]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
1968a360 | 2 | |
a8fbdf54 | 3 | #include <errno.h> |
a8fbdf54 TA |
4 | #include <stddef.h> |
5 | #include <stdint.h> | |
6 | #include <stdio.h> | |
1968a360 | 7 | #include <stdlib.h> |
1968a360 | 8 | #include <sys/prctl.h> |
07630cea | 9 | #include <unistd.h> |
1968a360 | 10 | |
0a42426d ZJS |
11 | #include "sd-login.h" |
12 | ||
07630cea | 13 | #include "copy.h" |
612ebf6c | 14 | #include "env-util.h" |
3ffd4af2 | 15 | #include "fd-util.h" |
6432da6a ZJS |
16 | #include "fileio.h" |
17 | #include "io-util.h" | |
8752c575 | 18 | #include "locale-util.h" |
a8fbdf54 | 19 | #include "log.h" |
1968a360 | 20 | #include "macro.h" |
3ffd4af2 | 21 | #include "pager.h" |
07630cea | 22 | #include "process-util.h" |
595225af | 23 | #include "rlimit-util.h" |
ce30c8dc | 24 | #include "signal-util.h" |
07630cea | 25 | #include "string-util.h" |
57c9e047 | 26 | #include "strv.h" |
07630cea | 27 | #include "terminal-util.h" |
1968a360 LP |
28 | |
29 | static pid_t pager_pid = 0; | |
30 | ||
3f603952 LP |
31 | static int stored_stdout = -1; |
32 | static int stored_stderr = -1; | |
33 | static bool stdout_redirected = false; | |
34 | static bool stderr_redirected = false; | |
35 | ||
848e863a | 36 | _noreturn_ static void pager_fallback(void) { |
6a7c676c | 37 | int r; |
46e65dcc | 38 | |
f5fbe71d | 39 | r = copy_bytes(STDIN_FILENO, STDOUT_FILENO, UINT64_MAX, 0); |
6a7c676c LP |
40 | if (r < 0) { |
41 | log_error_errno(r, "Internal pager failed: %m"); | |
4a8e40eb MS |
42 | _exit(EXIT_FAILURE); |
43 | } | |
46e65dcc | 44 | |
4a8e40eb MS |
45 | _exit(EXIT_SUCCESS); |
46 | } | |
47 | ||
6432da6a ZJS |
48 | static int no_quit_on_interrupt(int exe_name_fd, const char *less_opts) { |
49 | _cleanup_fclose_ FILE *file = NULL; | |
50 | _cleanup_free_ char *line = NULL; | |
51 | int r; | |
52 | ||
53 | assert(exe_name_fd >= 0); | |
54 | assert(less_opts); | |
55 | ||
56 | /* This takes ownership of exe_name_fd */ | |
57 | file = fdopen(exe_name_fd, "r"); | |
58 | if (!file) { | |
59 | safe_close(exe_name_fd); | |
1d788908 | 60 | return log_error_errno(errno, "Failed to create FILE object: %m"); |
6432da6a ZJS |
61 | } |
62 | ||
63 | /* Find the last line */ | |
64 | for (;;) { | |
65 | _cleanup_free_ char *t = NULL; | |
66 | ||
67 | r = read_line(file, LONG_LINE_MAX, &t); | |
68 | if (r < 0) | |
1d788908 | 69 | return log_error_errno(r, "Failed to read from socket: %m"); |
6432da6a ZJS |
70 | if (r == 0) |
71 | break; | |
72 | ||
73 | free_and_replace(line, t); | |
74 | } | |
75 | ||
76 | /* We only treat "less" specially. | |
77 | * Return true whenever option K is *not* set. */ | |
78 | r = streq_ptr(line, "less") && !strchr(less_opts, 'K'); | |
79 | ||
80 | log_debug("Pager executable is \"%s\", options \"%s\", quit_on_interrupt: %s", | |
81 | strnull(line), less_opts, yes_no(!r)); | |
82 | return r; | |
83 | } | |
84 | ||
384c2c32 | 85 | void pager_open(PagerFlags flags) { |
71136404 | 86 | _cleanup_close_pair_ int fd[2] = EBADF_PAIR, exe_name_pipe[2] = EBADF_PAIR; |
43942e80 | 87 | _cleanup_strv_free_ char **pager_args = NULL; |
1d3b68f6 | 88 | _cleanup_free_ char *l = NULL; |
6432da6a | 89 | const char *pager, *less_opts; |
4c253ed1 | 90 | int r; |
1968a360 | 91 | |
0221d68a | 92 | if (flags & PAGER_DISABLE) |
384c2c32 | 93 | return; |
ea4b98e6 | 94 | |
1968a360 | 95 | if (pager_pid > 0) |
384c2c32 | 96 | return; |
1968a360 | 97 | |
ac96418b | 98 | if (terminal_is_dumb()) |
384c2c32 | 99 | return; |
729e3769 | 100 | |
85afeae8 | 101 | if (!is_main_thread()) |
384c2c32 | 102 | return (void) log_error_errno(SYNTHETIC_ERRNO(EPERM), "Pager invoked from wrong thread."); |
85afeae8 | 103 | |
bcbd61db LP |
104 | pager = getenv("SYSTEMD_PAGER"); |
105 | if (!pager) | |
106 | pager = getenv("PAGER"); | |
107 | ||
43942e80 YW |
108 | if (pager) { |
109 | pager_args = strv_split(pager, WHITESPACE); | |
110 | if (!pager_args) | |
384c2c32 | 111 | return (void) log_oom(); |
43942e80 YW |
112 | |
113 | /* If the pager is explicitly turned off, honour it */ | |
114 | if (strv_isempty(pager_args) || strv_equal(pager_args, STRV_MAKE("cat"))) | |
384c2c32 | 115 | return; |
43942e80 | 116 | } |
bcbd61db | 117 | |
d13b5227 LP |
118 | /* Determine and cache number of columns/lines before we spawn the pager so that we get the value from the |
119 | * actual tty */ | |
bcbd61db | 120 | (void) columns(); |
d13b5227 | 121 | (void) lines(); |
1968a360 | 122 | |
d262e99e | 123 | if (pipe2(fd, O_CLOEXEC) < 0) |
384c2c32 | 124 | return (void) log_error_errno(errno, "Failed to create pager pipe: %m"); |
1968a360 | 125 | |
6432da6a ZJS |
126 | /* This is a pipe to feed the name of the executed pager binary into the parent */ |
127 | if (pipe2(exe_name_pipe, O_CLOEXEC) < 0) | |
384c2c32 | 128 | return (void) log_error_errno(errno, "Failed to create exe_name pipe: %m"); |
6432da6a ZJS |
129 | |
130 | /* Initialize a good set of less options */ | |
131 | less_opts = getenv("SYSTEMD_LESS"); | |
132 | if (!less_opts) | |
133 | less_opts = "FRSXMK"; | |
1d3b68f6 AZ |
134 | if (flags & PAGER_JUMP_TO_END) { |
135 | l = strjoin(less_opts, " +G"); | |
136 | if (!l) | |
137 | return (void) log_oom(); | |
138 | less_opts = l; | |
139 | } | |
6432da6a | 140 | |
97033ba4 LP |
141 | /* We set SIGINT as PR_DEATHSIG signal here, to match the "K" parameter we set in $LESS, which enables SIGINT behaviour. */ |
142 | r = safe_fork("(pager)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGINT|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pager_pid); | |
4c253ed1 | 143 | if (r < 0) |
384c2c32 | 144 | return; |
4c253ed1 | 145 | if (r == 0) { |
5980d463 | 146 | const char *less_charset; |
1968a360 | 147 | |
4c253ed1 | 148 | /* In the child start the pager */ |
ce30c8dc | 149 | |
1d788908 LP |
150 | if (dup2(fd[0], STDIN_FILENO) < 0) { |
151 | log_error_errno(errno, "Failed to duplicate file descriptor to STDIN: %m"); | |
152 | _exit(EXIT_FAILURE); | |
153 | } | |
154 | ||
3d94f76c | 155 | safe_close_pair(fd); |
1968a360 | 156 | |
1d788908 LP |
157 | if (setenv("LESS", less_opts, 1) < 0) { |
158 | log_error_errno(errno, "Failed to set environment variable LESS: %m"); | |
0357fa0d | 159 | _exit(EXIT_FAILURE); |
1d788908 | 160 | } |
1968a360 | 161 | |
612ebf6c | 162 | /* Initialize a good charset for less. This is particularly important if we output UTF-8 |
a1b4e6e9 LP |
163 | * characters. */ |
164 | less_charset = getenv("SYSTEMD_LESSCHARSET"); | |
165 | if (!less_charset && is_locale_utf8()) | |
166 | less_charset = "utf-8"; | |
0357fa0d | 167 | if (less_charset && |
1d788908 LP |
168 | setenv("LESSCHARSET", less_charset, 1) < 0) { |
169 | log_error_errno(errno, "Failed to set environment variable LESSCHARSET: %m"); | |
0357fa0d | 170 | _exit(EXIT_FAILURE); |
1d788908 | 171 | } |
a1b4e6e9 | 172 | |
612ebf6c | 173 | /* People might invoke us from sudo, don't needlessly allow less to be a way to shell out |
0a42426d ZJS |
174 | * privileged stuff. If the user set $SYSTEMD_PAGERSECURE, trust their configuration of the |
175 | * pager. If they didn't, use secure mode when under euid is changed. If $SYSTEMD_PAGERSECURE | |
176 | * wasn't explicitly set, and we autodetect the need for secure mode, only use the pager we | |
177 | * know to be good. */ | |
b8f736b3 | 178 | int use_secure_mode = getenv_bool_secure("SYSTEMD_PAGERSECURE"); |
0a42426d ZJS |
179 | bool trust_pager = use_secure_mode >= 0; |
180 | if (use_secure_mode == -ENXIO) { | |
181 | uid_t uid; | |
182 | ||
183 | r = sd_pid_get_owner_uid(0, &uid); | |
612ebf6c | 184 | if (r < 0) |
0a42426d | 185 | log_debug_errno(r, "sd_pid_get_owner_uid() failed, enabling pager secure mode: %m"); |
612ebf6c | 186 | |
0a42426d ZJS |
187 | use_secure_mode = r < 0 || uid != geteuid(); |
188 | ||
189 | } else if (use_secure_mode < 0) { | |
190 | log_warning_errno(use_secure_mode, "Unable to parse $SYSTEMD_PAGERSECURE, assuming true: %m"); | |
191 | use_secure_mode = true; | |
612ebf6c LP |
192 | } |
193 | ||
0a42426d ZJS |
194 | /* We generally always set variables used by less, even if we end up using a different pager. |
195 | * They shouldn't hurt in any case, and ideally other pagers would look at them too. */ | |
063f9f0d | 196 | r = set_unset_env("LESSSECURE", use_secure_mode ? "1" : NULL, true); |
0a42426d | 197 | if (r < 0) { |
063f9f0d | 198 | log_error_errno(r, "Failed to adjust environment variable LESSSECURE: %m"); |
0a42426d ZJS |
199 | _exit(EXIT_FAILURE); |
200 | } | |
201 | ||
202 | if (trust_pager && pager_args) { /* The pager config might be set globally, and we cannot | |
203 | * know if the user adjusted it to be appropriate for the | |
204 | * secure mode. Thus, start the pager specified through | |
205 | * envvars only when $SYSTEMD_PAGERSECURE was explicitly set | |
206 | * as well. */ | |
e22c60a9 | 207 | r = loop_write(exe_name_pipe[1], pager_args[0], strlen(pager_args[0]) + 1); |
1d788908 LP |
208 | if (r < 0) { |
209 | log_error_errno(r, "Failed to write pager name to socket: %m"); | |
6432da6a | 210 | _exit(EXIT_FAILURE); |
1d788908 | 211 | } |
6432da6a | 212 | |
43942e80 | 213 | execvp(pager_args[0], pager_args); |
1d788908 | 214 | log_full_errno(errno == ENOENT ? LOG_DEBUG : LOG_WARNING, errno, |
118dccc9 | 215 | "Failed to execute '%s', using fallback pagers: %m", pager_args[0]); |
6432da6a | 216 | } |
1968a360 | 217 | |
0a42426d ZJS |
218 | /* Debian's alternatives command for pagers is called 'pager'. Note that we do not call |
219 | * sensible-pagers here, since that is just a shell script that implements a logic that is | |
220 | * similar to this one anyway, but is Debian-specific. */ | |
b622d2f7 ZJS |
221 | static const char* pagers[] = { "pager", "less", "more", "(built-in)" }; |
222 | ||
223 | for (unsigned i = 0; i < ELEMENTSOF(pagers); i++) { | |
224 | /* Only less (and our trivial fallback) implement secure mode right now. */ | |
225 | if (use_secure_mode && !STR_IN_SET(pagers[i], "less", "(built-in)")) | |
0a42426d ZJS |
226 | continue; |
227 | ||
e22c60a9 | 228 | r = loop_write(exe_name_pipe[1], pagers[i], strlen(pagers[i]) + 1); |
b622d2f7 | 229 | if (r < 0) { |
1d788908 | 230 | log_error_errno(r, "Failed to write pager name to socket: %m"); |
6432da6a | 231 | _exit(EXIT_FAILURE); |
1d788908 | 232 | } |
1968a360 | 233 | |
b622d2f7 ZJS |
234 | if (i < ELEMENTSOF(pagers) - 1) { |
235 | execlp(pagers[i], pagers[i], NULL); | |
236 | log_full_errno(errno == ENOENT ? LOG_DEBUG : LOG_WARNING, errno, | |
237 | "Failed to execute '%s', will try '%s' next: %m", pagers[i], pagers[i+1]); | |
238 | } else { | |
239 | /* Close pipe to signal the parent to start sending data */ | |
240 | safe_close_pair(exe_name_pipe); | |
241 | pager_fallback(); | |
242 | assert_not_reached(); | |
243 | } | |
1d788908 | 244 | } |
1968a360 LP |
245 | } |
246 | ||
247 | /* Return in the parent */ | |
a45e7bb4 MS |
248 | stored_stdout = fcntl(STDOUT_FILENO, F_DUPFD_CLOEXEC, 3); |
249 | if (dup2(fd[1], STDOUT_FILENO) < 0) { | |
250 | stored_stdout = safe_close(stored_stdout); | |
384c2c32 | 251 | return (void) log_error_errno(errno, "Failed to duplicate pager pipe: %m"); |
a45e7bb4 MS |
252 | } |
253 | stdout_redirected = true; | |
254 | ||
255 | stored_stderr = fcntl(STDERR_FILENO, F_DUPFD_CLOEXEC, 3); | |
256 | if (dup2(fd[1], STDERR_FILENO) < 0) { | |
257 | stored_stderr = safe_close(stored_stderr); | |
384c2c32 | 258 | return (void) log_error_errno(errno, "Failed to duplicate pager pipe: %m"); |
a45e7bb4 MS |
259 | } |
260 | stderr_redirected = true; | |
1968a360 | 261 | |
6432da6a ZJS |
262 | exe_name_pipe[1] = safe_close(exe_name_pipe[1]); |
263 | ||
264 | r = no_quit_on_interrupt(TAKE_FD(exe_name_pipe[0]), less_opts); | |
6432da6a | 265 | if (r > 0) |
9c274488 | 266 | (void) ignore_signals(SIGINT); |
1968a360 LP |
267 | } |
268 | ||
269 | void pager_close(void) { | |
270 | ||
271 | if (pager_pid <= 0) | |
272 | return; | |
273 | ||
274 | /* Inform pager that we are done */ | |
a45e7bb4 | 275 | (void) fflush(stdout); |
77018a8c MS |
276 | if (stdout_redirected) |
277 | if (stored_stdout < 0 || dup2(stored_stdout, STDOUT_FILENO) < 0) | |
278 | (void) close(STDOUT_FILENO); | |
a45e7bb4 MS |
279 | stored_stdout = safe_close(stored_stdout); |
280 | (void) fflush(stderr); | |
77018a8c MS |
281 | if (stderr_redirected) |
282 | if (stored_stderr < 0 || dup2(stored_stderr, STDERR_FILENO) < 0) | |
283 | (void) close(STDERR_FILENO); | |
a45e7bb4 MS |
284 | stored_stderr = safe_close(stored_stderr); |
285 | stdout_redirected = stderr_redirected = false; | |
8b5264aa | 286 | |
74ca738f | 287 | (void) kill(pager_pid, SIGCONT); |
8f03de53 | 288 | (void) wait_for_terminate(TAKE_PID(pager_pid), NULL); |
1968a360 LP |
289 | pager_pid = 0; |
290 | } | |
f89a3b6f LP |
291 | |
292 | bool pager_have(void) { | |
293 | return pager_pid > 0; | |
294 | } | |
78002a67 ZJS |
295 | |
296 | int show_man_page(const char *desc, bool null_stdio) { | |
297 | const char *args[4] = { "man", NULL, NULL, NULL }; | |
298 | char *e = NULL; | |
299 | pid_t pid; | |
300 | size_t k; | |
301 | int r; | |
78002a67 ZJS |
302 | |
303 | k = strlen(desc); | |
304 | ||
305 | if (desc[k-1] == ')') | |
306 | e = strrchr(desc, '('); | |
307 | ||
308 | if (e) { | |
309 | char *page = NULL, *section = NULL; | |
310 | ||
2f82562b LP |
311 | page = strndupa_safe(desc, e - desc); |
312 | section = strndupa_safe(e + 1, desc + k - e - 2); | |
78002a67 ZJS |
313 | |
314 | args[1] = section; | |
315 | args[2] = page; | |
316 | } else | |
317 | args[1] = desc; | |
318 | ||
e9ccae31 | 319 | r = safe_fork("(man)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|(null_stdio ? FORK_REARRANGE_STDIO : 0)|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); |
4c253ed1 | 320 | if (r < 0) |
b6e1fff1 | 321 | return r; |
4c253ed1 | 322 | if (r == 0) { |
78002a67 | 323 | /* Child */ |
78002a67 | 324 | execvp(args[0], (char**) args); |
56f64d95 | 325 | log_error_errno(errno, "Failed to execute man: %m"); |
78002a67 ZJS |
326 | _exit(EXIT_FAILURE); |
327 | } | |
328 | ||
2e87a1fd | 329 | return wait_for_terminate_and_check(NULL, pid, 0); |
78002a67 | 330 | } |