]>
Commit | Line | Data |
---|---|---|
5cfa33e0 ZJS |
1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
2 | ||
e8630e69 ZJS |
3 | #include "dirent-util.h" |
4 | #include "fd-util.h" | |
5 | #include "fs-util.h" | |
5cfa33e0 | 6 | #include "macro.h" |
e8630e69 ZJS |
7 | #include "path-lookup.h" |
8 | #include "set.h" | |
9 | #include "stat-util.h" | |
7d1e91d1 | 10 | #include "string-util.h" |
e8630e69 | 11 | #include "strv.h" |
5cfa33e0 ZJS |
12 | #include "unit-file.h" |
13 | ||
14 | bool unit_type_may_alias(UnitType type) { | |
15 | return IN_SET(type, | |
16 | UNIT_SERVICE, | |
17 | UNIT_SOCKET, | |
18 | UNIT_TARGET, | |
19 | UNIT_DEVICE, | |
20 | UNIT_TIMER, | |
21 | UNIT_PATH); | |
22 | } | |
23 | ||
24 | bool unit_type_may_template(UnitType type) { | |
25 | return IN_SET(type, | |
26 | UNIT_SERVICE, | |
27 | UNIT_SOCKET, | |
28 | UNIT_TARGET, | |
29 | UNIT_TIMER, | |
30 | UNIT_PATH); | |
31 | } | |
7d1e91d1 ZJS |
32 | |
33 | int unit_validate_alias_symlink_and_warn(const char *filename, const char *target) { | |
34 | const char *src, *dst; | |
35 | _cleanup_free_ char *src_instance = NULL, *dst_instance = NULL; | |
36 | UnitType src_unit_type, dst_unit_type; | |
37 | int src_name_type, dst_name_type; | |
38 | ||
39 | /* Check if the *alias* symlink is valid. This applies to symlinks like | |
40 | * /etc/systemd/system/dbus.service → dbus-broker.service, but not to .wants or .requires symlinks | |
41 | * and such. Neither does this apply to symlinks which *link* units, i.e. symlinks to outside of the | |
42 | * unit lookup path. | |
43 | * | |
44 | * -EINVAL is returned if the something is wrong with the source filename or the source unit type is | |
45 | * not allowed to symlink, | |
46 | * -EXDEV if the target filename is not a valid unit name or doesn't match the source. | |
47 | */ | |
48 | ||
49 | src = basename(filename); | |
50 | dst = basename(target); | |
51 | ||
52 | /* src checks */ | |
53 | ||
54 | src_name_type = unit_name_to_instance(src, &src_instance); | |
55 | if (src_name_type < 0) | |
56 | return log_notice_errno(src_name_type, | |
57 | "%s: not a valid unit name \"%s\": %m", filename, src); | |
58 | ||
59 | src_unit_type = unit_name_to_type(src); | |
60 | assert(src_unit_type >= 0); /* unit_name_to_instance() checked the suffix already */ | |
61 | ||
62 | if (!unit_type_may_alias(src_unit_type)) | |
63 | return log_notice_errno(SYNTHETIC_ERRNO(EINVAL), | |
64 | "%s: symlinks are not allowed for units of this type, rejecting.", | |
65 | filename); | |
66 | ||
67 | if (src_name_type != UNIT_NAME_PLAIN && | |
68 | !unit_type_may_template(src_unit_type)) | |
69 | return log_notice_errno(SYNTHETIC_ERRNO(EINVAL), | |
70 | "%s: templates not allowed for %s units, rejecting.", | |
71 | filename, unit_type_to_string(src_unit_type)); | |
72 | ||
73 | /* dst checks */ | |
74 | ||
75 | dst_name_type = unit_name_to_instance(dst, &dst_instance); | |
76 | if (dst_name_type < 0) | |
77 | return log_notice_errno(dst_name_type == -EINVAL ? SYNTHETIC_ERRNO(EXDEV) : dst_name_type, | |
78 | "%s points to \"%s\" which is not a valid unit name: %m", | |
79 | filename, dst); | |
80 | ||
81 | if (!(dst_name_type == src_name_type || | |
82 | (src_name_type == UNIT_NAME_INSTANCE && dst_name_type == UNIT_NAME_TEMPLATE))) | |
83 | return log_notice_errno(SYNTHETIC_ERRNO(EXDEV), | |
84 | "%s: symlink target name type \"%s\" does not match source, rejecting.", | |
85 | filename, dst); | |
86 | ||
87 | if (dst_name_type == UNIT_NAME_INSTANCE) { | |
88 | assert(src_instance); | |
89 | assert(dst_instance); | |
90 | if (!streq(src_instance, dst_instance)) | |
91 | return log_notice_errno(SYNTHETIC_ERRNO(EXDEV), | |
92 | "%s: unit symlink target \"%s\" instance name doesn't match, rejecting.", | |
93 | filename, dst); | |
94 | } | |
95 | ||
96 | dst_unit_type = unit_name_to_type(dst); | |
97 | if (dst_unit_type != src_unit_type) | |
98 | return log_notice_errno(SYNTHETIC_ERRNO(EXDEV), | |
99 | "%s: symlink target \"%s\" has incompatible suffix, rejecting.", | |
100 | filename, dst); | |
101 | ||
102 | return 0; | |
103 | } | |
e8630e69 ZJS |
104 | |
105 | #define FOLLOW_MAX 8 | |
106 | ||
107 | static int unit_ids_map_get( | |
108 | Hashmap *unit_ids_map, | |
109 | const char *unit_name, | |
110 | const char **ret_fragment_path) { | |
111 | ||
112 | /* Resolve recursively until we hit an absolute path, i.e. a non-aliased unit. | |
113 | * | |
114 | * We distinguish the case where unit_name was not found in the hashmap at all, and the case where | |
115 | * some symlink was broken. | |
116 | * | |
117 | * If a symlink target points to an instance name, then we also check for the template. */ | |
118 | ||
119 | const char *id = NULL; | |
120 | int r; | |
121 | ||
122 | for (unsigned n = 0; n < FOLLOW_MAX; n++) { | |
123 | const char *t = hashmap_get(unit_ids_map, id ?: unit_name); | |
124 | if (!t) { | |
125 | _cleanup_free_ char *template = NULL; | |
126 | ||
127 | if (!id) | |
128 | return -ENOENT; | |
129 | ||
130 | r = unit_name_template(id, &template); | |
131 | if (r == -EINVAL) | |
132 | return -ENXIO; /* we failed to find the symlink target */ | |
133 | if (r < 0) | |
134 | return log_error_errno(r, "Failed to determine template name for %s: %m", id); | |
135 | ||
136 | t = hashmap_get(unit_ids_map, template); | |
137 | if (!t) | |
138 | return -ENXIO; | |
139 | ||
140 | /* We successfully switched from instanced name to a template, let's continue */ | |
141 | } | |
142 | ||
143 | if (path_is_absolute(t)) { | |
144 | if (ret_fragment_path) | |
145 | *ret_fragment_path = t; | |
146 | return 0; | |
147 | } | |
148 | ||
149 | id = t; | |
150 | } | |
151 | ||
152 | return -ELOOP; | |
153 | } | |
154 | ||
91e0ee5f ZJS |
155 | static bool lookup_paths_mtime_exclude(const LookupPaths *lp, const char *path) { |
156 | /* Paths that are under our exclusive control. Users shall not alter those directly. */ | |
157 | ||
158 | return streq_ptr(path, lp->generator) || | |
159 | streq_ptr(path, lp->generator_early) || | |
160 | streq_ptr(path, lp->generator_late) || | |
161 | streq_ptr(path, lp->transient) || | |
162 | streq_ptr(path, lp->persistent_control) || | |
163 | streq_ptr(path, lp->runtime_control); | |
164 | } | |
165 | ||
166 | static bool lookup_paths_mtime_good(const LookupPaths *lp, usec_t mtime) { | |
167 | char **dir; | |
168 | ||
169 | STRV_FOREACH(dir, (char**) lp->search_path) { | |
170 | struct stat st; | |
171 | ||
172 | if (lookup_paths_mtime_exclude(lp, *dir)) | |
173 | continue; | |
174 | ||
175 | /* Determine the latest lookup path modification time */ | |
176 | if (stat(*dir, &st) < 0) { | |
177 | if (errno == ENOENT) | |
178 | continue; | |
179 | ||
180 | log_debug_errno(errno, "Failed to stat %s, ignoring: %m", *dir); | |
181 | continue; | |
182 | } | |
183 | ||
184 | if (timespec_load(&st.st_mtim) > mtime) { | |
185 | log_debug_errno(errno, "Unit dir %s has changed, need to update cache.", *dir); | |
186 | return false; | |
187 | } | |
188 | } | |
189 | ||
190 | return true; | |
191 | } | |
192 | ||
e8630e69 ZJS |
193 | int unit_file_build_name_map( |
194 | const LookupPaths *lp, | |
91e0ee5f | 195 | usec_t *cache_mtime, |
e8630e69 ZJS |
196 | Hashmap **ret_unit_ids_map, |
197 | Hashmap **ret_unit_names_map, | |
198 | Set **ret_path_cache) { | |
199 | ||
200 | /* Build two mappings: any name → main unit (i.e. the end result of symlink resolution), unit name → | |
201 | * all aliases (i.e. the entry for a given key is a a list of all names which point to this key). The | |
202 | * key is included in the value iff we saw a file or symlink with that name. In other words, if we | |
203 | * have a key, but it is not present in the value for itself, there was an alias pointing to it, but | |
204 | * the unit itself is not loadable. | |
205 | * | |
206 | * At the same, build a cache of paths where to find units. | |
207 | */ | |
208 | ||
209 | _cleanup_hashmap_free_ Hashmap *ids = NULL, *names = NULL; | |
210 | _cleanup_set_free_free_ Set *paths = NULL; | |
211 | char **dir; | |
212 | int r; | |
91e0ee5f ZJS |
213 | usec_t mtime = 0; |
214 | ||
215 | /* Before doing anything, check if the mtime that was passed is still valid. If | |
216 | * yes, do nothing. If *cache_time == 0, always build the cache. */ | |
217 | if (cache_mtime && *cache_mtime > 0 && lookup_paths_mtime_good(lp, *cache_mtime)) | |
218 | return 0; | |
e8630e69 ZJS |
219 | |
220 | if (ret_path_cache) { | |
221 | paths = set_new(&path_hash_ops); | |
222 | if (!paths) | |
223 | return log_oom(); | |
224 | } | |
225 | ||
226 | STRV_FOREACH(dir, (char**) lp->search_path) { | |
227 | struct dirent *de; | |
228 | _cleanup_closedir_ DIR *d = NULL; | |
91e0ee5f | 229 | struct stat st; |
e8630e69 ZJS |
230 | |
231 | d = opendir(*dir); | |
232 | if (!d) { | |
233 | if (errno != ENOENT) | |
234 | log_warning_errno(errno, "Failed to open \"%s\", ignoring: %m", *dir); | |
235 | continue; | |
236 | } | |
237 | ||
91e0ee5f ZJS |
238 | /* Determine the latest lookup path modification time */ |
239 | if (fstat(dirfd(d), &st) < 0) | |
240 | return log_error_errno(errno, "Failed to fstat %s: %m", *dir); | |
241 | ||
242 | if (!lookup_paths_mtime_exclude(lp, *dir)) | |
243 | mtime = MAX(mtime, timespec_load(&st.st_mtim)); | |
244 | ||
29a45fe5 | 245 | FOREACH_DIRENT_ALL(de, d, log_warning_errno(errno, "Failed to read \"%s\", ignoring: %m", *dir)) { |
e8630e69 ZJS |
246 | char *filename; |
247 | _cleanup_free_ char *_filename_free = NULL, *simplified = NULL; | |
248 | const char *suffix, *dst = NULL; | |
890befcf ZJS |
249 | bool valid_unit_name; |
250 | ||
251 | valid_unit_name = unit_name_is_valid(de->d_name, UNIT_NAME_ANY); | |
252 | ||
253 | /* We only care about valid units and dirs with certain suffixes, let's ignore the | |
254 | * rest. */ | |
255 | if (!valid_unit_name && | |
256 | !ENDSWITH_SET(de->d_name, ".wants", ".requires", ".d")) | |
257 | continue; | |
e8630e69 ZJS |
258 | |
259 | filename = path_join(*dir, de->d_name); | |
260 | if (!filename) | |
261 | return log_oom(); | |
262 | ||
263 | if (ret_path_cache) { | |
264 | r = set_consume(paths, filename); | |
265 | if (r < 0) | |
266 | return log_oom(); | |
267 | /* We will still use filename below. This is safe because we know the set | |
268 | * holds a reference. */ | |
269 | } else | |
270 | _filename_free = filename; /* Make sure we free the filename. */ | |
271 | ||
890befcf | 272 | if (!valid_unit_name) |
e8630e69 ZJS |
273 | continue; |
274 | assert_se(suffix = strrchr(de->d_name, '.')); | |
275 | ||
276 | /* search_path is ordered by priority (highest first). If the name is already mapped | |
277 | * to something (incl. itself), it means that we have already seen it, and we should | |
278 | * ignore it here. */ | |
279 | if (hashmap_contains(ids, de->d_name)) | |
280 | continue; | |
281 | ||
282 | if (de->d_type == DT_LNK) { | |
283 | /* We don't explicitly check for alias loops here. unit_ids_map_get() which | |
284 | * limits the number of hops should be used to access the map. */ | |
285 | ||
286 | _cleanup_free_ char *target = NULL, *target_abs = NULL; | |
287 | ||
288 | r = readlinkat_malloc(dirfd(d), de->d_name, &target); | |
289 | if (r < 0) { | |
290 | log_warning_errno(r, "Failed to read symlink %s/%s, ignoring: %m", | |
291 | *dir, de->d_name); | |
292 | continue; | |
293 | } | |
294 | ||
295 | if (!path_is_absolute(target)) { | |
296 | target_abs = path_join(*dir, target); | |
297 | if (!target_abs) | |
298 | return log_oom(); | |
299 | ||
300 | free_and_replace(target, target_abs); | |
301 | } | |
302 | ||
303 | /* Get rid of "." and ".." components in target path */ | |
304 | r = chase_symlinks(target, lp->root_dir, CHASE_NOFOLLOW | CHASE_NONEXISTENT, &simplified); | |
305 | if (r < 0) { | |
306 | log_warning_errno(r, "Failed to resolve symlink %s pointing to %s, ignoring: %m", | |
307 | filename, target); | |
308 | continue; | |
309 | } | |
310 | ||
311 | /* Check if the symlink goes outside of our search path. | |
312 | * If yes, it's a linked unit file or mask, and we don't care about the target name. | |
313 | * Let's just store the link destination directly. | |
314 | * If not, let's verify that it's a good symlink. */ | |
315 | char *tail = path_startswith_strv(simplified, lp->search_path); | |
316 | if (tail) { | |
317 | bool self_alias; | |
318 | ||
319 | dst = basename(simplified); | |
320 | self_alias = streq(dst, de->d_name); | |
321 | ||
322 | if (is_path(tail)) | |
323 | log_full(self_alias ? LOG_DEBUG : LOG_WARNING, | |
324 | "Suspicious symlink %s→%s, treating as alias.", | |
325 | filename, simplified); | |
326 | ||
327 | r = unit_validate_alias_symlink_and_warn(filename, simplified); | |
328 | if (r < 0) | |
329 | continue; | |
330 | ||
331 | if (self_alias) { | |
332 | /* A self-alias that has no effect */ | |
333 | log_debug("%s: self-alias: %s/%s → %s, ignoring.", | |
334 | __func__, *dir, de->d_name, dst); | |
335 | continue; | |
336 | } | |
337 | ||
338 | log_debug("%s: alias: %s/%s → %s", __func__, *dir, de->d_name, dst); | |
339 | } else { | |
340 | dst = simplified; | |
341 | ||
342 | log_debug("%s: linked unit file: %s/%s → %s", __func__, *dir, de->d_name, dst); | |
343 | } | |
344 | ||
345 | } else { | |
346 | dst = filename; | |
347 | log_debug("%s: normal unit file: %s", __func__, dst); | |
348 | } | |
349 | ||
350 | r = hashmap_put_strdup(&ids, de->d_name, dst); | |
351 | if (r < 0) | |
352 | return log_warning_errno(r, "Failed to add entry to hashmap (%s→%s): %m", | |
353 | de->d_name, dst); | |
354 | } | |
355 | } | |
356 | ||
357 | /* Let's also put the names in the reverse db. */ | |
358 | Iterator it; | |
359 | const char *dummy, *src; | |
360 | HASHMAP_FOREACH_KEY(dummy, src, ids, it) { | |
361 | const char *dst; | |
362 | ||
363 | r = unit_ids_map_get(ids, src, &dst); | |
364 | if (r < 0) | |
365 | continue; | |
366 | ||
367 | if (null_or_empty_path(dst) != 0) | |
368 | continue; | |
369 | ||
370 | /* Do not treat instance symlinks that point to the template as aliases */ | |
371 | if (unit_name_is_valid(basename(dst), UNIT_NAME_TEMPLATE) && | |
372 | unit_name_is_valid(src, UNIT_NAME_INSTANCE)) | |
373 | continue; | |
374 | ||
375 | r = string_strv_hashmap_put(&names, basename(dst), src); | |
376 | if (r < 0) | |
377 | return log_warning_errno(r, "Failed to add entry to hashmap (%s→%s): %m", | |
378 | basename(dst), src); | |
379 | } | |
380 | ||
91e0ee5f ZJS |
381 | if (cache_mtime) |
382 | *cache_mtime = mtime; | |
e8630e69 ZJS |
383 | *ret_unit_ids_map = TAKE_PTR(ids); |
384 | *ret_unit_names_map = TAKE_PTR(names); | |
385 | if (ret_path_cache) | |
386 | *ret_path_cache = TAKE_PTR(paths); | |
387 | ||
91e0ee5f | 388 | return 1; |
e8630e69 ZJS |
389 | } |
390 | ||
391 | int unit_file_find_fragment( | |
392 | Hashmap *unit_ids_map, | |
393 | Hashmap *unit_name_map, | |
394 | const char *unit_name, | |
395 | const char **ret_fragment_path, | |
396 | Set **ret_names) { | |
397 | ||
398 | const char *fragment = NULL; | |
399 | _cleanup_free_ char *template = NULL, *instance = NULL; | |
400 | _cleanup_set_free_free_ Set *names = NULL; | |
401 | char **t, **nnn; | |
402 | int r, name_type; | |
403 | ||
404 | /* Finds a fragment path, and returns the set of names: | |
405 | * if we have …/foo.service and …/foo-alias.service→foo.service, | |
406 | * and …/foo@.service and …/foo-alias@.service→foo@.service, | |
407 | * and …/foo@inst.service, | |
408 | * this should return: | |
409 | * foo.service → …/foo.service, {foo.service, foo-alias.service}, | |
410 | * foo-alias.service → …/foo.service, {foo.service, foo-alias.service}, | |
411 | * foo@.service → …/foo@.service, {foo@.service, foo-alias@.service}, | |
412 | * foo-alias@.service → …/foo@.service, {foo@.service, foo-alias@.service}, | |
413 | * foo@bar.service → …/foo@.service, {foo@bar.service, foo-alias@bar.service}, | |
414 | * foo-alias@bar.service → …/foo@.service, {foo@bar.service, foo-alias@bar.service}, | |
415 | * foo-alias@inst.service → …/foo@inst.service, {foo@inst.service, foo-alias@inst.service}. | |
416 | */ | |
417 | ||
418 | name_type = unit_name_to_instance(unit_name, &instance); | |
419 | if (name_type < 0) | |
420 | return name_type; | |
421 | ||
422 | names = set_new(&string_hash_ops); | |
423 | if (!names) | |
424 | return -ENOMEM; | |
425 | ||
426 | /* The unit always has its own name if it's not a template. */ | |
b208cbe5 | 427 | if (IN_SET(name_type, UNIT_NAME_PLAIN, UNIT_NAME_INSTANCE)) { |
e8630e69 ZJS |
428 | r = set_put_strdup(names, unit_name); |
429 | if (r < 0) | |
430 | return r; | |
431 | } | |
432 | ||
433 | /* First try to load fragment under the original name */ | |
434 | r = unit_ids_map_get(unit_ids_map, unit_name, &fragment); | |
435 | if (r < 0 && !IN_SET(r, -ENOENT, -ENXIO)) | |
436 | return log_debug_errno(r, "Cannot load unit %s: %m", unit_name); | |
437 | ||
438 | if (fragment) { | |
439 | /* Add any aliases of the original name to the set of names */ | |
440 | nnn = hashmap_get(unit_name_map, basename(fragment)); | |
441 | STRV_FOREACH(t, nnn) { | |
b208cbe5 | 442 | if (name_type == UNIT_NAME_INSTANCE && unit_name_is_valid(*t, UNIT_NAME_TEMPLATE)) { |
e8630e69 ZJS |
443 | char *inst; |
444 | ||
445 | r = unit_name_replace_instance(*t, instance, &inst); | |
446 | if (r < 0) | |
b208cbe5 | 447 | return log_debug_errno(r, "Cannot build instance name %s+%s: %m", *t, instance); |
e8630e69 ZJS |
448 | |
449 | if (!streq(unit_name, inst)) | |
450 | log_debug("%s: %s has alias %s", __func__, unit_name, inst); | |
451 | ||
452 | log_info("%s: %s+%s → %s", __func__, *t, instance, inst); | |
453 | r = set_consume(names, inst); | |
454 | } else { | |
455 | if (!streq(unit_name, *t)) | |
456 | log_debug("%s: %s has alias %s", __func__, unit_name, *t); | |
457 | ||
458 | r = set_put_strdup(names, *t); | |
459 | } | |
460 | if (r < 0) | |
461 | return r; | |
462 | } | |
463 | } | |
464 | ||
465 | if (!fragment && name_type == UNIT_NAME_INSTANCE) { | |
466 | /* Look for a fragment under the template name */ | |
467 | ||
468 | r = unit_name_template(unit_name, &template); | |
469 | if (r < 0) | |
470 | return log_error_errno(r, "Failed to determine template name: %m"); | |
471 | ||
472 | r = unit_ids_map_get(unit_ids_map, template, &fragment); | |
473 | if (r < 0 && !IN_SET(r, -ENOENT, -ENXIO)) | |
771f8aef | 474 | return log_debug_errno(r, "Cannot load template %s: %m", template); |
e8630e69 ZJS |
475 | |
476 | if (fragment) { | |
477 | /* Add any aliases of the original name to the set of names */ | |
478 | nnn = hashmap_get(unit_name_map, basename(fragment)); | |
479 | STRV_FOREACH(t, nnn) { | |
480 | _cleanup_free_ char *inst = NULL; | |
481 | const char *inst_fragment = NULL; | |
482 | ||
483 | r = unit_name_replace_instance(*t, instance, &inst); | |
484 | if (r < 0) | |
485 | return log_debug_errno(r, "Cannot build instance name %s+%s: %m", template, instance); | |
486 | ||
487 | /* Exclude any aliases that point in some other direction. */ | |
488 | r = unit_ids_map_get(unit_ids_map, inst, &inst_fragment); | |
489 | if (r < 0 && !IN_SET(r, -ENOENT, -ENXIO)) | |
490 | return log_debug_errno(r, "Cannot find instance fragment %s: %m", inst); | |
491 | ||
492 | if (inst_fragment && | |
493 | !streq(basename(inst_fragment), basename(fragment))) { | |
494 | log_debug("Instance %s has fragment %s and is not an alias of %s.", | |
495 | inst, inst_fragment, unit_name); | |
496 | continue; | |
497 | } | |
498 | ||
499 | if (!streq(unit_name, inst)) | |
73fdd479 | 500 | log_debug("%s: %s has alias %s", __func__, unit_name, inst); |
e8630e69 ZJS |
501 | r = set_consume(names, TAKE_PTR(inst)); |
502 | if (r < 0) | |
503 | return r; | |
504 | } | |
505 | } | |
506 | } | |
507 | ||
508 | *ret_fragment_path = fragment; | |
509 | *ret_names = TAKE_PTR(names); | |
510 | ||
511 | // FIXME: if instance, consider any unit names with different template name | |
512 | return 0; | |
513 | } |