]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
4349cd7c LP |
2 | #pragma once |
3 | ||
4349cd7c | 4 | #include <mntent.h> |
11c3a366 | 5 | #include <stdio.h> |
9c653536 | 6 | #include <sys/stat.h> |
e49ee285 | 7 | #include <unistd.h> |
4e036b7a | 8 | |
75f79cd2 | 9 | #include "alloc-util.h" |
70599967 | 10 | #include "dissect-image.h" |
e49ee285 | 11 | #include "errno-util.h" |
11c3a366 | 12 | #include "macro.h" |
4349cd7c | 13 | |
57c10a56 CB |
14 | typedef enum MountAttrPropagationType { |
15 | MOUNT_ATTR_PROPAGATION_INHERIT, /* no special MS_* propagation flags */ | |
16 | MOUNT_ATTR_PROPAGATION_PRIVATE, /* MS_PRIVATE */ | |
17 | MOUNT_ATTR_PROPAGATION_DEPENDENT, /* MS_SLAVE */ | |
18 | MOUNT_ATTR_PROPAGATION_SHARED, /* MS_SHARE */ | |
19 | ||
20 | _MOUNT_ATTR_PROPAGATION_TYPE_MAX, | |
21 | _MOUNT_ATTR_PROPAGATION_TYPE_INVALID = -EINVAL, | |
22 | } MountAttrPropagationType; | |
23 | ||
24 | const char* mount_attr_propagation_type_to_string(MountAttrPropagationType t) _const_; | |
25 | MountAttrPropagationType mount_attr_propagation_type_from_string(const char *s) _pure_; | |
26 | unsigned int mount_attr_propagation_type_to_flag(MountAttrPropagationType t); | |
27 | ||
3f2c0bec | 28 | int repeat_unmount(const char *path, int flags); |
4349cd7c | 29 | int umount_recursive(const char *target, int flags); |
0289948e | 30 | |
6b000af4 | 31 | int bind_remount_recursive_with_mountinfo(const char *prefix, unsigned long new_flags, unsigned long flags_mask, char **deny_list, FILE *proc_self_mountinfo); |
0289948e LP |
32 | static inline int bind_remount_recursive(const char *prefix, unsigned long new_flags, unsigned long flags_mask, char **deny_list) { |
33 | return bind_remount_recursive_with_mountinfo(prefix, new_flags, flags_mask, deny_list, NULL); | |
34 | } | |
35 | ||
7cce68e1 | 36 | int bind_remount_one_with_mountinfo(const char *path, unsigned long new_flags, unsigned long flags_mask, FILE *proc_self_mountinfo); |
4349cd7c | 37 | |
57c10a56 | 38 | int mount_switch_root(const char *path, MountAttrPropagationType type); |
4349cd7c | 39 | |
fd421c4a | 40 | DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(FILE*, endmntent, NULL); |
4349cd7c | 41 | #define _cleanup_endmntent_ _cleanup_(endmntentp) |
4e036b7a | 42 | |
511a8cfe | 43 | int mount_verbose_full( |
60e76d48 ZJS |
44 | int error_log_level, |
45 | const char *what, | |
46 | const char *where, | |
47 | const char *type, | |
48 | unsigned long flags, | |
511a8cfe LP |
49 | const char *options, |
50 | bool follow_symlink); | |
51 | ||
52 | static inline int mount_follow_verbose( | |
53 | int error_log_level, | |
54 | const char *what, | |
55 | const char *where, | |
56 | const char *type, | |
57 | unsigned long flags, | |
58 | const char *options) { | |
59 | return mount_verbose_full(error_log_level, what, where, type, flags, options, true); | |
60 | } | |
61 | ||
62 | static inline int mount_nofollow_verbose( | |
63 | int error_log_level, | |
64 | const char *what, | |
65 | const char *where, | |
66 | const char *type, | |
67 | unsigned long flags, | |
68 | const char *options) { | |
69 | return mount_verbose_full(error_log_level, what, where, type, flags, options, false); | |
70 | } | |
71 | ||
30f5d104 LP |
72 | int umount_verbose( |
73 | int error_log_level, | |
74 | const char *where, | |
75 | int flags); | |
83555251 | 76 | |
9e7f941a YW |
77 | int mount_option_mangle( |
78 | const char *options, | |
79 | unsigned long mount_flags, | |
80 | unsigned long *ret_mount_flags, | |
81 | char **ret_remaining_options); | |
be1791ad | 82 | |
e5f10caf | 83 | int mode_to_inaccessible_node(const char *runtime_dir, mode_t mode, char **dest); |
da185cd0 | 84 | int mount_flags_to_string(unsigned long flags, char **ret); |
e49ee285 LP |
85 | |
86 | /* Useful for usage with _cleanup_(), unmounts, removes a directory and frees the pointer */ | |
f93ba375 | 87 | static inline char* umount_and_rmdir_and_free(char *p) { |
e49ee285 | 88 | PROTECT_ERRNO; |
4d686e6b LP |
89 | if (p) { |
90 | (void) umount_recursive(p, 0); | |
91 | (void) rmdir(p); | |
92 | } | |
75f79cd2 | 93 | return mfree(p); |
e49ee285 LP |
94 | } |
95 | DEFINE_TRIVIAL_CLEANUP_FUNC(char*, umount_and_rmdir_and_free); | |
6af52c3a LB |
96 | |
97 | int bind_mount_in_namespace(pid_t target, const char *propagate_path, const char *incoming_path, const char *src, const char *dest, bool read_only, bool make_file_or_directory); | |
70599967 | 98 | int mount_image_in_namespace(pid_t target, const char *propagate_path, const char *incoming_path, const char *src, const char *dest, bool read_only, bool make_file_or_directory, const MountOptions *options); |
14a25e1f LP |
99 | |
100 | int make_mount_point(const char *path); | |
35fd3558 | 101 | |
1aa18710 QD |
102 | typedef enum RemountIdmapping { |
103 | REMOUNT_IDMAPPING_NONE, | |
50ae2966 LP |
104 | /* Include a mapping from UID_MAPPED_ROOT (i.e. UID 2^31-2) on the backing fs to UID 0 on the |
105 | * uidmapped fs. This is useful to ensure that the host root user can safely add inodes to the | |
106 | * uidmapped fs (which otherwise wouldn't work as the host root user is not defined on the uidmapped | |
107 | * mount and any attempts to create inodes will then be refused with EOVERFLOW). The idea is that | |
108 | * these inodes are quickly re-chown()ed to more suitable UIDs/GIDs. Any code that intends to be able | |
109 | * to add inodes to file systems mapped this way should set this flag, but given it comes with | |
110 | * certain security implications defaults to off, and requires explicit opt-in. */ | |
1aa18710 | 111 | REMOUNT_IDMAPPING_HOST_ROOT, |
2b2777ed QD |
112 | /* Define a mapping from root user within the container to the owner of the bind mounted directory. |
113 | * This ensure no root-owned files will be written in a bind-mounted directory owned by a different | |
114 | * user. No other users are mapped. */ | |
115 | REMOUNT_IDMAPPING_HOST_OWNER, | |
1aa18710 QD |
116 | _REMOUNT_IDMAPPING_MAX, |
117 | _REMOUNT_IDMAPPING_INVALID = -EINVAL, | |
118 | } RemountIdmapping; | |
50ae2966 | 119 | |
2b2777ed | 120 | int remount_idmap(const char *p, uid_t uid_shift, uid_t uid_range, uid_t owner, RemountIdmapping idmapping); |
9c653536 ZJS |
121 | |
122 | /* Creates a mount point (not parents) based on the source path or stat - ie, a file or a directory */ | |
123 | int make_mount_point_inode_from_stat(const struct stat *st, const char *dest, mode_t mode); | |
124 | int make_mount_point_inode_from_path(const char *source, const char *dest, mode_t mode); |