]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/shared/machine-image.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
nss-systemd: remove useless define
[thirdparty/systemd.git] / src / shared / machine-image.c
CommitLineData
cd61c3bf
LP		 1/***
2 This file is part of systemd.
3
4 Copyright 2013 Lennart Poettering
5
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
10
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
18***/
19
a8fbdf54
TA		 20#include <dirent.h>
21#include <errno.h>
ebd93cb6 22#include <fcntl.h>
a8fbdf54
TA		 23#include <stdio.h>
24#include <stdlib.h>
25#include <string.h>
e306723e 26#include <sys/file.h>
a8fbdf54
TA		 27#include <sys/stat.h>
28#include <unistd.h>
8e0b6570 29#include <linux/fs.h>
b5efdb8a 30#include "alloc-util.h"
cd61c3bf 31#include "btrfs-util.h"
c8b3094d 32#include "chattr-util.h"
ebd93cb6 33#include "copy.h"
a0956174 34#include "dirent-util.h"
3ffd4af2 35#include "fd-util.h"
f4f15635 36#include "fs-util.h"
a8fbdf54
TA		 37#include "hashmap.h"
38#include "lockfile-util.h"
39#include "log.h"
40#include "macro.h"
3ffd4af2 41#include "machine-image.h"
30535c16 42#include "mkdir.h"
8e0b6570 43#include "path-util.h"
c6878637 44#include "rm-rf.h"
8b43440b 45#include "string-table.h"
07630cea 46#include "string-util.h"
8e0b6570 47#include "strv.h"
a8fbdf54 48#include "time-util.h"
8e0b6570 49#include "utf8.h"
a8fbdf54 50#include "util.h"
89a5a90c 51#include "xattr-util.h"
cd61c3bf 52
c2ce6a3d 53static const char image_search_path[] =
42c6f2c9 54 "/var/lib/machines\0"
7d105503 55 "/var/lib/container\0" /* legacy */
42c6f2c9
LP		 56 "/usr/local/lib/machines\0"
57 "/usr/lib/machines\0";
c2ce6a3d 58
cd61c3bf
LP		 59Image *image_unref(Image *i) {
60 if (!i)
61 return NULL;
62
63 free(i->name);
64 free(i->path);
6b430fdb 65 return mfree(i);
cd61c3bf
LP		 66}
67
8e0b6570
LP		 68static char **image_settings_path(Image *image) {
69 _cleanup_strv_free_ char **l = NULL;
70 char **ret;
71 const char *fn, *s;
72 unsigned i = 0;
73
74 assert(image);
75
76 l = new0(char*, 4);
77 if (!l)
78 return NULL;
79
80 fn = strjoina(image->name, ".nspawn");
81
82 FOREACH_STRING(s, "/etc/systemd/nspawn/", "/run/systemd/nspawn/") {
83 l[i] = strappend(s, fn);
84 if (!l[i])
85 return NULL;
86
87 i++;
88 }
89
90 l[i] = file_in_same_dir(image->path, fn);
91 if (!l[i])
92 return NULL;
93
94 ret = l;
95 l = NULL;
96
97 return ret;
98}
99
c2ce6a3d 100static int image_new(
cd61c3bf 101 ImageType t,
5fc7f358 102 const char *pretty,
cd61c3bf 103 const char *path,
5fc7f358 104 const char *filename,
cd61c3bf 105 bool read_only,
10f9c755 106 usec_t crtime,
cd61c3bf 107 usec_t mtime,
c2ce6a3d 108 Image **ret) {
cd61c3bf
LP		 109
110 _cleanup_(image_unrefp) Image *i = NULL;
cd61c3bf 111
cd61c3bf
LP		 112 assert(t >= 0);
113 assert(t < _IMAGE_TYPE_MAX);
5fc7f358
LP		 114 assert(pretty);
115 assert(filename);
c2ce6a3d 116 assert(ret);
cd61c3bf 117
c2ce6a3d 118 i = new0(Image, 1);
cd61c3bf
LP		 119 if (!i)
120 return -ENOMEM;
121
122 i->type = t;
123 i->read_only = read_only;
10f9c755 124 i->crtime = crtime;
cd61c3bf 125 i->mtime = mtime;
c19de711 126 i->usage = i->usage_exclusive = (uint64_t) -1;
b6b18498 127 i->limit = i->limit_exclusive = (uint64_t) -1;
cd61c3bf 128
5fc7f358 129 i->name = strdup(pretty);
cd61c3bf
LP		 130 if (!i->name)
131 return -ENOMEM;
132
5fc7f358
LP		 133 if (path)
134 i->path = strjoin(path, "/", filename, NULL);
135 else
136 i->path = strdup(filename);
ebeccf9e 137
5fc7f358
LP		 138 if (!i->path)
139 return -ENOMEM;
140
141 path_kill_slashes(i->path);
cd61c3bf 142
c2ce6a3d 143 *ret = i;
cd61c3bf 144 i = NULL;
c2ce6a3d 145
cd61c3bf
LP		 146 return 0;
147}
148
5fc7f358
LP		 149static int image_make(
150 const char *pretty,
151 int dfd,
152 const char *path,
153 const char *filename,
154 Image **ret) {
155
c2ce6a3d 156 struct stat st;
5fc7f358 157 bool read_only;
cd61c3bf
LP		 158 int r;
159
5fc7f358 160 assert(filename);
cd61c3bf 161
c2ce6a3d 162 /* We explicitly *do* follow symlinks here, since we want to
5f129649 163 * allow symlinking trees into /var/lib/machines/, and treat
c2ce6a3d 164 * them normally. */
cd61c3bf 165
5fc7f358 166 if (fstatat(dfd, filename, &st, 0) < 0)
c2ce6a3d 167 return -errno;
cd61c3bf 168
5fc7f358
LP		 169 read_only =
170 (path && path_startswith(path, "/usr")) ||
08ff5529 171 (faccessat(dfd, filename, W_OK, AT_EACCESS) < 0 && errno == EROFS);
86e339c8 172
c2ce6a3d 173 if (S_ISDIR(st.st_mode)) {
01b72568
LP		 174 _cleanup_close_ int fd = -1;
175 unsigned file_attr = 0;
cd61c3bf 176
c2ce6a3d
LP		 177 if (!ret)
178 return 1;
cd61c3bf 179
5fc7f358
LP		 180 if (!pretty)
181 pretty = filename;
182
01b72568
LP		 183 fd = openat(dfd, filename, O_CLOEXEC|O_NOCTTY|O_DIRECTORY);
184 if (fd < 0)
185 return -errno;
186
c2ce6a3d
LP		 187 /* btrfs subvolumes have inode 256 */
188 if (st.st_ino == 256) {
cd61c3bf 189
21222ea5
LP		 190 r = btrfs_is_filesystem(fd);
191 if (r < 0)
192 return r;
193 if (r) {
10f9c755 194 BtrfsSubvolInfo info;
cd61c3bf 195
c2ce6a3d 196 /* It's a btrfs subvolume */
cd61c3bf 197
5bcd08db 198 r = btrfs_subvol_get_info_fd(fd, 0, &info);
10f9c755
LP		 199 if (r < 0)
200 return r;
c2ce6a3d
LP		 201
202 r = image_new(IMAGE_SUBVOLUME,
5fc7f358 203 pretty,
c2ce6a3d 204 path,
5fc7f358
LP		 205 filename,
206 info.read_only || read_only,
10f9c755 207 info.otime,
c2ce6a3d 208 0,
c2ce6a3d
LP		 209 ret);
210 if (r < 0)
211 return r;
212
5bcd08db
LP		 213 if (btrfs_quota_scan_ongoing(fd) == 0) {
214 BtrfsQuotaInfo quota;
b6b18498 215
5bcd08db
LP		 216 r = btrfs_subvol_get_subtree_quota_fd(fd, 0, &quota);
217 if (r >= 0) {
218 (*ret)->usage = quota.referenced;
219 (*ret)->usage_exclusive = quota.exclusive;
220
221 (*ret)->limit = quota.referenced_max;
222 (*ret)->limit_exclusive = quota.exclusive_max;
223 }
b6b18498
LP		 224 }
225
c2ce6a3d 226 return 1;
cd61c3bf 227 }
c2ce6a3d 228 }
cd61c3bf 229
01b72568
LP		 230 /* If the IMMUTABLE bit is set, we consider the
231 * directory read-only. Since the ioctl is not
232 * supported everywhere we ignore failures. */
233 (void) read_attr_fd(fd, &file_attr);
cd61c3bf 234
01b72568 235 /* It's just a normal directory. */
c2ce6a3d 236 r = image_new(IMAGE_DIRECTORY,
5fc7f358 237 pretty,
c2ce6a3d 238 path,
5fc7f358 239 filename,
01b72568 240 read_only || (file_attr & FS_IMMUTABLE_FL),
c2ce6a3d
LP		 241 0,
242 0,
243 ret);
244 if (r < 0)
245 return r;
cd61c3bf 246
c2ce6a3d 247 return 1;
cd61c3bf 248
aceac2f0 249 } else if (S_ISREG(st.st_mode) && endswith(filename, ".raw")) {
10f9c755 250 usec_t crtime = 0;
cd61c3bf 251
aceac2f0 252 /* It's a RAW disk image */
cd61c3bf 253
c2ce6a3d
LP		 254 if (!ret)
255 return 1;
cd61c3bf 256
5fc7f358 257 fd_getcrtime_at(dfd, filename, &crtime, 0);
10f9c755 258
5fc7f358
LP		 259 if (!pretty)
260 pretty = strndupa(filename, strlen(filename) - 4);
10f9c755 261
aceac2f0 262 r = image_new(IMAGE_RAW,
5fc7f358 263 pretty,
c2ce6a3d 264 path,
5fc7f358
LP		 265 filename,
266 !(st.st_mode & 0222) || read_only,
10f9c755 267 crtime,
c2ce6a3d 268 timespec_load(&st.st_mtim),
c2ce6a3d
LP		 269 ret);
270 if (r < 0)
271 return r;
cd61c3bf 272
c19de711 273 (*ret)->usage = (*ret)->usage_exclusive = st.st_blocks * 512;
b6b18498
LP		 274 (*ret)->limit = (*ret)->limit_exclusive = st.st_size;
275
c2ce6a3d
LP		 276 return 1;
277 }
cd61c3bf 278
c2ce6a3d
LP		 279 return 0;
280}
cd61c3bf 281
c2ce6a3d
LP		 282int image_find(const char *name, Image **ret) {
283 const char *path;
284 int r;
cd61c3bf 285
c2ce6a3d 286 assert(name);
cd61c3bf 287
c2ce6a3d
LP		 288 /* There are no images with invalid names */
289 if (!image_name_is_valid(name))
290 return 0;
cd61c3bf 291
c2ce6a3d
LP		 292 NULSTR_FOREACH(path, image_search_path) {
293 _cleanup_closedir_ DIR *d = NULL;
cd61c3bf 294
c2ce6a3d
LP		 295 d = opendir(path);
296 if (!d) {
297 if (errno == ENOENT)
298 continue;
cd61c3bf 299
c2ce6a3d
LP		 300 return -errno;
301 }
cd61c3bf 302
5fc7f358
LP		 303 r = image_make(NULL, dirfd(d), path, name, ret);
304 if (r == 0 || r == -ENOENT) {
aceac2f0 305 _cleanup_free_ char *raw = NULL;
5fc7f358 306
aceac2f0
LP		 307 raw = strappend(name, ".raw");
308 if (!raw)
5fc7f358
LP		 309 return -ENOMEM;
310
aceac2f0 311 r = image_make(NULL, dirfd(d), path, raw, ret);
5fc7f358
LP		 312 if (r == 0 || r == -ENOENT)
313 continue;
314 }
c2ce6a3d
LP		 315 if (r < 0)
316 return r;
cd61c3bf 317
c2ce6a3d
LP		 318 return 1;
319 }
320
5fc7f358 321 if (streq(name, ".host"))
27c88c4e 322 return image_make(".host", AT_FDCWD, NULL, "/", ret);
5fc7f358 323
c2ce6a3d
LP		 324 return 0;
325};
326
327int image_discover(Hashmap *h) {
328 const char *path;
329 int r;
330
331 assert(h);
332
333 NULSTR_FOREACH(path, image_search_path) {
334 _cleanup_closedir_ DIR *d = NULL;
335 struct dirent *de;
336
337 d = opendir(path);
338 if (!d) {
339 if (errno == ENOENT)
a67a4c8c 340 continue;
c2ce6a3d
LP		 341
342 return -errno;
343 }
344
345 FOREACH_DIRENT_ALL(de, d, return -errno) {
346 _cleanup_(image_unrefp) Image *image = NULL;
347
348 if (!image_name_is_valid(de->d_name))
349 continue;
350
351 if (hashmap_contains(h, de->d_name))
352 continue;
353
5fc7f358 354 r = image_make(NULL, dirfd(d), path, de->d_name, &image);
c2ce6a3d
LP		 355 if (r == 0 || r == -ENOENT)
356 continue;
357 if (r < 0)
358 return r;
359
360 r = hashmap_put(h, image->name, image);
361 if (r < 0)
362 return r;
363
364 image = NULL;
cd61c3bf
LP		 365 }
366 }
367
5fc7f358
LP		 368 if (!hashmap_contains(h, ".host")) {
369 _cleanup_(image_unrefp) Image *image = NULL;
370
371 r = image_make(".host", AT_FDCWD, NULL, "/", &image);
372 if (r < 0)
373 return r;
374
375 r = hashmap_put(h, image->name, image);
376 if (r < 0)
377 return r;
378
379 image = NULL;
380
381 }
382
cd61c3bf
LP		 383 return 0;
384}
385
386void image_hashmap_free(Hashmap *map) {
387 Image *i;
388
389 while ((i = hashmap_steal_first(map)))
390 image_unref(i);
391
392 hashmap_free(map);
393}
394
08682124 395int image_remove(Image *i) {
30535c16 396 _cleanup_release_lock_file_ LockFile global_lock = LOCK_FILE_INIT, local_lock = LOCK_FILE_INIT;
8e0b6570
LP		 397 _cleanup_strv_free_ char **settings = NULL;
398 char **j;
30535c16
LP		 399 int r;
400
08682124
LP		 401 assert(i);
402
d94c2b06 403 if (IMAGE_IS_VENDOR(i) || IMAGE_IS_HOST(i))
08682124
LP		 404 return -EROFS;
405
8e0b6570
LP		 406 settings = image_settings_path(i);
407 if (!settings)
408 return -ENOMEM;
409
30535c16
LP		 410 /* Make sure we don't interfere with a running nspawn */
411 r = image_path_lock(i->path, LOCK_EX|LOCK_NB, &global_lock, &local_lock);
412 if (r < 0)
413 return r;
414
ebd93cb6
LP		 415 switch (i->type) {
416
417 case IMAGE_SUBVOLUME:
5bcd08db 418 r = btrfs_subvol_remove(i->path, BTRFS_REMOVE_RECURSIVE|BTRFS_REMOVE_QUOTA);
8e0b6570
LP		 419 if (r < 0)
420 return r;
421 break;
ebd93cb6
LP		 422
423 case IMAGE_DIRECTORY:
01b72568 424 /* Allow deletion of read-only directories */
a67d68b8 425 (void) chattr_path(i->path, 0, FS_IMMUTABLE_FL);
8e0b6570
LP		 426 r = rm_rf(i->path, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME);
427 if (r < 0)
428 return r;
429
430 break;
01b72568 431
aceac2f0 432 case IMAGE_RAW:
41d1ed05
LP		 433 if (unlink(i->path) < 0)
434 return -errno;
8e0b6570 435 break;
ebd93cb6
LP		 436
437 default:
15411c0c 438 return -EOPNOTSUPP;
ebd93cb6 439 }
8e0b6570
LP		 440
441 STRV_FOREACH(j, settings) {
442 if (unlink(*j) < 0 && errno != ENOENT)
443 log_debug_errno(errno, "Failed to unlink %s, ignoring: %m", *j);
444 }
445
446 return 0;
447}
448
449static int rename_settings_file(const char *path, const char *new_name) {
450 _cleanup_free_ char *rs = NULL;
451 const char *fn;
452
453 fn = strjoina(new_name, ".nspawn");
454
455 rs = file_in_same_dir(path, fn);
456 if (!rs)
457 return -ENOMEM;
458
459 return rename_noreplace(AT_FDCWD, path, AT_FDCWD, rs);
ebd93cb6
LP		 460}
461
462int image_rename(Image *i, const char *new_name) {
30535c16 463 _cleanup_release_lock_file_ LockFile global_lock = LOCK_FILE_INIT, local_lock = LOCK_FILE_INIT, name_lock = LOCK_FILE_INIT;
ebd93cb6 464 _cleanup_free_ char *new_path = NULL, *nn = NULL;
8e0b6570 465 _cleanup_strv_free_ char **settings = NULL;
01b72568 466 unsigned file_attr = 0;
8e0b6570 467 char **j;
ebd93cb6
LP		 468 int r;
469
470 assert(i);
471
472 if (!image_name_is_valid(new_name))
473 return -EINVAL;
474
d94c2b06 475 if (IMAGE_IS_VENDOR(i) || IMAGE_IS_HOST(i))
ebd93cb6
LP		 476 return -EROFS;
477
8e0b6570
LP		 478 settings = image_settings_path(i);
479 if (!settings)
480 return -ENOMEM;
481
30535c16
LP		 482 /* Make sure we don't interfere with a running nspawn */
483 r = image_path_lock(i->path, LOCK_EX|LOCK_NB, &global_lock, &local_lock);
484 if (r < 0)
485 return r;
486
487 /* Make sure nobody takes the new name, between the time we
488 * checked it is currently unused in all search paths, and the
f8e2f4d6 489 * time we take possession of it */
30535c16
LP		 490 r = image_name_lock(new_name, LOCK_EX|LOCK_NB, &name_lock);
491 if (r < 0)
492 return r;
493
ebd93cb6
LP		 494 r = image_find(new_name, NULL);
495 if (r < 0)
496 return r;
497 if (r > 0)
498 return -EEXIST;
499
500 switch (i->type) {
501
ebd93cb6 502 case IMAGE_DIRECTORY:
01b72568
LP		 503 /* Turn of the immutable bit while we rename the image, so that we can rename it */
504 (void) read_attr_path(i->path, &file_attr);
505
506 if (file_attr & FS_IMMUTABLE_FL)
a67d68b8 507 (void) chattr_path(i->path, 0, FS_IMMUTABLE_FL);
01b72568
LP		 508
509 /* fall through */
510
511 case IMAGE_SUBVOLUME:
ebd93cb6
LP		 512 new_path = file_in_same_dir(i->path, new_name);
513 break;
514
aceac2f0 515 case IMAGE_RAW: {
ebd93cb6
LP		 516 const char *fn;
517
63c372cb 518 fn = strjoina(new_name, ".raw");
ebd93cb6
LP		 519 new_path = file_in_same_dir(i->path, fn);
520 break;
521 }
522
523 default:
15411c0c 524 return -EOPNOTSUPP;
ebd93cb6
LP		 525 }
526
527 if (!new_path)
528 return -ENOMEM;
529
530 nn = strdup(new_name);
531 if (!nn)
532 return -ENOMEM;
533
f85ef957
AC		 534 r = rename_noreplace(AT_FDCWD, i->path, AT_FDCWD, new_path);
535 if (r < 0)
536 return r;
ebd93cb6 537
01b72568
LP		 538 /* Restore the immutable bit, if it was set before */
539 if (file_attr & FS_IMMUTABLE_FL)
a67d68b8 540 (void) chattr_path(new_path, FS_IMMUTABLE_FL, FS_IMMUTABLE_FL);
01b72568 541
ebd93cb6
LP		 542 free(i->path);
543 i->path = new_path;
544 new_path = NULL;
545
546 free(i->name);
547 i->name = nn;
548 nn = NULL;
549
8e0b6570
LP		 550 STRV_FOREACH(j, settings) {
551 r = rename_settings_file(*j, new_name);
552 if (r < 0 && r != -ENOENT)
553 log_debug_errno(r, "Failed to rename settings file %s, ignoring: %m", *j);
554 }
555
ebd93cb6
LP		 556 return 0;
557}
558
8e0b6570
LP		 559static int clone_settings_file(const char *path, const char *new_name) {
560 _cleanup_free_ char *rs = NULL;
561 const char *fn;
562
563 fn = strjoina(new_name, ".nspawn");
564
565 rs = file_in_same_dir(path, fn);
566 if (!rs)
567 return -ENOMEM;
568
569 return copy_file_atomic(path, rs, 0664, false, 0);
570}
571
ebd93cb6 572int image_clone(Image *i, const char *new_name, bool read_only) {
30535c16 573 _cleanup_release_lock_file_ LockFile name_lock = LOCK_FILE_INIT;
8e0b6570 574 _cleanup_strv_free_ char **settings = NULL;
ebd93cb6 575 const char *new_path;
8e0b6570 576 char **j;
ebd93cb6
LP		 577 int r;
578
579 assert(i);
580
581 if (!image_name_is_valid(new_name))
582 return -EINVAL;
583
8e0b6570
LP		 584 settings = image_settings_path(i);
585 if (!settings)
586 return -ENOMEM;
587
30535c16
LP		 588 /* Make sure nobody takes the new name, between the time we
589 * checked it is currently unused in all search paths, and the
f8e2f4d6 590 * time we take possession of it */
30535c16
LP		 591 r = image_name_lock(new_name, LOCK_EX|LOCK_NB, &name_lock);
592 if (r < 0)
593 return r;
594
ebd93cb6
LP		 595 r = image_find(new_name, NULL);
596 if (r < 0)
597 return r;
598 if (r > 0)
599 return -EEXIST;
600
601 switch (i->type) {
602
603 case IMAGE_SUBVOLUME:
604 case IMAGE_DIRECTORY:
9a50e3ca
LP		 605 /* If we can we'll always try to create a new btrfs subvolume here, even if the source is a plain
606 * directory.*/
607
63c372cb 608 new_path = strjoina("/var/lib/machines/", new_name);
ebd93cb6 609
5bcd08db 610 r = btrfs_subvol_snapshot(i->path, new_path, (read_only ? BTRFS_SNAPSHOT_READ_ONLY : 0) | BTRFS_SNAPSHOT_FALLBACK_COPY | BTRFS_SNAPSHOT_RECURSIVE | BTRFS_SNAPSHOT_QUOTA);
9a50e3ca
LP		 611 if (r == -EOPNOTSUPP) {
612 /* No btrfs snapshots supported, create a normal directory then. */
613
614 r = copy_directory(i->path, new_path, false);
615 if (r >= 0)
616 (void) chattr_path(new_path, read_only ? FS_IMMUTABLE_FL : 0, FS_IMMUTABLE_FL);
617 } else if (r >= 0)
618 /* Enable "subtree" quotas for the copy, if we didn't copy any quota from the source. */
8120ee28 619 (void) btrfs_subvol_auto_qgroup(new_path, 0, true);
5bcd08db 620
ebd93cb6
LP		 621 break;
622
aceac2f0 623 case IMAGE_RAW:
63c372cb 624 new_path = strjoina("/var/lib/machines/", new_name, ".raw");
ebd93cb6 625
f2068bcc 626 r = copy_file_atomic(i->path, new_path, read_only ? 0444 : 0644, false, FS_NOCOW_FL);
ebd93cb6
LP		 627 break;
628
629 default:
15411c0c 630 return -EOPNOTSUPP;
ebd93cb6
LP		 631 }
632
633 if (r < 0)
634 return r;
635
8e0b6570
LP		 636 STRV_FOREACH(j, settings) {
637 r = clone_settings_file(*j, new_name);
638 if (r < 0 && r != -ENOENT)
639 log_debug_errno(r, "Failed to clone settings %s, ignoring: %m", *j);
640 }
641
ebd93cb6
LP		 642 return 0;
643}
644
645int image_read_only(Image *i, bool b) {
30535c16 646 _cleanup_release_lock_file_ LockFile global_lock = LOCK_FILE_INIT, local_lock = LOCK_FILE_INIT;
ebd93cb6
LP		 647 int r;
648 assert(i);
649
d94c2b06 650 if (IMAGE_IS_VENDOR(i) || IMAGE_IS_HOST(i))
ebd93cb6
LP		 651 return -EROFS;
652
30535c16
LP		 653 /* Make sure we don't interfere with a running nspawn */
654 r = image_path_lock(i->path, LOCK_EX|LOCK_NB, &global_lock, &local_lock);
655 if (r < 0)
656 return r;
657
ebd93cb6
LP		 658 switch (i->type) {
659
660 case IMAGE_SUBVOLUME:
5bcd08db
LP		 661
662 /* Note that we set the flag only on the top-level
663 * subvolume of the image. */
664
ebd93cb6
LP		 665 r = btrfs_subvol_set_read_only(i->path, b);
666 if (r < 0)
667 return r;
01b72568
LP		 668
669 break;
670
671 case IMAGE_DIRECTORY:
672 /* For simple directory trees we cannot use the access
673 mode of the top-level directory, since it has an
674 effect on the container itself. However, we can
675 use the "immutable" flag, to at least make the
676 top-level directory read-only. It's not as good as
677 a read-only subvolume, but at least something, and
678 we can read the value back.*/
679
a67d68b8 680 r = chattr_path(i->path, b ? FS_IMMUTABLE_FL : 0, FS_IMMUTABLE_FL);
01b72568
LP		 681 if (r < 0)
682 return r;
683
ebd93cb6
LP		 684 break;
685
aceac2f0 686 case IMAGE_RAW: {
ebd93cb6
LP		 687 struct stat st;
688
689 if (stat(i->path, &st) < 0)
690 return -errno;
691
692 if (chmod(i->path, (st.st_mode & 0444) | (b ? 0000 : 0200)) < 0)
693 return -errno;
f2068bcc
LP		 694
695 /* If the images is now read-only, it's a good time to
696 * defrag it, given that no write patterns will
697 * fragment it again. */
698 if (b)
699 (void) btrfs_defrag(i->path);
ebd93cb6
LP		 700 break;
701 }
702
ebd93cb6 703 default:
15411c0c 704 return -EOPNOTSUPP;
ebd93cb6
LP		 705 }
706
707 return 0;
08682124
LP		 708}
709
30535c16
LP		 710int image_path_lock(const char *path, int operation, LockFile *global, LockFile *local) {
711 _cleanup_free_ char *p = NULL;
712 LockFile t = LOCK_FILE_INIT;
713 struct stat st;
714 int r;
715
716 assert(path);
717 assert(global);
718 assert(local);
719
720 /* Locks an image path. This actually creates two locks: one
721 * "local" one, next to the image path itself, which might be
722 * shared via NFS. And another "global" one, in /run, that
723 * uses the device/inode number. This has the benefit that we
724 * can even lock a tree that is a mount point, correctly. */
725
726 if (path_equal(path, "/"))
727 return -EBUSY;
728
729 if (!path_is_absolute(path))
730 return -EINVAL;
731
732 if (stat(path, &st) >= 0) {
733 if (asprintf(&p, "/run/systemd/nspawn/locks/inode-%lu:%lu", (unsigned long) st.st_dev, (unsigned long) st.st_ino) < 0)
734 return -ENOMEM;
735 }
736
737 r = make_lock_file_for(path, operation, &t);
738 if (r < 0)
739 return r;
740
741 if (p) {
7e7cddb2 742 mkdir_p("/run/systemd/nspawn/locks", 0700);
30535c16
LP		 743
744 r = make_lock_file(p, operation, global);
745 if (r < 0) {
746 release_lock_file(&t);
747 return r;
748 }
749 }
750
751 *local = t;
752 return 0;
753}
754
cb81cd80 755int image_set_limit(Image *i, uint64_t referenced_max) {
d6ce17c7
LP		 756 assert(i);
757
d94c2b06 758 if (IMAGE_IS_VENDOR(i) || IMAGE_IS_HOST(i))
d6ce17c7
LP		 759 return -EROFS;
760
761 if (i->type != IMAGE_SUBVOLUME)
15411c0c 762 return -EOPNOTSUPP;
d6ce17c7 763
5bcd08db
LP		 764 /* We set the quota both for the subvolume as well as for the
765 * subtree. The latter is mostly for historical reasons, since
766 * we didn't use to have a concept of subtree quota, and hence
767 * only modified the subvolume quota. */
768
769 (void) btrfs_qgroup_set_limit(i->path, 0, referenced_max);
770 (void) btrfs_subvol_auto_qgroup(i->path, 0, true);
771 return btrfs_subvol_set_subtree_quota_limit(i->path, 0, referenced_max);
d6ce17c7
LP		 772}
773
30535c16
LP		 774int image_name_lock(const char *name, int operation, LockFile *ret) {
775 const char *p;
776
777 assert(name);
778 assert(ret);
779
780 /* Locks an image name, regardless of the precise path used. */
781
782 if (!image_name_is_valid(name))
783 return -EINVAL;
784
785 if (streq(name, ".host"))
786 return -EBUSY;
787
7e7cddb2 788 mkdir_p("/run/systemd/nspawn/locks", 0700);
63c372cb 789 p = strjoina("/run/systemd/nspawn/locks/name-", name);
30535c16
LP		 790
791 return make_lock_file(p, operation, ret);
792}
793
794bool image_name_is_valid(const char *s) {
795 if (!filename_is_valid(s))
796 return false;
797
798 if (string_has_cc(s, NULL))
799 return false;
800
801 if (!utf8_is_valid(s))
802 return false;
803
804 /* Temporary files for atomically creating new files */
805 if (startswith(s, ".#"))
806 return false;
807
808 return true;
809}
810
cd61c3bf
LP		 811static const char* const image_type_table[_IMAGE_TYPE_MAX] = {
812 [IMAGE_DIRECTORY] = "directory",
813 [IMAGE_SUBVOLUME] = "subvolume",
aceac2f0 814 [IMAGE_RAW] = "raw",
cd61c3bf
LP		 815};
816
817DEFINE_STRING_TABLE_LOOKUP(image_type, ImageType);
Unnamed repository; edit this file 'description' to name the repository.