]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/basic/fileio.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tree-wide: drop 'This file is part of systemd' blurb
[thirdparty/systemd.git] / src / basic / fileio.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 Copyright 2010 Lennart Poettering
4 ***/
5
6 #include <errno.h>
7 #include <fcntl.h>
8 #include <limits.h>
9 #include <stdarg.h>
10 #include <stdint.h>
11 #include <stdio_ext.h>
12 #include <stdlib.h>
13 #include <string.h>
14 #include <sys/mman.h>
15 #include <sys/stat.h>
16 #include <sys/types.h>
17 #include <unistd.h>
18
19 #include "alloc-util.h"
20 #include "ctype.h"
21 #include "def.h"
22 #include "env-util.h"
23 #include "escape.h"
24 #include "fd-util.h"
25 #include "fileio.h"
26 #include "fs-util.h"
27 #include "hexdecoct.h"
28 #include "log.h"
29 #include "macro.h"
30 #include "missing.h"
31 #include "parse-util.h"
32 #include "path-util.h"
33 #include "process-util.h"
34 #include "random-util.h"
35 #include "stdio-util.h"
36 #include "string-util.h"
37 #include "strv.h"
38 #include "time-util.h"
39 #include "umask-util.h"
40 #include "utf8.h"
41
42 #define READ_FULL_BYTES_MAX (4U*1024U*1024U)
43
44 int write_string_stream_ts(
45 FILE *f,
46 const char *line,
47 WriteStringFileFlags flags,
48 struct timespec *ts) {
49
50 bool needs_nl;
51 int r;
52
53 assert(f);
54 assert(line);
55
56 if (ferror(f))
57 return -EIO;
58
59 needs_nl = !(flags & WRITE_STRING_FILE_AVOID_NEWLINE) && !endswith(line, "\n");
60
61 if (needs_nl && (flags & WRITE_STRING_FILE_DISABLE_BUFFER)) {
62 /* If STDIO buffering was disabled, then let's append the newline character to the string itself, so
63 * that the write goes out in one go, instead of two */
64
65 line = strjoina(line, "\n");
66 needs_nl = false;
67 }
68
69 if (fputs(line, f) == EOF)
70 return -errno;
71
72 if (needs_nl)
73 if (fputc('\n', f) == EOF)
74 return -errno;
75
76 if (flags & WRITE_STRING_FILE_SYNC)
77 r = fflush_sync_and_check(f);
78 else
79 r = fflush_and_check(f);
80 if (r < 0)
81 return r;
82
83 if (ts) {
84 struct timespec twice[2] = {*ts, *ts};
85
86 if (futimens(fileno(f), twice) < 0)
87 return -errno;
88 }
89
90 return 0;
91 }
92
93 static int write_string_file_atomic(
94 const char *fn,
95 const char *line,
96 WriteStringFileFlags flags,
97 struct timespec *ts) {
98
99 _cleanup_fclose_ FILE *f = NULL;
100 _cleanup_free_ char *p = NULL;
101 int r;
102
103 assert(fn);
104 assert(line);
105
106 r = fopen_temporary(fn, &f, &p);
107 if (r < 0)
108 return r;
109
110 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
111 (void) fchmod_umask(fileno(f), 0644);
112
113 r = write_string_stream_ts(f, line, flags, ts);
114 if (r < 0)
115 goto fail;
116
117 if (rename(p, fn) < 0) {
118 r = -errno;
119 goto fail;
120 }
121
122 return 0;
123
124 fail:
125 (void) unlink(p);
126 return r;
127 }
128
129 int write_string_file_ts(
130 const char *fn,
131 const char *line,
132 WriteStringFileFlags flags,
133 struct timespec *ts) {
134
135 _cleanup_fclose_ FILE *f = NULL;
136 int q, r;
137
138 assert(fn);
139 assert(line);
140
141 /* We don't know how to verify whether the file contents was already on-disk. */
142 assert(!((flags & WRITE_STRING_FILE_VERIFY_ON_FAILURE) && (flags & WRITE_STRING_FILE_SYNC)));
143
144 if (flags & WRITE_STRING_FILE_ATOMIC) {
145 assert(flags & WRITE_STRING_FILE_CREATE);
146
147 r = write_string_file_atomic(fn, line, flags, ts);
148 if (r < 0)
149 goto fail;
150
151 return r;
152 } else
153 assert(!ts);
154
155 if (flags & WRITE_STRING_FILE_CREATE) {
156 f = fopen(fn, "we");
157 if (!f) {
158 r = -errno;
159 goto fail;
160 }
161 } else {
162 int fd;
163
164 /* We manually build our own version of fopen(..., "we") that
165 * works without O_CREAT */
166 fd = open(fn, O_WRONLY|O_CLOEXEC|O_NOCTTY);
167 if (fd < 0) {
168 r = -errno;
169 goto fail;
170 }
171
172 f = fdopen(fd, "we");
173 if (!f) {
174 r = -errno;
175 safe_close(fd);
176 goto fail;
177 }
178 }
179
180 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
181
182 if (flags & WRITE_STRING_FILE_DISABLE_BUFFER)
183 setvbuf(f, NULL, _IONBF, 0);
184
185 r = write_string_stream_ts(f, line, flags, ts);
186 if (r < 0)
187 goto fail;
188
189 return 0;
190
191 fail:
192 if (!(flags & WRITE_STRING_FILE_VERIFY_ON_FAILURE))
193 return r;
194
195 f = safe_fclose(f);
196
197 /* OK, the operation failed, but let's see if the right
198 * contents in place already. If so, eat up the error. */
199
200 q = verify_file(fn, line, !(flags & WRITE_STRING_FILE_AVOID_NEWLINE));
201 if (q <= 0)
202 return r;
203
204 return 0;
205 }
206
207 int write_string_filef(
208 const char *fn,
209 WriteStringFileFlags flags,
210 const char *format, ...) {
211
212 _cleanup_free_ char *p = NULL;
213 va_list ap;
214 int r;
215
216 va_start(ap, format);
217 r = vasprintf(&p, format, ap);
218 va_end(ap);
219
220 if (r < 0)
221 return -ENOMEM;
222
223 return write_string_file(fn, p, flags);
224 }
225
226 int read_one_line_file(const char *fn, char **line) {
227 _cleanup_fclose_ FILE *f = NULL;
228 int r;
229
230 assert(fn);
231 assert(line);
232
233 f = fopen(fn, "re");
234 if (!f)
235 return -errno;
236
237 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
238
239 r = read_line(f, LONG_LINE_MAX, line);
240 return r < 0 ? r : 0;
241 }
242
243 int verify_file(const char *fn, const char *blob, bool accept_extra_nl) {
244 _cleanup_fclose_ FILE *f = NULL;
245 _cleanup_free_ char *buf = NULL;
246 size_t l, k;
247
248 assert(fn);
249 assert(blob);
250
251 l = strlen(blob);
252
253 if (accept_extra_nl && endswith(blob, "\n"))
254 accept_extra_nl = false;
255
256 buf = malloc(l + accept_extra_nl + 1);
257 if (!buf)
258 return -ENOMEM;
259
260 f = fopen(fn, "re");
261 if (!f)
262 return -errno;
263
264 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
265
266 /* We try to read one byte more than we need, so that we know whether we hit eof */
267 errno = 0;
268 k = fread(buf, 1, l + accept_extra_nl + 1, f);
269 if (ferror(f))
270 return errno > 0 ? -errno : -EIO;
271
272 if (k != l && k != l + accept_extra_nl)
273 return 0;
274 if (memcmp(buf, blob, l) != 0)
275 return 0;
276 if (k > l && buf[l] != '\n')
277 return 0;
278
279 return 1;
280 }
281
282 int read_full_stream(FILE *f, char **contents, size_t *size) {
283 _cleanup_free_ char *buf = NULL;
284 struct stat st;
285 size_t n, l;
286 int fd;
287
288 assert(f);
289 assert(contents);
290
291 n = LINE_MAX;
292
293 fd = fileno(f);
294 if (fd >= 0) { /* If the FILE* object is backed by an fd (as opposed to memory or such, see fmemopen(), let's
295 * optimize our buffering) */
296
297 if (fstat(fileno(f), &st) < 0)
298 return -errno;
299
300 if (S_ISREG(st.st_mode)) {
301
302 /* Safety check */
303 if (st.st_size > READ_FULL_BYTES_MAX)
304 return -E2BIG;
305
306 /* Start with the right file size, but be prepared for files from /proc which generally report a file
307 * size of 0. Note that we increase the size to read here by one, so that the first read attempt
308 * already makes us notice the EOF. */
309 if (st.st_size > 0)
310 n = st.st_size + 1;
311 }
312 }
313
314 l = 0;
315 for (;;) {
316 char *t;
317 size_t k;
318
319 t = realloc(buf, n + 1);
320 if (!t)
321 return -ENOMEM;
322
323 buf = t;
324 errno = 0;
325 k = fread(buf + l, 1, n - l, f);
326 if (k > 0)
327 l += k;
328
329 if (ferror(f))
330 return errno > 0 ? -errno : -EIO;
331
332 if (feof(f))
333 break;
334
335 /* We aren't expecting fread() to return a short read outside
336 * of (error && eof), assert buffer is full and enlarge buffer.
337 */
338 assert(l == n);
339
340 /* Safety check */
341 if (n >= READ_FULL_BYTES_MAX)
342 return -E2BIG;
343
344 n = MIN(n * 2, READ_FULL_BYTES_MAX);
345 }
346
347 buf[l] = 0;
348 *contents = TAKE_PTR(buf);
349
350 if (size)
351 *size = l;
352
353 return 0;
354 }
355
356 int read_full_file(const char *fn, char **contents, size_t *size) {
357 _cleanup_fclose_ FILE *f = NULL;
358
359 assert(fn);
360 assert(contents);
361
362 f = fopen(fn, "re");
363 if (!f)
364 return -errno;
365
366 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
367
368 return read_full_stream(f, contents, size);
369 }
370
371 static int parse_env_file_internal(
372 FILE *f,
373 const char *fname,
374 const char *newline,
375 int (*push) (const char *filename, unsigned line,
376 const char *key, char *value, void *userdata, int *n_pushed),
377 void *userdata,
378 int *n_pushed) {
379
380 size_t key_alloc = 0, n_key = 0, value_alloc = 0, n_value = 0, last_value_whitespace = (size_t) -1, last_key_whitespace = (size_t) -1;
381 _cleanup_free_ char *contents = NULL, *key = NULL, *value = NULL;
382 unsigned line = 1;
383 char *p;
384 int r;
385
386 enum {
387 PRE_KEY,
388 KEY,
389 PRE_VALUE,
390 VALUE,
391 VALUE_ESCAPE,
392 SINGLE_QUOTE_VALUE,
393 SINGLE_QUOTE_VALUE_ESCAPE,
394 DOUBLE_QUOTE_VALUE,
395 DOUBLE_QUOTE_VALUE_ESCAPE,
396 COMMENT,
397 COMMENT_ESCAPE
398 } state = PRE_KEY;
399
400 assert(newline);
401
402 if (f)
403 r = read_full_stream(f, &contents, NULL);
404 else
405 r = read_full_file(fname, &contents, NULL);
406 if (r < 0)
407 return r;
408
409 for (p = contents; *p; p++) {
410 char c = *p;
411
412 switch (state) {
413
414 case PRE_KEY:
415 if (strchr(COMMENTS, c))
416 state = COMMENT;
417 else if (!strchr(WHITESPACE, c)) {
418 state = KEY;
419 last_key_whitespace = (size_t) -1;
420
421 if (!GREEDY_REALLOC(key, key_alloc, n_key+2))
422 return -ENOMEM;
423
424 key[n_key++] = c;
425 }
426 break;
427
428 case KEY:
429 if (strchr(newline, c)) {
430 state = PRE_KEY;
431 line++;
432 n_key = 0;
433 } else if (c == '=') {
434 state = PRE_VALUE;
435 last_value_whitespace = (size_t) -1;
436 } else {
437 if (!strchr(WHITESPACE, c))
438 last_key_whitespace = (size_t) -1;
439 else if (last_key_whitespace == (size_t) -1)
440 last_key_whitespace = n_key;
441
442 if (!GREEDY_REALLOC(key, key_alloc, n_key+2))
443 return -ENOMEM;
444
445 key[n_key++] = c;
446 }
447
448 break;
449
450 case PRE_VALUE:
451 if (strchr(newline, c)) {
452 state = PRE_KEY;
453 line++;
454 key[n_key] = 0;
455
456 if (value)
457 value[n_value] = 0;
458
459 /* strip trailing whitespace from key */
460 if (last_key_whitespace != (size_t) -1)
461 key[last_key_whitespace] = 0;
462
463 r = push(fname, line, key, value, userdata, n_pushed);
464 if (r < 0)
465 return r;
466
467 n_key = 0;
468 value = NULL;
469 value_alloc = n_value = 0;
470
471 } else if (c == '\'')
472 state = SINGLE_QUOTE_VALUE;
473 else if (c == '\"')
474 state = DOUBLE_QUOTE_VALUE;
475 else if (c == '\\')
476 state = VALUE_ESCAPE;
477 else if (!strchr(WHITESPACE, c)) {
478 state = VALUE;
479
480 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
481 return -ENOMEM;
482
483 value[n_value++] = c;
484 }
485
486 break;
487
488 case VALUE:
489 if (strchr(newline, c)) {
490 state = PRE_KEY;
491 line++;
492
493 key[n_key] = 0;
494
495 if (value)
496 value[n_value] = 0;
497
498 /* Chomp off trailing whitespace from value */
499 if (last_value_whitespace != (size_t) -1)
500 value[last_value_whitespace] = 0;
501
502 /* strip trailing whitespace from key */
503 if (last_key_whitespace != (size_t) -1)
504 key[last_key_whitespace] = 0;
505
506 r = push(fname, line, key, value, userdata, n_pushed);
507 if (r < 0)
508 return r;
509
510 n_key = 0;
511 value = NULL;
512 value_alloc = n_value = 0;
513
514 } else if (c == '\\') {
515 state = VALUE_ESCAPE;
516 last_value_whitespace = (size_t) -1;
517 } else {
518 if (!strchr(WHITESPACE, c))
519 last_value_whitespace = (size_t) -1;
520 else if (last_value_whitespace == (size_t) -1)
521 last_value_whitespace = n_value;
522
523 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
524 return -ENOMEM;
525
526 value[n_value++] = c;
527 }
528
529 break;
530
531 case VALUE_ESCAPE:
532 state = VALUE;
533
534 if (!strchr(newline, c)) {
535 /* Escaped newlines we eat up entirely */
536 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
537 return -ENOMEM;
538
539 value[n_value++] = c;
540 }
541 break;
542
543 case SINGLE_QUOTE_VALUE:
544 if (c == '\'')
545 state = PRE_VALUE;
546 else if (c == '\\')
547 state = SINGLE_QUOTE_VALUE_ESCAPE;
548 else {
549 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
550 return -ENOMEM;
551
552 value[n_value++] = c;
553 }
554
555 break;
556
557 case SINGLE_QUOTE_VALUE_ESCAPE:
558 state = SINGLE_QUOTE_VALUE;
559
560 if (!strchr(newline, c)) {
561 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
562 return -ENOMEM;
563
564 value[n_value++] = c;
565 }
566 break;
567
568 case DOUBLE_QUOTE_VALUE:
569 if (c == '\"')
570 state = PRE_VALUE;
571 else if (c == '\\')
572 state = DOUBLE_QUOTE_VALUE_ESCAPE;
573 else {
574 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
575 return -ENOMEM;
576
577 value[n_value++] = c;
578 }
579
580 break;
581
582 case DOUBLE_QUOTE_VALUE_ESCAPE:
583 state = DOUBLE_QUOTE_VALUE;
584
585 if (!strchr(newline, c)) {
586 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
587 return -ENOMEM;
588
589 value[n_value++] = c;
590 }
591 break;
592
593 case COMMENT:
594 if (c == '\\')
595 state = COMMENT_ESCAPE;
596 else if (strchr(newline, c)) {
597 state = PRE_KEY;
598 line++;
599 }
600 break;
601
602 case COMMENT_ESCAPE:
603 state = COMMENT;
604 break;
605 }
606 }
607
608 if (IN_SET(state,
609 PRE_VALUE,
610 VALUE,
611 VALUE_ESCAPE,
612 SINGLE_QUOTE_VALUE,
613 SINGLE_QUOTE_VALUE_ESCAPE,
614 DOUBLE_QUOTE_VALUE,
615 DOUBLE_QUOTE_VALUE_ESCAPE)) {
616
617 key[n_key] = 0;
618
619 if (value)
620 value[n_value] = 0;
621
622 if (state == VALUE)
623 if (last_value_whitespace != (size_t) -1)
624 value[last_value_whitespace] = 0;
625
626 /* strip trailing whitespace from key */
627 if (last_key_whitespace != (size_t) -1)
628 key[last_key_whitespace] = 0;
629
630 r = push(fname, line, key, value, userdata, n_pushed);
631 if (r < 0)
632 return r;
633
634 value = NULL;
635 }
636
637 return 0;
638 }
639
640 static int check_utf8ness_and_warn(
641 const char *filename, unsigned line,
642 const char *key, char *value) {
643
644 if (!utf8_is_valid(key)) {
645 _cleanup_free_ char *p = NULL;
646
647 p = utf8_escape_invalid(key);
648 log_error("%s:%u: invalid UTF-8 in key '%s', ignoring.", strna(filename), line, p);
649 return -EINVAL;
650 }
651
652 if (value && !utf8_is_valid(value)) {
653 _cleanup_free_ char *p = NULL;
654
655 p = utf8_escape_invalid(value);
656 log_error("%s:%u: invalid UTF-8 value for key %s: '%s', ignoring.", strna(filename), line, key, p);
657 return -EINVAL;
658 }
659
660 return 0;
661 }
662
663 static int parse_env_file_push(
664 const char *filename, unsigned line,
665 const char *key, char *value,
666 void *userdata,
667 int *n_pushed) {
668
669 const char *k;
670 va_list aq, *ap = userdata;
671 int r;
672
673 r = check_utf8ness_and_warn(filename, line, key, value);
674 if (r < 0)
675 return r;
676
677 va_copy(aq, *ap);
678
679 while ((k = va_arg(aq, const char *))) {
680 char **v;
681
682 v = va_arg(aq, char **);
683
684 if (streq(key, k)) {
685 va_end(aq);
686 free(*v);
687 *v = value;
688
689 if (n_pushed)
690 (*n_pushed)++;
691
692 return 1;
693 }
694 }
695
696 va_end(aq);
697 free(value);
698
699 return 0;
700 }
701
702 int parse_env_filev(
703 FILE *f,
704 const char *fname,
705 const char *newline,
706 va_list ap) {
707
708 int r, n_pushed = 0;
709 va_list aq;
710
711 if (!newline)
712 newline = NEWLINE;
713
714 va_copy(aq, ap);
715 r = parse_env_file_internal(f, fname, newline, parse_env_file_push, &aq, &n_pushed);
716 va_end(aq);
717 if (r < 0)
718 return r;
719
720 return n_pushed;
721 }
722
723 int parse_env_file(
724 FILE *f,
725 const char *fname,
726 const char *newline,
727 ...) {
728
729 va_list ap;
730 int r;
731
732 va_start(ap, newline);
733 r = parse_env_filev(f, fname, newline, ap);
734 va_end(ap);
735
736 return r;
737 }
738
739 static int load_env_file_push(
740 const char *filename, unsigned line,
741 const char *key, char *value,
742 void *userdata,
743 int *n_pushed) {
744 char ***m = userdata;
745 char *p;
746 int r;
747
748 r = check_utf8ness_and_warn(filename, line, key, value);
749 if (r < 0)
750 return r;
751
752 p = strjoin(key, "=", value);
753 if (!p)
754 return -ENOMEM;
755
756 r = strv_env_replace(m, p);
757 if (r < 0) {
758 free(p);
759 return r;
760 }
761
762 if (n_pushed)
763 (*n_pushed)++;
764
765 free(value);
766 return 0;
767 }
768
769 int load_env_file(FILE *f, const char *fname, const char *newline, char ***rl) {
770 char **m = NULL;
771 int r;
772
773 if (!newline)
774 newline = NEWLINE;
775
776 r = parse_env_file_internal(f, fname, newline, load_env_file_push, &m, NULL);
777 if (r < 0) {
778 strv_free(m);
779 return r;
780 }
781
782 *rl = m;
783 return 0;
784 }
785
786 static int load_env_file_push_pairs(
787 const char *filename, unsigned line,
788 const char *key, char *value,
789 void *userdata,
790 int *n_pushed) {
791 char ***m = userdata;
792 int r;
793
794 r = check_utf8ness_and_warn(filename, line, key, value);
795 if (r < 0)
796 return r;
797
798 r = strv_extend(m, key);
799 if (r < 0)
800 return -ENOMEM;
801
802 if (!value) {
803 r = strv_extend(m, "");
804 if (r < 0)
805 return -ENOMEM;
806 } else {
807 r = strv_push(m, value);
808 if (r < 0)
809 return r;
810 }
811
812 if (n_pushed)
813 (*n_pushed)++;
814
815 return 0;
816 }
817
818 int load_env_file_pairs(FILE *f, const char *fname, const char *newline, char ***rl) {
819 char **m = NULL;
820 int r;
821
822 if (!newline)
823 newline = NEWLINE;
824
825 r = parse_env_file_internal(f, fname, newline, load_env_file_push_pairs, &m, NULL);
826 if (r < 0) {
827 strv_free(m);
828 return r;
829 }
830
831 *rl = m;
832 return 0;
833 }
834
835 static int merge_env_file_push(
836 const char *filename, unsigned line,
837 const char *key, char *value,
838 void *userdata,
839 int *n_pushed) {
840
841 char ***env = userdata;
842 char *expanded_value;
843
844 assert(env);
845
846 if (!value) {
847 log_error("%s:%u: invalid syntax (around \"%s\"), ignoring.", strna(filename), line, key);
848 return 0;
849 }
850
851 if (!env_name_is_valid(key)) {
852 log_error("%s:%u: invalid variable name \"%s\", ignoring.", strna(filename), line, key);
853 free(value);
854 return 0;
855 }
856
857 expanded_value = replace_env(value, *env,
858 REPLACE_ENV_USE_ENVIRONMENT|
859 REPLACE_ENV_ALLOW_BRACELESS|
860 REPLACE_ENV_ALLOW_EXTENDED);
861 if (!expanded_value)
862 return -ENOMEM;
863
864 free_and_replace(value, expanded_value);
865
866 return load_env_file_push(filename, line, key, value, env, n_pushed);
867 }
868
869 int merge_env_file(
870 char ***env,
871 FILE *f,
872 const char *fname) {
873
874 /* NOTE: this function supports braceful and braceless variable expansions,
875 * plus "extended" substitutions, unlike other exported parsing functions.
876 */
877
878 return parse_env_file_internal(f, fname, NEWLINE, merge_env_file_push, env, NULL);
879 }
880
881 static void write_env_var(FILE *f, const char *v) {
882 const char *p;
883
884 p = strchr(v, '=');
885 if (!p) {
886 /* Fallback */
887 fputs_unlocked(v, f);
888 fputc_unlocked('\n', f);
889 return;
890 }
891
892 p++;
893 fwrite_unlocked(v, 1, p-v, f);
894
895 if (string_has_cc(p, NULL) || chars_intersect(p, WHITESPACE SHELL_NEED_QUOTES)) {
896 fputc_unlocked('\"', f);
897
898 for (; *p; p++) {
899 if (strchr(SHELL_NEED_ESCAPE, *p))
900 fputc_unlocked('\\', f);
901
902 fputc_unlocked(*p, f);
903 }
904
905 fputc_unlocked('\"', f);
906 } else
907 fputs_unlocked(p, f);
908
909 fputc_unlocked('\n', f);
910 }
911
912 int write_env_file(const char *fname, char **l) {
913 _cleanup_fclose_ FILE *f = NULL;
914 _cleanup_free_ char *p = NULL;
915 char **i;
916 int r;
917
918 assert(fname);
919
920 r = fopen_temporary(fname, &f, &p);
921 if (r < 0)
922 return r;
923
924 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
925 (void) fchmod_umask(fileno(f), 0644);
926
927 STRV_FOREACH(i, l)
928 write_env_var(f, *i);
929
930 r = fflush_and_check(f);
931 if (r >= 0) {
932 if (rename(p, fname) >= 0)
933 return 0;
934
935 r = -errno;
936 }
937
938 unlink(p);
939 return r;
940 }
941
942 int executable_is_script(const char *path, char **interpreter) {
943 _cleanup_free_ char *line = NULL;
944 size_t len;
945 char *ans;
946 int r;
947
948 assert(path);
949
950 r = read_one_line_file(path, &line);
951 if (r == -ENOBUFS) /* First line overly long? if so, then it's not a script */
952 return 0;
953 if (r < 0)
954 return r;
955
956 if (!startswith(line, "#!"))
957 return 0;
958
959 ans = strstrip(line + 2);
960 len = strcspn(ans, " \t");
961
962 if (len == 0)
963 return 0;
964
965 ans = strndup(ans, len);
966 if (!ans)
967 return -ENOMEM;
968
969 *interpreter = ans;
970 return 1;
971 }
972
973 /**
974 * Retrieve one field from a file like /proc/self/status. pattern
975 * should not include whitespace or the delimiter (':'). pattern matches only
976 * the beginning of a line. Whitespace before ':' is skipped. Whitespace and
977 * zeros after the ':' will be skipped. field must be freed afterwards.
978 * terminator specifies the terminating characters of the field value (not
979 * included in the value).
980 */
981 int get_proc_field(const char *filename, const char *pattern, const char *terminator, char **field) {
982 _cleanup_free_ char *status = NULL;
983 char *t, *f;
984 size_t len;
985 int r;
986
987 assert(terminator);
988 assert(filename);
989 assert(pattern);
990 assert(field);
991
992 r = read_full_file(filename, &status, NULL);
993 if (r < 0)
994 return r;
995
996 t = status;
997
998 do {
999 bool pattern_ok;
1000
1001 do {
1002 t = strstr(t, pattern);
1003 if (!t)
1004 return -ENOENT;
1005
1006 /* Check that pattern occurs in beginning of line. */
1007 pattern_ok = (t == status || t[-1] == '\n');
1008
1009 t += strlen(pattern);
1010
1011 } while (!pattern_ok);
1012
1013 t += strspn(t, " \t");
1014 if (!*t)
1015 return -ENOENT;
1016
1017 } while (*t != ':');
1018
1019 t++;
1020
1021 if (*t) {
1022 t += strspn(t, " \t");
1023
1024 /* Also skip zeros, because when this is used for
1025 * capabilities, we don't want the zeros. This way the
1026 * same capability set always maps to the same string,
1027 * irrespective of the total capability set size. For
1028 * other numbers it shouldn't matter. */
1029 t += strspn(t, "0");
1030 /* Back off one char if there's nothing but whitespace
1031 and zeros */
1032 if (!*t || isspace(*t))
1033 t--;
1034 }
1035
1036 len = strcspn(t, terminator);
1037
1038 f = strndup(t, len);
1039 if (!f)
1040 return -ENOMEM;
1041
1042 *field = f;
1043 return 0;
1044 }
1045
1046 DIR *xopendirat(int fd, const char *name, int flags) {
1047 int nfd;
1048 DIR *d;
1049
1050 assert(!(flags & O_CREAT));
1051
1052 nfd = openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|flags, 0);
1053 if (nfd < 0)
1054 return NULL;
1055
1056 d = fdopendir(nfd);
1057 if (!d) {
1058 safe_close(nfd);
1059 return NULL;
1060 }
1061
1062 return d;
1063 }
1064
1065 static int search_and_fopen_internal(const char *path, const char *mode, const char *root, char **search, FILE **_f) {
1066 char **i;
1067
1068 assert(path);
1069 assert(mode);
1070 assert(_f);
1071
1072 if (!path_strv_resolve_uniq(search, root))
1073 return -ENOMEM;
1074
1075 STRV_FOREACH(i, search) {
1076 _cleanup_free_ char *p = NULL;
1077 FILE *f;
1078
1079 if (root)
1080 p = strjoin(root, *i, "/", path);
1081 else
1082 p = strjoin(*i, "/", path);
1083 if (!p)
1084 return -ENOMEM;
1085
1086 f = fopen(p, mode);
1087 if (f) {
1088 *_f = f;
1089 return 0;
1090 }
1091
1092 if (errno != ENOENT)
1093 return -errno;
1094 }
1095
1096 return -ENOENT;
1097 }
1098
1099 int search_and_fopen(const char *path, const char *mode, const char *root, const char **search, FILE **_f) {
1100 _cleanup_strv_free_ char **copy = NULL;
1101
1102 assert(path);
1103 assert(mode);
1104 assert(_f);
1105
1106 if (path_is_absolute(path)) {
1107 FILE *f;
1108
1109 f = fopen(path, mode);
1110 if (f) {
1111 *_f = f;
1112 return 0;
1113 }
1114
1115 return -errno;
1116 }
1117
1118 copy = strv_copy((char**) search);
1119 if (!copy)
1120 return -ENOMEM;
1121
1122 return search_and_fopen_internal(path, mode, root, copy, _f);
1123 }
1124
1125 int search_and_fopen_nulstr(const char *path, const char *mode, const char *root, const char *search, FILE **_f) {
1126 _cleanup_strv_free_ char **s = NULL;
1127
1128 if (path_is_absolute(path)) {
1129 FILE *f;
1130
1131 f = fopen(path, mode);
1132 if (f) {
1133 *_f = f;
1134 return 0;
1135 }
1136
1137 return -errno;
1138 }
1139
1140 s = strv_split_nulstr(search);
1141 if (!s)
1142 return -ENOMEM;
1143
1144 return search_and_fopen_internal(path, mode, root, s, _f);
1145 }
1146
1147 int fopen_temporary(const char *path, FILE **_f, char **_temp_path) {
1148 FILE *f;
1149 char *t;
1150 int r, fd;
1151
1152 assert(path);
1153 assert(_f);
1154 assert(_temp_path);
1155
1156 r = tempfn_xxxxxx(path, NULL, &t);
1157 if (r < 0)
1158 return r;
1159
1160 fd = mkostemp_safe(t);
1161 if (fd < 0) {
1162 free(t);
1163 return -errno;
1164 }
1165
1166 f = fdopen(fd, "we");
1167 if (!f) {
1168 unlink_noerrno(t);
1169 free(t);
1170 safe_close(fd);
1171 return -errno;
1172 }
1173
1174 *_f = f;
1175 *_temp_path = t;
1176
1177 return 0;
1178 }
1179
1180 int fflush_and_check(FILE *f) {
1181 assert(f);
1182
1183 errno = 0;
1184 fflush(f);
1185
1186 if (ferror(f))
1187 return errno > 0 ? -errno : -EIO;
1188
1189 return 0;
1190 }
1191
1192 int fflush_sync_and_check(FILE *f) {
1193 int r;
1194
1195 assert(f);
1196
1197 r = fflush_and_check(f);
1198 if (r < 0)
1199 return r;
1200
1201 if (fsync(fileno(f)) < 0)
1202 return -errno;
1203
1204 r = fsync_directory_of_file(fileno(f));
1205 if (r < 0)
1206 return r;
1207
1208 return 0;
1209 }
1210
1211 /* This is much like mkostemp() but is subject to umask(). */
1212 int mkostemp_safe(char *pattern) {
1213 _cleanup_umask_ mode_t u = 0;
1214 int fd;
1215
1216 assert(pattern);
1217
1218 u = umask(077);
1219
1220 fd = mkostemp(pattern, O_CLOEXEC);
1221 if (fd < 0)
1222 return -errno;
1223
1224 return fd;
1225 }
1226
1227 int tempfn_xxxxxx(const char *p, const char *extra, char **ret) {
1228 const char *fn;
1229 char *t;
1230
1231 assert(p);
1232 assert(ret);
1233
1234 /*
1235 * Turns this:
1236 * /foo/bar/waldo
1237 *
1238 * Into this:
1239 * /foo/bar/.#<extra>waldoXXXXXX
1240 */
1241
1242 fn = basename(p);
1243 if (!filename_is_valid(fn))
1244 return -EINVAL;
1245
1246 extra = strempty(extra);
1247
1248 t = new(char, strlen(p) + 2 + strlen(extra) + 6 + 1);
1249 if (!t)
1250 return -ENOMEM;
1251
1252 strcpy(stpcpy(stpcpy(stpcpy(mempcpy(t, p, fn - p), ".#"), extra), fn), "XXXXXX");
1253
1254 *ret = path_simplify(t, false);
1255 return 0;
1256 }
1257
1258 int tempfn_random(const char *p, const char *extra, char **ret) {
1259 const char *fn;
1260 char *t, *x;
1261 uint64_t u;
1262 unsigned i;
1263
1264 assert(p);
1265 assert(ret);
1266
1267 /*
1268 * Turns this:
1269 * /foo/bar/waldo
1270 *
1271 * Into this:
1272 * /foo/bar/.#<extra>waldobaa2a261115984a9
1273 */
1274
1275 fn = basename(p);
1276 if (!filename_is_valid(fn))
1277 return -EINVAL;
1278
1279 extra = strempty(extra);
1280
1281 t = new(char, strlen(p) + 2 + strlen(extra) + 16 + 1);
1282 if (!t)
1283 return -ENOMEM;
1284
1285 x = stpcpy(stpcpy(stpcpy(mempcpy(t, p, fn - p), ".#"), extra), fn);
1286
1287 u = random_u64();
1288 for (i = 0; i < 16; i++) {
1289 *(x++) = hexchar(u & 0xF);
1290 u >>= 4;
1291 }
1292
1293 *x = 0;
1294
1295 *ret = path_simplify(t, false);
1296 return 0;
1297 }
1298
1299 int tempfn_random_child(const char *p, const char *extra, char **ret) {
1300 char *t, *x;
1301 uint64_t u;
1302 unsigned i;
1303 int r;
1304
1305 assert(ret);
1306
1307 /* Turns this:
1308 * /foo/bar/waldo
1309 * Into this:
1310 * /foo/bar/waldo/.#<extra>3c2b6219aa75d7d0
1311 */
1312
1313 if (!p) {
1314 r = tmp_dir(&p);
1315 if (r < 0)
1316 return r;
1317 }
1318
1319 extra = strempty(extra);
1320
1321 t = new(char, strlen(p) + 3 + strlen(extra) + 16 + 1);
1322 if (!t)
1323 return -ENOMEM;
1324
1325 x = stpcpy(stpcpy(stpcpy(t, p), "/.#"), extra);
1326
1327 u = random_u64();
1328 for (i = 0; i < 16; i++) {
1329 *(x++) = hexchar(u & 0xF);
1330 u >>= 4;
1331 }
1332
1333 *x = 0;
1334
1335 *ret = path_simplify(t, false);
1336 return 0;
1337 }
1338
1339 int write_timestamp_file_atomic(const char *fn, usec_t n) {
1340 char ln[DECIMAL_STR_MAX(n)+2];
1341
1342 /* Creates a "timestamp" file, that contains nothing but a
1343 * usec_t timestamp, formatted in ASCII. */
1344
1345 if (n <= 0 || n >= USEC_INFINITY)
1346 return -ERANGE;
1347
1348 xsprintf(ln, USEC_FMT "\n", n);
1349
1350 return write_string_file(fn, ln, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC);
1351 }
1352
1353 int read_timestamp_file(const char *fn, usec_t *ret) {
1354 _cleanup_free_ char *ln = NULL;
1355 uint64_t t;
1356 int r;
1357
1358 r = read_one_line_file(fn, &ln);
1359 if (r < 0)
1360 return r;
1361
1362 r = safe_atou64(ln, &t);
1363 if (r < 0)
1364 return r;
1365
1366 if (t <= 0 || t >= (uint64_t) USEC_INFINITY)
1367 return -ERANGE;
1368
1369 *ret = (usec_t) t;
1370 return 0;
1371 }
1372
1373 int fputs_with_space(FILE *f, const char *s, const char *separator, bool *space) {
1374 int r;
1375
1376 assert(s);
1377
1378 /* Outputs the specified string with fputs(), but optionally prefixes it with a separator. The *space parameter
1379 * when specified shall initially point to a boolean variable initialized to false. It is set to true after the
1380 * first invocation. This call is supposed to be use in loops, where a separator shall be inserted between each
1381 * element, but not before the first one. */
1382
1383 if (!f)
1384 f = stdout;
1385
1386 if (space) {
1387 if (!separator)
1388 separator = " ";
1389
1390 if (*space) {
1391 r = fputs(separator, f);
1392 if (r < 0)
1393 return r;
1394 }
1395
1396 *space = true;
1397 }
1398
1399 return fputs(s, f);
1400 }
1401
1402 int open_tmpfile_unlinkable(const char *directory, int flags) {
1403 char *p;
1404 int fd, r;
1405
1406 if (!directory) {
1407 r = tmp_dir(&directory);
1408 if (r < 0)
1409 return r;
1410 }
1411
1412 /* Returns an unlinked temporary file that cannot be linked into the file system anymore */
1413
1414 /* Try O_TMPFILE first, if it is supported */
1415 fd = open(directory, flags|O_TMPFILE|O_EXCL, S_IRUSR|S_IWUSR);
1416 if (fd >= 0)
1417 return fd;
1418
1419 /* Fall back to unguessable name + unlinking */
1420 p = strjoina(directory, "/systemd-tmp-XXXXXX");
1421
1422 fd = mkostemp_safe(p);
1423 if (fd < 0)
1424 return fd;
1425
1426 (void) unlink(p);
1427
1428 return fd;
1429 }
1430
1431 int open_tmpfile_linkable(const char *target, int flags, char **ret_path) {
1432 _cleanup_free_ char *tmp = NULL;
1433 int r, fd;
1434
1435 assert(target);
1436 assert(ret_path);
1437
1438 /* Don't allow O_EXCL, as that has a special meaning for O_TMPFILE */
1439 assert((flags & O_EXCL) == 0);
1440
1441 /* Creates a temporary file, that shall be renamed to "target" later. If possible, this uses O_TMPFILE – in
1442 * which case "ret_path" will be returned as NULL. If not possible a the tempoary path name used is returned in
1443 * "ret_path". Use link_tmpfile() below to rename the result after writing the file in full. */
1444
1445 {
1446 _cleanup_free_ char *dn = NULL;
1447
1448 dn = dirname_malloc(target);
1449 if (!dn)
1450 return -ENOMEM;
1451
1452 fd = open(dn, O_TMPFILE|flags, 0640);
1453 if (fd >= 0) {
1454 *ret_path = NULL;
1455 return fd;
1456 }
1457
1458 log_debug_errno(errno, "Failed to use O_TMPFILE on %s: %m", dn);
1459 }
1460
1461 r = tempfn_random(target, NULL, &tmp);
1462 if (r < 0)
1463 return r;
1464
1465 fd = open(tmp, O_CREAT|O_EXCL|O_NOFOLLOW|O_NOCTTY|flags, 0640);
1466 if (fd < 0)
1467 return -errno;
1468
1469 *ret_path = TAKE_PTR(tmp);
1470
1471 return fd;
1472 }
1473
1474 int open_serialization_fd(const char *ident) {
1475 int fd = -1;
1476
1477 fd = memfd_create(ident, MFD_CLOEXEC);
1478 if (fd < 0) {
1479 const char *path;
1480
1481 path = getpid_cached() == 1 ? "/run/systemd" : "/tmp";
1482 fd = open_tmpfile_unlinkable(path, O_RDWR|O_CLOEXEC);
1483 if (fd < 0)
1484 return fd;
1485
1486 log_debug("Serializing %s to %s.", ident, path);
1487 } else
1488 log_debug("Serializing %s to memfd.", ident);
1489
1490 return fd;
1491 }
1492
1493 int link_tmpfile(int fd, const char *path, const char *target) {
1494
1495 assert(fd >= 0);
1496 assert(target);
1497
1498 /* Moves a temporary file created with open_tmpfile() above into its final place. if "path" is NULL an fd
1499 * created with O_TMPFILE is assumed, and linkat() is used. Otherwise it is assumed O_TMPFILE is not supported
1500 * on the directory, and renameat2() is used instead.
1501 *
1502 * Note that in both cases we will not replace existing files. This is because linkat() does not support this
1503 * operation currently (renameat2() does), and there is no nice way to emulate this. */
1504
1505 if (path) {
1506 if (rename_noreplace(AT_FDCWD, path, AT_FDCWD, target) < 0)
1507 return -errno;
1508 } else {
1509 char proc_fd_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(fd) + 1];
1510
1511 xsprintf(proc_fd_path, "/proc/self/fd/%i", fd);
1512
1513 if (linkat(AT_FDCWD, proc_fd_path, AT_FDCWD, target, AT_SYMLINK_FOLLOW) < 0)
1514 return -errno;
1515 }
1516
1517 return 0;
1518 }
1519
1520 int read_nul_string(FILE *f, char **ret) {
1521 _cleanup_free_ char *x = NULL;
1522 size_t allocated = 0, n = 0;
1523
1524 assert(f);
1525 assert(ret);
1526
1527 /* Reads a NUL-terminated string from the specified file. */
1528
1529 for (;;) {
1530 int c;
1531
1532 if (!GREEDY_REALLOC(x, allocated, n+2))
1533 return -ENOMEM;
1534
1535 c = fgetc(f);
1536 if (c == 0) /* Terminate at NUL byte */
1537 break;
1538 if (c == EOF) {
1539 if (ferror(f))
1540 return -errno;
1541 break; /* Terminate at EOF */
1542 }
1543
1544 x[n++] = (char) c;
1545 }
1546
1547 if (x)
1548 x[n] = 0;
1549 else {
1550 x = new0(char, 1);
1551 if (!x)
1552 return -ENOMEM;
1553 }
1554
1555 *ret = TAKE_PTR(x);
1556
1557 return 0;
1558 }
1559
1560 int mkdtemp_malloc(const char *template, char **ret) {
1561 char *p;
1562
1563 assert(template);
1564 assert(ret);
1565
1566 p = strdup(template);
1567 if (!p)
1568 return -ENOMEM;
1569
1570 if (!mkdtemp(p)) {
1571 free(p);
1572 return -errno;
1573 }
1574
1575 *ret = p;
1576 return 0;
1577 }
1578
1579 DEFINE_TRIVIAL_CLEANUP_FUNC(FILE*, funlockfile);
1580
1581 int read_line(FILE *f, size_t limit, char **ret) {
1582 _cleanup_free_ char *buffer = NULL;
1583 size_t n = 0, allocated = 0, count = 0;
1584
1585 assert(f);
1586
1587 /* Something like a bounded version of getline().
1588 *
1589 * Considers EOF, \n and \0 end of line delimiters, and does not include these delimiters in the string
1590 * returned.
1591 *
1592 * Returns the number of bytes read from the files (i.e. including delimiters — this hence usually differs from
1593 * the number of characters in the returned string). When EOF is hit, 0 is returned.
1594 *
1595 * The input parameter limit is the maximum numbers of characters in the returned string, i.e. excluding
1596 * delimiters. If the limit is hit we fail and return -ENOBUFS.
1597 *
1598 * If a line shall be skipped ret may be initialized as NULL. */
1599
1600 if (ret) {
1601 if (!GREEDY_REALLOC(buffer, allocated, 1))
1602 return -ENOMEM;
1603 }
1604
1605 {
1606 _unused_ _cleanup_(funlockfilep) FILE *flocked = f;
1607 flockfile(f);
1608
1609 for (;;) {
1610 int c;
1611
1612 if (n >= limit)
1613 return -ENOBUFS;
1614
1615 errno = 0;
1616 c = fgetc_unlocked(f);
1617 if (c == EOF) {
1618 /* if we read an error, and have no data to return, then propagate the error */
1619 if (ferror_unlocked(f) && n == 0)
1620 return errno > 0 ? -errno : -EIO;
1621
1622 break;
1623 }
1624
1625 count++;
1626
1627 if (IN_SET(c, '\n', 0)) /* Reached a delimiter */
1628 break;
1629
1630 if (ret) {
1631 if (!GREEDY_REALLOC(buffer, allocated, n + 2))
1632 return -ENOMEM;
1633
1634 buffer[n] = (char) c;
1635 }
1636
1637 n++;
1638 }
1639 }
1640
1641 if (ret) {
1642 buffer[n] = 0;
1643
1644 *ret = TAKE_PTR(buffer);
1645 }
1646
1647 return (int) count;
1648 }
Unnamed repository; edit this file 'description' to name the repository.