#include "argv-util.h"
#include "cgroup-util.h"
#include "dirent-util.h"
+#include "dlfcn-util.h"
#include "env-file.h"
#include "errno-util.h"
#include "escape.h"
r, "Failed to rename process, ignoring: %m");
}
+ /* let's disable dlopen() in the child, as a paranoia safety precaution: children should not live for
+ * long and only do minimal work before exiting or exec()ing. Doing dlopen() is not either. If people
+ * want dlopen() they should do it before forking. This is a safety precuation in particular for
+ * cases where the child does namespace shenanigans: we should never end up loading a module from a
+ * foreign environment. Note that this has no effect on NSS! (i.e. it only has effect on uses of our
+ * dlopen_safe(), which we use comprehensively in our codebase, but glibc NSS doesn't bother, of
+ * course.) */
+ block_dlopen();
+
if (flags & (FORK_DEATHSIG_SIGTERM|FORK_DEATHSIG_SIGINT|FORK_DEATHSIG_SIGKILL))
if (prctl(PR_SET_PDEATHSIG, fork_flags_to_signal(flags)) < 0) {
log_full_errno(prio, errno, "Failed to set death signal: %m");
'sd-bus/test-bus-vtable.c',
'sd-device/test-device-util.c',
'sd-device/test-sd-device-monitor.c',
- 'sd-device/test-sd-device.c',
'sd-journal/test-journal-flush.c',
'sd-journal/test-journal-interleaving.c',
'sd-journal/test-journal-stream.c',
)
libsystemd_tests += [
+ {
+ 'sources' : files('sd-device/test-sd-device.c'),
+ 'dependencies' : [ threads, libmount_cflags ],
+ },
{
'sources' : files('sd-bus/test-bus-address.c'),
'dependencies' : threads
#include "fd-util.h"
#include "fs-util.h"
#include "hashmap.h"
+#include "libmount-util.h"
#include "mkdir.h"
#include "mount-util.h"
#include "mountpoint-util.h"
}
static int intro(void) {
+ int r;
+
if (path_is_mount_point("/sys") <= 0)
- return log_tests_skipped("/sys is not mounted");
+ return log_tests_skipped("/sys/ is not mounted");
+
+ r = dlopen_libmount();
+ if (r < 0)
+ return log_tests_skipped("libmount not available.");
return EXIT_SUCCESS;
}
#include "fd-util.h"
#include "fileio.h"
#include "fs-util.h"
+#include "libmount-util.h"
#include "manager.h"
#include "mkdir.h"
#include "mount-util.h"
}
static int intro(void) {
+ int r;
+
#if HAS_FEATURE_ADDRESS_SANITIZER
if (strstr_ptr(ci_environment(), "travis") || strstr_ptr(ci_environment(), "github-actions"))
return log_tests_skipped("Running on Travis CI/GH Actions under ASan, see https://github.com/systemd/systemd/issues/10696");
if (path_is_read_only_fs("/sys") > 0)
return log_tests_skipped("/sys is mounted read-only");
+ r = dlopen_libmount();
+ if (r < 0)
+ return log_tests_skipped("libmount not available.");
+
/* Create dummy network interface for testing PrivateNetwork=yes */
have_net_dummy = system("ip link add dummy-test-exec type dummy") == 0;
projects / thirdparty / systemd.git / commitdiff
