 | slash = true; | |
357 | continue; | |
358 | } | |
359 | ||
360 | if (slash) { | |
858d36c1 YW |
361 | if (kill_dots && *f == '.' && IN_SET(f[1], 0, '/')) |
362 | continue; | |
363 | ||
9eb977db | 364 | slash = false; |
858d36c1 YW |
365 | if (ignore_slash) |
366 | ignore_slash = false; | |
367 | else | |
368 | *(t++) = '/'; | |
9eb977db KS |
369 | } |
370 | ||
371 | *(t++) = *f; | |
372 | } | |
373 | ||
afbae3e9 TH |
374 | /* Special rule, if we stripped everything, we either need a "/" (for the root directory) |
375 | * or "." for the current directory */ | |
376 | if (t == path) { | |
377 | if (absolute) | |
378 | *(t++) = '/'; | |
379 | else | |
380 | *(t++) = '.'; | |
381 | } | |
9eb977db KS |
382 | |
383 | *t = 0; | |
384 | return path; | |
385 | } | |
386 | ||
b47aa73a ZJS |
387 | int path_simplify_and_warn( |
388 | char *path, | |
389 | unsigned flag, | |
390 | const char *unit, | |
391 | const char *filename, | |
392 | unsigned line, | |
393 | const char *lvalue) { | |
394 | ||
395 | bool fatal = flag & PATH_CHECK_FATAL; | |
396 | ||
397 | assert(!FLAGS_SET(flag, PATH_CHECK_ABSOLUTE | PATH_CHECK_RELATIVE)); | |
398 | ||
399 | if (!utf8_is_valid(path)) | |
400 | return log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, path); | |
401 | ||
402 | if (flag & (PATH_CHECK_ABSOLUTE | PATH_CHECK_RELATIVE)) { | |
403 | bool absolute; | |
404 | ||
405 | absolute = path_is_absolute(path); | |
406 | ||
407 | if (!absolute && (flag & PATH_CHECK_ABSOLUTE)) | |
408 | return log_syntax(unit, LOG_ERR, filename, line, SYNTHETIC_ERRNO(EINVAL), | |
409 | "%s= path is not absolute%s: %s", | |
410 | lvalue, fatal ? "" : ", ignoring", path); | |
411 | ||
412 | if (absolute && (flag & PATH_CHECK_RELATIVE)) | |
413 | return log_syntax(unit, LOG_ERR, filename, line, SYNTHETIC_ERRNO(EINVAL), | |
414 | "%s= path is absolute%s: %s", | |
415 | lvalue, fatal ? "" : ", ignoring", path); | |
416 | } | |
417 | ||
418 | path_simplify(path, true); | |
419 | ||
420 | if (!path_is_valid(path)) | |
421 | return log_syntax(unit, LOG_ERR, filename, line, SYNTHETIC_ERRNO(EINVAL), | |
422 | "%s= path has invalid length (%zu bytes)%s.", | |
423 | lvalue, strlen(path), fatal ? "" : ", ignoring"); | |
424 | ||
425 | if (!path_is_normalized(path)) | |
426 | return log_syntax(unit, LOG_ERR, filename, line, SYNTHETIC_ERRNO(EINVAL), | |
427 | "%s= path is not normalized%s: %s", | |
428 | lvalue, fatal ? "" : ", ignoring", path); | |
429 | ||
430 | return 0; | |
431 | } | |
432 | ||
424a19f8 | 433 | char* path_startswith(const char *path, const char *prefix) { |
9eb977db KS |
434 | assert(path); |
435 | assert(prefix); | |
436 | ||
0470289b ZJS |
437 | /* Returns a pointer to the start of the first component after the parts matched by |
438 | * the prefix, iff | |
439 | * - both paths are absolute or both paths are relative, | |
440 | * and | |
441 | * - each component in prefix in turn matches a component in path at the same position. | |
442 | * An empty string will be returned when the prefix and path are equivalent. | |
443 | * | |
444 | * Returns NULL otherwise. | |
445 | */ | |
446 | ||
9eb977db | 447 | if ((path[0] == '/') != (prefix[0] == '/')) |
424a19f8 | 448 | return NULL; |
9eb977db KS |
449 | |
450 | for (;;) { | |
451 | size_t a, b; | |
452 | ||
453 | path += strspn(path, "/"); | |
454 | prefix += strspn(prefix, "/"); | |
455 | ||
456 | if (*prefix == 0) | |
424a19f8 | 457 | return (char*) path; |
9eb977db KS |
458 | |
459 | if (*path == 0) | |
424a19f8 | 460 | return NULL; |
9eb977db KS |
461 | |
462 | a = strcspn(path, "/"); | |
463 | b = strcspn(prefix, "/"); | |
464 | ||
465 | if (a != b) | |
424a19f8 | 466 | return NULL; |
9eb977db KS |
467 | |
468 | if (memcmp(path, prefix, a) != 0) | |
424a19f8 | 469 | return NULL; |
9eb977db KS |
470 | |
471 | path += a; | |
472 | prefix += b; | |
473 | } | |
474 | } | |
475 | ||
2230852b MS |
476 | int path_compare(const char *a, const char *b) { |
477 | int d; | |
478 | ||
9eb977db KS |
479 | assert(a); |
480 | assert(b); | |
481 | ||
f21f31b2 | 482 | /* A relative path and an absolute path must not compare as equal. |
2230852b MS |
483 | * Which one is sorted before the other does not really matter. |
484 | * Here a relative path is ordered before an absolute path. */ | |
485 | d = (a[0] == '/') - (b[0] == '/'); | |
373cd63a | 486 | if (d != 0) |
2230852b | 487 | return d; |
9eb977db KS |
488 | |
489 | for (;;) { | |
490 | size_t j, k; | |
491 | ||
492 | a += strspn(a, "/"); | |
493 | b += strspn(b, "/"); | |
494 | ||
495 | if (*a == 0 && *b == 0) | |
2230852b | 496 | return 0; |
9eb977db | 497 | |
2230852b MS |
498 | /* Order prefixes first: "/foo" before "/foo/bar" */ |
499 | if (*a == 0) | |
500 | return -1; | |
501 | if (*b == 0) | |
502 | return 1; | |
9eb977db KS |
503 | |
504 | j = strcspn(a, "/"); | |
505 | k = strcspn(b, "/"); | |
506 | ||
2230852b MS |
507 | /* Alphabetical sort: "/foo/aaa" before "/foo/b" */ |
508 | d = memcmp(a, b, MIN(j, k)); | |
373cd63a | 509 | if (d != 0) |
2230852b | 510 | return (d > 0) - (d < 0); /* sign of d */ |
9eb977db | 511 | |
2230852b MS |
512 | /* Sort "/foo/a" before "/foo/aaa" */ |
513 | d = (j > k) - (j < k); /* sign of (j - k) */ | |
373cd63a | 514 | if (d != 0) |
2230852b | 515 | return d; |
9eb977db KS |
516 | |
517 | a += j; | |
518 | b += k; | |
519 | } | |
520 | } | |
521 | ||
2230852b MS |
522 | bool path_equal(const char *a, const char *b) { |
523 | return path_compare(a, b) == 0; | |
524 | } | |
525 | ||
e3f791a2 ZJS |
526 | bool path_equal_or_files_same(const char *a, const char *b, int flags) { |
527 | return path_equal(a, b) || files_same(a, b, flags) > 0; | |
c78e47a6 MS |
528 | } |
529 | ||
62a85ee0 | 530 | char* path_join_internal(const char *first, ...) { |
cd8194a3 LP |
531 | char *joined, *q; |
532 | const char *p; | |
533 | va_list ap; | |
534 | bool slash; | |
535 | size_t sz; | |
536 | ||
652ef298 ZJS |
537 | /* Joins all listed strings until the sentinel and places a "/" between them unless the strings end/begin |
538 | * already with one so that it is unnecessary. Note that slashes which are already duplicate won't be | |
539 | * removed. The string returned is hence always equal to or longer than the sum of the lengths of each | |
540 | * individual string. | |
cd8194a3 LP |
541 | * |
542 | * Note: any listed empty string is simply skipped. This can be useful for concatenating strings of which some | |
543 | * are optional. | |
544 | * | |
545 | * Examples: | |
546 | * | |
62a85ee0 ZJS |
547 | * path_join("foo", "bar") → "foo/bar" |
548 | * path_join("foo/", "bar") → "foo/bar" | |
549 | * path_join("", "foo", "", "bar", "") → "foo/bar" */ | |
cd8194a3 | 550 | |
652ef298 | 551 | sz = strlen_ptr(first); |
cd8194a3 | 552 | va_start(ap, first); |
66032ef4 | 553 | while ((p = va_arg(ap, char*)) != POINTER_MAX) |
652ef298 ZJS |
554 | if (!isempty(p)) |
555 | sz += 1 + strlen(p); | |
cd8194a3 LP |
556 | va_end(ap); |
557 | ||
558 | joined = new(char, sz + 1); | |
559 | if (!joined) | |
560 | return NULL; | |
561 | ||
652ef298 | 562 | if (!isempty(first)) { |
cd8194a3 LP |
563 | q = stpcpy(joined, first); |
564 | slash = endswith(first, "/"); | |
565 | } else { | |
566 | /* Skip empty items */ | |
567 | joined[0] = 0; | |
568 | q = joined; | |
569 | slash = true; /* no need to generate a slash anymore */ | |
570 | } | |
571 | ||
572 | va_start(ap, first); | |
66032ef4 | 573 | while ((p = va_arg(ap, char*)) != POINTER_MAX) { |
652ef298 | 574 | if (isempty(p)) |
cd8194a3 LP |
575 | continue; |
576 | ||
577 | if (!slash && p[0] != '/') | |
578 | *(q++) = '/'; | |
579 | ||
580 | q = stpcpy(q, p); | |
581 | slash = endswith(p, "/"); | |
582 | } | |
583 | va_end(ap); | |
584 | ||
585 | return joined; | |
586 | } | |
587 | ||
5ca9139a | 588 | static int check_x_access(const char *path, int *ret_fd) { |
ece852c8 | 589 | _cleanup_close_ int fd = -1; |
ece852c8 | 590 | int r; |
5ca9139a | 591 | |
888f65ac YW |
592 | /* We need to use O_PATH because there may be executables for which we have only exec |
593 | * permissions, but not read (usually suid executables). */ | |
594 | fd = open(path, O_PATH|O_CLOEXEC); | |
595 | if (fd < 0) | |
596 | return -errno; | |
ece852c8 | 597 | |
888f65ac YW |
598 | r = fd_verify_regular(fd); |
599 | if (r < 0) | |
600 | return r; | |
ece852c8 | 601 | |
888f65ac YW |
602 | r = access_fd(fd, X_OK); |
603 | if (r < 0) | |
604 | return r; | |
ece852c8 YW |
605 | |
606 | if (ret_fd) | |
607 | *ret_fd = TAKE_FD(fd); | |
608 | ||
5ca9139a ZJS |
609 | return 0; |
610 | } | |
611 | ||
612 | int find_executable_full(const char *name, bool use_path_envvar, char **ret_filename, int *ret_fd) { | |
85eca92e | 613 | int last_error, r; |
92673045 | 614 | const char *p = NULL; |
85eca92e | 615 | |
c9d954b2 | 616 | assert(name); |
4087cb9e | 617 | |
571d0134 | 618 | if (is_path(name)) { |
5ca9139a | 619 | _cleanup_close_ int fd = -1; |
b972115c | 620 | |
5ca9139a ZJS |
621 | r = check_x_access(name, ret_fd ? &fd : NULL); |
622 | if (r < 0) | |
623 | return r; | |
624 | ||
625 | if (ret_filename) { | |
626 | r = path_make_absolute_cwd(name, ret_filename); | |
0f474365 LP |
627 | if (r < 0) |
628 | return r; | |
eb66db55 | 629 | } |
c9d954b2 | 630 | |
5ca9139a ZJS |
631 | if (ret_fd) |
632 | *ret_fd = TAKE_FD(fd); | |
633 | ||
c9d954b2 | 634 | return 0; |
85eca92e | 635 | } |
c9d954b2 | 636 | |
92673045 ZJS |
637 | if (use_path_envvar) |
638 | /* Plain getenv, not secure_getenv, because we want to actually allow the user to pick the | |
639 | * binary. */ | |
640 | p = getenv("PATH"); | |
85eca92e LP |
641 | if (!p) |
642 | p = DEFAULT_PATH; | |
643 | ||
644 | last_error = -ENOENT; | |
645 | ||
5ca9139a | 646 | /* Resolve a single-component name to a full path */ |
85eca92e LP |
647 | for (;;) { |
648 | _cleanup_free_ char *j = NULL, *element = NULL; | |
5ca9139a | 649 | _cleanup_close_ int fd = -1; |
85eca92e LP |
650 | |
651 | r = extract_first_word(&p, &element, ":", EXTRACT_RELAX|EXTRACT_DONT_COALESCE_SEPARATORS); | |
652 | if (r < 0) | |
653 | return r; | |
654 | if (r == 0) | |
655 | break; | |
656 | ||
0f474365 LP |
657 | if (!path_is_absolute(element)) |
658 | continue; | |
659 | ||
657ee2d8 | 660 | j = path_join(element, name); |
85eca92e LP |
661 | if (!j) |
662 | return -ENOMEM; | |
663 | ||
5ca9139a | 664 | r = check_x_access(j, ret_fd ? &fd : NULL); |
ece852c8 YW |
665 | if (r < 0) { |
666 | /* PATH entries which we don't have access to are ignored, as per tradition. */ | |
667 | if (r != -EACCES) | |
668 | last_error = r; | |
669 | continue; | |
c9d954b2 ZJS |
670 | } |
671 | ||
ece852c8 YW |
672 | /* Found it! */ |
673 | if (ret_filename) | |
674 | *ret_filename = path_simplify(TAKE_PTR(j), false); | |
675 | if (ret_fd) | |
676 | *ret_fd = TAKE_FD(fd); | |
677 | ||
678 | return 0; | |
c9d954b2 | 679 | } |
85eca92e LP |
680 | |
681 | return last_error; | |
c9d954b2 | 682 | } |
8e184852 | 683 | |
2ad8416d | 684 | bool paths_check_timestamp(const char* const* paths, usec_t *timestamp, bool update) { |
8e184852 | 685 | bool changed = false; |
2ad8416d | 686 | const char* const* i; |
8e184852 | 687 | |
97f2d76d TG |
688 | assert(timestamp); |
689 | ||
234519ae | 690 | if (!paths) |
4087cb9e | 691 | return false; |
8e184852 | 692 | |
4087cb9e | 693 | STRV_FOREACH(i, paths) { |
8e184852 | 694 | struct stat stats; |
4087cb9e | 695 | usec_t u; |
8e184852 | 696 | |
4087cb9e | 697 | if (stat(*i, &stats) < 0) |
8e184852 TG |
698 | continue; |
699 | ||
4087cb9e LP |
700 | u = timespec_load(&stats.st_mtim); |
701 | ||
97f2d76d | 702 | /* first check */ |
4087cb9e | 703 | if (*timestamp >= u) |
8e184852 TG |
704 | continue; |
705 | ||
9f6445e3 | 706 | log_debug("timestamp of '%s' changed", *i); |
8e184852 TG |
707 | |
708 | /* update timestamp */ | |
4087cb9e LP |
709 | if (update) { |
710 | *timestamp = u; | |
711 | changed = true; | |
712 | } else | |
713 | return true; | |
8e184852 | 714 | } |
4087cb9e | 715 | |
8e184852 TG |
716 | return changed; |
717 | } | |
eb66db55 | 718 | |
f7bc0c32 | 719 | static int executable_is_good(const char *executable) { |
571d0134 | 720 | _cleanup_free_ char *p = NULL, *d = NULL; |
571d0134 | 721 | int r; |
eb66db55 | 722 | |
f7bc0c32 | 723 | r = find_executable(executable, &p); |
85eca92e LP |
724 | if (r == -ENOENT) |
725 | return 0; | |
571d0134 LP |
726 | if (r < 0) |
727 | return r; | |
728 | ||
f7bc0c32 | 729 | /* An fsck that is linked to /bin/true is a non-existent fsck */ |
571d0134 LP |
730 | |
731 | r = readlink_malloc(p, &d); | |
85eca92e LP |
732 | if (r == -EINVAL) /* not a symlink */ |
733 | return 1; | |
734 | if (r < 0) | |
735 | return r; | |
571d0134 | 736 | |
3ae5990c ZJS |
737 | return !PATH_IN_SET(d, "true" |
738 | "/bin/true", | |
739 | "/usr/bin/true", | |
740 | "/dev/null"); | |
eb66db55 | 741 | } |
1d13f648 | 742 | |
5bcd08db LP |
743 | int fsck_exists(const char *fstype) { |
744 | const char *checker; | |
745 | ||
85eca92e | 746 | assert(fstype); |
5bcd08db | 747 | |
85eca92e LP |
748 | if (streq(fstype, "auto")) |
749 | return -EINVAL; | |
750 | ||
751 | checker = strjoina("fsck.", fstype); | |
f7bc0c32 | 752 | return executable_is_good(checker); |
5bcd08db LP |
753 | } |
754 | ||
0f03c2a4 LP |
755 | int parse_path_argument_and_warn(const char *path, bool suppress_root, char **arg) { |
756 | char *p; | |
757 | int r; | |
758 | ||
759 | /* | |
760 | * This function is intended to be used in command line | |
761 | * parsers, to handle paths that are passed in. It makes the | |
762 | * path absolute, and reduces it to NULL if omitted or | |
763 | * root (the latter optionally). | |
764 | * | |
765 | * NOTE THAT THIS WILL FREE THE PREVIOUS ARGUMENT POINTER ON | |
766 | * SUCCESS! Hence, do not pass in uninitialized pointers. | |
767 | */ | |
768 | ||
769 | if (isempty(path)) { | |
770 | *arg = mfree(*arg); | |
771 | return 0; | |
772 | } | |
773 | ||
774 | r = path_make_absolute_cwd(path, &p); | |
775 | if (r < 0) | |
776 | return log_error_errno(r, "Failed to parse path \"%s\" and make it absolute: %m", path); | |
777 | ||
858d36c1 | 778 | path_simplify(p, false); |
53e87b5a | 779 | if (suppress_root && empty_or_root(p)) |
0f03c2a4 LP |
780 | p = mfree(p); |
781 | ||
858d36c1 | 782 | free_and_replace(*arg, p); |
53e87b5a | 783 | |
0f03c2a4 LP |
784 | return 0; |
785 | } | |
5f311f8c LP |
786 | |
787 | char* dirname_malloc(const char *path) { | |
788 | char *d, *dir, *dir2; | |
789 | ||
790 | assert(path); | |
791 | ||
792 | d = strdup(path); | |
793 | if (!d) | |
794 | return NULL; | |
795 | ||
796 | dir = dirname(d); | |
797 | assert(dir); | |
798 | ||
799 | if (dir == d) | |
800 | return d; | |
801 | ||
802 | dir2 = strdup(dir); | |
803 | free(d); | |
804 | ||
805 | return dir2; | |
806 | } | |
bb15fafe | 807 | |
b12d25a8 | 808 | const char *last_path_component(const char *path) { |
8460289f LP |
809 | |
810 | /* Finds the last component of the path, preserving the optional trailing slash that signifies a directory. | |
811 | * | |
b12d25a8 ZJS |
812 | * a/b/c → c |
813 | * a/b/c/ → c/ | |
8460289f LP |
814 | * x → x |
815 | * x/ → x/ | |
816 | * /y → y | |
817 | * /y/ → y/ | |
b12d25a8 ZJS |
818 | * / → / |
819 | * // → / | |
820 | * /foo/a → a | |
821 | * /foo/a/ → a/ | |
8460289f LP |
822 | * |
823 | * Also, the empty string is mapped to itself. | |
824 | * | |
825 | * This is different than basename(), which returns "" when a trailing slash is present. | |
b12d25a8 ZJS |
826 | */ |
827 | ||
828 | unsigned l, k; | |
829 | ||
77e0a1b5 LP |
830 | if (!path) |
831 | return NULL; | |
832 | ||
b12d25a8 | 833 | l = k = strlen(path); |
69f9ccf1 ZJS |
834 | if (l == 0) /* special case — an empty string */ |
835 | return path; | |
836 | ||
b12d25a8 ZJS |
837 | while (k > 0 && path[k-1] == '/') |
838 | k--; | |
839 | ||
840 | if (k == 0) /* the root directory */ | |
841 | return path + l - 1; | |
842 | ||
843 | while (k > 0 && path[k-1] != '/') | |
844 | k--; | |
845 | ||
846 | return path + k; | |
847 | } | |
848 | ||
a60c8eee LP |
849 | int path_extract_filename(const char *p, char **ret) { |
850 | _cleanup_free_ char *a = NULL; | |
851 | const char *c, *e = NULL, *q; | |
852 | ||
853 | /* Extracts the filename part (i.e. right-most component) from a path, i.e. string that passes | |
854 | * filename_is_valid(). A wrapper around last_path_component(), but eats up trailing slashes. */ | |
855 | ||
856 | if (!p) | |
857 | return -EINVAL; | |
858 | ||
859 | c = last_path_component(p); | |
860 | ||
861 | for (q = c; *q != 0; q++) | |
862 | if (*q != '/') | |
863 | e = q + 1; | |
864 | ||
865 | if (!e) /* no valid character? */ | |
866 | return -EINVAL; | |
867 | ||
868 | a = strndup(c, e - c); | |
869 | if (!a) | |
870 | return -ENOMEM; | |
871 | ||
872 | if (!filename_is_valid(a)) | |
873 | return -EINVAL; | |
874 | ||
875 | *ret = TAKE_PTR(a); | |
876 | ||
877 | return 0; | |
878 | } | |
879 | ||
bb15fafe LP |
880 | bool filename_is_valid(const char *p) { |
881 | const char *e; | |
882 | ||
883 | if (isempty(p)) | |
884 | return false; | |
885 | ||
49bfc877 | 886 | if (dot_or_dot_dot(p)) |
bb15fafe LP |
887 | return false; |
888 | ||
889 | e = strchrnul(p, '/'); | |
890 | if (*e != 0) | |
891 | return false; | |
892 | ||
656552eb | 893 | if (e - p > FILENAME_MAX) /* FILENAME_MAX is counted *without* the trailing NUL byte */ |
bb15fafe LP |
894 | return false; |
895 | ||
896 | return true; | |
897 | } | |
898 | ||
656552eb | 899 | bool path_is_valid(const char *p) { |
bb15fafe LP |
900 | |
901 | if (isempty(p)) | |
902 | return false; | |
903 | ||
656552eb | 904 | if (strlen(p) >= PATH_MAX) /* PATH_MAX is counted *with* the trailing NUL byte */ |
49bfc877 LP |
905 | return false; |
906 | ||
656552eb LP |
907 | return true; |
908 | } | |
909 | ||
910 | bool path_is_normalized(const char *p) { | |
911 | ||
912 | if (!path_is_valid(p)) | |
913 | return false; | |
914 | ||
915 | if (dot_or_dot_dot(p)) | |
bb15fafe LP |
916 | return false; |
917 | ||
656552eb | 918 | if (startswith(p, "../") || endswith(p, "/..") || strstr(p, "/../")) |
bb15fafe LP |
919 | return false; |
920 | ||
49bfc877 | 921 | if (startswith(p, "./") || endswith(p, "/.") || strstr(p, "/./")) |
bb15fafe LP |
922 | return false; |
923 | ||
924 | if (strstr(p, "//")) | |
925 | return false; | |
926 | ||
927 | return true; | |
928 | } | |
a0956174 LP |
929 | |
930 | char *file_in_same_dir(const char *path, const char *filename) { | |
931 | char *e, *ret; | |
932 | size_t k; | |
933 | ||
934 | assert(path); | |
935 | assert(filename); | |
936 | ||
937 | /* This removes the last component of path and appends | |
938 | * filename, unless the latter is absolute anyway or the | |
939 | * former isn't */ | |
940 | ||
941 | if (path_is_absolute(filename)) | |
942 | return strdup(filename); | |
943 | ||
944 | e = strrchr(path, '/'); | |
945 | if (!e) | |
946 | return strdup(filename); | |
947 | ||
948 | k = strlen(filename); | |
949 | ret = new(char, (e + 1 - path) + k + 1); | |
950 | if (!ret) | |
951 | return NULL; | |
952 | ||
953 | memcpy(mempcpy(ret, path, e + 1 - path), filename, k + 1); | |
954 | return ret; | |
955 | } | |
956 | ||
55cdd057 ZJS |
957 | bool hidden_or_backup_file(const char *filename) { |
958 | const char *p; | |
a0956174 | 959 | |
a0956174 LP |
960 | assert(filename); |
961 | ||
55cdd057 ZJS |
962 | if (filename[0] == '.' || |
963 | streq(filename, "lost+found") || | |
964 | streq(filename, "aquota.user") || | |
965 | streq(filename, "aquota.group") || | |
966 | endswith(filename, "~")) | |
a0956174 LP |
967 | return true; |
968 | ||
55cdd057 ZJS |
969 | p = strrchr(filename, '.'); |
970 | if (!p) | |
971 | return false; | |
972 | ||
941060bf LP |
973 | /* Please, let's not add more entries to the list below. If external projects think it's a good idea to come up |
974 | * with always new suffixes and that everybody else should just adjust to that, then it really should be on | |
975 | * them. Hence, in future, let's not add any more entries. Instead, let's ask those packages to instead adopt | |
976 | * one of the generic suffixes/prefixes for hidden files or backups, possibly augmented with an additional | |
977 | * string. Specifically: there's now: | |
978 | * | |
979 | * The generic suffixes "~" and ".bak" for backup files | |
980 | * The generic prefix "." for hidden files | |
981 | * | |
94a0ef6e ZJS |
982 | * Thus, if a new package manager "foopkg" wants its own set of ".foopkg-new", ".foopkg-old", ".foopkg-dist" |
983 | * or so registered, let's refuse that and ask them to use ".foopkg.new", ".foopkg.old" or ".foopkg~" instead. | |
941060bf LP |
984 | */ |
985 | ||
55cdd057 ZJS |
986 | return STR_IN_SET(p + 1, |
987 | "rpmnew", | |
988 | "rpmsave", | |
989 | "rpmorig", | |
990 | "dpkg-old", | |
991 | "dpkg-new", | |
992 | "dpkg-tmp", | |
993 | "dpkg-dist", | |
994 | "dpkg-bak", | |
995 | "dpkg-backup", | |
996 | "dpkg-remove", | |
997 | "ucf-new", | |
998 | "ucf-old", | |
999 | "ucf-dist", | |
941060bf | 1000 | "swp", |
94a0ef6e ZJS |
1001 | "bak", |
1002 | "old", | |
1003 | "new"); | |
a0956174 LP |
1004 | } |
1005 | ||
1006 | bool is_device_path(const char *path) { | |
1007 | ||
bae47ba7 | 1008 | /* Returns true on paths that likely refer to a device, either by path in sysfs or to something in /dev */ |
a0956174 | 1009 | |
bae47ba7 | 1010 | return PATH_STARTSWITH_SET(path, "/dev/", "/sys/"); |
3ccb8862 ZJS |
1011 | } |
1012 | ||
57e84e75 LP |
1013 | bool valid_device_node_path(const char *path) { |
1014 | ||
1015 | /* Some superficial checks whether the specified path is a valid device node path, all without looking at the | |
1016 | * actual device node. */ | |
1017 | ||
1018 | if (!PATH_STARTSWITH_SET(path, "/dev/", "/run/systemd/inaccessible/")) | |
1019 | return false; | |
1020 | ||
1021 | if (endswith(path, "/")) /* can't be a device node if it ends in a slash */ | |
1022 | return false; | |
1023 | ||
1024 | return path_is_normalized(path); | |
1025 | } | |
1026 | ||
1027 | bool valid_device_allow_pattern(const char *path) { | |
1028 | assert(path); | |
1029 | ||
1030 | /* Like valid_device_node_path(), but also allows full-subsystem expressions, like DeviceAllow= and DeviceDeny= | |
1031 | * accept it */ | |
1032 | ||
49fe5c09 | 1033 | if (STARTSWITH_SET(path, "block-", "char-")) |
57e84e75 LP |
1034 | return true; |
1035 | ||
1036 | return valid_device_node_path(path); | |
a0956174 | 1037 | } |
5a46d55f ZJS |
1038 | |
1039 | int systemd_installation_has_version(const char *root, unsigned minimal_version) { | |
1040 | const char *pattern; | |
1041 | int r; | |
1042 | ||
1043 | /* Try to guess if systemd installation is later than the specified version. This | |
1044 | * is hacky and likely to yield false negatives, particularly if the installation | |
1045 | * is non-standard. False positives should be relatively rare. | |
1046 | */ | |
1047 | ||
1048 | NULSTR_FOREACH(pattern, | |
1049 | /* /lib works for systems without usr-merge, and for systems with a sane | |
1050 | * usr-merge, where /lib is a symlink to /usr/lib. /usr/lib is necessary | |
1051 | * for Gentoo which does a merge without making /lib a symlink. | |
1052 | */ | |
1053 | "lib/systemd/libsystemd-shared-*.so\0" | |
28faeda4 LP |
1054 | "lib64/systemd/libsystemd-shared-*.so\0" |
1055 | "usr/lib/systemd/libsystemd-shared-*.so\0" | |
1056 | "usr/lib64/systemd/libsystemd-shared-*.so\0") { | |
5a46d55f ZJS |
1057 | |
1058 | _cleanup_strv_free_ char **names = NULL; | |
1059 | _cleanup_free_ char *path = NULL; | |
1060 | char *c, **name; | |
1061 | ||
c6134d3e | 1062 | path = path_join(root, pattern); |
5a46d55f ZJS |
1063 | if (!path) |
1064 | return -ENOMEM; | |
1065 | ||
544e146b | 1066 | r = glob_extend(&names, path, 0); |
5a46d55f ZJS |
1067 | if (r == -ENOENT) |
1068 | continue; | |
1069 | if (r < 0) | |
1070 | return r; | |
1071 | ||
dcd6361e | 1072 | assert_se(c = endswith(path, "*.so")); |
5a46d55f ZJS |
1073 | *c = '\0'; /* truncate the glob part */ |
1074 | ||
1075 | STRV_FOREACH(name, names) { | |
1076 | /* This is most likely to run only once, hence let's not optimize anything. */ | |
1077 | char *t, *t2; | |
1078 | unsigned version; | |
1079 | ||
1080 | t = startswith(*name, path); | |
1081 | if (!t) | |
1082 | continue; | |
1083 | ||
1084 | t2 = endswith(t, ".so"); | |
1085 | if (!t2) | |
1086 | continue; | |
1087 | ||
1088 | t2[0] = '\0'; /* truncate the suffix */ | |
1089 | ||
1090 | r = safe_atou(t, &version); | |
1091 | if (r < 0) { | |
1092 | log_debug_errno(r, "Found libsystemd shared at \"%s.so\", but failed to parse version: %m", *name); | |
1093 | continue; | |
1094 | } | |
1095 | ||
1096 | log_debug("Found libsystemd shared at \"%s.so\", version %u (%s).", | |
1097 | *name, version, | |
1098 | version >= minimal_version ? "OK" : "too old"); | |
1099 | if (version >= minimal_version) | |
1100 | return true; | |
1101 | } | |
1102 | } | |
1103 | ||
1104 | return false; | |
1105 | } | |
49bfc877 LP |
1106 | |
1107 | bool dot_or_dot_dot(const char *path) { | |
1108 | if (!path) | |
1109 | return false; | |
1110 | if (path[0] != '.') | |
1111 | return false; | |
1112 | if (path[1] == 0) | |
1113 | return true; | |
1114 | if (path[1] != '.') | |
1115 | return false; | |
1116 | ||
1117 | return path[2] == 0; | |
1118 | } | |
57ea45e1 LP |
1119 | |
1120 | bool empty_or_root(const char *root) { | |
1121 | ||
1122 | /* For operations relative to some root directory, returns true if the specified root directory is redundant, | |
1123 | * i.e. either / or NULL or the empty string or any equivalent. */ | |
1124 | ||
1125 | if (!root) | |
1126 | return true; | |
1127 | ||
1128 | return root[strspn(root, "/")] == 0; | |
1129 | } | |
3841fee8 LP |
1130 | |
1131 | bool path_strv_contains(char **l, const char *path) { | |
1132 | char **i; | |
1133 | ||
1134 | STRV_FOREACH(i, l) | |
1135 | if (path_equal(*i, path)) | |
1136 | return true; | |
1137 | ||
1138 | return false; | |
1139 | } | |
de46b2be TM |
1140 | |
1141 | bool prefixed_path_strv_contains(char **l, const char *path) { | |
1142 | char **i, *j; | |
1143 | ||
1144 | STRV_FOREACH(i, l) { | |
1145 | j = *i; | |
1146 | if (*j == '-') | |
1147 | j++; | |
1148 | if (*j == '+') | |
1149 | j++; | |
1150 | if (path_equal(j, path)) | |
1151 | return true; | |
1152 | } | |
1153 | ||
1154 | return false; | |
1155 | } | |
bb0c0d6f LP |
1156 | |
1157 | bool credential_name_valid(const char *s) { | |
1158 | /* We want that credential names are both valid in filenames (since that's our primary way to pass | |
1159 | * them around) and as fdnames (which is how we might want to pass them around eventually) */ | |
1160 | return filename_is_valid(s) && fdname_is_valid(s); | |
1161 | } |