1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
31 #include <sys/resource.h>
32 #include <linux/sched.h>
33 #include <sys/types.h>
37 #include <sys/ioctl.h>
41 #include <sys/prctl.h>
42 #include <sys/utsname.h>
44 #include <netinet/ip.h>
51 #include <sys/mount.h>
52 #include <linux/magic.h>
56 #include <sys/personality.h>
57 #include <sys/xattr.h>
58 #include <sys/statvfs.h>
62 /* When we include libgen.h because we need dirname() we immediately
63 * undefine basename() since libgen.h defines it as a macro to the POSIX
64 * version which is really broken. We prefer GNU basename(). */
68 #ifdef HAVE_SYS_AUXV_H
80 #include "path-util.h"
81 #include "exit-status.h"
85 #include "device-nodes.h"
90 #include "sparse-endian.h"
91 #include "formats-util.h"
92 #include "process-util.h"
93 #include "random-util.h"
94 #include "terminal-util.h"
95 #include "hostname-util.h"
96 #include "signal-util.h"
98 /* Put this test here for a lack of better place */
99 assert_cc(EAGAIN
== EWOULDBLOCK
);
102 char **saved_argv
= NULL
;
104 size_t page_size(void) {
105 static thread_local
size_t pgsz
= 0;
108 if (_likely_(pgsz
> 0))
111 r
= sysconf(_SC_PAGESIZE
);
118 int strcmp_ptr(const char *a
, const char *b
) {
120 /* Like strcmp(), but tries to make sense of NULL pointers */
133 bool streq_ptr(const char *a
, const char *b
) {
134 return strcmp_ptr(a
, b
) == 0;
137 char* endswith(const char *s
, const char *postfix
) {
144 pl
= strlen(postfix
);
147 return (char*) s
+ sl
;
152 if (memcmp(s
+ sl
- pl
, postfix
, pl
) != 0)
155 return (char*) s
+ sl
- pl
;
158 char* endswith_no_case(const char *s
, const char *postfix
) {
165 pl
= strlen(postfix
);
168 return (char*) s
+ sl
;
173 if (strcasecmp(s
+ sl
- pl
, postfix
) != 0)
176 return (char*) s
+ sl
- pl
;
179 char* first_word(const char *s
, const char *word
) {
186 /* Checks if the string starts with the specified word, either
187 * followed by NUL or by whitespace. Returns a pointer to the
188 * NUL or the first character after the whitespace. */
199 if (memcmp(s
, word
, wl
) != 0)
206 if (!strchr(WHITESPACE
, *p
))
209 p
+= strspn(p
, WHITESPACE
);
213 size_t cescape_char(char c
, char *buf
) {
214 char * buf_old
= buf
;
260 /* For special chars we prefer octal over
261 * hexadecimal encoding, simply because glib's
262 * g_strescape() does the same */
263 if ((c
< ' ') || (c
>= 127)) {
265 *(buf
++) = octchar((unsigned char) c
>> 6);
266 *(buf
++) = octchar((unsigned char) c
>> 3);
267 *(buf
++) = octchar((unsigned char) c
);
273 return buf
- buf_old
;
276 int close_nointr(int fd
) {
283 * Just ignore EINTR; a retry loop is the wrong thing to do on
286 * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
287 * https://bugzilla.gnome.org/show_bug.cgi?id=682819
288 * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR
289 * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain
297 int safe_close(int fd
) {
300 * Like close_nointr() but cannot fail. Guarantees errno is
301 * unchanged. Is a NOP with negative fds passed, and returns
302 * -1, so that it can be used in this syntax:
304 * fd = safe_close(fd);
310 /* The kernel might return pretty much any error code
311 * via close(), but the fd will be closed anyway. The
312 * only condition we want to check for here is whether
313 * the fd was invalid at all... */
315 assert_se(close_nointr(fd
) != -EBADF
);
321 void close_many(const int fds
[], unsigned n_fd
) {
324 assert(fds
|| n_fd
<= 0);
326 for (i
= 0; i
< n_fd
; i
++)
330 int fclose_nointr(FILE *f
) {
333 /* Same as close_nointr(), but for fclose() */
344 FILE* safe_fclose(FILE *f
) {
346 /* Same as safe_close(), but for fclose() */
351 assert_se(fclose_nointr(f
) != EBADF
);
357 int unlink_noerrno(const char *path
) {
368 int parse_boolean(const char *v
) {
371 if (streq(v
, "1") || strcaseeq(v
, "yes") || strcaseeq(v
, "y") || strcaseeq(v
, "true") || strcaseeq(v
, "t") || strcaseeq(v
, "on"))
373 else if (streq(v
, "0") || strcaseeq(v
, "no") || strcaseeq(v
, "n") || strcaseeq(v
, "false") || strcaseeq(v
, "f") || strcaseeq(v
, "off"))
379 int parse_pid(const char *s
, pid_t
* ret_pid
) {
380 unsigned long ul
= 0;
387 r
= safe_atolu(s
, &ul
);
393 if ((unsigned long) pid
!= ul
)
403 bool uid_is_valid(uid_t uid
) {
405 /* Some libc APIs use UID_INVALID as special placeholder */
406 if (uid
== (uid_t
) 0xFFFFFFFF)
409 /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
410 if (uid
== (uid_t
) 0xFFFF)
416 int parse_uid(const char *s
, uid_t
* ret_uid
) {
417 unsigned long ul
= 0;
423 r
= safe_atolu(s
, &ul
);
429 if ((unsigned long) uid
!= ul
)
432 if (!uid_is_valid(uid
))
433 return -ENXIO
; /* we return ENXIO instead of EINVAL
434 * here, to make it easy to distuingish
435 * invalid numeric uids invalid
444 int safe_atou(const char *s
, unsigned *ret_u
) {
452 l
= strtoul(s
, &x
, 0);
454 if (!x
|| x
== s
|| *x
|| errno
)
455 return errno
> 0 ? -errno
: -EINVAL
;
457 if ((unsigned long) (unsigned) l
!= l
)
460 *ret_u
= (unsigned) l
;
464 int safe_atoi(const char *s
, int *ret_i
) {
472 l
= strtol(s
, &x
, 0);
474 if (!x
|| x
== s
|| *x
|| errno
)
475 return errno
> 0 ? -errno
: -EINVAL
;
477 if ((long) (int) l
!= l
)
484 int safe_atou8(const char *s
, uint8_t *ret
) {
492 l
= strtoul(s
, &x
, 0);
494 if (!x
|| x
== s
|| *x
|| errno
)
495 return errno
> 0 ? -errno
: -EINVAL
;
497 if ((unsigned long) (uint8_t) l
!= l
)
504 int safe_atou16(const char *s
, uint16_t *ret
) {
512 l
= strtoul(s
, &x
, 0);
514 if (!x
|| x
== s
|| *x
|| errno
)
515 return errno
> 0 ? -errno
: -EINVAL
;
517 if ((unsigned long) (uint16_t) l
!= l
)
524 int safe_atoi16(const char *s
, int16_t *ret
) {
532 l
= strtol(s
, &x
, 0);
534 if (!x
|| x
== s
|| *x
|| errno
)
535 return errno
> 0 ? -errno
: -EINVAL
;
537 if ((long) (int16_t) l
!= l
)
544 int safe_atollu(const char *s
, long long unsigned *ret_llu
) {
546 unsigned long long l
;
552 l
= strtoull(s
, &x
, 0);
554 if (!x
|| x
== s
|| *x
|| errno
)
555 return errno
? -errno
: -EINVAL
;
561 int safe_atolli(const char *s
, long long int *ret_lli
) {
569 l
= strtoll(s
, &x
, 0);
571 if (!x
|| x
== s
|| *x
|| errno
)
572 return errno
? -errno
: -EINVAL
;
578 int safe_atod(const char *s
, double *ret_d
) {
586 loc
= newlocale(LC_NUMERIC_MASK
, "C", (locale_t
) 0);
587 if (loc
== (locale_t
) 0)
591 d
= strtod_l(s
, &x
, loc
);
593 if (!x
|| x
== s
|| *x
|| errno
) {
595 return errno
? -errno
: -EINVAL
;
603 static size_t strcspn_escaped(const char *s
, const char *reject
) {
604 bool escaped
= false;
607 for (n
=0; s
[n
]; n
++) {
610 else if (s
[n
] == '\\')
612 else if (strchr(reject
, s
[n
]))
616 /* if s ends in \, return index of previous char */
620 /* Split a string into words. */
621 const char* split(const char **state
, size_t *l
, const char *separator
, bool quoted
) {
627 assert(**state
== '\0');
631 current
+= strspn(current
, separator
);
637 if (quoted
&& strchr("\'\"", *current
)) {
638 char quotechars
[2] = {*current
, '\0'};
640 *l
= strcspn_escaped(current
+ 1, quotechars
);
641 if (current
[*l
+ 1] == '\0' || current
[*l
+ 1] != quotechars
[0] ||
642 (current
[*l
+ 2] && !strchr(separator
, current
[*l
+ 2]))) {
643 /* right quote missing or garbage at the end */
647 *state
= current
++ + *l
+ 2;
649 *l
= strcspn_escaped(current
, separator
);
650 if (current
[*l
] && !strchr(separator
, current
[*l
])) {
651 /* unfinished escape */
655 *state
= current
+ *l
;
657 *l
= strcspn(current
, separator
);
658 *state
= current
+ *l
;
664 int fchmod_umask(int fd
, mode_t m
) {
669 r
= fchmod(fd
, m
& (~u
)) < 0 ? -errno
: 0;
675 char *truncate_nl(char *s
) {
678 s
[strcspn(s
, NEWLINE
)] = 0;
682 char *strnappend(const char *s
, const char *suffix
, size_t b
) {
690 return strndup(suffix
, b
);
699 if (b
> ((size_t) -1) - a
)
702 r
= new(char, a
+b
+1);
707 memcpy(r
+a
, suffix
, b
);
713 char *strappend(const char *s
, const char *suffix
) {
714 return strnappend(s
, suffix
, suffix
? strlen(suffix
) : 0);
717 int readlinkat_malloc(int fd
, const char *p
, char **ret
) {
732 n
= readlinkat(fd
, p
, c
, l
-1);
739 if ((size_t) n
< l
-1) {
750 int readlink_malloc(const char *p
, char **ret
) {
751 return readlinkat_malloc(AT_FDCWD
, p
, ret
);
754 int readlink_value(const char *p
, char **ret
) {
755 _cleanup_free_
char *link
= NULL
;
759 r
= readlink_malloc(p
, &link
);
763 value
= basename(link
);
767 value
= strdup(value
);
776 int readlink_and_make_absolute(const char *p
, char **r
) {
777 _cleanup_free_
char *target
= NULL
;
784 j
= readlink_malloc(p
, &target
);
788 k
= file_in_same_dir(p
, target
);
796 int readlink_and_canonicalize(const char *p
, char **r
) {
803 j
= readlink_and_make_absolute(p
, &t
);
807 s
= canonicalize_file_name(t
);
814 path_kill_slashes(*r
);
819 char *strstrip(char *s
) {
822 /* Drops trailing whitespace. Modifies the string in
823 * place. Returns pointer to first non-space character */
825 s
+= strspn(s
, WHITESPACE
);
827 for (e
= strchr(s
, 0); e
> s
; e
--)
828 if (!strchr(WHITESPACE
, e
[-1]))
836 char *delete_chars(char *s
, const char *bad
) {
839 /* Drops all whitespace, regardless where in the string */
841 for (f
= s
, t
= s
; *f
; f
++) {
853 char *file_in_same_dir(const char *path
, const char *filename
) {
860 /* This removes the last component of path and appends
861 * filename, unless the latter is absolute anyway or the
864 if (path_is_absolute(filename
))
865 return strdup(filename
);
867 e
= strrchr(path
, '/');
869 return strdup(filename
);
871 k
= strlen(filename
);
872 ret
= new(char, (e
+ 1 - path
) + k
+ 1);
876 memcpy(mempcpy(ret
, path
, e
+ 1 - path
), filename
, k
+ 1);
880 int rmdir_parents(const char *path
, const char *stop
) {
889 /* Skip trailing slashes */
890 while (l
> 0 && path
[l
-1] == '/')
896 /* Skip last component */
897 while (l
> 0 && path
[l
-1] != '/')
900 /* Skip trailing slashes */
901 while (l
> 0 && path
[l
-1] == '/')
907 if (!(t
= strndup(path
, l
)))
910 if (path_startswith(stop
, t
)) {
926 char hexchar(int x
) {
927 static const char table
[16] = "0123456789abcdef";
929 return table
[x
& 15];
932 int unhexchar(char c
) {
934 if (c
>= '0' && c
<= '9')
937 if (c
>= 'a' && c
<= 'f')
940 if (c
>= 'A' && c
<= 'F')
946 char *hexmem(const void *p
, size_t l
) {
950 z
= r
= malloc(l
* 2 + 1);
954 for (x
= p
; x
< (const uint8_t*) p
+ l
; x
++) {
955 *(z
++) = hexchar(*x
>> 4);
956 *(z
++) = hexchar(*x
& 15);
963 int unhexmem(const char *p
, size_t l
, void **mem
, size_t *len
) {
964 _cleanup_free_
uint8_t *r
= NULL
;
972 z
= r
= malloc((l
+ 1) / 2 + 1);
976 for (x
= p
; x
< p
+ l
; x
+= 2) {
982 else if (x
+1 < p
+ l
) {
989 *(z
++) = (uint8_t) a
<< 4 | (uint8_t) b
;
1001 /* https://tools.ietf.org/html/rfc4648#section-6
1002 * Notice that base32hex differs from base32 in the alphabet it uses.
1003 * The distinction is that the base32hex representation preserves the
1004 * order of the underlying data when compared as bytestrings, this is
1005 * useful when representing NSEC3 hashes, as one can then verify the
1006 * order of hashes directly from their representation. */
1007 char base32hexchar(int x
) {
1008 static const char table
[32] = "0123456789"
1009 "ABCDEFGHIJKLMNOPQRSTUV";
1011 return table
[x
& 31];
1014 int unbase32hexchar(char c
) {
1017 if (c
>= '0' && c
<= '9')
1020 offset
= '9' - '0' + 1;
1022 if (c
>= 'A' && c
<= 'V')
1023 return c
- 'A' + offset
;
1028 char *base32hexmem(const void *p
, size_t l
, bool padding
) {
1034 /* five input bytes makes eight output bytes, padding is added so we must round up */
1035 len
= 8 * (l
+ 4) / 5;
1037 /* same, but round down as there is no padding */
1056 z
= r
= malloc(len
+ 1);
1060 for (x
= p
; x
< (const uint8_t*) p
+ (l
/ 5) * 5; x
+= 5) {
1061 /* x[0] == XXXXXXXX; x[1] == YYYYYYYY; x[2] == ZZZZZZZZ
1062 x[3] == QQQQQQQQ; x[4] == WWWWWWWW */
1063 *(z
++) = base32hexchar(x
[0] >> 3); /* 000XXXXX */
1064 *(z
++) = base32hexchar((x
[0] & 7) << 2 | x
[1] >> 6); /* 000XXXYY */
1065 *(z
++) = base32hexchar((x
[1] & 63) >> 1); /* 000YYYYY */
1066 *(z
++) = base32hexchar((x
[1] & 1) << 4 | x
[2] >> 4); /* 000YZZZZ */
1067 *(z
++) = base32hexchar((x
[2] & 15) << 1 | x
[3] >> 7); /* 000ZZZZQ */
1068 *(z
++) = base32hexchar((x
[3] & 127) >> 2); /* 000QQQQQ */
1069 *(z
++) = base32hexchar((x
[3] & 3) << 3 | x
[4] >> 5); /* 000QQWWW */
1070 *(z
++) = base32hexchar((x
[4] & 31)); /* 000WWWWW */
1075 *(z
++) = base32hexchar(x
[0] >> 3); /* 000XXXXX */
1076 *(z
++) = base32hexchar((x
[0] & 7) << 2 | x
[1] >> 6); /* 000XXXYY */
1077 *(z
++) = base32hexchar((x
[1] & 63) >> 1); /* 000YYYYY */
1078 *(z
++) = base32hexchar((x
[1] & 1) << 4 | x
[2] >> 4); /* 000YZZZZ */
1079 *(z
++) = base32hexchar((x
[2] & 15) << 1 | x
[3] >> 7); /* 000ZZZZQ */
1080 *(z
++) = base32hexchar((x
[3] & 127) >> 2); /* 000QQQQQ */
1081 *(z
++) = base32hexchar((x
[3] & 3) << 3); /* 000QQ000 */
1088 *(z
++) = base32hexchar(x
[0] >> 3); /* 000XXXXX */
1089 *(z
++) = base32hexchar((x
[0] & 7) << 2 | x
[1] >> 6); /* 000XXXYY */
1090 *(z
++) = base32hexchar((x
[1] & 63) >> 1); /* 000YYYYY */
1091 *(z
++) = base32hexchar((x
[1] & 1) << 4 | x
[2] >> 4); /* 000YZZZZ */
1092 *(z
++) = base32hexchar((x
[2] & 15) << 1); /* 000ZZZZ0 */
1102 *(z
++) = base32hexchar(x
[0] >> 3); /* 000XXXXX */
1103 *(z
++) = base32hexchar((x
[0] & 7) << 2 | x
[1] >> 6); /* 000XXXYY */
1104 *(z
++) = base32hexchar((x
[1] & 63) >> 1); /* 000YYYYY */
1105 *(z
++) = base32hexchar((x
[1] & 1) << 4); /* 000Y0000 */
1116 *(z
++) = base32hexchar(x
[0] >> 3); /* 000XXXXX */
1117 *(z
++) = base32hexchar((x
[0] & 7) << 2); /* 000XXX00 */
1134 int unbase32hexmem(const char *p
, size_t l
, bool padding
, void **mem
, size_t *_len
) {
1135 _cleanup_free_
uint8_t *r
= NULL
;
1136 int a
, b
, c
, d
, e
, f
, g
, h
;
1144 /* padding ensures any base32hex input has input divisible by 8 */
1145 if (padding
&& l
% 8 != 0)
1149 /* strip the padding */
1150 while (l
> 0 && p
[l
- 1] == '=' && pad
< 7) {
1156 /* a group of eight input bytes needs five output bytes, in case of
1157 padding we need to add some extra bytes */
1179 z
= r
= malloc(len
+ 1);
1183 for (x
= p
; x
< p
+ (l
/ 8) * 8; x
+= 8) {
1184 /* a == 000XXXXX; b == 000YYYYY; c == 000ZZZZZ; d == 000WWWWW
1185 e == 000SSSSS; f == 000QQQQQ; g == 000VVVVV; h == 000RRRRR */
1186 a
= unbase32hexchar(x
[0]);
1190 b
= unbase32hexchar(x
[1]);
1194 c
= unbase32hexchar(x
[2]);
1198 d
= unbase32hexchar(x
[3]);
1202 e
= unbase32hexchar(x
[4]);
1206 f
= unbase32hexchar(x
[5]);
1210 g
= unbase32hexchar(x
[6]);
1214 h
= unbase32hexchar(x
[7]);
1218 *(z
++) = (uint8_t) a
<< 3 | (uint8_t) b
>> 2; /* XXXXXYYY */
1219 *(z
++) = (uint8_t) b
<< 6 | (uint8_t) c
<< 1 | (uint8_t) d
>> 4; /* YYZZZZZW */
1220 *(z
++) = (uint8_t) d
<< 4 | (uint8_t) e
>> 1; /* WWWWSSSS */
1221 *(z
++) = (uint8_t) e
<< 7 | (uint8_t) f
<< 2 | (uint8_t) g
>> 3; /* SQQQQQVV */
1222 *(z
++) = (uint8_t) g
<< 5 | (uint8_t) h
; /* VVVRRRRR */
1227 a
= unbase32hexchar(x
[0]);
1231 b
= unbase32hexchar(x
[1]);
1235 c
= unbase32hexchar(x
[2]);
1239 d
= unbase32hexchar(x
[3]);
1243 e
= unbase32hexchar(x
[4]);
1247 f
= unbase32hexchar(x
[5]);
1251 g
= unbase32hexchar(x
[6]);
1259 *(z
++) = (uint8_t) a
<< 3 | (uint8_t) b
>> 2; /* XXXXXYYY */
1260 *(z
++) = (uint8_t) b
<< 6 | (uint8_t) c
<< 1 | (uint8_t) d
>> 4; /* YYZZZZZW */
1261 *(z
++) = (uint8_t) d
<< 4 | (uint8_t) e
>> 1; /* WWWWSSSS */
1262 *(z
++) = (uint8_t) e
<< 7 | (uint8_t) f
<< 2 | (uint8_t) g
>> 3; /* SQQQQQVV */
1266 a
= unbase32hexchar(x
[0]);
1270 b
= unbase32hexchar(x
[1]);
1274 c
= unbase32hexchar(x
[2]);
1278 d
= unbase32hexchar(x
[3]);
1282 e
= unbase32hexchar(x
[4]);
1290 *(z
++) = (uint8_t) a
<< 3 | (uint8_t) b
>> 2; /* XXXXXYYY */
1291 *(z
++) = (uint8_t) b
<< 6 | (uint8_t) c
<< 1 | (uint8_t) d
>> 4; /* YYZZZZZW */
1292 *(z
++) = (uint8_t) d
<< 4 | (uint8_t) e
>> 1; /* WWWWSSSS */
1296 a
= unbase32hexchar(x
[0]);
1300 b
= unbase32hexchar(x
[1]);
1304 c
= unbase32hexchar(x
[2]);
1308 d
= unbase32hexchar(x
[3]);
1316 *(z
++) = (uint8_t) a
<< 3 | (uint8_t) b
>> 2; /* XXXXXYYY */
1317 *(z
++) = (uint8_t) b
<< 6 | (uint8_t) c
<< 1 | (uint8_t) d
>> 4; /* YYZZZZZW */
1321 a
= unbase32hexchar(x
[0]);
1325 b
= unbase32hexchar(x
[1]);
1333 *(z
++) = (uint8_t) a
<< 3 | (uint8_t) b
>> 2; /* XXXXXYYY */
1351 /* https://tools.ietf.org/html/rfc4648#section-4 */
1352 char base64char(int x
) {
1353 static const char table
[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
1354 "abcdefghijklmnopqrstuvwxyz"
1356 return table
[x
& 63];
1359 int unbase64char(char c
) {
1362 if (c
>= 'A' && c
<= 'Z')
1365 offset
= 'Z' - 'A' + 1;
1367 if (c
>= 'a' && c
<= 'z')
1368 return c
- 'a' + offset
;
1370 offset
+= 'z' - 'a' + 1;
1372 if (c
>= '0' && c
<= '9')
1373 return c
- '0' + offset
;
1375 offset
+= '9' - '0' + 1;
1388 char *base64mem(const void *p
, size_t l
) {
1392 /* three input bytes makes four output bytes, padding is added so we must round up */
1393 z
= r
= malloc(4 * (l
+ 2) / 3 + 1);
1397 for (x
= p
; x
< (const uint8_t*) p
+ (l
/ 3) * 3; x
+= 3) {
1398 /* x[0] == XXXXXXXX; x[1] == YYYYYYYY; x[2] == ZZZZZZZZ */
1399 *(z
++) = base64char(x
[0] >> 2); /* 00XXXXXX */
1400 *(z
++) = base64char((x
[0] & 3) << 4 | x
[1] >> 4); /* 00XXYYYY */
1401 *(z
++) = base64char((x
[1] & 15) << 2 | x
[2] >> 6); /* 00YYYYZZ */
1402 *(z
++) = base64char(x
[2] & 63); /* 00ZZZZZZ */
1407 *(z
++) = base64char(x
[0] >> 2); /* 00XXXXXX */
1408 *(z
++) = base64char((x
[0] & 3) << 4 | x
[1] >> 4); /* 00XXYYYY */
1409 *(z
++) = base64char((x
[1] & 15) << 2); /* 00YYYY00 */
1414 *(z
++) = base64char(x
[0] >> 2); /* 00XXXXXX */
1415 *(z
++) = base64char((x
[0] & 3) << 4); /* 00XX0000 */
1426 int unbase64mem(const char *p
, size_t l
, void **mem
, size_t *_len
) {
1427 _cleanup_free_
uint8_t *r
= NULL
;
1435 /* padding ensures any base63 input has input divisible by 4 */
1439 /* strip the padding */
1440 if (l
> 0 && p
[l
- 1] == '=')
1442 if (l
> 0 && p
[l
- 1] == '=')
1445 /* a group of four input bytes needs three output bytes, in case of
1446 padding we need to add two or three extra bytes */
1447 len
= (l
/ 4) * 3 + (l
% 4 ? (l
% 4) - 1 : 0);
1449 z
= r
= malloc(len
+ 1);
1453 for (x
= p
; x
< p
+ (l
/ 4) * 4; x
+= 4) {
1454 /* a == 00XXXXXX; b == 00YYYYYY; c == 00ZZZZZZ; d == 00WWWWWW */
1455 a
= unbase64char(x
[0]);
1459 b
= unbase64char(x
[1]);
1463 c
= unbase64char(x
[2]);
1467 d
= unbase64char(x
[3]);
1471 *(z
++) = (uint8_t) a
<< 2 | (uint8_t) b
>> 4; /* XXXXXXYY */
1472 *(z
++) = (uint8_t) b
<< 4 | (uint8_t) c
>> 2; /* YYYYZZZZ */
1473 *(z
++) = (uint8_t) c
<< 6 | (uint8_t) d
; /* ZZWWWWWW */
1478 a
= unbase64char(x
[0]);
1482 b
= unbase64char(x
[1]);
1486 c
= unbase64char(x
[2]);
1494 *(z
++) = (uint8_t) a
<< 2 | (uint8_t) b
>> 4; /* XXXXXXYY */
1495 *(z
++) = (uint8_t) b
<< 4 | (uint8_t) c
>> 2; /* YYYYZZZZ */
1499 a
= unbase64char(x
[0]);
1503 b
= unbase64char(x
[1]);
1511 *(z
++) = (uint8_t) a
<< 2 | (uint8_t) (b
>> 4); /* XXXXXXYY */
1530 char octchar(int x
) {
1531 return '0' + (x
& 7);
1534 int unoctchar(char c
) {
1536 if (c
>= '0' && c
<= '7')
1542 char decchar(int x
) {
1543 return '0' + (x
% 10);
1546 int undecchar(char c
) {
1548 if (c
>= '0' && c
<= '9')
1554 char *cescape(const char *s
) {
1560 /* Does C style string escaping. May be reversed with
1563 r
= new(char, strlen(s
)*4 + 1);
1567 for (f
= s
, t
= r
; *f
; f
++)
1568 t
+= cescape_char(*f
, t
);
1575 static int cunescape_one(const char *p
, size_t length
, char *ret
, uint32_t *ret_unicode
) {
1582 /* Unescapes C style. Returns the unescaped character in ret,
1583 * unless we encountered a \u sequence in which case the full
1584 * unicode character is returned in ret_unicode, instead. */
1586 if (length
!= (size_t) -1 && length
< 1)
1623 /* This is an extension of the XDG syntax files */
1628 /* hexadecimal encoding */
1631 if (length
!= (size_t) -1 && length
< 3)
1634 a
= unhexchar(p
[1]);
1638 b
= unhexchar(p
[2]);
1642 /* Don't allow NUL bytes */
1643 if (a
== 0 && b
== 0)
1646 *ret
= (char) ((a
<< 4U) | b
);
1652 /* C++11 style 16bit unicode */
1658 if (length
!= (size_t) -1 && length
< 5)
1661 for (i
= 0; i
< 4; i
++) {
1662 a
[i
] = unhexchar(p
[1 + i
]);
1667 c
= ((uint32_t) a
[0] << 12U) | ((uint32_t) a
[1] << 8U) | ((uint32_t) a
[2] << 4U) | (uint32_t) a
[3];
1669 /* Don't allow 0 chars */
1688 /* C++11 style 32bit unicode */
1694 if (length
!= (size_t) -1 && length
< 9)
1697 for (i
= 0; i
< 8; i
++) {
1698 a
[i
] = unhexchar(p
[1 + i
]);
1703 c
= ((uint32_t) a
[0] << 28U) | ((uint32_t) a
[1] << 24U) | ((uint32_t) a
[2] << 20U) | ((uint32_t) a
[3] << 16U) |
1704 ((uint32_t) a
[4] << 12U) | ((uint32_t) a
[5] << 8U) | ((uint32_t) a
[6] << 4U) | (uint32_t) a
[7];
1706 /* Don't allow 0 chars */
1710 /* Don't allow invalid code points */
1711 if (!unichar_is_valid(c
))
1736 /* octal encoding */
1740 if (length
!= (size_t) -1 && length
< 3)
1743 a
= unoctchar(p
[0]);
1747 b
= unoctchar(p
[1]);
1751 c
= unoctchar(p
[2]);
1755 /* don't allow NUL bytes */
1756 if (a
== 0 && b
== 0 && c
== 0)
1759 /* Don't allow bytes above 255 */
1760 m
= ((uint32_t) a
<< 6U) | ((uint32_t) b
<< 3U) | (uint32_t) c
;
1776 int cunescape_length_with_prefix(const char *s
, size_t length
, const char *prefix
, UnescapeFlags flags
, char **ret
) {
1784 /* Undoes C style string escaping, and optionally prefixes it. */
1786 pl
= prefix
? strlen(prefix
) : 0;
1788 r
= new(char, pl
+length
+1);
1793 memcpy(r
, prefix
, pl
);
1795 for (f
= s
, t
= r
+ pl
; f
< s
+ length
; f
++) {
1801 remaining
= s
+ length
- f
;
1802 assert(remaining
> 0);
1805 /* A literal literal, copy verbatim */
1810 if (remaining
== 1) {
1811 if (flags
& UNESCAPE_RELAX
) {
1812 /* A trailing backslash, copy verbatim */
1821 k
= cunescape_one(f
+ 1, remaining
- 1, &c
, &u
);
1823 if (flags
& UNESCAPE_RELAX
) {
1824 /* Invalid escape code, let's take it literal then */
1834 /* Non-Unicode? Let's encode this directly */
1837 /* Unicode? Then let's encode this in UTF-8 */
1838 t
+= utf8_encode_unichar(t
, u
);
1849 int cunescape_length(const char *s
, size_t length
, UnescapeFlags flags
, char **ret
) {
1850 return cunescape_length_with_prefix(s
, length
, NULL
, flags
, ret
);
1853 int cunescape(const char *s
, UnescapeFlags flags
, char **ret
) {
1854 return cunescape_length(s
, strlen(s
), flags
, ret
);
1857 char *xescape(const char *s
, const char *bad
) {
1861 /* Escapes all chars in bad, in addition to \ and all special
1862 * chars, in \xFF style escaping. May be reversed with
1865 r
= new(char, strlen(s
) * 4 + 1);
1869 for (f
= s
, t
= r
; *f
; f
++) {
1871 if ((*f
< ' ') || (*f
>= 127) ||
1872 (*f
== '\\') || strchr(bad
, *f
)) {
1875 *(t
++) = hexchar(*f
>> 4);
1876 *(t
++) = hexchar(*f
);
1886 char *ascii_strlower(char *t
) {
1891 for (p
= t
; *p
; p
++)
1892 if (*p
>= 'A' && *p
<= 'Z')
1893 *p
= *p
- 'A' + 'a';
1898 _pure_
static bool hidden_file_allow_backup(const char *filename
) {
1902 filename
[0] == '.' ||
1903 streq(filename
, "lost+found") ||
1904 streq(filename
, "aquota.user") ||
1905 streq(filename
, "aquota.group") ||
1906 endswith(filename
, ".rpmnew") ||
1907 endswith(filename
, ".rpmsave") ||
1908 endswith(filename
, ".rpmorig") ||
1909 endswith(filename
, ".dpkg-old") ||
1910 endswith(filename
, ".dpkg-new") ||
1911 endswith(filename
, ".dpkg-tmp") ||
1912 endswith(filename
, ".dpkg-dist") ||
1913 endswith(filename
, ".dpkg-bak") ||
1914 endswith(filename
, ".dpkg-backup") ||
1915 endswith(filename
, ".dpkg-remove") ||
1916 endswith(filename
, ".swp");
1919 bool hidden_file(const char *filename
) {
1922 if (endswith(filename
, "~"))
1925 return hidden_file_allow_backup(filename
);
1928 int fd_nonblock(int fd
, bool nonblock
) {
1933 flags
= fcntl(fd
, F_GETFL
, 0);
1938 nflags
= flags
| O_NONBLOCK
;
1940 nflags
= flags
& ~O_NONBLOCK
;
1942 if (nflags
== flags
)
1945 if (fcntl(fd
, F_SETFL
, nflags
) < 0)
1951 int fd_cloexec(int fd
, bool cloexec
) {
1956 flags
= fcntl(fd
, F_GETFD
, 0);
1961 nflags
= flags
| FD_CLOEXEC
;
1963 nflags
= flags
& ~FD_CLOEXEC
;
1965 if (nflags
== flags
)
1968 if (fcntl(fd
, F_SETFD
, nflags
) < 0)
1974 _pure_
static bool fd_in_set(int fd
, const int fdset
[], unsigned n_fdset
) {
1977 assert(n_fdset
== 0 || fdset
);
1979 for (i
= 0; i
< n_fdset
; i
++)
1986 int close_all_fds(const int except
[], unsigned n_except
) {
1987 _cleanup_closedir_
DIR *d
= NULL
;
1991 assert(n_except
== 0 || except
);
1993 d
= opendir("/proc/self/fd");
1998 /* When /proc isn't available (for example in chroots)
1999 * the fallback is brute forcing through the fd
2002 assert_se(getrlimit(RLIMIT_NOFILE
, &rl
) >= 0);
2003 for (fd
= 3; fd
< (int) rl
.rlim_max
; fd
++) {
2005 if (fd_in_set(fd
, except
, n_except
))
2008 if (close_nointr(fd
) < 0)
2009 if (errno
!= EBADF
&& r
== 0)
2016 while ((de
= readdir(d
))) {
2019 if (hidden_file(de
->d_name
))
2022 if (safe_atoi(de
->d_name
, &fd
) < 0)
2023 /* Let's better ignore this, just in case */
2032 if (fd_in_set(fd
, except
, n_except
))
2035 if (close_nointr(fd
) < 0) {
2036 /* Valgrind has its own FD and doesn't want to have it closed */
2037 if (errno
!= EBADF
&& r
== 0)
2045 bool chars_intersect(const char *a
, const char *b
) {
2048 /* Returns true if any of the chars in a are in b. */
2049 for (p
= a
; *p
; p
++)
2056 bool fstype_is_network(const char *fstype
) {
2057 static const char table
[] =
2072 x
= startswith(fstype
, "fuse.");
2076 return nulstr_contains(table
, fstype
);
2079 int flush_fd(int fd
) {
2080 struct pollfd pollfd
= {
2090 r
= poll(&pollfd
, 1, 0);
2100 l
= read(fd
, buf
, sizeof(buf
));
2106 if (errno
== EAGAIN
)
2115 void safe_close_pair(int p
[]) {
2119 /* Special case pairs which use the same fd in both
2121 p
[0] = p
[1] = safe_close(p
[0]);
2125 p
[0] = safe_close(p
[0]);
2126 p
[1] = safe_close(p
[1]);
2129 ssize_t
loop_read(int fd
, void *buf
, size_t nbytes
, bool do_poll
) {
2136 while (nbytes
> 0) {
2139 k
= read(fd
, p
, nbytes
);
2144 if (errno
== EAGAIN
&& do_poll
) {
2146 /* We knowingly ignore any return value here,
2147 * and expect that any error/EOF is reported
2150 fd_wait_for_event(fd
, POLLIN
, USEC_INFINITY
);
2154 return n
> 0 ? n
: -errno
;
2168 int loop_read_exact(int fd
, void *buf
, size_t nbytes
, bool do_poll
) {
2171 n
= loop_read(fd
, buf
, nbytes
, do_poll
);
2174 if ((size_t) n
!= nbytes
)
2179 int loop_write(int fd
, const void *buf
, size_t nbytes
, bool do_poll
) {
2180 const uint8_t *p
= buf
;
2190 k
= write(fd
, p
, nbytes
);
2195 if (errno
== EAGAIN
&& do_poll
) {
2196 /* We knowingly ignore any return value here,
2197 * and expect that any error/EOF is reported
2200 fd_wait_for_event(fd
, POLLOUT
, USEC_INFINITY
);
2207 if (nbytes
> 0 && k
== 0) /* Can't really happen */
2212 } while (nbytes
> 0);
2217 int parse_size(const char *t
, uint64_t base
, uint64_t *size
) {
2219 /* Soo, sometimes we want to parse IEC binary suffixes, and
2220 * sometimes SI decimal suffixes. This function can parse
2221 * both. Which one is the right way depends on the
2222 * context. Wikipedia suggests that SI is customary for
2223 * hardware metrics and network speeds, while IEC is
2224 * customary for most data sizes used by software and volatile
2225 * (RAM) memory. Hence be careful which one you pick!
2227 * In either case we use just K, M, G as suffix, and not Ki,
2228 * Mi, Gi or so (as IEC would suggest). That's because that's
2229 * frickin' ugly. But this means you really need to make sure
2230 * to document which base you are parsing when you use this
2235 unsigned long long factor
;
2238 static const struct table iec
[] = {
2239 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2240 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2241 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
2242 { "G", 1024ULL*1024ULL*1024ULL },
2243 { "M", 1024ULL*1024ULL },
2249 static const struct table si
[] = {
2250 { "E", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2251 { "P", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2252 { "T", 1000ULL*1000ULL*1000ULL*1000ULL },
2253 { "G", 1000ULL*1000ULL*1000ULL },
2254 { "M", 1000ULL*1000ULL },
2260 const struct table
*table
;
2262 unsigned long long r
= 0;
2263 unsigned n_entries
, start_pos
= 0;
2266 assert(base
== 1000 || base
== 1024);
2271 n_entries
= ELEMENTSOF(si
);
2274 n_entries
= ELEMENTSOF(iec
);
2279 unsigned long long l
, tmp
;
2284 p
+= strspn(p
, WHITESPACE
);
2289 l
= strtoull(p
, &e
, 10);
2298 /* strtoull() itself would accept space/+/- */
2299 if (*e
>= '0' && *e
<= '9') {
2300 unsigned long long l2
;
2303 l2
= strtoull(e
, &e2
, 10);
2307 /* Ignore failure. E.g. 10.M is valid */
2314 e
+= strspn(e
, WHITESPACE
);
2316 for (i
= start_pos
; i
< n_entries
; i
++)
2317 if (startswith(e
, table
[i
].suffix
))
2323 if (l
+ (frac
> 0) > ULLONG_MAX
/ table
[i
].factor
)
2326 tmp
= l
* table
[i
].factor
+ (unsigned long long) (frac
* table
[i
].factor
);
2327 if (tmp
> ULLONG_MAX
- r
)
2331 if ((unsigned long long) (uint64_t) r
!= r
)
2334 p
= e
+ strlen(table
[i
].suffix
);
2345 bool is_device_path(const char *path
) {
2347 /* Returns true on paths that refer to a device, either in
2348 * sysfs or in /dev */
2351 path_startswith(path
, "/dev/") ||
2352 path_startswith(path
, "/sys/");
2355 int dir_is_empty(const char *path
) {
2356 _cleanup_closedir_
DIR *d
;
2367 if (!de
&& errno
!= 0)
2373 if (!hidden_file(de
->d_name
))
2378 char* dirname_malloc(const char *path
) {
2379 char *d
, *dir
, *dir2
;
2396 void rename_process(const char name
[8]) {
2399 /* This is a like a poor man's setproctitle(). It changes the
2400 * comm field, argv[0], and also the glibc's internally used
2401 * name of the process. For the first one a limit of 16 chars
2402 * applies, to the second one usually one of 10 (i.e. length
2403 * of "/sbin/init"), to the third one one of 7 (i.e. length of
2404 * "systemd"). If you pass a longer string it will be
2407 prctl(PR_SET_NAME
, name
);
2409 if (program_invocation_name
)
2410 strncpy(program_invocation_name
, name
, strlen(program_invocation_name
));
2412 if (saved_argc
> 0) {
2416 strncpy(saved_argv
[0], name
, strlen(saved_argv
[0]));
2418 for (i
= 1; i
< saved_argc
; i
++) {
2422 memzero(saved_argv
[i
], strlen(saved_argv
[i
]));
2427 char *lookup_uid(uid_t uid
) {
2430 _cleanup_free_
char *buf
= NULL
;
2431 struct passwd pwbuf
, *pw
= NULL
;
2433 /* Shortcut things to avoid NSS lookups */
2435 return strdup("root");
2437 bufsize
= sysconf(_SC_GETPW_R_SIZE_MAX
);
2441 buf
= malloc(bufsize
);
2445 if (getpwuid_r(uid
, &pwbuf
, buf
, bufsize
, &pw
) == 0 && pw
)
2446 return strdup(pw
->pw_name
);
2448 if (asprintf(&name
, UID_FMT
, uid
) < 0)
2454 char* getlogname_malloc(void) {
2458 if (isatty(STDIN_FILENO
) && fstat(STDIN_FILENO
, &st
) >= 0)
2463 return lookup_uid(uid
);
2466 char *getusername_malloc(void) {
2473 return lookup_uid(getuid());
2476 bool is_temporary_fs(const struct statfs
*s
) {
2479 return F_TYPE_EQUAL(s
->f_type
, TMPFS_MAGIC
) ||
2480 F_TYPE_EQUAL(s
->f_type
, RAMFS_MAGIC
);
2483 int fd_is_temporary_fs(int fd
) {
2486 if (fstatfs(fd
, &s
) < 0)
2489 return is_temporary_fs(&s
);
2492 int chmod_and_chown(const char *path
, mode_t mode
, uid_t uid
, gid_t gid
) {
2495 /* Under the assumption that we are running privileged we
2496 * first change the access mode and only then hand out
2497 * ownership to avoid a window where access is too open. */
2499 if (mode
!= MODE_INVALID
)
2500 if (chmod(path
, mode
) < 0)
2503 if (uid
!= UID_INVALID
|| gid
!= GID_INVALID
)
2504 if (chown(path
, uid
, gid
) < 0)
2510 int fchmod_and_fchown(int fd
, mode_t mode
, uid_t uid
, gid_t gid
) {
2513 /* Under the assumption that we are running privileged we
2514 * first change the access mode and only then hand out
2515 * ownership to avoid a window where access is too open. */
2517 if (mode
!= MODE_INVALID
)
2518 if (fchmod(fd
, mode
) < 0)
2521 if (uid
!= UID_INVALID
|| gid
!= GID_INVALID
)
2522 if (fchown(fd
, uid
, gid
) < 0)
2528 cpu_set_t
* cpu_set_malloc(unsigned *ncpus
) {
2532 /* Allocates the cpuset in the right size */
2535 if (!(r
= CPU_ALLOC(n
)))
2538 if (sched_getaffinity(0, CPU_ALLOC_SIZE(n
), r
) >= 0) {
2539 CPU_ZERO_S(CPU_ALLOC_SIZE(n
), r
);
2549 if (errno
!= EINVAL
)
2556 int files_same(const char *filea
, const char *fileb
) {
2559 if (stat(filea
, &a
) < 0)
2562 if (stat(fileb
, &b
) < 0)
2565 return a
.st_dev
== b
.st_dev
&&
2566 a
.st_ino
== b
.st_ino
;
2569 int running_in_chroot(void) {
2572 ret
= files_same("/proc/1/root", "/");
2579 static char *ascii_ellipsize_mem(const char *s
, size_t old_length
, size_t new_length
, unsigned percent
) {
2584 assert(percent
<= 100);
2585 assert(new_length
>= 3);
2587 if (old_length
<= 3 || old_length
<= new_length
)
2588 return strndup(s
, old_length
);
2590 r
= new0(char, new_length
+1);
2594 x
= (new_length
* percent
) / 100;
2596 if (x
> new_length
- 3)
2604 s
+ old_length
- (new_length
- x
- 3),
2605 new_length
- x
- 3);
2610 char *ellipsize_mem(const char *s
, size_t old_length
, size_t new_length
, unsigned percent
) {
2614 unsigned k
, len
, len2
;
2617 assert(percent
<= 100);
2618 assert(new_length
>= 3);
2620 /* if no multibyte characters use ascii_ellipsize_mem for speed */
2621 if (ascii_is_valid(s
))
2622 return ascii_ellipsize_mem(s
, old_length
, new_length
, percent
);
2624 if (old_length
<= 3 || old_length
<= new_length
)
2625 return strndup(s
, old_length
);
2627 x
= (new_length
* percent
) / 100;
2629 if (x
> new_length
- 3)
2633 for (i
= s
; k
< x
&& i
< s
+ old_length
; i
= utf8_next_char(i
)) {
2636 c
= utf8_encoded_to_unichar(i
);
2639 k
+= unichar_iswide(c
) ? 2 : 1;
2642 if (k
> x
) /* last character was wide and went over quota */
2645 for (j
= s
+ old_length
; k
< new_length
&& j
> i
; ) {
2648 j
= utf8_prev_char(j
);
2649 c
= utf8_encoded_to_unichar(j
);
2652 k
+= unichar_iswide(c
) ? 2 : 1;
2656 /* we don't actually need to ellipsize */
2658 return memdup(s
, old_length
+ 1);
2660 /* make space for ellipsis */
2661 j
= utf8_next_char(j
);
2664 len2
= s
+ old_length
- j
;
2665 e
= new(char, len
+ 3 + len2
+ 1);
2670 printf("old_length=%zu new_length=%zu x=%zu len=%u len2=%u k=%u\n",
2671 old_length, new_length, x, len, len2, k);
2675 e
[len
] = 0xe2; /* tri-dot ellipsis: … */
2679 memcpy(e
+ len
+ 3, j
, len2
+ 1);
2684 char *ellipsize(const char *s
, size_t length
, unsigned percent
) {
2685 return ellipsize_mem(s
, strlen(s
), length
, percent
);
2688 int touch_file(const char *path
, bool parents
, usec_t stamp
, uid_t uid
, gid_t gid
, mode_t mode
) {
2689 _cleanup_close_
int fd
;
2695 mkdir_parents(path
, 0755);
2697 fd
= open(path
, O_WRONLY
|O_CREAT
|O_CLOEXEC
|O_NOCTTY
, mode
> 0 ? mode
: 0644);
2702 r
= fchmod(fd
, mode
);
2707 if (uid
!= UID_INVALID
|| gid
!= GID_INVALID
) {
2708 r
= fchown(fd
, uid
, gid
);
2713 if (stamp
!= USEC_INFINITY
) {
2714 struct timespec ts
[2];
2716 timespec_store(&ts
[0], stamp
);
2718 r
= futimens(fd
, ts
);
2720 r
= futimens(fd
, NULL
);
2727 int touch(const char *path
) {
2728 return touch_file(path
, false, USEC_INFINITY
, UID_INVALID
, GID_INVALID
, 0);
2731 static char *unquote(const char *s
, const char* quotes
) {
2735 /* This is rather stupid, simply removes the heading and
2736 * trailing quotes if there is one. Doesn't care about
2737 * escaping or anything.
2739 * DON'T USE THIS FOR NEW CODE ANYMORE!*/
2745 if (strchr(quotes
, s
[0]) && s
[l
-1] == s
[0])
2746 return strndup(s
+1, l
-2);
2751 noreturn
void freeze(void) {
2753 /* Make sure nobody waits for us on a socket anymore */
2754 close_all_fds(NULL
, 0);
2762 bool null_or_empty(struct stat
*st
) {
2765 if (S_ISREG(st
->st_mode
) && st
->st_size
<= 0)
2768 if (S_ISCHR(st
->st_mode
) || S_ISBLK(st
->st_mode
))
2774 int null_or_empty_path(const char *fn
) {
2779 if (stat(fn
, &st
) < 0)
2782 return null_or_empty(&st
);
2785 int null_or_empty_fd(int fd
) {
2790 if (fstat(fd
, &st
) < 0)
2793 return null_or_empty(&st
);
2796 DIR *xopendirat(int fd
, const char *name
, int flags
) {
2800 assert(!(flags
& O_CREAT
));
2802 nfd
= openat(fd
, name
, O_RDONLY
|O_NONBLOCK
|O_DIRECTORY
|O_CLOEXEC
|flags
, 0);
2815 static char *tag_to_udev_node(const char *tagvalue
, const char *by
) {
2816 _cleanup_free_
char *t
= NULL
, *u
= NULL
;
2819 u
= unquote(tagvalue
, QUOTES
);
2823 enc_len
= strlen(u
) * 4 + 1;
2824 t
= new(char, enc_len
);
2828 if (encode_devnode_name(u
, t
, enc_len
) < 0)
2831 return strjoin("/dev/disk/by-", by
, "/", t
, NULL
);
2834 char *fstab_node_to_udev_node(const char *p
) {
2837 if (startswith(p
, "LABEL="))
2838 return tag_to_udev_node(p
+6, "label");
2840 if (startswith(p
, "UUID="))
2841 return tag_to_udev_node(p
+5, "uuid");
2843 if (startswith(p
, "PARTUUID="))
2844 return tag_to_udev_node(p
+9, "partuuid");
2846 if (startswith(p
, "PARTLABEL="))
2847 return tag_to_udev_node(p
+10, "partlabel");
2852 bool dirent_is_file(const struct dirent
*de
) {
2855 if (hidden_file(de
->d_name
))
2858 if (de
->d_type
!= DT_REG
&&
2859 de
->d_type
!= DT_LNK
&&
2860 de
->d_type
!= DT_UNKNOWN
)
2866 bool dirent_is_file_with_suffix(const struct dirent
*de
, const char *suffix
) {
2869 if (de
->d_type
!= DT_REG
&&
2870 de
->d_type
!= DT_LNK
&&
2871 de
->d_type
!= DT_UNKNOWN
)
2874 if (hidden_file_allow_backup(de
->d_name
))
2877 return endswith(de
->d_name
, suffix
);
2880 static int do_execute(char **directories
, usec_t timeout
, char *argv
[]) {
2881 _cleanup_hashmap_free_free_ Hashmap
*pids
= NULL
;
2882 _cleanup_set_free_free_ Set
*seen
= NULL
;
2885 /* We fork this all off from a child process so that we can
2886 * somewhat cleanly make use of SIGALRM to set a time limit */
2888 (void) reset_all_signal_handlers();
2889 (void) reset_signal_mask();
2891 assert_se(prctl(PR_SET_PDEATHSIG
, SIGTERM
) == 0);
2893 pids
= hashmap_new(NULL
);
2897 seen
= set_new(&string_hash_ops
);
2901 STRV_FOREACH(directory
, directories
) {
2902 _cleanup_closedir_
DIR *d
;
2905 d
= opendir(*directory
);
2907 if (errno
== ENOENT
)
2910 return log_error_errno(errno
, "Failed to open directory %s: %m", *directory
);
2913 FOREACH_DIRENT(de
, d
, break) {
2914 _cleanup_free_
char *path
= NULL
;
2918 if (!dirent_is_file(de
))
2921 if (set_contains(seen
, de
->d_name
)) {
2922 log_debug("%1$s/%2$s skipped (%2$s was already seen).", *directory
, de
->d_name
);
2926 r
= set_put_strdup(seen
, de
->d_name
);
2930 path
= strjoin(*directory
, "/", de
->d_name
, NULL
);
2934 if (null_or_empty_path(path
)) {
2935 log_debug("%s is empty (a mask).", path
);
2941 log_error_errno(errno
, "Failed to fork: %m");
2943 } else if (pid
== 0) {
2946 assert_se(prctl(PR_SET_PDEATHSIG
, SIGTERM
) == 0);
2956 return log_error_errno(errno
, "Failed to execute %s: %m", path
);
2959 log_debug("Spawned %s as " PID_FMT
".", path
, pid
);
2961 r
= hashmap_put(pids
, UINT_TO_PTR(pid
), path
);
2968 /* Abort execution of this process after the timout. We simply
2969 * rely on SIGALRM as default action terminating the process,
2970 * and turn on alarm(). */
2972 if (timeout
!= USEC_INFINITY
)
2973 alarm((timeout
+ USEC_PER_SEC
- 1) / USEC_PER_SEC
);
2975 while (!hashmap_isempty(pids
)) {
2976 _cleanup_free_
char *path
= NULL
;
2979 pid
= PTR_TO_UINT(hashmap_first_key(pids
));
2982 path
= hashmap_remove(pids
, UINT_TO_PTR(pid
));
2985 wait_for_terminate_and_warn(path
, pid
, true);
2991 void execute_directories(const char* const* directories
, usec_t timeout
, char *argv
[]) {
2995 char **dirs
= (char**) directories
;
2997 assert(!strv_isempty(dirs
));
2999 name
= basename(dirs
[0]);
3000 assert(!isempty(name
));
3002 /* Executes all binaries in the directories in parallel and waits
3003 * for them to finish. Optionally a timeout is applied. If a file
3004 * with the same name exists in more than one directory, the
3005 * earliest one wins. */
3007 executor_pid
= fork();
3008 if (executor_pid
< 0) {
3009 log_error_errno(errno
, "Failed to fork: %m");
3012 } else if (executor_pid
== 0) {
3013 r
= do_execute(dirs
, timeout
, argv
);
3014 _exit(r
< 0 ? EXIT_FAILURE
: EXIT_SUCCESS
);
3017 wait_for_terminate_and_warn(name
, executor_pid
, true);
3020 bool nulstr_contains(const char*nulstr
, const char *needle
) {
3026 NULSTR_FOREACH(i
, nulstr
)
3027 if (streq(i
, needle
))
3033 bool plymouth_running(void) {
3034 return access("/run/plymouth/pid", F_OK
) >= 0;
3037 char* strshorten(char *s
, size_t l
) {
3046 int pipe_eof(int fd
) {
3047 struct pollfd pollfd
= {
3049 .events
= POLLIN
|POLLHUP
,
3054 r
= poll(&pollfd
, 1, 0);
3061 return pollfd
.revents
& POLLHUP
;
3064 int fd_wait_for_event(int fd
, int event
, usec_t t
) {
3066 struct pollfd pollfd
= {
3074 r
= ppoll(&pollfd
, 1, t
== USEC_INFINITY
? NULL
: timespec_store(&ts
, t
), NULL
);
3081 return pollfd
.revents
;
3084 int fopen_temporary(const char *path
, FILE **_f
, char **_temp_path
) {
3093 r
= tempfn_xxxxxx(path
, NULL
, &t
);
3097 fd
= mkostemp_safe(t
, O_WRONLY
|O_CLOEXEC
);
3103 f
= fdopen(fd
, "we");
3117 int symlink_atomic(const char *from
, const char *to
) {
3118 _cleanup_free_
char *t
= NULL
;
3124 r
= tempfn_random(to
, NULL
, &t
);
3128 if (symlink(from
, t
) < 0)
3131 if (rename(t
, to
) < 0) {
3139 int symlink_idempotent(const char *from
, const char *to
) {
3140 _cleanup_free_
char *p
= NULL
;
3146 if (symlink(from
, to
) < 0) {
3147 if (errno
!= EEXIST
)
3150 r
= readlink_malloc(to
, &p
);
3154 if (!streq(p
, from
))
3161 int mknod_atomic(const char *path
, mode_t mode
, dev_t dev
) {
3162 _cleanup_free_
char *t
= NULL
;
3167 r
= tempfn_random(path
, NULL
, &t
);
3171 if (mknod(t
, mode
, dev
) < 0)
3174 if (rename(t
, path
) < 0) {
3182 int mkfifo_atomic(const char *path
, mode_t mode
) {
3183 _cleanup_free_
char *t
= NULL
;
3188 r
= tempfn_random(path
, NULL
, &t
);
3192 if (mkfifo(t
, mode
) < 0)
3195 if (rename(t
, path
) < 0) {
3203 bool display_is_local(const char *display
) {
3207 display
[0] == ':' &&
3208 display
[1] >= '0' &&
3212 int socket_from_display(const char *display
, char **path
) {
3219 if (!display_is_local(display
))
3222 k
= strspn(display
+1, "0123456789");
3224 f
= new(char, strlen("/tmp/.X11-unix/X") + k
+ 1);
3228 c
= stpcpy(f
, "/tmp/.X11-unix/X");
3229 memcpy(c
, display
+1, k
);
3238 const char **username
,
3239 uid_t
*uid
, gid_t
*gid
,
3241 const char **shell
) {
3249 /* We enforce some special rules for uid=0: in order to avoid
3250 * NSS lookups for root we hardcode its data. */
3252 if (streq(*username
, "root") || streq(*username
, "0")) {
3270 if (parse_uid(*username
, &u
) >= 0) {
3274 /* If there are multiple users with the same id, make
3275 * sure to leave $USER to the configured value instead
3276 * of the first occurrence in the database. However if
3277 * the uid was configured by a numeric uid, then let's
3278 * pick the real username from /etc/passwd. */
3280 *username
= p
->pw_name
;
3283 p
= getpwnam(*username
);
3287 return errno
> 0 ? -errno
: -ESRCH
;
3299 *shell
= p
->pw_shell
;
3304 char* uid_to_name(uid_t uid
) {
3309 return strdup("root");
3313 return strdup(p
->pw_name
);
3315 if (asprintf(&r
, UID_FMT
, uid
) < 0)
3321 char* gid_to_name(gid_t gid
) {
3326 return strdup("root");
3330 return strdup(p
->gr_name
);
3332 if (asprintf(&r
, GID_FMT
, gid
) < 0)
3338 int get_group_creds(const char **groupname
, gid_t
*gid
) {
3344 /* We enforce some special rules for gid=0: in order to avoid
3345 * NSS lookups for root we hardcode its data. */
3347 if (streq(*groupname
, "root") || streq(*groupname
, "0")) {
3348 *groupname
= "root";
3356 if (parse_gid(*groupname
, &id
) >= 0) {
3361 *groupname
= g
->gr_name
;
3364 g
= getgrnam(*groupname
);
3368 return errno
> 0 ? -errno
: -ESRCH
;
3376 int in_gid(gid_t gid
) {
3378 int ngroups_max
, r
, i
;
3380 if (getgid() == gid
)
3383 if (getegid() == gid
)
3386 ngroups_max
= sysconf(_SC_NGROUPS_MAX
);
3387 assert(ngroups_max
> 0);
3389 gids
= alloca(sizeof(gid_t
) * ngroups_max
);
3391 r
= getgroups(ngroups_max
, gids
);
3395 for (i
= 0; i
< r
; i
++)
3402 int in_group(const char *name
) {
3406 r
= get_group_creds(&name
, &gid
);
3413 int glob_exists(const char *path
) {
3414 _cleanup_globfree_ glob_t g
= {};
3420 k
= glob(path
, GLOB_NOSORT
|GLOB_BRACE
, NULL
, &g
);
3422 if (k
== GLOB_NOMATCH
)
3424 else if (k
== GLOB_NOSPACE
)
3427 return !strv_isempty(g
.gl_pathv
);
3429 return errno
? -errno
: -EIO
;
3432 int glob_extend(char ***strv
, const char *path
) {
3433 _cleanup_globfree_ glob_t g
= {};
3438 k
= glob(path
, GLOB_NOSORT
|GLOB_BRACE
, NULL
, &g
);
3440 if (k
== GLOB_NOMATCH
)
3442 else if (k
== GLOB_NOSPACE
)
3444 else if (k
!= 0 || strv_isempty(g
.gl_pathv
))
3445 return errno
? -errno
: -EIO
;
3447 STRV_FOREACH(p
, g
.gl_pathv
) {
3448 k
= strv_extend(strv
, *p
);
3456 int dirent_ensure_type(DIR *d
, struct dirent
*de
) {
3462 if (de
->d_type
!= DT_UNKNOWN
)
3465 if (fstatat(dirfd(d
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0)
3469 S_ISREG(st
.st_mode
) ? DT_REG
:
3470 S_ISDIR(st
.st_mode
) ? DT_DIR
:
3471 S_ISLNK(st
.st_mode
) ? DT_LNK
:
3472 S_ISFIFO(st
.st_mode
) ? DT_FIFO
:
3473 S_ISSOCK(st
.st_mode
) ? DT_SOCK
:
3474 S_ISCHR(st
.st_mode
) ? DT_CHR
:
3475 S_ISBLK(st
.st_mode
) ? DT_BLK
:
3481 int get_files_in_directory(const char *path
, char ***list
) {
3482 _cleanup_closedir_
DIR *d
= NULL
;
3483 size_t bufsize
= 0, n
= 0;
3484 _cleanup_strv_free_
char **l
= NULL
;
3488 /* Returns all files in a directory in *list, and the number
3489 * of files as return value. If list is NULL returns only the
3501 if (!de
&& errno
!= 0)
3506 dirent_ensure_type(d
, de
);
3508 if (!dirent_is_file(de
))
3512 /* one extra slot is needed for the terminating NULL */
3513 if (!GREEDY_REALLOC(l
, bufsize
, n
+ 2))
3516 l
[n
] = strdup(de
->d_name
);
3527 l
= NULL
; /* avoid freeing */
3533 char *strjoin(const char *x
, ...) {
3547 t
= va_arg(ap
, const char *);
3552 if (n
> ((size_t) -1) - l
) {
3576 t
= va_arg(ap
, const char *);
3590 bool is_main_thread(void) {
3591 static thread_local
int cached
= 0;
3593 if (_unlikely_(cached
== 0))
3594 cached
= getpid() == gettid() ? 1 : -1;
3599 int block_get_whole_disk(dev_t d
, dev_t
*ret
) {
3606 /* If it has a queue this is good enough for us */
3607 if (asprintf(&p
, "/sys/dev/block/%u:%u/queue", major(d
), minor(d
)) < 0)
3610 r
= access(p
, F_OK
);
3618 /* If it is a partition find the originating device */
3619 if (asprintf(&p
, "/sys/dev/block/%u:%u/partition", major(d
), minor(d
)) < 0)
3622 r
= access(p
, F_OK
);
3628 /* Get parent dev_t */
3629 if (asprintf(&p
, "/sys/dev/block/%u:%u/../dev", major(d
), minor(d
)) < 0)
3632 r
= read_one_line_file(p
, &s
);
3638 r
= sscanf(s
, "%u:%u", &m
, &n
);
3644 /* Only return this if it is really good enough for us. */
3645 if (asprintf(&p
, "/sys/dev/block/%u:%u/queue", m
, n
) < 0)
3648 r
= access(p
, F_OK
);
3652 *ret
= makedev(m
, n
);
3659 static const char *const ioprio_class_table
[] = {
3660 [IOPRIO_CLASS_NONE
] = "none",
3661 [IOPRIO_CLASS_RT
] = "realtime",
3662 [IOPRIO_CLASS_BE
] = "best-effort",
3663 [IOPRIO_CLASS_IDLE
] = "idle"
3666 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ioprio_class
, int, INT_MAX
);
3668 static const char *const sigchld_code_table
[] = {
3669 [CLD_EXITED
] = "exited",
3670 [CLD_KILLED
] = "killed",
3671 [CLD_DUMPED
] = "dumped",
3672 [CLD_TRAPPED
] = "trapped",
3673 [CLD_STOPPED
] = "stopped",
3674 [CLD_CONTINUED
] = "continued",
3677 DEFINE_STRING_TABLE_LOOKUP(sigchld_code
, int);
3679 static const char *const log_facility_unshifted_table
[LOG_NFACILITIES
] = {
3680 [LOG_FAC(LOG_KERN
)] = "kern",
3681 [LOG_FAC(LOG_USER
)] = "user",
3682 [LOG_FAC(LOG_MAIL
)] = "mail",
3683 [LOG_FAC(LOG_DAEMON
)] = "daemon",
3684 [LOG_FAC(LOG_AUTH
)] = "auth",
3685 [LOG_FAC(LOG_SYSLOG
)] = "syslog",
3686 [LOG_FAC(LOG_LPR
)] = "lpr",
3687 [LOG_FAC(LOG_NEWS
)] = "news",
3688 [LOG_FAC(LOG_UUCP
)] = "uucp",
3689 [LOG_FAC(LOG_CRON
)] = "cron",
3690 [LOG_FAC(LOG_AUTHPRIV
)] = "authpriv",
3691 [LOG_FAC(LOG_FTP
)] = "ftp",
3692 [LOG_FAC(LOG_LOCAL0
)] = "local0",
3693 [LOG_FAC(LOG_LOCAL1
)] = "local1",
3694 [LOG_FAC(LOG_LOCAL2
)] = "local2",
3695 [LOG_FAC(LOG_LOCAL3
)] = "local3",
3696 [LOG_FAC(LOG_LOCAL4
)] = "local4",
3697 [LOG_FAC(LOG_LOCAL5
)] = "local5",
3698 [LOG_FAC(LOG_LOCAL6
)] = "local6",
3699 [LOG_FAC(LOG_LOCAL7
)] = "local7"
3702 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_facility_unshifted
, int, LOG_FAC(~0));
3704 static const char *const log_level_table
[] = {
3705 [LOG_EMERG
] = "emerg",
3706 [LOG_ALERT
] = "alert",
3707 [LOG_CRIT
] = "crit",
3709 [LOG_WARNING
] = "warning",
3710 [LOG_NOTICE
] = "notice",
3711 [LOG_INFO
] = "info",
3712 [LOG_DEBUG
] = "debug"
3715 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_level
, int, LOG_DEBUG
);
3717 static const char* const sched_policy_table
[] = {
3718 [SCHED_OTHER
] = "other",
3719 [SCHED_BATCH
] = "batch",
3720 [SCHED_IDLE
] = "idle",
3721 [SCHED_FIFO
] = "fifo",
3725 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(sched_policy
, int, INT_MAX
);
3727 static const char* const rlimit_table
[_RLIMIT_MAX
] = {
3728 [RLIMIT_CPU
] = "LimitCPU",
3729 [RLIMIT_FSIZE
] = "LimitFSIZE",
3730 [RLIMIT_DATA
] = "LimitDATA",
3731 [RLIMIT_STACK
] = "LimitSTACK",
3732 [RLIMIT_CORE
] = "LimitCORE",
3733 [RLIMIT_RSS
] = "LimitRSS",
3734 [RLIMIT_NOFILE
] = "LimitNOFILE",
3735 [RLIMIT_AS
] = "LimitAS",
3736 [RLIMIT_NPROC
] = "LimitNPROC",
3737 [RLIMIT_MEMLOCK
] = "LimitMEMLOCK",
3738 [RLIMIT_LOCKS
] = "LimitLOCKS",
3739 [RLIMIT_SIGPENDING
] = "LimitSIGPENDING",
3740 [RLIMIT_MSGQUEUE
] = "LimitMSGQUEUE",
3741 [RLIMIT_NICE
] = "LimitNICE",
3742 [RLIMIT_RTPRIO
] = "LimitRTPRIO",
3743 [RLIMIT_RTTIME
] = "LimitRTTIME"
3746 DEFINE_STRING_TABLE_LOOKUP(rlimit
, int);
3748 static const char* const ip_tos_table
[] = {
3749 [IPTOS_LOWDELAY
] = "low-delay",
3750 [IPTOS_THROUGHPUT
] = "throughput",
3751 [IPTOS_RELIABILITY
] = "reliability",
3752 [IPTOS_LOWCOST
] = "low-cost",
3755 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ip_tos
, int, 0xff);
3757 bool kexec_loaded(void) {
3758 bool loaded
= false;
3761 if (read_one_line_file("/sys/kernel/kexec_loaded", &s
) >= 0) {
3769 int prot_from_flags(int flags
) {
3771 switch (flags
& O_ACCMODE
) {
3780 return PROT_READ
|PROT_WRITE
;
3787 char *format_bytes(char *buf
, size_t l
, uint64_t t
) {
3790 static const struct {
3794 { "E", UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024) },
3795 { "P", UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024) },
3796 { "T", UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024) },
3797 { "G", UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024) },
3798 { "M", UINT64_C(1024)*UINT64_C(1024) },
3799 { "K", UINT64_C(1024) },
3802 if (t
== (uint64_t) -1)
3805 for (i
= 0; i
< ELEMENTSOF(table
); i
++) {
3807 if (t
>= table
[i
].factor
) {
3809 "%" PRIu64
".%" PRIu64
"%s",
3810 t
/ table
[i
].factor
,
3811 ((t
*UINT64_C(10)) / table
[i
].factor
) % UINT64_C(10),
3818 snprintf(buf
, l
, "%" PRIu64
"B", t
);
3826 void* memdup(const void *p
, size_t l
) {
3839 int fd_inc_sndbuf(int fd
, size_t n
) {
3841 socklen_t l
= sizeof(value
);
3843 r
= getsockopt(fd
, SOL_SOCKET
, SO_SNDBUF
, &value
, &l
);
3844 if (r
>= 0 && l
== sizeof(value
) && (size_t) value
>= n
*2)
3847 /* If we have the privileges we will ignore the kernel limit. */
3850 if (setsockopt(fd
, SOL_SOCKET
, SO_SNDBUFFORCE
, &value
, sizeof(value
)) < 0)
3851 if (setsockopt(fd
, SOL_SOCKET
, SO_SNDBUF
, &value
, sizeof(value
)) < 0)
3857 int fd_inc_rcvbuf(int fd
, size_t n
) {
3859 socklen_t l
= sizeof(value
);
3861 r
= getsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &value
, &l
);
3862 if (r
>= 0 && l
== sizeof(value
) && (size_t) value
>= n
*2)
3865 /* If we have the privileges we will ignore the kernel limit. */
3868 if (setsockopt(fd
, SOL_SOCKET
, SO_RCVBUFFORCE
, &value
, sizeof(value
)) < 0)
3869 if (setsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &value
, sizeof(value
)) < 0)
3874 int fork_agent(pid_t
*pid
, const int except
[], unsigned n_except
, const char *path
, ...) {
3875 bool stdout_is_tty
, stderr_is_tty
;
3876 pid_t parent_pid
, agent_pid
;
3877 sigset_t ss
, saved_ss
;
3885 /* Spawns a temporary TTY agent, making sure it goes away when
3888 parent_pid
= getpid();
3890 /* First we temporarily block all signals, so that the new
3891 * child has them blocked initially. This way, we can be sure
3892 * that SIGTERMs are not lost we might send to the agent. */
3893 assert_se(sigfillset(&ss
) >= 0);
3894 assert_se(sigprocmask(SIG_SETMASK
, &ss
, &saved_ss
) >= 0);
3897 if (agent_pid
< 0) {
3898 assert_se(sigprocmask(SIG_SETMASK
, &saved_ss
, NULL
) >= 0);
3902 if (agent_pid
!= 0) {
3903 assert_se(sigprocmask(SIG_SETMASK
, &saved_ss
, NULL
) >= 0);
3910 * Make sure the agent goes away when the parent dies */
3911 if (prctl(PR_SET_PDEATHSIG
, SIGTERM
) < 0)
3912 _exit(EXIT_FAILURE
);
3914 /* Make sure we actually can kill the agent, if we need to, in
3915 * case somebody invoked us from a shell script that trapped
3916 * SIGTERM or so... */
3917 (void) reset_all_signal_handlers();
3918 (void) reset_signal_mask();
3920 /* Check whether our parent died before we were able
3921 * to set the death signal and unblock the signals */
3922 if (getppid() != parent_pid
)
3923 _exit(EXIT_SUCCESS
);
3925 /* Don't leak fds to the agent */
3926 close_all_fds(except
, n_except
);
3928 stdout_is_tty
= isatty(STDOUT_FILENO
);
3929 stderr_is_tty
= isatty(STDERR_FILENO
);
3931 if (!stdout_is_tty
|| !stderr_is_tty
) {
3934 /* Detach from stdout/stderr. and reopen
3935 * /dev/tty for them. This is important to
3936 * ensure that when systemctl is started via
3937 * popen() or a similar call that expects to
3938 * read EOF we actually do generate EOF and
3939 * not delay this indefinitely by because we
3940 * keep an unused copy of stdin around. */
3941 fd
= open("/dev/tty", O_WRONLY
);
3943 log_error_errno(errno
, "Failed to open /dev/tty: %m");
3944 _exit(EXIT_FAILURE
);
3948 dup2(fd
, STDOUT_FILENO
);
3951 dup2(fd
, STDERR_FILENO
);
3957 /* Count arguments */
3959 for (n
= 0; va_arg(ap
, char*); n
++)
3964 l
= alloca(sizeof(char *) * (n
+ 1));
3966 /* Fill in arguments */
3968 for (i
= 0; i
<= n
; i
++)
3969 l
[i
] = va_arg(ap
, char*);
3973 _exit(EXIT_FAILURE
);
3976 int setrlimit_closest(int resource
, const struct rlimit
*rlim
) {
3977 struct rlimit highest
, fixed
;
3981 if (setrlimit(resource
, rlim
) >= 0)
3987 /* So we failed to set the desired setrlimit, then let's try
3988 * to get as close as we can */
3989 assert_se(getrlimit(resource
, &highest
) == 0);
3991 fixed
.rlim_cur
= MIN(rlim
->rlim_cur
, highest
.rlim_max
);
3992 fixed
.rlim_max
= MIN(rlim
->rlim_max
, highest
.rlim_max
);
3994 if (setrlimit(resource
, &fixed
) < 0)
4000 bool http_etag_is_valid(const char *etag
) {
4004 if (!endswith(etag
, "\""))
4007 if (!startswith(etag
, "\"") && !startswith(etag
, "W/\""))
4013 bool http_url_is_valid(const char *url
) {
4019 p
= startswith(url
, "http://");
4021 p
= startswith(url
, "https://");
4028 return ascii_is_valid(p
);
4031 bool documentation_url_is_valid(const char *url
) {
4037 if (http_url_is_valid(url
))
4040 p
= startswith(url
, "file:/");
4042 p
= startswith(url
, "info:");
4044 p
= startswith(url
, "man:");
4049 return ascii_is_valid(p
);
4052 bool in_initrd(void) {
4053 static int saved
= -1;
4059 /* We make two checks here:
4061 * 1. the flag file /etc/initrd-release must exist
4062 * 2. the root file system must be a memory file system
4064 * The second check is extra paranoia, since misdetecting an
4065 * initrd can have bad bad consequences due the initrd
4066 * emptying when transititioning to the main systemd.
4069 saved
= access("/etc/initrd-release", F_OK
) >= 0 &&
4070 statfs("/", &s
) >= 0 &&
4071 is_temporary_fs(&s
);
4076 int get_home_dir(char **_h
) {
4084 /* Take the user specified one */
4085 e
= secure_getenv("HOME");
4086 if (e
&& path_is_absolute(e
)) {
4095 /* Hardcode home directory for root to avoid NSS */
4098 h
= strdup("/root");
4106 /* Check the database... */
4110 return errno
> 0 ? -errno
: -ESRCH
;
4112 if (!path_is_absolute(p
->pw_dir
))
4115 h
= strdup(p
->pw_dir
);
4123 int get_shell(char **_s
) {
4131 /* Take the user specified one */
4132 e
= getenv("SHELL");
4142 /* Hardcode home directory for root to avoid NSS */
4145 s
= strdup("/bin/sh");
4153 /* Check the database... */
4157 return errno
> 0 ? -errno
: -ESRCH
;
4159 if (!path_is_absolute(p
->pw_shell
))
4162 s
= strdup(p
->pw_shell
);
4170 bool filename_is_valid(const char *p
) {
4184 if (strlen(p
) > FILENAME_MAX
)
4190 bool string_is_safe(const char *p
) {
4196 for (t
= p
; *t
; t
++) {
4197 if (*t
> 0 && *t
< ' ')
4200 if (strchr("\\\"\'\x7f", *t
))
4208 * Check if a string contains control characters. If 'ok' is non-NULL
4209 * it may be a string containing additional CCs to be considered OK.
4211 bool string_has_cc(const char *p
, const char *ok
) {
4216 for (t
= p
; *t
; t
++) {
4217 if (ok
&& strchr(ok
, *t
))
4220 if (*t
> 0 && *t
< ' ')
4230 bool path_is_safe(const char *p
) {
4235 if (streq(p
, "..") || startswith(p
, "../") || endswith(p
, "/..") || strstr(p
, "/../"))
4238 if (strlen(p
)+1 > PATH_MAX
)
4241 /* The following two checks are not really dangerous, but hey, they still are confusing */
4242 if (streq(p
, ".") || startswith(p
, "./") || endswith(p
, "/.") || strstr(p
, "/./"))
4245 if (strstr(p
, "//"))
4251 /* hey glibc, APIs with callbacks without a user pointer are so useless */
4252 void *xbsearch_r(const void *key
, const void *base
, size_t nmemb
, size_t size
,
4253 int (*compar
) (const void *, const void *, void *), void *arg
) {
4262 p
= (void *)(((const char *) base
) + (idx
* size
));
4263 comparison
= compar(key
, p
, arg
);
4266 else if (comparison
> 0)
4274 void init_gettext(void) {
4275 setlocale(LC_ALL
, "");
4276 textdomain(GETTEXT_PACKAGE
);
4279 bool is_locale_utf8(void) {
4281 static int cached_answer
= -1;
4283 if (cached_answer
>= 0)
4286 if (!setlocale(LC_ALL
, "")) {
4287 cached_answer
= true;
4291 set
= nl_langinfo(CODESET
);
4293 cached_answer
= true;
4297 if (streq(set
, "UTF-8")) {
4298 cached_answer
= true;
4302 /* For LC_CTYPE=="C" return true, because CTYPE is effectly
4303 * unset and everything can do to UTF-8 nowadays. */
4304 set
= setlocale(LC_CTYPE
, NULL
);
4306 cached_answer
= true;
4310 /* Check result, but ignore the result if C was set
4313 STR_IN_SET(set
, "C", "POSIX") &&
4314 !getenv("LC_ALL") &&
4315 !getenv("LC_CTYPE") &&
4319 return (bool) cached_answer
;
4322 const char *draw_special_char(DrawSpecialChar ch
) {
4323 static const char *draw_table
[2][_DRAW_SPECIAL_CHAR_MAX
] = {
4326 [DRAW_TREE_VERTICAL
] = "\342\224\202 ", /* │ */
4327 [DRAW_TREE_BRANCH
] = "\342\224\234\342\224\200", /* ├─ */
4328 [DRAW_TREE_RIGHT
] = "\342\224\224\342\224\200", /* └─ */
4329 [DRAW_TREE_SPACE
] = " ", /* */
4330 [DRAW_TRIANGULAR_BULLET
] = "\342\200\243", /* ‣ */
4331 [DRAW_BLACK_CIRCLE
] = "\342\227\217", /* ● */
4332 [DRAW_ARROW
] = "\342\206\222", /* → */
4333 [DRAW_DASH
] = "\342\200\223", /* – */
4336 /* ASCII fallback */ {
4337 [DRAW_TREE_VERTICAL
] = "| ",
4338 [DRAW_TREE_BRANCH
] = "|-",
4339 [DRAW_TREE_RIGHT
] = "`-",
4340 [DRAW_TREE_SPACE
] = " ",
4341 [DRAW_TRIANGULAR_BULLET
] = ">",
4342 [DRAW_BLACK_CIRCLE
] = "*",
4343 [DRAW_ARROW
] = "->",
4348 return draw_table
[!is_locale_utf8()][ch
];
4351 char *strreplace(const char *text
, const char *old_string
, const char *new_string
) {
4354 size_t l
, old_len
, new_len
;
4360 old_len
= strlen(old_string
);
4361 new_len
= strlen(new_string
);
4374 if (!startswith(f
, old_string
)) {
4380 nl
= l
- old_len
+ new_len
;
4381 a
= realloc(r
, nl
+ 1);
4389 t
= stpcpy(t
, new_string
);
4401 char *strip_tab_ansi(char **ibuf
, size_t *_isz
) {
4402 const char *i
, *begin
= NULL
;
4407 } state
= STATE_OTHER
;
4409 size_t osz
= 0, isz
;
4415 /* Strips ANSI color and replaces TABs by 8 spaces */
4417 isz
= _isz
? *_isz
: strlen(*ibuf
);
4419 f
= open_memstream(&obuf
, &osz
);
4423 for (i
= *ibuf
; i
< *ibuf
+ isz
+ 1; i
++) {
4428 if (i
>= *ibuf
+ isz
) /* EOT */
4430 else if (*i
== '\x1B')
4431 state
= STATE_ESCAPE
;
4432 else if (*i
== '\t')
4439 if (i
>= *ibuf
+ isz
) { /* EOT */
4442 } else if (*i
== '[') {
4443 state
= STATE_BRACKET
;
4448 state
= STATE_OTHER
;
4455 if (i
>= *ibuf
+ isz
|| /* EOT */
4456 (!(*i
>= '0' && *i
<= '9') && *i
!= ';' && *i
!= 'm')) {
4459 state
= STATE_OTHER
;
4461 } else if (*i
== 'm')
4462 state
= STATE_OTHER
;
4484 int on_ac_power(void) {
4485 bool found_offline
= false, found_online
= false;
4486 _cleanup_closedir_
DIR *d
= NULL
;
4488 d
= opendir("/sys/class/power_supply");
4490 return errno
== ENOENT
? true : -errno
;
4494 _cleanup_close_
int fd
= -1, device
= -1;
4500 if (!de
&& errno
!= 0)
4506 if (hidden_file(de
->d_name
))
4509 device
= openat(dirfd(d
), de
->d_name
, O_DIRECTORY
|O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
4511 if (errno
== ENOENT
|| errno
== ENOTDIR
)
4517 fd
= openat(device
, "type", O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
4519 if (errno
== ENOENT
)
4525 n
= read(fd
, contents
, sizeof(contents
));
4529 if (n
!= 6 || memcmp(contents
, "Mains\n", 6))
4533 fd
= openat(device
, "online", O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
4535 if (errno
== ENOENT
)
4541 n
= read(fd
, contents
, sizeof(contents
));
4545 if (n
!= 2 || contents
[1] != '\n')
4548 if (contents
[0] == '1') {
4549 found_online
= true;
4551 } else if (contents
[0] == '0')
4552 found_offline
= true;
4557 return found_online
|| !found_offline
;
4560 static int search_and_fopen_internal(const char *path
, const char *mode
, const char *root
, char **search
, FILE **_f
) {
4567 if (!path_strv_resolve_uniq(search
, root
))
4570 STRV_FOREACH(i
, search
) {
4571 _cleanup_free_
char *p
= NULL
;
4575 p
= strjoin(root
, *i
, "/", path
, NULL
);
4577 p
= strjoin(*i
, "/", path
, NULL
);
4587 if (errno
!= ENOENT
)
4594 int search_and_fopen(const char *path
, const char *mode
, const char *root
, const char **search
, FILE **_f
) {
4595 _cleanup_strv_free_
char **copy
= NULL
;
4601 if (path_is_absolute(path
)) {
4604 f
= fopen(path
, mode
);
4613 copy
= strv_copy((char**) search
);
4617 return search_and_fopen_internal(path
, mode
, root
, copy
, _f
);
4620 int search_and_fopen_nulstr(const char *path
, const char *mode
, const char *root
, const char *search
, FILE **_f
) {
4621 _cleanup_strv_free_
char **s
= NULL
;
4623 if (path_is_absolute(path
)) {
4626 f
= fopen(path
, mode
);
4635 s
= strv_split_nulstr(search
);
4639 return search_and_fopen_internal(path
, mode
, root
, s
, _f
);
4642 char *strextend(char **x
, ...) {
4649 l
= f
= *x
? strlen(*x
) : 0;
4656 t
= va_arg(ap
, const char *);
4661 if (n
> ((size_t) -1) - l
) {
4670 r
= realloc(*x
, l
+1);
4680 t
= va_arg(ap
, const char *);
4694 char *strrep(const char *s
, unsigned n
) {
4702 p
= r
= malloc(l
* n
+ 1);
4706 for (i
= 0; i
< n
; i
++)
4713 void* greedy_realloc(void **p
, size_t *allocated
, size_t need
, size_t size
) {
4720 if (*allocated
>= need
)
4723 newalloc
= MAX(need
* 2, 64u / size
);
4724 a
= newalloc
* size
;
4726 /* check for overflows */
4727 if (a
< size
* need
)
4735 *allocated
= newalloc
;
4739 void* greedy_realloc0(void **p
, size_t *allocated
, size_t need
, size_t size
) {
4748 q
= greedy_realloc(p
, allocated
, need
, size
);
4752 if (*allocated
> prev
)
4753 memzero(q
+ prev
* size
, (*allocated
- prev
) * size
);
4758 bool id128_is_valid(const char *s
) {
4764 /* Simple formatted 128bit hex string */
4766 for (i
= 0; i
< l
; i
++) {
4769 if (!(c
>= '0' && c
<= '9') &&
4770 !(c
>= 'a' && c
<= 'z') &&
4771 !(c
>= 'A' && c
<= 'Z'))
4775 } else if (l
== 36) {
4777 /* Formatted UUID */
4779 for (i
= 0; i
< l
; i
++) {
4782 if ((i
== 8 || i
== 13 || i
== 18 || i
== 23)) {
4786 if (!(c
>= '0' && c
<= '9') &&
4787 !(c
>= 'a' && c
<= 'z') &&
4788 !(c
>= 'A' && c
<= 'Z'))
4799 int split_pair(const char *s
, const char *sep
, char **l
, char **r
) {
4814 a
= strndup(s
, x
- s
);
4818 b
= strdup(x
+ strlen(sep
));
4830 int shall_restore_state(void) {
4831 _cleanup_free_
char *value
= NULL
;
4834 r
= get_proc_cmdline_key("systemd.restore_state=", &value
);
4840 return parse_boolean(value
) != 0;
4843 int proc_cmdline(char **ret
) {
4846 if (detect_container() > 0)
4847 return get_process_cmdline(1, 0, false, ret
);
4849 return read_one_line_file("/proc/cmdline", ret
);
4852 int parse_proc_cmdline(int (*parse_item
)(const char *key
, const char *value
)) {
4853 _cleanup_free_
char *line
= NULL
;
4859 r
= proc_cmdline(&line
);
4865 _cleanup_free_
char *word
= NULL
;
4868 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
|EXTRACT_RELAX
);
4874 /* Filter out arguments that are intended only for the
4876 if (!in_initrd() && startswith(word
, "rd."))
4879 value
= strchr(word
, '=');
4883 r
= parse_item(word
, value
);
4891 int get_proc_cmdline_key(const char *key
, char **value
) {
4892 _cleanup_free_
char *line
= NULL
, *ret
= NULL
;
4899 r
= proc_cmdline(&line
);
4905 _cleanup_free_
char *word
= NULL
;
4908 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
|EXTRACT_RELAX
);
4914 /* Filter out arguments that are intended only for the
4916 if (!in_initrd() && startswith(word
, "rd."))
4920 e
= startswith(word
, key
);
4924 r
= free_and_strdup(&ret
, e
);
4930 if (streq(word
, key
))
4944 int container_get_leader(const char *machine
, pid_t
*pid
) {
4945 _cleanup_free_
char *s
= NULL
, *class = NULL
;
4953 if (!machine_name_is_valid(machine
))
4956 p
= strjoina("/run/systemd/machines/", machine
);
4957 r
= parse_env_file(p
, NEWLINE
, "LEADER", &s
, "CLASS", &class, NULL
);
4965 if (!streq_ptr(class, "container"))
4968 r
= parse_pid(s
, &leader
);
4978 int namespace_open(pid_t pid
, int *pidns_fd
, int *mntns_fd
, int *netns_fd
, int *userns_fd
, int *root_fd
) {
4979 _cleanup_close_
int pidnsfd
= -1, mntnsfd
= -1, netnsfd
= -1, usernsfd
= -1;
4987 mntns
= procfs_file_alloca(pid
, "ns/mnt");
4988 mntnsfd
= open(mntns
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
);
4996 pidns
= procfs_file_alloca(pid
, "ns/pid");
4997 pidnsfd
= open(pidns
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
);
5005 netns
= procfs_file_alloca(pid
, "ns/net");
5006 netnsfd
= open(netns
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
);
5014 userns
= procfs_file_alloca(pid
, "ns/user");
5015 usernsfd
= open(userns
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
);
5016 if (usernsfd
< 0 && errno
!= ENOENT
)
5023 root
= procfs_file_alloca(pid
, "root");
5024 rfd
= open(root
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
|O_DIRECTORY
);
5030 *pidns_fd
= pidnsfd
;
5033 *mntns_fd
= mntnsfd
;
5036 *netns_fd
= netnsfd
;
5039 *userns_fd
= usernsfd
;
5044 pidnsfd
= mntnsfd
= netnsfd
= usernsfd
= -1;
5049 int namespace_enter(int pidns_fd
, int mntns_fd
, int netns_fd
, int userns_fd
, int root_fd
) {
5050 if (userns_fd
>= 0) {
5051 /* Can't setns to your own userns, since then you could
5052 * escalate from non-root to root in your own namespace, so
5053 * check if namespaces equal before attempting to enter. */
5054 _cleanup_free_
char *userns_fd_path
= NULL
;
5056 if (asprintf(&userns_fd_path
, "/proc/self/fd/%d", userns_fd
) < 0)
5059 r
= files_same(userns_fd_path
, "/proc/self/ns/user");
5067 if (setns(pidns_fd
, CLONE_NEWPID
) < 0)
5071 if (setns(mntns_fd
, CLONE_NEWNS
) < 0)
5075 if (setns(netns_fd
, CLONE_NEWNET
) < 0)
5079 if (setns(userns_fd
, CLONE_NEWUSER
) < 0)
5083 if (fchdir(root_fd
) < 0)
5086 if (chroot(".") < 0)
5090 return reset_uid_gid();
5093 int getpeercred(int fd
, struct ucred
*ucred
) {
5094 socklen_t n
= sizeof(struct ucred
);
5101 r
= getsockopt(fd
, SOL_SOCKET
, SO_PEERCRED
, &u
, &n
);
5105 if (n
!= sizeof(struct ucred
))
5108 /* Check if the data is actually useful and not suppressed due
5109 * to namespacing issues */
5112 if (u
.uid
== UID_INVALID
)
5114 if (u
.gid
== GID_INVALID
)
5121 int getpeersec(int fd
, char **ret
) {
5133 r
= getsockopt(fd
, SOL_SOCKET
, SO_PEERSEC
, s
, &n
);
5137 if (errno
!= ERANGE
)
5144 r
= getsockopt(fd
, SOL_SOCKET
, SO_PEERSEC
, s
, &n
);
5160 /* This is much like like mkostemp() but is subject to umask(). */
5161 int mkostemp_safe(char *pattern
, int flags
) {
5162 _cleanup_umask_ mode_t u
;
5169 fd
= mkostemp(pattern
, flags
);
5176 int open_tmpfile(const char *path
, int flags
) {
5183 /* Try O_TMPFILE first, if it is supported */
5184 fd
= open(path
, flags
|O_TMPFILE
|O_EXCL
, S_IRUSR
|S_IWUSR
);
5189 /* Fall back to unguessable name + unlinking */
5190 p
= strjoina(path
, "/systemd-tmp-XXXXXX");
5192 fd
= mkostemp_safe(p
, flags
);
5200 int fd_warn_permissions(const char *path
, int fd
) {
5203 if (fstat(fd
, &st
) < 0)
5206 if (st
.st_mode
& 0111)
5207 log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path
);
5209 if (st
.st_mode
& 0002)
5210 log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path
);
5212 if (getpid() == 1 && (st
.st_mode
& 0044) != 0044)
5213 log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path
);
5218 unsigned long personality_from_string(const char *p
) {
5220 /* Parse a personality specifier. We introduce our own
5221 * identifiers that indicate specific ABIs, rather than just
5222 * hints regarding the register size, since we want to keep
5223 * things open for multiple locally supported ABIs for the
5224 * same register size. We try to reuse the ABI identifiers
5225 * used by libseccomp. */
5227 #if defined(__x86_64__)
5229 if (streq(p
, "x86"))
5232 if (streq(p
, "x86-64"))
5235 #elif defined(__i386__)
5237 if (streq(p
, "x86"))
5241 return PERSONALITY_INVALID
;
5244 const char* personality_to_string(unsigned long p
) {
5246 #if defined(__x86_64__)
5248 if (p
== PER_LINUX32
)
5254 #elif defined(__i386__)
5263 uint64_t physical_memory(void) {
5266 /* We return this as uint64_t in case we are running as 32bit
5267 * process on a 64bit kernel with huge amounts of memory */
5269 mem
= sysconf(_SC_PHYS_PAGES
);
5272 return (uint64_t) mem
* (uint64_t) page_size();
5275 void hexdump(FILE *f
, const void *p
, size_t s
) {
5276 const uint8_t *b
= p
;
5279 assert(s
== 0 || b
);
5284 fprintf(f
, "%04x ", n
);
5286 for (i
= 0; i
< 16; i
++) {
5291 fprintf(f
, "%02x ", b
[i
]);
5299 for (i
= 0; i
< 16; i
++) {
5304 fputc(isprint(b
[i
]) ? (char) b
[i
] : '.', f
);
5318 int update_reboot_param_file(const char *param
) {
5323 r
= write_string_file(REBOOT_PARAM_FILE
, param
, WRITE_STRING_FILE_CREATE
);
5325 log_error("Failed to write reboot param to "
5326 REBOOT_PARAM_FILE
": %s", strerror(-r
));
5328 unlink(REBOOT_PARAM_FILE
);
5333 int umount_recursive(const char *prefix
, int flags
) {
5337 /* Try to umount everything recursively below a
5338 * directory. Also, take care of stacked mounts, and keep
5339 * unmounting them until they are gone. */
5342 _cleanup_fclose_
FILE *proc_self_mountinfo
= NULL
;
5347 proc_self_mountinfo
= fopen("/proc/self/mountinfo", "re");
5348 if (!proc_self_mountinfo
)
5352 _cleanup_free_
char *path
= NULL
, *p
= NULL
;
5355 k
= fscanf(proc_self_mountinfo
,
5356 "%*s " /* (1) mount id */
5357 "%*s " /* (2) parent id */
5358 "%*s " /* (3) major:minor */
5359 "%*s " /* (4) root */
5360 "%ms " /* (5) mount point */
5361 "%*s" /* (6) mount options */
5362 "%*[^-]" /* (7) optional fields */
5363 "- " /* (8) separator */
5364 "%*s " /* (9) file system type */
5365 "%*s" /* (10) mount source */
5366 "%*s" /* (11) mount options 2 */
5367 "%*[^\n]", /* some rubbish at the end */
5376 r
= cunescape(path
, UNESCAPE_RELAX
, &p
);
5380 if (!path_startswith(p
, prefix
))
5383 if (umount2(p
, flags
) < 0) {
5399 static int get_mount_flags(const char *path
, unsigned long *flags
) {
5402 if (statvfs(path
, &buf
) < 0)
5404 *flags
= buf
.f_flag
;
5408 int bind_remount_recursive(const char *prefix
, bool ro
) {
5409 _cleanup_set_free_free_ Set
*done
= NULL
;
5410 _cleanup_free_
char *cleaned
= NULL
;
5413 /* Recursively remount a directory (and all its submounts)
5414 * read-only or read-write. If the directory is already
5415 * mounted, we reuse the mount and simply mark it
5416 * MS_BIND|MS_RDONLY (or remove the MS_RDONLY for read-write
5417 * operation). If it isn't we first make it one. Afterwards we
5418 * apply MS_BIND|MS_RDONLY (or remove MS_RDONLY) to all
5419 * submounts we can access, too. When mounts are stacked on
5420 * the same mount point we only care for each individual
5421 * "top-level" mount on each point, as we cannot
5422 * influence/access the underlying mounts anyway. We do not
5423 * have any effect on future submounts that might get
5424 * propagated, they migt be writable. This includes future
5425 * submounts that have been triggered via autofs. */
5427 cleaned
= strdup(prefix
);
5431 path_kill_slashes(cleaned
);
5433 done
= set_new(&string_hash_ops
);
5438 _cleanup_fclose_
FILE *proc_self_mountinfo
= NULL
;
5439 _cleanup_set_free_free_ Set
*todo
= NULL
;
5440 bool top_autofs
= false;
5442 unsigned long orig_flags
;
5444 todo
= set_new(&string_hash_ops
);
5448 proc_self_mountinfo
= fopen("/proc/self/mountinfo", "re");
5449 if (!proc_self_mountinfo
)
5453 _cleanup_free_
char *path
= NULL
, *p
= NULL
, *type
= NULL
;
5456 k
= fscanf(proc_self_mountinfo
,
5457 "%*s " /* (1) mount id */
5458 "%*s " /* (2) parent id */
5459 "%*s " /* (3) major:minor */
5460 "%*s " /* (4) root */
5461 "%ms " /* (5) mount point */
5462 "%*s" /* (6) mount options (superblock) */
5463 "%*[^-]" /* (7) optional fields */
5464 "- " /* (8) separator */
5465 "%ms " /* (9) file system type */
5466 "%*s" /* (10) mount source */
5467 "%*s" /* (11) mount options (bind mount) */
5468 "%*[^\n]", /* some rubbish at the end */
5478 r
= cunescape(path
, UNESCAPE_RELAX
, &p
);
5482 /* Let's ignore autofs mounts. If they aren't
5483 * triggered yet, we want to avoid triggering
5484 * them, as we don't make any guarantees for
5485 * future submounts anyway. If they are
5486 * already triggered, then we will find
5487 * another entry for this. */
5488 if (streq(type
, "autofs")) {
5489 top_autofs
= top_autofs
|| path_equal(cleaned
, p
);
5493 if (path_startswith(p
, cleaned
) &&
5494 !set_contains(done
, p
)) {
5496 r
= set_consume(todo
, p
);
5506 /* If we have no submounts to process anymore and if
5507 * the root is either already done, or an autofs, we
5509 if (set_isempty(todo
) &&
5510 (top_autofs
|| set_contains(done
, cleaned
)))
5513 if (!set_contains(done
, cleaned
) &&
5514 !set_contains(todo
, cleaned
)) {
5515 /* The prefix directory itself is not yet a
5516 * mount, make it one. */
5517 if (mount(cleaned
, cleaned
, NULL
, MS_BIND
|MS_REC
, NULL
) < 0)
5521 (void) get_mount_flags(cleaned
, &orig_flags
);
5522 orig_flags
&= ~MS_RDONLY
;
5524 if (mount(NULL
, prefix
, NULL
, orig_flags
|MS_BIND
|MS_REMOUNT
|(ro
? MS_RDONLY
: 0), NULL
) < 0)
5527 x
= strdup(cleaned
);
5531 r
= set_consume(done
, x
);
5536 while ((x
= set_steal_first(todo
))) {
5538 r
= set_consume(done
, x
);
5539 if (r
== -EEXIST
|| r
== 0)
5544 /* Try to reuse the original flag set, but
5545 * don't care for errors, in case of
5546 * obstructed mounts */
5548 (void) get_mount_flags(x
, &orig_flags
);
5549 orig_flags
&= ~MS_RDONLY
;
5551 if (mount(NULL
, x
, NULL
, orig_flags
|MS_BIND
|MS_REMOUNT
|(ro
? MS_RDONLY
: 0), NULL
) < 0) {
5553 /* Deal with mount points that are
5554 * obstructed by a later mount */
5556 if (errno
!= ENOENT
)
5564 int fflush_and_check(FILE *f
) {
5571 return errno
? -errno
: -EIO
;
5576 int tempfn_xxxxxx(const char *p
, const char *extra
, char **ret
) {
5588 * /foo/bar/.#<extra>waldoXXXXXX
5592 if (!filename_is_valid(fn
))
5598 t
= new(char, strlen(p
) + 2 + strlen(extra
) + 6 + 1);
5602 strcpy(stpcpy(stpcpy(stpcpy(mempcpy(t
, p
, fn
- p
), ".#"), extra
), fn
), "XXXXXX");
5604 *ret
= path_kill_slashes(t
);
5608 int tempfn_random(const char *p
, const char *extra
, char **ret
) {
5622 * /foo/bar/.#<extra>waldobaa2a261115984a9
5626 if (!filename_is_valid(fn
))
5632 t
= new(char, strlen(p
) + 2 + strlen(extra
) + 16 + 1);
5636 x
= stpcpy(stpcpy(stpcpy(mempcpy(t
, p
, fn
- p
), ".#"), extra
), fn
);
5639 for (i
= 0; i
< 16; i
++) {
5640 *(x
++) = hexchar(u
& 0xF);
5646 *ret
= path_kill_slashes(t
);
5650 int tempfn_random_child(const char *p
, const char *extra
, char **ret
) {
5661 * /foo/bar/waldo/.#<extra>3c2b6219aa75d7d0
5667 t
= new(char, strlen(p
) + 3 + strlen(extra
) + 16 + 1);
5671 x
= stpcpy(stpcpy(stpcpy(t
, p
), "/.#"), extra
);
5674 for (i
= 0; i
< 16; i
++) {
5675 *(x
++) = hexchar(u
& 0xF);
5681 *ret
= path_kill_slashes(t
);
5685 int take_password_lock(const char *root
) {
5687 struct flock flock
= {
5689 .l_whence
= SEEK_SET
,
5697 /* This is roughly the same as lckpwdf(), but not as awful. We
5698 * don't want to use alarm() and signals, hence we implement
5699 * our own trivial version of this.
5701 * Note that shadow-utils also takes per-database locks in
5702 * addition to lckpwdf(). However, we don't given that they
5703 * are redundant as they they invoke lckpwdf() first and keep
5704 * it during everything they do. The per-database locks are
5705 * awfully racy, and thus we just won't do them. */
5708 path
= strjoina(root
, "/etc/.pwd.lock");
5710 path
= "/etc/.pwd.lock";
5712 fd
= open(path
, O_WRONLY
|O_CREAT
|O_CLOEXEC
|O_NOCTTY
|O_NOFOLLOW
, 0600);
5716 r
= fcntl(fd
, F_SETLKW
, &flock
);
5725 int is_symlink(const char *path
) {
5728 if (lstat(path
, &info
) < 0)
5731 return !!S_ISLNK(info
.st_mode
);
5734 int is_dir(const char* path
, bool follow
) {
5739 r
= stat(path
, &st
);
5741 r
= lstat(path
, &st
);
5745 return !!S_ISDIR(st
.st_mode
);
5748 int is_device_node(const char *path
) {
5751 if (lstat(path
, &info
) < 0)
5754 return !!(S_ISBLK(info
.st_mode
) || S_ISCHR(info
.st_mode
));
5757 int extract_first_word(const char **p
, char **ret
, const char *separators
, ExtractFlags flags
) {
5758 _cleanup_free_
char *s
= NULL
;
5759 size_t allocated
= 0, sz
= 0;
5767 SINGLE_QUOTE_ESCAPE
,
5769 DOUBLE_QUOTE_ESCAPE
,
5777 separators
= WHITESPACE
;
5779 /* Bail early if called after last value or with no input */
5781 goto finish_force_terminate
;
5783 /* Parses the first word of a string, and returns it in
5784 * *ret. Removes all quotes in the process. When parsing fails
5785 * (because of an uneven number of quotes or similar), leaves
5786 * the pointer *p at the first invalid character. */
5794 if (flags
& EXTRACT_DONT_COALESCE_SEPARATORS
)
5795 if (!GREEDY_REALLOC(s
, allocated
, sz
+1))
5799 goto finish_force_terminate
;
5800 else if (strchr(separators
, c
)) {
5801 if (flags
& EXTRACT_DONT_COALESCE_SEPARATORS
) {
5803 goto finish_force_next
;
5808 /* We found a non-blank character, so we will always
5809 * want to return a string (even if it is empty),
5810 * allocate it here. */
5811 if (!GREEDY_REALLOC(s
, allocated
, sz
+1))
5819 goto finish_force_terminate
;
5820 else if (c
== '\'' && (flags
& EXTRACT_QUOTES
))
5821 state
= SINGLE_QUOTE
;
5823 state
= VALUE_ESCAPE
;
5824 else if (c
== '\"' && (flags
& EXTRACT_QUOTES
))
5825 state
= DOUBLE_QUOTE
;
5826 else if (strchr(separators
, c
)) {
5827 if (flags
& EXTRACT_DONT_COALESCE_SEPARATORS
) {
5829 goto finish_force_next
;
5833 if (!GREEDY_REALLOC(s
, allocated
, sz
+2))
5843 if (flags
& EXTRACT_RELAX
)
5844 goto finish_force_terminate
;
5846 } else if (c
== '\'')
5849 state
= SINGLE_QUOTE_ESCAPE
;
5851 if (!GREEDY_REALLOC(s
, allocated
, sz
+2))
5865 state
= DOUBLE_QUOTE_ESCAPE
;
5867 if (!GREEDY_REALLOC(s
, allocated
, sz
+2))
5875 case SINGLE_QUOTE_ESCAPE
:
5876 case DOUBLE_QUOTE_ESCAPE
:
5878 if (!GREEDY_REALLOC(s
, allocated
, sz
+7))
5882 if ((flags
& EXTRACT_CUNESCAPE_RELAX
) &&
5883 (state
== VALUE_ESCAPE
|| flags
& EXTRACT_RELAX
)) {
5884 /* If we find an unquoted trailing backslash and we're in
5885 * EXTRACT_CUNESCAPE_RELAX mode, keep it verbatim in the
5888 * Unbalanced quotes will only be allowed in EXTRACT_RELAX
5889 * mode, EXTRACT_CUNESCAPE_RELAX mode does not allow them.
5892 goto finish_force_terminate
;
5894 if (flags
& EXTRACT_RELAX
)
5895 goto finish_force_terminate
;
5899 if (flags
& EXTRACT_CUNESCAPE
) {
5902 r
= cunescape_one(*p
, (size_t) -1, &c
, &u
);
5904 if (flags
& EXTRACT_CUNESCAPE_RELAX
) {
5915 s
[sz
++] = c
; /* normal explicit char */
5917 sz
+= utf8_encode_unichar(s
+ sz
, u
); /* unicode chars we'll encode as utf8 */
5922 state
= (state
== SINGLE_QUOTE_ESCAPE
) ? SINGLE_QUOTE
:
5923 (state
== DOUBLE_QUOTE_ESCAPE
) ? DOUBLE_QUOTE
:
5929 goto finish_force_terminate
;
5930 if (!strchr(separators
, c
))
5938 finish_force_terminate
:
5955 int extract_first_word_and_warn(
5958 const char *separators
,
5961 const char *filename
,
5963 const char *rvalue
) {
5964 /* Try to unquote it, if it fails, warn about it and try again but this
5965 * time using EXTRACT_CUNESCAPE_RELAX to keep the backslashes verbatim
5966 * in invalid escape sequences. */
5971 r
= extract_first_word(p
, ret
, separators
, flags
);
5972 if (r
< 0 && !(flags
&EXTRACT_CUNESCAPE_RELAX
)) {
5973 /* Retry it with EXTRACT_CUNESCAPE_RELAX. */
5975 r
= extract_first_word(p
, ret
, separators
, flags
|EXTRACT_CUNESCAPE_RELAX
);
5977 log_syntax(unit
, LOG_ERR
, filename
, line
, EINVAL
,
5978 "Unbalanced quoting in command line, ignoring: \"%s\"", rvalue
);
5980 log_syntax(unit
, LOG_WARNING
, filename
, line
, EINVAL
,
5981 "Invalid escape sequences in command line: \"%s\"", rvalue
);
5986 int extract_many_words(const char **p
, const char *separators
, ExtractFlags flags
, ...) {
5991 /* Parses a number of words from a string, stripping any
5992 * quotes if necessary. */
5996 /* Count how many words are expected */
5997 va_start(ap
, flags
);
5999 if (!va_arg(ap
, char **))
6008 /* Read all words into a temporary array */
6009 l
= newa0(char*, n
);
6010 for (c
= 0; c
< n
; c
++) {
6012 r
= extract_first_word(p
, &l
[c
], separators
, flags
);
6016 for (j
= 0; j
< c
; j
++)
6026 /* If we managed to parse all words, return them in the passed
6028 va_start(ap
, flags
);
6029 for (i
= 0; i
< n
; i
++) {
6032 v
= va_arg(ap
, char **);
6042 int free_and_strdup(char **p
, const char *s
) {
6047 /* Replaces a string pointer with an strdup()ed new string,
6048 * possibly freeing the old one. */
6050 if (streq_ptr(*p
, s
))
6066 int ptsname_malloc(int fd
, char **ret
) {
6079 if (ptsname_r(fd
, c
, l
) == 0) {
6083 if (errno
!= ERANGE
) {
6093 int openpt_in_namespace(pid_t pid
, int flags
) {
6094 _cleanup_close_
int pidnsfd
= -1, mntnsfd
= -1, usernsfd
= -1, rootfd
= -1;
6095 _cleanup_close_pair_
int pair
[2] = { -1, -1 };
6097 struct cmsghdr cmsghdr
;
6098 uint8_t buf
[CMSG_SPACE(sizeof(int))];
6100 struct msghdr mh
= {
6101 .msg_control
= &control
,
6102 .msg_controllen
= sizeof(control
),
6104 struct cmsghdr
*cmsg
;
6111 r
= namespace_open(pid
, &pidnsfd
, &mntnsfd
, NULL
, &usernsfd
, &rootfd
);
6115 if (socketpair(AF_UNIX
, SOCK_DGRAM
, 0, pair
) < 0)
6125 pair
[0] = safe_close(pair
[0]);
6127 r
= namespace_enter(pidnsfd
, mntnsfd
, -1, usernsfd
, rootfd
);
6129 _exit(EXIT_FAILURE
);
6131 master
= posix_openpt(flags
);
6133 _exit(EXIT_FAILURE
);
6135 if (unlockpt(master
) < 0)
6136 _exit(EXIT_FAILURE
);
6138 cmsg
= CMSG_FIRSTHDR(&mh
);
6139 cmsg
->cmsg_level
= SOL_SOCKET
;
6140 cmsg
->cmsg_type
= SCM_RIGHTS
;
6141 cmsg
->cmsg_len
= CMSG_LEN(sizeof(int));
6142 memcpy(CMSG_DATA(cmsg
), &master
, sizeof(int));
6144 mh
.msg_controllen
= cmsg
->cmsg_len
;
6146 if (sendmsg(pair
[1], &mh
, MSG_NOSIGNAL
) < 0)
6147 _exit(EXIT_FAILURE
);
6149 _exit(EXIT_SUCCESS
);
6152 pair
[1] = safe_close(pair
[1]);
6154 r
= wait_for_terminate(child
, &si
);
6157 if (si
.si_code
!= CLD_EXITED
|| si
.si_status
!= EXIT_SUCCESS
)
6160 if (recvmsg(pair
[0], &mh
, MSG_NOSIGNAL
|MSG_CMSG_CLOEXEC
) < 0)
6163 CMSG_FOREACH(cmsg
, &mh
)
6164 if (cmsg
->cmsg_level
== SOL_SOCKET
&& cmsg
->cmsg_type
== SCM_RIGHTS
) {
6168 fds
= (int*) CMSG_DATA(cmsg
);
6169 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
6172 close_many(fds
, n_fds
);
6182 ssize_t
fgetxattrat_fake(int dirfd
, const char *filename
, const char *attribute
, void *value
, size_t size
, int flags
) {
6183 _cleanup_close_
int fd
= -1;
6186 /* The kernel doesn't have a fgetxattrat() command, hence let's emulate one */
6188 fd
= openat(dirfd
, filename
, O_RDONLY
|O_CLOEXEC
|O_NOCTTY
|O_NOATIME
|(flags
& AT_SYMLINK_NOFOLLOW
? O_NOFOLLOW
: 0));
6192 l
= fgetxattr(fd
, attribute
, value
, size
);
6199 static int parse_crtime(le64_t le
, usec_t
*usec
) {
6205 if (u
== 0 || u
== (uint64_t) -1)
6212 int fd_getcrtime(int fd
, usec_t
*usec
) {
6219 /* Until Linux gets a real concept of birthtime/creation time,
6220 * let's fake one with xattrs */
6222 n
= fgetxattr(fd
, "user.crtime_usec", &le
, sizeof(le
));
6225 if (n
!= sizeof(le
))
6228 return parse_crtime(le
, usec
);
6231 int fd_getcrtime_at(int dirfd
, const char *name
, usec_t
*usec
, int flags
) {
6235 n
= fgetxattrat_fake(dirfd
, name
, "user.crtime_usec", &le
, sizeof(le
), flags
);
6238 if (n
!= sizeof(le
))
6241 return parse_crtime(le
, usec
);
6244 int path_getcrtime(const char *p
, usec_t
*usec
) {
6251 n
= getxattr(p
, "user.crtime_usec", &le
, sizeof(le
));
6254 if (n
!= sizeof(le
))
6257 return parse_crtime(le
, usec
);
6260 int fd_setcrtime(int fd
, usec_t usec
) {
6266 usec
= now(CLOCK_REALTIME
);
6268 le
= htole64((uint64_t) usec
);
6269 if (fsetxattr(fd
, "user.crtime_usec", &le
, sizeof(le
), 0) < 0)
6275 int same_fd(int a
, int b
) {
6276 struct stat sta
, stb
;
6283 /* Compares two file descriptors. Note that semantics are
6284 * quite different depending on whether we have kcmp() or we
6285 * don't. If we have kcmp() this will only return true for
6286 * dup()ed file descriptors, but not otherwise. If we don't
6287 * have kcmp() this will also return true for two fds of the same
6288 * file, created by separate open() calls. Since we use this
6289 * call mostly for filtering out duplicates in the fd store
6290 * this difference hopefully doesn't matter too much. */
6295 /* Try to use kcmp() if we have it. */
6297 r
= kcmp(pid
, pid
, KCMP_FILE
, a
, b
);
6302 if (errno
!= ENOSYS
)
6305 /* We don't have kcmp(), use fstat() instead. */
6306 if (fstat(a
, &sta
) < 0)
6309 if (fstat(b
, &stb
) < 0)
6312 if ((sta
.st_mode
& S_IFMT
) != (stb
.st_mode
& S_IFMT
))
6315 /* We consider all device fds different, since two device fds
6316 * might refer to quite different device contexts even though
6317 * they share the same inode and backing dev_t. */
6319 if (S_ISCHR(sta
.st_mode
) || S_ISBLK(sta
.st_mode
))
6322 if (sta
.st_dev
!= stb
.st_dev
|| sta
.st_ino
!= stb
.st_ino
)
6325 /* The fds refer to the same inode on disk, let's also check
6326 * if they have the same fd flags. This is useful to
6327 * distinguish the read and write side of a pipe created with
6329 fa
= fcntl(a
, F_GETFL
);
6333 fb
= fcntl(b
, F_GETFL
);
6340 int chattr_fd(int fd
, unsigned value
, unsigned mask
) {
6341 unsigned old_attr
, new_attr
;
6346 if (fstat(fd
, &st
) < 0)
6349 /* Explicitly check whether this is a regular file or
6350 * directory. If it is anything else (such as a device node or
6351 * fifo), then the ioctl will not hit the file systems but
6352 * possibly drivers, where the ioctl might have different
6353 * effects. Notably, DRM is using the same ioctl() number. */
6355 if (!S_ISDIR(st
.st_mode
) && !S_ISREG(st
.st_mode
))
6361 if (ioctl(fd
, FS_IOC_GETFLAGS
, &old_attr
) < 0)
6364 new_attr
= (old_attr
& ~mask
) | (value
& mask
);
6365 if (new_attr
== old_attr
)
6368 if (ioctl(fd
, FS_IOC_SETFLAGS
, &new_attr
) < 0)
6374 int chattr_path(const char *p
, unsigned value
, unsigned mask
) {
6375 _cleanup_close_
int fd
= -1;
6382 fd
= open(p
, O_RDONLY
|O_CLOEXEC
|O_NOCTTY
|O_NOFOLLOW
);
6386 return chattr_fd(fd
, value
, mask
);
6389 int read_attr_fd(int fd
, unsigned *ret
) {
6394 if (fstat(fd
, &st
) < 0)
6397 if (!S_ISDIR(st
.st_mode
) && !S_ISREG(st
.st_mode
))
6400 if (ioctl(fd
, FS_IOC_GETFLAGS
, ret
) < 0)
6406 int read_attr_path(const char *p
, unsigned *ret
) {
6407 _cleanup_close_
int fd
= -1;
6412 fd
= open(p
, O_RDONLY
|O_CLOEXEC
|O_NOCTTY
|O_NOFOLLOW
);
6416 return read_attr_fd(fd
, ret
);
6419 static size_t nul_length(const uint8_t *p
, size_t sz
) {
6434 ssize_t
sparse_write(int fd
, const void *p
, size_t sz
, size_t run_length
) {
6435 const uint8_t *q
, *w
, *e
;
6443 n
= nul_length(q
, e
- q
);
6445 /* If there are more than the specified run length of
6446 * NUL bytes, or if this is the beginning or the end
6447 * of the buffer, then seek instead of write */
6448 if ((n
> run_length
) ||
6449 (n
> 0 && q
== p
) ||
6450 (n
> 0 && q
+ n
>= e
)) {
6452 l
= write(fd
, w
, q
- w
);
6459 if (lseek(fd
, n
, SEEK_CUR
) == (off_t
) -1)
6471 l
= write(fd
, w
, q
- w
);
6478 return q
- (const uint8_t*) p
;
6481 void sigkill_wait(pid_t
*pid
) {
6487 if (kill(*pid
, SIGKILL
) > 0)
6488 (void) wait_for_terminate(*pid
, NULL
);
6491 int syslog_parse_priority(const char **p
, int *priority
, bool with_facility
) {
6492 int a
= 0, b
= 0, c
= 0;
6502 if (!strchr(*p
, '>'))
6505 if ((*p
)[2] == '>') {
6506 c
= undecchar((*p
)[1]);
6508 } else if ((*p
)[3] == '>') {
6509 b
= undecchar((*p
)[1]);
6510 c
= undecchar((*p
)[2]);
6512 } else if ((*p
)[4] == '>') {
6513 a
= undecchar((*p
)[1]);
6514 b
= undecchar((*p
)[2]);
6515 c
= undecchar((*p
)[3]);
6520 if (a
< 0 || b
< 0 || c
< 0 ||
6521 (!with_facility
&& (a
|| b
|| c
> 7)))
6525 *priority
= a
*100 + b
*10 + c
;
6527 *priority
= (*priority
& LOG_FACMASK
) | c
;
6533 ssize_t
string_table_lookup(const char * const *table
, size_t len
, const char *key
) {
6539 for (i
= 0; i
< len
; ++i
)
6540 if (streq_ptr(table
[i
], key
))
6546 void cmsg_close_all(struct msghdr
*mh
) {
6547 struct cmsghdr
*cmsg
;
6551 CMSG_FOREACH(cmsg
, mh
)
6552 if (cmsg
->cmsg_level
== SOL_SOCKET
&& cmsg
->cmsg_type
== SCM_RIGHTS
)
6553 close_many((int*) CMSG_DATA(cmsg
), (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int));
6556 int rename_noreplace(int olddirfd
, const char *oldpath
, int newdirfd
, const char *newpath
) {
6560 ret
= renameat2(olddirfd
, oldpath
, newdirfd
, newpath
, RENAME_NOREPLACE
);
6564 /* renameat2() exists since Linux 3.15, btrfs added support for it later.
6565 * If it is not implemented, fallback to another method. */
6566 if (!IN_SET(errno
, EINVAL
, ENOSYS
))
6569 /* The link()/unlink() fallback does not work on directories. But
6570 * renameat() without RENAME_NOREPLACE gives the same semantics on
6571 * directories, except when newpath is an *empty* directory. This is
6573 ret
= fstatat(olddirfd
, oldpath
, &buf
, AT_SYMLINK_NOFOLLOW
);
6574 if (ret
>= 0 && S_ISDIR(buf
.st_mode
)) {
6575 ret
= renameat(olddirfd
, oldpath
, newdirfd
, newpath
);
6576 return ret
>= 0 ? 0 : -errno
;
6579 /* If it is not a directory, use the link()/unlink() fallback. */
6580 ret
= linkat(olddirfd
, oldpath
, newdirfd
, newpath
, 0);
6584 ret
= unlinkat(olddirfd
, oldpath
, 0);
6586 /* backup errno before the following unlinkat() alters it */
6588 (void) unlinkat(newdirfd
, newpath
, 0);
6596 static char *strcpy_backslash_escaped(char *t
, const char *s
, const char *bad
) {
6600 if (*s
== '\\' || strchr(bad
, *s
))
6609 char *shell_escape(const char *s
, const char *bad
) {
6612 r
= new(char, strlen(s
)*2+1);
6616 t
= strcpy_backslash_escaped(r
, s
, bad
);
6622 char *shell_maybe_quote(const char *s
) {
6628 /* Encloses a string in double quotes if necessary to make it
6629 * OK as shell string. */
6631 for (p
= s
; *p
; p
++)
6634 strchr(SHELL_NEED_QUOTES
, *p
))
6640 r
= new(char, 1+strlen(s
)*2+1+1);
6646 t
= mempcpy(t
, s
, p
- s
);
6648 t
= strcpy_backslash_escaped(t
, p
, SHELL_NEED_ESCAPE
);
6656 int parse_mode(const char *s
, mode_t
*ret
) {
6664 l
= strtol(s
, &x
, 8);
6668 if (!x
|| x
== s
|| *x
)
6670 if (l
< 0 || l
> 07777)
6677 int mount_move_root(const char *path
) {
6680 if (chdir(path
) < 0)
6683 if (mount(path
, "/", NULL
, MS_MOVE
, NULL
) < 0)
6686 if (chroot(".") < 0)
6695 int reset_uid_gid(void) {
6697 if (setgroups(0, NULL
) < 0)
6700 if (setresgid(0, 0, 0) < 0)
6703 if (setresuid(0, 0, 0) < 0)
6709 int getxattr_malloc(const char *path
, const char *name
, char **value
, bool allow_symlink
) {
6718 for (l
= 100; ; l
= (size_t) n
+ 1) {
6724 n
= lgetxattr(path
, name
, v
, l
);
6726 n
= getxattr(path
, name
, v
, l
);
6728 if (n
>= 0 && (size_t) n
< l
) {
6735 if (n
< 0 && errno
!= ERANGE
)
6739 n
= lgetxattr(path
, name
, NULL
, 0);
6741 n
= getxattr(path
, name
, NULL
, 0);
6747 int fgetxattr_malloc(int fd
, const char *name
, char **value
) {
6756 for (l
= 100; ; l
= (size_t) n
+ 1) {
6761 n
= fgetxattr(fd
, name
, v
, l
);
6763 if (n
>= 0 && (size_t) n
< l
) {
6770 if (n
< 0 && errno
!= ERANGE
)
6773 n
= fgetxattr(fd
, name
, NULL
, 0);