if (*e != 0)
return false;
- if (e - p > FILENAME_MAX) /* FILENAME_MAX is counted *without* the trailing NUL byte */
+ if (e - p > NAME_MAX) /* NAME_MAX is counted *without* the trailing NUL byte */
return false;
return true;
if (isempty(p))
return false;
- if (strlen(p) >= PATH_MAX) /* PATH_MAX is counted *with* the trailing NUL byte */
- return false;
+ for (const char *e = p;;) {
+ size_t n;
- return true;
+ /* Skip over slashes */
+ e += strspn(e, "/");
+ if (e - p >= PATH_MAX) /* Already reached the maximum length for a path? (PATH_MAX is counted
+ * *with* the trailing NUL byte) */
+ return false;
+ if (*e == 0) /* End of string? Yay! */
+ return true;
+
+ /* Skip over one component */
+ n = strcspn(e, "/");
+ if (n > NAME_MAX) /* One component larger than NAME_MAX? (NAME_MAX is counted *without* the
+ * trailing NUL byte) */
+ return false;
+
+ e += n;
+ }
}
bool path_is_normalized(const char *p) {
#include "sd-id128.h"
#include "alloc-util.h"
+#include "discover-image.h"
#include "export-raw.h"
#include "export-tar.h"
#include "fd-util.h"
#include "fs-util.h"
#include "hostname-util.h"
#include "import-util.h"
-#include "machine-image.h"
#include "main-func.h"
#include "signal-util.h"
#include "string-util.h"
#include "alloc-util.h"
#include "btrfs-util.h"
#include "capability-util.h"
+#include "chattr-util.h"
#include "dirent-util.h"
#include "fd-util.h"
#include "fileio.h"
#include "util.h"
int import_make_read_only_fd(int fd) {
+ struct stat st;
int r;
assert(fd >= 0);
/* First, let's make this a read-only subvolume if it refers
* to a subvolume */
r = btrfs_subvol_set_read_only_fd(fd, true);
- if (IN_SET(r, -ENOTTY, -ENOTDIR, -EINVAL)) {
- struct stat st;
+ if (r >= 0)
+ return 0;
- /* This doesn't refer to a subvolume, or the file
- * system isn't even btrfs. In that, case fall back to
- * chmod()ing */
+ if (!ERRNO_IS_NOT_SUPPORTED(r) && !IN_SET(r, -ENOTDIR, -EINVAL))
+ return log_error_errno(r, "Failed to make subvolume read-only: %m");
- r = fstat(fd, &st);
- if (r < 0)
- return log_error_errno(errno, "Failed to stat temporary image: %m");
+ /* This doesn't refer to a subvolume, or the file system isn't even btrfs. In that, case fall back to
+ * chmod()ing */
+
+ r = fstat(fd, &st);
+ if (r < 0)
+ return log_error_errno(errno, "Failed to stat image: %m");
- /* Drop "w" flag */
- if (fchmod(fd, st.st_mode & 07555) < 0)
- return log_error_errno(errno, "Failed to chmod() final image: %m");
+ if (S_ISDIR(st.st_mode)) {
+ /* For directories set the immutable flag on the dir itself */
- return 0;
+ r = chattr_fd(fd, FS_IMMUTABLE_FL, FS_IMMUTABLE_FL, NULL);
+ if (r < 0)
+ return log_error_errno(r, "Failed to set +i attribute on directory image: %m");
- } else if (r < 0)
- return log_error_errno(r, "Failed to make subvolume read-only: %m");
+ } else if (S_ISREG(st.st_mode)) {
+ /* For regular files drop "w" flags */
+
+ if ((st.st_mode & 0222) != 0)
+ if (fchmod(fd, st.st_mode & 07555) < 0)
+ return log_error_errno(errno, "Failed to chmod() image: %m");
+ } else
+ return log_error_errno(SYNTHETIC_ERRNO(EBADFD), "Image of unexpected type");
return 0;
}
#include "alloc-util.h"
#include "btrfs-util.h"
+#include "discover-image.h"
#include "fd-util.h"
#include "format-util.h"
#include "fs-util.h"
#include "hostname-util.h"
#include "import-common.h"
#include "import-util.h"
-#include "machine-image.h"
#include "mkdir.h"
#include "ratelimit.h"
#include "rm-rf.h"
#include "sd-id128.h"
#include "alloc-util.h"
+#include "discover-image.h"
#include "fd-util.h"
#include "fs-util.h"
#include "hostname-util.h"
#include "import-raw.h"
#include "import-tar.h"
#include "import-util.h"
-#include "machine-image.h"
#include "main-func.h"
#include "signal-util.h"
#include "string-util.h"
return 0;
}
+static int http_status_ok(CURLcode status) {
+ /* Consider all HTTP status code in the 2xx range as OK */
+ return status >= 200 && status <= 299;
+}
+
+static int http_status_etag_exists(CURLcode status) {
+ /* This one is special, it's triggered by our etag mgmt logic */
+ return status == 304;
+}
+
static size_t pull_job_header_callback(void *contents, size_t size, size_t nmemb, void *userdata) {
_cleanup_free_ char *length = NULL, *last_modified = NULL, *etag = NULL;
size_t sz = size * nmemb;
goto fail;
}
- if (status < 200 || status >= 300)
- /* If this is not HTTP 2xx, let's skip these headers, they are probably for
- * some redirect or so, and we are not interested in the headers of those. */
- return sz;
+ if (http_status_ok(status) || http_status_etag_exists(status)) {
+ /* Check Etag on OK and etag exists responses. */
- r = curl_header_strdup(contents, sz, "ETag:", &etag);
- if (r < 0) {
- log_oom();
- goto fail;
- }
- if (r > 0) {
- free_and_replace(j->etag, etag);
+ r = curl_header_strdup(contents, sz, "ETag:", &etag);
+ if (r < 0) {
+ log_oom();
+ goto fail;
+ }
+ if (r > 0) {
+ free_and_replace(j->etag, etag);
+
+ if (strv_contains(j->old_etags, j->etag)) {
+ log_info("Image already downloaded. Skipping download. (%s)", j->etag);
+ j->etag_exists = true;
+ pull_job_finish(j, 0);
+ return sz;
+ }
- if (strv_contains(j->old_etags, j->etag)) {
- log_info("Image already downloaded. Skipping download.");
- j->etag_exists = true;
- pull_job_finish(j, 0);
return sz;
}
+ }
+ if (!http_status_ok(status)) /* Let's ignore the rest here, these requests are probably redirects and
+ * stuff where the headers aren't interesting to us */
return sz;
- }
r = curl_header_strdup(contents, sz, "Content-Length:", &length);
if (r < 0) {
#include "sd-id128.h"
#include "alloc-util.h"
+#include "discover-image.h"
#include "hostname-util.h"
#include "import-util.h"
-#include "machine-image.h"
#include "main-func.h"
#include "parse-util.h"
#include "pull-raw.h"
#include "bus-label.h"
#include "bus-polkit.h"
#include "copy.h"
+#include "discover-image.h"
#include "dissect-image.h"
#include "fd-util.h"
#include "fileio.h"
#include "image-dbus.h"
#include "io-util.h"
#include "loop-util.h"
-#include "machine-image.h"
#include "missing_capability.h"
#include "mount-util.h"
#include "process-util.h"
#include "bus-locator.h"
#include "bus-polkit.h"
#include "cgroup-util.h"
+#include "discover-image.h"
#include "errno-util.h"
#include "fd-util.h"
#include "fileio.h"
#include "image-dbus.h"
#include "io-util.h"
#include "machine-dbus.h"
-#include "machine-image.h"
#include "machine-pool.h"
#include "machined.h"
#include "missing_capability.h"
#include "bus-polkit.h"
#include "cgroup-util.h"
#include "dirent-util.h"
+#include "discover-image.h"
#include "fd-util.h"
#include "format-util.h"
#include "hostname-util.h"
#include "label.h"
-#include "machine-image.h"
#include "machined-varlink.h"
#include "machined.h"
#include "main-func.h"
#include "copy.h"
#include "cpu-set-util.h"
#include "dev-setup.h"
+#include "discover-image.h"
#include "dissect-image.h"
#include "env-util.h"
#include "escape.h"
#include "log.h"
#include "loop-util.h"
#include "loopback-setup.h"
-#include "machine-image.h"
#include "macro.h"
#include "main-func.h"
#include "missing_sched.h"
#include "copy.h"
#include "def.h"
#include "dirent-util.h"
+#include "discover-image.h"
#include "dissect-image.h"
#include "fd-util.h"
#include "fileio.h"
#include "io-util.h"
#include "locale-util.h"
#include "loop-util.h"
-#include "machine-image.h"
#include "mkdir.h"
#include "nulstr-util.h"
#include "os-util.h"
#include "bus-wait-for-jobs.h"
#include "def.h"
#include "dirent-util.h"
+#include "discover-image.h"
#include "env-file.h"
#include "fd-util.h"
#include "fileio.h"
#include "format-table.h"
#include "fs-util.h"
#include "locale-util.h"
-#include "machine-image.h"
#include "main-func.h"
#include "pager.h"
#include "parse-util.h"
#include "btrfs-util.h"
#include "bus-common-errors.h"
#include "bus-polkit.h"
+#include "discover-image.h"
#include "fd-util.h"
#include "io-util.h"
-#include "machine-image.h"
#include "missing_capability.h"
#include "portable.h"
#include "portabled-bus.h"
#include "bus-label.h"
#include "bus-polkit.h"
#include "bus-util.h"
+#include "discover-image.h"
#include "fd-util.h"
#include "fileio.h"
#include "io-util.h"
-#include "machine-image.h"
#include "missing_capability.h"
#include "portable.h"
#include "portabled-bus.h"
#include "sd-bus.h"
-#include "machine-image.h"
+#include "discover-image.h"
#include "portabled.h"
int bus_image_common_get_os_release(Manager *m, sd_bus_message *message, const char *name_or_path, Image *image, sd_bus_error *error);
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once
+#include "discover-image.h"
#include "hashmap.h"
-#include "machine-image.h"
#include "portabled.h"
Image *manager_image_cache_get(Manager *m, const char *name_or_path);
#include "chattr-util.h"
#include "copy.h"
#include "dirent-util.h"
+#include "discover-image.h"
#include "dissect-image.h"
#include "env-file.h"
#include "env-util.h"
#include "lockfile-util.h"
#include "log.h"
#include "loop-util.h"
-#include "machine-image.h"
#include "macro.h"
#include "mkdir.h"
#include "nulstr-util.h"
r = asprintf(&p, "/run/systemd/nspawn/locks/inode-%lu:%lu", (unsigned long) st.st_dev, (unsigned long) st.st_ino);
else
return -ENOTTY;
-
if (r < 0)
return -ENOMEM;
}
}
int image_name_lock(const char *name, int operation, LockFile *ret) {
+ const char *p;
+
assert(name);
assert(ret);
/* Locks an image name, regardless of the precise path used. */
+ if (streq(name, ".host"))
+ return -EBUSY;
+
if (!image_name_is_valid(name))
return -EINVAL;
return 0;
}
- if (streq(name, ".host"))
- return -EBUSY;
-
- const char *p = strjoina("/run/systemd/nspawn/locks/name-", name);
(void) mkdir_p("/run/systemd/nspawn/locks", 0700);
+
+ p = strjoina("/run/systemd/nspawn/locks/name-", name);
return make_lock_file(p, operation, ret);
}
dev-setup.c
dev-setup.h
devnode-acl.h
+ discover-image.c
+ discover-image.h
dissect-image.c
dissect-image.h
dm-util.c
loopback-setup.h
machine-id-setup.c
machine-id-setup.h
- machine-image.c
- machine-image.h
machine-pool.c
machine-pool.h
macvlan-util.c
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include "alloc-util.h"
+#include "discover-image.h"
#include "env-file.h"
#include "fd-util.h"
#include "fileio.h"
#include "fs-util.h"
#include "macro.h"
-#include "machine-image.h"
#include "os-util.h"
#include "string-util.h"
#include "strv.h"
#include <unistd.h>
#include "capability-util.h"
+#include "discover-image.h"
#include "dissect-image.h"
#include "escape.h"
#include "fd-util.h"
#include "fs-util.h"
#include "hashmap.h"
#include "log.h"
-#include "machine-image.h"
#include "main-func.h"
#include "missing_magic.h"
#include "mkdir.h"
}
static void test_filename_is_valid(void) {
- char foo[FILENAME_MAX+2];
- int i;
+ char foo[NAME_MAX+2];
log_info("/* %s */", __func__);
assert_se(!filename_is_valid("bar/foo/"));
assert_se(!filename_is_valid("bar//"));
- for (i=0; i<FILENAME_MAX+1; i++)
- foo[i] = 'a';
- foo[FILENAME_MAX+1] = '\0';
+ memset(foo, 'a', sizeof(foo) - 1);
+ char_array_0(foo);
assert_se(!filename_is_valid(foo));
assert_se(filename_is_valid("o.o"));
}
+static void test_path_is_valid(void) {
+ char foo[PATH_MAX+2];
+ const char *c;
+
+ log_info("/* %s */", __func__);
+
+ assert_se(!path_is_valid(""));
+ assert_se(path_is_valid("/bar/foo"));
+ assert_se(path_is_valid("/bar/foo/"));
+ assert_se(path_is_valid("/bar/foo/"));
+ assert_se(path_is_valid("//bar//foo//"));
+ assert_se(path_is_valid("/"));
+ assert_se(path_is_valid("/////"));
+ assert_se(path_is_valid("/////.///.////...///..//."));
+ assert_se(path_is_valid("."));
+ assert_se(path_is_valid(".."));
+ assert_se(path_is_valid("bar/foo"));
+ assert_se(path_is_valid("bar/foo/"));
+ assert_se(path_is_valid("bar//"));
+
+ memset(foo, 'a', sizeof(foo) -1);
+ char_array_0(foo);
+
+ assert_se(!path_is_valid(foo));
+
+ c = strjoina("/xxx/", foo, "/yyy");
+ assert_se(!path_is_valid(c));
+
+ assert_se(path_is_valid("foo_bar-333"));
+ assert_se(path_is_valid("o.o"));
+}
+
static void test_hidden_or_backup_file(void) {
log_info("/* %s */", __func__);
test_last_path_component();
test_path_extract_filename();
test_filename_is_valid();
+ test_path_is_valid();
test_hidden_or_backup_file();
test_skip_dev_prefix();
test_empty_or_root();
#include "condition.h"
#include "device-private.h"
#include "device.h"
+#include "discover-image.h"
#include "execute.h"
#include "import-util.h"
#include "install.h"
#include "locale-util.h"
#include "log.h"
#include "logs-show.h"
-#include "machine-image.h"
#include "mount.h"
#include "path.h"
#include "process-util.h"