]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
a2ea3b2f LP |
2 | |
3 | #include <fcntl.h> | |
a2ea3b2f | 4 | #include <getopt.h> |
e08f94ac LP |
5 | #include <linux/loop.h> |
6 | #include <stdio.h> | |
a2ea3b2f LP |
7 | |
8 | #include "architecture.h" | |
33973b84 | 9 | #include "copy.h" |
a2ea3b2f | 10 | #include "dissect-image.h" |
33973b84 LP |
11 | #include "fd-util.h" |
12 | #include "fs-util.h" | |
4623e8e6 | 13 | #include "hexdecoct.h" |
a2ea3b2f LP |
14 | #include "log.h" |
15 | #include "loop-util.h" | |
149afb45 | 16 | #include "main-func.h" |
33973b84 LP |
17 | #include "mkdir.h" |
18 | #include "mount-util.h" | |
19 | #include "namespace-util.h" | |
e475f729 | 20 | #include "parse-util.h" |
e7cbe5cb | 21 | #include "path-util.h" |
5c05f062 | 22 | #include "pretty-print.h" |
33973b84 | 23 | #include "stat-util.h" |
a2ea3b2f | 24 | #include "string-util.h" |
a1edd22e | 25 | #include "strv.h" |
5c05f062 | 26 | #include "terminal-util.h" |
33973b84 | 27 | #include "tmpfile-util.h" |
2d3a5a73 | 28 | #include "user-util.h" |
a2ea3b2f LP |
29 | #include "util.h" |
30 | ||
31 | static enum { | |
32 | ACTION_DISSECT, | |
33 | ACTION_MOUNT, | |
33973b84 LP |
34 | ACTION_COPY_FROM, |
35 | ACTION_COPY_TO, | |
a2ea3b2f LP |
36 | } arg_action = ACTION_DISSECT; |
37 | static const char *arg_image = NULL; | |
38 | static const char *arg_path = NULL; | |
33973b84 LP |
39 | static const char *arg_source = NULL; |
40 | static const char *arg_target = NULL; | |
e475f729 | 41 | static DissectImageFlags arg_flags = DISSECT_IMAGE_REQUIRE_ROOT|DISSECT_IMAGE_DISCARD_ON_LOOP|DISSECT_IMAGE_RELAX_VAR_CHECK|DISSECT_IMAGE_FSCK; |
4623e8e6 | 42 | static void *arg_root_hash = NULL; |
e7cbe5cb | 43 | static char *arg_verity_data = NULL; |
4623e8e6 | 44 | static size_t arg_root_hash_size = 0; |
c2923fdc LB |
45 | static char *arg_root_hash_sig_path = NULL; |
46 | static void *arg_root_hash_sig = NULL; | |
47 | static size_t arg_root_hash_sig_size = 0; | |
a2ea3b2f | 48 | |
149afb45 | 49 | STATIC_DESTRUCTOR_REGISTER(arg_root_hash, freep); |
e7cbe5cb | 50 | STATIC_DESTRUCTOR_REGISTER(arg_verity_data, freep); |
c2923fdc LB |
51 | STATIC_DESTRUCTOR_REGISTER(arg_root_hash_sig_path, freep); |
52 | STATIC_DESTRUCTOR_REGISTER(arg_root_hash_sig, freep); | |
149afb45 | 53 | |
5c05f062 LP |
54 | static int help(void) { |
55 | _cleanup_free_ char *link = NULL; | |
56 | int r; | |
57 | ||
58 | r = terminal_urlify_man("systemd-dissect", "1", &link); | |
59 | if (r < 0) | |
60 | return log_oom(); | |
61 | ||
62 | printf("%1$s [OPTIONS...] IMAGE\n" | |
33973b84 LP |
63 | "%1$s [OPTIONS...] --mount IMAGE PATH\n" |
64 | "%1$s [OPTIONS...] --copy-from IMAGE PATH [TARGET]\n" | |
65 | "%1$s [OPTIONS...] --copy-to IMAGE [SOURCE] PATH\n\n" | |
5c05f062 LP |
66 | "%5$sDissect a file system OS image.%6$s\n\n" |
67 | "%3$sOptions:%4$s\n" | |
e7cbe5cb LB |
68 | " -r --read-only Mount read-only\n" |
69 | " --fsck=BOOL Run fsck before mounting\n" | |
5c05f062 | 70 | " --mkdir Make mount directory before mounting, if missing\n" |
e7cbe5cb LB |
71 | " --discard=MODE Choose 'discard' mode (disabled, loop, all, crypto)\n" |
72 | " --root-hash=HASH Specify root hash for verity\n" | |
c2923fdc LB |
73 | " --root-hash-sig=SIG Specify pkcs7 signature of root hash for verity\n" |
74 | " as a DER encoded PKCS7, either as a path to a file\n" | |
75 | " or as an ASCII base64 encoded string prefixed by\n" | |
76 | " 'base64:'\n" | |
e7cbe5cb | 77 | " --verity-data=PATH Specify data file with hash tree for verity if it is\n" |
5c05f062 LP |
78 | " not embedded in IMAGE\n" |
79 | "\n%3$sCommands:%4$s\n" | |
80 | " -h --help Show this help\n" | |
81 | " --version Show package version\n" | |
82 | " -m --mount Mount the image to the specified directory\n" | |
83 | " -M Shortcut for --mount --mkdir\n" | |
33973b84 LP |
84 | " -x --copy-from Copy files from image to host\n" |
85 | " -a --copy-to Copy files from host to image\n" | |
5c05f062 LP |
86 | "\nSee the %2$s for details.\n" |
87 | , program_invocation_short_name | |
88 | , link | |
89 | , ansi_underline(), ansi_normal() | |
90 | , ansi_highlight(), ansi_normal()); | |
91 | ||
92 | return 0; | |
a2ea3b2f LP |
93 | } |
94 | ||
95 | static int parse_argv(int argc, char *argv[]) { | |
96 | ||
97 | enum { | |
98 | ARG_VERSION = 0x100, | |
18b5886e | 99 | ARG_DISCARD, |
4623e8e6 | 100 | ARG_ROOT_HASH, |
e475f729 | 101 | ARG_FSCK, |
e7cbe5cb | 102 | ARG_VERITY_DATA, |
c2923fdc | 103 | ARG_ROOT_HASH_SIG, |
5c05f062 | 104 | ARG_MKDIR, |
a2ea3b2f LP |
105 | }; |
106 | ||
107 | static const struct option options[] = { | |
c2923fdc LB |
108 | { "help", no_argument, NULL, 'h' }, |
109 | { "version", no_argument, NULL, ARG_VERSION }, | |
110 | { "mount", no_argument, NULL, 'm' }, | |
111 | { "read-only", no_argument, NULL, 'r' }, | |
112 | { "discard", required_argument, NULL, ARG_DISCARD }, | |
113 | { "root-hash", required_argument, NULL, ARG_ROOT_HASH }, | |
114 | { "fsck", required_argument, NULL, ARG_FSCK }, | |
115 | { "verity-data", required_argument, NULL, ARG_VERITY_DATA }, | |
116 | { "root-hash-sig", required_argument, NULL, ARG_ROOT_HASH_SIG }, | |
5c05f062 | 117 | { "mkdir", no_argument, NULL, ARG_MKDIR }, |
33973b84 LP |
118 | { "copy-from", no_argument, NULL, 'x' }, |
119 | { "copy-to", no_argument, NULL, 'a' }, | |
a2ea3b2f LP |
120 | {} |
121 | }; | |
122 | ||
4623e8e6 | 123 | int c, r; |
a2ea3b2f LP |
124 | |
125 | assert(argc >= 0); | |
126 | assert(argv); | |
127 | ||
33973b84 | 128 | while ((c = getopt_long(argc, argv, "hmrMxa", options, NULL)) >= 0) { |
a2ea3b2f LP |
129 | |
130 | switch (c) { | |
131 | ||
132 | case 'h': | |
5c05f062 | 133 | return help(); |
a2ea3b2f LP |
134 | |
135 | case ARG_VERSION: | |
136 | return version(); | |
137 | ||
138 | case 'm': | |
139 | arg_action = ACTION_MOUNT; | |
140 | break; | |
141 | ||
5c05f062 LP |
142 | case ARG_MKDIR: |
143 | arg_flags |= DISSECT_IMAGE_MKDIR; | |
144 | break; | |
145 | ||
146 | case 'M': | |
147 | /* Shortcut combination of the above two */ | |
148 | arg_action = ACTION_MOUNT; | |
149 | arg_flags |= DISSECT_IMAGE_MKDIR; | |
150 | break; | |
151 | ||
33973b84 LP |
152 | case 'x': |
153 | arg_action = ACTION_COPY_FROM; | |
154 | arg_flags |= DISSECT_IMAGE_READ_ONLY; | |
155 | break; | |
156 | ||
157 | case 'a': | |
158 | arg_action = ACTION_COPY_TO; | |
159 | break; | |
160 | ||
a2ea3b2f | 161 | case 'r': |
18b5886e LP |
162 | arg_flags |= DISSECT_IMAGE_READ_ONLY; |
163 | break; | |
164 | ||
971e2ef0 ZJS |
165 | case ARG_DISCARD: { |
166 | DissectImageFlags flags; | |
167 | ||
18b5886e | 168 | if (streq(optarg, "disabled")) |
971e2ef0 | 169 | flags = 0; |
18b5886e | 170 | else if (streq(optarg, "loop")) |
971e2ef0 | 171 | flags = DISSECT_IMAGE_DISCARD_ON_LOOP; |
18b5886e | 172 | else if (streq(optarg, "all")) |
971e2ef0 | 173 | flags = DISSECT_IMAGE_DISCARD_ON_LOOP | DISSECT_IMAGE_DISCARD; |
18b5886e | 174 | else if (streq(optarg, "crypt")) |
971e2ef0 | 175 | flags = DISSECT_IMAGE_DISCARD_ANY; |
140788f7 LP |
176 | else if (streq(optarg, "list")) { |
177 | puts("disabled\n" | |
178 | "all\n" | |
179 | "crypt\n" | |
180 | "loop"); | |
181 | return 0; | |
182 | } else | |
baaa35ad ZJS |
183 | return log_error_errno(SYNTHETIC_ERRNO(EINVAL), |
184 | "Unknown --discard= parameter: %s", | |
185 | optarg); | |
971e2ef0 | 186 | arg_flags = (arg_flags & ~DISSECT_IMAGE_DISCARD_ANY) | flags; |
18b5886e | 187 | |
a2ea3b2f | 188 | break; |
971e2ef0 | 189 | } |
a2ea3b2f | 190 | |
4623e8e6 LP |
191 | case ARG_ROOT_HASH: { |
192 | void *p; | |
193 | size_t l; | |
194 | ||
195 | r = unhexmem(optarg, strlen(optarg), &p, &l); | |
196 | if (r < 0) | |
63cf2d75 | 197 | return log_error_errno(r, "Failed to parse root hash '%s': %m", optarg); |
4623e8e6 LP |
198 | if (l < sizeof(sd_id128_t)) { |
199 | log_error("Root hash must be at least 128bit long: %s", optarg); | |
200 | free(p); | |
201 | return -EINVAL; | |
202 | } | |
203 | ||
204 | free(arg_root_hash); | |
205 | arg_root_hash = p; | |
206 | arg_root_hash_size = l; | |
207 | break; | |
208 | } | |
209 | ||
e7cbe5cb LB |
210 | case ARG_VERITY_DATA: |
211 | r = parse_path_argument_and_warn(optarg, false, &arg_verity_data); | |
212 | if (r < 0) | |
213 | return r; | |
214 | break; | |
215 | ||
c2923fdc LB |
216 | case ARG_ROOT_HASH_SIG: { |
217 | char *value; | |
218 | ||
219 | if ((value = startswith(optarg, "base64:"))) { | |
220 | void *p; | |
221 | size_t l; | |
222 | ||
223 | r = unbase64mem(value, strlen(value), &p, &l); | |
224 | if (r < 0) | |
225 | return log_error_errno(r, "Failed to parse root hash signature '%s': %m", optarg); | |
226 | ||
227 | free_and_replace(arg_root_hash_sig, p); | |
228 | arg_root_hash_sig_size = l; | |
229 | arg_root_hash_sig_path = mfree(arg_root_hash_sig_path); | |
230 | } else { | |
231 | r = parse_path_argument_and_warn(optarg, false, &arg_root_hash_sig_path); | |
232 | if (r < 0) | |
233 | return r; | |
234 | arg_root_hash_sig = mfree(arg_root_hash_sig); | |
235 | arg_root_hash_sig_size = 0; | |
236 | } | |
237 | ||
238 | break; | |
239 | } | |
240 | ||
e475f729 LP |
241 | case ARG_FSCK: |
242 | r = parse_boolean(optarg); | |
243 | if (r < 0) | |
244 | return log_error_errno(r, "Failed to parse --fsck= parameter: %s", optarg); | |
245 | ||
246 | SET_FLAG(arg_flags, DISSECT_IMAGE_FSCK, r); | |
247 | break; | |
248 | ||
a2ea3b2f LP |
249 | case '?': |
250 | return -EINVAL; | |
251 | ||
252 | default: | |
253 | assert_not_reached("Unhandled option"); | |
254 | } | |
255 | ||
256 | } | |
257 | ||
258 | switch (arg_action) { | |
259 | ||
260 | case ACTION_DISSECT: | |
baaa35ad ZJS |
261 | if (optind + 1 != argc) |
262 | return log_error_errno(SYNTHETIC_ERRNO(EINVAL), | |
33973b84 | 263 | "Expected an image file path as only argument."); |
a2ea3b2f LP |
264 | |
265 | arg_image = argv[optind]; | |
18b5886e | 266 | arg_flags |= DISSECT_IMAGE_READ_ONLY; |
a2ea3b2f LP |
267 | break; |
268 | ||
269 | case ACTION_MOUNT: | |
baaa35ad ZJS |
270 | if (optind + 2 != argc) |
271 | return log_error_errno(SYNTHETIC_ERRNO(EINVAL), | |
33973b84 | 272 | "Expected an image file path and mount point path as only arguments."); |
a2ea3b2f LP |
273 | |
274 | arg_image = argv[optind]; | |
275 | arg_path = argv[optind + 1]; | |
276 | break; | |
277 | ||
33973b84 LP |
278 | case ACTION_COPY_FROM: |
279 | if (argc < optind + 2 || argc > optind + 3) | |
280 | return log_error_errno(SYNTHETIC_ERRNO(EINVAL), | |
281 | "Expected an image file path, a source path and an optional destination path as only arguments."); | |
282 | ||
283 | arg_image = argv[optind]; | |
284 | arg_source = argv[optind + 1]; | |
285 | arg_target = argc > optind + 2 ? argv[optind + 2] : "-" /* this means stdout */ ; | |
286 | ||
287 | arg_flags |= DISSECT_IMAGE_READ_ONLY; | |
288 | break; | |
289 | ||
290 | case ACTION_COPY_TO: | |
291 | if (argc < optind + 2 || argc > optind + 3) | |
292 | return log_error_errno(SYNTHETIC_ERRNO(EINVAL), | |
293 | "Expected an image file path, an optional source path and a destination path as only arguments."); | |
294 | ||
295 | arg_image = argv[optind]; | |
296 | ||
297 | if (argc > optind + 2) { | |
298 | arg_source = argv[optind + 1]; | |
299 | arg_target = argv[optind + 2]; | |
300 | } else { | |
301 | arg_source = "-"; /* this means stdin */ | |
302 | arg_target = argv[optind + 1]; | |
303 | } | |
304 | ||
305 | break; | |
306 | ||
a2ea3b2f LP |
307 | default: |
308 | assert_not_reached("Unknown action."); | |
309 | } | |
310 | ||
311 | return 1; | |
312 | } | |
313 | ||
149afb45 | 314 | static int run(int argc, char *argv[]) { |
a2ea3b2f | 315 | _cleanup_(loop_device_unrefp) LoopDevice *d = NULL; |
18b5886e | 316 | _cleanup_(decrypted_image_unrefp) DecryptedImage *di = NULL; |
a2ea3b2f LP |
317 | _cleanup_(dissected_image_unrefp) DissectedImage *m = NULL; |
318 | int r; | |
319 | ||
320 | log_parse_environment(); | |
321 | log_open(); | |
322 | ||
323 | r = parse_argv(argc, argv); | |
324 | if (r <= 0) | |
149afb45 | 325 | return r; |
a2ea3b2f | 326 | |
e08f94ac | 327 | r = loop_device_make_by_path(arg_image, (arg_flags & DISSECT_IMAGE_READ_ONLY) ? O_RDONLY : O_RDWR, LO_FLAGS_PARTSCAN, &d); |
149afb45 YW |
328 | if (r < 0) |
329 | return log_error_errno(r, "Failed to set up loopback device: %m"); | |
a2ea3b2f | 330 | |
0389f4fa | 331 | r = verity_metadata_load(arg_image, NULL, arg_root_hash ? NULL : &arg_root_hash, &arg_root_hash_size, |
c2923fdc LB |
332 | arg_verity_data ? NULL : &arg_verity_data, |
333 | arg_root_hash_sig_path || arg_root_hash_sig ? NULL : &arg_root_hash_sig_path); | |
e7cbe5cb LB |
334 | if (r < 0) |
335 | return log_error_errno(r, "Failed to read verity artefacts for %s: %m", arg_image); | |
336 | arg_flags |= arg_verity_data ? DISSECT_IMAGE_NO_PARTITION_TABLE : 0; | |
78ebe980 | 337 | |
18d73705 | 338 | r = dissect_image_and_warn(d->fd, arg_image, arg_root_hash, arg_root_hash_size, arg_verity_data, NULL, arg_flags, &m); |
4526113f | 339 | if (r < 0) |
149afb45 | 340 | return r; |
a2ea3b2f LP |
341 | |
342 | switch (arg_action) { | |
343 | ||
344 | case ACTION_DISSECT: { | |
345 | unsigned i; | |
346 | ||
347 | for (i = 0; i < _PARTITION_DESIGNATOR_MAX; i++) { | |
348 | DissectedPartition *p = m->partitions + i; | |
349 | ||
350 | if (!p->found) | |
351 | continue; | |
352 | ||
353 | printf("Found %s '%s' partition", | |
354 | p->rw ? "writable" : "read-only", | |
355 | partition_designator_to_string(i)); | |
356 | ||
be30ad41 LP |
357 | if (!sd_id128_is_null(p->uuid)) |
358 | printf(" (UUID " SD_ID128_FORMAT_STR ")", SD_ID128_FORMAT_VAL(p->uuid)); | |
359 | ||
a2ea3b2f LP |
360 | if (p->fstype) |
361 | printf(" of type %s", p->fstype); | |
362 | ||
363 | if (p->architecture != _ARCHITECTURE_INVALID) | |
364 | printf(" for %s", architecture_to_string(p->architecture)); | |
365 | ||
e7cbe5cb LB |
366 | if (dissected_image_can_do_verity(m, i)) |
367 | printf(" %s verity", dissected_image_has_verity(m, i) ? "with" : "without"); | |
4623e8e6 | 368 | |
a2ea3b2f LP |
369 | if (p->partno >= 0) |
370 | printf(" on partition #%i", p->partno); | |
371 | ||
372 | if (p->node) | |
373 | printf(" (%s)", p->node); | |
374 | ||
375 | putchar('\n'); | |
376 | } | |
a1edd22e LP |
377 | |
378 | r = dissected_image_acquire_metadata(m); | |
149afb45 YW |
379 | if (r < 0) |
380 | return log_error_errno(r, "Failed to acquire image metadata: %m"); | |
a1edd22e LP |
381 | |
382 | if (m->hostname) | |
383 | printf(" Hostname: %s\n", m->hostname); | |
384 | ||
385 | if (!sd_id128_is_null(m->machine_id)) | |
386 | printf("Machine ID: " SD_ID128_FORMAT_STR "\n", SD_ID128_FORMAT_VAL(m->machine_id)); | |
387 | ||
388 | if (!strv_isempty(m->machine_info)) { | |
389 | char **p, **q; | |
390 | ||
391 | STRV_FOREACH_PAIR(p, q, m->machine_info) | |
392 | printf("%s %s=%s\n", | |
393 | p == m->machine_info ? "Mach. Info:" : " ", | |
394 | *p, *q); | |
395 | } | |
396 | ||
397 | if (!strv_isempty(m->os_release)) { | |
398 | char **p, **q; | |
399 | ||
400 | STRV_FOREACH_PAIR(p, q, m->os_release) | |
401 | printf("%s %s=%s\n", | |
402 | p == m->os_release ? "OS Release:" : " ", | |
403 | *p, *q); | |
404 | } | |
a2ea3b2f LP |
405 | |
406 | break; | |
407 | } | |
408 | ||
409 | case ACTION_MOUNT: | |
33973b84 LP |
410 | r = dissected_image_decrypt_interactively( |
411 | m, NULL, | |
412 | arg_root_hash, arg_root_hash_size, | |
413 | arg_verity_data, | |
414 | arg_root_hash_sig_path, arg_root_hash_sig, arg_root_hash_sig_size, | |
415 | arg_flags, | |
416 | &di); | |
18b5886e | 417 | if (r < 0) |
149afb45 | 418 | return r; |
18b5886e | 419 | |
2d3a5a73 | 420 | r = dissected_image_mount(m, arg_path, UID_INVALID, arg_flags); |
e475f729 LP |
421 | if (r == -EUCLEAN) |
422 | return log_error_errno(r, "File system check on image failed: %m"); | |
149afb45 YW |
423 | if (r < 0) |
424 | return log_error_errno(r, "Failed to mount image: %m"); | |
a2ea3b2f | 425 | |
18b5886e LP |
426 | if (di) { |
427 | r = decrypted_image_relinquish(di); | |
149afb45 YW |
428 | if (r < 0) |
429 | return log_error_errno(r, "Failed to relinquish DM devices: %m"); | |
18b5886e LP |
430 | } |
431 | ||
a2ea3b2f LP |
432 | loop_device_relinquish(d); |
433 | break; | |
434 | ||
33973b84 LP |
435 | case ACTION_COPY_FROM: |
436 | case ACTION_COPY_TO: { | |
437 | _cleanup_(umount_and_rmdir_and_freep) char *mounted_dir = NULL; | |
438 | _cleanup_(rmdir_and_freep) char *created_dir = NULL; | |
439 | _cleanup_free_ char *temp = NULL; | |
440 | ||
441 | r = dissected_image_decrypt_interactively( | |
442 | m, NULL, | |
443 | arg_root_hash, arg_root_hash_size, | |
444 | arg_verity_data, | |
445 | arg_root_hash_sig_path, arg_root_hash_sig, arg_root_hash_sig_size, | |
446 | arg_flags, | |
447 | &di); | |
448 | if (r < 0) | |
449 | return r; | |
450 | ||
451 | r = detach_mount_namespace(); | |
452 | if (r < 0) | |
453 | return log_error_errno(r, "Failed to detach mount namespace: %m"); | |
454 | ||
455 | r = tempfn_random_child(NULL, program_invocation_short_name, &temp); | |
456 | if (r < 0) | |
457 | return log_error_errno(r, "Failed to generate temporary mount directory: %m"); | |
458 | ||
459 | r = mkdir_p(temp, 0700); | |
460 | if (r < 0) | |
461 | return log_error_errno(r, "Failed to create mount point: %m"); | |
462 | ||
463 | created_dir = TAKE_PTR(temp); | |
464 | ||
465 | r = dissected_image_mount(m, created_dir, UID_INVALID, arg_flags); | |
466 | if (r == -EUCLEAN) | |
467 | return log_error_errno(r, "File system check on image failed: %m"); | |
468 | if (r < 0) | |
469 | return log_error_errno(r, "Failed to mount image: %m"); | |
470 | ||
471 | mounted_dir = TAKE_PTR(created_dir); | |
472 | ||
473 | if (di) { | |
474 | r = decrypted_image_relinquish(di); | |
475 | if (r < 0) | |
476 | return log_error_errno(r, "Failed to relinquish DM devices: %m"); | |
477 | } | |
478 | ||
479 | loop_device_relinquish(d); | |
480 | ||
481 | if (arg_action == ACTION_COPY_FROM) { | |
482 | _cleanup_close_ int source_fd = -1, target_fd = -1; | |
483 | ||
484 | source_fd = chase_symlinks_and_open(arg_source, mounted_dir, CHASE_PREFIX_ROOT|CHASE_WARN, O_RDONLY|O_CLOEXEC|O_NOCTTY, NULL); | |
485 | if (source_fd < 0) | |
486 | return log_error_errno(source_fd, "Failed to open source path '%s' in image '%s': %m", arg_source, arg_image); | |
487 | ||
488 | /* Copying to stdout? */ | |
489 | if (streq(arg_target, "-")) { | |
490 | r = copy_bytes(source_fd, STDOUT_FILENO, (uint64_t) -1, COPY_REFLINK); | |
491 | if (r < 0) | |
492 | return log_error_errno(r, "Failed to copy bytes from %s in mage '%s' to stdout: %m", arg_source, arg_image); | |
493 | ||
494 | /* When we copy to stdou we don't copy any attributes (i.e. no access mode, no ownership, no xattr, no times) */ | |
495 | break; | |
496 | } | |
497 | ||
498 | /* Try to copy as directory? */ | |
499 | r = copy_directory_fd(source_fd, arg_target, COPY_REFLINK|COPY_MERGE_EMPTY|COPY_SIGINT); | |
500 | if (r >= 0) | |
501 | break; | |
502 | if (r != -ENOTDIR) | |
503 | return log_error_errno(r, "Failed to copy %s in image '%s' to '%s': %m", arg_source, arg_image, arg_target); | |
504 | ||
505 | r = fd_verify_regular(source_fd); | |
506 | if (r == -EISDIR) | |
507 | return log_error_errno(r, "Target '%s' exists already and is not a directory.", arg_target); | |
508 | if (r < 0) | |
509 | return log_error_errno(r, "Source path %s in image '%s' is neither regular file nor directory, refusing: %m", arg_source, arg_image); | |
510 | ||
511 | /* Nah, it's a plain file! */ | |
512 | target_fd = open(arg_target, O_WRONLY|O_CREAT|O_EXCL|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0600); | |
513 | if (target_fd < 0) | |
514 | return log_error_errno(errno, "Failed to create regular file at target path '%s': %m", arg_target); | |
515 | ||
516 | r = copy_bytes(source_fd, target_fd, (uint64_t) -1, COPY_REFLINK); | |
517 | if (r < 0) | |
518 | return log_error_errno(r, "Failed to copy bytes from %s in mage '%s' to '%s': %m", arg_source, arg_image, arg_target); | |
519 | ||
520 | (void) copy_xattr(source_fd, target_fd); | |
521 | (void) copy_access(source_fd, target_fd); | |
522 | (void) copy_times(source_fd, target_fd, 0); | |
523 | ||
524 | /* When this is a regular file we don't copy ownership! */ | |
525 | ||
526 | } else { | |
527 | _cleanup_close_ int source_fd = -1, target_fd = -1; | |
528 | _cleanup_close_ int dfd = -1; | |
529 | _cleanup_free_ char *dn = NULL; | |
530 | ||
531 | assert(arg_action == ACTION_COPY_TO); | |
532 | ||
533 | dn = dirname_malloc(arg_target); | |
534 | if (!dn) | |
535 | return log_oom(); | |
536 | ||
537 | r = chase_symlinks(dn, mounted_dir, CHASE_PREFIX_ROOT|CHASE_WARN, NULL, &dfd); | |
538 | if (r < 0) | |
539 | return log_error_errno(r, "Failed to open '%s': %m", dn); | |
540 | ||
541 | /* Are we reading from stdin? */ | |
542 | if (streq(arg_source, "-")) { | |
543 | target_fd = openat(dfd, basename(arg_target), O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_EXCL, 0644); | |
544 | if (target_fd < 0) | |
545 | return log_error_errno(errno, "Failed to open target file '%s': %m", arg_target); | |
546 | ||
547 | r = copy_bytes(STDIN_FILENO, target_fd, (uint64_t) -1, COPY_REFLINK); | |
548 | if (r < 0) | |
549 | return log_error_errno(r, "Failed to copy bytes from stdin to '%s' in image '%s': %m", arg_target, arg_image); | |
550 | ||
551 | /* When we copy from stdin we don't copy any attributes (i.e. no access mode, no ownership, no xattr, no times) */ | |
552 | break; | |
553 | } | |
554 | ||
555 | source_fd = open(arg_source, O_RDONLY|O_CLOEXEC|O_NOCTTY); | |
556 | if (source_fd < 0) | |
557 | return log_error_errno(source_fd, "Failed to open source path '%s': %m", arg_source); | |
558 | ||
559 | r = fd_verify_regular(source_fd); | |
560 | if (r < 0) { | |
561 | if (r != -EISDIR) | |
562 | return log_error_errno(r, "Source '%s' is neither regular file nor directory: %m", arg_source); | |
563 | ||
564 | /* We are looking at a directory. */ | |
565 | ||
566 | target_fd = openat(dfd, basename(arg_target), O_RDONLY|O_DIRECTORY|O_CLOEXEC); | |
567 | if (target_fd < 0) { | |
568 | if (errno != ENOENT) | |
569 | return log_error_errno(errno, "Failed to open destination '%s': %m", arg_target); | |
570 | ||
571 | r = copy_tree_at(source_fd, ".", dfd, basename(arg_target), UID_INVALID, GID_INVALID, COPY_REFLINK|COPY_REPLACE|COPY_SIGINT); | |
572 | } else | |
573 | r = copy_tree_at(source_fd, ".", target_fd, ".", UID_INVALID, GID_INVALID, COPY_REFLINK|COPY_REPLACE|COPY_SIGINT); | |
574 | if (r < 0) | |
575 | return log_error_errno(r, "Failed to copy '%s' to '%s' in image '%s': %m", arg_source, arg_target, arg_image); | |
576 | ||
577 | break; | |
578 | } | |
579 | ||
580 | /* We area looking at a regular file */ | |
581 | target_fd = openat(dfd, basename(arg_target), O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_EXCL, 0600); | |
582 | if (target_fd < 0) | |
583 | return log_error_errno(errno, "Failed to open target file '%s': %m", arg_target); | |
584 | ||
585 | r = copy_bytes(source_fd, target_fd, (uint64_t) -1, COPY_REFLINK); | |
586 | if (r < 0) | |
587 | return log_error_errno(r, "Failed to copy bytes from '%s' to '%s' in image '%s': %m", arg_source, arg_target, arg_image); | |
588 | ||
589 | (void) copy_xattr(source_fd, target_fd); | |
590 | (void) copy_access(source_fd, target_fd); | |
591 | (void) copy_times(source_fd, target_fd, 0); | |
592 | ||
593 | /* When this is a regular file we don't copy ownership! */ | |
594 | } | |
595 | ||
596 | break; | |
597 | } | |
598 | ||
a2ea3b2f LP |
599 | default: |
600 | assert_not_reached("Unknown action."); | |
601 | } | |
602 | ||
149afb45 | 603 | return 0; |
a2ea3b2f | 604 | } |
149afb45 YW |
605 | |
606 | DEFINE_MAIN_FUNCTION(run); |