]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
5ba2dc25 KS |
2 | |
3 | #include <errno.h> | |
5ba2dc25 | 4 | #include <stdlib.h> |
5ba2dc25 KS |
5 | #include <unistd.h> |
6 | ||
b5efdb8a | 7 | #include "alloc-util.h" |
ee104e11 | 8 | #include "dev-setup.h" |
5ba2dc25 | 9 | #include "label.h" |
a8fbdf54 | 10 | #include "log.h" |
d8b4d14d | 11 | #include "nulstr-util.h" |
03cfe0d5 | 12 | #include "path-util.h" |
30874dda | 13 | #include "umask-util.h" |
ee104e11 | 14 | #include "user-util.h" |
5ba2dc25 | 15 | |
03cfe0d5 | 16 | int dev_setup(const char *prefix, uid_t uid, gid_t gid) { |
5ba2dc25 | 17 | static const char symlinks[] = |
696fee7d | 18 | "-/proc/kcore\0" "/dev/core\0" |
5ba2dc25 KS |
19 | "/proc/self/fd\0" "/dev/fd\0" |
20 | "/proc/self/fd/0\0" "/dev/stdin\0" | |
21 | "/proc/self/fd/1\0" "/dev/stdout\0" | |
22 | "/proc/self/fd/2\0" "/dev/stderr\0"; | |
23 | ||
03cfe0d5 LP |
24 | const char *j, *k; |
25 | int r; | |
26 | ||
8f0e73f2 | 27 | NULSTR_FOREACH_PAIR(j, k, symlinks) { |
03cfe0d5 LP |
28 | _cleanup_free_ char *link_name = NULL; |
29 | const char *n; | |
30 | ||
696fee7d ZJS |
31 | if (j[0] == '-') { |
32 | j++; | |
33 | ||
2b85f4e1 | 34 | if (access(j, F_OK) < 0) |
696fee7d ZJS |
35 | continue; |
36 | } | |
8f0e73f2 | 37 | |
01ed0e23 | 38 | if (prefix) { |
c6134d3e | 39 | link_name = path_join(prefix, k); |
7f112f50 LP |
40 | if (!link_name) |
41 | return -ENOMEM; | |
8f0e73f2 | 42 | |
03cfe0d5 | 43 | n = link_name; |
01ed0e23 | 44 | } else |
03cfe0d5 LP |
45 | n = k; |
46 | ||
47 | r = symlink_label(j, n); | |
48 | if (r < 0) | |
49 | log_debug_errno(r, "Failed to symlink %s to %s: %m", j, n); | |
50 | ||
51 | if (uid != UID_INVALID || gid != GID_INVALID) | |
52 | if (lchown(n, uid, gid) < 0) | |
53 | log_debug_errno(errno, "Failed to chown %s: %m", n); | |
8f0e73f2 | 54 | } |
7f112f50 LP |
55 | |
56 | return 0; | |
5ba2dc25 | 57 | } |
30874dda | 58 | |
48b747fa | 59 | int make_inaccessible_nodes( |
9fac5029 | 60 | const char *parent_dir, |
48b747fa LP |
61 | uid_t uid, |
62 | gid_t gid) { | |
63 | ||
30874dda LP |
64 | static const struct { |
65 | const char *name; | |
66 | mode_t mode; | |
67 | } table[] = { | |
9fac5029 LP |
68 | { "inaccessible", S_IFDIR | 0755 }, |
69 | { "inaccessible/reg", S_IFREG | 0000 }, | |
70 | { "inaccessible/dir", S_IFDIR | 0000 }, | |
71 | { "inaccessible/fifo", S_IFIFO | 0000 }, | |
72 | { "inaccessible/sock", S_IFSOCK | 0000 }, | |
30874dda LP |
73 | |
74 | /* The following two are likely to fail if we lack the privs for it (for example in an userns | |
2aed63f4 ZJS |
75 | * environment, if CAP_SYS_MKNOD is missing, or if a device node policy prohibits creation of |
76 | * device nodes with a major/minor of 0). But that's entirely fine. Consumers of these files | |
77 | * should implement falling back to use a different node then, for example | |
78 | * <root>/inaccessible/sock, which is close enough in behaviour and semantics for most uses. | |
79 | */ | |
9fac5029 LP |
80 | { "inaccessible/chr", S_IFCHR | 0000 }, |
81 | { "inaccessible/blk", S_IFBLK | 0000 }, | |
30874dda LP |
82 | }; |
83 | ||
84 | _cleanup_umask_ mode_t u; | |
30874dda LP |
85 | int r; |
86 | ||
9fac5029 LP |
87 | if (!parent_dir) |
88 | parent_dir = "/run/systemd"; | |
48b747fa | 89 | |
30874dda LP |
90 | u = umask(0000); |
91 | ||
92 | /* Set up inaccessible (and empty) file nodes of all types. This are used to as mount sources for over-mounting | |
93 | * ("masking") file nodes that shall become inaccessible and empty for specific containers or services. We try | |
94 | * to lock down these nodes as much as we can, but otherwise try to match them as closely as possible with the | |
95 | * underlying file, i.e. in the best case we offer the same node type as the underlying node. */ | |
96 | ||
9fac5029 | 97 | for (size_t i = 0; i < ELEMENTSOF(table); i++) { |
30874dda LP |
98 | _cleanup_free_ char *path = NULL; |
99 | ||
9fac5029 | 100 | path = path_join(parent_dir, table[i].name); |
30874dda LP |
101 | if (!path) |
102 | return log_oom(); | |
103 | ||
104 | if (S_ISDIR(table[i].mode)) | |
8d9cbd80 | 105 | r = mkdir_label(path, table[i].mode & 07777); |
30874dda | 106 | else |
8d9cbd80 | 107 | r = mknod_label(path, table[i].mode, makedev(0, 0)); |
30874dda | 108 | if (r < 0) { |
9fac5029 | 109 | log_debug_errno(r, "Failed to create '%s', ignoring: %m", path); |
30874dda LP |
110 | continue; |
111 | } | |
112 | ||
113 | if (uid != UID_INVALID || gid != GID_INVALID) { | |
114 | if (lchown(path, uid, gid) < 0) | |
115 | log_debug_errno(errno, "Failed to chown '%s': %m", path); | |
116 | } | |
117 | } | |
118 | ||
119 | return 0; | |
120 | } |