[thirdparty/systemd.git] / src / core / machine-id-setup.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <unistd.h>
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <fcntl.h>
#include <sys/mount.h>

#include <systemd/sd-id128.h>

#include "machine-id-setup.h"
#include "macro.h"
#include "util.h"
#include "mkdir.h"
#include "log.h"
#include "virt.h"
#include "fileio.h"

static int shorten_uuid(char destination[36], const char *source) {
        unsigned i, j;

        for (i = 0, j = 0; i < 36 && j < 32; i++) {
                int t;

                t = unhexchar(source[i]);
                if (t < 0)
                        continue;

                destination[j++] = hexchar(t);
        }

        if (i == 36 && j == 32) {
                destination[32] = '\n';
                destination[33] = 0;
                return 0;
        }

        return -EINVAL;
}

static int generate(char id[34], const char *root) {
        int fd, r;
        unsigned char *p;
        sd_id128_t buf;
        char *q;
        ssize_t k;
        const char *vm_id;
        _cleanup_free_ char *dbus_machine_id = NULL;

        assert(id);

        if (asprintf(&dbus_machine_id, "%s/var/lib/dbus/machine-id", root) < 0)
                return log_oom();

        /* First, try reading the D-Bus machine id, unless it is a symlink */
        fd = open(dbus_machine_id, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
        if (fd >= 0) {
                k = loop_read(fd, id, 33, false);
                close_nointr_nofail(fd);

                if (k == 33 && id[32] == '\n') {

                        id[32] = 0;
                        if (id128_is_valid(id)) {
                                id[32] = '\n';
                                id[33] = 0;

                                log_info("Initializing machine ID from D-Bus machine ID.");
                                return 0;
                        }
                }
        }

        /* If that didn't work, see if we are running in qemu/kvm and a
         * machine ID was passed in via -uuid on the qemu/kvm command
         * line */

        r = detect_vm(&vm_id);
        if (r > 0 && streq(vm_id, "kvm")) {
                char uuid[37];

                fd = open("/sys/class/dmi/id/product_uuid", O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
                if (fd >= 0) {
                        k = loop_read(fd, uuid, 36, false);
                        close_nointr_nofail(fd);

                        if (k >= 36) {
                                r = shorten_uuid(id, uuid);
                                if (r >= 0) {
                                        log_info("Initializing machine ID from KVM UUID.");
                                        return 0;
                                }
                        }
                }
        }

        /* If that didn't work either, see if we are running in a
         * container, and a machine ID was passed in via
         * $container_uuid the way libvirt/LXC does it */
        r = detect_container(NULL);
        if (r > 0) {
                _cleanup_free_ char *e = NULL;

                r = getenv_for_pid(1, "container_uuid", &e);
                if (r > 0) {
                        if (strlen(e) >= 36) {
                                r = shorten_uuid(id, e);
                                if (r >= 0) {
                                        log_info("Initializing machine ID from container UUID.");
                                        return 0;
                                }
                        }
                }
        }

        /* If that didn't work, generate a random machine id */
        r = sd_id128_randomize(&buf);
        if (r < 0) {
                log_error("Failed to open /dev/urandom: %s", strerror(-r));
                return r;
        }

        for (p = buf.bytes, q = id; p < buf.bytes + sizeof(buf); p++, q += 2) {
                q[0] = hexchar(*p >> 4);
                q[1] = hexchar(*p & 15);
        }

        id[32] = '\n';
        id[33] = 0;

        log_info("Initializing machine ID from random generator.");

        return 0;
}

int machine_id_setup(const char *root) {
        _cleanup_close_ int fd = -1;
        int r;
        bool writable = false;
        struct stat st;
        char id[34]; /* 32 + \n + \0 */
        _cleanup_free_ char *etc_machine_id = NULL;
        _cleanup_free_ char *run_machine_id = NULL;

        if (asprintf(&etc_machine_id, "%s/etc/machine-id", root) < 0)
                return log_oom();

        if (asprintf(&run_machine_id, "%s/run/machine-id", root) < 0)
                return log_oom();

        RUN_WITH_UMASK(0000) {
                /* We create this 0444, to indicate that this isn't really
                 * something you should ever modify. Of course, since the file
                 * will be owned by root it doesn't matter much, but maybe
                 * people look. */

                fd = open(etc_machine_id, O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
                if (fd >= 0)
                        writable = true;
                else {
                        fd = open(etc_machine_id, O_RDONLY|O_CLOEXEC|O_NOCTTY);
                        if (fd < 0) {
                                log_error("Cannot open %s: %m", etc_machine_id);
                                return -errno;
                        }

                        writable = false;
                }
        }

        if (fstat(fd, &st) < 0) {
                log_error("fstat() failed: %m");
                return -errno;
        }

        if (S_ISREG(st.st_mode))
                if (loop_read(fd, id, 33, false) == 33 && id[32] == '\n') {
                        id[32] = 0;

                        if (id128_is_valid(id))
                                return 0;
                }

        /* Hmm, so, the id currently stored is not useful, then let's
         * generate one */

        r = generate(id, root);
        if (r < 0)
                return r;

        if (S_ISREG(st.st_mode) && writable) {
                lseek(fd, 0, SEEK_SET);

                if (loop_write(fd, id, 33, false) == 33)
                        return 0;
        }

        close_nointr_nofail(fd);
        fd = -1;

        /* Hmm, we couldn't write it? So let's write it to
         * /run/machine-id as a replacement */

        RUN_WITH_UMASK(0022) {
                r = write_string_file(run_machine_id, id);
        }
        if (r < 0) {
                log_error("Cannot write %s: %s", run_machine_id, strerror(-r));
                unlink(run_machine_id);
                return r;
        }

        /* And now, let's mount it over */
        r = mount(run_machine_id, etc_machine_id, NULL, MS_BIND, NULL);
        if (r < 0) {
                log_error("Failed to mount %s: %m", etc_machine_id);
                unlink_noerrno(run_machine_id);
                return -errno;
        }

        log_info("Installed transient %s file.", etc_machine_id);

        /* Mark the mount read-only */
        if (mount(NULL, etc_machine_id, NULL, MS_BIND|MS_RDONLY|MS_REMOUNT, NULL) < 0)
                log_warning("Failed to make transient %s read-only: %m", etc_machine_id);

        return 0;
}
Commit	Line	Data
d7ccca2e LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
d7ccca2e LP	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
d7ccca2e	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
d7ccca2e LP	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <unistd.h>
	23	#include <stdio.h>
	24	#include <errno.h>
	25	#include <string.h>
	26	#include <stdlib.h>
	27	#include <fcntl.h>
	28	#include <sys/mount.h>
	29
81527be1 LP	30	#include <systemd/sd-id128.h>
81527be1 LP	31
b6e66135	32	#include "machine-id-setup.h"
d7ccca2e LP	33	#include "macro.h"
d7ccca2e LP	34	#include "util.h"
49e942b2	35	#include "mkdir.h"
d7ccca2e	36	#include "log.h"
d4eb120a	37	#include "virt.h"
a5c32cff	38	#include "fileio.h"
8d41a963	39
09b967ea LP	40	static int shorten_uuid(char destination[36], const char *source) {
	41	unsigned i, j;
	42
	43	for (i = 0, j = 0; i < 36 && j < 32; i++) {
	44	int t;
	45
	46	t = unhexchar(source[i]);
	47	if (t < 0)
	48	continue;
	49
	50	destination[j++] = hexchar(t);
	51	}
	52
	53	if (i == 36 && j == 32) {
	54	destination[32] = '\n';
	55	destination[33] = 0;
	56	return 0;
	57	}
	58
	59	return -EINVAL;
	60	}
	61
92f2f92e	62	static int generate(char id[34], const char *root) {
87d2c1ff LP	63	int fd, r;
	64	unsigned char *p;
	65	sd_id128_t buf;
8d41a963	66	char *q;
d7ccca2e	67	ssize_t k;
d4eb120a	68	const char *vm_id;
92f2f92e	69	_cleanup_free_ char *dbus_machine_id = NULL;
d7ccca2e LP	70
	71	assert(id);
	72
92f2f92e GKH	73	if (asprintf(&dbus_machine_id, "%s/var/lib/dbus/machine-id", root) < 0)
	74	return log_oom();
	75
d7ccca2e	76	/* First, try reading the D-Bus machine id, unless it is a symlink */
92f2f92e	77	fd = open(dbus_machine_id, O_RDONLY\|O_CLOEXEC\|O_NOCTTY\|O_NOFOLLOW);
8d41a963	78	if (fd >= 0) {
aa96c6cb	79	k = loop_read(fd, id, 33, false);
d7ccca2e LP	80	close_nointr_nofail(fd);
d7ccca2e LP	81
aa96c6cb	82	if (k == 33 && id[32] == '\n') {
d7ccca2e	83
aa96c6cb LP	84	id[32] = 0;
	85	if (id128_is_valid(id)) {
	86	id[32] = '\n';
	87	id[33] = 0;
	88
	89	log_info("Initializing machine ID from D-Bus machine ID.");
	90	return 0;
	91	}
d7ccca2e LP	92	}
	93	}
	94
d4eb120a LP	95	/* If that didn't work, see if we are running in qemu/kvm and a
	96	* machine ID was passed in via -uuid on the qemu/kvm command
	97	* line */
	98
	99	r = detect_vm(&vm_id);
	100	if (r > 0 && streq(vm_id, "kvm")) {
	101	char uuid[37];
	102
	103	fd = open("/sys/class/dmi/id/product_uuid", O_RDONLY\|O_CLOEXEC\|O_NOCTTY\|O_NOFOLLOW);
	104	if (fd >= 0) {
	105	k = loop_read(fd, uuid, 36, false);
	106	close_nointr_nofail(fd);
	107
	108	if (k >= 36) {
09b967ea LP	109	r = shorten_uuid(id, uuid);
09b967ea LP	110	if (r >= 0) {
8e47b1d2	111	log_info("Initializing machine ID from KVM UUID.");
09b967ea LP	112	return 0;
	113	}
	114	}
	115	}
	116	}
d4eb120a	117
09b967ea LP	118	/* If that didn't work either, see if we are running in a
	119	* container, and a machine ID was passed in via
	120	* $container_uuid the way libvirt/LXC does it */
09b967ea LP	121	r = detect_container(NULL);
09b967ea LP	122	if (r > 0) {
aa96c6cb	123	_cleanup_free_ char *e = NULL;
09b967ea	124
ab94af92 LP	125	r = getenv_for_pid(1, "container_uuid", &e);
	126	if (r > 0) {
	127	if (strlen(e) >= 36) {
	128	r = shorten_uuid(id, e);
	129	if (r >= 0) {
8e47b1d2	130	log_info("Initializing machine ID from container UUID.");
ab94af92	131	return 0;
09b967ea	132	}
ab94af92	133	}
d4eb120a LP	134	}
	135	}
	136
d7ccca2e	137	/* If that didn't work, generate a random machine id */
87d2c1ff LP	138	r = sd_id128_randomize(&buf);
	139	if (r < 0) {
	140	log_error("Failed to open /dev/urandom: %s", strerror(-r));
	141	return r;
d7ccca2e LP	142	}
d7ccca2e LP	143
87d2c1ff	144	for (p = buf.bytes, q = id; p < buf.bytes + sizeof(buf); p++, q += 2) {
d7ccca2e LP	145	q[0] = hexchar(*p >> 4);
	146	q[1] = hexchar(*p & 15);
	147	}
	148
	149	id[32] = '\n';
	150	id[33] = 0;
	151
	152	log_info("Initializing machine ID from random generator.");
	153
	154	return 0;
	155	}
	156
92f2f92e	157	int machine_id_setup(const char *root) {
4b73a0c0 LP	158	_cleanup_close_ int fd = -1;
4b73a0c0 LP	159	int r;
df28bc08	160	bool writable = false;
d7ccca2e LP	161	struct stat st;
d7ccca2e LP	162	char id[34]; /* 32 + \n + \0 */
92f2f92e GKH	163	_cleanup_free_ char *etc_machine_id = NULL;
	164	_cleanup_free_ char *run_machine_id = NULL;
	165
	166	if (asprintf(&etc_machine_id, "%s/etc/machine-id", root) < 0)
	167	return log_oom();
	168
	169	if (asprintf(&run_machine_id, "%s/run/machine-id", root) < 0)
	170	return log_oom();
d7ccca2e	171
5c0d398d LP	172	RUN_WITH_UMASK(0000) {
	173	/* We create this 0444, to indicate that this isn't really
	174	* something you should ever modify. Of course, since the file
	175	* will be owned by root it doesn't matter much, but maybe
	176	* people look. */
	177
92f2f92e	178	fd = open(etc_machine_id, O_RDWR\|O_CREAT\|O_CLOEXEC\|O_NOCTTY, 0444);
5c0d398d LP	179	if (fd >= 0)
	180	writable = true;
	181	else {
92f2f92e	182	fd = open(etc_machine_id, O_RDONLY\|O_CLOEXEC\|O_NOCTTY);
5c0d398d	183	if (fd < 0) {
92f2f92e	184	log_error("Cannot open %s: %m", etc_machine_id);
5c0d398d LP	185	return -errno;
5c0d398d LP	186	}
76526bad	187
5c0d398d	188	writable = false;
d7ccca2e	189	}
d7ccca2e LP	190	}
d7ccca2e LP	191
d7ccca2e LP	192	if (fstat(fd, &st) < 0) {
d7ccca2e LP	193	log_error("fstat() failed: %m");
4b73a0c0	194	return -errno;
d7ccca2e LP	195	}
d7ccca2e LP	196
4b73a0c0	197	if (S_ISREG(st.st_mode))
aa96c6cb LP	198	if (loop_read(fd, id, 33, false) == 33 && id[32] == '\n') {
	199	id[32] = 0;
	200
	201	if (id128_is_valid(id))
	202	return 0;
	203	}
d7ccca2e LP	204
	205	/* Hmm, so, the id currently stored is not useful, then let's
	206	* generate one */
	207
92f2f92e	208	r = generate(id, root);
8d41a963	209	if (r < 0)
4b73a0c0	210	return r;
d7ccca2e LP	211
	212	if (S_ISREG(st.st_mode) && writable) {
	213	lseek(fd, 0, SEEK_SET);
	214
4b73a0c0 LP	215	if (loop_write(fd, id, 33, false) == 33)
4b73a0c0 LP	216	return 0;
d7ccca2e LP	217	}
	218
	219	close_nointr_nofail(fd);
	220	fd = -1;
	221
	222	/* Hmm, we couldn't write it? So let's write it to
6996295f	223	* /run/machine-id as a replacement */
d7ccca2e	224
5c0d398d	225	RUN_WITH_UMASK(0022) {
92f2f92e	226	r = write_string_file(run_machine_id, id);
5c0d398d	227	}
8d41a963	228	if (r < 0) {
92f2f92e GKH	229	log_error("Cannot write %s: %s", run_machine_id, strerror(-r));
92f2f92e GKH	230	unlink(run_machine_id);
4b73a0c0	231	return r;
d7ccca2e LP	232	}
	233
	234	/* And now, let's mount it over */
92f2f92e	235	r = mount(run_machine_id, etc_machine_id, NULL, MS_BIND, NULL);
6996295f	236	if (r < 0) {
92f2f92e GKH	237	log_error("Failed to mount %s: %m", etc_machine_id);
92f2f92e GKH	238	unlink_noerrno(run_machine_id);
4b73a0c0	239	return -errno;
aed5a525 LP	240	}
aed5a525 LP	241
92f2f92e	242	log_info("Installed transient %s file.", etc_machine_id);
d7ccca2e	243
4b73a0c0	244	/* Mark the mount read-only */
92f2f92e GKH	245	if (mount(NULL, etc_machine_id, NULL, MS_BIND\|MS_RDONLY\|MS_REMOUNT, NULL) < 0)
92f2f92e GKH	246	log_warning("Failed to make transient %s read-only: %m", etc_machine_id);
d7ccca2e	247
4b73a0c0	248	return 0;
d7ccca2e	249	}