[thirdparty/systemd.git] / src / core / machine-id-setup.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <unistd.h>
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <fcntl.h>
#include <sys/mount.h>

#include "systemd/sd-id128.h"

#include "machine-id-setup.h"
#include "macro.h"
#include "util.h"
#include "mkdir.h"
#include "log.h"
#include "virt.h"
#include "fileio.h"
#include "path-util.h"

static int shorten_uuid(char destination[34], const char source[36]) {
        unsigned i, j;

        for (i = 0, j = 0; i < 36 && j < 32; i++) {
                int t;

                t = unhexchar(source[i]);
                if (t < 0)
                        continue;

                destination[j++] = hexchar(t);
        }

        if (i == 36 && j == 32) {
                destination[32] = '\n';
                destination[33] = 0;
                return 0;
        }

        return -EINVAL;
}

static int generate(char id[34], const char *root) {
        int fd, r;
        unsigned char *p;
        sd_id128_t buf;
        char *q;
        ssize_t k;
        const char *vm_id;
        _cleanup_free_ char *dbus_machine_id = NULL;

        assert(id);

        if (asprintf(&dbus_machine_id, "%s/var/lib/dbus/machine-id", root) < 0)
                return log_oom();

        /* First, try reading the D-Bus machine id, unless it is a symlink */
        fd = open(dbus_machine_id, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
        if (fd >= 0) {
                k = loop_read(fd, id, 33, false);
                safe_close(fd);

                if (k == 33 && id[32] == '\n') {

                        id[32] = 0;
                        if (id128_is_valid(id)) {
                                id[32] = '\n';
                                id[33] = 0;

                                log_info("Initializing machine ID from D-Bus machine ID.");
                                return 0;
                        }
                }
        }

        /* If that didn't work, see if we are running in a container,
         * and a machine ID was passed in via $container_uuid the way
         * libvirt/LXC does it */
        r = detect_container(NULL);
        if (r > 0) {
                _cleanup_free_ char *e = NULL;

                r = getenv_for_pid(1, "container_uuid", &e);
                if (r > 0) {
                        if (strlen(e) >= 36) {
                                r = shorten_uuid(id, e);
                                if (r >= 0) {
                                        log_info("Initializing machine ID from container UUID.");
                                        return 0;
                                }
                        }
                }

        } else {
                /* If we are not running in a container, see if we are
                 * running in qemu/kvm and a machine ID was passed in
                 * via -uuid on the qemu/kvm command line */

                r = detect_vm(&vm_id);
                if (r > 0 && streq(vm_id, "kvm")) {
                        char uuid[37];

                        fd = open("/sys/class/dmi/id/product_uuid", O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
                        if (fd >= 0) {
                                k = loop_read(fd, uuid, 36, false);
                                safe_close(fd);

                                if (k >= 36) {
                                        r = shorten_uuid(id, uuid);
                                        if (r >= 0) {
                                                log_info("Initializing machine ID from KVM UUID.");
                                                return 0;
                                        }
                                }
                        }
                }
        }

        /* If that didn't work, generate a random machine id */
        r = sd_id128_randomize(&buf);
        if (r < 0) {
                log_error("Failed to open /dev/urandom: %s", strerror(-r));
                return r;
        }

        for (p = buf.bytes, q = id; p < buf.bytes + sizeof(buf); p++, q += 2) {
                q[0] = hexchar(*p >> 4);
                q[1] = hexchar(*p & 15);
        }

        id[32] = '\n';
        id[33] = 0;

        log_info("Initializing machine ID from random generator.");

        return 0;
}

int machine_id_setup(const char *root) {
        const char *etc_machine_id, *run_machine_id;
        _cleanup_close_ int fd = -1;
        bool writable = false;
        struct stat st;
        char id[34]; /* 32 + \n + \0 */
        int r;

        if (isempty(root))  {
                etc_machine_id = "/etc/machine-id";
                run_machine_id = "/run/machine-id";
        } else {
                etc_machine_id = strappenda(root, "/etc/machine-id");
                path_kill_slashes((char*) etc_machine_id);

                run_machine_id = strappenda(root, "/run/machine-id");
                path_kill_slashes((char*) run_machine_id);
        }

        RUN_WITH_UMASK(0000) {
                /* We create this 0444, to indicate that this isn't really
                 * something you should ever modify. Of course, since the file
                 * will be owned by root it doesn't matter much, but maybe
                 * people look. */

                mkdir_parents(etc_machine_id, 0755);
                fd = open(etc_machine_id, O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
                if (fd >= 0)
                        writable = true;
                else {
                        fd = open(etc_machine_id, O_RDONLY|O_CLOEXEC|O_NOCTTY);
                        if (fd < 0) {
                                log_error("Cannot open %s: %m", etc_machine_id);
                                return -errno;
                        }

                        writable = false;
                }
        }

        if (fstat(fd, &st) < 0) {
                log_error("fstat() failed: %m");
                return -errno;
        }

        if (S_ISREG(st.st_mode))
                if (loop_read(fd, id, 33, false) == 33 && id[32] == '\n') {
                        id[32] = 0;

                        if (id128_is_valid(id))
                                return 0;
                }

        /* Hmm, so, the id currently stored is not useful, then let's
         * generate one */

        r = generate(id, root);
        if (r < 0)
                return r;

        if (S_ISREG(st.st_mode) && writable) {
                lseek(fd, 0, SEEK_SET);

                if (loop_write(fd, id, 33, false) == 33)
                        return 0;
        }

        fd = safe_close(fd);

        /* Hmm, we couldn't write it? So let's write it to
         * /run/machine-id as a replacement */

        RUN_WITH_UMASK(0022) {
                r = write_string_file(run_machine_id, id);
        }
        if (r < 0) {
                log_error("Cannot write %s: %s", run_machine_id, strerror(-r));
                unlink(run_machine_id);
                return r;
        }

        /* And now, let's mount it over */
        r = mount(run_machine_id, etc_machine_id, NULL, MS_BIND, NULL);
        if (r < 0) {
                log_error("Failed to mount %s: %m", etc_machine_id);
                unlink_noerrno(run_machine_id);
                return -errno;
        }

        log_info("Installed transient %s file.", etc_machine_id);

        /* Mark the mount read-only */
        if (mount(NULL, etc_machine_id, NULL, MS_BIND|MS_RDONLY|MS_REMOUNT, NULL) < 0)
                log_warning("Failed to make transient %s read-only: %m", etc_machine_id);

        return 0;
}
Commit	Line	Data
d7ccca2e LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
d7ccca2e LP	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
d7ccca2e	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
d7ccca2e LP	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <unistd.h>
	23	#include <stdio.h>
	24	#include <errno.h>
	25	#include <string.h>
	26	#include <stdlib.h>
	27	#include <fcntl.h>
	28	#include <sys/mount.h>
	29
73f860db	30	#include "systemd/sd-id128.h"
81527be1	31
b6e66135	32	#include "machine-id-setup.h"
d7ccca2e LP	33	#include "macro.h"
d7ccca2e LP	34	#include "util.h"
49e942b2	35	#include "mkdir.h"
d7ccca2e	36	#include "log.h"
d4eb120a	37	#include "virt.h"
a5c32cff	38	#include "fileio.h"
fe970a8a	39	#include "path-util.h"
8d41a963	40
34f750b7	41	static int shorten_uuid(char destination[34], const char source[36]) {
09b967ea LP	42	unsigned i, j;
	43
	44	for (i = 0, j = 0; i < 36 && j < 32; i++) {
	45	int t;
	46
	47	t = unhexchar(source[i]);
	48	if (t < 0)
	49	continue;
	50
	51	destination[j++] = hexchar(t);
	52	}
	53
	54	if (i == 36 && j == 32) {
	55	destination[32] = '\n';
	56	destination[33] = 0;
	57	return 0;
	58	}
	59
	60	return -EINVAL;
	61	}
	62
92f2f92e	63	static int generate(char id[34], const char *root) {
87d2c1ff LP	64	int fd, r;
	65	unsigned char *p;
	66	sd_id128_t buf;
8d41a963	67	char *q;
d7ccca2e	68	ssize_t k;
d4eb120a	69	const char *vm_id;
92f2f92e	70	_cleanup_free_ char *dbus_machine_id = NULL;
d7ccca2e LP	71
	72	assert(id);
	73
92f2f92e GKH	74	if (asprintf(&dbus_machine_id, "%s/var/lib/dbus/machine-id", root) < 0)
	75	return log_oom();
	76
d7ccca2e	77	/* First, try reading the D-Bus machine id, unless it is a symlink */
92f2f92e	78	fd = open(dbus_machine_id, O_RDONLY\|O_CLOEXEC\|O_NOCTTY\|O_NOFOLLOW);
8d41a963	79	if (fd >= 0) {
aa96c6cb	80	k = loop_read(fd, id, 33, false);
03e334a1	81	safe_close(fd);
d7ccca2e	82
aa96c6cb	83	if (k == 33 && id[32] == '\n') {
d7ccca2e	84
aa96c6cb LP	85	id[32] = 0;
	86	if (id128_is_valid(id)) {
	87	id[32] = '\n';
	88	id[33] = 0;
	89
	90	log_info("Initializing machine ID from D-Bus machine ID.");
	91	return 0;
	92	}
d7ccca2e LP	93	}
	94	}
	95
0b36bbc4 LP	96	/* If that didn't work, see if we are running in a container,
	97	* and a machine ID was passed in via $container_uuid the way
	98	* libvirt/LXC does it */
09b967ea LP	99	r = detect_container(NULL);
09b967ea LP	100	if (r > 0) {
aa96c6cb	101	_cleanup_free_ char *e = NULL;
09b967ea	102
ab94af92 LP	103	r = getenv_for_pid(1, "container_uuid", &e);
	104	if (r > 0) {
	105	if (strlen(e) >= 36) {
	106	r = shorten_uuid(id, e);
	107	if (r >= 0) {
8e47b1d2	108	log_info("Initializing machine ID from container UUID.");
ab94af92	109	return 0;
09b967ea	110	}
ab94af92	111	}
d4eb120a	112	}
0b36bbc4 LP	113
	114	} else {
	115	/* If we are not running in a container, see if we are
	116	* running in qemu/kvm and a machine ID was passed in
	117	* via -uuid on the qemu/kvm command line */
	118
	119	r = detect_vm(&vm_id);
	120	if (r > 0 && streq(vm_id, "kvm")) {
	121	char uuid[37];
	122
	123	fd = open("/sys/class/dmi/id/product_uuid", O_RDONLY\|O_CLOEXEC\|O_NOCTTY\|O_NOFOLLOW);
	124	if (fd >= 0) {
	125	k = loop_read(fd, uuid, 36, false);
	126	safe_close(fd);
	127
	128	if (k >= 36) {
	129	r = shorten_uuid(id, uuid);
	130	if (r >= 0) {
	131	log_info("Initializing machine ID from KVM UUID.");
	132	return 0;
	133	}
	134	}
	135	}
	136	}
d4eb120a LP	137	}
d4eb120a LP	138
d7ccca2e	139	/* If that didn't work, generate a random machine id */
87d2c1ff LP	140	r = sd_id128_randomize(&buf);
	141	if (r < 0) {
	142	log_error("Failed to open /dev/urandom: %s", strerror(-r));
	143	return r;
d7ccca2e LP	144	}
d7ccca2e LP	145
87d2c1ff	146	for (p = buf.bytes, q = id; p < buf.bytes + sizeof(buf); p++, q += 2) {
d7ccca2e LP	147	q[0] = hexchar(*p >> 4);
	148	q[1] = hexchar(*p & 15);
	149	}
	150
	151	id[32] = '\n';
	152	id[33] = 0;
	153
	154	log_info("Initializing machine ID from random generator.");
	155
	156	return 0;
	157	}
	158
92f2f92e	159	int machine_id_setup(const char *root) {
489388fb	160	const char etc_machine_id, run_machine_id;
4b73a0c0	161	_cleanup_close_ int fd = -1;
df28bc08	162	bool writable = false;
d7ccca2e LP	163	struct stat st;
d7ccca2e LP	164	char id[34]; /* 32 + \n + \0 */
489388fb	165	int r;
92f2f92e	166
489388fb LP	167	if (isempty(root)) {
	168	etc_machine_id = "/etc/machine-id";
	169	run_machine_id = "/run/machine-id";
	170	} else {
	171	etc_machine_id = strappenda(root, "/etc/machine-id");
	172	path_kill_slashes((char*) etc_machine_id);
92f2f92e	173
489388fb LP	174	run_machine_id = strappenda(root, "/run/machine-id");
	175	path_kill_slashes((char*) run_machine_id);
	176	}
d7ccca2e	177
5c0d398d LP	178	RUN_WITH_UMASK(0000) {
	179	/* We create this 0444, to indicate that this isn't really
	180	* something you should ever modify. Of course, since the file
	181	* will be owned by root it doesn't matter much, but maybe
	182	* people look. */
	183
3577de7a	184	mkdir_parents(etc_machine_id, 0755);
92f2f92e	185	fd = open(etc_machine_id, O_RDWR\|O_CREAT\|O_CLOEXEC\|O_NOCTTY, 0444);
5c0d398d LP	186	if (fd >= 0)
	187	writable = true;
	188	else {
92f2f92e	189	fd = open(etc_machine_id, O_RDONLY\|O_CLOEXEC\|O_NOCTTY);
5c0d398d	190	if (fd < 0) {
92f2f92e	191	log_error("Cannot open %s: %m", etc_machine_id);
5c0d398d LP	192	return -errno;
5c0d398d LP	193	}
76526bad	194
5c0d398d	195	writable = false;
d7ccca2e	196	}
d7ccca2e LP	197	}
d7ccca2e LP	198
d7ccca2e LP	199	if (fstat(fd, &st) < 0) {
d7ccca2e LP	200	log_error("fstat() failed: %m");
4b73a0c0	201	return -errno;
d7ccca2e LP	202	}
d7ccca2e LP	203
4b73a0c0	204	if (S_ISREG(st.st_mode))
aa96c6cb LP	205	if (loop_read(fd, id, 33, false) == 33 && id[32] == '\n') {
	206	id[32] = 0;
	207
	208	if (id128_is_valid(id))
	209	return 0;
	210	}
d7ccca2e LP	211
	212	/* Hmm, so, the id currently stored is not useful, then let's
	213	* generate one */
	214
92f2f92e	215	r = generate(id, root);
8d41a963	216	if (r < 0)
4b73a0c0	217	return r;
d7ccca2e LP	218
	219	if (S_ISREG(st.st_mode) && writable) {
	220	lseek(fd, 0, SEEK_SET);
	221
4b73a0c0 LP	222	if (loop_write(fd, id, 33, false) == 33)
4b73a0c0 LP	223	return 0;
d7ccca2e LP	224	}
d7ccca2e LP	225
03e334a1	226	fd = safe_close(fd);
d7ccca2e LP	227
d7ccca2e LP	228	/* Hmm, we couldn't write it? So let's write it to
6996295f	229	* /run/machine-id as a replacement */
d7ccca2e	230
5c0d398d	231	RUN_WITH_UMASK(0022) {
92f2f92e	232	r = write_string_file(run_machine_id, id);
5c0d398d	233	}
8d41a963	234	if (r < 0) {
92f2f92e GKH	235	log_error("Cannot write %s: %s", run_machine_id, strerror(-r));
92f2f92e GKH	236	unlink(run_machine_id);
4b73a0c0	237	return r;
d7ccca2e LP	238	}
	239
	240	/* And now, let's mount it over */
92f2f92e	241	r = mount(run_machine_id, etc_machine_id, NULL, MS_BIND, NULL);
6996295f	242	if (r < 0) {
92f2f92e GKH	243	log_error("Failed to mount %s: %m", etc_machine_id);
92f2f92e GKH	244	unlink_noerrno(run_machine_id);
4b73a0c0	245	return -errno;
aed5a525 LP	246	}
aed5a525 LP	247
92f2f92e	248	log_info("Installed transient %s file.", etc_machine_id);
d7ccca2e	249
4b73a0c0	250	/* Mark the mount read-only */
92f2f92e GKH	251	if (mount(NULL, etc_machine_id, NULL, MS_BIND\|MS_RDONLY\|MS_REMOUNT, NULL) < 0)
92f2f92e GKH	252	log_warning("Failed to make transient %s read-only: %m", etc_machine_id);
d7ccca2e	253
4b73a0c0	254	return 0;
d7ccca2e	255	}