]> git.ipfire.org Git - thirdparty/systemd.git/blame_incremental - src/shared/mount-util.h
shared: add new safe_fork flag FORK_PRIVATE_TMP
[thirdparty/systemd.git] / src / shared / mount-util.h
... / ...
CommitLineData
1/* SPDX-License-Identifier: LGPL-2.1-or-later */
2#pragma once
3
4#include <mntent.h>
5#include <stdio.h>
6#include <sys/stat.h>
7#include <unistd.h>
8
9#include "alloc-util.h"
10#include "dissect-image.h"
11#include "errno-util.h"
12#include "macro.h"
13
14typedef enum MountAttrPropagationType {
15 MOUNT_ATTR_PROPAGATION_INHERIT, /* no special MS_* propagation flags */
16 MOUNT_ATTR_PROPAGATION_PRIVATE, /* MS_PRIVATE */
17 MOUNT_ATTR_PROPAGATION_DEPENDENT, /* MS_SLAVE */
18 MOUNT_ATTR_PROPAGATION_SHARED, /* MS_SHARE */
19
20 _MOUNT_ATTR_PROPAGATION_TYPE_MAX,
21 _MOUNT_ATTR_PROPAGATION_TYPE_INVALID = -EINVAL,
22} MountAttrPropagationType;
23
24const char* mount_attr_propagation_type_to_string(MountAttrPropagationType t) _const_;
25MountAttrPropagationType mount_attr_propagation_type_from_string(const char *s) _pure_;
26unsigned int mount_attr_propagation_type_to_flag(MountAttrPropagationType t);
27
28int repeat_unmount(const char *path, int flags);
29int umount_recursive(const char *target, int flags);
30
31int bind_remount_recursive_with_mountinfo(const char *prefix, unsigned long new_flags, unsigned long flags_mask, char **deny_list, FILE *proc_self_mountinfo);
32static inline int bind_remount_recursive(const char *prefix, unsigned long new_flags, unsigned long flags_mask, char **deny_list) {
33 return bind_remount_recursive_with_mountinfo(prefix, new_flags, flags_mask, deny_list, NULL);
34}
35
36int bind_remount_one_with_mountinfo(const char *path, unsigned long new_flags, unsigned long flags_mask, FILE *proc_self_mountinfo);
37
38int mount_switch_root(const char *path, MountAttrPropagationType type);
39
40DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(FILE*, endmntent, NULL);
41#define _cleanup_endmntent_ _cleanup_(endmntentp)
42
43int mount_verbose_full(
44 int error_log_level,
45 const char *what,
46 const char *where,
47 const char *type,
48 unsigned long flags,
49 const char *options,
50 bool follow_symlink);
51
52static inline int mount_follow_verbose(
53 int error_log_level,
54 const char *what,
55 const char *where,
56 const char *type,
57 unsigned long flags,
58 const char *options) {
59 return mount_verbose_full(error_log_level, what, where, type, flags, options, true);
60}
61
62static inline int mount_nofollow_verbose(
63 int error_log_level,
64 const char *what,
65 const char *where,
66 const char *type,
67 unsigned long flags,
68 const char *options) {
69 return mount_verbose_full(error_log_level, what, where, type, flags, options, false);
70}
71
72int umount_verbose(
73 int error_log_level,
74 const char *where,
75 int flags);
76
77int mount_option_mangle(
78 const char *options,
79 unsigned long mount_flags,
80 unsigned long *ret_mount_flags,
81 char **ret_remaining_options);
82
83int mode_to_inaccessible_node(const char *runtime_dir, mode_t mode, char **dest);
84int mount_flags_to_string(unsigned long flags, char **ret);
85
86/* Useful for usage with _cleanup_(), unmounts, removes a directory and frees the pointer */
87static inline char* umount_and_rmdir_and_free(char *p) {
88 PROTECT_ERRNO;
89 if (p) {
90 (void) umount_recursive(p, 0);
91 (void) rmdir(p);
92 }
93 return mfree(p);
94}
95DEFINE_TRIVIAL_CLEANUP_FUNC(char*, umount_and_rmdir_and_free);
96
97int bind_mount_in_namespace(pid_t target, const char *propagate_path, const char *incoming_path, const char *src, const char *dest, bool read_only, bool make_file_or_directory);
98int mount_image_in_namespace(pid_t target, const char *propagate_path, const char *incoming_path, const char *src, const char *dest, bool read_only, bool make_file_or_directory, const MountOptions *options);
99
100int make_mount_point(const char *path);
101
102typedef enum RemountIdmapping {
103 REMOUNT_IDMAPPING_NONE,
104 /* Include a mapping from UID_MAPPED_ROOT (i.e. UID 2^31-2) on the backing fs to UID 0 on the
105 * uidmapped fs. This is useful to ensure that the host root user can safely add inodes to the
106 * uidmapped fs (which otherwise wouldn't work as the host root user is not defined on the uidmapped
107 * mount and any attempts to create inodes will then be refused with EOVERFLOW). The idea is that
108 * these inodes are quickly re-chown()ed to more suitable UIDs/GIDs. Any code that intends to be able
109 * to add inodes to file systems mapped this way should set this flag, but given it comes with
110 * certain security implications defaults to off, and requires explicit opt-in. */
111 REMOUNT_IDMAPPING_HOST_ROOT,
112 /* Define a mapping from root user within the container to the owner of the bind mounted directory.
113 * This ensure no root-owned files will be written in a bind-mounted directory owned by a different
114 * user. No other users are mapped. */
115 REMOUNT_IDMAPPING_HOST_OWNER,
116 _REMOUNT_IDMAPPING_MAX,
117 _REMOUNT_IDMAPPING_INVALID = -EINVAL,
118} RemountIdmapping;
119
120int remount_idmap(const char *p, uid_t uid_shift, uid_t uid_range, uid_t owner, RemountIdmapping idmapping);
121
122/* Creates a mount point (not parents) based on the source path or stat - ie, a file or a directory */
123int make_mount_point_inode_from_stat(const struct stat *st, const char *dest, mode_t mode);
124int make_mount_point_inode_from_path(const char *source, const char *dest, mode_t mode);