]>
git.ipfire.org Git - thirdparty/systemd.git/blob - src/shared/clean-ipc.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 Copyright 2014 Lennart Poettering
21 #include "clean-ipc.h"
22 #include "dirent-util.h"
25 #include "format-util.h"
28 #include "string-util.h"
30 #include "user-util.h"
32 static bool match_uid_gid(uid_t subject_uid
, gid_t subject_gid
, uid_t delete_uid
, gid_t delete_gid
) {
34 if (uid_is_valid(delete_uid
) && subject_uid
== delete_uid
)
37 if (gid_is_valid(delete_gid
) && subject_gid
== delete_gid
)
43 static int clean_sysvipc_shm(uid_t delete_uid
, gid_t delete_gid
, bool rm
) {
44 _cleanup_fclose_
FILE *f
= NULL
;
49 f
= fopen("/proc/sysvipc/shm", "re");
54 return log_warning_errno(errno
, "Failed to open /proc/sysvipc/shm: %m");
57 FOREACH_LINE(line
, f
, goto fail
) {
71 if (sscanf(line
, "%*i %i %*o %*u " PID_FMT
" " PID_FMT
" %u " UID_FMT
" " GID_FMT
" " UID_FMT
" " GID_FMT
,
72 &shmid
, &cpid
, &lpid
, &n_attached
, &uid
, &gid
, &cuid
, &cgid
) != 8)
78 if (!match_uid_gid(uid
, gid
, delete_uid
, delete_gid
))
84 if (shmctl(shmid
, IPC_RMID
, NULL
) < 0) {
86 /* Ignore entries that are already deleted */
87 if (IN_SET(errno
, EIDRM
, EINVAL
))
90 ret
= log_warning_errno(errno
,
91 "Failed to remove SysV shared memory segment %i: %m",
94 log_debug("Removed SysV shared memory segment %i.", shmid
);
103 return log_warning_errno(errno
, "Failed to read /proc/sysvipc/shm: %m");
106 static int clean_sysvipc_sem(uid_t delete_uid
, gid_t delete_gid
, bool rm
) {
107 _cleanup_fclose_
FILE *f
= NULL
;
112 f
= fopen("/proc/sysvipc/sem", "re");
117 return log_warning_errno(errno
, "Failed to open /proc/sysvipc/sem: %m");
120 FOREACH_LINE(line
, f
, goto fail
) {
132 if (sscanf(line
, "%*i %i %*o %*u " UID_FMT
" " GID_FMT
" " UID_FMT
" " GID_FMT
,
133 &semid
, &uid
, &gid
, &cuid
, &cgid
) != 5)
136 if (!match_uid_gid(uid
, gid
, delete_uid
, delete_gid
))
142 if (semctl(semid
, 0, IPC_RMID
) < 0) {
144 /* Ignore entries that are already deleted */
145 if (IN_SET(errno
, EIDRM
, EINVAL
))
148 ret
= log_warning_errno(errno
,
149 "Failed to remove SysV semaphores object %i: %m",
152 log_debug("Removed SysV semaphore %i.", semid
);
161 return log_warning_errno(errno
, "Failed to read /proc/sysvipc/sem: %m");
164 static int clean_sysvipc_msg(uid_t delete_uid
, gid_t delete_gid
, bool rm
) {
165 _cleanup_fclose_
FILE *f
= NULL
;
170 f
= fopen("/proc/sysvipc/msg", "re");
175 return log_warning_errno(errno
, "Failed to open /proc/sysvipc/msg: %m");
178 FOREACH_LINE(line
, f
, goto fail
) {
191 if (sscanf(line
, "%*i %i %*o %*u %*u " PID_FMT
" " PID_FMT
" " UID_FMT
" " GID_FMT
" " UID_FMT
" " GID_FMT
,
192 &msgid
, &cpid
, &lpid
, &uid
, &gid
, &cuid
, &cgid
) != 7)
195 if (!match_uid_gid(uid
, gid
, delete_uid
, delete_gid
))
201 if (msgctl(msgid
, IPC_RMID
, NULL
) < 0) {
203 /* Ignore entries that are already deleted */
204 if (IN_SET(errno
, EIDRM
, EINVAL
))
207 ret
= log_warning_errno(errno
,
208 "Failed to remove SysV message queue %i: %m",
211 log_debug("Removed SysV message queue %i.", msgid
);
220 return log_warning_errno(errno
, "Failed to read /proc/sysvipc/msg: %m");
223 static int clean_posix_shm_internal(DIR *dir
, uid_t uid
, gid_t gid
, bool rm
) {
229 FOREACH_DIRENT_ALL(de
, dir
, goto fail
) {
232 if (dot_or_dot_dot(de
->d_name
))
235 if (fstatat(dirfd(dir
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0) {
239 ret
= log_warning_errno(errno
, "Failed to stat() POSIX shared memory segment %s: %m", de
->d_name
);
243 if (S_ISDIR(st
.st_mode
)) {
244 _cleanup_closedir_
DIR *kid
;
246 kid
= xopendirat(dirfd(dir
), de
->d_name
, O_NOFOLLOW
|O_NOATIME
);
249 ret
= log_warning_errno(errno
, "Failed to enter shared memory directory %s: %m", de
->d_name
);
251 r
= clean_posix_shm_internal(kid
, uid
, gid
, rm
);
256 if (!match_uid_gid(st
.st_uid
, st
.st_gid
, uid
, gid
))
262 if (unlinkat(dirfd(dir
), de
->d_name
, AT_REMOVEDIR
) < 0) {
267 ret
= log_warning_errno(errno
, "Failed to remove POSIX shared memory directory %s: %m", de
->d_name
);
269 log_debug("Removed POSIX shared memory directory %s", de
->d_name
);
275 if (!match_uid_gid(st
.st_uid
, st
.st_gid
, uid
, gid
))
281 if (unlinkat(dirfd(dir
), de
->d_name
, 0) < 0) {
286 ret
= log_warning_errno(errno
, "Failed to remove POSIX shared memory segment %s: %m", de
->d_name
);
288 log_debug("Removed POSIX shared memory segment %s", de
->d_name
);
298 return log_warning_errno(errno
, "Failed to read /dev/shm: %m");
301 static int clean_posix_shm(uid_t uid
, gid_t gid
, bool rm
) {
302 _cleanup_closedir_
DIR *dir
= NULL
;
304 dir
= opendir("/dev/shm");
309 return log_warning_errno(errno
, "Failed to open /dev/shm: %m");
312 return clean_posix_shm_internal(dir
, uid
, gid
, rm
);
315 static int clean_posix_mq(uid_t uid
, gid_t gid
, bool rm
) {
316 _cleanup_closedir_
DIR *dir
= NULL
;
320 dir
= opendir("/dev/mqueue");
325 return log_warning_errno(errno
, "Failed to open /dev/mqueue: %m");
328 FOREACH_DIRENT_ALL(de
, dir
, goto fail
) {
330 char fn
[1+strlen(de
->d_name
)+1];
332 if (dot_or_dot_dot(de
->d_name
))
335 if (fstatat(dirfd(dir
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0) {
339 ret
= log_warning_errno(errno
,
340 "Failed to stat() MQ segment %s: %m",
345 if (!match_uid_gid(st
.st_uid
, st
.st_gid
, uid
, gid
))
352 strcpy(fn
+1, de
->d_name
);
354 if (mq_unlink(fn
) < 0) {
358 ret
= log_warning_errno(errno
,
359 "Failed to unlink POSIX message queue %s: %m",
362 log_debug("Removed POSIX message queue %s", fn
);
371 return log_warning_errno(errno
, "Failed to read /dev/mqueue: %m");
374 int clean_ipc_internal(uid_t uid
, gid_t gid
, bool rm
) {
377 /* If 'rm' is true, clean all IPC objects owned by either the specified UID or the specified GID. Return the
378 * last error encountered or == 0 if no matching IPC objects have been found or > 0 if matching IPC objects
379 * have been found and have been removed.
381 * If 'rm' is false, just search for IPC objects owned by either the specified UID or the specified GID. In
382 * this case we return < 0 on error, > 0 if we found a matching object, == 0 if we didn't.
384 * As special rule: if UID/GID is specified as root we'll silently not clean up things, and always claim that
385 * there are IPC objects for it. */
400 /* Anything to do? */
401 if (!uid_is_valid(uid
) && !gid_is_valid(gid
))
404 r
= clean_sysvipc_shm(uid
, gid
, rm
);
412 r
= clean_sysvipc_sem(uid
, gid
, rm
);
420 r
= clean_sysvipc_msg(uid
, gid
, rm
);
428 r
= clean_posix_shm(uid
, gid
, rm
);
436 r
= clean_posix_mq(uid
, gid
, rm
);
447 int clean_ipc_by_uid(uid_t uid
) {
448 return clean_ipc_internal(uid
, GID_INVALID
, true);
451 int clean_ipc_by_gid(gid_t gid
) {
452 return clean_ipc_internal(UID_INVALID
, gid
, true);