[thirdparty/systemd.git] / src / login / user-runtime-dir.c

/* SPDX-License-Identifier: LGPL-2.1+ */

#include <stdint.h>
#include <sys/mount.h>

#include "fs-util.h"
#include "label.h"
#include "logind.h"
#include "mkdir.h"
#include "mount-util.h"
#include "path-util.h"
#include "rm-rf.h"
#include "smack-util.h"
#include "stdio-util.h"
#include "string-util.h"
#include "strv.h"
#include "user-util.h"

static int gather_configuration(size_t *runtime_dir_size) {
        Manager m = {};
        int r;

        manager_reset_config(&m);

        r = manager_parse_config_file(&m);
        if (r < 0)
                log_warning_errno(r, "Failed to parse logind.conf: %m");

        *runtime_dir_size = m.runtime_dir_size;
        return 0;
}

static int user_mkdir_runtime_path(const char *runtime_path, uid_t uid, gid_t gid, size_t runtime_dir_size) {
        int r;

        assert(runtime_path);
        assert(path_is_absolute(runtime_path));
        assert(uid_is_valid(uid));
        assert(gid_is_valid(gid));

        r = mkdir_safe_label("/run/user", 0755, 0, 0, MKDIR_WARN_MODE);
        if (r < 0)
                return log_error_errno(r, "Failed to create /run/user: %m");

        if (path_is_mount_point(runtime_path, NULL, 0) >= 0)
                log_debug("%s is already a mount point", runtime_path);
        else {
                char options[sizeof("mode=0700,uid=,gid=,size=,smackfsroot=*")
                             + DECIMAL_STR_MAX(uid_t)
                             + DECIMAL_STR_MAX(gid_t)
                             + DECIMAL_STR_MAX(size_t)];

                xsprintf(options,
                         "mode=0700,uid=" UID_FMT ",gid=" GID_FMT ",size=%zu%s",
                         uid, gid, runtime_dir_size,
                         mac_smack_use() ? ",smackfsroot=*" : "");

                (void) mkdir_label(runtime_path, 0700);

                r = mount("tmpfs", runtime_path, "tmpfs", MS_NODEV|MS_NOSUID, options);
                if (r < 0) {
                        if (!IN_SET(errno, EPERM, EACCES)) {
                                r = log_error_errno(errno, "Failed to mount per-user tmpfs directory %s: %m", runtime_path);
                                goto fail;
                        }

                        log_debug_errno(errno, "Failed to mount per-user tmpfs directory %s.\n"
                                        "Assuming containerized execution, ignoring: %m", runtime_path);

                        r = chmod_and_chown(runtime_path, 0700, uid, gid);
                        if (r < 0) {
                                log_error_errno(r, "Failed to change ownership and mode of \"%s\": %m", runtime_path);
                                goto fail;
                        }
                }

                r = label_fix(runtime_path, 0);
                if (r < 0)
                        log_warning_errno(r, "Failed to fix label of \"%s\", ignoring: %m", runtime_path);
        }

        return 0;

fail:
        /* Try to clean up, but ignore errors */
        (void) rmdir(runtime_path);
        return r;
}

static int user_remove_runtime_path(const char *runtime_path) {
        int r;

        assert(runtime_path);
        assert(path_is_absolute(runtime_path));

        r = rm_rf(runtime_path, 0);
        if (r < 0)
                log_debug_errno(r, "Failed to remove runtime directory %s (before unmounting), ignoring: %m", runtime_path);

        /* Ignore cases where the directory isn't mounted, as that's quite possible, if we lacked the permissions to
         * mount something */
        r = umount2(runtime_path, MNT_DETACH);
        if (r < 0 && !IN_SET(errno, EINVAL, ENOENT))
                log_debug_errno(errno, "Failed to unmount user runtime directory %s, ignoring: %m", runtime_path);

        r = rm_rf(runtime_path, REMOVE_ROOT);
        if (r < 0 && r != -ENOENT)
                return log_error_errno(r, "Failed to remove runtime directory %s (after unmounting): %m", runtime_path);

        return 0;
}

static int do_mount(const char *user) {
        char runtime_path[sizeof("/run/user") + DECIMAL_STR_MAX(uid_t)];
        size_t runtime_dir_size;
        uid_t uid;
        gid_t gid;
        int r;

        r = get_user_creds(&user, &uid, &gid, NULL, NULL, 0);
        if (r < 0)
                return log_error_errno(r,
                                       r == -ESRCH ? "No such user \"%s\"" :
                                       r == -ENOMSG ? "UID \"%s\" is invalid or has an invalid main group"
                                                    : "Failed to look up user \"%s\": %m",
                                       user);

        xsprintf(runtime_path, "/run/user/" UID_FMT, uid);

        assert_se(gather_configuration(&runtime_dir_size) == 0);

        log_debug("Will mount %s owned by "UID_FMT":"GID_FMT, runtime_path, uid, gid);
        return user_mkdir_runtime_path(runtime_path, uid, gid, runtime_dir_size);
}

static int do_umount(const char *user) {
        char runtime_path[sizeof("/run/user") + DECIMAL_STR_MAX(uid_t)];
        uid_t uid;
        int r;

        /* The user may be already removed. So, first try to parse the string by parse_uid(),
         * and if it fails, fallback to get_user_creds().*/
        if (parse_uid(user, &uid) < 0) {
                r = get_user_creds(&user, &uid, NULL, NULL, NULL, 0);
                if (r < 0)
                        return log_error_errno(r,
                                               r == -ESRCH ? "No such user \"%s\"" :
                                               r == -ENOMSG ? "UID \"%s\" is invalid or has an invalid main group"
                                                            : "Failed to look up user \"%s\": %m",
                                               user);
        }

        xsprintf(runtime_path, "/run/user/" UID_FMT, uid);

        log_debug("Will remove %s", runtime_path);
        return user_remove_runtime_path(runtime_path);
}

int main(int argc, char *argv[]) {
        int r;

        log_parse_environment();
        log_open();

        if (argc != 3) {
                log_error("This program takes two arguments.");
                return EXIT_FAILURE;
        }
        if (!STR_IN_SET(argv[1], "start", "stop")) {
                log_error("First argument must be either \"start\" or \"stop\".");
                return EXIT_FAILURE;
        }

        umask(0022);

        if (streq(argv[1], "start"))
                r = do_mount(argv[2]);
        else if (streq(argv[1], "stop"))
                r = do_umount(argv[2]);
        else
                assert_not_reached("Unknown verb!");

        return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}
Commit	Line	Data
a9f0f5e5 ZJS	1	/* SPDX-License-Identifier: LGPL-2.1+ */
	2
	3	#include <stdint.h>
	4	#include <sys/mount.h>
	5
	6	#include "fs-util.h"
	7	#include "label.h"
	8	#include "logind.h"
	9	#include "mkdir.h"
	10	#include "mount-util.h"
	11	#include "path-util.h"
	12	#include "rm-rf.h"
	13	#include "smack-util.h"
	14	#include "stdio-util.h"
	15	#include "string-util.h"
	16	#include "strv.h"
	17	#include "user-util.h"
	18
	19	static int gather_configuration(size_t *runtime_dir_size) {
	20	Manager m = {};
	21	int r;
	22
	23	manager_reset_config(&m);
	24
	25	r = manager_parse_config_file(&m);
	26	if (r < 0)
	27	log_warning_errno(r, "Failed to parse logind.conf: %m");
	28
	29	*runtime_dir_size = m.runtime_dir_size;
	30	return 0;
	31	}
	32
	33	static int user_mkdir_runtime_path(const char *runtime_path, uid_t uid, gid_t gid, size_t runtime_dir_size) {
	34	int r;
	35
	36	assert(runtime_path);
	37	assert(path_is_absolute(runtime_path));
	38	assert(uid_is_valid(uid));
	39	assert(gid_is_valid(gid));
	40
	41	r = mkdir_safe_label("/run/user", 0755, 0, 0, MKDIR_WARN_MODE);
	42	if (r < 0)
	43	return log_error_errno(r, "Failed to create /run/user: %m");
	44
	45	if (path_is_mount_point(runtime_path, NULL, 0) >= 0)
	46	log_debug("%s is already a mount point", runtime_path);
	47	else {
	48	char options[sizeof("mode=0700,uid=,gid=,size=,smackfsroot=*")
	49	+ DECIMAL_STR_MAX(uid_t)
	50	+ DECIMAL_STR_MAX(gid_t)
	51	+ DECIMAL_STR_MAX(size_t)];
	52
	53	xsprintf(options,
	54	"mode=0700,uid=" UID_FMT ",gid=" GID_FMT ",size=%zu%s",
	55	uid, gid, runtime_dir_size,
	56	mac_smack_use() ? ",smackfsroot=*" : "");
	57
	58	(void) mkdir_label(runtime_path, 0700);
	59
	60	r = mount("tmpfs", runtime_path, "tmpfs", MS_NODEV\|MS_NOSUID, options);
	61	if (r < 0) {
	62	if (!IN_SET(errno, EPERM, EACCES)) {
	63	r = log_error_errno(errno, "Failed to mount per-user tmpfs directory %s: %m", runtime_path);
	64	goto fail;
65	}
66
67	log_debug_errno(errno, "Failed to mount per-user tmpfs directory %s.\n"
68	"Assuming containerized execution, ignoring: %m", runtime_path);
69
70	r = chmod_and_chown(runtime_path, 0700, uid, gid);
71	if (r < 0) {
72	log_error_errno(r, "Failed to change ownership and mode of \"%s\": %m", runtime_path);
73	goto fail;
74	}
75	}
76
77	r = label_fix(runtime_path, 0);
78	if (r < 0)
79	log_warning_errno(r, "Failed to fix label of \"%s\", ignoring: %m", runtime_path);
80	}
81
82	return 0;
83
84	fail:
85	/* Try to clean up, but ignore errors */
86	(void) rmdir(runtime_path);
87	return r;
88	}
89
90	static int user_remove_runtime_path(const char *runtime_path) {
91	int r;
92
93	assert(runtime_path);
94	assert(path_is_absolute(runtime_path));
95
96	r = rm_rf(runtime_path, 0);
97	if (r < 0)
3a13442b	98	log_debug_errno(r, "Failed to remove runtime directory %s (before unmounting), ignoring: %m", runtime_path);
a9f0f5e5	99
3a13442b LP	100	/* Ignore cases where the directory isn't mounted, as that's quite possible, if we lacked the permissions to
3a13442b LP	101	* mount something */
a9f0f5e5 ZJS	102	r = umount2(runtime_path, MNT_DETACH);
a9f0f5e5 ZJS	103	if (r < 0 && !IN_SET(errno, EINVAL, ENOENT))
3a13442b	104	log_debug_errno(errno, "Failed to unmount user runtime directory %s, ignoring: %m", runtime_path);
a9f0f5e5 ZJS	105
a9f0f5e5 ZJS	106	r = rm_rf(runtime_path, REMOVE_ROOT);
3a13442b LP	107	if (r < 0 && r != -ENOENT)
3a13442b LP	108	return log_error_errno(r, "Failed to remove runtime directory %s (after unmounting): %m", runtime_path);
a9f0f5e5	109
3a13442b	110	return 0;
a9f0f5e5 ZJS	111	}
a9f0f5e5 ZJS	112
86d18f3b YW	113	static int do_mount(const char *user) {
86d18f3b YW	114	char runtime_path[sizeof("/run/user") + DECIMAL_STR_MAX(uid_t)];
a9f0f5e5	115	size_t runtime_dir_size;
86d18f3b YW	116	uid_t uid;
	117	gid_t gid;
	118	int r;
	119
fafff8f1	120	r = get_user_creds(&user, &uid, &gid, NULL, NULL, 0);
86d18f3b YW	121	if (r < 0)
	122	return log_error_errno(r,
	123	r == -ESRCH ? "No such user \"%s\"" :
	124	r == -ENOMSG ? "UID \"%s\" is invalid or has an invalid main group"
	125	: "Failed to look up user \"%s\": %m",
	126	user);
	127
	128	xsprintf(runtime_path, "/run/user/" UID_FMT, uid);
a9f0f5e5 ZJS	129
	130	assert_se(gather_configuration(&runtime_dir_size) == 0);
	131
	132	log_debug("Will mount %s owned by "UID_FMT":"GID_FMT, runtime_path, uid, gid);
	133	return user_mkdir_runtime_path(runtime_path, uid, gid, runtime_dir_size);
	134	}
	135
86d18f3b YW	136	static int do_umount(const char *user) {
	137	char runtime_path[sizeof("/run/user") + DECIMAL_STR_MAX(uid_t)];
	138	uid_t uid;
	139	int r;
	140
	141	/* The user may be already removed. So, first try to parse the string by parse_uid(),
	142	* and if it fails, fallback to get_user_creds().*/
	143	if (parse_uid(user, &uid) < 0) {
fafff8f1	144	r = get_user_creds(&user, &uid, NULL, NULL, NULL, 0);
86d18f3b YW	145	if (r < 0)
	146	return log_error_errno(r,
	147	r == -ESRCH ? "No such user \"%s\"" :
	148	r == -ENOMSG ? "UID \"%s\" is invalid or has an invalid main group"
	149	: "Failed to look up user \"%s\": %m",
	150	user);
	151	}
	152
	153	xsprintf(runtime_path, "/run/user/" UID_FMT, uid);
	154
a9f0f5e5 ZJS	155	log_debug("Will remove %s", runtime_path);
	156	return user_remove_runtime_path(runtime_path);
	157	}
	158
	159	int main(int argc, char *argv[]) {
a9f0f5e5 ZJS	160	int r;
	161
	162	log_parse_environment();
	163	log_open();
	164
	165	if (argc != 3) {
	166	log_error("This program takes two arguments.");
	167	return EXIT_FAILURE;
	168	}
	169	if (!STR_IN_SET(argv[1], "start", "stop")) {
	170	log_error("First argument must be either \"start\" or \"stop\".");
	171	return EXIT_FAILURE;
	172	}
	173
	174	umask(0022);
	175
a9f0f5e5	176	if (streq(argv[1], "start"))
86d18f3b	177	r = do_mount(argv[2]);
a9f0f5e5	178	else if (streq(argv[1], "stop"))
86d18f3b	179	r = do_umount(argv[2]);
a9f0f5e5 ZJS	180	else
	181	assert_not_reached("Unknown verb!");
	182
	183	return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
	184	}