]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/basic/fileio.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #10654 from poettering/srand-rdrand
[thirdparty/systemd.git] / src / basic / fileio.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <errno.h>
4 #include <fcntl.h>
5 #include <limits.h>
6 #include <stdarg.h>
7 #include <stdint.h>
8 #include <stdio_ext.h>
9 #include <stdlib.h>
10 #include <string.h>
11 #include <sys/mman.h>
12 #include <sys/stat.h>
13 #include <sys/types.h>
14 #include <unistd.h>
15
16 #include "alloc-util.h"
17 #include "ctype.h"
18 #include "def.h"
19 #include "env-util.h"
20 #include "escape.h"
21 #include "fd-util.h"
22 #include "fileio.h"
23 #include "fs-util.h"
24 #include "hexdecoct.h"
25 #include "log.h"
26 #include "macro.h"
27 #include "missing.h"
28 #include "parse-util.h"
29 #include "path-util.h"
30 #include "process-util.h"
31 #include "random-util.h"
32 #include "stdio-util.h"
33 #include "string-util.h"
34 #include "strv.h"
35 #include "time-util.h"
36 #include "umask-util.h"
37 #include "utf8.h"
38
39 #define READ_FULL_BYTES_MAX (4U*1024U*1024U)
40
41 int write_string_stream_ts(
42 FILE *f,
43 const char *line,
44 WriteStringFileFlags flags,
45 struct timespec *ts) {
46
47 bool needs_nl;
48 int r;
49
50 assert(f);
51 assert(line);
52
53 if (ferror(f))
54 return -EIO;
55
56 needs_nl = !(flags & WRITE_STRING_FILE_AVOID_NEWLINE) && !endswith(line, "\n");
57
58 if (needs_nl && (flags & WRITE_STRING_FILE_DISABLE_BUFFER)) {
59 /* If STDIO buffering was disabled, then let's append the newline character to the string itself, so
60 * that the write goes out in one go, instead of two */
61
62 line = strjoina(line, "\n");
63 needs_nl = false;
64 }
65
66 if (fputs(line, f) == EOF)
67 return -errno;
68
69 if (needs_nl)
70 if (fputc('\n', f) == EOF)
71 return -errno;
72
73 if (flags & WRITE_STRING_FILE_SYNC)
74 r = fflush_sync_and_check(f);
75 else
76 r = fflush_and_check(f);
77 if (r < 0)
78 return r;
79
80 if (ts) {
81 struct timespec twice[2] = {*ts, *ts};
82
83 if (futimens(fileno(f), twice) < 0)
84 return -errno;
85 }
86
87 return 0;
88 }
89
90 static int write_string_file_atomic(
91 const char *fn,
92 const char *line,
93 WriteStringFileFlags flags,
94 struct timespec *ts) {
95
96 _cleanup_fclose_ FILE *f = NULL;
97 _cleanup_free_ char *p = NULL;
98 int r;
99
100 assert(fn);
101 assert(line);
102
103 r = fopen_temporary(fn, &f, &p);
104 if (r < 0)
105 return r;
106
107 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
108 (void) fchmod_umask(fileno(f), 0644);
109
110 r = write_string_stream_ts(f, line, flags, ts);
111 if (r < 0)
112 goto fail;
113
114 if (rename(p, fn) < 0) {
115 r = -errno;
116 goto fail;
117 }
118
119 return 0;
120
121 fail:
122 (void) unlink(p);
123 return r;
124 }
125
126 int write_string_file_ts(
127 const char *fn,
128 const char *line,
129 WriteStringFileFlags flags,
130 struct timespec *ts) {
131
132 _cleanup_fclose_ FILE *f = NULL;
133 int q, r;
134
135 assert(fn);
136 assert(line);
137
138 /* We don't know how to verify whether the file contents was already on-disk. */
139 assert(!((flags & WRITE_STRING_FILE_VERIFY_ON_FAILURE) && (flags & WRITE_STRING_FILE_SYNC)));
140
141 if (flags & WRITE_STRING_FILE_ATOMIC) {
142 assert(flags & WRITE_STRING_FILE_CREATE);
143
144 r = write_string_file_atomic(fn, line, flags, ts);
145 if (r < 0)
146 goto fail;
147
148 return r;
149 } else
150 assert(!ts);
151
152 if (flags & WRITE_STRING_FILE_CREATE) {
153 f = fopen(fn, "we");
154 if (!f) {
155 r = -errno;
156 goto fail;
157 }
158 } else {
159 int fd;
160
161 /* We manually build our own version of fopen(..., "we") that
162 * works without O_CREAT */
163 fd = open(fn, O_WRONLY|O_CLOEXEC|O_NOCTTY | ((flags & WRITE_STRING_FILE_NOFOLLOW) ? O_NOFOLLOW : 0));
164 if (fd < 0) {
165 r = -errno;
166 goto fail;
167 }
168
169 f = fdopen(fd, "we");
170 if (!f) {
171 r = -errno;
172 safe_close(fd);
173 goto fail;
174 }
175 }
176
177 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
178
179 if (flags & WRITE_STRING_FILE_DISABLE_BUFFER)
180 setvbuf(f, NULL, _IONBF, 0);
181
182 r = write_string_stream_ts(f, line, flags, ts);
183 if (r < 0)
184 goto fail;
185
186 return 0;
187
188 fail:
189 if (!(flags & WRITE_STRING_FILE_VERIFY_ON_FAILURE))
190 return r;
191
192 f = safe_fclose(f);
193
194 /* OK, the operation failed, but let's see if the right
195 * contents in place already. If so, eat up the error. */
196
197 q = verify_file(fn, line, !(flags & WRITE_STRING_FILE_AVOID_NEWLINE));
198 if (q <= 0)
199 return r;
200
201 return 0;
202 }
203
204 int write_string_filef(
205 const char *fn,
206 WriteStringFileFlags flags,
207 const char *format, ...) {
208
209 _cleanup_free_ char *p = NULL;
210 va_list ap;
211 int r;
212
213 va_start(ap, format);
214 r = vasprintf(&p, format, ap);
215 va_end(ap);
216
217 if (r < 0)
218 return -ENOMEM;
219
220 return write_string_file(fn, p, flags);
221 }
222
223 int read_one_line_file(const char *fn, char **line) {
224 _cleanup_fclose_ FILE *f = NULL;
225 int r;
226
227 assert(fn);
228 assert(line);
229
230 f = fopen(fn, "re");
231 if (!f)
232 return -errno;
233
234 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
235
236 r = read_line(f, LONG_LINE_MAX, line);
237 return r < 0 ? r : 0;
238 }
239
240 int verify_file(const char *fn, const char *blob, bool accept_extra_nl) {
241 _cleanup_fclose_ FILE *f = NULL;
242 _cleanup_free_ char *buf = NULL;
243 size_t l, k;
244
245 assert(fn);
246 assert(blob);
247
248 l = strlen(blob);
249
250 if (accept_extra_nl && endswith(blob, "\n"))
251 accept_extra_nl = false;
252
253 buf = malloc(l + accept_extra_nl + 1);
254 if (!buf)
255 return -ENOMEM;
256
257 f = fopen(fn, "re");
258 if (!f)
259 return -errno;
260
261 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
262
263 /* We try to read one byte more than we need, so that we know whether we hit eof */
264 errno = 0;
265 k = fread(buf, 1, l + accept_extra_nl + 1, f);
266 if (ferror(f))
267 return errno > 0 ? -errno : -EIO;
268
269 if (k != l && k != l + accept_extra_nl)
270 return 0;
271 if (memcmp(buf, blob, l) != 0)
272 return 0;
273 if (k > l && buf[l] != '\n')
274 return 0;
275
276 return 1;
277 }
278
279 int read_full_stream(FILE *f, char **contents, size_t *size) {
280 _cleanup_free_ char *buf = NULL;
281 struct stat st;
282 size_t n, l;
283 int fd;
284
285 assert(f);
286 assert(contents);
287
288 n = LINE_MAX;
289
290 fd = fileno(f);
291 if (fd >= 0) { /* If the FILE* object is backed by an fd (as opposed to memory or such, see fmemopen(), let's
292 * optimize our buffering) */
293
294 if (fstat(fileno(f), &st) < 0)
295 return -errno;
296
297 if (S_ISREG(st.st_mode)) {
298
299 /* Safety check */
300 if (st.st_size > READ_FULL_BYTES_MAX)
301 return -E2BIG;
302
303 /* Start with the right file size, but be prepared for files from /proc which generally report a file
304 * size of 0. Note that we increase the size to read here by one, so that the first read attempt
305 * already makes us notice the EOF. */
306 if (st.st_size > 0)
307 n = st.st_size + 1;
308 }
309 }
310
311 l = 0;
312 for (;;) {
313 char *t;
314 size_t k;
315
316 t = realloc(buf, n + 1);
317 if (!t)
318 return -ENOMEM;
319
320 buf = t;
321 errno = 0;
322 k = fread(buf + l, 1, n - l, f);
323 if (k > 0)
324 l += k;
325
326 if (ferror(f))
327 return errno > 0 ? -errno : -EIO;
328
329 if (feof(f))
330 break;
331
332 /* We aren't expecting fread() to return a short read outside
333 * of (error && eof), assert buffer is full and enlarge buffer.
334 */
335 assert(l == n);
336
337 /* Safety check */
338 if (n >= READ_FULL_BYTES_MAX)
339 return -E2BIG;
340
341 n = MIN(n * 2, READ_FULL_BYTES_MAX);
342 }
343
344 buf[l] = 0;
345 *contents = TAKE_PTR(buf);
346
347 if (size)
348 *size = l;
349
350 return 0;
351 }
352
353 int read_full_file(const char *fn, char **contents, size_t *size) {
354 _cleanup_fclose_ FILE *f = NULL;
355
356 assert(fn);
357 assert(contents);
358
359 f = fopen(fn, "re");
360 if (!f)
361 return -errno;
362
363 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
364
365 return read_full_stream(f, contents, size);
366 }
367
368 static int parse_env_file_internal(
369 FILE *f,
370 const char *fname,
371 const char *newline,
372 int (*push) (const char *filename, unsigned line,
373 const char *key, char *value, void *userdata, int *n_pushed),
374 void *userdata,
375 int *n_pushed) {
376
377 size_t key_alloc = 0, n_key = 0, value_alloc = 0, n_value = 0, last_value_whitespace = (size_t) -1, last_key_whitespace = (size_t) -1;
378 _cleanup_free_ char *contents = NULL, *key = NULL, *value = NULL;
379 unsigned line = 1;
380 char *p;
381 int r;
382
383 enum {
384 PRE_KEY,
385 KEY,
386 PRE_VALUE,
387 VALUE,
388 VALUE_ESCAPE,
389 SINGLE_QUOTE_VALUE,
390 SINGLE_QUOTE_VALUE_ESCAPE,
391 DOUBLE_QUOTE_VALUE,
392 DOUBLE_QUOTE_VALUE_ESCAPE,
393 COMMENT,
394 COMMENT_ESCAPE
395 } state = PRE_KEY;
396
397 assert(newline);
398
399 if (f)
400 r = read_full_stream(f, &contents, NULL);
401 else
402 r = read_full_file(fname, &contents, NULL);
403 if (r < 0)
404 return r;
405
406 for (p = contents; *p; p++) {
407 char c = *p;
408
409 switch (state) {
410
411 case PRE_KEY:
412 if (strchr(COMMENTS, c))
413 state = COMMENT;
414 else if (!strchr(WHITESPACE, c)) {
415 state = KEY;
416 last_key_whitespace = (size_t) -1;
417
418 if (!GREEDY_REALLOC(key, key_alloc, n_key+2))
419 return -ENOMEM;
420
421 key[n_key++] = c;
422 }
423 break;
424
425 case KEY:
426 if (strchr(newline, c)) {
427 state = PRE_KEY;
428 line++;
429 n_key = 0;
430 } else if (c == '=') {
431 state = PRE_VALUE;
432 last_value_whitespace = (size_t) -1;
433 } else {
434 if (!strchr(WHITESPACE, c))
435 last_key_whitespace = (size_t) -1;
436 else if (last_key_whitespace == (size_t) -1)
437 last_key_whitespace = n_key;
438
439 if (!GREEDY_REALLOC(key, key_alloc, n_key+2))
440 return -ENOMEM;
441
442 key[n_key++] = c;
443 }
444
445 break;
446
447 case PRE_VALUE:
448 if (strchr(newline, c)) {
449 state = PRE_KEY;
450 line++;
451 key[n_key] = 0;
452
453 if (value)
454 value[n_value] = 0;
455
456 /* strip trailing whitespace from key */
457 if (last_key_whitespace != (size_t) -1)
458 key[last_key_whitespace] = 0;
459
460 r = push(fname, line, key, value, userdata, n_pushed);
461 if (r < 0)
462 return r;
463
464 n_key = 0;
465 value = NULL;
466 value_alloc = n_value = 0;
467
468 } else if (c == '\'')
469 state = SINGLE_QUOTE_VALUE;
470 else if (c == '\"')
471 state = DOUBLE_QUOTE_VALUE;
472 else if (c == '\\')
473 state = VALUE_ESCAPE;
474 else if (!strchr(WHITESPACE, c)) {
475 state = VALUE;
476
477 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
478 return -ENOMEM;
479
480 value[n_value++] = c;
481 }
482
483 break;
484
485 case VALUE:
486 if (strchr(newline, c)) {
487 state = PRE_KEY;
488 line++;
489
490 key[n_key] = 0;
491
492 if (value)
493 value[n_value] = 0;
494
495 /* Chomp off trailing whitespace from value */
496 if (last_value_whitespace != (size_t) -1)
497 value[last_value_whitespace] = 0;
498
499 /* strip trailing whitespace from key */
500 if (last_key_whitespace != (size_t) -1)
501 key[last_key_whitespace] = 0;
502
503 r = push(fname, line, key, value, userdata, n_pushed);
504 if (r < 0)
505 return r;
506
507 n_key = 0;
508 value = NULL;
509 value_alloc = n_value = 0;
510
511 } else if (c == '\\') {
512 state = VALUE_ESCAPE;
513 last_value_whitespace = (size_t) -1;
514 } else {
515 if (!strchr(WHITESPACE, c))
516 last_value_whitespace = (size_t) -1;
517 else if (last_value_whitespace == (size_t) -1)
518 last_value_whitespace = n_value;
519
520 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
521 return -ENOMEM;
522
523 value[n_value++] = c;
524 }
525
526 break;
527
528 case VALUE_ESCAPE:
529 state = VALUE;
530
531 if (!strchr(newline, c)) {
532 /* Escaped newlines we eat up entirely */
533 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
534 return -ENOMEM;
535
536 value[n_value++] = c;
537 }
538 break;
539
540 case SINGLE_QUOTE_VALUE:
541 if (c == '\'')
542 state = PRE_VALUE;
543 else if (c == '\\')
544 state = SINGLE_QUOTE_VALUE_ESCAPE;
545 else {
546 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
547 return -ENOMEM;
548
549 value[n_value++] = c;
550 }
551
552 break;
553
554 case SINGLE_QUOTE_VALUE_ESCAPE:
555 state = SINGLE_QUOTE_VALUE;
556
557 if (!strchr(newline, c)) {
558 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
559 return -ENOMEM;
560
561 value[n_value++] = c;
562 }
563 break;
564
565 case DOUBLE_QUOTE_VALUE:
566 if (c == '\"')
567 state = PRE_VALUE;
568 else if (c == '\\')
569 state = DOUBLE_QUOTE_VALUE_ESCAPE;
570 else {
571 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
572 return -ENOMEM;
573
574 value[n_value++] = c;
575 }
576
577 break;
578
579 case DOUBLE_QUOTE_VALUE_ESCAPE:
580 state = DOUBLE_QUOTE_VALUE;
581
582 if (!strchr(newline, c)) {
583 if (!GREEDY_REALLOC(value, value_alloc, n_value+2))
584 return -ENOMEM;
585
586 value[n_value++] = c;
587 }
588 break;
589
590 case COMMENT:
591 if (c == '\\')
592 state = COMMENT_ESCAPE;
593 else if (strchr(newline, c)) {
594 state = PRE_KEY;
595 line++;
596 }
597 break;
598
599 case COMMENT_ESCAPE:
600 state = COMMENT;
601 break;
602 }
603 }
604
605 if (IN_SET(state,
606 PRE_VALUE,
607 VALUE,
608 VALUE_ESCAPE,
609 SINGLE_QUOTE_VALUE,
610 SINGLE_QUOTE_VALUE_ESCAPE,
611 DOUBLE_QUOTE_VALUE,
612 DOUBLE_QUOTE_VALUE_ESCAPE)) {
613
614 key[n_key] = 0;
615
616 if (value)
617 value[n_value] = 0;
618
619 if (state == VALUE)
620 if (last_value_whitespace != (size_t) -1)
621 value[last_value_whitespace] = 0;
622
623 /* strip trailing whitespace from key */
624 if (last_key_whitespace != (size_t) -1)
625 key[last_key_whitespace] = 0;
626
627 r = push(fname, line, key, value, userdata, n_pushed);
628 if (r < 0)
629 return r;
630
631 value = NULL;
632 }
633
634 return 0;
635 }
636
637 static int check_utf8ness_and_warn(
638 const char *filename, unsigned line,
639 const char *key, char *value) {
640
641 if (!utf8_is_valid(key)) {
642 _cleanup_free_ char *p = NULL;
643
644 p = utf8_escape_invalid(key);
645 log_error("%s:%u: invalid UTF-8 in key '%s', ignoring.", strna(filename), line, p);
646 return -EINVAL;
647 }
648
649 if (value && !utf8_is_valid(value)) {
650 _cleanup_free_ char *p = NULL;
651
652 p = utf8_escape_invalid(value);
653 log_error("%s:%u: invalid UTF-8 value for key %s: '%s', ignoring.", strna(filename), line, key, p);
654 return -EINVAL;
655 }
656
657 return 0;
658 }
659
660 static int parse_env_file_push(
661 const char *filename, unsigned line,
662 const char *key, char *value,
663 void *userdata,
664 int *n_pushed) {
665
666 const char *k;
667 va_list aq, *ap = userdata;
668 int r;
669
670 r = check_utf8ness_and_warn(filename, line, key, value);
671 if (r < 0)
672 return r;
673
674 va_copy(aq, *ap);
675
676 while ((k = va_arg(aq, const char *))) {
677 char **v;
678
679 v = va_arg(aq, char **);
680
681 if (streq(key, k)) {
682 va_end(aq);
683 free(*v);
684 *v = value;
685
686 if (n_pushed)
687 (*n_pushed)++;
688
689 return 1;
690 }
691 }
692
693 va_end(aq);
694 free(value);
695
696 return 0;
697 }
698
699 int parse_env_filev(
700 FILE *f,
701 const char *fname,
702 const char *newline,
703 va_list ap) {
704
705 int r, n_pushed = 0;
706 va_list aq;
707
708 if (!newline)
709 newline = NEWLINE;
710
711 va_copy(aq, ap);
712 r = parse_env_file_internal(f, fname, newline, parse_env_file_push, &aq, &n_pushed);
713 va_end(aq);
714 if (r < 0)
715 return r;
716
717 return n_pushed;
718 }
719
720 int parse_env_file(
721 FILE *f,
722 const char *fname,
723 const char *newline,
724 ...) {
725
726 va_list ap;
727 int r;
728
729 va_start(ap, newline);
730 r = parse_env_filev(f, fname, newline, ap);
731 va_end(ap);
732
733 return r;
734 }
735
736 static int load_env_file_push(
737 const char *filename, unsigned line,
738 const char *key, char *value,
739 void *userdata,
740 int *n_pushed) {
741 char ***m = userdata;
742 char *p;
743 int r;
744
745 r = check_utf8ness_and_warn(filename, line, key, value);
746 if (r < 0)
747 return r;
748
749 p = strjoin(key, "=", value);
750 if (!p)
751 return -ENOMEM;
752
753 r = strv_env_replace(m, p);
754 if (r < 0) {
755 free(p);
756 return r;
757 }
758
759 if (n_pushed)
760 (*n_pushed)++;
761
762 free(value);
763 return 0;
764 }
765
766 int load_env_file(FILE *f, const char *fname, const char *newline, char ***rl) {
767 char **m = NULL;
768 int r;
769
770 if (!newline)
771 newline = NEWLINE;
772
773 r = parse_env_file_internal(f, fname, newline, load_env_file_push, &m, NULL);
774 if (r < 0) {
775 strv_free(m);
776 return r;
777 }
778
779 *rl = m;
780 return 0;
781 }
782
783 static int load_env_file_push_pairs(
784 const char *filename, unsigned line,
785 const char *key, char *value,
786 void *userdata,
787 int *n_pushed) {
788 char ***m = userdata;
789 int r;
790
791 r = check_utf8ness_and_warn(filename, line, key, value);
792 if (r < 0)
793 return r;
794
795 r = strv_extend(m, key);
796 if (r < 0)
797 return -ENOMEM;
798
799 if (!value) {
800 r = strv_extend(m, "");
801 if (r < 0)
802 return -ENOMEM;
803 } else {
804 r = strv_push(m, value);
805 if (r < 0)
806 return r;
807 }
808
809 if (n_pushed)
810 (*n_pushed)++;
811
812 return 0;
813 }
814
815 int load_env_file_pairs(FILE *f, const char *fname, const char *newline, char ***rl) {
816 char **m = NULL;
817 int r;
818
819 if (!newline)
820 newline = NEWLINE;
821
822 r = parse_env_file_internal(f, fname, newline, load_env_file_push_pairs, &m, NULL);
823 if (r < 0) {
824 strv_free(m);
825 return r;
826 }
827
828 *rl = m;
829 return 0;
830 }
831
832 static int merge_env_file_push(
833 const char *filename, unsigned line,
834 const char *key, char *value,
835 void *userdata,
836 int *n_pushed) {
837
838 char ***env = userdata;
839 char *expanded_value;
840
841 assert(env);
842
843 if (!value) {
844 log_error("%s:%u: invalid syntax (around \"%s\"), ignoring.", strna(filename), line, key);
845 return 0;
846 }
847
848 if (!env_name_is_valid(key)) {
849 log_error("%s:%u: invalid variable name \"%s\", ignoring.", strna(filename), line, key);
850 free(value);
851 return 0;
852 }
853
854 expanded_value = replace_env(value, *env,
855 REPLACE_ENV_USE_ENVIRONMENT|
856 REPLACE_ENV_ALLOW_BRACELESS|
857 REPLACE_ENV_ALLOW_EXTENDED);
858 if (!expanded_value)
859 return -ENOMEM;
860
861 free_and_replace(value, expanded_value);
862
863 return load_env_file_push(filename, line, key, value, env, n_pushed);
864 }
865
866 int merge_env_file(
867 char ***env,
868 FILE *f,
869 const char *fname) {
870
871 /* NOTE: this function supports braceful and braceless variable expansions,
872 * plus "extended" substitutions, unlike other exported parsing functions.
873 */
874
875 return parse_env_file_internal(f, fname, NEWLINE, merge_env_file_push, env, NULL);
876 }
877
878 static void write_env_var(FILE *f, const char *v) {
879 const char *p;
880
881 p = strchr(v, '=');
882 if (!p) {
883 /* Fallback */
884 fputs_unlocked(v, f);
885 fputc_unlocked('\n', f);
886 return;
887 }
888
889 p++;
890 fwrite_unlocked(v, 1, p-v, f);
891
892 if (string_has_cc(p, NULL) || chars_intersect(p, WHITESPACE SHELL_NEED_QUOTES)) {
893 fputc_unlocked('\"', f);
894
895 for (; *p; p++) {
896 if (strchr(SHELL_NEED_ESCAPE, *p))
897 fputc_unlocked('\\', f);
898
899 fputc_unlocked(*p, f);
900 }
901
902 fputc_unlocked('\"', f);
903 } else
904 fputs_unlocked(p, f);
905
906 fputc_unlocked('\n', f);
907 }
908
909 int write_env_file(const char *fname, char **l) {
910 _cleanup_fclose_ FILE *f = NULL;
911 _cleanup_free_ char *p = NULL;
912 char **i;
913 int r;
914
915 assert(fname);
916
917 r = fopen_temporary(fname, &f, &p);
918 if (r < 0)
919 return r;
920
921 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
922 (void) fchmod_umask(fileno(f), 0644);
923
924 STRV_FOREACH(i, l)
925 write_env_var(f, *i);
926
927 r = fflush_and_check(f);
928 if (r >= 0) {
929 if (rename(p, fname) >= 0)
930 return 0;
931
932 r = -errno;
933 }
934
935 unlink(p);
936 return r;
937 }
938
939 int executable_is_script(const char *path, char **interpreter) {
940 _cleanup_free_ char *line = NULL;
941 size_t len;
942 char *ans;
943 int r;
944
945 assert(path);
946
947 r = read_one_line_file(path, &line);
948 if (r == -ENOBUFS) /* First line overly long? if so, then it's not a script */
949 return 0;
950 if (r < 0)
951 return r;
952
953 if (!startswith(line, "#!"))
954 return 0;
955
956 ans = strstrip(line + 2);
957 len = strcspn(ans, " \t");
958
959 if (len == 0)
960 return 0;
961
962 ans = strndup(ans, len);
963 if (!ans)
964 return -ENOMEM;
965
966 *interpreter = ans;
967 return 1;
968 }
969
970 /**
971 * Retrieve one field from a file like /proc/self/status. pattern
972 * should not include whitespace or the delimiter (':'). pattern matches only
973 * the beginning of a line. Whitespace before ':' is skipped. Whitespace and
974 * zeros after the ':' will be skipped. field must be freed afterwards.
975 * terminator specifies the terminating characters of the field value (not
976 * included in the value).
977 */
978 int get_proc_field(const char *filename, const char *pattern, const char *terminator, char **field) {
979 _cleanup_free_ char *status = NULL;
980 char *t, *f;
981 size_t len;
982 int r;
983
984 assert(terminator);
985 assert(filename);
986 assert(pattern);
987 assert(field);
988
989 r = read_full_file(filename, &status, NULL);
990 if (r < 0)
991 return r;
992
993 t = status;
994
995 do {
996 bool pattern_ok;
997
998 do {
999 t = strstr(t, pattern);
1000 if (!t)
1001 return -ENOENT;
1002
1003 /* Check that pattern occurs in beginning of line. */
1004 pattern_ok = (t == status || t[-1] == '\n');
1005
1006 t += strlen(pattern);
1007
1008 } while (!pattern_ok);
1009
1010 t += strspn(t, " \t");
1011 if (!*t)
1012 return -ENOENT;
1013
1014 } while (*t != ':');
1015
1016 t++;
1017
1018 if (*t) {
1019 t += strspn(t, " \t");
1020
1021 /* Also skip zeros, because when this is used for
1022 * capabilities, we don't want the zeros. This way the
1023 * same capability set always maps to the same string,
1024 * irrespective of the total capability set size. For
1025 * other numbers it shouldn't matter. */
1026 t += strspn(t, "0");
1027 /* Back off one char if there's nothing but whitespace
1028 and zeros */
1029 if (!*t || isspace(*t))
1030 t--;
1031 }
1032
1033 len = strcspn(t, terminator);
1034
1035 f = strndup(t, len);
1036 if (!f)
1037 return -ENOMEM;
1038
1039 *field = f;
1040 return 0;
1041 }
1042
1043 DIR *xopendirat(int fd, const char *name, int flags) {
1044 int nfd;
1045 DIR *d;
1046
1047 assert(!(flags & O_CREAT));
1048
1049 nfd = openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|flags, 0);
1050 if (nfd < 0)
1051 return NULL;
1052
1053 d = fdopendir(nfd);
1054 if (!d) {
1055 safe_close(nfd);
1056 return NULL;
1057 }
1058
1059 return d;
1060 }
1061
1062 static int search_and_fopen_internal(const char *path, const char *mode, const char *root, char **search, FILE **_f) {
1063 char **i;
1064
1065 assert(path);
1066 assert(mode);
1067 assert(_f);
1068
1069 if (!path_strv_resolve_uniq(search, root))
1070 return -ENOMEM;
1071
1072 STRV_FOREACH(i, search) {
1073 _cleanup_free_ char *p = NULL;
1074 FILE *f;
1075
1076 if (root)
1077 p = strjoin(root, *i, "/", path);
1078 else
1079 p = strjoin(*i, "/", path);
1080 if (!p)
1081 return -ENOMEM;
1082
1083 f = fopen(p, mode);
1084 if (f) {
1085 *_f = f;
1086 return 0;
1087 }
1088
1089 if (errno != ENOENT)
1090 return -errno;
1091 }
1092
1093 return -ENOENT;
1094 }
1095
1096 int search_and_fopen(const char *path, const char *mode, const char *root, const char **search, FILE **_f) {
1097 _cleanup_strv_free_ char **copy = NULL;
1098
1099 assert(path);
1100 assert(mode);
1101 assert(_f);
1102
1103 if (path_is_absolute(path)) {
1104 FILE *f;
1105
1106 f = fopen(path, mode);
1107 if (f) {
1108 *_f = f;
1109 return 0;
1110 }
1111
1112 return -errno;
1113 }
1114
1115 copy = strv_copy((char**) search);
1116 if (!copy)
1117 return -ENOMEM;
1118
1119 return search_and_fopen_internal(path, mode, root, copy, _f);
1120 }
1121
1122 int search_and_fopen_nulstr(const char *path, const char *mode, const char *root, const char *search, FILE **_f) {
1123 _cleanup_strv_free_ char **s = NULL;
1124
1125 if (path_is_absolute(path)) {
1126 FILE *f;
1127
1128 f = fopen(path, mode);
1129 if (f) {
1130 *_f = f;
1131 return 0;
1132 }
1133
1134 return -errno;
1135 }
1136
1137 s = strv_split_nulstr(search);
1138 if (!s)
1139 return -ENOMEM;
1140
1141 return search_and_fopen_internal(path, mode, root, s, _f);
1142 }
1143
1144 int fopen_temporary(const char *path, FILE **_f, char **_temp_path) {
1145 FILE *f;
1146 char *t;
1147 int r, fd;
1148
1149 assert(path);
1150 assert(_f);
1151 assert(_temp_path);
1152
1153 r = tempfn_xxxxxx(path, NULL, &t);
1154 if (r < 0)
1155 return r;
1156
1157 fd = mkostemp_safe(t);
1158 if (fd < 0) {
1159 free(t);
1160 return -errno;
1161 }
1162
1163 f = fdopen(fd, "we");
1164 if (!f) {
1165 unlink_noerrno(t);
1166 free(t);
1167 safe_close(fd);
1168 return -errno;
1169 }
1170
1171 *_f = f;
1172 *_temp_path = t;
1173
1174 return 0;
1175 }
1176
1177 int fflush_and_check(FILE *f) {
1178 assert(f);
1179
1180 errno = 0;
1181 fflush(f);
1182
1183 if (ferror(f))
1184 return errno > 0 ? -errno : -EIO;
1185
1186 return 0;
1187 }
1188
1189 int fflush_sync_and_check(FILE *f) {
1190 int r;
1191
1192 assert(f);
1193
1194 r = fflush_and_check(f);
1195 if (r < 0)
1196 return r;
1197
1198 if (fsync(fileno(f)) < 0)
1199 return -errno;
1200
1201 r = fsync_directory_of_file(fileno(f));
1202 if (r < 0)
1203 return r;
1204
1205 return 0;
1206 }
1207
1208 /* This is much like mkostemp() but is subject to umask(). */
1209 int mkostemp_safe(char *pattern) {
1210 _cleanup_umask_ mode_t u = 0;
1211 int fd;
1212
1213 assert(pattern);
1214
1215 u = umask(077);
1216
1217 fd = mkostemp(pattern, O_CLOEXEC);
1218 if (fd < 0)
1219 return -errno;
1220
1221 return fd;
1222 }
1223
1224 int fmkostemp_safe(char *pattern, const char *mode, FILE **ret_f) {
1225 int fd;
1226 FILE *f;
1227
1228 fd = mkostemp_safe(pattern);
1229 if (fd < 0)
1230 return fd;
1231
1232 f = fdopen(fd, mode);
1233 if (!f) {
1234 safe_close(fd);
1235 return -errno;
1236 }
1237
1238 *ret_f = f;
1239 return 0;
1240 }
1241
1242 int tempfn_xxxxxx(const char *p, const char *extra, char **ret) {
1243 const char *fn;
1244 char *t;
1245
1246 assert(ret);
1247
1248 if (isempty(p))
1249 return -EINVAL;
1250 if (path_equal(p, "/"))
1251 return -EINVAL;
1252
1253 /*
1254 * Turns this:
1255 * /foo/bar/waldo
1256 *
1257 * Into this:
1258 * /foo/bar/.#<extra>waldoXXXXXX
1259 */
1260
1261 fn = basename(p);
1262 if (!filename_is_valid(fn))
1263 return -EINVAL;
1264
1265 extra = strempty(extra);
1266
1267 t = new(char, strlen(p) + 2 + strlen(extra) + 6 + 1);
1268 if (!t)
1269 return -ENOMEM;
1270
1271 strcpy(stpcpy(stpcpy(stpcpy(mempcpy(t, p, fn - p), ".#"), extra), fn), "XXXXXX");
1272
1273 *ret = path_simplify(t, false);
1274 return 0;
1275 }
1276
1277 int tempfn_random(const char *p, const char *extra, char **ret) {
1278 const char *fn;
1279 char *t, *x;
1280 uint64_t u;
1281 unsigned i;
1282
1283 assert(ret);
1284
1285 if (isempty(p))
1286 return -EINVAL;
1287 if (path_equal(p, "/"))
1288 return -EINVAL;
1289
1290 /*
1291 * Turns this:
1292 * /foo/bar/waldo
1293 *
1294 * Into this:
1295 * /foo/bar/.#<extra>waldobaa2a261115984a9
1296 */
1297
1298 fn = basename(p);
1299 if (!filename_is_valid(fn))
1300 return -EINVAL;
1301
1302 extra = strempty(extra);
1303
1304 t = new(char, strlen(p) + 2 + strlen(extra) + 16 + 1);
1305 if (!t)
1306 return -ENOMEM;
1307
1308 x = stpcpy(stpcpy(stpcpy(mempcpy(t, p, fn - p), ".#"), extra), fn);
1309
1310 u = random_u64();
1311 for (i = 0; i < 16; i++) {
1312 *(x++) = hexchar(u & 0xF);
1313 u >>= 4;
1314 }
1315
1316 *x = 0;
1317
1318 *ret = path_simplify(t, false);
1319 return 0;
1320 }
1321
1322 int tempfn_random_child(const char *p, const char *extra, char **ret) {
1323 char *t, *x;
1324 uint64_t u;
1325 unsigned i;
1326 int r;
1327
1328 assert(ret);
1329
1330 /* Turns this:
1331 * /foo/bar/waldo
1332 * Into this:
1333 * /foo/bar/waldo/.#<extra>3c2b6219aa75d7d0
1334 */
1335
1336 if (!p) {
1337 r = tmp_dir(&p);
1338 if (r < 0)
1339 return r;
1340 }
1341
1342 extra = strempty(extra);
1343
1344 t = new(char, strlen(p) + 3 + strlen(extra) + 16 + 1);
1345 if (!t)
1346 return -ENOMEM;
1347
1348 if (isempty(p))
1349 x = stpcpy(stpcpy(t, ".#"), extra);
1350 else
1351 x = stpcpy(stpcpy(stpcpy(t, p), "/.#"), extra);
1352
1353 u = random_u64();
1354 for (i = 0; i < 16; i++) {
1355 *(x++) = hexchar(u & 0xF);
1356 u >>= 4;
1357 }
1358
1359 *x = 0;
1360
1361 *ret = path_simplify(t, false);
1362 return 0;
1363 }
1364
1365 int write_timestamp_file_atomic(const char *fn, usec_t n) {
1366 char ln[DECIMAL_STR_MAX(n)+2];
1367
1368 /* Creates a "timestamp" file, that contains nothing but a
1369 * usec_t timestamp, formatted in ASCII. */
1370
1371 if (n <= 0 || n >= USEC_INFINITY)
1372 return -ERANGE;
1373
1374 xsprintf(ln, USEC_FMT "\n", n);
1375
1376 return write_string_file(fn, ln, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC);
1377 }
1378
1379 int read_timestamp_file(const char *fn, usec_t *ret) {
1380 _cleanup_free_ char *ln = NULL;
1381 uint64_t t;
1382 int r;
1383
1384 r = read_one_line_file(fn, &ln);
1385 if (r < 0)
1386 return r;
1387
1388 r = safe_atou64(ln, &t);
1389 if (r < 0)
1390 return r;
1391
1392 if (t <= 0 || t >= (uint64_t) USEC_INFINITY)
1393 return -ERANGE;
1394
1395 *ret = (usec_t) t;
1396 return 0;
1397 }
1398
1399 int fputs_with_space(FILE *f, const char *s, const char *separator, bool *space) {
1400 int r;
1401
1402 assert(s);
1403
1404 /* Outputs the specified string with fputs(), but optionally prefixes it with a separator. The *space parameter
1405 * when specified shall initially point to a boolean variable initialized to false. It is set to true after the
1406 * first invocation. This call is supposed to be use in loops, where a separator shall be inserted between each
1407 * element, but not before the first one. */
1408
1409 if (!f)
1410 f = stdout;
1411
1412 if (space) {
1413 if (!separator)
1414 separator = " ";
1415
1416 if (*space) {
1417 r = fputs(separator, f);
1418 if (r < 0)
1419 return r;
1420 }
1421
1422 *space = true;
1423 }
1424
1425 return fputs(s, f);
1426 }
1427
1428 int open_tmpfile_unlinkable(const char *directory, int flags) {
1429 char *p;
1430 int fd, r;
1431
1432 if (!directory) {
1433 r = tmp_dir(&directory);
1434 if (r < 0)
1435 return r;
1436 } else if (isempty(directory))
1437 return -EINVAL;
1438
1439 /* Returns an unlinked temporary file that cannot be linked into the file system anymore */
1440
1441 /* Try O_TMPFILE first, if it is supported */
1442 fd = open(directory, flags|O_TMPFILE|O_EXCL, S_IRUSR|S_IWUSR);
1443 if (fd >= 0)
1444 return fd;
1445
1446 /* Fall back to unguessable name + unlinking */
1447 p = strjoina(directory, "/systemd-tmp-XXXXXX");
1448
1449 fd = mkostemp_safe(p);
1450 if (fd < 0)
1451 return fd;
1452
1453 (void) unlink(p);
1454
1455 return fd;
1456 }
1457
1458 int open_tmpfile_linkable(const char *target, int flags, char **ret_path) {
1459 _cleanup_free_ char *tmp = NULL;
1460 int r, fd;
1461
1462 assert(target);
1463 assert(ret_path);
1464
1465 /* Don't allow O_EXCL, as that has a special meaning for O_TMPFILE */
1466 assert((flags & O_EXCL) == 0);
1467
1468 /* Creates a temporary file, that shall be renamed to "target" later. If possible, this uses O_TMPFILE – in
1469 * which case "ret_path" will be returned as NULL. If not possible a the tempoary path name used is returned in
1470 * "ret_path". Use link_tmpfile() below to rename the result after writing the file in full. */
1471
1472 fd = open_parent(target, O_TMPFILE|flags, 0640);
1473 if (fd >= 0) {
1474 *ret_path = NULL;
1475 return fd;
1476 }
1477
1478 log_debug_errno(fd, "Failed to use O_TMPFILE for %s: %m", target);
1479
1480 r = tempfn_random(target, NULL, &tmp);
1481 if (r < 0)
1482 return r;
1483
1484 fd = open(tmp, O_CREAT|O_EXCL|O_NOFOLLOW|O_NOCTTY|flags, 0640);
1485 if (fd < 0)
1486 return -errno;
1487
1488 *ret_path = TAKE_PTR(tmp);
1489
1490 return fd;
1491 }
1492
1493 int open_serialization_fd(const char *ident) {
1494 int fd = -1;
1495
1496 fd = memfd_create(ident, MFD_CLOEXEC);
1497 if (fd < 0) {
1498 const char *path;
1499
1500 path = getpid_cached() == 1 ? "/run/systemd" : "/tmp";
1501 fd = open_tmpfile_unlinkable(path, O_RDWR|O_CLOEXEC);
1502 if (fd < 0)
1503 return fd;
1504
1505 log_debug("Serializing %s to %s.", ident, path);
1506 } else
1507 log_debug("Serializing %s to memfd.", ident);
1508
1509 return fd;
1510 }
1511
1512 int link_tmpfile(int fd, const char *path, const char *target) {
1513 int r;
1514
1515 assert(fd >= 0);
1516 assert(target);
1517
1518 /* Moves a temporary file created with open_tmpfile() above into its final place. if "path" is NULL an fd
1519 * created with O_TMPFILE is assumed, and linkat() is used. Otherwise it is assumed O_TMPFILE is not supported
1520 * on the directory, and renameat2() is used instead.
1521 *
1522 * Note that in both cases we will not replace existing files. This is because linkat() does not support this
1523 * operation currently (renameat2() does), and there is no nice way to emulate this. */
1524
1525 if (path) {
1526 r = rename_noreplace(AT_FDCWD, path, AT_FDCWD, target);
1527 if (r < 0)
1528 return r;
1529 } else {
1530 char proc_fd_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(fd) + 1];
1531
1532 xsprintf(proc_fd_path, "/proc/self/fd/%i", fd);
1533
1534 if (linkat(AT_FDCWD, proc_fd_path, AT_FDCWD, target, AT_SYMLINK_FOLLOW) < 0)
1535 return -errno;
1536 }
1537
1538 return 0;
1539 }
1540
1541 int read_nul_string(FILE *f, char **ret) {
1542 _cleanup_free_ char *x = NULL;
1543 size_t allocated = 0, n = 0;
1544
1545 assert(f);
1546 assert(ret);
1547
1548 /* Reads a NUL-terminated string from the specified file. */
1549
1550 for (;;) {
1551 int c;
1552
1553 if (!GREEDY_REALLOC(x, allocated, n+2))
1554 return -ENOMEM;
1555
1556 c = fgetc(f);
1557 if (c == 0) /* Terminate at NUL byte */
1558 break;
1559 if (c == EOF) {
1560 if (ferror(f))
1561 return -errno;
1562 break; /* Terminate at EOF */
1563 }
1564
1565 x[n++] = (char) c;
1566 }
1567
1568 if (x)
1569 x[n] = 0;
1570 else {
1571 x = new0(char, 1);
1572 if (!x)
1573 return -ENOMEM;
1574 }
1575
1576 *ret = TAKE_PTR(x);
1577
1578 return 0;
1579 }
1580
1581 int mkdtemp_malloc(const char *template, char **ret) {
1582 _cleanup_free_ char *p = NULL;
1583 int r;
1584
1585 assert(ret);
1586
1587 if (template)
1588 p = strdup(template);
1589 else {
1590 const char *tmp;
1591
1592 r = tmp_dir(&tmp);
1593 if (r < 0)
1594 return r;
1595
1596 p = strjoin(tmp, "/XXXXXX");
1597 }
1598 if (!p)
1599 return -ENOMEM;
1600
1601 if (!mkdtemp(p))
1602 return -errno;
1603
1604 *ret = TAKE_PTR(p);
1605 return 0;
1606 }
1607
1608 DEFINE_TRIVIAL_CLEANUP_FUNC(FILE*, funlockfile);
1609
1610 int read_line(FILE *f, size_t limit, char **ret) {
1611 _cleanup_free_ char *buffer = NULL;
1612 size_t n = 0, allocated = 0, count = 0;
1613
1614 assert(f);
1615
1616 /* Something like a bounded version of getline().
1617 *
1618 * Considers EOF, \n and \0 end of line delimiters, and does not include these delimiters in the string
1619 * returned.
1620 *
1621 * Returns the number of bytes read from the files (i.e. including delimiters — this hence usually differs from
1622 * the number of characters in the returned string). When EOF is hit, 0 is returned.
1623 *
1624 * The input parameter limit is the maximum numbers of characters in the returned string, i.e. excluding
1625 * delimiters. If the limit is hit we fail and return -ENOBUFS.
1626 *
1627 * If a line shall be skipped ret may be initialized as NULL. */
1628
1629 if (ret) {
1630 if (!GREEDY_REALLOC(buffer, allocated, 1))
1631 return -ENOMEM;
1632 }
1633
1634 {
1635 _unused_ _cleanup_(funlockfilep) FILE *flocked = f;
1636 flockfile(f);
1637
1638 for (;;) {
1639 int c;
1640
1641 if (n >= limit)
1642 return -ENOBUFS;
1643
1644 errno = 0;
1645 c = fgetc_unlocked(f);
1646 if (c == EOF) {
1647 /* if we read an error, and have no data to return, then propagate the error */
1648 if (ferror_unlocked(f) && n == 0)
1649 return errno > 0 ? -errno : -EIO;
1650
1651 break;
1652 }
1653
1654 count++;
1655
1656 if (IN_SET(c, '\n', 0)) /* Reached a delimiter */
1657 break;
1658
1659 if (ret) {
1660 if (!GREEDY_REALLOC(buffer, allocated, n + 2))
1661 return -ENOMEM;
1662
1663 buffer[n] = (char) c;
1664 }
1665
1666 n++;
1667 }
1668 }
1669
1670 if (ret) {
1671 buffer[n] = 0;
1672
1673 *ret = TAKE_PTR(buffer);
1674 }
1675
1676 return (int) count;
1677 }
Unnamed repository; edit this file 'description' to name the repository.