[thirdparty/systemd.git] / src / mount-setup.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <sys/mount.h>
#include <errno.h>
#include <sys/stat.h>
#include <stdlib.h>
#include <string.h>
#include <libgen.h>
#include <assert.h>
#include <unistd.h>
#include <ftw.h>

#include "mount-setup.h"
#include "log.h"
#include "macro.h"
#include "util.h"
#include "label.h"

typedef struct MountPoint {
        const char *what;
        const char *where;
        const char *type;
        const char *options;
        unsigned long flags;
        bool fatal;
} MountPoint;

static const MountPoint mount_table[] = {
        { "proc",     "/proc",                  "proc",     NULL,                MS_NOSUID|MS_NOEXEC|MS_NODEV, true },
        { "sysfs",    "/sys",                   "sysfs",    NULL,                MS_NOSUID|MS_NOEXEC|MS_NODEV, true },
        { "devtmpfs", "/dev",                   "devtmpfs", "mode=755",          MS_NOSUID,                    true },
        { "tmpfs",    "/dev/shm",               "tmpfs",    "mode=1777",         MS_NOSUID|MS_NODEV,           true },
        { "devpts",   "/dev/pts",               "devpts",   NULL,                MS_NOSUID|MS_NOEXEC,          false },
        { "tmpfs",    "/sys/fs/cgroup",         "tmpfs",    "mode=755",          MS_NOSUID|MS_NOEXEC|MS_NODEV, true },
        { "cgroup",   "/sys/fs/cgroup/systemd", "cgroup",   "none,name=systemd", MS_NOSUID|MS_NOEXEC|MS_NODEV, true },
};

/* These are API file systems that might be mounted by other software,
 * we just list them here so that we know that we should ignore them */

static const char * const ignore_paths[] = {
        "/selinux",
        "/proc/bus/usb",
        "/var/lib/nfs/rpc_pipefs",
        "/proc/fs/nfsd"
};

bool mount_point_is_api(const char *path) {
        unsigned i;

        /* Checks if this mount point is considered "API", and hence
         * should be ignored */

        for (i = 0; i < ELEMENTSOF(mount_table); i ++)
                if (path_equal(path, mount_table[i].where))
                        return true;

        return path_startswith(path, "/sys/fs/cgroup/");
}

bool mount_point_ignore(const char *path) {
        unsigned i;

        for (i = 0; i < ELEMENTSOF(ignore_paths); i++)
                if (path_equal(path, ignore_paths[i]))
                        return true;

        return false;
}

static int mount_one(const MountPoint *p) {
        int r;

        assert(p);

        if ((r = path_is_mount_point(p->where)) < 0)
                return r;

        if (r > 0)
                return 0;

        /* The access mode here doesn't really matter too much, since
         * the mounted file system will take precedence anyway. */
        mkdir_p(p->where, 0755);

        log_debug("Mounting %s to %s of type %s with options %s.",
                  p->what,
                  p->where,
                  p->type,
                  strna(p->options));

        if (mount(p->what,
                  p->where,
                  p->type,
                  p->flags,
                  p->options) < 0) {
                log_error("Failed to mount %s: %s", p->where, strerror(errno));
                return p->fatal ? -errno : 0;
        }

        label_fix(p->where);

        return 0;
}

static int mount_cgroup_controllers(void) {
        int r;
        FILE *f;
        char buf [256];

        /* Mount all available cgroup controllers that are built into the kernel. */

        if (!(f = fopen("/proc/cgroups", "re")))
                return -ENOENT;

        /* Ignore the header line */
        (void) fgets(buf, sizeof(buf), f);

        for (;;) {
                MountPoint p;
                char *controller, *where;
                int enabled = false;

                if (fscanf(f, "%ms %*i %*i %i", &controller, &enabled) != 2) {

                        if (feof(f))
                                break;

                        log_error("Failed to parse /proc/cgroups.");
                        r = -EIO;
                        goto finish;
                }

                if (!enabled) {
                        free(controller);
                        continue;
                }

                if (asprintf(&where, "/sys/fs/cgroup/%s", controller) < 0) {
                        free(controller);
                        r = -ENOMEM;
                        goto finish;
                }

                zero(p);
                p.what = "cgroup";
                p.where = where;
                p.type = "cgroup";
                p.options = controller;
                p.flags = MS_NOSUID|MS_NOEXEC|MS_NODEV;
                p.fatal = false;

                r = mount_one(&p);
                free(controller);
                free(where);

                if (r < 0)
                        goto finish;
        }

        r = 0;

finish:
        fclose(f);

        return r;
}

static int symlink_and_label(const char *old_path, const char *new_path) {
        int r;

        assert(old_path);
        assert(new_path);

        if ((r = label_symlinkfile_set(new_path)) < 0)
                return r;

        if (symlink(old_path, new_path) < 0)
                r = -errno;

        label_file_clear();

        return r;
}

static int nftw_cb(
                const char *fpath,
                const struct stat *sb,
                int tflag,
                struct FTW *ftwbuf) {

        /* No need to label /dev twice in a row... */
        if (ftwbuf->level == 0)
                return 0;

        label_fix(fpath);
        return 0;
};

int mount_setup(void) {

        const char symlinks[] =
                "/proc/kcore\0"      "/dev/core\0"
                "/proc/self/fd\0"    "/dev/fd\0"
                "/proc/self/fd/0\0"  "/dev/stdin\0"
                "/proc/self/fd/1\0"  "/dev/stdout\0"
                "/proc/self/fd/2\0"  "/dev/stderr\0"
                "\0";

        int r;
        unsigned i;
        const char *j, *k;

        for (i = 0; i < ELEMENTSOF(mount_table); i ++)
                if ((r = mount_one(mount_table+i)) < 0)
                        return r;

        /* Nodes in devtmpfs need to be manually updated for the
         * appropriate labels, after mounting. The other virtual API
         * file systems do not need. */

        if (unlink("/dev/.systemd/relabel-devtmpfs") >= 0)
                nftw("/dev", nftw_cb, 64, FTW_MOUNT|FTW_PHYS);

        /* Create a few default symlinks, which are normally created
         * bei udevd, but some scripts might need them before we start
         * udevd. */

        NULSTR_FOREACH_PAIR(j, k, symlinks)
                symlink_and_label(j, k);

        return mount_cgroup_controllers();
}
Commit	Line	Data
d6c9574f	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
8e274523 LP	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU General Public License as published by
	10	the Free Software Foundation; either version 2 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	General Public License for more details.
	17
	18	You should have received a copy of the GNU General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <sys/mount.h>
	23	#include <errno.h>
	24	#include <sys/stat.h>
	25	#include <stdlib.h>
	26	#include <string.h>
	27	#include <libgen.h>
	28	#include <assert.h>
5c0532d1	29	#include <unistd.h>
1829dc9d	30	#include <ftw.h>
8e274523 LP	31
	32	#include "mount-setup.h"
	33	#include "log.h"
c9af1080 LP	34	#include "macro.h"
c9af1080 LP	35	#include "util.h"
5275d3c1	36	#include "label.h"
8e274523	37
ca714c0e LP	38	typedef struct MountPoint {
	39	const char *what;
	40	const char *where;
	41	const char *type;
	42	const char *options;
	43	unsigned long flags;
2076ca54	44	bool fatal;
ca714c0e LP	45	} MountPoint;
	46
	47	static const MountPoint mount_table[] = {
77d5f105 LP	48	{ "proc", "/proc", "proc", NULL, MS_NOSUID\|MS_NOEXEC\|MS_NODEV, true },
	49	{ "sysfs", "/sys", "sysfs", NULL, MS_NOSUID\|MS_NOEXEC\|MS_NODEV, true },
	50	{ "devtmpfs", "/dev", "devtmpfs", "mode=755", MS_NOSUID, true },
501c875b	51	{ "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID\|MS_NODEV, true },
77d5f105 LP	52	{ "devpts", "/dev/pts", "devpts", NULL, MS_NOSUID\|MS_NOEXEC, false },
	53	{ "tmpfs", "/sys/fs/cgroup", "tmpfs", "mode=755", MS_NOSUID\|MS_NOEXEC\|MS_NODEV, true },
	54	{ "cgroup", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd", MS_NOSUID\|MS_NOEXEC\|MS_NODEV, true },
8e274523 LP	55	};
8e274523 LP	56
949c6510	57	/* These are API file systems that might be mounted by other software,
46ff0ed7	58	* we just list them here so that we know that we should ignore them */
949c6510 LP	59
	60	static const char * const ignore_paths[] = {
	61	"/selinux",
	62	"/proc/bus/usb",
	63	"/var/lib/nfs/rpc_pipefs",
	64	"/proc/fs/nfsd"
	65	};
	66
dad08730 LP	67	bool mount_point_is_api(const char *path) {
	68	unsigned i;
	69
	70	/* Checks if this mount point is considered "API", and hence
	71	* should be ignored */
	72
ca714c0e	73	for (i = 0; i < ELEMENTSOF(mount_table); i ++)
449ddb2d	74	if (path_equal(path, mount_table[i].where))
dad08730 LP	75	return true;
dad08730 LP	76
57f2a956 KS	77	return path_startswith(path, "/sys/fs/cgroup/");
	78	}
	79
	80	bool mount_point_ignore(const char *path) {
46ff0ed7	81	unsigned i;
57f2a956	82
949c6510	83	for (i = 0; i < ELEMENTSOF(ignore_paths); i++)
449ddb2d	84	if (path_equal(path, ignore_paths[i]))
949c6510 LP	85	return true;
949c6510 LP	86
57f2a956	87	return false;
dad08730 LP	88	}
dad08730 LP	89
ca714c0e	90	static int mount_one(const MountPoint *p) {
8e274523 LP	91	int r;
8e274523 LP	92
ca714c0e	93	assert(p);
8e274523	94
8d567588	95	if ((r = path_is_mount_point(p->where)) < 0)
8e274523 LP	96	return r;
	97
	98	if (r > 0)
	99	return 0;
	100
a04f58d6 LP	101	/* The access mode here doesn't really matter too much, since
a04f58d6 LP	102	* the mounted file system will take precedence anyway. */
ca714c0e	103	mkdir_p(p->where, 0755);
a04f58d6	104
8e274523	105	log_debug("Mounting %s to %s of type %s with options %s.",
ca714c0e LP	106	p->what,
	107	p->where,
	108	p->type,
	109	strna(p->options));
	110
	111	if (mount(p->what,
	112	p->where,
	113	p->type,
	114	p->flags,
	115	p->options) < 0) {
	116	log_error("Failed to mount %s: %s", p->where, strerror(errno));
2076ca54	117	return p->fatal ? -errno : 0;
8e274523 LP	118	}
8e274523 LP	119
5275d3c1 LP	120	label_fix(p->where);
5275d3c1 LP	121
8e274523 LP	122	return 0;
	123	}
	124
2076ca54 LP	125	static int mount_cgroup_controllers(void) {
	126	int r;
	127	FILE *f;
	128	char buf [256];
	129
670802d4	130	/* Mount all available cgroup controllers that are built into the kernel. */
2076ca54 LP	131
	132	if (!(f = fopen("/proc/cgroups", "re")))
	133	return -ENOENT;
	134
	135	/* Ignore the header line */
bab45044	136	(void) fgets(buf, sizeof(buf), f);
2076ca54 LP	137
	138	for (;;) {
	139	MountPoint p;
	140	char controller, where;
600a328f	141	int enabled = false;
2076ca54	142
16f6682d	143	if (fscanf(f, "%ms %i %i %i", &controller, &enabled) != 2) {
2076ca54 LP	144
	145	if (feof(f))
	146	break;
	147
	148	log_error("Failed to parse /proc/cgroups.");
	149	r = -EIO;
	150	goto finish;
	151	}
	152
600a328f LP	153	if (!enabled) {
	154	free(controller);
	155	continue;
	156	}
	157
77d5f105	158	if (asprintf(&where, "/sys/fs/cgroup/%s", controller) < 0) {
2076ca54 LP	159	free(controller);
	160	r = -ENOMEM;
	161	goto finish;
	162	}
	163
	164	zero(p);
	165	p.what = "cgroup";
	166	p.where = where;
	167	p.type = "cgroup";
	168	p.options = controller;
	169	p.flags = MS_NOSUID\|MS_NOEXEC\|MS_NODEV;
	170	p.fatal = false;
	171
	172	r = mount_one(&p);
	173	free(controller);
	174	free(where);
	175
	176	if (r < 0)
	177	goto finish;
	178	}
	179
	180	r = 0;
	181
	182	finish:
	183	fclose(f);
	184
	185	return r;
	186	}
	187
5c0532d1 LP	188	static int symlink_and_label(const char old_path, const char new_path) {
	189	int r;
	190
	191	assert(old_path);
	192	assert(new_path);
	193
	194	if ((r = label_symlinkfile_set(new_path)) < 0)
	195	return r;
	196
	197	if (symlink(old_path, new_path) < 0)
	198	r = -errno;
	199
	200	label_file_clear();
	201
	202	return r;
	203	}
	204
1829dc9d LP	205	static int nftw_cb(
	206	const char *fpath,
	207	const struct stat *sb,
	208	int tflag,
	209	struct FTW *ftwbuf) {
	210
9fe117ea LP	211	/* No need to label /dev twice in a row... */
	212	if (ftwbuf->level == 0)
	213	return 0;
	214
1829dc9d LP	215	label_fix(fpath);
	216	return 0;
	217	};
	218
8e274523	219	int mount_setup(void) {
5c0532d1	220
40f9afa7	221	const char symlinks[] =
5c0532d1 LP	222	"/proc/kcore\0" "/dev/core\0"
	223	"/proc/self/fd\0" "/dev/fd\0"
	224	"/proc/self/fd/0\0" "/dev/stdin\0"
	225	"/proc/self/fd/1\0" "/dev/stdout\0"
	226	"/proc/self/fd/2\0" "/dev/stderr\0"
	227	"\0";
	228
8e274523	229	int r;
dad08730	230	unsigned i;
5c0532d1	231	const char j, k;
8e274523	232
ca714c0e LP	233	for (i = 0; i < ELEMENTSOF(mount_table); i ++)
ca714c0e LP	234	if ((r = mount_one(mount_table+i)) < 0)
8e274523 LP	235	return r;
8e274523 LP	236
1829dc9d LP	237	/* Nodes in devtmpfs need to be manually updated for the
	238	* appropriate labels, after mounting. The other virtual API
	239	* file systems do not need. */
	240
	241	if (unlink("/dev/.systemd/relabel-devtmpfs") >= 0)
	242	nftw("/dev", nftw_cb, 64, FTW_MOUNT\|FTW_PHYS);
	243
5c0532d1 LP	244	/* Create a few default symlinks, which are normally created
	245	* bei udevd, but some scripts might need them before we start
	246	* udevd. */
	247
	248	NULSTR_FOREACH_PAIR(j, k, symlinks)
	249	symlink_and_label(j, k);
	250
2076ca54	251	return mount_cgroup_controllers();
8e274523	252	}