]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/shared/util.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
parse_boolean: require exact matches
[thirdparty/systemd.git] / src / shared / util.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <assert.h>
23 #include <string.h>
24 #include <unistd.h>
25 #include <errno.h>
26 #include <stdlib.h>
27 #include <signal.h>
28 #include <stdio.h>
29 #include <syslog.h>
30 #include <sched.h>
31 #include <sys/resource.h>
32 #include <linux/sched.h>
33 #include <sys/types.h>
34 #include <sys/stat.h>
35 #include <fcntl.h>
36 #include <dirent.h>
37 #include <sys/ioctl.h>
38 #include <linux/vt.h>
39 #include <linux/tiocl.h>
40 #include <termios.h>
41 #include <stdarg.h>
42 #include <sys/inotify.h>
43 #include <sys/poll.h>
44 #include <ctype.h>
45 #include <sys/prctl.h>
46 #include <sys/utsname.h>
47 #include <pwd.h>
48 #include <netinet/ip.h>
49 #include <linux/kd.h>
50 #include <dlfcn.h>
51 #include <sys/wait.h>
52 #include <sys/time.h>
53 #include <glob.h>
54 #include <grp.h>
55 #include <sys/mman.h>
56 #include <sys/vfs.h>
57 #include <sys/mount.h>
58 #include <linux/magic.h>
59 #include <limits.h>
60 #include <langinfo.h>
61 #include <locale.h>
62 #include <sys/personality.h>
63 #include <libgen.h>
64 #undef basename
65
66 #ifdef HAVE_SYS_AUXV_H
67 #include <sys/auxv.h>
68 #endif
69
70 #include "macro.h"
71 #include "util.h"
72 #include "ioprio.h"
73 #include "missing.h"
74 #include "log.h"
75 #include "strv.h"
76 #include "label.h"
77 #include "mkdir.h"
78 #include "path-util.h"
79 #include "exit-status.h"
80 #include "hashmap.h"
81 #include "env-util.h"
82 #include "fileio.h"
83 #include "device-nodes.h"
84 #include "utf8.h"
85 #include "gunicode.h"
86 #include "virt.h"
87 #include "def.h"
88
89 int saved_argc = 0;
90 char **saved_argv = NULL;
91
92 static volatile unsigned cached_columns = 0;
93 static volatile unsigned cached_lines = 0;
94
95 size_t page_size(void) {
96 static thread_local size_t pgsz = 0;
97 long r;
98
99 if (_likely_(pgsz > 0))
100 return pgsz;
101
102 r = sysconf(_SC_PAGESIZE);
103 assert(r > 0);
104
105 pgsz = (size_t) r;
106 return pgsz;
107 }
108
109 bool streq_ptr(const char *a, const char *b) {
110
111 /* Like streq(), but tries to make sense of NULL pointers */
112
113 if (a && b)
114 return streq(a, b);
115
116 if (!a && !b)
117 return true;
118
119 return false;
120 }
121
122 char* endswith(const char *s, const char *postfix) {
123 size_t sl, pl;
124
125 assert(s);
126 assert(postfix);
127
128 sl = strlen(s);
129 pl = strlen(postfix);
130
131 if (pl == 0)
132 return (char*) s + sl;
133
134 if (sl < pl)
135 return NULL;
136
137 if (memcmp(s + sl - pl, postfix, pl) != 0)
138 return NULL;
139
140 return (char*) s + sl - pl;
141 }
142
143 bool first_word(const char *s, const char *word) {
144 size_t sl, wl;
145
146 assert(s);
147 assert(word);
148
149 sl = strlen(s);
150 wl = strlen(word);
151
152 if (sl < wl)
153 return false;
154
155 if (wl == 0)
156 return true;
157
158 if (memcmp(s, word, wl) != 0)
159 return false;
160
161 return s[wl] == 0 ||
162 strchr(WHITESPACE, s[wl]);
163 }
164
165 int close_nointr(int fd) {
166 int r;
167
168 assert(fd >= 0);
169 r = close(fd);
170 if (r >= 0)
171 return r;
172 else if (errno == EINTR)
173 /*
174 * Just ignore EINTR; a retry loop is the wrong
175 * thing to do on Linux.
176 *
177 * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
178 * https://bugzilla.gnome.org/show_bug.cgi?id=682819
179 * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR
180 * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain
181 */
182 return 0;
183 else
184 return -errno;
185 }
186
187 int safe_close(int fd) {
188
189 /*
190 * Like close_nointr() but cannot fail. Guarantees errno is
191 * unchanged. Is a NOP with negative fds passed, and returns
192 * -1, so that it can be used in this syntax:
193 *
194 * fd = safe_close(fd);
195 */
196
197 if (fd >= 0) {
198 PROTECT_ERRNO;
199
200 /* The kernel might return pretty much any error code
201 * via close(), but the fd will be closed anyway. The
202 * only condition we want to check for here is whether
203 * the fd was invalid at all... */
204
205 assert_se(close_nointr(fd) != -EBADF);
206 }
207
208 return -1;
209 }
210
211 void close_many(const int fds[], unsigned n_fd) {
212 unsigned i;
213
214 assert(fds || n_fd <= 0);
215
216 for (i = 0; i < n_fd; i++)
217 safe_close(fds[i]);
218 }
219
220 int unlink_noerrno(const char *path) {
221 PROTECT_ERRNO;
222 int r;
223
224 r = unlink(path);
225 if (r < 0)
226 return -errno;
227
228 return 0;
229 }
230
231 int parse_boolean(const char *v) {
232 assert(v);
233
234 if (streq(v, "1") || strcaseeq(v, "yes") || strcaseeq(v, "y") || strcaseeq(v, "true") || strcaseeq(v, "t") || strcaseeq(v, "on"))
235 return 1;
236 else if (streq(v, "0") || strcaseeq(v, "no") || strcaseeq(v, "n") || strcaseeq(v, "false") || strcaseeq(v, "f") || strcaseeq(v, "off"))
237 return 0;
238
239 return -EINVAL;
240 }
241
242 int parse_pid(const char *s, pid_t* ret_pid) {
243 unsigned long ul = 0;
244 pid_t pid;
245 int r;
246
247 assert(s);
248 assert(ret_pid);
249
250 r = safe_atolu(s, &ul);
251 if (r < 0)
252 return r;
253
254 pid = (pid_t) ul;
255
256 if ((unsigned long) pid != ul)
257 return -ERANGE;
258
259 if (pid <= 0)
260 return -ERANGE;
261
262 *ret_pid = pid;
263 return 0;
264 }
265
266 int parse_uid(const char *s, uid_t* ret_uid) {
267 unsigned long ul = 0;
268 uid_t uid;
269 int r;
270
271 assert(s);
272 assert(ret_uid);
273
274 r = safe_atolu(s, &ul);
275 if (r < 0)
276 return r;
277
278 uid = (uid_t) ul;
279
280 if ((unsigned long) uid != ul)
281 return -ERANGE;
282
283 /* Some libc APIs use (uid_t) -1 as special placeholder */
284 if (uid == (uid_t) 0xFFFFFFFF)
285 return -ENXIO;
286
287 /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
288 if (uid == (uid_t) 0xFFFF)
289 return -ENXIO;
290
291 *ret_uid = uid;
292 return 0;
293 }
294
295 int safe_atou(const char *s, unsigned *ret_u) {
296 char *x = NULL;
297 unsigned long l;
298
299 assert(s);
300 assert(ret_u);
301
302 errno = 0;
303 l = strtoul(s, &x, 0);
304
305 if (!x || x == s || *x || errno)
306 return errno > 0 ? -errno : -EINVAL;
307
308 if ((unsigned long) (unsigned) l != l)
309 return -ERANGE;
310
311 *ret_u = (unsigned) l;
312 return 0;
313 }
314
315 int safe_atoi(const char *s, int *ret_i) {
316 char *x = NULL;
317 long l;
318
319 assert(s);
320 assert(ret_i);
321
322 errno = 0;
323 l = strtol(s, &x, 0);
324
325 if (!x || x == s || *x || errno)
326 return errno > 0 ? -errno : -EINVAL;
327
328 if ((long) (int) l != l)
329 return -ERANGE;
330
331 *ret_i = (int) l;
332 return 0;
333 }
334
335 int safe_atollu(const char *s, long long unsigned *ret_llu) {
336 char *x = NULL;
337 unsigned long long l;
338
339 assert(s);
340 assert(ret_llu);
341
342 errno = 0;
343 l = strtoull(s, &x, 0);
344
345 if (!x || x == s || *x || errno)
346 return errno ? -errno : -EINVAL;
347
348 *ret_llu = l;
349 return 0;
350 }
351
352 int safe_atolli(const char *s, long long int *ret_lli) {
353 char *x = NULL;
354 long long l;
355
356 assert(s);
357 assert(ret_lli);
358
359 errno = 0;
360 l = strtoll(s, &x, 0);
361
362 if (!x || x == s || *x || errno)
363 return errno ? -errno : -EINVAL;
364
365 *ret_lli = l;
366 return 0;
367 }
368
369 int safe_atod(const char *s, double *ret_d) {
370 char *x = NULL;
371 double d = 0;
372
373 assert(s);
374 assert(ret_d);
375
376 RUN_WITH_LOCALE(LC_NUMERIC_MASK, "C") {
377 errno = 0;
378 d = strtod(s, &x);
379 }
380
381 if (!x || x == s || *x || errno)
382 return errno ? -errno : -EINVAL;
383
384 *ret_d = (double) d;
385 return 0;
386 }
387
388 static size_t strcspn_escaped(const char *s, const char *reject) {
389 bool escaped = false;
390 size_t n;
391
392 for (n=0; s[n]; n++) {
393 if (escaped)
394 escaped = false;
395 else if (s[n] == '\\')
396 escaped = true;
397 else if (strchr(reject, s[n]))
398 return n;
399 }
400 return n;
401 }
402
403 /* Split a string into words. */
404 char *split(const char *c, size_t *l, const char *separator, bool quoted, char **state) {
405 char *current;
406
407 current = *state ? *state : (char*) c;
408
409 if (!*current || *c == 0)
410 return NULL;
411
412 current += strspn(current, separator);
413 if (!*current)
414 return NULL;
415
416 if (quoted && strchr("\'\"", *current)) {
417 char quotechar = *(current++);
418 *l = strcspn_escaped(current, (char[]){quotechar, '\0'});
419 *state = current+*l+1;
420 } else if (quoted) {
421 *l = strcspn_escaped(current, separator);
422 *state = current+*l;
423 } else {
424 *l = strcspn(current, separator);
425 *state = current+*l;
426 }
427
428 return (char*) current;
429 }
430
431 int get_parent_of_pid(pid_t pid, pid_t *_ppid) {
432 int r;
433 _cleanup_free_ char *line = NULL;
434 long unsigned ppid;
435 const char *p;
436
437 assert(pid >= 0);
438 assert(_ppid);
439
440 if (pid == 0) {
441 *_ppid = getppid();
442 return 0;
443 }
444
445 p = procfs_file_alloca(pid, "stat");
446 r = read_one_line_file(p, &line);
447 if (r < 0)
448 return r;
449
450 /* Let's skip the pid and comm fields. The latter is enclosed
451 * in () but does not escape any () in its value, so let's
452 * skip over it manually */
453
454 p = strrchr(line, ')');
455 if (!p)
456 return -EIO;
457
458 p++;
459
460 if (sscanf(p, " "
461 "%*c " /* state */
462 "%lu ", /* ppid */
463 &ppid) != 1)
464 return -EIO;
465
466 if ((long unsigned) (pid_t) ppid != ppid)
467 return -ERANGE;
468
469 *_ppid = (pid_t) ppid;
470
471 return 0;
472 }
473
474 int get_starttime_of_pid(pid_t pid, unsigned long long *st) {
475 int r;
476 _cleanup_free_ char *line = NULL;
477 const char *p;
478
479 assert(pid >= 0);
480 assert(st);
481
482 p = procfs_file_alloca(pid, "stat");
483 r = read_one_line_file(p, &line);
484 if (r < 0)
485 return r;
486
487 /* Let's skip the pid and comm fields. The latter is enclosed
488 * in () but does not escape any () in its value, so let's
489 * skip over it manually */
490
491 p = strrchr(line, ')');
492 if (!p)
493 return -EIO;
494
495 p++;
496
497 if (sscanf(p, " "
498 "%*c " /* state */
499 "%*d " /* ppid */
500 "%*d " /* pgrp */
501 "%*d " /* session */
502 "%*d " /* tty_nr */
503 "%*d " /* tpgid */
504 "%*u " /* flags */
505 "%*u " /* minflt */
506 "%*u " /* cminflt */
507 "%*u " /* majflt */
508 "%*u " /* cmajflt */
509 "%*u " /* utime */
510 "%*u " /* stime */
511 "%*d " /* cutime */
512 "%*d " /* cstime */
513 "%*d " /* priority */
514 "%*d " /* nice */
515 "%*d " /* num_threads */
516 "%*d " /* itrealvalue */
517 "%llu " /* starttime */,
518 st) != 1)
519 return -EIO;
520
521 return 0;
522 }
523
524 int fchmod_umask(int fd, mode_t m) {
525 mode_t u;
526 int r;
527
528 u = umask(0777);
529 r = fchmod(fd, m & (~u)) < 0 ? -errno : 0;
530 umask(u);
531
532 return r;
533 }
534
535 char *truncate_nl(char *s) {
536 assert(s);
537
538 s[strcspn(s, NEWLINE)] = 0;
539 return s;
540 }
541
542 int get_process_state(pid_t pid) {
543 const char *p;
544 char state;
545 int r;
546 _cleanup_free_ char *line = NULL;
547
548 assert(pid >= 0);
549
550 p = procfs_file_alloca(pid, "stat");
551 r = read_one_line_file(p, &line);
552 if (r < 0)
553 return r;
554
555 p = strrchr(line, ')');
556 if (!p)
557 return -EIO;
558
559 p++;
560
561 if (sscanf(p, " %c", &state) != 1)
562 return -EIO;
563
564 return (unsigned char) state;
565 }
566
567 int get_process_comm(pid_t pid, char **name) {
568 const char *p;
569 int r;
570
571 assert(name);
572 assert(pid >= 0);
573
574 p = procfs_file_alloca(pid, "comm");
575
576 r = read_one_line_file(p, name);
577 if (r == -ENOENT)
578 return -ESRCH;
579
580 return r;
581 }
582
583 int get_process_cmdline(pid_t pid, size_t max_length, bool comm_fallback, char **line) {
584 _cleanup_fclose_ FILE *f = NULL;
585 char *r = NULL, *k;
586 const char *p;
587 int c;
588
589 assert(line);
590 assert(pid >= 0);
591
592 p = procfs_file_alloca(pid, "cmdline");
593
594 f = fopen(p, "re");
595 if (!f)
596 return -errno;
597
598 if (max_length == 0) {
599 size_t len = 0, allocated = 0;
600
601 while ((c = getc(f)) != EOF) {
602
603 if (!GREEDY_REALLOC(r, allocated, len+2)) {
604 free(r);
605 return -ENOMEM;
606 }
607
608 r[len++] = isprint(c) ? c : ' ';
609 }
610
611 if (len > 0)
612 r[len-1] = 0;
613
614 } else {
615 bool space = false;
616 size_t left;
617
618 r = new(char, max_length);
619 if (!r)
620 return -ENOMEM;
621
622 k = r;
623 left = max_length;
624 while ((c = getc(f)) != EOF) {
625
626 if (isprint(c)) {
627 if (space) {
628 if (left <= 4)
629 break;
630
631 *(k++) = ' ';
632 left--;
633 space = false;
634 }
635
636 if (left <= 4)
637 break;
638
639 *(k++) = (char) c;
640 left--;
641 } else
642 space = true;
643 }
644
645 if (left <= 4) {
646 size_t n = MIN(left-1, 3U);
647 memcpy(k, "...", n);
648 k[n] = 0;
649 } else
650 *k = 0;
651 }
652
653 /* Kernel threads have no argv[] */
654 if (r == NULL || r[0] == 0) {
655 _cleanup_free_ char *t = NULL;
656 int h;
657
658 free(r);
659
660 if (!comm_fallback)
661 return -ENOENT;
662
663 h = get_process_comm(pid, &t);
664 if (h < 0)
665 return h;
666
667 r = strjoin("[", t, "]", NULL);
668 if (!r)
669 return -ENOMEM;
670 }
671
672 *line = r;
673 return 0;
674 }
675
676 int is_kernel_thread(pid_t pid) {
677 const char *p;
678 size_t count;
679 char c;
680 bool eof;
681 FILE *f;
682
683 if (pid == 0)
684 return 0;
685
686 assert(pid > 0);
687
688 p = procfs_file_alloca(pid, "cmdline");
689 f = fopen(p, "re");
690 if (!f)
691 return -errno;
692
693 count = fread(&c, 1, 1, f);
694 eof = feof(f);
695 fclose(f);
696
697 /* Kernel threads have an empty cmdline */
698
699 if (count <= 0)
700 return eof ? 1 : -errno;
701
702 return 0;
703 }
704
705 int get_process_capeff(pid_t pid, char **capeff) {
706 const char *p;
707
708 assert(capeff);
709 assert(pid >= 0);
710
711 p = procfs_file_alloca(pid, "status");
712
713 return get_status_field(p, "\nCapEff:", capeff);
714 }
715
716 int get_process_exe(pid_t pid, char **name) {
717 const char *p;
718 char *d;
719 int r;
720
721 assert(pid >= 0);
722 assert(name);
723
724 p = procfs_file_alloca(pid, "exe");
725
726 r = readlink_malloc(p, name);
727 if (r < 0)
728 return r == -ENOENT ? -ESRCH : r;
729
730 d = endswith(*name, " (deleted)");
731 if (d)
732 *d = '\0';
733
734 return 0;
735 }
736
737 static int get_process_id(pid_t pid, const char *field, uid_t *uid) {
738 _cleanup_fclose_ FILE *f = NULL;
739 char line[LINE_MAX];
740 const char *p;
741
742 assert(field);
743 assert(uid);
744
745 if (pid == 0)
746 return getuid();
747
748 p = procfs_file_alloca(pid, "status");
749 f = fopen(p, "re");
750 if (!f)
751 return -errno;
752
753 FOREACH_LINE(line, f, return -errno) {
754 char *l;
755
756 l = strstrip(line);
757
758 if (startswith(l, field)) {
759 l += strlen(field);
760 l += strspn(l, WHITESPACE);
761
762 l[strcspn(l, WHITESPACE)] = 0;
763
764 return parse_uid(l, uid);
765 }
766 }
767
768 return -EIO;
769 }
770
771 int get_process_uid(pid_t pid, uid_t *uid) {
772 return get_process_id(pid, "Uid:", uid);
773 }
774
775 int get_process_gid(pid_t pid, gid_t *gid) {
776 assert_cc(sizeof(uid_t) == sizeof(gid_t));
777 return get_process_id(pid, "Gid:", gid);
778 }
779
780 char *strnappend(const char *s, const char *suffix, size_t b) {
781 size_t a;
782 char *r;
783
784 if (!s && !suffix)
785 return strdup("");
786
787 if (!s)
788 return strndup(suffix, b);
789
790 if (!suffix)
791 return strdup(s);
792
793 assert(s);
794 assert(suffix);
795
796 a = strlen(s);
797 if (b > ((size_t) -1) - a)
798 return NULL;
799
800 r = new(char, a+b+1);
801 if (!r)
802 return NULL;
803
804 memcpy(r, s, a);
805 memcpy(r+a, suffix, b);
806 r[a+b] = 0;
807
808 return r;
809 }
810
811 char *strappend(const char *s, const char *suffix) {
812 return strnappend(s, suffix, suffix ? strlen(suffix) : 0);
813 }
814
815 int readlinkat_malloc(int fd, const char *p, char **ret) {
816 size_t l = 100;
817 int r;
818
819 assert(p);
820 assert(ret);
821
822 for (;;) {
823 char *c;
824 ssize_t n;
825
826 c = new(char, l);
827 if (!c)
828 return -ENOMEM;
829
830 n = readlinkat(fd, p, c, l-1);
831 if (n < 0) {
832 r = -errno;
833 free(c);
834 return r;
835 }
836
837 if ((size_t) n < l-1) {
838 c[n] = 0;
839 *ret = c;
840 return 0;
841 }
842
843 free(c);
844 l *= 2;
845 }
846 }
847
848 int readlink_malloc(const char *p, char **ret) {
849 return readlinkat_malloc(AT_FDCWD, p, ret);
850 }
851
852 int readlink_and_make_absolute(const char *p, char **r) {
853 _cleanup_free_ char *target = NULL;
854 char *k;
855 int j;
856
857 assert(p);
858 assert(r);
859
860 j = readlink_malloc(p, &target);
861 if (j < 0)
862 return j;
863
864 k = file_in_same_dir(p, target);
865 if (!k)
866 return -ENOMEM;
867
868 *r = k;
869 return 0;
870 }
871
872 int readlink_and_canonicalize(const char *p, char **r) {
873 char *t, *s;
874 int j;
875
876 assert(p);
877 assert(r);
878
879 j = readlink_and_make_absolute(p, &t);
880 if (j < 0)
881 return j;
882
883 s = canonicalize_file_name(t);
884 if (s) {
885 free(t);
886 *r = s;
887 } else
888 *r = t;
889
890 path_kill_slashes(*r);
891
892 return 0;
893 }
894
895 int reset_all_signal_handlers(void) {
896 int sig;
897
898 for (sig = 1; sig < _NSIG; sig++) {
899 struct sigaction sa = {
900 .sa_handler = SIG_DFL,
901 .sa_flags = SA_RESTART,
902 };
903
904 if (sig == SIGKILL || sig == SIGSTOP)
905 continue;
906
907 /* On Linux the first two RT signals are reserved by
908 * glibc, and sigaction() will return EINVAL for them. */
909 if ((sigaction(sig, &sa, NULL) < 0))
910 if (errno != EINVAL)
911 return -errno;
912 }
913
914 return 0;
915 }
916
917 char *strstrip(char *s) {
918 char *e;
919
920 /* Drops trailing whitespace. Modifies the string in
921 * place. Returns pointer to first non-space character */
922
923 s += strspn(s, WHITESPACE);
924
925 for (e = strchr(s, 0); e > s; e --)
926 if (!strchr(WHITESPACE, e[-1]))
927 break;
928
929 *e = 0;
930
931 return s;
932 }
933
934 char *delete_chars(char *s, const char *bad) {
935 char *f, *t;
936
937 /* Drops all whitespace, regardless where in the string */
938
939 for (f = s, t = s; *f; f++) {
940 if (strchr(bad, *f))
941 continue;
942
943 *(t++) = *f;
944 }
945
946 *t = 0;
947
948 return s;
949 }
950
951 char *file_in_same_dir(const char *path, const char *filename) {
952 char *e, *r;
953 size_t k;
954
955 assert(path);
956 assert(filename);
957
958 /* This removes the last component of path and appends
959 * filename, unless the latter is absolute anyway or the
960 * former isn't */
961
962 if (path_is_absolute(filename))
963 return strdup(filename);
964
965 if (!(e = strrchr(path, '/')))
966 return strdup(filename);
967
968 k = strlen(filename);
969 if (!(r = new(char, e-path+1+k+1)))
970 return NULL;
971
972 memcpy(r, path, e-path+1);
973 memcpy(r+(e-path)+1, filename, k+1);
974
975 return r;
976 }
977
978 int rmdir_parents(const char *path, const char *stop) {
979 size_t l;
980 int r = 0;
981
982 assert(path);
983 assert(stop);
984
985 l = strlen(path);
986
987 /* Skip trailing slashes */
988 while (l > 0 && path[l-1] == '/')
989 l--;
990
991 while (l > 0) {
992 char *t;
993
994 /* Skip last component */
995 while (l > 0 && path[l-1] != '/')
996 l--;
997
998 /* Skip trailing slashes */
999 while (l > 0 && path[l-1] == '/')
1000 l--;
1001
1002 if (l <= 0)
1003 break;
1004
1005 if (!(t = strndup(path, l)))
1006 return -ENOMEM;
1007
1008 if (path_startswith(stop, t)) {
1009 free(t);
1010 return 0;
1011 }
1012
1013 r = rmdir(t);
1014 free(t);
1015
1016 if (r < 0)
1017 if (errno != ENOENT)
1018 return -errno;
1019 }
1020
1021 return 0;
1022 }
1023
1024 char hexchar(int x) {
1025 static const char table[16] = "0123456789abcdef";
1026
1027 return table[x & 15];
1028 }
1029
1030 int unhexchar(char c) {
1031
1032 if (c >= '0' && c <= '9')
1033 return c - '0';
1034
1035 if (c >= 'a' && c <= 'f')
1036 return c - 'a' + 10;
1037
1038 if (c >= 'A' && c <= 'F')
1039 return c - 'A' + 10;
1040
1041 return -1;
1042 }
1043
1044 char *hexmem(const void *p, size_t l) {
1045 char *r, *z;
1046 const uint8_t *x;
1047
1048 z = r = malloc(l * 2 + 1);
1049 if (!r)
1050 return NULL;
1051
1052 for (x = p; x < (const uint8_t*) p + l; x++) {
1053 *(z++) = hexchar(*x >> 4);
1054 *(z++) = hexchar(*x & 15);
1055 }
1056
1057 *z = 0;
1058 return r;
1059 }
1060
1061 void *unhexmem(const char *p, size_t l) {
1062 uint8_t *r, *z;
1063 const char *x;
1064
1065 assert(p);
1066
1067 z = r = malloc((l + 1) / 2 + 1);
1068 if (!r)
1069 return NULL;
1070
1071 for (x = p; x < p + l; x += 2) {
1072 int a, b;
1073
1074 a = unhexchar(x[0]);
1075 if (x+1 < p + l)
1076 b = unhexchar(x[1]);
1077 else
1078 b = 0;
1079
1080 *(z++) = (uint8_t) a << 4 | (uint8_t) b;
1081 }
1082
1083 *z = 0;
1084 return r;
1085 }
1086
1087 char octchar(int x) {
1088 return '0' + (x & 7);
1089 }
1090
1091 int unoctchar(char c) {
1092
1093 if (c >= '0' && c <= '7')
1094 return c - '0';
1095
1096 return -1;
1097 }
1098
1099 char decchar(int x) {
1100 return '0' + (x % 10);
1101 }
1102
1103 int undecchar(char c) {
1104
1105 if (c >= '0' && c <= '9')
1106 return c - '0';
1107
1108 return -1;
1109 }
1110
1111 char *cescape(const char *s) {
1112 char *r, *t;
1113 const char *f;
1114
1115 assert(s);
1116
1117 /* Does C style string escaping. */
1118
1119 r = new(char, strlen(s)*4 + 1);
1120 if (!r)
1121 return NULL;
1122
1123 for (f = s, t = r; *f; f++)
1124
1125 switch (*f) {
1126
1127 case '\a':
1128 *(t++) = '\\';
1129 *(t++) = 'a';
1130 break;
1131 case '\b':
1132 *(t++) = '\\';
1133 *(t++) = 'b';
1134 break;
1135 case '\f':
1136 *(t++) = '\\';
1137 *(t++) = 'f';
1138 break;
1139 case '\n':
1140 *(t++) = '\\';
1141 *(t++) = 'n';
1142 break;
1143 case '\r':
1144 *(t++) = '\\';
1145 *(t++) = 'r';
1146 break;
1147 case '\t':
1148 *(t++) = '\\';
1149 *(t++) = 't';
1150 break;
1151 case '\v':
1152 *(t++) = '\\';
1153 *(t++) = 'v';
1154 break;
1155 case '\\':
1156 *(t++) = '\\';
1157 *(t++) = '\\';
1158 break;
1159 case '"':
1160 *(t++) = '\\';
1161 *(t++) = '"';
1162 break;
1163 case '\'':
1164 *(t++) = '\\';
1165 *(t++) = '\'';
1166 break;
1167
1168 default:
1169 /* For special chars we prefer octal over
1170 * hexadecimal encoding, simply because glib's
1171 * g_strescape() does the same */
1172 if ((*f < ' ') || (*f >= 127)) {
1173 *(t++) = '\\';
1174 *(t++) = octchar((unsigned char) *f >> 6);
1175 *(t++) = octchar((unsigned char) *f >> 3);
1176 *(t++) = octchar((unsigned char) *f);
1177 } else
1178 *(t++) = *f;
1179 break;
1180 }
1181
1182 *t = 0;
1183
1184 return r;
1185 }
1186
1187 char *cunescape_length_with_prefix(const char *s, size_t length, const char *prefix) {
1188 char *r, *t;
1189 const char *f;
1190 size_t pl;
1191
1192 assert(s);
1193
1194 /* Undoes C style string escaping, and optionally prefixes it. */
1195
1196 pl = prefix ? strlen(prefix) : 0;
1197
1198 r = new(char, pl+length+1);
1199 if (!r)
1200 return r;
1201
1202 if (prefix)
1203 memcpy(r, prefix, pl);
1204
1205 for (f = s, t = r + pl; f < s + length; f++) {
1206
1207 if (*f != '\\') {
1208 *(t++) = *f;
1209 continue;
1210 }
1211
1212 f++;
1213
1214 switch (*f) {
1215
1216 case 'a':
1217 *(t++) = '\a';
1218 break;
1219 case 'b':
1220 *(t++) = '\b';
1221 break;
1222 case 'f':
1223 *(t++) = '\f';
1224 break;
1225 case 'n':
1226 *(t++) = '\n';
1227 break;
1228 case 'r':
1229 *(t++) = '\r';
1230 break;
1231 case 't':
1232 *(t++) = '\t';
1233 break;
1234 case 'v':
1235 *(t++) = '\v';
1236 break;
1237 case '\\':
1238 *(t++) = '\\';
1239 break;
1240 case '"':
1241 *(t++) = '"';
1242 break;
1243 case '\'':
1244 *(t++) = '\'';
1245 break;
1246
1247 case 's':
1248 /* This is an extension of the XDG syntax files */
1249 *(t++) = ' ';
1250 break;
1251
1252 case 'x': {
1253 /* hexadecimal encoding */
1254 int a, b;
1255
1256 a = unhexchar(f[1]);
1257 b = unhexchar(f[2]);
1258
1259 if (a < 0 || b < 0 || (a == 0 && b == 0)) {
1260 /* Invalid escape code, let's take it literal then */
1261 *(t++) = '\\';
1262 *(t++) = 'x';
1263 } else {
1264 *(t++) = (char) ((a << 4) | b);
1265 f += 2;
1266 }
1267
1268 break;
1269 }
1270
1271 case '0':
1272 case '1':
1273 case '2':
1274 case '3':
1275 case '4':
1276 case '5':
1277 case '6':
1278 case '7': {
1279 /* octal encoding */
1280 int a, b, c;
1281
1282 a = unoctchar(f[0]);
1283 b = unoctchar(f[1]);
1284 c = unoctchar(f[2]);
1285
1286 if (a < 0 || b < 0 || c < 0 || (a == 0 && b == 0 && c == 0)) {
1287 /* Invalid escape code, let's take it literal then */
1288 *(t++) = '\\';
1289 *(t++) = f[0];
1290 } else {
1291 *(t++) = (char) ((a << 6) | (b << 3) | c);
1292 f += 2;
1293 }
1294
1295 break;
1296 }
1297
1298 case 0:
1299 /* premature end of string.*/
1300 *(t++) = '\\';
1301 goto finish;
1302
1303 default:
1304 /* Invalid escape code, let's take it literal then */
1305 *(t++) = '\\';
1306 *(t++) = *f;
1307 break;
1308 }
1309 }
1310
1311 finish:
1312 *t = 0;
1313 return r;
1314 }
1315
1316 char *cunescape_length(const char *s, size_t length) {
1317 return cunescape_length_with_prefix(s, length, NULL);
1318 }
1319
1320 char *cunescape(const char *s) {
1321 assert(s);
1322
1323 return cunescape_length(s, strlen(s));
1324 }
1325
1326 char *xescape(const char *s, const char *bad) {
1327 char *r, *t;
1328 const char *f;
1329
1330 /* Escapes all chars in bad, in addition to \ and all special
1331 * chars, in \xFF style escaping. May be reversed with
1332 * cunescape. */
1333
1334 r = new(char, strlen(s) * 4 + 1);
1335 if (!r)
1336 return NULL;
1337
1338 for (f = s, t = r; *f; f++) {
1339
1340 if ((*f < ' ') || (*f >= 127) ||
1341 (*f == '\\') || strchr(bad, *f)) {
1342 *(t++) = '\\';
1343 *(t++) = 'x';
1344 *(t++) = hexchar(*f >> 4);
1345 *(t++) = hexchar(*f);
1346 } else
1347 *(t++) = *f;
1348 }
1349
1350 *t = 0;
1351
1352 return r;
1353 }
1354
1355 char *ascii_strlower(char *t) {
1356 char *p;
1357
1358 assert(t);
1359
1360 for (p = t; *p; p++)
1361 if (*p >= 'A' && *p <= 'Z')
1362 *p = *p - 'A' + 'a';
1363
1364 return t;
1365 }
1366
1367 _pure_ static bool ignore_file_allow_backup(const char *filename) {
1368 assert(filename);
1369
1370 return
1371 filename[0] == '.' ||
1372 streq(filename, "lost+found") ||
1373 streq(filename, "aquota.user") ||
1374 streq(filename, "aquota.group") ||
1375 endswith(filename, ".rpmnew") ||
1376 endswith(filename, ".rpmsave") ||
1377 endswith(filename, ".rpmorig") ||
1378 endswith(filename, ".dpkg-old") ||
1379 endswith(filename, ".dpkg-new") ||
1380 endswith(filename, ".swp");
1381 }
1382
1383 bool ignore_file(const char *filename) {
1384 assert(filename);
1385
1386 if (endswith(filename, "~"))
1387 return true;
1388
1389 return ignore_file_allow_backup(filename);
1390 }
1391
1392 int fd_nonblock(int fd, bool nonblock) {
1393 int flags, nflags;
1394
1395 assert(fd >= 0);
1396
1397 flags = fcntl(fd, F_GETFL, 0);
1398 if (flags < 0)
1399 return -errno;
1400
1401 if (nonblock)
1402 nflags = flags | O_NONBLOCK;
1403 else
1404 nflags = flags & ~O_NONBLOCK;
1405
1406 if (nflags == flags)
1407 return 0;
1408
1409 if (fcntl(fd, F_SETFL, nflags) < 0)
1410 return -errno;
1411
1412 return 0;
1413 }
1414
1415 int fd_cloexec(int fd, bool cloexec) {
1416 int flags, nflags;
1417
1418 assert(fd >= 0);
1419
1420 flags = fcntl(fd, F_GETFD, 0);
1421 if (flags < 0)
1422 return -errno;
1423
1424 if (cloexec)
1425 nflags = flags | FD_CLOEXEC;
1426 else
1427 nflags = flags & ~FD_CLOEXEC;
1428
1429 if (nflags == flags)
1430 return 0;
1431
1432 if (fcntl(fd, F_SETFD, nflags) < 0)
1433 return -errno;
1434
1435 return 0;
1436 }
1437
1438 _pure_ static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) {
1439 unsigned i;
1440
1441 assert(n_fdset == 0 || fdset);
1442
1443 for (i = 0; i < n_fdset; i++)
1444 if (fdset[i] == fd)
1445 return true;
1446
1447 return false;
1448 }
1449
1450 int close_all_fds(const int except[], unsigned n_except) {
1451 _cleanup_closedir_ DIR *d = NULL;
1452 struct dirent *de;
1453 int r = 0;
1454
1455 assert(n_except == 0 || except);
1456
1457 d = opendir("/proc/self/fd");
1458 if (!d) {
1459 int fd;
1460 struct rlimit rl;
1461
1462 /* When /proc isn't available (for example in chroots)
1463 * the fallback is brute forcing through the fd
1464 * table */
1465
1466 assert_se(getrlimit(RLIMIT_NOFILE, &rl) >= 0);
1467 for (fd = 3; fd < (int) rl.rlim_max; fd ++) {
1468
1469 if (fd_in_set(fd, except, n_except))
1470 continue;
1471
1472 if (close_nointr(fd) < 0)
1473 if (errno != EBADF && r == 0)
1474 r = -errno;
1475 }
1476
1477 return r;
1478 }
1479
1480 while ((de = readdir(d))) {
1481 int fd = -1;
1482
1483 if (ignore_file(de->d_name))
1484 continue;
1485
1486 if (safe_atoi(de->d_name, &fd) < 0)
1487 /* Let's better ignore this, just in case */
1488 continue;
1489
1490 if (fd < 3)
1491 continue;
1492
1493 if (fd == dirfd(d))
1494 continue;
1495
1496 if (fd_in_set(fd, except, n_except))
1497 continue;
1498
1499 if (close_nointr(fd) < 0) {
1500 /* Valgrind has its own FD and doesn't want to have it closed */
1501 if (errno != EBADF && r == 0)
1502 r = -errno;
1503 }
1504 }
1505
1506 return r;
1507 }
1508
1509 bool chars_intersect(const char *a, const char *b) {
1510 const char *p;
1511
1512 /* Returns true if any of the chars in a are in b. */
1513 for (p = a; *p; p++)
1514 if (strchr(b, *p))
1515 return true;
1516
1517 return false;
1518 }
1519
1520 bool fstype_is_network(const char *fstype) {
1521 static const char table[] =
1522 "cifs\0"
1523 "smbfs\0"
1524 "sshfs\0"
1525 "ncpfs\0"
1526 "ncp\0"
1527 "nfs\0"
1528 "nfs4\0"
1529 "gfs\0"
1530 "gfs2\0"
1531 "glusterfs\0";
1532
1533 const char *x;
1534
1535 x = startswith(fstype, "fuse.");
1536 if (x)
1537 fstype = x;
1538
1539 return nulstr_contains(table, fstype);
1540 }
1541
1542 int chvt(int vt) {
1543 _cleanup_close_ int fd;
1544
1545 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
1546 if (fd < 0)
1547 return -errno;
1548
1549 if (vt < 0) {
1550 int tiocl[2] = {
1551 TIOCL_GETKMSGREDIRECT,
1552 0
1553 };
1554
1555 if (ioctl(fd, TIOCLINUX, tiocl) < 0)
1556 return -errno;
1557
1558 vt = tiocl[0] <= 0 ? 1 : tiocl[0];
1559 }
1560
1561 if (ioctl(fd, VT_ACTIVATE, vt) < 0)
1562 return -errno;
1563
1564 return 0;
1565 }
1566
1567 int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) {
1568 struct termios old_termios, new_termios;
1569 char c, line[LINE_MAX];
1570
1571 assert(f);
1572 assert(ret);
1573
1574 if (tcgetattr(fileno(f), &old_termios) >= 0) {
1575 new_termios = old_termios;
1576
1577 new_termios.c_lflag &= ~ICANON;
1578 new_termios.c_cc[VMIN] = 1;
1579 new_termios.c_cc[VTIME] = 0;
1580
1581 if (tcsetattr(fileno(f), TCSADRAIN, &new_termios) >= 0) {
1582 size_t k;
1583
1584 if (t != (usec_t) -1) {
1585 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0) {
1586 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
1587 return -ETIMEDOUT;
1588 }
1589 }
1590
1591 k = fread(&c, 1, 1, f);
1592
1593 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
1594
1595 if (k <= 0)
1596 return -EIO;
1597
1598 if (need_nl)
1599 *need_nl = c != '\n';
1600
1601 *ret = c;
1602 return 0;
1603 }
1604 }
1605
1606 if (t != (usec_t) -1) {
1607 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0)
1608 return -ETIMEDOUT;
1609 }
1610
1611 errno = 0;
1612 if (!fgets(line, sizeof(line), f))
1613 return errno ? -errno : -EIO;
1614
1615 truncate_nl(line);
1616
1617 if (strlen(line) != 1)
1618 return -EBADMSG;
1619
1620 if (need_nl)
1621 *need_nl = false;
1622
1623 *ret = line[0];
1624 return 0;
1625 }
1626
1627 int ask_char(char *ret, const char *replies, const char *text, ...) {
1628 int r;
1629
1630 assert(ret);
1631 assert(replies);
1632 assert(text);
1633
1634 for (;;) {
1635 va_list ap;
1636 char c;
1637 bool need_nl = true;
1638
1639 if (on_tty())
1640 fputs(ANSI_HIGHLIGHT_ON, stdout);
1641
1642 va_start(ap, text);
1643 vprintf(text, ap);
1644 va_end(ap);
1645
1646 if (on_tty())
1647 fputs(ANSI_HIGHLIGHT_OFF, stdout);
1648
1649 fflush(stdout);
1650
1651 r = read_one_char(stdin, &c, (usec_t) -1, &need_nl);
1652 if (r < 0) {
1653
1654 if (r == -EBADMSG) {
1655 puts("Bad input, please try again.");
1656 continue;
1657 }
1658
1659 putchar('\n');
1660 return r;
1661 }
1662
1663 if (need_nl)
1664 putchar('\n');
1665
1666 if (strchr(replies, c)) {
1667 *ret = c;
1668 return 0;
1669 }
1670
1671 puts("Read unexpected character, please try again.");
1672 }
1673 }
1674
1675 int ask_string(char **ret, const char *text, ...) {
1676 assert(ret);
1677 assert(text);
1678
1679 for (;;) {
1680 char line[LINE_MAX];
1681 va_list ap;
1682
1683 if (on_tty())
1684 fputs(ANSI_HIGHLIGHT_ON, stdout);
1685
1686 va_start(ap, text);
1687 vprintf(text, ap);
1688 va_end(ap);
1689
1690 if (on_tty())
1691 fputs(ANSI_HIGHLIGHT_OFF, stdout);
1692
1693 fflush(stdout);
1694
1695 errno = 0;
1696 if (!fgets(line, sizeof(line), stdin))
1697 return errno ? -errno : -EIO;
1698
1699 if (!endswith(line, "\n"))
1700 putchar('\n');
1701 else {
1702 char *s;
1703
1704 if (isempty(line))
1705 continue;
1706
1707 truncate_nl(line);
1708 s = strdup(line);
1709 if (!s)
1710 return -ENOMEM;
1711
1712 *ret = s;
1713 return 0;
1714 }
1715 }
1716 }
1717
1718 int reset_terminal_fd(int fd, bool switch_to_text) {
1719 struct termios termios;
1720 int r = 0;
1721
1722 /* Set terminal to some sane defaults */
1723
1724 assert(fd >= 0);
1725
1726 /* We leave locked terminal attributes untouched, so that
1727 * Plymouth may set whatever it wants to set, and we don't
1728 * interfere with that. */
1729
1730 /* Disable exclusive mode, just in case */
1731 ioctl(fd, TIOCNXCL);
1732
1733 /* Switch to text mode */
1734 if (switch_to_text)
1735 ioctl(fd, KDSETMODE, KD_TEXT);
1736
1737 /* Enable console unicode mode */
1738 ioctl(fd, KDSKBMODE, K_UNICODE);
1739
1740 if (tcgetattr(fd, &termios) < 0) {
1741 r = -errno;
1742 goto finish;
1743 }
1744
1745 /* We only reset the stuff that matters to the software. How
1746 * hardware is set up we don't touch assuming that somebody
1747 * else will do that for us */
1748
1749 termios.c_iflag &= ~(IGNBRK | BRKINT | ISTRIP | INLCR | IGNCR | IUCLC);
1750 termios.c_iflag |= ICRNL | IMAXBEL | IUTF8;
1751 termios.c_oflag |= ONLCR;
1752 termios.c_cflag |= CREAD;
1753 termios.c_lflag = ISIG | ICANON | IEXTEN | ECHO | ECHOE | ECHOK | ECHOCTL | ECHOPRT | ECHOKE;
1754
1755 termios.c_cc[VINTR] = 03; /* ^C */
1756 termios.c_cc[VQUIT] = 034; /* ^\ */
1757 termios.c_cc[VERASE] = 0177;
1758 termios.c_cc[VKILL] = 025; /* ^X */
1759 termios.c_cc[VEOF] = 04; /* ^D */
1760 termios.c_cc[VSTART] = 021; /* ^Q */
1761 termios.c_cc[VSTOP] = 023; /* ^S */
1762 termios.c_cc[VSUSP] = 032; /* ^Z */
1763 termios.c_cc[VLNEXT] = 026; /* ^V */
1764 termios.c_cc[VWERASE] = 027; /* ^W */
1765 termios.c_cc[VREPRINT] = 022; /* ^R */
1766 termios.c_cc[VEOL] = 0;
1767 termios.c_cc[VEOL2] = 0;
1768
1769 termios.c_cc[VTIME] = 0;
1770 termios.c_cc[VMIN] = 1;
1771
1772 if (tcsetattr(fd, TCSANOW, &termios) < 0)
1773 r = -errno;
1774
1775 finish:
1776 /* Just in case, flush all crap out */
1777 tcflush(fd, TCIOFLUSH);
1778
1779 return r;
1780 }
1781
1782 int reset_terminal(const char *name) {
1783 _cleanup_close_ int fd = -1;
1784
1785 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
1786 if (fd < 0)
1787 return fd;
1788
1789 return reset_terminal_fd(fd, true);
1790 }
1791
1792 int open_terminal(const char *name, int mode) {
1793 int fd, r;
1794 unsigned c = 0;
1795
1796 /*
1797 * If a TTY is in the process of being closed opening it might
1798 * cause EIO. This is horribly awful, but unlikely to be
1799 * changed in the kernel. Hence we work around this problem by
1800 * retrying a couple of times.
1801 *
1802 * https://bugs.launchpad.net/ubuntu/+source/linux/+bug/554172/comments/245
1803 */
1804
1805 assert(!(mode & O_CREAT));
1806
1807 for (;;) {
1808 fd = open(name, mode, 0);
1809 if (fd >= 0)
1810 break;
1811
1812 if (errno != EIO)
1813 return -errno;
1814
1815 /* Max 1s in total */
1816 if (c >= 20)
1817 return -errno;
1818
1819 usleep(50 * USEC_PER_MSEC);
1820 c++;
1821 }
1822
1823 if (fd < 0)
1824 return -errno;
1825
1826 r = isatty(fd);
1827 if (r < 0) {
1828 safe_close(fd);
1829 return -errno;
1830 }
1831
1832 if (!r) {
1833 safe_close(fd);
1834 return -ENOTTY;
1835 }
1836
1837 return fd;
1838 }
1839
1840 int flush_fd(int fd) {
1841 struct pollfd pollfd = {
1842 .fd = fd,
1843 .events = POLLIN,
1844 };
1845
1846 for (;;) {
1847 char buf[LINE_MAX];
1848 ssize_t l;
1849 int r;
1850
1851 r = poll(&pollfd, 1, 0);
1852 if (r < 0) {
1853 if (errno == EINTR)
1854 continue;
1855
1856 return -errno;
1857
1858 } else if (r == 0)
1859 return 0;
1860
1861 l = read(fd, buf, sizeof(buf));
1862 if (l < 0) {
1863
1864 if (errno == EINTR)
1865 continue;
1866
1867 if (errno == EAGAIN)
1868 return 0;
1869
1870 return -errno;
1871 } else if (l == 0)
1872 return 0;
1873 }
1874 }
1875
1876 int acquire_terminal(
1877 const char *name,
1878 bool fail,
1879 bool force,
1880 bool ignore_tiocstty_eperm,
1881 usec_t timeout) {
1882
1883 int fd = -1, notify = -1, r = 0, wd = -1;
1884 usec_t ts = 0;
1885
1886 assert(name);
1887
1888 /* We use inotify to be notified when the tty is closed. We
1889 * create the watch before checking if we can actually acquire
1890 * it, so that we don't lose any event.
1891 *
1892 * Note: strictly speaking this actually watches for the
1893 * device being closed, it does *not* really watch whether a
1894 * tty loses its controlling process. However, unless some
1895 * rogue process uses TIOCNOTTY on /dev/tty *after* closing
1896 * its tty otherwise this will not become a problem. As long
1897 * as the administrator makes sure not configure any service
1898 * on the same tty as an untrusted user this should not be a
1899 * problem. (Which he probably should not do anyway.) */
1900
1901 if (timeout != (usec_t) -1)
1902 ts = now(CLOCK_MONOTONIC);
1903
1904 if (!fail && !force) {
1905 notify = inotify_init1(IN_CLOEXEC | (timeout != (usec_t) -1 ? IN_NONBLOCK : 0));
1906 if (notify < 0) {
1907 r = -errno;
1908 goto fail;
1909 }
1910
1911 wd = inotify_add_watch(notify, name, IN_CLOSE);
1912 if (wd < 0) {
1913 r = -errno;
1914 goto fail;
1915 }
1916 }
1917
1918 for (;;) {
1919 struct sigaction sa_old, sa_new = {
1920 .sa_handler = SIG_IGN,
1921 .sa_flags = SA_RESTART,
1922 };
1923
1924 if (notify >= 0) {
1925 r = flush_fd(notify);
1926 if (r < 0)
1927 goto fail;
1928 }
1929
1930 /* We pass here O_NOCTTY only so that we can check the return
1931 * value TIOCSCTTY and have a reliable way to figure out if we
1932 * successfully became the controlling process of the tty */
1933 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
1934 if (fd < 0)
1935 return fd;
1936
1937 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
1938 * if we already own the tty. */
1939 assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0);
1940
1941 /* First, try to get the tty */
1942 if (ioctl(fd, TIOCSCTTY, force) < 0)
1943 r = -errno;
1944
1945 assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0);
1946
1947 /* Sometimes it makes sense to ignore TIOCSCTTY
1948 * returning EPERM, i.e. when very likely we already
1949 * are have this controlling terminal. */
1950 if (r < 0 && r == -EPERM && ignore_tiocstty_eperm)
1951 r = 0;
1952
1953 if (r < 0 && (force || fail || r != -EPERM)) {
1954 goto fail;
1955 }
1956
1957 if (r >= 0)
1958 break;
1959
1960 assert(!fail);
1961 assert(!force);
1962 assert(notify >= 0);
1963
1964 for (;;) {
1965 uint8_t inotify_buffer[sizeof(struct inotify_event) + FILENAME_MAX];
1966 ssize_t l;
1967 struct inotify_event *e;
1968
1969 if (timeout != (usec_t) -1) {
1970 usec_t n;
1971
1972 n = now(CLOCK_MONOTONIC);
1973 if (ts + timeout < n) {
1974 r = -ETIMEDOUT;
1975 goto fail;
1976 }
1977
1978 r = fd_wait_for_event(fd, POLLIN, ts + timeout - n);
1979 if (r < 0)
1980 goto fail;
1981
1982 if (r == 0) {
1983 r = -ETIMEDOUT;
1984 goto fail;
1985 }
1986 }
1987
1988 l = read(notify, inotify_buffer, sizeof(inotify_buffer));
1989 if (l < 0) {
1990
1991 if (errno == EINTR || errno == EAGAIN)
1992 continue;
1993
1994 r = -errno;
1995 goto fail;
1996 }
1997
1998 e = (struct inotify_event*) inotify_buffer;
1999
2000 while (l > 0) {
2001 size_t step;
2002
2003 if (e->wd != wd || !(e->mask & IN_CLOSE)) {
2004 r = -EIO;
2005 goto fail;
2006 }
2007
2008 step = sizeof(struct inotify_event) + e->len;
2009 assert(step <= (size_t) l);
2010
2011 e = (struct inotify_event*) ((uint8_t*) e + step);
2012 l -= step;
2013 }
2014
2015 break;
2016 }
2017
2018 /* We close the tty fd here since if the old session
2019 * ended our handle will be dead. It's important that
2020 * we do this after sleeping, so that we don't enter
2021 * an endless loop. */
2022 safe_close(fd);
2023 }
2024
2025 safe_close(notify);
2026
2027 r = reset_terminal_fd(fd, true);
2028 if (r < 0)
2029 log_warning("Failed to reset terminal: %s", strerror(-r));
2030
2031 return fd;
2032
2033 fail:
2034 safe_close(fd);
2035 safe_close(notify);
2036
2037 return r;
2038 }
2039
2040 int release_terminal(void) {
2041 int r = 0;
2042 struct sigaction sa_old, sa_new = {
2043 .sa_handler = SIG_IGN,
2044 .sa_flags = SA_RESTART,
2045 };
2046 _cleanup_close_ int fd;
2047
2048 fd = open("/dev/tty", O_RDWR|O_NOCTTY|O_NDELAY|O_CLOEXEC);
2049 if (fd < 0)
2050 return -errno;
2051
2052 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
2053 * by our own TIOCNOTTY */
2054 assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0);
2055
2056 if (ioctl(fd, TIOCNOTTY) < 0)
2057 r = -errno;
2058
2059 assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0);
2060
2061 return r;
2062 }
2063
2064 int sigaction_many(const struct sigaction *sa, ...) {
2065 va_list ap;
2066 int r = 0, sig;
2067
2068 va_start(ap, sa);
2069 while ((sig = va_arg(ap, int)) > 0)
2070 if (sigaction(sig, sa, NULL) < 0)
2071 r = -errno;
2072 va_end(ap);
2073
2074 return r;
2075 }
2076
2077 int ignore_signals(int sig, ...) {
2078 struct sigaction sa = {
2079 .sa_handler = SIG_IGN,
2080 .sa_flags = SA_RESTART,
2081 };
2082 va_list ap;
2083 int r = 0;
2084
2085 if (sigaction(sig, &sa, NULL) < 0)
2086 r = -errno;
2087
2088 va_start(ap, sig);
2089 while ((sig = va_arg(ap, int)) > 0)
2090 if (sigaction(sig, &sa, NULL) < 0)
2091 r = -errno;
2092 va_end(ap);
2093
2094 return r;
2095 }
2096
2097 int default_signals(int sig, ...) {
2098 struct sigaction sa = {
2099 .sa_handler = SIG_DFL,
2100 .sa_flags = SA_RESTART,
2101 };
2102 va_list ap;
2103 int r = 0;
2104
2105 if (sigaction(sig, &sa, NULL) < 0)
2106 r = -errno;
2107
2108 va_start(ap, sig);
2109 while ((sig = va_arg(ap, int)) > 0)
2110 if (sigaction(sig, &sa, NULL) < 0)
2111 r = -errno;
2112 va_end(ap);
2113
2114 return r;
2115 }
2116
2117 void safe_close_pair(int p[]) {
2118 assert(p);
2119
2120 if (p[0] == p[1]) {
2121 /* Special case pairs which use the same fd in both
2122 * directions... */
2123 p[0] = p[1] = safe_close(p[0]);
2124 return;
2125 }
2126
2127 p[0] = safe_close(p[0]);
2128 p[1] = safe_close(p[1]);
2129 }
2130
2131 ssize_t loop_read(int fd, void *buf, size_t nbytes, bool do_poll) {
2132 uint8_t *p = buf;
2133 ssize_t n = 0;
2134
2135 assert(fd >= 0);
2136 assert(buf);
2137
2138 while (nbytes > 0) {
2139 ssize_t k;
2140
2141 k = read(fd, p, nbytes);
2142 if (k < 0 && errno == EINTR)
2143 continue;
2144
2145 if (k < 0 && errno == EAGAIN && do_poll) {
2146
2147 /* We knowingly ignore any return value here,
2148 * and expect that any error/EOF is reported
2149 * via read() */
2150
2151 fd_wait_for_event(fd, POLLIN, (usec_t) -1);
2152 continue;
2153 }
2154
2155 if (k <= 0)
2156 return n > 0 ? n : (k < 0 ? -errno : 0);
2157
2158 p += k;
2159 nbytes -= k;
2160 n += k;
2161 }
2162
2163 return n;
2164 }
2165
2166 ssize_t loop_write(int fd, const void *buf, size_t nbytes, bool do_poll) {
2167 const uint8_t *p = buf;
2168 ssize_t n = 0;
2169
2170 assert(fd >= 0);
2171 assert(buf);
2172
2173 while (nbytes > 0) {
2174 ssize_t k;
2175
2176 k = write(fd, p, nbytes);
2177 if (k < 0 && errno == EINTR)
2178 continue;
2179
2180 if (k < 0 && errno == EAGAIN && do_poll) {
2181
2182 /* We knowingly ignore any return value here,
2183 * and expect that any error/EOF is reported
2184 * via write() */
2185
2186 fd_wait_for_event(fd, POLLOUT, (usec_t) -1);
2187 continue;
2188 }
2189
2190 if (k <= 0)
2191 return n > 0 ? n : (k < 0 ? -errno : 0);
2192
2193 p += k;
2194 nbytes -= k;
2195 n += k;
2196 }
2197
2198 return n;
2199 }
2200
2201 int parse_size(const char *t, off_t base, off_t *size) {
2202
2203 /* Soo, sometimes we want to parse IEC binary suffxies, and
2204 * sometimes SI decimal suffixes. This function can parse
2205 * both. Which one is the right way depends on the
2206 * context. Wikipedia suggests that SI is customary for
2207 * hardrware metrics and network speeds, while IEC is
2208 * customary for most data sizes used by software and volatile
2209 * (RAM) memory. Hence be careful which one you pick!
2210 *
2211 * In either case we use just K, M, G as suffix, and not Ki,
2212 * Mi, Gi or so (as IEC would suggest). That's because that's
2213 * frickin' ugly. But this means you really need to make sure
2214 * to document which base you are parsing when you use this
2215 * call. */
2216
2217 struct table {
2218 const char *suffix;
2219 unsigned long long factor;
2220 };
2221
2222 static const struct table iec[] = {
2223 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2224 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2225 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
2226 { "G", 1024ULL*1024ULL*1024ULL },
2227 { "M", 1024ULL*1024ULL },
2228 { "K", 1024ULL },
2229 { "B", 1 },
2230 { "", 1 },
2231 };
2232
2233 static const struct table si[] = {
2234 { "E", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2235 { "P", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2236 { "T", 1000ULL*1000ULL*1000ULL*1000ULL },
2237 { "G", 1000ULL*1000ULL*1000ULL },
2238 { "M", 1000ULL*1000ULL },
2239 { "K", 1000ULL },
2240 { "B", 1 },
2241 { "", 1 },
2242 };
2243
2244 const struct table *table;
2245 const char *p;
2246 unsigned long long r = 0;
2247 unsigned n_entries, start_pos = 0;
2248
2249 assert(t);
2250 assert(base == 1000 || base == 1024);
2251 assert(size);
2252
2253 if (base == 1000) {
2254 table = si;
2255 n_entries = ELEMENTSOF(si);
2256 } else {
2257 table = iec;
2258 n_entries = ELEMENTSOF(iec);
2259 }
2260
2261 p = t;
2262 do {
2263 long long l;
2264 unsigned long long l2;
2265 double frac = 0;
2266 char *e;
2267 unsigned i;
2268
2269 errno = 0;
2270 l = strtoll(p, &e, 10);
2271
2272 if (errno > 0)
2273 return -errno;
2274
2275 if (l < 0)
2276 return -ERANGE;
2277
2278 if (e == p)
2279 return -EINVAL;
2280
2281 if (*e == '.') {
2282 e++;
2283 if (*e >= '0' && *e <= '9') {
2284 char *e2;
2285
2286 /* strotoull itself would accept space/+/- */
2287 l2 = strtoull(e, &e2, 10);
2288
2289 if (errno == ERANGE)
2290 return -errno;
2291
2292 /* Ignore failure. E.g. 10.M is valid */
2293 frac = l2;
2294 for (; e < e2; e++)
2295 frac /= 10;
2296 }
2297 }
2298
2299 e += strspn(e, WHITESPACE);
2300
2301 for (i = start_pos; i < n_entries; i++)
2302 if (startswith(e, table[i].suffix)) {
2303 unsigned long long tmp;
2304 if ((unsigned long long) l + (frac > 0) > ULLONG_MAX / table[i].factor)
2305 return -ERANGE;
2306 tmp = l * table[i].factor + (unsigned long long) (frac * table[i].factor);
2307 if (tmp > ULLONG_MAX - r)
2308 return -ERANGE;
2309
2310 r += tmp;
2311 if ((unsigned long long) (off_t) r != r)
2312 return -ERANGE;
2313
2314 p = e + strlen(table[i].suffix);
2315
2316 start_pos = i + 1;
2317 break;
2318 }
2319
2320 if (i >= n_entries)
2321 return -EINVAL;
2322
2323 } while (*p);
2324
2325 *size = r;
2326
2327 return 0;
2328 }
2329
2330 int make_stdio(int fd) {
2331 int r, s, t;
2332
2333 assert(fd >= 0);
2334
2335 r = dup3(fd, STDIN_FILENO, 0);
2336 s = dup3(fd, STDOUT_FILENO, 0);
2337 t = dup3(fd, STDERR_FILENO, 0);
2338
2339 if (fd >= 3)
2340 safe_close(fd);
2341
2342 if (r < 0 || s < 0 || t < 0)
2343 return -errno;
2344
2345 /* We rely here that the new fd has O_CLOEXEC not set */
2346
2347 return 0;
2348 }
2349
2350 int make_null_stdio(void) {
2351 int null_fd;
2352
2353 null_fd = open("/dev/null", O_RDWR|O_NOCTTY);
2354 if (null_fd < 0)
2355 return -errno;
2356
2357 return make_stdio(null_fd);
2358 }
2359
2360 bool is_device_path(const char *path) {
2361
2362 /* Returns true on paths that refer to a device, either in
2363 * sysfs or in /dev */
2364
2365 return
2366 path_startswith(path, "/dev/") ||
2367 path_startswith(path, "/sys/");
2368 }
2369
2370 int dir_is_empty(const char *path) {
2371 _cleanup_closedir_ DIR *d;
2372
2373 d = opendir(path);
2374 if (!d)
2375 return -errno;
2376
2377 for (;;) {
2378 struct dirent *de;
2379
2380 errno = 0;
2381 de = readdir(d);
2382 if (!de && errno != 0)
2383 return -errno;
2384
2385 if (!de)
2386 return 1;
2387
2388 if (!ignore_file(de->d_name))
2389 return 0;
2390 }
2391 }
2392
2393 char* dirname_malloc(const char *path) {
2394 char *d, *dir, *dir2;
2395
2396 d = strdup(path);
2397 if (!d)
2398 return NULL;
2399 dir = dirname(d);
2400 assert(dir);
2401
2402 if (dir != d) {
2403 dir2 = strdup(dir);
2404 free(d);
2405 return dir2;
2406 }
2407
2408 return dir;
2409 }
2410
2411 int dev_urandom(void *p, size_t n) {
2412 _cleanup_close_ int fd;
2413 ssize_t k;
2414
2415 fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY);
2416 if (fd < 0)
2417 return errno == ENOENT ? -ENOSYS : -errno;
2418
2419 k = loop_read(fd, p, n, true);
2420 if (k < 0)
2421 return (int) k;
2422 if ((size_t) k != n)
2423 return -EIO;
2424
2425 return 0;
2426 }
2427
2428 void random_bytes(void *p, size_t n) {
2429 static bool srand_called = false;
2430 uint8_t *q;
2431 int r;
2432
2433 r = dev_urandom(p, n);
2434 if (r >= 0)
2435 return;
2436
2437 /* If some idiot made /dev/urandom unavailable to us, he'll
2438 * get a PRNG instead. */
2439
2440 if (!srand_called) {
2441 unsigned x = 0;
2442
2443 #ifdef HAVE_SYS_AUXV_H
2444 /* The kernel provides us with a bit of entropy in
2445 * auxv, so let's try to make use of that to seed the
2446 * pseudo-random generator. It's better than
2447 * nothing... */
2448
2449 void *auxv;
2450
2451 auxv = (void*) getauxval(AT_RANDOM);
2452 if (auxv)
2453 x ^= *(unsigned*) auxv;
2454 #endif
2455
2456 x ^= (unsigned) now(CLOCK_REALTIME);
2457 x ^= (unsigned) gettid();
2458
2459 srand(x);
2460 srand_called = true;
2461 }
2462
2463 for (q = p; q < (uint8_t*) p + n; q ++)
2464 *q = rand();
2465 }
2466
2467 void rename_process(const char name[8]) {
2468 assert(name);
2469
2470 /* This is a like a poor man's setproctitle(). It changes the
2471 * comm field, argv[0], and also the glibc's internally used
2472 * name of the process. For the first one a limit of 16 chars
2473 * applies, to the second one usually one of 10 (i.e. length
2474 * of "/sbin/init"), to the third one one of 7 (i.e. length of
2475 * "systemd"). If you pass a longer string it will be
2476 * truncated */
2477
2478 prctl(PR_SET_NAME, name);
2479
2480 if (program_invocation_name)
2481 strncpy(program_invocation_name, name, strlen(program_invocation_name));
2482
2483 if (saved_argc > 0) {
2484 int i;
2485
2486 if (saved_argv[0])
2487 strncpy(saved_argv[0], name, strlen(saved_argv[0]));
2488
2489 for (i = 1; i < saved_argc; i++) {
2490 if (!saved_argv[i])
2491 break;
2492
2493 memzero(saved_argv[i], strlen(saved_argv[i]));
2494 }
2495 }
2496 }
2497
2498 void sigset_add_many(sigset_t *ss, ...) {
2499 va_list ap;
2500 int sig;
2501
2502 assert(ss);
2503
2504 va_start(ap, ss);
2505 while ((sig = va_arg(ap, int)) > 0)
2506 assert_se(sigaddset(ss, sig) == 0);
2507 va_end(ap);
2508 }
2509
2510 int sigprocmask_many(int how, ...) {
2511 va_list ap;
2512 sigset_t ss;
2513 int sig;
2514
2515 assert_se(sigemptyset(&ss) == 0);
2516
2517 va_start(ap, how);
2518 while ((sig = va_arg(ap, int)) > 0)
2519 assert_se(sigaddset(&ss, sig) == 0);
2520 va_end(ap);
2521
2522 if (sigprocmask(how, &ss, NULL) < 0)
2523 return -errno;
2524
2525 return 0;
2526 }
2527
2528 char* gethostname_malloc(void) {
2529 struct utsname u;
2530
2531 assert_se(uname(&u) >= 0);
2532
2533 if (!isempty(u.nodename) && !streq(u.nodename, "(none)"))
2534 return strdup(u.nodename);
2535
2536 return strdup(u.sysname);
2537 }
2538
2539 bool hostname_is_set(void) {
2540 struct utsname u;
2541
2542 assert_se(uname(&u) >= 0);
2543
2544 return !isempty(u.nodename) && !streq(u.nodename, "(none)");
2545 }
2546
2547 static char *lookup_uid(uid_t uid) {
2548 long bufsize;
2549 char *name;
2550 _cleanup_free_ char *buf = NULL;
2551 struct passwd pwbuf, *pw = NULL;
2552
2553 /* Shortcut things to avoid NSS lookups */
2554 if (uid == 0)
2555 return strdup("root");
2556
2557 bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
2558 if (bufsize <= 0)
2559 bufsize = 4096;
2560
2561 buf = malloc(bufsize);
2562 if (!buf)
2563 return NULL;
2564
2565 if (getpwuid_r(uid, &pwbuf, buf, bufsize, &pw) == 0 && pw)
2566 return strdup(pw->pw_name);
2567
2568 if (asprintf(&name, UID_FMT, uid) < 0)
2569 return NULL;
2570
2571 return name;
2572 }
2573
2574 char* getlogname_malloc(void) {
2575 uid_t uid;
2576 struct stat st;
2577
2578 if (isatty(STDIN_FILENO) && fstat(STDIN_FILENO, &st) >= 0)
2579 uid = st.st_uid;
2580 else
2581 uid = getuid();
2582
2583 return lookup_uid(uid);
2584 }
2585
2586 char *getusername_malloc(void) {
2587 const char *e;
2588
2589 e = getenv("USER");
2590 if (e)
2591 return strdup(e);
2592
2593 return lookup_uid(getuid());
2594 }
2595
2596 int getttyname_malloc(int fd, char **r) {
2597 char path[PATH_MAX], *c;
2598 int k;
2599
2600 assert(r);
2601
2602 k = ttyname_r(fd, path, sizeof(path));
2603 if (k > 0)
2604 return -k;
2605
2606 char_array_0(path);
2607
2608 c = strdup(startswith(path, "/dev/") ? path + 5 : path);
2609 if (!c)
2610 return -ENOMEM;
2611
2612 *r = c;
2613 return 0;
2614 }
2615
2616 int getttyname_harder(int fd, char **r) {
2617 int k;
2618 char *s;
2619
2620 k = getttyname_malloc(fd, &s);
2621 if (k < 0)
2622 return k;
2623
2624 if (streq(s, "tty")) {
2625 free(s);
2626 return get_ctty(0, NULL, r);
2627 }
2628
2629 *r = s;
2630 return 0;
2631 }
2632
2633 int get_ctty_devnr(pid_t pid, dev_t *d) {
2634 int r;
2635 _cleanup_free_ char *line = NULL;
2636 const char *p;
2637 unsigned long ttynr;
2638
2639 assert(pid >= 0);
2640
2641 p = procfs_file_alloca(pid, "stat");
2642 r = read_one_line_file(p, &line);
2643 if (r < 0)
2644 return r;
2645
2646 p = strrchr(line, ')');
2647 if (!p)
2648 return -EIO;
2649
2650 p++;
2651
2652 if (sscanf(p, " "
2653 "%*c " /* state */
2654 "%*d " /* ppid */
2655 "%*d " /* pgrp */
2656 "%*d " /* session */
2657 "%lu ", /* ttynr */
2658 &ttynr) != 1)
2659 return -EIO;
2660
2661 if (major(ttynr) == 0 && minor(ttynr) == 0)
2662 return -ENOENT;
2663
2664 if (d)
2665 *d = (dev_t) ttynr;
2666
2667 return 0;
2668 }
2669
2670 int get_ctty(pid_t pid, dev_t *_devnr, char **r) {
2671 char fn[sizeof("/dev/char/")-1 + 2*DECIMAL_STR_MAX(unsigned) + 1 + 1], *b = NULL;
2672 _cleanup_free_ char *s = NULL;
2673 const char *p;
2674 dev_t devnr;
2675 int k;
2676
2677 assert(r);
2678
2679 k = get_ctty_devnr(pid, &devnr);
2680 if (k < 0)
2681 return k;
2682
2683 snprintf(fn, sizeof(fn), "/dev/char/%u:%u", major(devnr), minor(devnr));
2684
2685 k = readlink_malloc(fn, &s);
2686 if (k < 0) {
2687
2688 if (k != -ENOENT)
2689 return k;
2690
2691 /* This is an ugly hack */
2692 if (major(devnr) == 136) {
2693 asprintf(&b, "pts/%u", minor(devnr));
2694 goto finish;
2695 }
2696
2697 /* Probably something like the ptys which have no
2698 * symlink in /dev/char. Let's return something
2699 * vaguely useful. */
2700
2701 b = strdup(fn + 5);
2702 goto finish;
2703 }
2704
2705 if (startswith(s, "/dev/"))
2706 p = s + 5;
2707 else if (startswith(s, "../"))
2708 p = s + 3;
2709 else
2710 p = s;
2711
2712 b = strdup(p);
2713
2714 finish:
2715 if (!b)
2716 return -ENOMEM;
2717
2718 *r = b;
2719 if (_devnr)
2720 *_devnr = devnr;
2721
2722 return 0;
2723 }
2724
2725 int rm_rf_children_dangerous(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
2726 _cleanup_closedir_ DIR *d = NULL;
2727 int ret = 0;
2728
2729 assert(fd >= 0);
2730
2731 /* This returns the first error we run into, but nevertheless
2732 * tries to go on. This closes the passed fd. */
2733
2734 d = fdopendir(fd);
2735 if (!d) {
2736 safe_close(fd);
2737
2738 return errno == ENOENT ? 0 : -errno;
2739 }
2740
2741 for (;;) {
2742 struct dirent *de;
2743 bool is_dir, keep_around;
2744 struct stat st;
2745 int r;
2746
2747 errno = 0;
2748 de = readdir(d);
2749 if (!de) {
2750 if (errno != 0 && ret == 0)
2751 ret = -errno;
2752 return ret;
2753 }
2754
2755 if (streq(de->d_name, ".") || streq(de->d_name, ".."))
2756 continue;
2757
2758 if (de->d_type == DT_UNKNOWN ||
2759 honour_sticky ||
2760 (de->d_type == DT_DIR && root_dev)) {
2761 if (fstatat(fd, de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
2762 if (ret == 0 && errno != ENOENT)
2763 ret = -errno;
2764 continue;
2765 }
2766
2767 is_dir = S_ISDIR(st.st_mode);
2768 keep_around =
2769 honour_sticky &&
2770 (st.st_uid == 0 || st.st_uid == getuid()) &&
2771 (st.st_mode & S_ISVTX);
2772 } else {
2773 is_dir = de->d_type == DT_DIR;
2774 keep_around = false;
2775 }
2776
2777 if (is_dir) {
2778 int subdir_fd;
2779
2780 /* if root_dev is set, remove subdirectories only, if device is same as dir */
2781 if (root_dev && st.st_dev != root_dev->st_dev)
2782 continue;
2783
2784 subdir_fd = openat(fd, de->d_name,
2785 O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
2786 if (subdir_fd < 0) {
2787 if (ret == 0 && errno != ENOENT)
2788 ret = -errno;
2789 continue;
2790 }
2791
2792 r = rm_rf_children_dangerous(subdir_fd, only_dirs, honour_sticky, root_dev);
2793 if (r < 0 && ret == 0)
2794 ret = r;
2795
2796 if (!keep_around)
2797 if (unlinkat(fd, de->d_name, AT_REMOVEDIR) < 0) {
2798 if (ret == 0 && errno != ENOENT)
2799 ret = -errno;
2800 }
2801
2802 } else if (!only_dirs && !keep_around) {
2803
2804 if (unlinkat(fd, de->d_name, 0) < 0) {
2805 if (ret == 0 && errno != ENOENT)
2806 ret = -errno;
2807 }
2808 }
2809 }
2810 }
2811
2812 _pure_ static int is_temporary_fs(struct statfs *s) {
2813 assert(s);
2814
2815 return F_TYPE_EQUAL(s->f_type, TMPFS_MAGIC) ||
2816 F_TYPE_EQUAL(s->f_type, RAMFS_MAGIC);
2817 }
2818
2819 int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
2820 struct statfs s;
2821
2822 assert(fd >= 0);
2823
2824 if (fstatfs(fd, &s) < 0) {
2825 safe_close(fd);
2826 return -errno;
2827 }
2828
2829 /* We refuse to clean disk file systems with this call. This
2830 * is extra paranoia just to be sure we never ever remove
2831 * non-state data */
2832 if (!is_temporary_fs(&s)) {
2833 log_error("Attempted to remove disk file system, and we can't allow that.");
2834 safe_close(fd);
2835 return -EPERM;
2836 }
2837
2838 return rm_rf_children_dangerous(fd, only_dirs, honour_sticky, root_dev);
2839 }
2840
2841 static int rm_rf_internal(const char *path, bool only_dirs, bool delete_root, bool honour_sticky, bool dangerous) {
2842 int fd, r;
2843 struct statfs s;
2844
2845 assert(path);
2846
2847 /* We refuse to clean the root file system with this
2848 * call. This is extra paranoia to never cause a really
2849 * seriously broken system. */
2850 if (path_equal(path, "/")) {
2851 log_error("Attempted to remove entire root file system, and we can't allow that.");
2852 return -EPERM;
2853 }
2854
2855 fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
2856 if (fd < 0) {
2857
2858 if (errno != ENOTDIR)
2859 return -errno;
2860
2861 if (!dangerous) {
2862 if (statfs(path, &s) < 0)
2863 return -errno;
2864
2865 if (!is_temporary_fs(&s)) {
2866 log_error("Attempted to remove disk file system, and we can't allow that.");
2867 return -EPERM;
2868 }
2869 }
2870
2871 if (delete_root && !only_dirs)
2872 if (unlink(path) < 0 && errno != ENOENT)
2873 return -errno;
2874
2875 return 0;
2876 }
2877
2878 if (!dangerous) {
2879 if (fstatfs(fd, &s) < 0) {
2880 safe_close(fd);
2881 return -errno;
2882 }
2883
2884 if (!is_temporary_fs(&s)) {
2885 log_error("Attempted to remove disk file system, and we can't allow that.");
2886 safe_close(fd);
2887 return -EPERM;
2888 }
2889 }
2890
2891 r = rm_rf_children_dangerous(fd, only_dirs, honour_sticky, NULL);
2892 if (delete_root) {
2893
2894 if (honour_sticky && file_is_priv_sticky(path) > 0)
2895 return r;
2896
2897 if (rmdir(path) < 0 && errno != ENOENT) {
2898 if (r == 0)
2899 r = -errno;
2900 }
2901 }
2902
2903 return r;
2904 }
2905
2906 int rm_rf(const char *path, bool only_dirs, bool delete_root, bool honour_sticky) {
2907 return rm_rf_internal(path, only_dirs, delete_root, honour_sticky, false);
2908 }
2909
2910 int rm_rf_dangerous(const char *path, bool only_dirs, bool delete_root, bool honour_sticky) {
2911 return rm_rf_internal(path, only_dirs, delete_root, honour_sticky, true);
2912 }
2913
2914 int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid) {
2915 assert(path);
2916
2917 /* Under the assumption that we are running privileged we
2918 * first change the access mode and only then hand out
2919 * ownership to avoid a window where access is too open. */
2920
2921 if (mode != (mode_t) -1)
2922 if (chmod(path, mode) < 0)
2923 return -errno;
2924
2925 if (uid != (uid_t) -1 || gid != (gid_t) -1)
2926 if (chown(path, uid, gid) < 0)
2927 return -errno;
2928
2929 return 0;
2930 }
2931
2932 int fchmod_and_fchown(int fd, mode_t mode, uid_t uid, gid_t gid) {
2933 assert(fd >= 0);
2934
2935 /* Under the assumption that we are running privileged we
2936 * first change the access mode and only then hand out
2937 * ownership to avoid a window where access is too open. */
2938
2939 if (mode != (mode_t) -1)
2940 if (fchmod(fd, mode) < 0)
2941 return -errno;
2942
2943 if (uid != (uid_t) -1 || gid != (gid_t) -1)
2944 if (fchown(fd, uid, gid) < 0)
2945 return -errno;
2946
2947 return 0;
2948 }
2949
2950 cpu_set_t* cpu_set_malloc(unsigned *ncpus) {
2951 cpu_set_t *r;
2952 unsigned n = 1024;
2953
2954 /* Allocates the cpuset in the right size */
2955
2956 for (;;) {
2957 if (!(r = CPU_ALLOC(n)))
2958 return NULL;
2959
2960 if (sched_getaffinity(0, CPU_ALLOC_SIZE(n), r) >= 0) {
2961 CPU_ZERO_S(CPU_ALLOC_SIZE(n), r);
2962
2963 if (ncpus)
2964 *ncpus = n;
2965
2966 return r;
2967 }
2968
2969 CPU_FREE(r);
2970
2971 if (errno != EINVAL)
2972 return NULL;
2973
2974 n *= 2;
2975 }
2976 }
2977
2978 int status_vprintf(const char *status, bool ellipse, bool ephemeral, const char *format, va_list ap) {
2979 static const char status_indent[] = " "; /* "[" STATUS "] " */
2980 _cleanup_free_ char *s = NULL;
2981 _cleanup_close_ int fd = -1;
2982 struct iovec iovec[6] = {};
2983 int n = 0;
2984 static bool prev_ephemeral;
2985
2986 assert(format);
2987
2988 /* This is independent of logging, as status messages are
2989 * optional and go exclusively to the console. */
2990
2991 if (vasprintf(&s, format, ap) < 0)
2992 return log_oom();
2993
2994 fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
2995 if (fd < 0)
2996 return fd;
2997
2998 if (ellipse) {
2999 char *e;
3000 size_t emax, sl;
3001 int c;
3002
3003 c = fd_columns(fd);
3004 if (c <= 0)
3005 c = 80;
3006
3007 sl = status ? sizeof(status_indent)-1 : 0;
3008
3009 emax = c - sl - 1;
3010 if (emax < 3)
3011 emax = 3;
3012
3013 e = ellipsize(s, emax, 75);
3014 if (e) {
3015 free(s);
3016 s = e;
3017 }
3018 }
3019
3020 if (prev_ephemeral)
3021 IOVEC_SET_STRING(iovec[n++], "\r" ANSI_ERASE_TO_END_OF_LINE);
3022 prev_ephemeral = ephemeral;
3023
3024 if (status) {
3025 if (!isempty(status)) {
3026 IOVEC_SET_STRING(iovec[n++], "[");
3027 IOVEC_SET_STRING(iovec[n++], status);
3028 IOVEC_SET_STRING(iovec[n++], "] ");
3029 } else
3030 IOVEC_SET_STRING(iovec[n++], status_indent);
3031 }
3032
3033 IOVEC_SET_STRING(iovec[n++], s);
3034 if (!ephemeral)
3035 IOVEC_SET_STRING(iovec[n++], "\n");
3036
3037 if (writev(fd, iovec, n) < 0)
3038 return -errno;
3039
3040 return 0;
3041 }
3042
3043 int status_printf(const char *status, bool ellipse, bool ephemeral, const char *format, ...) {
3044 va_list ap;
3045 int r;
3046
3047 assert(format);
3048
3049 va_start(ap, format);
3050 r = status_vprintf(status, ellipse, ephemeral, format, ap);
3051 va_end(ap);
3052
3053 return r;
3054 }
3055
3056 char *replace_env(const char *format, char **env) {
3057 enum {
3058 WORD,
3059 CURLY,
3060 VARIABLE
3061 } state = WORD;
3062
3063 const char *e, *word = format;
3064 char *r = NULL, *k;
3065
3066 assert(format);
3067
3068 for (e = format; *e; e ++) {
3069
3070 switch (state) {
3071
3072 case WORD:
3073 if (*e == '$')
3074 state = CURLY;
3075 break;
3076
3077 case CURLY:
3078 if (*e == '{') {
3079 if (!(k = strnappend(r, word, e-word-1)))
3080 goto fail;
3081
3082 free(r);
3083 r = k;
3084
3085 word = e-1;
3086 state = VARIABLE;
3087
3088 } else if (*e == '$') {
3089 if (!(k = strnappend(r, word, e-word)))
3090 goto fail;
3091
3092 free(r);
3093 r = k;
3094
3095 word = e+1;
3096 state = WORD;
3097 } else
3098 state = WORD;
3099 break;
3100
3101 case VARIABLE:
3102 if (*e == '}') {
3103 const char *t;
3104
3105 t = strempty(strv_env_get_n(env, word+2, e-word-2));
3106
3107 k = strappend(r, t);
3108 if (!k)
3109 goto fail;
3110
3111 free(r);
3112 r = k;
3113
3114 word = e+1;
3115 state = WORD;
3116 }
3117 break;
3118 }
3119 }
3120
3121 if (!(k = strnappend(r, word, e-word)))
3122 goto fail;
3123
3124 free(r);
3125 return k;
3126
3127 fail:
3128 free(r);
3129 return NULL;
3130 }
3131
3132 char **replace_env_argv(char **argv, char **env) {
3133 char **r, **i;
3134 unsigned k = 0, l = 0;
3135
3136 l = strv_length(argv);
3137
3138 if (!(r = new(char*, l+1)))
3139 return NULL;
3140
3141 STRV_FOREACH(i, argv) {
3142
3143 /* If $FOO appears as single word, replace it by the split up variable */
3144 if ((*i)[0] == '$' && (*i)[1] != '{') {
3145 char *e;
3146 char **w, **m;
3147 unsigned q;
3148
3149 e = strv_env_get(env, *i+1);
3150 if (e) {
3151
3152 if (!(m = strv_split_quoted(e))) {
3153 r[k] = NULL;
3154 strv_free(r);
3155 return NULL;
3156 }
3157 } else
3158 m = NULL;
3159
3160 q = strv_length(m);
3161 l = l + q - 1;
3162
3163 if (!(w = realloc(r, sizeof(char*) * (l+1)))) {
3164 r[k] = NULL;
3165 strv_free(r);
3166 strv_free(m);
3167 return NULL;
3168 }
3169
3170 r = w;
3171 if (m) {
3172 memcpy(r + k, m, q * sizeof(char*));
3173 free(m);
3174 }
3175
3176 k += q;
3177 continue;
3178 }
3179
3180 /* If ${FOO} appears as part of a word, replace it by the variable as-is */
3181 if (!(r[k++] = replace_env(*i, env))) {
3182 strv_free(r);
3183 return NULL;
3184 }
3185 }
3186
3187 r[k] = NULL;
3188 return r;
3189 }
3190
3191 int fd_columns(int fd) {
3192 struct winsize ws = {};
3193
3194 if (ioctl(fd, TIOCGWINSZ, &ws) < 0)
3195 return -errno;
3196
3197 if (ws.ws_col <= 0)
3198 return -EIO;
3199
3200 return ws.ws_col;
3201 }
3202
3203 unsigned columns(void) {
3204 const char *e;
3205 int c;
3206
3207 if (_likely_(cached_columns > 0))
3208 return cached_columns;
3209
3210 c = 0;
3211 e = getenv("COLUMNS");
3212 if (e)
3213 safe_atoi(e, &c);
3214
3215 if (c <= 0)
3216 c = fd_columns(STDOUT_FILENO);
3217
3218 if (c <= 0)
3219 c = 80;
3220
3221 cached_columns = c;
3222 return c;
3223 }
3224
3225 int fd_lines(int fd) {
3226 struct winsize ws = {};
3227
3228 if (ioctl(fd, TIOCGWINSZ, &ws) < 0)
3229 return -errno;
3230
3231 if (ws.ws_row <= 0)
3232 return -EIO;
3233
3234 return ws.ws_row;
3235 }
3236
3237 unsigned lines(void) {
3238 const char *e;
3239 unsigned l;
3240
3241 if (_likely_(cached_lines > 0))
3242 return cached_lines;
3243
3244 l = 0;
3245 e = getenv("LINES");
3246 if (e)
3247 safe_atou(e, &l);
3248
3249 if (l <= 0)
3250 l = fd_lines(STDOUT_FILENO);
3251
3252 if (l <= 0)
3253 l = 24;
3254
3255 cached_lines = l;
3256 return cached_lines;
3257 }
3258
3259 /* intended to be used as a SIGWINCH sighandler */
3260 void columns_lines_cache_reset(int signum) {
3261 cached_columns = 0;
3262 cached_lines = 0;
3263 }
3264
3265 bool on_tty(void) {
3266 static int cached_on_tty = -1;
3267
3268 if (_unlikely_(cached_on_tty < 0))
3269 cached_on_tty = isatty(STDOUT_FILENO) > 0;
3270
3271 return cached_on_tty;
3272 }
3273
3274 int files_same(const char *filea, const char *fileb) {
3275 struct stat a, b;
3276
3277 if (stat(filea, &a) < 0)
3278 return -errno;
3279
3280 if (stat(fileb, &b) < 0)
3281 return -errno;
3282
3283 return a.st_dev == b.st_dev &&
3284 a.st_ino == b.st_ino;
3285 }
3286
3287 int running_in_chroot(void) {
3288 int ret;
3289
3290 ret = files_same("/proc/1/root", "/");
3291 if (ret < 0)
3292 return ret;
3293
3294 return ret == 0;
3295 }
3296
3297 static char *ascii_ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
3298 size_t x;
3299 char *r;
3300
3301 assert(s);
3302 assert(percent <= 100);
3303 assert(new_length >= 3);
3304
3305 if (old_length <= 3 || old_length <= new_length)
3306 return strndup(s, old_length);
3307
3308 r = new0(char, new_length+1);
3309 if (!r)
3310 return NULL;
3311
3312 x = (new_length * percent) / 100;
3313
3314 if (x > new_length - 3)
3315 x = new_length - 3;
3316
3317 memcpy(r, s, x);
3318 r[x] = '.';
3319 r[x+1] = '.';
3320 r[x+2] = '.';
3321 memcpy(r + x + 3,
3322 s + old_length - (new_length - x - 3),
3323 new_length - x - 3);
3324
3325 return r;
3326 }
3327
3328 char *ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
3329 size_t x;
3330 char *e;
3331 const char *i, *j;
3332 unsigned k, len, len2;
3333
3334 assert(s);
3335 assert(percent <= 100);
3336 assert(new_length >= 3);
3337
3338 /* if no multibyte characters use ascii_ellipsize_mem for speed */
3339 if (ascii_is_valid(s))
3340 return ascii_ellipsize_mem(s, old_length, new_length, percent);
3341
3342 if (old_length <= 3 || old_length <= new_length)
3343 return strndup(s, old_length);
3344
3345 x = (new_length * percent) / 100;
3346
3347 if (x > new_length - 3)
3348 x = new_length - 3;
3349
3350 k = 0;
3351 for (i = s; k < x && i < s + old_length; i = utf8_next_char(i)) {
3352 int c;
3353
3354 c = utf8_encoded_to_unichar(i);
3355 if (c < 0)
3356 return NULL;
3357 k += unichar_iswide(c) ? 2 : 1;
3358 }
3359
3360 if (k > x) /* last character was wide and went over quota */
3361 x ++;
3362
3363 for (j = s + old_length; k < new_length && j > i; ) {
3364 int c;
3365
3366 j = utf8_prev_char(j);
3367 c = utf8_encoded_to_unichar(j);
3368 if (c < 0)
3369 return NULL;
3370 k += unichar_iswide(c) ? 2 : 1;
3371 }
3372 assert(i <= j);
3373
3374 /* we don't actually need to ellipsize */
3375 if (i == j)
3376 return memdup(s, old_length + 1);
3377
3378 /* make space for ellipsis */
3379 j = utf8_next_char(j);
3380
3381 len = i - s;
3382 len2 = s + old_length - j;
3383 e = new(char, len + 3 + len2 + 1);
3384 if (!e)
3385 return NULL;
3386
3387 /*
3388 printf("old_length=%zu new_length=%zu x=%zu len=%u len2=%u k=%u\n",
3389 old_length, new_length, x, len, len2, k);
3390 */
3391
3392 memcpy(e, s, len);
3393 e[len] = 0xe2; /* tri-dot ellipsis: … */
3394 e[len + 1] = 0x80;
3395 e[len + 2] = 0xa6;
3396
3397 memcpy(e + len + 3, j, len2 + 1);
3398
3399 return e;
3400 }
3401
3402 char *ellipsize(const char *s, size_t length, unsigned percent) {
3403 return ellipsize_mem(s, strlen(s), length, percent);
3404 }
3405
3406 int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gid, mode_t mode) {
3407 _cleanup_close_ int fd;
3408 int r;
3409
3410 assert(path);
3411
3412 if (parents)
3413 mkdir_parents(path, 0755);
3414
3415 fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, mode > 0 ? mode : 0644);
3416 if (fd < 0)
3417 return -errno;
3418
3419 if (mode > 0) {
3420 r = fchmod(fd, mode);
3421 if (r < 0)
3422 return -errno;
3423 }
3424
3425 if (uid != (uid_t) -1 || gid != (gid_t) -1) {
3426 r = fchown(fd, uid, gid);
3427 if (r < 0)
3428 return -errno;
3429 }
3430
3431 if (stamp != (usec_t) -1) {
3432 struct timespec ts[2];
3433
3434 timespec_store(&ts[0], stamp);
3435 ts[1] = ts[0];
3436 r = futimens(fd, ts);
3437 } else
3438 r = futimens(fd, NULL);
3439 if (r < 0)
3440 return -errno;
3441
3442 return 0;
3443 }
3444
3445 int touch(const char *path) {
3446 return touch_file(path, false, (usec_t) -1, (uid_t) -1, (gid_t) -1, 0);
3447 }
3448
3449 char *unquote(const char *s, const char* quotes) {
3450 size_t l;
3451 assert(s);
3452
3453 /* This is rather stupid, simply removes the heading and
3454 * trailing quotes if there is one. Doesn't care about
3455 * escaping or anything. We should make this smarter one
3456 * day...*/
3457
3458 l = strlen(s);
3459 if (l < 2)
3460 return strdup(s);
3461
3462 if (strchr(quotes, s[0]) && s[l-1] == s[0])
3463 return strndup(s+1, l-2);
3464
3465 return strdup(s);
3466 }
3467
3468 char *normalize_env_assignment(const char *s) {
3469 _cleanup_free_ char *name = NULL, *value = NULL, *p = NULL;
3470 char *eq, *r;
3471
3472 eq = strchr(s, '=');
3473 if (!eq) {
3474 char *t;
3475
3476 r = strdup(s);
3477 if (!r)
3478 return NULL;
3479
3480 t = strstrip(r);
3481 if (t == r)
3482 return r;
3483
3484 memmove(r, t, strlen(t) + 1);
3485 return r;
3486 }
3487
3488 name = strndup(s, eq - s);
3489 if (!name)
3490 return NULL;
3491
3492 p = strdup(eq + 1);
3493 if (!p)
3494 return NULL;
3495
3496 value = unquote(strstrip(p), QUOTES);
3497 if (!value)
3498 return NULL;
3499
3500 if (asprintf(&r, "%s=%s", strstrip(name), value) < 0)
3501 r = NULL;
3502
3503 return r;
3504 }
3505
3506 int wait_for_terminate(pid_t pid, siginfo_t *status) {
3507 siginfo_t dummy;
3508
3509 assert(pid >= 1);
3510
3511 if (!status)
3512 status = &dummy;
3513
3514 for (;;) {
3515 zero(*status);
3516
3517 if (waitid(P_PID, pid, status, WEXITED) < 0) {
3518
3519 if (errno == EINTR)
3520 continue;
3521
3522 return -errno;
3523 }
3524
3525 return 0;
3526 }
3527 }
3528
3529 /*
3530 * Return values:
3531 * < 0 : wait_for_terminate() failed to get the state of the
3532 * process, the process was terminated by a signal, or
3533 * failed for an unknown reason.
3534 * >=0 : The process terminated normally, and its exit code is
3535 * returned.
3536 *
3537 * That is, success is indicated by a return value of zero, and an
3538 * error is indicated by a non-zero value.
3539 */
3540 int wait_for_terminate_and_warn(const char *name, pid_t pid) {
3541 int r;
3542 siginfo_t status;
3543
3544 assert(name);
3545 assert(pid > 1);
3546
3547 r = wait_for_terminate(pid, &status);
3548 if (r < 0) {
3549 log_warning("Failed to wait for %s: %s", name, strerror(-r));
3550 return r;
3551 }
3552
3553 if (status.si_code == CLD_EXITED) {
3554 if (status.si_status != 0) {
3555 log_warning("%s failed with error code %i.", name, status.si_status);
3556 return status.si_status;
3557 }
3558
3559 log_debug("%s succeeded.", name);
3560 return 0;
3561
3562 } else if (status.si_code == CLD_KILLED ||
3563 status.si_code == CLD_DUMPED) {
3564
3565 log_warning("%s terminated by signal %s.", name, signal_to_string(status.si_status));
3566 return -EPROTO;
3567 }
3568
3569 log_warning("%s failed due to unknown reason.", name);
3570 return -EPROTO;
3571 }
3572
3573 noreturn void freeze(void) {
3574
3575 /* Make sure nobody waits for us on a socket anymore */
3576 close_all_fds(NULL, 0);
3577
3578 sync();
3579
3580 for (;;)
3581 pause();
3582 }
3583
3584 bool null_or_empty(struct stat *st) {
3585 assert(st);
3586
3587 if (S_ISREG(st->st_mode) && st->st_size <= 0)
3588 return true;
3589
3590 if (S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode))
3591 return true;
3592
3593 return false;
3594 }
3595
3596 int null_or_empty_path(const char *fn) {
3597 struct stat st;
3598
3599 assert(fn);
3600
3601 if (stat(fn, &st) < 0)
3602 return -errno;
3603
3604 return null_or_empty(&st);
3605 }
3606
3607 int null_or_empty_fd(int fd) {
3608 struct stat st;
3609
3610 assert(fd >= 0);
3611
3612 if (fstat(fd, &st) < 0)
3613 return -errno;
3614
3615 return null_or_empty(&st);
3616 }
3617
3618 DIR *xopendirat(int fd, const char *name, int flags) {
3619 int nfd;
3620 DIR *d;
3621
3622 assert(!(flags & O_CREAT));
3623
3624 nfd = openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|flags, 0);
3625 if (nfd < 0)
3626 return NULL;
3627
3628 d = fdopendir(nfd);
3629 if (!d) {
3630 safe_close(nfd);
3631 return NULL;
3632 }
3633
3634 return d;
3635 }
3636
3637 int signal_from_string_try_harder(const char *s) {
3638 int signo;
3639 assert(s);
3640
3641 signo = signal_from_string(s);
3642 if (signo <= 0)
3643 if (startswith(s, "SIG"))
3644 return signal_from_string(s+3);
3645
3646 return signo;
3647 }
3648
3649 static char *tag_to_udev_node(const char *tagvalue, const char *by) {
3650 _cleanup_free_ char *t = NULL, *u = NULL;
3651 size_t enc_len;
3652
3653 u = unquote(tagvalue, "\"\'");
3654 if (!u)
3655 return NULL;
3656
3657 enc_len = strlen(u) * 4 + 1;
3658 t = new(char, enc_len);
3659 if (!t)
3660 return NULL;
3661
3662 if (encode_devnode_name(u, t, enc_len) < 0)
3663 return NULL;
3664
3665 return strjoin("/dev/disk/by-", by, "/", t, NULL);
3666 }
3667
3668 char *fstab_node_to_udev_node(const char *p) {
3669 assert(p);
3670
3671 if (startswith(p, "LABEL="))
3672 return tag_to_udev_node(p+6, "label");
3673
3674 if (startswith(p, "UUID="))
3675 return tag_to_udev_node(p+5, "uuid");
3676
3677 if (startswith(p, "PARTUUID="))
3678 return tag_to_udev_node(p+9, "partuuid");
3679
3680 if (startswith(p, "PARTLABEL="))
3681 return tag_to_udev_node(p+10, "partlabel");
3682
3683 return strdup(p);
3684 }
3685
3686 bool tty_is_vc(const char *tty) {
3687 assert(tty);
3688
3689 return vtnr_from_tty(tty) >= 0;
3690 }
3691
3692 bool tty_is_console(const char *tty) {
3693 assert(tty);
3694
3695 if (startswith(tty, "/dev/"))
3696 tty += 5;
3697
3698 return streq(tty, "console");
3699 }
3700
3701 int vtnr_from_tty(const char *tty) {
3702 int i, r;
3703
3704 assert(tty);
3705
3706 if (startswith(tty, "/dev/"))
3707 tty += 5;
3708
3709 if (!startswith(tty, "tty") )
3710 return -EINVAL;
3711
3712 if (tty[3] < '0' || tty[3] > '9')
3713 return -EINVAL;
3714
3715 r = safe_atoi(tty+3, &i);
3716 if (r < 0)
3717 return r;
3718
3719 if (i < 0 || i > 63)
3720 return -EINVAL;
3721
3722 return i;
3723 }
3724
3725 char *resolve_dev_console(char **active) {
3726 char *tty;
3727
3728 /* Resolve where /dev/console is pointing to, if /sys is actually ours
3729 * (i.e. not read-only-mounted which is a sign for container setups) */
3730
3731 if (path_is_read_only_fs("/sys") > 0)
3732 return NULL;
3733
3734 if (read_one_line_file("/sys/class/tty/console/active", active) < 0)
3735 return NULL;
3736
3737 /* If multiple log outputs are configured the last one is what
3738 * /dev/console points to */
3739 tty = strrchr(*active, ' ');
3740 if (tty)
3741 tty++;
3742 else
3743 tty = *active;
3744
3745 if (streq(tty, "tty0")) {
3746 char *tmp;
3747
3748 /* Get the active VC (e.g. tty1) */
3749 if (read_one_line_file("/sys/class/tty/tty0/active", &tmp) >= 0) {
3750 free(*active);
3751 tty = *active = tmp;
3752 }
3753 }
3754
3755 return tty;
3756 }
3757
3758 bool tty_is_vc_resolve(const char *tty) {
3759 _cleanup_free_ char *active = NULL;
3760
3761 assert(tty);
3762
3763 if (startswith(tty, "/dev/"))
3764 tty += 5;
3765
3766 if (streq(tty, "console")) {
3767 tty = resolve_dev_console(&active);
3768 if (!tty)
3769 return false;
3770 }
3771
3772 return tty_is_vc(tty);
3773 }
3774
3775 const char *default_term_for_tty(const char *tty) {
3776 assert(tty);
3777
3778 return tty_is_vc_resolve(tty) ? "TERM=linux" : "TERM=vt102";
3779 }
3780
3781 bool dirent_is_file(const struct dirent *de) {
3782 assert(de);
3783
3784 if (ignore_file(de->d_name))
3785 return false;
3786
3787 if (de->d_type != DT_REG &&
3788 de->d_type != DT_LNK &&
3789 de->d_type != DT_UNKNOWN)
3790 return false;
3791
3792 return true;
3793 }
3794
3795 bool dirent_is_file_with_suffix(const struct dirent *de, const char *suffix) {
3796 assert(de);
3797
3798 if (de->d_type != DT_REG &&
3799 de->d_type != DT_LNK &&
3800 de->d_type != DT_UNKNOWN)
3801 return false;
3802
3803 if (ignore_file_allow_backup(de->d_name))
3804 return false;
3805
3806 return endswith(de->d_name, suffix);
3807 }
3808
3809 void execute_directory(const char *directory, DIR *d, usec_t timeout, char *argv[]) {
3810 pid_t executor_pid;
3811 int r;
3812
3813 assert(directory);
3814
3815 /* Executes all binaries in a directory in parallel and waits
3816 * for them to finish. Optionally a timeout is applied. */
3817
3818 executor_pid = fork();
3819 if (executor_pid < 0) {
3820 log_error("Failed to fork: %m");
3821 return;
3822
3823 } else if (executor_pid == 0) {
3824 _cleanup_hashmap_free_free_ Hashmap *pids = NULL;
3825 _cleanup_closedir_ DIR *_d = NULL;
3826 struct dirent *de;
3827 sigset_t ss;
3828
3829 /* We fork this all off from a child process so that
3830 * we can somewhat cleanly make use of SIGALRM to set
3831 * a time limit */
3832
3833 reset_all_signal_handlers();
3834
3835 assert_se(sigemptyset(&ss) == 0);
3836 assert_se(sigprocmask(SIG_SETMASK, &ss, NULL) == 0);
3837
3838 assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0);
3839
3840 if (!d) {
3841 d = _d = opendir(directory);
3842 if (!d) {
3843 if (errno == ENOENT)
3844 _exit(EXIT_SUCCESS);
3845
3846 log_error("Failed to enumerate directory %s: %m", directory);
3847 _exit(EXIT_FAILURE);
3848 }
3849 }
3850
3851 pids = hashmap_new(NULL, NULL);
3852 if (!pids) {
3853 log_oom();
3854 _exit(EXIT_FAILURE);
3855 }
3856
3857 FOREACH_DIRENT(de, d, break) {
3858 _cleanup_free_ char *path = NULL;
3859 pid_t pid;
3860
3861 if (!dirent_is_file(de))
3862 continue;
3863
3864 path = strjoin(directory, "/", de->d_name, NULL);
3865 if (!path) {
3866 log_oom();
3867 _exit(EXIT_FAILURE);
3868 }
3869
3870 pid = fork();
3871 if (pid < 0) {
3872 log_error("Failed to fork: %m");
3873 continue;
3874 } else if (pid == 0) {
3875 char *_argv[2];
3876
3877 assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0);
3878
3879 if (!argv) {
3880 _argv[0] = path;
3881 _argv[1] = NULL;
3882 argv = _argv;
3883 } else
3884 argv[0] = path;
3885
3886 execv(path, argv);
3887 log_error("Failed to execute %s: %m", path);
3888 _exit(EXIT_FAILURE);
3889 }
3890
3891
3892 log_debug("Spawned %s as " PID_FMT ".", path, pid);
3893
3894 r = hashmap_put(pids, UINT_TO_PTR(pid), path);
3895 if (r < 0) {
3896 log_oom();
3897 _exit(EXIT_FAILURE);
3898 }
3899
3900 path = NULL;
3901 }
3902
3903 /* Abort execution of this process after the
3904 * timout. We simply rely on SIGALRM as default action
3905 * terminating the process, and turn on alarm(). */
3906
3907 if (timeout != (usec_t) -1)
3908 alarm((timeout + USEC_PER_SEC - 1) / USEC_PER_SEC);
3909
3910 while (!hashmap_isempty(pids)) {
3911 _cleanup_free_ char *path = NULL;
3912 pid_t pid;
3913
3914 pid = PTR_TO_UINT(hashmap_first_key(pids));
3915 assert(pid > 0);
3916
3917 path = hashmap_remove(pids, UINT_TO_PTR(pid));
3918 assert(path);
3919
3920 wait_for_terminate_and_warn(path, pid);
3921 }
3922
3923 _exit(EXIT_SUCCESS);
3924 }
3925
3926 wait_for_terminate_and_warn(directory, executor_pid);
3927 }
3928
3929 int kill_and_sigcont(pid_t pid, int sig) {
3930 int r;
3931
3932 r = kill(pid, sig) < 0 ? -errno : 0;
3933
3934 if (r >= 0)
3935 kill(pid, SIGCONT);
3936
3937 return r;
3938 }
3939
3940 bool nulstr_contains(const char*nulstr, const char *needle) {
3941 const char *i;
3942
3943 if (!nulstr)
3944 return false;
3945
3946 NULSTR_FOREACH(i, nulstr)
3947 if (streq(i, needle))
3948 return true;
3949
3950 return false;
3951 }
3952
3953 bool plymouth_running(void) {
3954 return access("/run/plymouth/pid", F_OK) >= 0;
3955 }
3956
3957 char* strshorten(char *s, size_t l) {
3958 assert(s);
3959
3960 if (l < strlen(s))
3961 s[l] = 0;
3962
3963 return s;
3964 }
3965
3966 static bool hostname_valid_char(char c) {
3967 return
3968 (c >= 'a' && c <= 'z') ||
3969 (c >= 'A' && c <= 'Z') ||
3970 (c >= '0' && c <= '9') ||
3971 c == '-' ||
3972 c == '_' ||
3973 c == '.';
3974 }
3975
3976 bool hostname_is_valid(const char *s) {
3977 const char *p;
3978 bool dot;
3979
3980 if (isempty(s))
3981 return false;
3982
3983 for (p = s, dot = true; *p; p++) {
3984 if (*p == '.') {
3985 if (dot)
3986 return false;
3987
3988 dot = true;
3989 } else {
3990 if (!hostname_valid_char(*p))
3991 return false;
3992
3993 dot = false;
3994 }
3995 }
3996
3997 if (dot)
3998 return false;
3999
4000 if (p-s > HOST_NAME_MAX)
4001 return false;
4002
4003 return true;
4004 }
4005
4006 char* hostname_cleanup(char *s, bool lowercase) {
4007 char *p, *d;
4008 bool dot;
4009
4010 for (p = s, d = s, dot = true; *p; p++) {
4011 if (*p == '.') {
4012 if (dot)
4013 continue;
4014
4015 *(d++) = '.';
4016 dot = true;
4017 } else if (hostname_valid_char(*p)) {
4018 *(d++) = lowercase ? tolower(*p) : *p;
4019 dot = false;
4020 }
4021
4022 }
4023
4024 if (dot && d > s)
4025 d[-1] = 0;
4026 else
4027 *d = 0;
4028
4029 strshorten(s, HOST_NAME_MAX);
4030
4031 return s;
4032 }
4033
4034 bool machine_name_is_valid(const char *s) {
4035
4036 if (!hostname_is_valid(s))
4037 return false;
4038
4039 /* Machine names should be useful hostnames, but also be
4040 * useful in unit names, hence we enforce a stricter length
4041 * limitation. */
4042
4043 if (strlen(s) > 64)
4044 return false;
4045
4046 return true;
4047 }
4048
4049 int pipe_eof(int fd) {
4050 struct pollfd pollfd = {
4051 .fd = fd,
4052 .events = POLLIN|POLLHUP,
4053 };
4054
4055 int r;
4056
4057 r = poll(&pollfd, 1, 0);
4058 if (r < 0)
4059 return -errno;
4060
4061 if (r == 0)
4062 return 0;
4063
4064 return pollfd.revents & POLLHUP;
4065 }
4066
4067 int fd_wait_for_event(int fd, int event, usec_t t) {
4068
4069 struct pollfd pollfd = {
4070 .fd = fd,
4071 .events = event,
4072 };
4073
4074 struct timespec ts;
4075 int r;
4076
4077 r = ppoll(&pollfd, 1, t == (usec_t) -1 ? NULL : timespec_store(&ts, t), NULL);
4078 if (r < 0)
4079 return -errno;
4080
4081 if (r == 0)
4082 return 0;
4083
4084 return pollfd.revents;
4085 }
4086
4087 int fopen_temporary(const char *path, FILE **_f, char **_temp_path) {
4088 FILE *f;
4089 char *t;
4090 int fd;
4091
4092 assert(path);
4093 assert(_f);
4094 assert(_temp_path);
4095
4096 t = tempfn_xxxxxx(path);
4097 if (!t)
4098 return -ENOMEM;
4099
4100 fd = mkostemp_safe(t, O_WRONLY|O_CLOEXEC);
4101 if (fd < 0) {
4102 free(t);
4103 return -errno;
4104 }
4105
4106 f = fdopen(fd, "we");
4107 if (!f) {
4108 unlink(t);
4109 free(t);
4110 return -errno;
4111 }
4112
4113 *_f = f;
4114 *_temp_path = t;
4115
4116 return 0;
4117 }
4118
4119 int terminal_vhangup_fd(int fd) {
4120 assert(fd >= 0);
4121
4122 if (ioctl(fd, TIOCVHANGUP) < 0)
4123 return -errno;
4124
4125 return 0;
4126 }
4127
4128 int terminal_vhangup(const char *name) {
4129 _cleanup_close_ int fd;
4130
4131 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4132 if (fd < 0)
4133 return fd;
4134
4135 return terminal_vhangup_fd(fd);
4136 }
4137
4138 int vt_disallocate(const char *name) {
4139 int fd, r;
4140 unsigned u;
4141
4142 /* Deallocate the VT if possible. If not possible
4143 * (i.e. because it is the active one), at least clear it
4144 * entirely (including the scrollback buffer) */
4145
4146 if (!startswith(name, "/dev/"))
4147 return -EINVAL;
4148
4149 if (!tty_is_vc(name)) {
4150 /* So this is not a VT. I guess we cannot deallocate
4151 * it then. But let's at least clear the screen */
4152
4153 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4154 if (fd < 0)
4155 return fd;
4156
4157 loop_write(fd,
4158 "\033[r" /* clear scrolling region */
4159 "\033[H" /* move home */
4160 "\033[2J", /* clear screen */
4161 10, false);
4162 safe_close(fd);
4163
4164 return 0;
4165 }
4166
4167 if (!startswith(name, "/dev/tty"))
4168 return -EINVAL;
4169
4170 r = safe_atou(name+8, &u);
4171 if (r < 0)
4172 return r;
4173
4174 if (u <= 0)
4175 return -EINVAL;
4176
4177 /* Try to deallocate */
4178 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
4179 if (fd < 0)
4180 return fd;
4181
4182 r = ioctl(fd, VT_DISALLOCATE, u);
4183 safe_close(fd);
4184
4185 if (r >= 0)
4186 return 0;
4187
4188 if (errno != EBUSY)
4189 return -errno;
4190
4191 /* Couldn't deallocate, so let's clear it fully with
4192 * scrollback */
4193 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4194 if (fd < 0)
4195 return fd;
4196
4197 loop_write(fd,
4198 "\033[r" /* clear scrolling region */
4199 "\033[H" /* move home */
4200 "\033[3J", /* clear screen including scrollback, requires Linux 2.6.40 */
4201 10, false);
4202 safe_close(fd);
4203
4204 return 0;
4205 }
4206
4207 int symlink_atomic(const char *from, const char *to) {
4208 _cleanup_free_ char *t = NULL;
4209
4210 assert(from);
4211 assert(to);
4212
4213 t = tempfn_random(to);
4214 if (!t)
4215 return -ENOMEM;
4216
4217 if (symlink(from, t) < 0)
4218 return -errno;
4219
4220 if (rename(t, to) < 0) {
4221 unlink_noerrno(t);
4222 return -errno;
4223 }
4224
4225 return 0;
4226 }
4227
4228 int mknod_atomic(const char *path, mode_t mode, dev_t dev) {
4229 _cleanup_free_ char *t = NULL;
4230
4231 assert(path);
4232
4233 t = tempfn_random(path);
4234 if (!t)
4235 return -ENOMEM;
4236
4237 if (mknod(t, mode, dev) < 0)
4238 return -errno;
4239
4240 if (rename(t, path) < 0) {
4241 unlink_noerrno(t);
4242 return -errno;
4243 }
4244
4245 return 0;
4246 }
4247
4248 int mkfifo_atomic(const char *path, mode_t mode) {
4249 _cleanup_free_ char *t = NULL;
4250
4251 assert(path);
4252
4253 t = tempfn_random(path);
4254 if (!t)
4255 return -ENOMEM;
4256
4257 if (mkfifo(t, mode) < 0)
4258 return -errno;
4259
4260 if (rename(t, path) < 0) {
4261 unlink_noerrno(t);
4262 return -errno;
4263 }
4264
4265 return 0;
4266 }
4267
4268 bool display_is_local(const char *display) {
4269 assert(display);
4270
4271 return
4272 display[0] == ':' &&
4273 display[1] >= '0' &&
4274 display[1] <= '9';
4275 }
4276
4277 int socket_from_display(const char *display, char **path) {
4278 size_t k;
4279 char *f, *c;
4280
4281 assert(display);
4282 assert(path);
4283
4284 if (!display_is_local(display))
4285 return -EINVAL;
4286
4287 k = strspn(display+1, "0123456789");
4288
4289 f = new(char, strlen("/tmp/.X11-unix/X") + k + 1);
4290 if (!f)
4291 return -ENOMEM;
4292
4293 c = stpcpy(f, "/tmp/.X11-unix/X");
4294 memcpy(c, display+1, k);
4295 c[k] = 0;
4296
4297 *path = f;
4298
4299 return 0;
4300 }
4301
4302 int get_user_creds(
4303 const char **username,
4304 uid_t *uid, gid_t *gid,
4305 const char **home,
4306 const char **shell) {
4307
4308 struct passwd *p;
4309 uid_t u;
4310
4311 assert(username);
4312 assert(*username);
4313
4314 /* We enforce some special rules for uid=0: in order to avoid
4315 * NSS lookups for root we hardcode its data. */
4316
4317 if (streq(*username, "root") || streq(*username, "0")) {
4318 *username = "root";
4319
4320 if (uid)
4321 *uid = 0;
4322
4323 if (gid)
4324 *gid = 0;
4325
4326 if (home)
4327 *home = "/root";
4328
4329 if (shell)
4330 *shell = "/bin/sh";
4331
4332 return 0;
4333 }
4334
4335 if (parse_uid(*username, &u) >= 0) {
4336 errno = 0;
4337 p = getpwuid(u);
4338
4339 /* If there are multiple users with the same id, make
4340 * sure to leave $USER to the configured value instead
4341 * of the first occurrence in the database. However if
4342 * the uid was configured by a numeric uid, then let's
4343 * pick the real username from /etc/passwd. */
4344 if (p)
4345 *username = p->pw_name;
4346 } else {
4347 errno = 0;
4348 p = getpwnam(*username);
4349 }
4350
4351 if (!p)
4352 return errno > 0 ? -errno : -ESRCH;
4353
4354 if (uid)
4355 *uid = p->pw_uid;
4356
4357 if (gid)
4358 *gid = p->pw_gid;
4359
4360 if (home)
4361 *home = p->pw_dir;
4362
4363 if (shell)
4364 *shell = p->pw_shell;
4365
4366 return 0;
4367 }
4368
4369 char* uid_to_name(uid_t uid) {
4370 struct passwd *p;
4371 char *r;
4372
4373 if (uid == 0)
4374 return strdup("root");
4375
4376 p = getpwuid(uid);
4377 if (p)
4378 return strdup(p->pw_name);
4379
4380 if (asprintf(&r, UID_FMT, uid) < 0)
4381 return NULL;
4382
4383 return r;
4384 }
4385
4386 char* gid_to_name(gid_t gid) {
4387 struct group *p;
4388 char *r;
4389
4390 if (gid == 0)
4391 return strdup("root");
4392
4393 p = getgrgid(gid);
4394 if (p)
4395 return strdup(p->gr_name);
4396
4397 if (asprintf(&r, GID_FMT, gid) < 0)
4398 return NULL;
4399
4400 return r;
4401 }
4402
4403 int get_group_creds(const char **groupname, gid_t *gid) {
4404 struct group *g;
4405 gid_t id;
4406
4407 assert(groupname);
4408
4409 /* We enforce some special rules for gid=0: in order to avoid
4410 * NSS lookups for root we hardcode its data. */
4411
4412 if (streq(*groupname, "root") || streq(*groupname, "0")) {
4413 *groupname = "root";
4414
4415 if (gid)
4416 *gid = 0;
4417
4418 return 0;
4419 }
4420
4421 if (parse_gid(*groupname, &id) >= 0) {
4422 errno = 0;
4423 g = getgrgid(id);
4424
4425 if (g)
4426 *groupname = g->gr_name;
4427 } else {
4428 errno = 0;
4429 g = getgrnam(*groupname);
4430 }
4431
4432 if (!g)
4433 return errno > 0 ? -errno : -ESRCH;
4434
4435 if (gid)
4436 *gid = g->gr_gid;
4437
4438 return 0;
4439 }
4440
4441 int in_gid(gid_t gid) {
4442 gid_t *gids;
4443 int ngroups_max, r, i;
4444
4445 if (getgid() == gid)
4446 return 1;
4447
4448 if (getegid() == gid)
4449 return 1;
4450
4451 ngroups_max = sysconf(_SC_NGROUPS_MAX);
4452 assert(ngroups_max > 0);
4453
4454 gids = alloca(sizeof(gid_t) * ngroups_max);
4455
4456 r = getgroups(ngroups_max, gids);
4457 if (r < 0)
4458 return -errno;
4459
4460 for (i = 0; i < r; i++)
4461 if (gids[i] == gid)
4462 return 1;
4463
4464 return 0;
4465 }
4466
4467 int in_group(const char *name) {
4468 int r;
4469 gid_t gid;
4470
4471 r = get_group_creds(&name, &gid);
4472 if (r < 0)
4473 return r;
4474
4475 return in_gid(gid);
4476 }
4477
4478 int glob_exists(const char *path) {
4479 _cleanup_globfree_ glob_t g = {};
4480 int k;
4481
4482 assert(path);
4483
4484 errno = 0;
4485 k = glob(path, GLOB_NOSORT|GLOB_BRACE, NULL, &g);
4486
4487 if (k == GLOB_NOMATCH)
4488 return 0;
4489 else if (k == GLOB_NOSPACE)
4490 return -ENOMEM;
4491 else if (k == 0)
4492 return !strv_isempty(g.gl_pathv);
4493 else
4494 return errno ? -errno : -EIO;
4495 }
4496
4497 int glob_extend(char ***strv, const char *path) {
4498 _cleanup_globfree_ glob_t g = {};
4499 int k;
4500 char **p;
4501
4502 errno = 0;
4503 k = glob(path, GLOB_NOSORT|GLOB_BRACE, NULL, &g);
4504
4505 if (k == GLOB_NOMATCH)
4506 return -ENOENT;
4507 else if (k == GLOB_NOSPACE)
4508 return -ENOMEM;
4509 else if (k != 0 || strv_isempty(g.gl_pathv))
4510 return errno ? -errno : -EIO;
4511
4512 STRV_FOREACH(p, g.gl_pathv) {
4513 k = strv_extend(strv, *p);
4514 if (k < 0)
4515 break;
4516 }
4517
4518 return k;
4519 }
4520
4521 int dirent_ensure_type(DIR *d, struct dirent *de) {
4522 struct stat st;
4523
4524 assert(d);
4525 assert(de);
4526
4527 if (de->d_type != DT_UNKNOWN)
4528 return 0;
4529
4530 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
4531 return -errno;
4532
4533 de->d_type =
4534 S_ISREG(st.st_mode) ? DT_REG :
4535 S_ISDIR(st.st_mode) ? DT_DIR :
4536 S_ISLNK(st.st_mode) ? DT_LNK :
4537 S_ISFIFO(st.st_mode) ? DT_FIFO :
4538 S_ISSOCK(st.st_mode) ? DT_SOCK :
4539 S_ISCHR(st.st_mode) ? DT_CHR :
4540 S_ISBLK(st.st_mode) ? DT_BLK :
4541 DT_UNKNOWN;
4542
4543 return 0;
4544 }
4545
4546 int get_files_in_directory(const char *path, char ***list) {
4547 _cleanup_closedir_ DIR *d = NULL;
4548 size_t bufsize = 0, n = 0;
4549 _cleanup_strv_free_ char **l = NULL;
4550
4551 assert(path);
4552
4553 /* Returns all files in a directory in *list, and the number
4554 * of files as return value. If list is NULL returns only the
4555 * number. */
4556
4557 d = opendir(path);
4558 if (!d)
4559 return -errno;
4560
4561 for (;;) {
4562 struct dirent *de;
4563
4564 errno = 0;
4565 de = readdir(d);
4566 if (!de && errno != 0)
4567 return -errno;
4568 if (!de)
4569 break;
4570
4571 dirent_ensure_type(d, de);
4572
4573 if (!dirent_is_file(de))
4574 continue;
4575
4576 if (list) {
4577 /* one extra slot is needed for the terminating NULL */
4578 if (!GREEDY_REALLOC(l, bufsize, n + 2))
4579 return -ENOMEM;
4580
4581 l[n] = strdup(de->d_name);
4582 if (!l[n])
4583 return -ENOMEM;
4584
4585 l[++n] = NULL;
4586 } else
4587 n++;
4588 }
4589
4590 if (list) {
4591 *list = l;
4592 l = NULL; /* avoid freeing */
4593 }
4594
4595 return n;
4596 }
4597
4598 char *strjoin(const char *x, ...) {
4599 va_list ap;
4600 size_t l;
4601 char *r, *p;
4602
4603 va_start(ap, x);
4604
4605 if (x) {
4606 l = strlen(x);
4607
4608 for (;;) {
4609 const char *t;
4610 size_t n;
4611
4612 t = va_arg(ap, const char *);
4613 if (!t)
4614 break;
4615
4616 n = strlen(t);
4617 if (n > ((size_t) -1) - l) {
4618 va_end(ap);
4619 return NULL;
4620 }
4621
4622 l += n;
4623 }
4624 } else
4625 l = 0;
4626
4627 va_end(ap);
4628
4629 r = new(char, l+1);
4630 if (!r)
4631 return NULL;
4632
4633 if (x) {
4634 p = stpcpy(r, x);
4635
4636 va_start(ap, x);
4637
4638 for (;;) {
4639 const char *t;
4640
4641 t = va_arg(ap, const char *);
4642 if (!t)
4643 break;
4644
4645 p = stpcpy(p, t);
4646 }
4647
4648 va_end(ap);
4649 } else
4650 r[0] = 0;
4651
4652 return r;
4653 }
4654
4655 bool is_main_thread(void) {
4656 static thread_local int cached = 0;
4657
4658 if (_unlikely_(cached == 0))
4659 cached = getpid() == gettid() ? 1 : -1;
4660
4661 return cached > 0;
4662 }
4663
4664 int block_get_whole_disk(dev_t d, dev_t *ret) {
4665 char *p, *s;
4666 int r;
4667 unsigned n, m;
4668
4669 assert(ret);
4670
4671 /* If it has a queue this is good enough for us */
4672 if (asprintf(&p, "/sys/dev/block/%u:%u/queue", major(d), minor(d)) < 0)
4673 return -ENOMEM;
4674
4675 r = access(p, F_OK);
4676 free(p);
4677
4678 if (r >= 0) {
4679 *ret = d;
4680 return 0;
4681 }
4682
4683 /* If it is a partition find the originating device */
4684 if (asprintf(&p, "/sys/dev/block/%u:%u/partition", major(d), minor(d)) < 0)
4685 return -ENOMEM;
4686
4687 r = access(p, F_OK);
4688 free(p);
4689
4690 if (r < 0)
4691 return -ENOENT;
4692
4693 /* Get parent dev_t */
4694 if (asprintf(&p, "/sys/dev/block/%u:%u/../dev", major(d), minor(d)) < 0)
4695 return -ENOMEM;
4696
4697 r = read_one_line_file(p, &s);
4698 free(p);
4699
4700 if (r < 0)
4701 return r;
4702
4703 r = sscanf(s, "%u:%u", &m, &n);
4704 free(s);
4705
4706 if (r != 2)
4707 return -EINVAL;
4708
4709 /* Only return this if it is really good enough for us. */
4710 if (asprintf(&p, "/sys/dev/block/%u:%u/queue", m, n) < 0)
4711 return -ENOMEM;
4712
4713 r = access(p, F_OK);
4714 free(p);
4715
4716 if (r >= 0) {
4717 *ret = makedev(m, n);
4718 return 0;
4719 }
4720
4721 return -ENOENT;
4722 }
4723
4724 int file_is_priv_sticky(const char *p) {
4725 struct stat st;
4726
4727 assert(p);
4728
4729 if (lstat(p, &st) < 0)
4730 return -errno;
4731
4732 return
4733 (st.st_uid == 0 || st.st_uid == getuid()) &&
4734 (st.st_mode & S_ISVTX);
4735 }
4736
4737 static const char *const ioprio_class_table[] = {
4738 [IOPRIO_CLASS_NONE] = "none",
4739 [IOPRIO_CLASS_RT] = "realtime",
4740 [IOPRIO_CLASS_BE] = "best-effort",
4741 [IOPRIO_CLASS_IDLE] = "idle"
4742 };
4743
4744 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ioprio_class, int, INT_MAX);
4745
4746 static const char *const sigchld_code_table[] = {
4747 [CLD_EXITED] = "exited",
4748 [CLD_KILLED] = "killed",
4749 [CLD_DUMPED] = "dumped",
4750 [CLD_TRAPPED] = "trapped",
4751 [CLD_STOPPED] = "stopped",
4752 [CLD_CONTINUED] = "continued",
4753 };
4754
4755 DEFINE_STRING_TABLE_LOOKUP(sigchld_code, int);
4756
4757 static const char *const log_facility_unshifted_table[LOG_NFACILITIES] = {
4758 [LOG_FAC(LOG_KERN)] = "kern",
4759 [LOG_FAC(LOG_USER)] = "user",
4760 [LOG_FAC(LOG_MAIL)] = "mail",
4761 [LOG_FAC(LOG_DAEMON)] = "daemon",
4762 [LOG_FAC(LOG_AUTH)] = "auth",
4763 [LOG_FAC(LOG_SYSLOG)] = "syslog",
4764 [LOG_FAC(LOG_LPR)] = "lpr",
4765 [LOG_FAC(LOG_NEWS)] = "news",
4766 [LOG_FAC(LOG_UUCP)] = "uucp",
4767 [LOG_FAC(LOG_CRON)] = "cron",
4768 [LOG_FAC(LOG_AUTHPRIV)] = "authpriv",
4769 [LOG_FAC(LOG_FTP)] = "ftp",
4770 [LOG_FAC(LOG_LOCAL0)] = "local0",
4771 [LOG_FAC(LOG_LOCAL1)] = "local1",
4772 [LOG_FAC(LOG_LOCAL2)] = "local2",
4773 [LOG_FAC(LOG_LOCAL3)] = "local3",
4774 [LOG_FAC(LOG_LOCAL4)] = "local4",
4775 [LOG_FAC(LOG_LOCAL5)] = "local5",
4776 [LOG_FAC(LOG_LOCAL6)] = "local6",
4777 [LOG_FAC(LOG_LOCAL7)] = "local7"
4778 };
4779
4780 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_facility_unshifted, int, LOG_FAC(~0));
4781
4782 static const char *const log_level_table[] = {
4783 [LOG_EMERG] = "emerg",
4784 [LOG_ALERT] = "alert",
4785 [LOG_CRIT] = "crit",
4786 [LOG_ERR] = "err",
4787 [LOG_WARNING] = "warning",
4788 [LOG_NOTICE] = "notice",
4789 [LOG_INFO] = "info",
4790 [LOG_DEBUG] = "debug"
4791 };
4792
4793 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_level, int, LOG_DEBUG);
4794
4795 static const char* const sched_policy_table[] = {
4796 [SCHED_OTHER] = "other",
4797 [SCHED_BATCH] = "batch",
4798 [SCHED_IDLE] = "idle",
4799 [SCHED_FIFO] = "fifo",
4800 [SCHED_RR] = "rr"
4801 };
4802
4803 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(sched_policy, int, INT_MAX);
4804
4805 static const char* const rlimit_table[_RLIMIT_MAX] = {
4806 [RLIMIT_CPU] = "LimitCPU",
4807 [RLIMIT_FSIZE] = "LimitFSIZE",
4808 [RLIMIT_DATA] = "LimitDATA",
4809 [RLIMIT_STACK] = "LimitSTACK",
4810 [RLIMIT_CORE] = "LimitCORE",
4811 [RLIMIT_RSS] = "LimitRSS",
4812 [RLIMIT_NOFILE] = "LimitNOFILE",
4813 [RLIMIT_AS] = "LimitAS",
4814 [RLIMIT_NPROC] = "LimitNPROC",
4815 [RLIMIT_MEMLOCK] = "LimitMEMLOCK",
4816 [RLIMIT_LOCKS] = "LimitLOCKS",
4817 [RLIMIT_SIGPENDING] = "LimitSIGPENDING",
4818 [RLIMIT_MSGQUEUE] = "LimitMSGQUEUE",
4819 [RLIMIT_NICE] = "LimitNICE",
4820 [RLIMIT_RTPRIO] = "LimitRTPRIO",
4821 [RLIMIT_RTTIME] = "LimitRTTIME"
4822 };
4823
4824 DEFINE_STRING_TABLE_LOOKUP(rlimit, int);
4825
4826 static const char* const ip_tos_table[] = {
4827 [IPTOS_LOWDELAY] = "low-delay",
4828 [IPTOS_THROUGHPUT] = "throughput",
4829 [IPTOS_RELIABILITY] = "reliability",
4830 [IPTOS_LOWCOST] = "low-cost",
4831 };
4832
4833 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ip_tos, int, 0xff);
4834
4835 static const char *const __signal_table[] = {
4836 [SIGHUP] = "HUP",
4837 [SIGINT] = "INT",
4838 [SIGQUIT] = "QUIT",
4839 [SIGILL] = "ILL",
4840 [SIGTRAP] = "TRAP",
4841 [SIGABRT] = "ABRT",
4842 [SIGBUS] = "BUS",
4843 [SIGFPE] = "FPE",
4844 [SIGKILL] = "KILL",
4845 [SIGUSR1] = "USR1",
4846 [SIGSEGV] = "SEGV",
4847 [SIGUSR2] = "USR2",
4848 [SIGPIPE] = "PIPE",
4849 [SIGALRM] = "ALRM",
4850 [SIGTERM] = "TERM",
4851 #ifdef SIGSTKFLT
4852 [SIGSTKFLT] = "STKFLT", /* Linux on SPARC doesn't know SIGSTKFLT */
4853 #endif
4854 [SIGCHLD] = "CHLD",
4855 [SIGCONT] = "CONT",
4856 [SIGSTOP] = "STOP",
4857 [SIGTSTP] = "TSTP",
4858 [SIGTTIN] = "TTIN",
4859 [SIGTTOU] = "TTOU",
4860 [SIGURG] = "URG",
4861 [SIGXCPU] = "XCPU",
4862 [SIGXFSZ] = "XFSZ",
4863 [SIGVTALRM] = "VTALRM",
4864 [SIGPROF] = "PROF",
4865 [SIGWINCH] = "WINCH",
4866 [SIGIO] = "IO",
4867 [SIGPWR] = "PWR",
4868 [SIGSYS] = "SYS"
4869 };
4870
4871 DEFINE_PRIVATE_STRING_TABLE_LOOKUP(__signal, int);
4872
4873 const char *signal_to_string(int signo) {
4874 static thread_local char buf[sizeof("RTMIN+")-1 + DECIMAL_STR_MAX(int) + 1];
4875 const char *name;
4876
4877 name = __signal_to_string(signo);
4878 if (name)
4879 return name;
4880
4881 if (signo >= SIGRTMIN && signo <= SIGRTMAX)
4882 snprintf(buf, sizeof(buf), "RTMIN+%d", signo - SIGRTMIN);
4883 else
4884 snprintf(buf, sizeof(buf), "%d", signo);
4885
4886 return buf;
4887 }
4888
4889 int signal_from_string(const char *s) {
4890 int signo;
4891 int offset = 0;
4892 unsigned u;
4893
4894 signo = __signal_from_string(s);
4895 if (signo > 0)
4896 return signo;
4897
4898 if (startswith(s, "RTMIN+")) {
4899 s += 6;
4900 offset = SIGRTMIN;
4901 }
4902 if (safe_atou(s, &u) >= 0) {
4903 signo = (int) u + offset;
4904 if (signo > 0 && signo < _NSIG)
4905 return signo;
4906 }
4907 return -1;
4908 }
4909
4910 bool kexec_loaded(void) {
4911 bool loaded = false;
4912 char *s;
4913
4914 if (read_one_line_file("/sys/kernel/kexec_loaded", &s) >= 0) {
4915 if (s[0] == '1')
4916 loaded = true;
4917 free(s);
4918 }
4919 return loaded;
4920 }
4921
4922 int strdup_or_null(const char *a, char **b) {
4923 char *c;
4924
4925 assert(b);
4926
4927 if (!a) {
4928 *b = NULL;
4929 return 0;
4930 }
4931
4932 c = strdup(a);
4933 if (!c)
4934 return -ENOMEM;
4935
4936 *b = c;
4937 return 0;
4938 }
4939
4940 int prot_from_flags(int flags) {
4941
4942 switch (flags & O_ACCMODE) {
4943
4944 case O_RDONLY:
4945 return PROT_READ;
4946
4947 case O_WRONLY:
4948 return PROT_WRITE;
4949
4950 case O_RDWR:
4951 return PROT_READ|PROT_WRITE;
4952
4953 default:
4954 return -EINVAL;
4955 }
4956 }
4957
4958 char *format_bytes(char *buf, size_t l, off_t t) {
4959 unsigned i;
4960
4961 static const struct {
4962 const char *suffix;
4963 off_t factor;
4964 } table[] = {
4965 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
4966 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
4967 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
4968 { "G", 1024ULL*1024ULL*1024ULL },
4969 { "M", 1024ULL*1024ULL },
4970 { "K", 1024ULL },
4971 };
4972
4973 for (i = 0; i < ELEMENTSOF(table); i++) {
4974
4975 if (t >= table[i].factor) {
4976 snprintf(buf, l,
4977 "%llu.%llu%s",
4978 (unsigned long long) (t / table[i].factor),
4979 (unsigned long long) (((t*10ULL) / table[i].factor) % 10ULL),
4980 table[i].suffix);
4981
4982 goto finish;
4983 }
4984 }
4985
4986 snprintf(buf, l, "%lluB", (unsigned long long) t);
4987
4988 finish:
4989 buf[l-1] = 0;
4990 return buf;
4991
4992 }
4993
4994 void* memdup(const void *p, size_t l) {
4995 void *r;
4996
4997 assert(p);
4998
4999 r = malloc(l);
5000 if (!r)
5001 return NULL;
5002
5003 memcpy(r, p, l);
5004 return r;
5005 }
5006
5007 int fd_inc_sndbuf(int fd, size_t n) {
5008 int r, value;
5009 socklen_t l = sizeof(value);
5010
5011 r = getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, &l);
5012 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
5013 return 0;
5014
5015 /* If we have the privileges we will ignore the kernel limit. */
5016
5017 value = (int) n;
5018 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
5019 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
5020 return -errno;
5021
5022 return 1;
5023 }
5024
5025 int fd_inc_rcvbuf(int fd, size_t n) {
5026 int r, value;
5027 socklen_t l = sizeof(value);
5028
5029 r = getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, &l);
5030 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
5031 return 0;
5032
5033 /* If we have the privileges we will ignore the kernel limit. */
5034
5035 value = (int) n;
5036 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
5037 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
5038 return -errno;
5039 return 1;
5040 }
5041
5042 int fork_agent(pid_t *pid, const int except[], unsigned n_except, const char *path, ...) {
5043 pid_t parent_pid, agent_pid;
5044 int fd;
5045 bool stdout_is_tty, stderr_is_tty;
5046 unsigned n, i;
5047 va_list ap;
5048 char **l;
5049
5050 assert(pid);
5051 assert(path);
5052
5053 parent_pid = getpid();
5054
5055 /* Spawns a temporary TTY agent, making sure it goes away when
5056 * we go away */
5057
5058 agent_pid = fork();
5059 if (agent_pid < 0)
5060 return -errno;
5061
5062 if (agent_pid != 0) {
5063 *pid = agent_pid;
5064 return 0;
5065 }
5066
5067 /* In the child:
5068 *
5069 * Make sure the agent goes away when the parent dies */
5070 if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0)
5071 _exit(EXIT_FAILURE);
5072
5073 /* Check whether our parent died before we were able
5074 * to set the death signal */
5075 if (getppid() != parent_pid)
5076 _exit(EXIT_SUCCESS);
5077
5078 /* Don't leak fds to the agent */
5079 close_all_fds(except, n_except);
5080
5081 stdout_is_tty = isatty(STDOUT_FILENO);
5082 stderr_is_tty = isatty(STDERR_FILENO);
5083
5084 if (!stdout_is_tty || !stderr_is_tty) {
5085 /* Detach from stdout/stderr. and reopen
5086 * /dev/tty for them. This is important to
5087 * ensure that when systemctl is started via
5088 * popen() or a similar call that expects to
5089 * read EOF we actually do generate EOF and
5090 * not delay this indefinitely by because we
5091 * keep an unused copy of stdin around. */
5092 fd = open("/dev/tty", O_WRONLY);
5093 if (fd < 0) {
5094 log_error("Failed to open /dev/tty: %m");
5095 _exit(EXIT_FAILURE);
5096 }
5097
5098 if (!stdout_is_tty)
5099 dup2(fd, STDOUT_FILENO);
5100
5101 if (!stderr_is_tty)
5102 dup2(fd, STDERR_FILENO);
5103
5104 if (fd > 2)
5105 close(fd);
5106 }
5107
5108 /* Count arguments */
5109 va_start(ap, path);
5110 for (n = 0; va_arg(ap, char*); n++)
5111 ;
5112 va_end(ap);
5113
5114 /* Allocate strv */
5115 l = alloca(sizeof(char *) * (n + 1));
5116
5117 /* Fill in arguments */
5118 va_start(ap, path);
5119 for (i = 0; i <= n; i++)
5120 l[i] = va_arg(ap, char*);
5121 va_end(ap);
5122
5123 execv(path, l);
5124 _exit(EXIT_FAILURE);
5125 }
5126
5127 int setrlimit_closest(int resource, const struct rlimit *rlim) {
5128 struct rlimit highest, fixed;
5129
5130 assert(rlim);
5131
5132 if (setrlimit(resource, rlim) >= 0)
5133 return 0;
5134
5135 if (errno != EPERM)
5136 return -errno;
5137
5138 /* So we failed to set the desired setrlimit, then let's try
5139 * to get as close as we can */
5140 assert_se(getrlimit(resource, &highest) == 0);
5141
5142 fixed.rlim_cur = MIN(rlim->rlim_cur, highest.rlim_max);
5143 fixed.rlim_max = MIN(rlim->rlim_max, highest.rlim_max);
5144
5145 if (setrlimit(resource, &fixed) < 0)
5146 return -errno;
5147
5148 return 0;
5149 }
5150
5151 int getenv_for_pid(pid_t pid, const char *field, char **_value) {
5152 _cleanup_fclose_ FILE *f = NULL;
5153 char *value = NULL;
5154 int r;
5155 bool done = false;
5156 size_t l;
5157 const char *path;
5158
5159 assert(pid >= 0);
5160 assert(field);
5161 assert(_value);
5162
5163 path = procfs_file_alloca(pid, "environ");
5164
5165 f = fopen(path, "re");
5166 if (!f)
5167 return -errno;
5168
5169 l = strlen(field);
5170 r = 0;
5171
5172 do {
5173 char line[LINE_MAX];
5174 unsigned i;
5175
5176 for (i = 0; i < sizeof(line)-1; i++) {
5177 int c;
5178
5179 c = getc(f);
5180 if (_unlikely_(c == EOF)) {
5181 done = true;
5182 break;
5183 } else if (c == 0)
5184 break;
5185
5186 line[i] = c;
5187 }
5188 line[i] = 0;
5189
5190 if (memcmp(line, field, l) == 0 && line[l] == '=') {
5191 value = strdup(line + l + 1);
5192 if (!value)
5193 return -ENOMEM;
5194
5195 r = 1;
5196 break;
5197 }
5198
5199 } while (!done);
5200
5201 *_value = value;
5202 return r;
5203 }
5204
5205 bool is_valid_documentation_url(const char *url) {
5206 assert(url);
5207
5208 if (startswith(url, "http://") && url[7])
5209 return true;
5210
5211 if (startswith(url, "https://") && url[8])
5212 return true;
5213
5214 if (startswith(url, "file:") && url[5])
5215 return true;
5216
5217 if (startswith(url, "info:") && url[5])
5218 return true;
5219
5220 if (startswith(url, "man:") && url[4])
5221 return true;
5222
5223 return false;
5224 }
5225
5226 bool in_initrd(void) {
5227 static int saved = -1;
5228 struct statfs s;
5229
5230 if (saved >= 0)
5231 return saved;
5232
5233 /* We make two checks here:
5234 *
5235 * 1. the flag file /etc/initrd-release must exist
5236 * 2. the root file system must be a memory file system
5237 *
5238 * The second check is extra paranoia, since misdetecting an
5239 * initrd can have bad bad consequences due the initrd
5240 * emptying when transititioning to the main systemd.
5241 */
5242
5243 saved = access("/etc/initrd-release", F_OK) >= 0 &&
5244 statfs("/", &s) >= 0 &&
5245 is_temporary_fs(&s);
5246
5247 return saved;
5248 }
5249
5250 void warn_melody(void) {
5251 _cleanup_close_ int fd = -1;
5252
5253 fd = open("/dev/console", O_WRONLY|O_CLOEXEC|O_NOCTTY);
5254 if (fd < 0)
5255 return;
5256
5257 /* Yeah, this is synchronous. Kinda sucks. But well... */
5258
5259 ioctl(fd, KIOCSOUND, (int)(1193180/440));
5260 usleep(125*USEC_PER_MSEC);
5261
5262 ioctl(fd, KIOCSOUND, (int)(1193180/220));
5263 usleep(125*USEC_PER_MSEC);
5264
5265 ioctl(fd, KIOCSOUND, (int)(1193180/220));
5266 usleep(125*USEC_PER_MSEC);
5267
5268 ioctl(fd, KIOCSOUND, 0);
5269 }
5270
5271 int make_console_stdio(void) {
5272 int fd, r;
5273
5274 /* Make /dev/console the controlling terminal and stdin/stdout/stderr */
5275
5276 fd = acquire_terminal("/dev/console", false, true, true, (usec_t) -1);
5277 if (fd < 0) {
5278 log_error("Failed to acquire terminal: %s", strerror(-fd));
5279 return fd;
5280 }
5281
5282 r = make_stdio(fd);
5283 if (r < 0) {
5284 log_error("Failed to duplicate terminal fd: %s", strerror(-r));
5285 return r;
5286 }
5287
5288 return 0;
5289 }
5290
5291 int get_home_dir(char **_h) {
5292 struct passwd *p;
5293 const char *e;
5294 char *h;
5295 uid_t u;
5296
5297 assert(_h);
5298
5299 /* Take the user specified one */
5300 e = secure_getenv("HOME");
5301 if (e && path_is_absolute(e)) {
5302 h = strdup(e);
5303 if (!h)
5304 return -ENOMEM;
5305
5306 *_h = h;
5307 return 0;
5308 }
5309
5310 /* Hardcode home directory for root to avoid NSS */
5311 u = getuid();
5312 if (u == 0) {
5313 h = strdup("/root");
5314 if (!h)
5315 return -ENOMEM;
5316
5317 *_h = h;
5318 return 0;
5319 }
5320
5321 /* Check the database... */
5322 errno = 0;
5323 p = getpwuid(u);
5324 if (!p)
5325 return errno > 0 ? -errno : -ESRCH;
5326
5327 if (!path_is_absolute(p->pw_dir))
5328 return -EINVAL;
5329
5330 h = strdup(p->pw_dir);
5331 if (!h)
5332 return -ENOMEM;
5333
5334 *_h = h;
5335 return 0;
5336 }
5337
5338 int get_shell(char **_s) {
5339 struct passwd *p;
5340 const char *e;
5341 char *s;
5342 uid_t u;
5343
5344 assert(_s);
5345
5346 /* Take the user specified one */
5347 e = getenv("SHELL");
5348 if (e) {
5349 s = strdup(e);
5350 if (!s)
5351 return -ENOMEM;
5352
5353 *_s = s;
5354 return 0;
5355 }
5356
5357 /* Hardcode home directory for root to avoid NSS */
5358 u = getuid();
5359 if (u == 0) {
5360 s = strdup("/bin/sh");
5361 if (!s)
5362 return -ENOMEM;
5363
5364 *_s = s;
5365 return 0;
5366 }
5367
5368 /* Check the database... */
5369 errno = 0;
5370 p = getpwuid(u);
5371 if (!p)
5372 return errno > 0 ? -errno : -ESRCH;
5373
5374 if (!path_is_absolute(p->pw_shell))
5375 return -EINVAL;
5376
5377 s = strdup(p->pw_shell);
5378 if (!s)
5379 return -ENOMEM;
5380
5381 *_s = s;
5382 return 0;
5383 }
5384
5385 bool filename_is_safe(const char *p) {
5386
5387 if (isempty(p))
5388 return false;
5389
5390 if (strchr(p, '/'))
5391 return false;
5392
5393 if (streq(p, "."))
5394 return false;
5395
5396 if (streq(p, ".."))
5397 return false;
5398
5399 if (strlen(p) > FILENAME_MAX)
5400 return false;
5401
5402 return true;
5403 }
5404
5405 bool string_is_safe(const char *p) {
5406 const char *t;
5407
5408 if (!p)
5409 return false;
5410
5411 for (t = p; *t; t++) {
5412 if (*t > 0 && *t < ' ')
5413 return false;
5414
5415 if (strchr("\\\"\'\0x7f", *t))
5416 return false;
5417 }
5418
5419 return true;
5420 }
5421
5422 /**
5423 * Check if a string contains control characters. If 'ok' is non-NULL
5424 * it may be a string containing additional CCs to be considered OK.
5425 */
5426 bool string_has_cc(const char *p, const char *ok) {
5427 const char *t;
5428
5429 assert(p);
5430
5431 for (t = p; *t; t++) {
5432 if (ok && strchr(ok, *t))
5433 continue;
5434
5435 if (*t > 0 && *t < ' ')
5436 return true;
5437
5438 if (*t == 127)
5439 return true;
5440 }
5441
5442 return false;
5443 }
5444
5445 bool path_is_safe(const char *p) {
5446
5447 if (isempty(p))
5448 return false;
5449
5450 if (streq(p, "..") || startswith(p, "../") || endswith(p, "/..") || strstr(p, "/../"))
5451 return false;
5452
5453 if (strlen(p) > PATH_MAX)
5454 return false;
5455
5456 /* The following two checks are not really dangerous, but hey, they still are confusing */
5457 if (streq(p, ".") || startswith(p, "./") || endswith(p, "/.") || strstr(p, "/./"))
5458 return false;
5459
5460 if (strstr(p, "//"))
5461 return false;
5462
5463 return true;
5464 }
5465
5466 /* hey glibc, APIs with callbacks without a user pointer are so useless */
5467 void *xbsearch_r(const void *key, const void *base, size_t nmemb, size_t size,
5468 int (*compar) (const void *, const void *, void *), void *arg) {
5469 size_t l, u, idx;
5470 const void *p;
5471 int comparison;
5472
5473 l = 0;
5474 u = nmemb;
5475 while (l < u) {
5476 idx = (l + u) / 2;
5477 p = (void *)(((const char *) base) + (idx * size));
5478 comparison = compar(key, p, arg);
5479 if (comparison < 0)
5480 u = idx;
5481 else if (comparison > 0)
5482 l = idx + 1;
5483 else
5484 return (void *)p;
5485 }
5486 return NULL;
5487 }
5488
5489 bool is_locale_utf8(void) {
5490 const char *set;
5491 static int cached_answer = -1;
5492
5493 if (cached_answer >= 0)
5494 goto out;
5495
5496 if (!setlocale(LC_ALL, "")) {
5497 cached_answer = true;
5498 goto out;
5499 }
5500
5501 set = nl_langinfo(CODESET);
5502 if (!set) {
5503 cached_answer = true;
5504 goto out;
5505 }
5506
5507 if (streq(set, "UTF-8")) {
5508 cached_answer = true;
5509 goto out;
5510 }
5511
5512 /* For LC_CTYPE=="C" return true, because CTYPE is effectly
5513 * unset and everything can do to UTF-8 nowadays. */
5514 set = setlocale(LC_CTYPE, NULL);
5515 if (!set) {
5516 cached_answer = true;
5517 goto out;
5518 }
5519
5520 /* Check result, but ignore the result if C was set
5521 * explicitly. */
5522 cached_answer =
5523 streq(set, "C") &&
5524 !getenv("LC_ALL") &&
5525 !getenv("LC_CTYPE") &&
5526 !getenv("LANG");
5527
5528 out:
5529 return (bool) cached_answer;
5530 }
5531
5532 const char *draw_special_char(DrawSpecialChar ch) {
5533 static const char *draw_table[2][_DRAW_SPECIAL_CHAR_MAX] = {
5534
5535 /* UTF-8 */ {
5536 [DRAW_TREE_VERTICAL] = "\342\224\202 ", /* │ */
5537 [DRAW_TREE_BRANCH] = "\342\224\234\342\224\200", /* ├─ */
5538 [DRAW_TREE_RIGHT] = "\342\224\224\342\224\200", /* └─ */
5539 [DRAW_TREE_SPACE] = " ", /* */
5540 [DRAW_TRIANGULAR_BULLET] = "\342\200\243", /* ‣ */
5541 [DRAW_BLACK_CIRCLE] = "\342\227\217", /* ● */
5542 [DRAW_ARROW] = "\342\206\222", /* → */
5543 [DRAW_DASH] = "\342\200\223", /* – */
5544 },
5545
5546 /* ASCII fallback */ {
5547 [DRAW_TREE_VERTICAL] = "| ",
5548 [DRAW_TREE_BRANCH] = "|-",
5549 [DRAW_TREE_RIGHT] = "`-",
5550 [DRAW_TREE_SPACE] = " ",
5551 [DRAW_TRIANGULAR_BULLET] = ">",
5552 [DRAW_BLACK_CIRCLE] = "*",
5553 [DRAW_ARROW] = "->",
5554 [DRAW_DASH] = "-",
5555 }
5556 };
5557
5558 return draw_table[!is_locale_utf8()][ch];
5559 }
5560
5561 char *strreplace(const char *text, const char *old_string, const char *new_string) {
5562 const char *f;
5563 char *t, *r;
5564 size_t l, old_len, new_len;
5565
5566 assert(text);
5567 assert(old_string);
5568 assert(new_string);
5569
5570 old_len = strlen(old_string);
5571 new_len = strlen(new_string);
5572
5573 l = strlen(text);
5574 r = new(char, l+1);
5575 if (!r)
5576 return NULL;
5577
5578 f = text;
5579 t = r;
5580 while (*f) {
5581 char *a;
5582 size_t d, nl;
5583
5584 if (!startswith(f, old_string)) {
5585 *(t++) = *(f++);
5586 continue;
5587 }
5588
5589 d = t - r;
5590 nl = l - old_len + new_len;
5591 a = realloc(r, nl + 1);
5592 if (!a)
5593 goto oom;
5594
5595 l = nl;
5596 r = a;
5597 t = r + d;
5598
5599 t = stpcpy(t, new_string);
5600 f += old_len;
5601 }
5602
5603 *t = 0;
5604 return r;
5605
5606 oom:
5607 free(r);
5608 return NULL;
5609 }
5610
5611 char *strip_tab_ansi(char **ibuf, size_t *_isz) {
5612 const char *i, *begin = NULL;
5613 enum {
5614 STATE_OTHER,
5615 STATE_ESCAPE,
5616 STATE_BRACKET
5617 } state = STATE_OTHER;
5618 char *obuf = NULL;
5619 size_t osz = 0, isz;
5620 FILE *f;
5621
5622 assert(ibuf);
5623 assert(*ibuf);
5624
5625 /* Strips ANSI color and replaces TABs by 8 spaces */
5626
5627 isz = _isz ? *_isz : strlen(*ibuf);
5628
5629 f = open_memstream(&obuf, &osz);
5630 if (!f)
5631 return NULL;
5632
5633 for (i = *ibuf; i < *ibuf + isz + 1; i++) {
5634
5635 switch (state) {
5636
5637 case STATE_OTHER:
5638 if (i >= *ibuf + isz) /* EOT */
5639 break;
5640 else if (*i == '\x1B')
5641 state = STATE_ESCAPE;
5642 else if (*i == '\t')
5643 fputs(" ", f);
5644 else
5645 fputc(*i, f);
5646 break;
5647
5648 case STATE_ESCAPE:
5649 if (i >= *ibuf + isz) { /* EOT */
5650 fputc('\x1B', f);
5651 break;
5652 } else if (*i == '[') {
5653 state = STATE_BRACKET;
5654 begin = i + 1;
5655 } else {
5656 fputc('\x1B', f);
5657 fputc(*i, f);
5658 state = STATE_OTHER;
5659 }
5660
5661 break;
5662
5663 case STATE_BRACKET:
5664
5665 if (i >= *ibuf + isz || /* EOT */
5666 (!(*i >= '0' && *i <= '9') && *i != ';' && *i != 'm')) {
5667 fputc('\x1B', f);
5668 fputc('[', f);
5669 state = STATE_OTHER;
5670 i = begin-1;
5671 } else if (*i == 'm')
5672 state = STATE_OTHER;
5673 break;
5674 }
5675 }
5676
5677 if (ferror(f)) {
5678 fclose(f);
5679 free(obuf);
5680 return NULL;
5681 }
5682
5683 fclose(f);
5684
5685 free(*ibuf);
5686 *ibuf = obuf;
5687
5688 if (_isz)
5689 *_isz = osz;
5690
5691 return obuf;
5692 }
5693
5694 int on_ac_power(void) {
5695 bool found_offline = false, found_online = false;
5696 _cleanup_closedir_ DIR *d = NULL;
5697
5698 d = opendir("/sys/class/power_supply");
5699 if (!d)
5700 return -errno;
5701
5702 for (;;) {
5703 struct dirent *de;
5704 _cleanup_close_ int fd = -1, device = -1;
5705 char contents[6];
5706 ssize_t n;
5707
5708 errno = 0;
5709 de = readdir(d);
5710 if (!de && errno != 0)
5711 return -errno;
5712
5713 if (!de)
5714 break;
5715
5716 if (ignore_file(de->d_name))
5717 continue;
5718
5719 device = openat(dirfd(d), de->d_name, O_DIRECTORY|O_RDONLY|O_CLOEXEC|O_NOCTTY);
5720 if (device < 0) {
5721 if (errno == ENOENT || errno == ENOTDIR)
5722 continue;
5723
5724 return -errno;
5725 }
5726
5727 fd = openat(device, "type", O_RDONLY|O_CLOEXEC|O_NOCTTY);
5728 if (fd < 0) {
5729 if (errno == ENOENT)
5730 continue;
5731
5732 return -errno;
5733 }
5734
5735 n = read(fd, contents, sizeof(contents));
5736 if (n < 0)
5737 return -errno;
5738
5739 if (n != 6 || memcmp(contents, "Mains\n", 6))
5740 continue;
5741
5742 safe_close(fd);
5743 fd = openat(device, "online", O_RDONLY|O_CLOEXEC|O_NOCTTY);
5744 if (fd < 0) {
5745 if (errno == ENOENT)
5746 continue;
5747
5748 return -errno;
5749 }
5750
5751 n = read(fd, contents, sizeof(contents));
5752 if (n < 0)
5753 return -errno;
5754
5755 if (n != 2 || contents[1] != '\n')
5756 return -EIO;
5757
5758 if (contents[0] == '1') {
5759 found_online = true;
5760 break;
5761 } else if (contents[0] == '0')
5762 found_offline = true;
5763 else
5764 return -EIO;
5765 }
5766
5767 return found_online || !found_offline;
5768 }
5769
5770 static int search_and_fopen_internal(const char *path, const char *mode, const char *root, char **search, FILE **_f) {
5771 char **i;
5772
5773 assert(path);
5774 assert(mode);
5775 assert(_f);
5776
5777 if (!path_strv_resolve_uniq(search, root))
5778 return -ENOMEM;
5779
5780 STRV_FOREACH(i, search) {
5781 _cleanup_free_ char *p = NULL;
5782 FILE *f;
5783
5784 if (root)
5785 p = strjoin(root, *i, "/", path, NULL);
5786 else
5787 p = strjoin(*i, "/", path, NULL);
5788 if (!p)
5789 return -ENOMEM;
5790
5791 f = fopen(p, mode);
5792 if (f) {
5793 *_f = f;
5794 return 0;
5795 }
5796
5797 if (errno != ENOENT)
5798 return -errno;
5799 }
5800
5801 return -ENOENT;
5802 }
5803
5804 int search_and_fopen(const char *path, const char *mode, const char *root, const char **search, FILE **_f) {
5805 _cleanup_strv_free_ char **copy = NULL;
5806
5807 assert(path);
5808 assert(mode);
5809 assert(_f);
5810
5811 if (path_is_absolute(path)) {
5812 FILE *f;
5813
5814 f = fopen(path, mode);
5815 if (f) {
5816 *_f = f;
5817 return 0;
5818 }
5819
5820 return -errno;
5821 }
5822
5823 copy = strv_copy((char**) search);
5824 if (!copy)
5825 return -ENOMEM;
5826
5827 return search_and_fopen_internal(path, mode, root, copy, _f);
5828 }
5829
5830 int search_and_fopen_nulstr(const char *path, const char *mode, const char *root, const char *search, FILE **_f) {
5831 _cleanup_strv_free_ char **s = NULL;
5832
5833 if (path_is_absolute(path)) {
5834 FILE *f;
5835
5836 f = fopen(path, mode);
5837 if (f) {
5838 *_f = f;
5839 return 0;
5840 }
5841
5842 return -errno;
5843 }
5844
5845 s = strv_split_nulstr(search);
5846 if (!s)
5847 return -ENOMEM;
5848
5849 return search_and_fopen_internal(path, mode, root, s, _f);
5850 }
5851
5852 char *strextend(char **x, ...) {
5853 va_list ap;
5854 size_t f, l;
5855 char *r, *p;
5856
5857 assert(x);
5858
5859 l = f = *x ? strlen(*x) : 0;
5860
5861 va_start(ap, x);
5862 for (;;) {
5863 const char *t;
5864 size_t n;
5865
5866 t = va_arg(ap, const char *);
5867 if (!t)
5868 break;
5869
5870 n = strlen(t);
5871 if (n > ((size_t) -1) - l) {
5872 va_end(ap);
5873 return NULL;
5874 }
5875
5876 l += n;
5877 }
5878 va_end(ap);
5879
5880 r = realloc(*x, l+1);
5881 if (!r)
5882 return NULL;
5883
5884 p = r + f;
5885
5886 va_start(ap, x);
5887 for (;;) {
5888 const char *t;
5889
5890 t = va_arg(ap, const char *);
5891 if (!t)
5892 break;
5893
5894 p = stpcpy(p, t);
5895 }
5896 va_end(ap);
5897
5898 *p = 0;
5899 *x = r;
5900
5901 return r + l;
5902 }
5903
5904 char *strrep(const char *s, unsigned n) {
5905 size_t l;
5906 char *r, *p;
5907 unsigned i;
5908
5909 assert(s);
5910
5911 l = strlen(s);
5912 p = r = malloc(l * n + 1);
5913 if (!r)
5914 return NULL;
5915
5916 for (i = 0; i < n; i++)
5917 p = stpcpy(p, s);
5918
5919 *p = 0;
5920 return r;
5921 }
5922
5923 void* greedy_realloc(void **p, size_t *allocated, size_t need, size_t size) {
5924 size_t a, newalloc;
5925 void *q;
5926
5927 assert(p);
5928 assert(allocated);
5929
5930 if (*allocated >= need)
5931 return *p;
5932
5933 newalloc = MAX(need * 2, 64u / size);
5934 a = newalloc * size;
5935
5936 /* check for overflows */
5937 if (a < size * need)
5938 return NULL;
5939
5940 q = realloc(*p, a);
5941 if (!q)
5942 return NULL;
5943
5944 *p = q;
5945 *allocated = newalloc;
5946 return q;
5947 }
5948
5949 void* greedy_realloc0(void **p, size_t *allocated, size_t need, size_t size) {
5950 size_t prev;
5951 uint8_t *q;
5952
5953 assert(p);
5954 assert(allocated);
5955
5956 prev = *allocated;
5957
5958 q = greedy_realloc(p, allocated, need, size);
5959 if (!q)
5960 return NULL;
5961
5962 if (*allocated > prev)
5963 memzero(q + prev * size, (*allocated - prev) * size);
5964
5965 return q;
5966 }
5967
5968 bool id128_is_valid(const char *s) {
5969 size_t i, l;
5970
5971 l = strlen(s);
5972 if (l == 32) {
5973
5974 /* Simple formatted 128bit hex string */
5975
5976 for (i = 0; i < l; i++) {
5977 char c = s[i];
5978
5979 if (!(c >= '0' && c <= '9') &&
5980 !(c >= 'a' && c <= 'z') &&
5981 !(c >= 'A' && c <= 'Z'))
5982 return false;
5983 }
5984
5985 } else if (l == 36) {
5986
5987 /* Formatted UUID */
5988
5989 for (i = 0; i < l; i++) {
5990 char c = s[i];
5991
5992 if ((i == 8 || i == 13 || i == 18 || i == 23)) {
5993 if (c != '-')
5994 return false;
5995 } else {
5996 if (!(c >= '0' && c <= '9') &&
5997 !(c >= 'a' && c <= 'z') &&
5998 !(c >= 'A' && c <= 'Z'))
5999 return false;
6000 }
6001 }
6002
6003 } else
6004 return false;
6005
6006 return true;
6007 }
6008
6009 int split_pair(const char *s, const char *sep, char **l, char **r) {
6010 char *x, *a, *b;
6011
6012 assert(s);
6013 assert(sep);
6014 assert(l);
6015 assert(r);
6016
6017 if (isempty(sep))
6018 return -EINVAL;
6019
6020 x = strstr(s, sep);
6021 if (!x)
6022 return -EINVAL;
6023
6024 a = strndup(s, x - s);
6025 if (!a)
6026 return -ENOMEM;
6027
6028 b = strdup(x + strlen(sep));
6029 if (!b) {
6030 free(a);
6031 return -ENOMEM;
6032 }
6033
6034 *l = a;
6035 *r = b;
6036
6037 return 0;
6038 }
6039
6040 int shall_restore_state(void) {
6041 _cleanup_free_ char *line = NULL;
6042 char *w, *state;
6043 size_t l;
6044 int r;
6045
6046 r = proc_cmdline(&line);
6047 if (r < 0)
6048 return r;
6049 if (r == 0) /* Container ... */
6050 return 1;
6051
6052 r = 1;
6053
6054 FOREACH_WORD_QUOTED(w, l, line, state) {
6055 const char *e;
6056 char n[l+1];
6057 int k;
6058
6059 memcpy(n, w, l);
6060 n[l] = 0;
6061
6062 e = startswith(n, "systemd.restore_state=");
6063 if (!e)
6064 continue;
6065
6066 k = parse_boolean(e);
6067 if (k >= 0)
6068 r = k;
6069 }
6070
6071 return r;
6072 }
6073
6074 int proc_cmdline(char **ret) {
6075 int r;
6076
6077 if (detect_container(NULL) > 0) {
6078 char *buf = NULL, *p;
6079 size_t sz = 0;
6080
6081 r = read_full_file("/proc/1/cmdline", &buf, &sz);
6082 if (r < 0)
6083 return r;
6084
6085 for (p = buf; p + 1 < buf + sz; p++)
6086 if (*p == 0)
6087 *p = ' ';
6088
6089 *p = 0;
6090 *ret = buf;
6091 return 1;
6092 }
6093
6094 r = read_one_line_file("/proc/cmdline", ret);
6095 if (r < 0)
6096 return r;
6097
6098 return 1;
6099 }
6100
6101 int parse_proc_cmdline(int (*parse_item)(const char *key, const char *value)) {
6102 _cleanup_free_ char *line = NULL;
6103 char *w, *state;
6104 size_t l;
6105 int r;
6106
6107 assert(parse_item);
6108
6109 r = proc_cmdline(&line);
6110 if (r < 0)
6111 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
6112 if (r <= 0)
6113 return 0;
6114
6115 FOREACH_WORD_QUOTED(w, l, line, state) {
6116 char word[l+1], *value;
6117
6118 memcpy(word, w, l);
6119 word[l] = 0;
6120
6121 /* Filter out arguments that are intended only for the
6122 * initrd */
6123 if (!in_initrd() && startswith(word, "rd."))
6124 continue;
6125
6126 value = strchr(word, '=');
6127 if (value)
6128 *(value++) = 0;
6129
6130 r = parse_item(word, value);
6131 if (r < 0)
6132 return r;
6133 }
6134
6135 return 0;
6136 }
6137
6138 int container_get_leader(const char *machine, pid_t *pid) {
6139 _cleanup_free_ char *s = NULL, *class = NULL;
6140 const char *p;
6141 pid_t leader;
6142 int r;
6143
6144 assert(machine);
6145 assert(pid);
6146
6147 p = strappenda("/run/systemd/machines/", machine);
6148 r = parse_env_file(p, NEWLINE, "LEADER", &s, "CLASS", &class, NULL);
6149 if (r == -ENOENT)
6150 return -EHOSTDOWN;
6151 if (r < 0)
6152 return r;
6153 if (!s)
6154 return -EIO;
6155
6156 if (!streq_ptr(class, "container"))
6157 return -EIO;
6158
6159 r = parse_pid(s, &leader);
6160 if (r < 0)
6161 return r;
6162 if (leader <= 1)
6163 return -EIO;
6164
6165 *pid = leader;
6166 return 0;
6167 }
6168
6169 int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *netns_fd, int *root_fd) {
6170 _cleanup_close_ int pidnsfd = -1, mntnsfd = -1, netnsfd = -1;
6171 int rfd = -1;
6172
6173 assert(pid >= 0);
6174
6175 if (mntns_fd) {
6176 const char *mntns;
6177
6178 mntns = procfs_file_alloca(pid, "ns/mnt");
6179 mntnsfd = open(mntns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6180 if (mntnsfd < 0)
6181 return -errno;
6182 }
6183
6184 if (pidns_fd) {
6185 const char *pidns;
6186
6187 pidns = procfs_file_alloca(pid, "ns/pid");
6188 pidnsfd = open(pidns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6189 if (pidnsfd < 0)
6190 return -errno;
6191 }
6192
6193 if (netns_fd) {
6194 const char *netns;
6195
6196 netns = procfs_file_alloca(pid, "ns/net");
6197 netnsfd = open(netns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6198 if (netnsfd < 0)
6199 return -errno;
6200 }
6201
6202 if (root_fd) {
6203 const char *root;
6204
6205 root = procfs_file_alloca(pid, "root");
6206 rfd = open(root, O_RDONLY|O_NOCTTY|O_CLOEXEC|O_DIRECTORY);
6207 if (rfd < 0)
6208 return -errno;
6209 }
6210
6211 if (pidns_fd)
6212 *pidns_fd = pidnsfd;
6213
6214 if (mntns_fd)
6215 *mntns_fd = mntnsfd;
6216
6217 if (netns_fd)
6218 *netns_fd = netnsfd;
6219
6220 if (root_fd)
6221 *root_fd = rfd;
6222
6223 pidnsfd = mntnsfd = netnsfd = -1;
6224
6225 return 0;
6226 }
6227
6228 int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int root_fd) {
6229
6230 if (pidns_fd >= 0)
6231 if (setns(pidns_fd, CLONE_NEWPID) < 0)
6232 return -errno;
6233
6234 if (mntns_fd >= 0)
6235 if (setns(mntns_fd, CLONE_NEWNS) < 0)
6236 return -errno;
6237
6238 if (netns_fd >= 0)
6239 if (setns(netns_fd, CLONE_NEWNET) < 0)
6240 return -errno;
6241
6242 if (root_fd >= 0) {
6243 if (fchdir(root_fd) < 0)
6244 return -errno;
6245
6246 if (chroot(".") < 0)
6247 return -errno;
6248 }
6249
6250 if (setresgid(0, 0, 0) < 0)
6251 return -errno;
6252
6253 if (setgroups(0, NULL) < 0)
6254 return -errno;
6255
6256 if (setresuid(0, 0, 0) < 0)
6257 return -errno;
6258
6259 return 0;
6260 }
6261
6262 bool pid_is_unwaited(pid_t pid) {
6263 /* Checks whether a PID is still valid at all, including a zombie */
6264
6265 if (pid <= 0)
6266 return false;
6267
6268 if (kill(pid, 0) >= 0)
6269 return true;
6270
6271 return errno != ESRCH;
6272 }
6273
6274 bool pid_is_alive(pid_t pid) {
6275 int r;
6276
6277 /* Checks whether a PID is still valid and not a zombie */
6278
6279 if (pid <= 0)
6280 return false;
6281
6282 r = get_process_state(pid);
6283 if (r == -ENOENT || r == 'Z')
6284 return false;
6285
6286 return true;
6287 }
6288
6289 int getpeercred(int fd, struct ucred *ucred) {
6290 socklen_t n = sizeof(struct ucred);
6291 struct ucred u;
6292 int r;
6293
6294 assert(fd >= 0);
6295 assert(ucred);
6296
6297 r = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &u, &n);
6298 if (r < 0)
6299 return -errno;
6300
6301 if (n != sizeof(struct ucred))
6302 return -EIO;
6303
6304 /* Check if the data is actually useful and not suppressed due
6305 * to namespacing issues */
6306 if (u.pid <= 0)
6307 return -ENODATA;
6308
6309 *ucred = u;
6310 return 0;
6311 }
6312
6313 int getpeersec(int fd, char **ret) {
6314 socklen_t n = 64;
6315 char *s;
6316 int r;
6317
6318 assert(fd >= 0);
6319 assert(ret);
6320
6321 s = new0(char, n);
6322 if (!s)
6323 return -ENOMEM;
6324
6325 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
6326 if (r < 0) {
6327 free(s);
6328
6329 if (errno != ERANGE)
6330 return -errno;
6331
6332 s = new0(char, n);
6333 if (!s)
6334 return -ENOMEM;
6335
6336 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
6337 if (r < 0) {
6338 free(s);
6339 return -errno;
6340 }
6341 }
6342
6343 if (isempty(s)) {
6344 free(s);
6345 return -ENOTSUP;
6346 }
6347
6348 *ret = s;
6349 return 0;
6350 }
6351
6352 /* This is much like like mkostemp() but is subject to umask(). */
6353 int mkostemp_safe(char *pattern, int flags) {
6354 _cleanup_umask_ mode_t u;
6355 int fd;
6356
6357 assert(pattern);
6358
6359 u = umask(077);
6360
6361 fd = mkostemp(pattern, flags);
6362 if (fd < 0)
6363 return -errno;
6364
6365 return fd;
6366 }
6367
6368 int open_tmpfile(const char *path, int flags) {
6369 char *p;
6370 int fd;
6371
6372 assert(path);
6373
6374 #ifdef O_TMPFILE
6375 /* Try O_TMPFILE first, if it is supported */
6376 fd = open(path, flags|O_TMPFILE, S_IRUSR|S_IWUSR);
6377 if (fd >= 0)
6378 return fd;
6379 #endif
6380
6381 /* Fall back to unguessable name + unlinking */
6382 p = strappenda(path, "/systemd-tmp-XXXXXX");
6383
6384 fd = mkostemp_safe(p, flags);
6385 if (fd < 0)
6386 return fd;
6387
6388 unlink(p);
6389 return fd;
6390 }
6391
6392 int fd_warn_permissions(const char *path, int fd) {
6393 struct stat st;
6394
6395 if (fstat(fd, &st) < 0)
6396 return -errno;
6397
6398 if (st.st_mode & 0111)
6399 log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path);
6400
6401 if (st.st_mode & 0002)
6402 log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path);
6403
6404 if (getpid() == 1 && (st.st_mode & 0044) != 0044)
6405 log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path);
6406
6407 return 0;
6408 }
6409
6410 unsigned long personality_from_string(const char *p) {
6411
6412 /* Parse a personality specifier. We introduce our own
6413 * identifiers that indicate specific ABIs, rather than just
6414 * hints regarding the register size, since we want to keep
6415 * things open for multiple locally supported ABIs for the
6416 * same register size. We try to reuse the ABI identifiers
6417 * used by libseccomp. */
6418
6419 #if defined(__x86_64__)
6420
6421 if (streq(p, "x86"))
6422 return PER_LINUX32;
6423
6424 if (streq(p, "x86-64"))
6425 return PER_LINUX;
6426
6427 #elif defined(__i386__)
6428
6429 if (streq(p, "x86"))
6430 return PER_LINUX;
6431 #endif
6432
6433 /* personality(7) documents that 0xffffffffUL is used for
6434 * querying the current personality, hence let's use that here
6435 * as error indicator. */
6436 return 0xffffffffUL;
6437 }
6438
6439 const char* personality_to_string(unsigned long p) {
6440
6441 #if defined(__x86_64__)
6442
6443 if (p == PER_LINUX32)
6444 return "x86";
6445
6446 if (p == PER_LINUX)
6447 return "x86-64";
6448
6449 #elif defined(__i386__)
6450
6451 if (p == PER_LINUX)
6452 return "x86";
6453 #endif
6454
6455 return NULL;
6456 }
6457
6458 uint64_t physical_memory(void) {
6459 long mem;
6460
6461 /* We return this as uint64_t in case we are running as 32bit
6462 * process on a 64bit kernel with huge amounts of memory */
6463
6464 mem = sysconf(_SC_PHYS_PAGES);
6465 assert(mem > 0);
6466
6467 return (uint64_t) mem * (uint64_t) page_size();
6468 }
6469
6470 char* mount_test_option(const char *haystack, const char *needle) {
6471
6472 struct mntent me = {
6473 .mnt_opts = (char*) haystack
6474 };
6475
6476 assert(needle);
6477
6478 /* Like glibc's hasmntopt(), but works on a string, not a
6479 * struct mntent */
6480
6481 if (!haystack)
6482 return NULL;
6483
6484 return hasmntopt(&me, needle);
6485 }
6486
6487 void hexdump(FILE *f, const void *p, size_t s) {
6488 const uint8_t *b = p;
6489 unsigned n = 0;
6490
6491 assert(s == 0 || b);
6492
6493 while (s > 0) {
6494 size_t i;
6495
6496 fprintf(f, "%04x ", n);
6497
6498 for (i = 0; i < 16; i++) {
6499
6500 if (i >= s)
6501 fputs(" ", f);
6502 else
6503 fprintf(f, "%02x ", b[i]);
6504
6505 if (i == 7)
6506 fputc(' ', f);
6507 }
6508
6509 fputc(' ', f);
6510
6511 for (i = 0; i < 16; i++) {
6512
6513 if (i >= s)
6514 fputc(' ', f);
6515 else
6516 fputc(isprint(b[i]) ? (char) b[i] : '.', f);
6517 }
6518
6519 fputc('\n', f);
6520
6521 if (s < 16)
6522 break;
6523
6524 n += 16;
6525 b += 16;
6526 s -= 16;
6527 }
6528 }
6529
6530 int update_reboot_param_file(const char *param) {
6531 int r = 0;
6532
6533 if (param) {
6534
6535 r = write_string_file(REBOOT_PARAM_FILE, param);
6536 if (r < 0)
6537 log_error("Failed to write reboot param to "
6538 REBOOT_PARAM_FILE": %s", strerror(-r));
6539 } else
6540 unlink(REBOOT_PARAM_FILE);
6541
6542 return r;
6543 }
6544
6545 int umount_recursive(const char *prefix, int flags) {
6546 bool again;
6547 int n = 0, r;
6548
6549 /* Try to umount everything recursively below a
6550 * directory. Also, take care of stacked mounts, and keep
6551 * unmounting them until they are gone. */
6552
6553 do {
6554 _cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
6555
6556 again = false;
6557 r = 0;
6558
6559 proc_self_mountinfo = fopen("/proc/self/mountinfo", "re");
6560 if (!proc_self_mountinfo)
6561 return -errno;
6562
6563 for (;;) {
6564 _cleanup_free_ char *path = NULL, *p = NULL;
6565 int k;
6566
6567 k = fscanf(proc_self_mountinfo,
6568 "%*s " /* (1) mount id */
6569 "%*s " /* (2) parent id */
6570 "%*s " /* (3) major:minor */
6571 "%*s " /* (4) root */
6572 "%ms " /* (5) mount point */
6573 "%*s" /* (6) mount options */
6574 "%*[^-]" /* (7) optional fields */
6575 "- " /* (8) separator */
6576 "%*s " /* (9) file system type */
6577 "%*s" /* (10) mount source */
6578 "%*s" /* (11) mount options 2 */
6579 "%*[^\n]", /* some rubbish at the end */
6580 &path);
6581 if (k != 1) {
6582 if (k == EOF)
6583 break;
6584
6585 continue;
6586 }
6587
6588 p = cunescape(path);
6589 if (!p)
6590 return -ENOMEM;
6591
6592 if (!path_startswith(p, prefix))
6593 continue;
6594
6595 if (umount2(p, flags) < 0) {
6596 r = -errno;
6597 continue;
6598 }
6599
6600 again = true;
6601 n++;
6602
6603 break;
6604 }
6605
6606 } while (again);
6607
6608 return r ? r : n;
6609 }
6610
6611 int bind_remount_recursive(const char *prefix, bool ro) {
6612 _cleanup_set_free_free_ Set *done = NULL;
6613 _cleanup_free_ char *cleaned = NULL;
6614 int r;
6615
6616 /* Recursively remount a directory (and all its submounts)
6617 * read-only or read-write. If the directory is already
6618 * mounted, we reuse the mount and simply mark it
6619 * MS_BIND|MS_RDONLY (or remove the MS_RDONLY for read-write
6620 * operation). If it isn't we first make it one. Afterwards we
6621 * apply MS_BIND|MS_RDONLY (or remove MS_RDONLY) to all
6622 * submounts we can access, too. When mounts are stacked on
6623 * the same mount point we only care for each individual
6624 * "top-level" mount on each point, as we cannot
6625 * influence/access the underlying mounts anyway. We do not
6626 * have any effect on future submounts that might get
6627 * propagated, they migt be writable. This includes future
6628 * submounts that have been triggered via autofs. */
6629
6630 cleaned = strdup(prefix);
6631 if (!cleaned)
6632 return -ENOMEM;
6633
6634 path_kill_slashes(cleaned);
6635
6636 done = set_new(string_hash_func, string_compare_func);
6637 if (!done)
6638 return -ENOMEM;
6639
6640 for (;;) {
6641 _cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
6642 _cleanup_set_free_free_ Set *todo = NULL;
6643 bool top_autofs = false;
6644 char *x;
6645
6646 todo = set_new(string_hash_func, string_compare_func);
6647 if (!todo)
6648 return -ENOMEM;
6649
6650 proc_self_mountinfo = fopen("/proc/self/mountinfo", "re");
6651 if (!proc_self_mountinfo)
6652 return -errno;
6653
6654 for (;;) {
6655 _cleanup_free_ char *path = NULL, *p = NULL, *type = NULL;
6656 int k;
6657
6658 k = fscanf(proc_self_mountinfo,
6659 "%*s " /* (1) mount id */
6660 "%*s " /* (2) parent id */
6661 "%*s " /* (3) major:minor */
6662 "%*s " /* (4) root */
6663 "%ms " /* (5) mount point */
6664 "%*s" /* (6) mount options (superblock) */
6665 "%*[^-]" /* (7) optional fields */
6666 "- " /* (8) separator */
6667 "%ms " /* (9) file system type */
6668 "%*s" /* (10) mount source */
6669 "%*s" /* (11) mount options (bind mount) */
6670 "%*[^\n]", /* some rubbish at the end */
6671 &path,
6672 &type);
6673 if (k != 2) {
6674 if (k == EOF)
6675 break;
6676
6677 continue;
6678 }
6679
6680 p = cunescape(path);
6681 if (!p)
6682 return -ENOMEM;
6683
6684 /* Let's ignore autofs mounts. If they aren't
6685 * triggered yet, we want to avoid triggering
6686 * them, as we don't make any guarantees for
6687 * future submounts anyway. If they are
6688 * already triggered, then we will find
6689 * another entry for this. */
6690 if (streq(type, "autofs")) {
6691 top_autofs = top_autofs || path_equal(cleaned, p);
6692 continue;
6693 }
6694
6695 if (path_startswith(p, cleaned) &&
6696 !set_contains(done, p)) {
6697
6698 r = set_consume(todo, p);
6699 p = NULL;
6700
6701 if (r == -EEXIST)
6702 continue;
6703 if (r < 0)
6704 return r;
6705 }
6706 }
6707
6708 /* If we have no submounts to process anymore and if
6709 * the root is either already done, or an autofs, we
6710 * are done */
6711 if (set_isempty(todo) &&
6712 (top_autofs || set_contains(done, cleaned)))
6713 return 0;
6714
6715 if (!set_contains(done, cleaned) &&
6716 !set_contains(todo, cleaned)) {
6717 /* The prefix directory itself is not yet a
6718 * mount, make it one. */
6719 if (mount(cleaned, cleaned, NULL, MS_BIND|MS_REC, NULL) < 0)
6720 return -errno;
6721
6722 if (mount(NULL, prefix, NULL, MS_BIND|MS_REMOUNT|(ro ? MS_RDONLY : 0), NULL) < 0)
6723 return -errno;
6724
6725 x = strdup(cleaned);
6726 if (!x)
6727 return -ENOMEM;
6728
6729 r = set_consume(done, x);
6730 if (r < 0)
6731 return r;
6732 }
6733
6734 while ((x = set_steal_first(todo))) {
6735
6736 r = set_consume(done, x);
6737 if (r == -EEXIST)
6738 continue;
6739 if (r < 0)
6740 return r;
6741
6742 if (mount(NULL, x, NULL, MS_BIND|MS_REMOUNT|(ro ? MS_RDONLY : 0), NULL) < 0) {
6743
6744 /* Deal with mount points that are
6745 * obstructed by a later mount */
6746
6747 if (errno != ENOENT)
6748 return -errno;
6749 }
6750
6751 }
6752 }
6753 }
6754
6755 int fflush_and_check(FILE *f) {
6756 assert(f);
6757
6758 errno = 0;
6759 fflush(f);
6760
6761 if (ferror(f))
6762 return errno ? -errno : -EIO;
6763
6764 return 0;
6765 }
6766
6767 char *tempfn_xxxxxx(const char *p) {
6768 const char *fn;
6769 char *t;
6770 size_t k;
6771
6772 assert(p);
6773
6774 t = new(char, strlen(p) + 1 + 6 + 1);
6775 if (!t)
6776 return NULL;
6777
6778 fn = basename(p);
6779 k = fn - p;
6780
6781 strcpy(stpcpy(stpcpy(mempcpy(t, p, k), "."), fn), "XXXXXX");
6782
6783 return t;
6784 }
6785
6786 char *tempfn_random(const char *p) {
6787 const char *fn;
6788 char *t, *x;
6789 uint64_t u;
6790 size_t k;
6791 unsigned i;
6792
6793 assert(p);
6794
6795 t = new(char, strlen(p) + 1 + 16 + 1);
6796 if (!t)
6797 return NULL;
6798
6799 fn = basename(p);
6800 k = fn - p;
6801
6802 x = stpcpy(stpcpy(mempcpy(t, p, k), "."), fn);
6803
6804 u = random_u64();
6805 for (i = 0; i < 16; i++) {
6806 *(x++) = hexchar(u & 0xF);
6807 u >>= 4;
6808 }
6809
6810 *x = 0;
6811
6812 return t;
6813 }
6814
6815 /* make sure the hostname is not "localhost" */
6816 bool is_localhost(const char *hostname) {
6817 assert(hostname);
6818
6819 /* This tries to identify local hostnames described in RFC6761
6820 * plus the redhatism of .localdomain */
6821
6822 return streq(hostname, "localhost") ||
6823 streq(hostname, "localhost.") ||
6824 endswith(hostname, ".localhost") ||
6825 endswith(hostname, ".localhost.") ||
6826 endswith(hostname, ".localdomain") ||
6827 endswith(hostname, ".localdomain.");
6828 }
6829
6830 int take_password_lock(const char *root) {
6831
6832 struct flock flock = {
6833 .l_type = F_WRLCK,
6834 .l_whence = SEEK_SET,
6835 .l_start = 0,
6836 .l_len = 0,
6837 };
6838
6839 const char *path;
6840 int fd, r;
6841
6842 /* This is roughly the same as lckpwdf(), but not as awful. We
6843 * don't want to use alarm() and signals, hence we implement
6844 * our own trivial version of this.
6845 *
6846 * Note that shadow-utils also takes per-database locks in
6847 * addition to lckpwdf(). However, we don't given that they
6848 * are redundant as they they invoke lckpwdf() first and keep
6849 * it during everything they do. The per-database locks are
6850 * awfully racy, and thus we just won't do them. */
6851
6852 if (root)
6853 path = strappenda(root, "/etc/.pwd.lock");
6854 else
6855 path = "/etc/.pwd.lock";
6856
6857 fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0600);
6858 if (fd < 0)
6859 return -errno;
6860
6861 r = fcntl(fd, F_SETLKW, &flock);
6862 if (r < 0) {
6863 safe_close(fd);
6864 return -errno;
6865 }
6866
6867 return fd;
6868 }
Unnamed repository; edit this file 'description' to name the repository.