[thirdparty/systemd.git] / src / core / machine-id-setup.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <unistd.h>
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <fcntl.h>
#include <sys/mount.h>

#include <systemd/sd-id128.h>

#include "machine-id-setup.h"
#include "macro.h"
#include "util.h"
#include "mkdir.h"
#include "log.h"
#include "virt.h"
#include "fileio.h"
#include "path-util.h"

static int shorten_uuid(char destination[36], const char *source) {
        unsigned i, j;

        for (i = 0, j = 0; i < 36 && j < 32; i++) {
                int t;

                t = unhexchar(source[i]);
                if (t < 0)
                        continue;

                destination[j++] = hexchar(t);
        }

        if (i == 36 && j == 32) {
                destination[32] = '\n';
                destination[33] = 0;
                return 0;
        }

        return -EINVAL;
}

static int generate(char id[34], const char *root) {
        int fd, r;
        unsigned char *p;
        sd_id128_t buf;
        char *q;
        ssize_t k;
        const char *vm_id;
        _cleanup_free_ char *dbus_machine_id = NULL;

        assert(id);

        if (asprintf(&dbus_machine_id, "%s/var/lib/dbus/machine-id", root) < 0)
                return log_oom();

        /* First, try reading the D-Bus machine id, unless it is a symlink */
        fd = open(dbus_machine_id, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
        if (fd >= 0) {
                k = loop_read(fd, id, 33, false);
                safe_close(fd);

                if (k == 33 && id[32] == '\n') {

                        id[32] = 0;
                        if (id128_is_valid(id)) {
                                id[32] = '\n';
                                id[33] = 0;

                                log_info("Initializing machine ID from D-Bus machine ID.");
                                return 0;
                        }
                }
        }

        /* If that didn't work, see if we are running in qemu/kvm and a
         * machine ID was passed in via -uuid on the qemu/kvm command
         * line */

        r = detect_vm(&vm_id);
        if (r > 0 && streq(vm_id, "kvm")) {
                char uuid[37];

                fd = open("/sys/class/dmi/id/product_uuid", O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
                if (fd >= 0) {
                        k = loop_read(fd, uuid, 36, false);
                        safe_close(fd);

                        if (k >= 36) {
                                r = shorten_uuid(id, uuid);
                                if (r >= 0) {
                                        log_info("Initializing machine ID from KVM UUID.");
                                        return 0;
                                }
                        }
                }
        }

        /* If that didn't work either, see if we are running in a
         * container, and a machine ID was passed in via
         * $container_uuid the way libvirt/LXC does it */
        r = detect_container(NULL);
        if (r > 0) {
                _cleanup_free_ char *e = NULL;

                r = getenv_for_pid(1, "container_uuid", &e);
                if (r > 0) {
                        if (strlen(e) >= 36) {
                                r = shorten_uuid(id, e);
                                if (r >= 0) {
                                        log_info("Initializing machine ID from container UUID.");
                                        return 0;
                                }
                        }
                }
        }

        /* If that didn't work, generate a random machine id */
        r = sd_id128_randomize(&buf);
        if (r < 0) {
                log_error("Failed to open /dev/urandom: %s", strerror(-r));
                return r;
        }

        for (p = buf.bytes, q = id; p < buf.bytes + sizeof(buf); p++, q += 2) {
                q[0] = hexchar(*p >> 4);
                q[1] = hexchar(*p & 15);
        }

        id[32] = '\n';
        id[33] = 0;

        log_info("Initializing machine ID from random generator.");

        return 0;
}

int machine_id_setup(const char *root) {
        _cleanup_close_ int fd = -1;
        int r;
        bool writable = false;
        struct stat st;
        char id[34]; /* 32 + \n + \0 */
        char *etc_machine_id, *run_machine_id;

        etc_machine_id = strappenda(root, "/etc/machine-id");
        path_kill_slashes(etc_machine_id);

        run_machine_id = strappenda(root, "/run/machine-id");
        path_kill_slashes(run_machine_id);

        RUN_WITH_UMASK(0000) {
                /* We create this 0444, to indicate that this isn't really
                 * something you should ever modify. Of course, since the file
                 * will be owned by root it doesn't matter much, but maybe
                 * people look. */

                fd = open(etc_machine_id, O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
                if (fd >= 0)
                        writable = true;
                else {
                        fd = open(etc_machine_id, O_RDONLY|O_CLOEXEC|O_NOCTTY);
                        if (fd < 0) {
                                log_error("Cannot open %s: %m", etc_machine_id);
                                return -errno;
                        }

                        writable = false;
                }
        }

        if (fstat(fd, &st) < 0) {
                log_error("fstat() failed: %m");
                return -errno;
        }

        if (S_ISREG(st.st_mode))
                if (loop_read(fd, id, 33, false) == 33 && id[32] == '\n') {
                        id[32] = 0;

                        if (id128_is_valid(id))
                                return 0;
                }

        /* Hmm, so, the id currently stored is not useful, then let's
         * generate one */

        r = generate(id, root);
        if (r < 0)
                return r;

        if (S_ISREG(st.st_mode) && writable) {
                lseek(fd, 0, SEEK_SET);

                if (loop_write(fd, id, 33, false) == 33)
                        return 0;
        }

        fd = safe_close(fd);

        /* Hmm, we couldn't write it? So let's write it to
         * /run/machine-id as a replacement */

        RUN_WITH_UMASK(0022) {
                r = write_string_file(run_machine_id, id);
        }
        if (r < 0) {
                log_error("Cannot write %s: %s", run_machine_id, strerror(-r));
                unlink(run_machine_id);
                return r;
        }

        /* And now, let's mount it over */
        r = mount(run_machine_id, etc_machine_id, NULL, MS_BIND, NULL);
        if (r < 0) {
                log_error("Failed to mount %s: %m", etc_machine_id);
                unlink_noerrno(run_machine_id);
                return -errno;
        }

        log_info("Installed transient %s file.", etc_machine_id);

        /* Mark the mount read-only */
        if (mount(NULL, etc_machine_id, NULL, MS_BIND|MS_RDONLY|MS_REMOUNT, NULL) < 0)
                log_warning("Failed to make transient %s read-only: %m", etc_machine_id);

        return 0;
}
Commit	Line	Data
d7ccca2e LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
d7ccca2e LP	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
d7ccca2e	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
d7ccca2e LP	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <unistd.h>
	23	#include <stdio.h>
	24	#include <errno.h>
	25	#include <string.h>
	26	#include <stdlib.h>
	27	#include <fcntl.h>
	28	#include <sys/mount.h>
	29
81527be1 LP	30	#include <systemd/sd-id128.h>
81527be1 LP	31
b6e66135	32	#include "machine-id-setup.h"
d7ccca2e LP	33	#include "macro.h"
d7ccca2e LP	34	#include "util.h"
49e942b2	35	#include "mkdir.h"
d7ccca2e	36	#include "log.h"
d4eb120a	37	#include "virt.h"
a5c32cff	38	#include "fileio.h"
fe970a8a	39	#include "path-util.h"
8d41a963	40
09b967ea LP	41	static int shorten_uuid(char destination[36], const char *source) {
	42	unsigned i, j;
	43
	44	for (i = 0, j = 0; i < 36 && j < 32; i++) {
	45	int t;
	46
	47	t = unhexchar(source[i]);
	48	if (t < 0)
	49	continue;
	50
	51	destination[j++] = hexchar(t);
	52	}
	53
	54	if (i == 36 && j == 32) {
	55	destination[32] = '\n';
	56	destination[33] = 0;
	57	return 0;
	58	}
	59
	60	return -EINVAL;
	61	}
	62
92f2f92e	63	static int generate(char id[34], const char *root) {
87d2c1ff LP	64	int fd, r;
	65	unsigned char *p;
	66	sd_id128_t buf;
8d41a963	67	char *q;
d7ccca2e	68	ssize_t k;
d4eb120a	69	const char *vm_id;
92f2f92e	70	_cleanup_free_ char *dbus_machine_id = NULL;
d7ccca2e LP	71
	72	assert(id);
	73
92f2f92e GKH	74	if (asprintf(&dbus_machine_id, "%s/var/lib/dbus/machine-id", root) < 0)
	75	return log_oom();
	76
d7ccca2e	77	/* First, try reading the D-Bus machine id, unless it is a symlink */
92f2f92e	78	fd = open(dbus_machine_id, O_RDONLY\|O_CLOEXEC\|O_NOCTTY\|O_NOFOLLOW);
8d41a963	79	if (fd >= 0) {
aa96c6cb	80	k = loop_read(fd, id, 33, false);
03e334a1	81	safe_close(fd);
d7ccca2e	82
aa96c6cb	83	if (k == 33 && id[32] == '\n') {
d7ccca2e	84
aa96c6cb LP	85	id[32] = 0;
	86	if (id128_is_valid(id)) {
	87	id[32] = '\n';
	88	id[33] = 0;
	89
	90	log_info("Initializing machine ID from D-Bus machine ID.");
	91	return 0;
	92	}
d7ccca2e LP	93	}
	94	}
	95
d4eb120a LP	96	/* If that didn't work, see if we are running in qemu/kvm and a
	97	* machine ID was passed in via -uuid on the qemu/kvm command
	98	* line */
	99
	100	r = detect_vm(&vm_id);
	101	if (r > 0 && streq(vm_id, "kvm")) {
	102	char uuid[37];
	103
	104	fd = open("/sys/class/dmi/id/product_uuid", O_RDONLY\|O_CLOEXEC\|O_NOCTTY\|O_NOFOLLOW);
	105	if (fd >= 0) {
	106	k = loop_read(fd, uuid, 36, false);
03e334a1	107	safe_close(fd);
d4eb120a LP	108
d4eb120a LP	109	if (k >= 36) {
09b967ea LP	110	r = shorten_uuid(id, uuid);
09b967ea LP	111	if (r >= 0) {
8e47b1d2	112	log_info("Initializing machine ID from KVM UUID.");
09b967ea LP	113	return 0;
	114	}
	115	}
	116	}
	117	}
d4eb120a	118
09b967ea LP	119	/* If that didn't work either, see if we are running in a
	120	* container, and a machine ID was passed in via
	121	* $container_uuid the way libvirt/LXC does it */
09b967ea LP	122	r = detect_container(NULL);
09b967ea LP	123	if (r > 0) {
aa96c6cb	124	_cleanup_free_ char *e = NULL;
09b967ea	125
ab94af92 LP	126	r = getenv_for_pid(1, "container_uuid", &e);
	127	if (r > 0) {
	128	if (strlen(e) >= 36) {
	129	r = shorten_uuid(id, e);
	130	if (r >= 0) {
8e47b1d2	131	log_info("Initializing machine ID from container UUID.");
ab94af92	132	return 0;
09b967ea	133	}
ab94af92	134	}
d4eb120a LP	135	}
	136	}
	137
d7ccca2e	138	/* If that didn't work, generate a random machine id */
87d2c1ff LP	139	r = sd_id128_randomize(&buf);
	140	if (r < 0) {
	141	log_error("Failed to open /dev/urandom: %s", strerror(-r));
	142	return r;
d7ccca2e LP	143	}
d7ccca2e LP	144
87d2c1ff	145	for (p = buf.bytes, q = id; p < buf.bytes + sizeof(buf); p++, q += 2) {
d7ccca2e LP	146	q[0] = hexchar(*p >> 4);
	147	q[1] = hexchar(*p & 15);
	148	}
	149
	150	id[32] = '\n';
	151	id[33] = 0;
	152
	153	log_info("Initializing machine ID from random generator.");
	154
	155	return 0;
	156	}
	157
92f2f92e	158	int machine_id_setup(const char *root) {
4b73a0c0 LP	159	_cleanup_close_ int fd = -1;
4b73a0c0 LP	160	int r;
df28bc08	161	bool writable = false;
d7ccca2e LP	162	struct stat st;
d7ccca2e LP	163	char id[34]; /* 32 + \n + \0 */
fe970a8a	164	char etc_machine_id, run_machine_id;
92f2f92e	165
fe970a8a ZJS	166	etc_machine_id = strappenda(root, "/etc/machine-id");
fe970a8a ZJS	167	path_kill_slashes(etc_machine_id);
92f2f92e	168
fe970a8a ZJS	169	run_machine_id = strappenda(root, "/run/machine-id");
fe970a8a ZJS	170	path_kill_slashes(run_machine_id);
d7ccca2e	171
5c0d398d LP	172	RUN_WITH_UMASK(0000) {
	173	/* We create this 0444, to indicate that this isn't really
	174	* something you should ever modify. Of course, since the file
	175	* will be owned by root it doesn't matter much, but maybe
	176	* people look. */
	177
92f2f92e	178	fd = open(etc_machine_id, O_RDWR\|O_CREAT\|O_CLOEXEC\|O_NOCTTY, 0444);
5c0d398d LP	179	if (fd >= 0)
	180	writable = true;
	181	else {
92f2f92e	182	fd = open(etc_machine_id, O_RDONLY\|O_CLOEXEC\|O_NOCTTY);
5c0d398d	183	if (fd < 0) {
92f2f92e	184	log_error("Cannot open %s: %m", etc_machine_id);
5c0d398d LP	185	return -errno;
5c0d398d LP	186	}
76526bad	187
5c0d398d	188	writable = false;
d7ccca2e	189	}
d7ccca2e LP	190	}
d7ccca2e LP	191
d7ccca2e LP	192	if (fstat(fd, &st) < 0) {
d7ccca2e LP	193	log_error("fstat() failed: %m");
4b73a0c0	194	return -errno;
d7ccca2e LP	195	}
d7ccca2e LP	196
4b73a0c0	197	if (S_ISREG(st.st_mode))
aa96c6cb LP	198	if (loop_read(fd, id, 33, false) == 33 && id[32] == '\n') {
	199	id[32] = 0;
	200
	201	if (id128_is_valid(id))
	202	return 0;
	203	}
d7ccca2e LP	204
	205	/* Hmm, so, the id currently stored is not useful, then let's
	206	* generate one */
	207
92f2f92e	208	r = generate(id, root);
8d41a963	209	if (r < 0)
4b73a0c0	210	return r;
d7ccca2e LP	211
	212	if (S_ISREG(st.st_mode) && writable) {
	213	lseek(fd, 0, SEEK_SET);
	214
4b73a0c0 LP	215	if (loop_write(fd, id, 33, false) == 33)
4b73a0c0 LP	216	return 0;
d7ccca2e LP	217	}
d7ccca2e LP	218
03e334a1	219	fd = safe_close(fd);
d7ccca2e LP	220
d7ccca2e LP	221	/* Hmm, we couldn't write it? So let's write it to
6996295f	222	* /run/machine-id as a replacement */
d7ccca2e	223
5c0d398d	224	RUN_WITH_UMASK(0022) {
92f2f92e	225	r = write_string_file(run_machine_id, id);
5c0d398d	226	}
8d41a963	227	if (r < 0) {
92f2f92e GKH	228	log_error("Cannot write %s: %s", run_machine_id, strerror(-r));
92f2f92e GKH	229	unlink(run_machine_id);
4b73a0c0	230	return r;
d7ccca2e LP	231	}
	232
	233	/* And now, let's mount it over */
92f2f92e	234	r = mount(run_machine_id, etc_machine_id, NULL, MS_BIND, NULL);
6996295f	235	if (r < 0) {
92f2f92e GKH	236	log_error("Failed to mount %s: %m", etc_machine_id);
92f2f92e GKH	237	unlink_noerrno(run_machine_id);
4b73a0c0	238	return -errno;
aed5a525 LP	239	}
aed5a525 LP	240
92f2f92e	241	log_info("Installed transient %s file.", etc_machine_id);
d7ccca2e	242
4b73a0c0	243	/* Mark the mount read-only */
92f2f92e GKH	244	if (mount(NULL, etc_machine_id, NULL, MS_BIND\|MS_RDONLY\|MS_REMOUNT, NULL) < 0)
92f2f92e GKH	245	log_warning("Failed to make transient %s read-only: %m", etc_machine_id);
d7ccca2e	246
4b73a0c0	247	return 0;
d7ccca2e	248	}