]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
4349cd7c LP |
2 | #pragma once |
3 | ||
4349cd7c | 4 | #include <mntent.h> |
11c3a366 | 5 | #include <stdio.h> |
9c653536 | 6 | #include <sys/stat.h> |
e49ee285 | 7 | #include <unistd.h> |
4e036b7a | 8 | |
75f79cd2 | 9 | #include "alloc-util.h" |
70599967 | 10 | #include "dissect-image.h" |
e49ee285 | 11 | #include "errno-util.h" |
11c3a366 | 12 | #include "macro.h" |
5f48198a | 13 | #include "pidref.h" |
4349cd7c | 14 | |
3f2c0bec | 15 | int repeat_unmount(const char *path, int flags); |
84bcb394 LP |
16 | |
17 | int umount_recursive_full(const char *target, int flags, char **keep); | |
18 | ||
19 | static inline int umount_recursive(const char *target, int flags) { | |
20 | return umount_recursive_full(target, flags, NULL); | |
21 | } | |
0289948e | 22 | |
6b000af4 | 23 | int bind_remount_recursive_with_mountinfo(const char *prefix, unsigned long new_flags, unsigned long flags_mask, char **deny_list, FILE *proc_self_mountinfo); |
0289948e LP |
24 | static inline int bind_remount_recursive(const char *prefix, unsigned long new_flags, unsigned long flags_mask, char **deny_list) { |
25 | return bind_remount_recursive_with_mountinfo(prefix, new_flags, flags_mask, deny_list, NULL); | |
26 | } | |
27 | ||
7cce68e1 | 28 | int bind_remount_one_with_mountinfo(const char *path, unsigned long new_flags, unsigned long flags_mask, FILE *proc_self_mountinfo); |
4349cd7c | 29 | |
ea0f3289 LP |
30 | int mount_switch_root_full(const char *path, unsigned long mount_propagation_flag, bool force_ms_move); |
31 | static inline int mount_switch_root(const char *path, unsigned long mount_propagation_flag) { | |
32 | return mount_switch_root_full(path, mount_propagation_flag, false); | |
33 | } | |
4349cd7c | 34 | |
fd421c4a | 35 | DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(FILE*, endmntent, NULL); |
4349cd7c | 36 | #define _cleanup_endmntent_ _cleanup_(endmntentp) |
4e036b7a | 37 | |
511a8cfe | 38 | int mount_verbose_full( |
60e76d48 ZJS |
39 | int error_log_level, |
40 | const char *what, | |
41 | const char *where, | |
42 | const char *type, | |
43 | unsigned long flags, | |
511a8cfe LP |
44 | const char *options, |
45 | bool follow_symlink); | |
46 | ||
47 | static inline int mount_follow_verbose( | |
48 | int error_log_level, | |
49 | const char *what, | |
50 | const char *where, | |
51 | const char *type, | |
52 | unsigned long flags, | |
53 | const char *options) { | |
54 | return mount_verbose_full(error_log_level, what, where, type, flags, options, true); | |
55 | } | |
56 | ||
57 | static inline int mount_nofollow_verbose( | |
58 | int error_log_level, | |
59 | const char *what, | |
60 | const char *where, | |
61 | const char *type, | |
62 | unsigned long flags, | |
63 | const char *options) { | |
64 | return mount_verbose_full(error_log_level, what, where, type, flags, options, false); | |
65 | } | |
66 | ||
30f5d104 LP |
67 | int umount_verbose( |
68 | int error_log_level, | |
69 | const char *where, | |
70 | int flags); | |
83555251 | 71 | |
7c83d42e LB |
72 | int mount_exchange_graceful(int fsmount_fd, const char *dest, bool mount_beneath); |
73 | ||
9e7f941a YW |
74 | int mount_option_mangle( |
75 | const char *options, | |
76 | unsigned long mount_flags, | |
77 | unsigned long *ret_mount_flags, | |
78 | char **ret_remaining_options); | |
be1791ad | 79 | |
e5f10caf | 80 | int mode_to_inaccessible_node(const char *runtime_dir, mode_t mode, char **dest); |
da185cd0 | 81 | int mount_flags_to_string(unsigned long flags, char **ret); |
e49ee285 LP |
82 | |
83 | /* Useful for usage with _cleanup_(), unmounts, removes a directory and frees the pointer */ | |
f93ba375 | 84 | static inline char* umount_and_rmdir_and_free(char *p) { |
e49ee285 | 85 | PROTECT_ERRNO; |
4d686e6b LP |
86 | if (p) { |
87 | (void) umount_recursive(p, 0); | |
88 | (void) rmdir(p); | |
89 | } | |
75f79cd2 | 90 | return mfree(p); |
e49ee285 LP |
91 | } |
92 | DEFINE_TRIVIAL_CLEANUP_FUNC(char*, umount_and_rmdir_and_free); | |
6af52c3a | 93 | |
a789f72e LP |
94 | static inline char *umount_and_free(char *p) { |
95 | PROTECT_ERRNO; | |
96 | if (p) | |
97 | (void) umount_recursive(p, 0); | |
98 | return mfree(p); | |
99 | } | |
100 | DEFINE_TRIVIAL_CLEANUP_FUNC(char*, umount_and_free); | |
101 | ||
5f48198a LB |
102 | int bind_mount_in_namespace(PidRef *target, const char *propagate_path, const char *incoming_path, const char *src, const char *dest, bool read_only, bool make_file_or_directory); |
103 | int mount_image_in_namespace(PidRef *target, const char *propagate_path, const char *incoming_path, const char *src, const char *dest, bool read_only, bool make_file_or_directory, const MountOptions *options, const ImagePolicy *image_policy); | |
14a25e1f LP |
104 | |
105 | int make_mount_point(const char *path); | |
f9ad896e | 106 | int fd_make_mount_point(int fd); |
35fd3558 | 107 | |
1aa18710 QD |
108 | typedef enum RemountIdmapping { |
109 | REMOUNT_IDMAPPING_NONE, | |
50ae2966 LP |
110 | /* Include a mapping from UID_MAPPED_ROOT (i.e. UID 2^31-2) on the backing fs to UID 0 on the |
111 | * uidmapped fs. This is useful to ensure that the host root user can safely add inodes to the | |
112 | * uidmapped fs (which otherwise wouldn't work as the host root user is not defined on the uidmapped | |
113 | * mount and any attempts to create inodes will then be refused with EOVERFLOW). The idea is that | |
114 | * these inodes are quickly re-chown()ed to more suitable UIDs/GIDs. Any code that intends to be able | |
115 | * to add inodes to file systems mapped this way should set this flag, but given it comes with | |
116 | * certain security implications defaults to off, and requires explicit opt-in. */ | |
1aa18710 | 117 | REMOUNT_IDMAPPING_HOST_ROOT, |
2b2777ed QD |
118 | /* Define a mapping from root user within the container to the owner of the bind mounted directory. |
119 | * This ensure no root-owned files will be written in a bind-mounted directory owned by a different | |
120 | * user. No other users are mapped. */ | |
121 | REMOUNT_IDMAPPING_HOST_OWNER, | |
1aa18710 QD |
122 | _REMOUNT_IDMAPPING_MAX, |
123 | _REMOUNT_IDMAPPING_INVALID = -EINVAL, | |
124 | } RemountIdmapping; | |
50ae2966 | 125 | |
17b798d9 LP |
126 | int make_userns(uid_t uid_shift, uid_t uid_range, uid_t owner, RemountIdmapping idmapping); |
127 | int remount_idmap_fd(const char *p, int userns_fd); | |
2b2777ed | 128 | int remount_idmap(const char *p, uid_t uid_shift, uid_t uid_range, uid_t owner, RemountIdmapping idmapping); |
9c653536 | 129 | |
1b618bf1 LP |
130 | int bind_mount_submounts( |
131 | const char *source, | |
132 | const char *target); | |
133 | ||
9c653536 ZJS |
134 | /* Creates a mount point (not parents) based on the source path or stat - ie, a file or a directory */ |
135 | int make_mount_point_inode_from_stat(const struct stat *st, const char *dest, mode_t mode); | |
136 | int make_mount_point_inode_from_path(const char *source, const char *dest, mode_t mode); | |
506c1bb5 DDM |
137 | |
138 | int trigger_automount_at(int dir_fd, const char *path); | |
1155f44f LP |
139 | |
140 | unsigned long credentials_fs_mount_flags(bool ro); | |
141 | int mount_credentials_fs(const char *path, size_t size, bool ro); | |
44cc82bf LP |
142 | |
143 | int make_fsmount(int error_log_level, const char *what, const char *type, unsigned long flags, const char *options, int userns_fd); |