1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
31 #include <linux/magic.h>
32 #include <linux/oom.h>
33 #include <linux/sched.h>
35 #include <netinet/ip.h>
45 #include <sys/ioctl.h>
47 #include <sys/mount.h>
48 #include <sys/personality.h>
49 #include <sys/prctl.h>
50 #include <sys/resource.h>
52 #include <sys/statvfs.h>
54 #include <sys/types.h>
55 #include <sys/utsname.h>
58 #include <sys/xattr.h>
62 /* When we include libgen.h because we need dirname() we immediately
63 * undefine basename() since libgen.h defines it as a macro to the
64 * POSIX version which is really broken. We prefer GNU basename(). */
68 #ifdef HAVE_SYS_AUXV_H
72 /* We include linux/fs.h as last of the system headers, as it
73 * otherwise conflicts with sys/mount.h. Yay, Linux is great! */
78 #include "device-nodes.h"
81 #include "exit-status.h"
84 #include "formats-util.h"
87 #include "hostname-util.h"
93 #include "path-util.h"
94 #include "process-util.h"
95 #include "random-util.h"
96 #include "signal-util.h"
97 #include "sparse-endian.h"
98 #include "string-util.h"
100 #include "terminal-util.h"
101 #include "user-util.h"
106 /* Put this test here for a lack of better place */
107 assert_cc(EAGAIN
== EWOULDBLOCK
);
110 char **saved_argv
= NULL
;
112 size_t page_size(void) {
113 static thread_local
size_t pgsz
= 0;
116 if (_likely_(pgsz
> 0))
119 r
= sysconf(_SC_PAGESIZE
);
126 int unlink_noerrno(const char *path
) {
137 int parse_boolean(const char *v
) {
140 if (streq(v
, "1") || strcaseeq(v
, "yes") || strcaseeq(v
, "y") || strcaseeq(v
, "true") || strcaseeq(v
, "t") || strcaseeq(v
, "on"))
142 else if (streq(v
, "0") || strcaseeq(v
, "no") || strcaseeq(v
, "n") || strcaseeq(v
, "false") || strcaseeq(v
, "f") || strcaseeq(v
, "off"))
148 int parse_pid(const char *s
, pid_t
* ret_pid
) {
149 unsigned long ul
= 0;
156 r
= safe_atolu(s
, &ul
);
162 if ((unsigned long) pid
!= ul
)
172 int safe_atou(const char *s
, unsigned *ret_u
) {
180 l
= strtoul(s
, &x
, 0);
182 if (!x
|| x
== s
|| *x
|| errno
)
183 return errno
> 0 ? -errno
: -EINVAL
;
185 if ((unsigned long) (unsigned) l
!= l
)
188 *ret_u
= (unsigned) l
;
192 int safe_atoi(const char *s
, int *ret_i
) {
200 l
= strtol(s
, &x
, 0);
202 if (!x
|| x
== s
|| *x
|| errno
)
203 return errno
> 0 ? -errno
: -EINVAL
;
205 if ((long) (int) l
!= l
)
212 int safe_atou8(const char *s
, uint8_t *ret
) {
220 l
= strtoul(s
, &x
, 0);
222 if (!x
|| x
== s
|| *x
|| errno
)
223 return errno
> 0 ? -errno
: -EINVAL
;
225 if ((unsigned long) (uint8_t) l
!= l
)
232 int safe_atou16(const char *s
, uint16_t *ret
) {
240 l
= strtoul(s
, &x
, 0);
242 if (!x
|| x
== s
|| *x
|| errno
)
243 return errno
> 0 ? -errno
: -EINVAL
;
245 if ((unsigned long) (uint16_t) l
!= l
)
252 int safe_atoi16(const char *s
, int16_t *ret
) {
260 l
= strtol(s
, &x
, 0);
262 if (!x
|| x
== s
|| *x
|| errno
)
263 return errno
> 0 ? -errno
: -EINVAL
;
265 if ((long) (int16_t) l
!= l
)
272 int safe_atollu(const char *s
, long long unsigned *ret_llu
) {
274 unsigned long long l
;
280 l
= strtoull(s
, &x
, 0);
282 if (!x
|| x
== s
|| *x
|| errno
)
283 return errno
? -errno
: -EINVAL
;
289 int safe_atolli(const char *s
, long long int *ret_lli
) {
297 l
= strtoll(s
, &x
, 0);
299 if (!x
|| x
== s
|| *x
|| errno
)
300 return errno
? -errno
: -EINVAL
;
306 int safe_atod(const char *s
, double *ret_d
) {
314 loc
= newlocale(LC_NUMERIC_MASK
, "C", (locale_t
) 0);
315 if (loc
== (locale_t
) 0)
319 d
= strtod_l(s
, &x
, loc
);
321 if (!x
|| x
== s
|| *x
|| errno
) {
323 return errno
? -errno
: -EINVAL
;
332 int fchmod_umask(int fd
, mode_t m
) {
337 r
= fchmod(fd
, m
& (~u
)) < 0 ? -errno
: 0;
343 int readlinkat_malloc(int fd
, const char *p
, char **ret
) {
358 n
= readlinkat(fd
, p
, c
, l
-1);
365 if ((size_t) n
< l
-1) {
376 int readlink_malloc(const char *p
, char **ret
) {
377 return readlinkat_malloc(AT_FDCWD
, p
, ret
);
380 int readlink_value(const char *p
, char **ret
) {
381 _cleanup_free_
char *link
= NULL
;
385 r
= readlink_malloc(p
, &link
);
389 value
= basename(link
);
393 value
= strdup(value
);
402 int readlink_and_make_absolute(const char *p
, char **r
) {
403 _cleanup_free_
char *target
= NULL
;
410 j
= readlink_malloc(p
, &target
);
414 k
= file_in_same_dir(p
, target
);
422 int readlink_and_canonicalize(const char *p
, char **r
) {
429 j
= readlink_and_make_absolute(p
, &t
);
433 s
= canonicalize_file_name(t
);
440 path_kill_slashes(*r
);
445 char *file_in_same_dir(const char *path
, const char *filename
) {
452 /* This removes the last component of path and appends
453 * filename, unless the latter is absolute anyway or the
456 if (path_is_absolute(filename
))
457 return strdup(filename
);
459 e
= strrchr(path
, '/');
461 return strdup(filename
);
463 k
= strlen(filename
);
464 ret
= new(char, (e
+ 1 - path
) + k
+ 1);
468 memcpy(mempcpy(ret
, path
, e
+ 1 - path
), filename
, k
+ 1);
472 int rmdir_parents(const char *path
, const char *stop
) {
481 /* Skip trailing slashes */
482 while (l
> 0 && path
[l
-1] == '/')
488 /* Skip last component */
489 while (l
> 0 && path
[l
-1] != '/')
492 /* Skip trailing slashes */
493 while (l
> 0 && path
[l
-1] == '/')
499 if (!(t
= strndup(path
, l
)))
502 if (path_startswith(stop
, t
)) {
518 char hexchar(int x
) {
519 static const char table
[16] = "0123456789abcdef";
521 return table
[x
& 15];
524 int unhexchar(char c
) {
526 if (c
>= '0' && c
<= '9')
529 if (c
>= 'a' && c
<= 'f')
532 if (c
>= 'A' && c
<= 'F')
538 char *hexmem(const void *p
, size_t l
) {
542 z
= r
= malloc(l
* 2 + 1);
546 for (x
= p
; x
< (const uint8_t*) p
+ l
; x
++) {
547 *(z
++) = hexchar(*x
>> 4);
548 *(z
++) = hexchar(*x
& 15);
555 int unhexmem(const char *p
, size_t l
, void **mem
, size_t *len
) {
556 _cleanup_free_
uint8_t *r
= NULL
;
564 z
= r
= malloc((l
+ 1) / 2 + 1);
568 for (x
= p
; x
< p
+ l
; x
+= 2) {
574 else if (x
+1 < p
+ l
) {
581 *(z
++) = (uint8_t) a
<< 4 | (uint8_t) b
;
593 /* https://tools.ietf.org/html/rfc4648#section-6
594 * Notice that base32hex differs from base32 in the alphabet it uses.
595 * The distinction is that the base32hex representation preserves the
596 * order of the underlying data when compared as bytestrings, this is
597 * useful when representing NSEC3 hashes, as one can then verify the
598 * order of hashes directly from their representation. */
599 char base32hexchar(int x
) {
600 static const char table
[32] = "0123456789"
601 "ABCDEFGHIJKLMNOPQRSTUV";
603 return table
[x
& 31];
606 int unbase32hexchar(char c
) {
609 if (c
>= '0' && c
<= '9')
612 offset
= '9' - '0' + 1;
614 if (c
>= 'A' && c
<= 'V')
615 return c
- 'A' + offset
;
620 char *base32hexmem(const void *p
, size_t l
, bool padding
) {
626 /* five input bytes makes eight output bytes, padding is added so we must round up */
627 len
= 8 * (l
+ 4) / 5;
629 /* same, but round down as there is no padding */
648 z
= r
= malloc(len
+ 1);
652 for (x
= p
; x
< (const uint8_t*) p
+ (l
/ 5) * 5; x
+= 5) {
653 /* x[0] == XXXXXXXX; x[1] == YYYYYYYY; x[2] == ZZZZZZZZ
654 x[3] == QQQQQQQQ; x[4] == WWWWWWWW */
655 *(z
++) = base32hexchar(x
[0] >> 3); /* 000XXXXX */
656 *(z
++) = base32hexchar((x
[0] & 7) << 2 | x
[1] >> 6); /* 000XXXYY */
657 *(z
++) = base32hexchar((x
[1] & 63) >> 1); /* 000YYYYY */
658 *(z
++) = base32hexchar((x
[1] & 1) << 4 | x
[2] >> 4); /* 000YZZZZ */
659 *(z
++) = base32hexchar((x
[2] & 15) << 1 | x
[3] >> 7); /* 000ZZZZQ */
660 *(z
++) = base32hexchar((x
[3] & 127) >> 2); /* 000QQQQQ */
661 *(z
++) = base32hexchar((x
[3] & 3) << 3 | x
[4] >> 5); /* 000QQWWW */
662 *(z
++) = base32hexchar((x
[4] & 31)); /* 000WWWWW */
667 *(z
++) = base32hexchar(x
[0] >> 3); /* 000XXXXX */
668 *(z
++) = base32hexchar((x
[0] & 7) << 2 | x
[1] >> 6); /* 000XXXYY */
669 *(z
++) = base32hexchar((x
[1] & 63) >> 1); /* 000YYYYY */
670 *(z
++) = base32hexchar((x
[1] & 1) << 4 | x
[2] >> 4); /* 000YZZZZ */
671 *(z
++) = base32hexchar((x
[2] & 15) << 1 | x
[3] >> 7); /* 000ZZZZQ */
672 *(z
++) = base32hexchar((x
[3] & 127) >> 2); /* 000QQQQQ */
673 *(z
++) = base32hexchar((x
[3] & 3) << 3); /* 000QQ000 */
680 *(z
++) = base32hexchar(x
[0] >> 3); /* 000XXXXX */
681 *(z
++) = base32hexchar((x
[0] & 7) << 2 | x
[1] >> 6); /* 000XXXYY */
682 *(z
++) = base32hexchar((x
[1] & 63) >> 1); /* 000YYYYY */
683 *(z
++) = base32hexchar((x
[1] & 1) << 4 | x
[2] >> 4); /* 000YZZZZ */
684 *(z
++) = base32hexchar((x
[2] & 15) << 1); /* 000ZZZZ0 */
694 *(z
++) = base32hexchar(x
[0] >> 3); /* 000XXXXX */
695 *(z
++) = base32hexchar((x
[0] & 7) << 2 | x
[1] >> 6); /* 000XXXYY */
696 *(z
++) = base32hexchar((x
[1] & 63) >> 1); /* 000YYYYY */
697 *(z
++) = base32hexchar((x
[1] & 1) << 4); /* 000Y0000 */
708 *(z
++) = base32hexchar(x
[0] >> 3); /* 000XXXXX */
709 *(z
++) = base32hexchar((x
[0] & 7) << 2); /* 000XXX00 */
726 int unbase32hexmem(const char *p
, size_t l
, bool padding
, void **mem
, size_t *_len
) {
727 _cleanup_free_
uint8_t *r
= NULL
;
728 int a
, b
, c
, d
, e
, f
, g
, h
;
736 /* padding ensures any base32hex input has input divisible by 8 */
737 if (padding
&& l
% 8 != 0)
741 /* strip the padding */
742 while (l
> 0 && p
[l
- 1] == '=' && pad
< 7) {
748 /* a group of eight input bytes needs five output bytes, in case of
749 padding we need to add some extra bytes */
771 z
= r
= malloc(len
+ 1);
775 for (x
= p
; x
< p
+ (l
/ 8) * 8; x
+= 8) {
776 /* a == 000XXXXX; b == 000YYYYY; c == 000ZZZZZ; d == 000WWWWW
777 e == 000SSSSS; f == 000QQQQQ; g == 000VVVVV; h == 000RRRRR */
778 a
= unbase32hexchar(x
[0]);
782 b
= unbase32hexchar(x
[1]);
786 c
= unbase32hexchar(x
[2]);
790 d
= unbase32hexchar(x
[3]);
794 e
= unbase32hexchar(x
[4]);
798 f
= unbase32hexchar(x
[5]);
802 g
= unbase32hexchar(x
[6]);
806 h
= unbase32hexchar(x
[7]);
810 *(z
++) = (uint8_t) a
<< 3 | (uint8_t) b
>> 2; /* XXXXXYYY */
811 *(z
++) = (uint8_t) b
<< 6 | (uint8_t) c
<< 1 | (uint8_t) d
>> 4; /* YYZZZZZW */
812 *(z
++) = (uint8_t) d
<< 4 | (uint8_t) e
>> 1; /* WWWWSSSS */
813 *(z
++) = (uint8_t) e
<< 7 | (uint8_t) f
<< 2 | (uint8_t) g
>> 3; /* SQQQQQVV */
814 *(z
++) = (uint8_t) g
<< 5 | (uint8_t) h
; /* VVVRRRRR */
819 a
= unbase32hexchar(x
[0]);
823 b
= unbase32hexchar(x
[1]);
827 c
= unbase32hexchar(x
[2]);
831 d
= unbase32hexchar(x
[3]);
835 e
= unbase32hexchar(x
[4]);
839 f
= unbase32hexchar(x
[5]);
843 g
= unbase32hexchar(x
[6]);
851 *(z
++) = (uint8_t) a
<< 3 | (uint8_t) b
>> 2; /* XXXXXYYY */
852 *(z
++) = (uint8_t) b
<< 6 | (uint8_t) c
<< 1 | (uint8_t) d
>> 4; /* YYZZZZZW */
853 *(z
++) = (uint8_t) d
<< 4 | (uint8_t) e
>> 1; /* WWWWSSSS */
854 *(z
++) = (uint8_t) e
<< 7 | (uint8_t) f
<< 2 | (uint8_t) g
>> 3; /* SQQQQQVV */
858 a
= unbase32hexchar(x
[0]);
862 b
= unbase32hexchar(x
[1]);
866 c
= unbase32hexchar(x
[2]);
870 d
= unbase32hexchar(x
[3]);
874 e
= unbase32hexchar(x
[4]);
882 *(z
++) = (uint8_t) a
<< 3 | (uint8_t) b
>> 2; /* XXXXXYYY */
883 *(z
++) = (uint8_t) b
<< 6 | (uint8_t) c
<< 1 | (uint8_t) d
>> 4; /* YYZZZZZW */
884 *(z
++) = (uint8_t) d
<< 4 | (uint8_t) e
>> 1; /* WWWWSSSS */
888 a
= unbase32hexchar(x
[0]);
892 b
= unbase32hexchar(x
[1]);
896 c
= unbase32hexchar(x
[2]);
900 d
= unbase32hexchar(x
[3]);
908 *(z
++) = (uint8_t) a
<< 3 | (uint8_t) b
>> 2; /* XXXXXYYY */
909 *(z
++) = (uint8_t) b
<< 6 | (uint8_t) c
<< 1 | (uint8_t) d
>> 4; /* YYZZZZZW */
913 a
= unbase32hexchar(x
[0]);
917 b
= unbase32hexchar(x
[1]);
925 *(z
++) = (uint8_t) a
<< 3 | (uint8_t) b
>> 2; /* XXXXXYYY */
943 /* https://tools.ietf.org/html/rfc4648#section-4 */
944 char base64char(int x
) {
945 static const char table
[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
946 "abcdefghijklmnopqrstuvwxyz"
948 return table
[x
& 63];
951 int unbase64char(char c
) {
954 if (c
>= 'A' && c
<= 'Z')
957 offset
= 'Z' - 'A' + 1;
959 if (c
>= 'a' && c
<= 'z')
960 return c
- 'a' + offset
;
962 offset
+= 'z' - 'a' + 1;
964 if (c
>= '0' && c
<= '9')
965 return c
- '0' + offset
;
967 offset
+= '9' - '0' + 1;
980 char *base64mem(const void *p
, size_t l
) {
984 /* three input bytes makes four output bytes, padding is added so we must round up */
985 z
= r
= malloc(4 * (l
+ 2) / 3 + 1);
989 for (x
= p
; x
< (const uint8_t*) p
+ (l
/ 3) * 3; x
+= 3) {
990 /* x[0] == XXXXXXXX; x[1] == YYYYYYYY; x[2] == ZZZZZZZZ */
991 *(z
++) = base64char(x
[0] >> 2); /* 00XXXXXX */
992 *(z
++) = base64char((x
[0] & 3) << 4 | x
[1] >> 4); /* 00XXYYYY */
993 *(z
++) = base64char((x
[1] & 15) << 2 | x
[2] >> 6); /* 00YYYYZZ */
994 *(z
++) = base64char(x
[2] & 63); /* 00ZZZZZZ */
999 *(z
++) = base64char(x
[0] >> 2); /* 00XXXXXX */
1000 *(z
++) = base64char((x
[0] & 3) << 4 | x
[1] >> 4); /* 00XXYYYY */
1001 *(z
++) = base64char((x
[1] & 15) << 2); /* 00YYYY00 */
1006 *(z
++) = base64char(x
[0] >> 2); /* 00XXXXXX */
1007 *(z
++) = base64char((x
[0] & 3) << 4); /* 00XX0000 */
1018 int unbase64mem(const char *p
, size_t l
, void **mem
, size_t *_len
) {
1019 _cleanup_free_
uint8_t *r
= NULL
;
1027 /* padding ensures any base63 input has input divisible by 4 */
1031 /* strip the padding */
1032 if (l
> 0 && p
[l
- 1] == '=')
1034 if (l
> 0 && p
[l
- 1] == '=')
1037 /* a group of four input bytes needs three output bytes, in case of
1038 padding we need to add two or three extra bytes */
1039 len
= (l
/ 4) * 3 + (l
% 4 ? (l
% 4) - 1 : 0);
1041 z
= r
= malloc(len
+ 1);
1045 for (x
= p
; x
< p
+ (l
/ 4) * 4; x
+= 4) {
1046 /* a == 00XXXXXX; b == 00YYYYYY; c == 00ZZZZZZ; d == 00WWWWWW */
1047 a
= unbase64char(x
[0]);
1051 b
= unbase64char(x
[1]);
1055 c
= unbase64char(x
[2]);
1059 d
= unbase64char(x
[3]);
1063 *(z
++) = (uint8_t) a
<< 2 | (uint8_t) b
>> 4; /* XXXXXXYY */
1064 *(z
++) = (uint8_t) b
<< 4 | (uint8_t) c
>> 2; /* YYYYZZZZ */
1065 *(z
++) = (uint8_t) c
<< 6 | (uint8_t) d
; /* ZZWWWWWW */
1070 a
= unbase64char(x
[0]);
1074 b
= unbase64char(x
[1]);
1078 c
= unbase64char(x
[2]);
1086 *(z
++) = (uint8_t) a
<< 2 | (uint8_t) b
>> 4; /* XXXXXXYY */
1087 *(z
++) = (uint8_t) b
<< 4 | (uint8_t) c
>> 2; /* YYYYZZZZ */
1091 a
= unbase64char(x
[0]);
1095 b
= unbase64char(x
[1]);
1103 *(z
++) = (uint8_t) a
<< 2 | (uint8_t) (b
>> 4); /* XXXXXXYY */
1122 char octchar(int x
) {
1123 return '0' + (x
& 7);
1126 int unoctchar(char c
) {
1128 if (c
>= '0' && c
<= '7')
1134 char decchar(int x
) {
1135 return '0' + (x
% 10);
1138 int undecchar(char c
) {
1140 if (c
>= '0' && c
<= '9')
1146 _pure_
static bool hidden_file_allow_backup(const char *filename
) {
1150 filename
[0] == '.' ||
1151 streq(filename
, "lost+found") ||
1152 streq(filename
, "aquota.user") ||
1153 streq(filename
, "aquota.group") ||
1154 endswith(filename
, ".rpmnew") ||
1155 endswith(filename
, ".rpmsave") ||
1156 endswith(filename
, ".rpmorig") ||
1157 endswith(filename
, ".dpkg-old") ||
1158 endswith(filename
, ".dpkg-new") ||
1159 endswith(filename
, ".dpkg-tmp") ||
1160 endswith(filename
, ".dpkg-dist") ||
1161 endswith(filename
, ".dpkg-bak") ||
1162 endswith(filename
, ".dpkg-backup") ||
1163 endswith(filename
, ".dpkg-remove") ||
1164 endswith(filename
, ".swp");
1167 bool hidden_file(const char *filename
) {
1170 if (endswith(filename
, "~"))
1173 return hidden_file_allow_backup(filename
);
1176 bool fstype_is_network(const char *fstype
) {
1177 static const char table
[] =
1192 x
= startswith(fstype
, "fuse.");
1196 return nulstr_contains(table
, fstype
);
1199 int parse_size(const char *t
, uint64_t base
, uint64_t *size
) {
1201 /* Soo, sometimes we want to parse IEC binary suffixes, and
1202 * sometimes SI decimal suffixes. This function can parse
1203 * both. Which one is the right way depends on the
1204 * context. Wikipedia suggests that SI is customary for
1205 * hardware metrics and network speeds, while IEC is
1206 * customary for most data sizes used by software and volatile
1207 * (RAM) memory. Hence be careful which one you pick!
1209 * In either case we use just K, M, G as suffix, and not Ki,
1210 * Mi, Gi or so (as IEC would suggest). That's because that's
1211 * frickin' ugly. But this means you really need to make sure
1212 * to document which base you are parsing when you use this
1217 unsigned long long factor
;
1220 static const struct table iec
[] = {
1221 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
1222 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
1223 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
1224 { "G", 1024ULL*1024ULL*1024ULL },
1225 { "M", 1024ULL*1024ULL },
1231 static const struct table si
[] = {
1232 { "E", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
1233 { "P", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
1234 { "T", 1000ULL*1000ULL*1000ULL*1000ULL },
1235 { "G", 1000ULL*1000ULL*1000ULL },
1236 { "M", 1000ULL*1000ULL },
1242 const struct table
*table
;
1244 unsigned long long r
= 0;
1245 unsigned n_entries
, start_pos
= 0;
1248 assert(base
== 1000 || base
== 1024);
1253 n_entries
= ELEMENTSOF(si
);
1256 n_entries
= ELEMENTSOF(iec
);
1261 unsigned long long l
, tmp
;
1266 p
+= strspn(p
, WHITESPACE
);
1271 l
= strtoull(p
, &e
, 10);
1280 /* strtoull() itself would accept space/+/- */
1281 if (*e
>= '0' && *e
<= '9') {
1282 unsigned long long l2
;
1285 l2
= strtoull(e
, &e2
, 10);
1289 /* Ignore failure. E.g. 10.M is valid */
1296 e
+= strspn(e
, WHITESPACE
);
1298 for (i
= start_pos
; i
< n_entries
; i
++)
1299 if (startswith(e
, table
[i
].suffix
))
1305 if (l
+ (frac
> 0) > ULLONG_MAX
/ table
[i
].factor
)
1308 tmp
= l
* table
[i
].factor
+ (unsigned long long) (frac
* table
[i
].factor
);
1309 if (tmp
> ULLONG_MAX
- r
)
1313 if ((unsigned long long) (uint64_t) r
!= r
)
1316 p
= e
+ strlen(table
[i
].suffix
);
1327 bool is_device_path(const char *path
) {
1329 /* Returns true on paths that refer to a device, either in
1330 * sysfs or in /dev */
1333 path_startswith(path
, "/dev/") ||
1334 path_startswith(path
, "/sys/");
1337 int dir_is_empty(const char *path
) {
1338 _cleanup_closedir_
DIR *d
;
1345 FOREACH_DIRENT(de
, d
, return -errno
)
1351 char* dirname_malloc(const char *path
) {
1352 char *d
, *dir
, *dir2
;
1369 void rename_process(const char name
[8]) {
1372 /* This is a like a poor man's setproctitle(). It changes the
1373 * comm field, argv[0], and also the glibc's internally used
1374 * name of the process. For the first one a limit of 16 chars
1375 * applies, to the second one usually one of 10 (i.e. length
1376 * of "/sbin/init"), to the third one one of 7 (i.e. length of
1377 * "systemd"). If you pass a longer string it will be
1380 prctl(PR_SET_NAME
, name
);
1382 if (program_invocation_name
)
1383 strncpy(program_invocation_name
, name
, strlen(program_invocation_name
));
1385 if (saved_argc
> 0) {
1389 strncpy(saved_argv
[0], name
, strlen(saved_argv
[0]));
1391 for (i
= 1; i
< saved_argc
; i
++) {
1395 memzero(saved_argv
[i
], strlen(saved_argv
[i
]));
1400 bool is_fs_type(const struct statfs
*s
, statfs_f_type_t magic_value
) {
1402 assert_cc(sizeof(statfs_f_type_t
) >= sizeof(s
->f_type
));
1404 return F_TYPE_EQUAL(s
->f_type
, magic_value
);
1407 int fd_check_fstype(int fd
, statfs_f_type_t magic_value
) {
1410 if (fstatfs(fd
, &s
) < 0)
1413 return is_fs_type(&s
, magic_value
);
1416 int path_check_fstype(const char *path
, statfs_f_type_t magic_value
) {
1417 _cleanup_close_
int fd
= -1;
1419 fd
= open(path
, O_RDONLY
);
1423 return fd_check_fstype(fd
, magic_value
);
1426 bool is_temporary_fs(const struct statfs
*s
) {
1427 return is_fs_type(s
, TMPFS_MAGIC
) ||
1428 is_fs_type(s
, RAMFS_MAGIC
);
1431 int fd_is_temporary_fs(int fd
) {
1434 if (fstatfs(fd
, &s
) < 0)
1437 return is_temporary_fs(&s
);
1440 int chmod_and_chown(const char *path
, mode_t mode
, uid_t uid
, gid_t gid
) {
1443 /* Under the assumption that we are running privileged we
1444 * first change the access mode and only then hand out
1445 * ownership to avoid a window where access is too open. */
1447 if (mode
!= MODE_INVALID
)
1448 if (chmod(path
, mode
) < 0)
1451 if (uid
!= UID_INVALID
|| gid
!= GID_INVALID
)
1452 if (chown(path
, uid
, gid
) < 0)
1458 int fchmod_and_fchown(int fd
, mode_t mode
, uid_t uid
, gid_t gid
) {
1461 /* Under the assumption that we are running privileged we
1462 * first change the access mode and only then hand out
1463 * ownership to avoid a window where access is too open. */
1465 if (mode
!= MODE_INVALID
)
1466 if (fchmod(fd
, mode
) < 0)
1469 if (uid
!= UID_INVALID
|| gid
!= GID_INVALID
)
1470 if (fchown(fd
, uid
, gid
) < 0)
1476 int files_same(const char *filea
, const char *fileb
) {
1479 if (stat(filea
, &a
) < 0)
1482 if (stat(fileb
, &b
) < 0)
1485 return a
.st_dev
== b
.st_dev
&&
1486 a
.st_ino
== b
.st_ino
;
1489 int running_in_chroot(void) {
1492 ret
= files_same("/proc/1/root", "/");
1499 int touch_file(const char *path
, bool parents
, usec_t stamp
, uid_t uid
, gid_t gid
, mode_t mode
) {
1500 _cleanup_close_
int fd
;
1506 mkdir_parents(path
, 0755);
1508 fd
= open(path
, O_WRONLY
|O_CREAT
|O_CLOEXEC
|O_NOCTTY
, mode
> 0 ? mode
: 0644);
1513 r
= fchmod(fd
, mode
);
1518 if (uid
!= UID_INVALID
|| gid
!= GID_INVALID
) {
1519 r
= fchown(fd
, uid
, gid
);
1524 if (stamp
!= USEC_INFINITY
) {
1525 struct timespec ts
[2];
1527 timespec_store(&ts
[0], stamp
);
1529 r
= futimens(fd
, ts
);
1531 r
= futimens(fd
, NULL
);
1538 int touch(const char *path
) {
1539 return touch_file(path
, false, USEC_INFINITY
, UID_INVALID
, GID_INVALID
, 0);
1542 static char *unquote(const char *s
, const char* quotes
) {
1546 /* This is rather stupid, simply removes the heading and
1547 * trailing quotes if there is one. Doesn't care about
1548 * escaping or anything.
1550 * DON'T USE THIS FOR NEW CODE ANYMORE!*/
1556 if (strchr(quotes
, s
[0]) && s
[l
-1] == s
[0])
1557 return strndup(s
+1, l
-2);
1562 noreturn
void freeze(void) {
1564 /* Make sure nobody waits for us on a socket anymore */
1565 close_all_fds(NULL
, 0);
1573 bool null_or_empty(struct stat
*st
) {
1576 if (S_ISREG(st
->st_mode
) && st
->st_size
<= 0)
1579 if (S_ISCHR(st
->st_mode
) || S_ISBLK(st
->st_mode
))
1585 int null_or_empty_path(const char *fn
) {
1590 if (stat(fn
, &st
) < 0)
1593 return null_or_empty(&st
);
1596 int null_or_empty_fd(int fd
) {
1601 if (fstat(fd
, &st
) < 0)
1604 return null_or_empty(&st
);
1607 DIR *xopendirat(int fd
, const char *name
, int flags
) {
1611 assert(!(flags
& O_CREAT
));
1613 nfd
= openat(fd
, name
, O_RDONLY
|O_NONBLOCK
|O_DIRECTORY
|O_CLOEXEC
|flags
, 0);
1626 static char *tag_to_udev_node(const char *tagvalue
, const char *by
) {
1627 _cleanup_free_
char *t
= NULL
, *u
= NULL
;
1630 u
= unquote(tagvalue
, QUOTES
);
1634 enc_len
= strlen(u
) * 4 + 1;
1635 t
= new(char, enc_len
);
1639 if (encode_devnode_name(u
, t
, enc_len
) < 0)
1642 return strjoin("/dev/disk/by-", by
, "/", t
, NULL
);
1645 char *fstab_node_to_udev_node(const char *p
) {
1648 if (startswith(p
, "LABEL="))
1649 return tag_to_udev_node(p
+6, "label");
1651 if (startswith(p
, "UUID="))
1652 return tag_to_udev_node(p
+5, "uuid");
1654 if (startswith(p
, "PARTUUID="))
1655 return tag_to_udev_node(p
+9, "partuuid");
1657 if (startswith(p
, "PARTLABEL="))
1658 return tag_to_udev_node(p
+10, "partlabel");
1663 bool dirent_is_file(const struct dirent
*de
) {
1666 if (hidden_file(de
->d_name
))
1669 if (de
->d_type
!= DT_REG
&&
1670 de
->d_type
!= DT_LNK
&&
1671 de
->d_type
!= DT_UNKNOWN
)
1677 bool dirent_is_file_with_suffix(const struct dirent
*de
, const char *suffix
) {
1680 if (de
->d_type
!= DT_REG
&&
1681 de
->d_type
!= DT_LNK
&&
1682 de
->d_type
!= DT_UNKNOWN
)
1685 if (hidden_file_allow_backup(de
->d_name
))
1688 return endswith(de
->d_name
, suffix
);
1691 static int do_execute(char **directories
, usec_t timeout
, char *argv
[]) {
1692 _cleanup_hashmap_free_free_ Hashmap
*pids
= NULL
;
1693 _cleanup_set_free_free_ Set
*seen
= NULL
;
1696 /* We fork this all off from a child process so that we can
1697 * somewhat cleanly make use of SIGALRM to set a time limit */
1699 (void) reset_all_signal_handlers();
1700 (void) reset_signal_mask();
1702 assert_se(prctl(PR_SET_PDEATHSIG
, SIGTERM
) == 0);
1704 pids
= hashmap_new(NULL
);
1708 seen
= set_new(&string_hash_ops
);
1712 STRV_FOREACH(directory
, directories
) {
1713 _cleanup_closedir_
DIR *d
;
1716 d
= opendir(*directory
);
1718 if (errno
== ENOENT
)
1721 return log_error_errno(errno
, "Failed to open directory %s: %m", *directory
);
1724 FOREACH_DIRENT(de
, d
, break) {
1725 _cleanup_free_
char *path
= NULL
;
1729 if (!dirent_is_file(de
))
1732 if (set_contains(seen
, de
->d_name
)) {
1733 log_debug("%1$s/%2$s skipped (%2$s was already seen).", *directory
, de
->d_name
);
1737 r
= set_put_strdup(seen
, de
->d_name
);
1741 path
= strjoin(*directory
, "/", de
->d_name
, NULL
);
1745 if (null_or_empty_path(path
)) {
1746 log_debug("%s is empty (a mask).", path
);
1752 log_error_errno(errno
, "Failed to fork: %m");
1754 } else if (pid
== 0) {
1757 assert_se(prctl(PR_SET_PDEATHSIG
, SIGTERM
) == 0);
1767 return log_error_errno(errno
, "Failed to execute %s: %m", path
);
1770 log_debug("Spawned %s as " PID_FMT
".", path
, pid
);
1772 r
= hashmap_put(pids
, UINT_TO_PTR(pid
), path
);
1779 /* Abort execution of this process after the timout. We simply
1780 * rely on SIGALRM as default action terminating the process,
1781 * and turn on alarm(). */
1783 if (timeout
!= USEC_INFINITY
)
1784 alarm((timeout
+ USEC_PER_SEC
- 1) / USEC_PER_SEC
);
1786 while (!hashmap_isempty(pids
)) {
1787 _cleanup_free_
char *path
= NULL
;
1790 pid
= PTR_TO_UINT(hashmap_first_key(pids
));
1793 path
= hashmap_remove(pids
, UINT_TO_PTR(pid
));
1796 wait_for_terminate_and_warn(path
, pid
, true);
1802 void execute_directories(const char* const* directories
, usec_t timeout
, char *argv
[]) {
1806 char **dirs
= (char**) directories
;
1808 assert(!strv_isempty(dirs
));
1810 name
= basename(dirs
[0]);
1811 assert(!isempty(name
));
1813 /* Executes all binaries in the directories in parallel and waits
1814 * for them to finish. Optionally a timeout is applied. If a file
1815 * with the same name exists in more than one directory, the
1816 * earliest one wins. */
1818 executor_pid
= fork();
1819 if (executor_pid
< 0) {
1820 log_error_errno(errno
, "Failed to fork: %m");
1823 } else if (executor_pid
== 0) {
1824 r
= do_execute(dirs
, timeout
, argv
);
1825 _exit(r
< 0 ? EXIT_FAILURE
: EXIT_SUCCESS
);
1828 wait_for_terminate_and_warn(name
, executor_pid
, true);
1831 bool plymouth_running(void) {
1832 return access("/run/plymouth/pid", F_OK
) >= 0;
1835 int fopen_temporary(const char *path
, FILE **_f
, char **_temp_path
) {
1844 r
= tempfn_xxxxxx(path
, NULL
, &t
);
1848 fd
= mkostemp_safe(t
, O_WRONLY
|O_CLOEXEC
);
1854 f
= fdopen(fd
, "we");
1868 int symlink_atomic(const char *from
, const char *to
) {
1869 _cleanup_free_
char *t
= NULL
;
1875 r
= tempfn_random(to
, NULL
, &t
);
1879 if (symlink(from
, t
) < 0)
1882 if (rename(t
, to
) < 0) {
1890 int symlink_idempotent(const char *from
, const char *to
) {
1891 _cleanup_free_
char *p
= NULL
;
1897 if (symlink(from
, to
) < 0) {
1898 if (errno
!= EEXIST
)
1901 r
= readlink_malloc(to
, &p
);
1905 if (!streq(p
, from
))
1912 int mknod_atomic(const char *path
, mode_t mode
, dev_t dev
) {
1913 _cleanup_free_
char *t
= NULL
;
1918 r
= tempfn_random(path
, NULL
, &t
);
1922 if (mknod(t
, mode
, dev
) < 0)
1925 if (rename(t
, path
) < 0) {
1933 int mkfifo_atomic(const char *path
, mode_t mode
) {
1934 _cleanup_free_
char *t
= NULL
;
1939 r
= tempfn_random(path
, NULL
, &t
);
1943 if (mkfifo(t
, mode
) < 0)
1946 if (rename(t
, path
) < 0) {
1954 bool display_is_local(const char *display
) {
1958 display
[0] == ':' &&
1959 display
[1] >= '0' &&
1963 int socket_from_display(const char *display
, char **path
) {
1970 if (!display_is_local(display
))
1973 k
= strspn(display
+1, "0123456789");
1975 f
= new(char, strlen("/tmp/.X11-unix/X") + k
+ 1);
1979 c
= stpcpy(f
, "/tmp/.X11-unix/X");
1980 memcpy(c
, display
+1, k
);
1988 int glob_exists(const char *path
) {
1989 _cleanup_globfree_ glob_t g
= {};
1995 k
= glob(path
, GLOB_NOSORT
|GLOB_BRACE
, NULL
, &g
);
1997 if (k
== GLOB_NOMATCH
)
1999 else if (k
== GLOB_NOSPACE
)
2002 return !strv_isempty(g
.gl_pathv
);
2004 return errno
? -errno
: -EIO
;
2007 int glob_extend(char ***strv
, const char *path
) {
2008 _cleanup_globfree_ glob_t g
= {};
2013 k
= glob(path
, GLOB_NOSORT
|GLOB_BRACE
, NULL
, &g
);
2015 if (k
== GLOB_NOMATCH
)
2017 else if (k
== GLOB_NOSPACE
)
2019 else if (k
!= 0 || strv_isempty(g
.gl_pathv
))
2020 return errno
? -errno
: -EIO
;
2022 STRV_FOREACH(p
, g
.gl_pathv
) {
2023 k
= strv_extend(strv
, *p
);
2031 int dirent_ensure_type(DIR *d
, struct dirent
*de
) {
2037 if (de
->d_type
!= DT_UNKNOWN
)
2040 if (fstatat(dirfd(d
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0)
2044 S_ISREG(st
.st_mode
) ? DT_REG
:
2045 S_ISDIR(st
.st_mode
) ? DT_DIR
:
2046 S_ISLNK(st
.st_mode
) ? DT_LNK
:
2047 S_ISFIFO(st
.st_mode
) ? DT_FIFO
:
2048 S_ISSOCK(st
.st_mode
) ? DT_SOCK
:
2049 S_ISCHR(st
.st_mode
) ? DT_CHR
:
2050 S_ISBLK(st
.st_mode
) ? DT_BLK
:
2056 int get_files_in_directory(const char *path
, char ***list
) {
2057 _cleanup_closedir_
DIR *d
= NULL
;
2058 size_t bufsize
= 0, n
= 0;
2059 _cleanup_strv_free_
char **l
= NULL
;
2063 /* Returns all files in a directory in *list, and the number
2064 * of files as return value. If list is NULL returns only the
2076 if (!de
&& errno
!= 0)
2081 dirent_ensure_type(d
, de
);
2083 if (!dirent_is_file(de
))
2087 /* one extra slot is needed for the terminating NULL */
2088 if (!GREEDY_REALLOC(l
, bufsize
, n
+ 2))
2091 l
[n
] = strdup(de
->d_name
);
2102 l
= NULL
; /* avoid freeing */
2108 bool is_main_thread(void) {
2109 static thread_local
int cached
= 0;
2111 if (_unlikely_(cached
== 0))
2112 cached
= getpid() == gettid() ? 1 : -1;
2117 int block_get_whole_disk(dev_t d
, dev_t
*ret
) {
2124 /* If it has a queue this is good enough for us */
2125 if (asprintf(&p
, "/sys/dev/block/%u:%u/queue", major(d
), minor(d
)) < 0)
2128 r
= access(p
, F_OK
);
2136 /* If it is a partition find the originating device */
2137 if (asprintf(&p
, "/sys/dev/block/%u:%u/partition", major(d
), minor(d
)) < 0)
2140 r
= access(p
, F_OK
);
2146 /* Get parent dev_t */
2147 if (asprintf(&p
, "/sys/dev/block/%u:%u/../dev", major(d
), minor(d
)) < 0)
2150 r
= read_one_line_file(p
, &s
);
2156 r
= sscanf(s
, "%u:%u", &m
, &n
);
2162 /* Only return this if it is really good enough for us. */
2163 if (asprintf(&p
, "/sys/dev/block/%u:%u/queue", m
, n
) < 0)
2166 r
= access(p
, F_OK
);
2170 *ret
= makedev(m
, n
);
2177 static const char *const ioprio_class_table
[] = {
2178 [IOPRIO_CLASS_NONE
] = "none",
2179 [IOPRIO_CLASS_RT
] = "realtime",
2180 [IOPRIO_CLASS_BE
] = "best-effort",
2181 [IOPRIO_CLASS_IDLE
] = "idle"
2184 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ioprio_class
, int, INT_MAX
);
2186 static const char *const sigchld_code_table
[] = {
2187 [CLD_EXITED
] = "exited",
2188 [CLD_KILLED
] = "killed",
2189 [CLD_DUMPED
] = "dumped",
2190 [CLD_TRAPPED
] = "trapped",
2191 [CLD_STOPPED
] = "stopped",
2192 [CLD_CONTINUED
] = "continued",
2195 DEFINE_STRING_TABLE_LOOKUP(sigchld_code
, int);
2197 static const char *const log_facility_unshifted_table
[LOG_NFACILITIES
] = {
2198 [LOG_FAC(LOG_KERN
)] = "kern",
2199 [LOG_FAC(LOG_USER
)] = "user",
2200 [LOG_FAC(LOG_MAIL
)] = "mail",
2201 [LOG_FAC(LOG_DAEMON
)] = "daemon",
2202 [LOG_FAC(LOG_AUTH
)] = "auth",
2203 [LOG_FAC(LOG_SYSLOG
)] = "syslog",
2204 [LOG_FAC(LOG_LPR
)] = "lpr",
2205 [LOG_FAC(LOG_NEWS
)] = "news",
2206 [LOG_FAC(LOG_UUCP
)] = "uucp",
2207 [LOG_FAC(LOG_CRON
)] = "cron",
2208 [LOG_FAC(LOG_AUTHPRIV
)] = "authpriv",
2209 [LOG_FAC(LOG_FTP
)] = "ftp",
2210 [LOG_FAC(LOG_LOCAL0
)] = "local0",
2211 [LOG_FAC(LOG_LOCAL1
)] = "local1",
2212 [LOG_FAC(LOG_LOCAL2
)] = "local2",
2213 [LOG_FAC(LOG_LOCAL3
)] = "local3",
2214 [LOG_FAC(LOG_LOCAL4
)] = "local4",
2215 [LOG_FAC(LOG_LOCAL5
)] = "local5",
2216 [LOG_FAC(LOG_LOCAL6
)] = "local6",
2217 [LOG_FAC(LOG_LOCAL7
)] = "local7"
2220 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_facility_unshifted
, int, LOG_FAC(~0));
2222 bool log_facility_unshifted_is_valid(int facility
) {
2223 return facility
>= 0 && facility
<= LOG_FAC(~0);
2226 static const char *const log_level_table
[] = {
2227 [LOG_EMERG
] = "emerg",
2228 [LOG_ALERT
] = "alert",
2229 [LOG_CRIT
] = "crit",
2231 [LOG_WARNING
] = "warning",
2232 [LOG_NOTICE
] = "notice",
2233 [LOG_INFO
] = "info",
2234 [LOG_DEBUG
] = "debug"
2237 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_level
, int, LOG_DEBUG
);
2239 bool log_level_is_valid(int level
) {
2240 return level
>= 0 && level
<= LOG_DEBUG
;
2243 static const char* const sched_policy_table
[] = {
2244 [SCHED_OTHER
] = "other",
2245 [SCHED_BATCH
] = "batch",
2246 [SCHED_IDLE
] = "idle",
2247 [SCHED_FIFO
] = "fifo",
2251 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(sched_policy
, int, INT_MAX
);
2253 static const char* const rlimit_table
[_RLIMIT_MAX
] = {
2254 [RLIMIT_CPU
] = "LimitCPU",
2255 [RLIMIT_FSIZE
] = "LimitFSIZE",
2256 [RLIMIT_DATA
] = "LimitDATA",
2257 [RLIMIT_STACK
] = "LimitSTACK",
2258 [RLIMIT_CORE
] = "LimitCORE",
2259 [RLIMIT_RSS
] = "LimitRSS",
2260 [RLIMIT_NOFILE
] = "LimitNOFILE",
2261 [RLIMIT_AS
] = "LimitAS",
2262 [RLIMIT_NPROC
] = "LimitNPROC",
2263 [RLIMIT_MEMLOCK
] = "LimitMEMLOCK",
2264 [RLIMIT_LOCKS
] = "LimitLOCKS",
2265 [RLIMIT_SIGPENDING
] = "LimitSIGPENDING",
2266 [RLIMIT_MSGQUEUE
] = "LimitMSGQUEUE",
2267 [RLIMIT_NICE
] = "LimitNICE",
2268 [RLIMIT_RTPRIO
] = "LimitRTPRIO",
2269 [RLIMIT_RTTIME
] = "LimitRTTIME"
2272 DEFINE_STRING_TABLE_LOOKUP(rlimit
, int);
2274 static const char* const ip_tos_table
[] = {
2275 [IPTOS_LOWDELAY
] = "low-delay",
2276 [IPTOS_THROUGHPUT
] = "throughput",
2277 [IPTOS_RELIABILITY
] = "reliability",
2278 [IPTOS_LOWCOST
] = "low-cost",
2281 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ip_tos
, int, 0xff);
2283 bool kexec_loaded(void) {
2284 bool loaded
= false;
2287 if (read_one_line_file("/sys/kernel/kexec_loaded", &s
) >= 0) {
2295 int prot_from_flags(int flags
) {
2297 switch (flags
& O_ACCMODE
) {
2306 return PROT_READ
|PROT_WRITE
;
2313 char *format_bytes(char *buf
, size_t l
, uint64_t t
) {
2316 static const struct {
2320 { "E", UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024) },
2321 { "P", UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024) },
2322 { "T", UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024) },
2323 { "G", UINT64_C(1024)*UINT64_C(1024)*UINT64_C(1024) },
2324 { "M", UINT64_C(1024)*UINT64_C(1024) },
2325 { "K", UINT64_C(1024) },
2328 if (t
== (uint64_t) -1)
2331 for (i
= 0; i
< ELEMENTSOF(table
); i
++) {
2333 if (t
>= table
[i
].factor
) {
2335 "%" PRIu64
".%" PRIu64
"%s",
2336 t
/ table
[i
].factor
,
2337 ((t
*UINT64_C(10)) / table
[i
].factor
) % UINT64_C(10),
2344 snprintf(buf
, l
, "%" PRIu64
"B", t
);
2352 void* memdup(const void *p
, size_t l
) {
2365 int fd_inc_sndbuf(int fd
, size_t n
) {
2367 socklen_t l
= sizeof(value
);
2369 r
= getsockopt(fd
, SOL_SOCKET
, SO_SNDBUF
, &value
, &l
);
2370 if (r
>= 0 && l
== sizeof(value
) && (size_t) value
>= n
*2)
2373 /* If we have the privileges we will ignore the kernel limit. */
2376 if (setsockopt(fd
, SOL_SOCKET
, SO_SNDBUFFORCE
, &value
, sizeof(value
)) < 0)
2377 if (setsockopt(fd
, SOL_SOCKET
, SO_SNDBUF
, &value
, sizeof(value
)) < 0)
2383 int fd_inc_rcvbuf(int fd
, size_t n
) {
2385 socklen_t l
= sizeof(value
);
2387 r
= getsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &value
, &l
);
2388 if (r
>= 0 && l
== sizeof(value
) && (size_t) value
>= n
*2)
2391 /* If we have the privileges we will ignore the kernel limit. */
2394 if (setsockopt(fd
, SOL_SOCKET
, SO_RCVBUFFORCE
, &value
, sizeof(value
)) < 0)
2395 if (setsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &value
, sizeof(value
)) < 0)
2400 int fork_agent(pid_t
*pid
, const int except
[], unsigned n_except
, const char *path
, ...) {
2401 bool stdout_is_tty
, stderr_is_tty
;
2402 pid_t parent_pid
, agent_pid
;
2403 sigset_t ss
, saved_ss
;
2411 /* Spawns a temporary TTY agent, making sure it goes away when
2414 parent_pid
= getpid();
2416 /* First we temporarily block all signals, so that the new
2417 * child has them blocked initially. This way, we can be sure
2418 * that SIGTERMs are not lost we might send to the agent. */
2419 assert_se(sigfillset(&ss
) >= 0);
2420 assert_se(sigprocmask(SIG_SETMASK
, &ss
, &saved_ss
) >= 0);
2423 if (agent_pid
< 0) {
2424 assert_se(sigprocmask(SIG_SETMASK
, &saved_ss
, NULL
) >= 0);
2428 if (agent_pid
!= 0) {
2429 assert_se(sigprocmask(SIG_SETMASK
, &saved_ss
, NULL
) >= 0);
2436 * Make sure the agent goes away when the parent dies */
2437 if (prctl(PR_SET_PDEATHSIG
, SIGTERM
) < 0)
2438 _exit(EXIT_FAILURE
);
2440 /* Make sure we actually can kill the agent, if we need to, in
2441 * case somebody invoked us from a shell script that trapped
2442 * SIGTERM or so... */
2443 (void) reset_all_signal_handlers();
2444 (void) reset_signal_mask();
2446 /* Check whether our parent died before we were able
2447 * to set the death signal and unblock the signals */
2448 if (getppid() != parent_pid
)
2449 _exit(EXIT_SUCCESS
);
2451 /* Don't leak fds to the agent */
2452 close_all_fds(except
, n_except
);
2454 stdout_is_tty
= isatty(STDOUT_FILENO
);
2455 stderr_is_tty
= isatty(STDERR_FILENO
);
2457 if (!stdout_is_tty
|| !stderr_is_tty
) {
2460 /* Detach from stdout/stderr. and reopen
2461 * /dev/tty for them. This is important to
2462 * ensure that when systemctl is started via
2463 * popen() or a similar call that expects to
2464 * read EOF we actually do generate EOF and
2465 * not delay this indefinitely by because we
2466 * keep an unused copy of stdin around. */
2467 fd
= open("/dev/tty", O_WRONLY
);
2469 log_error_errno(errno
, "Failed to open /dev/tty: %m");
2470 _exit(EXIT_FAILURE
);
2474 dup2(fd
, STDOUT_FILENO
);
2477 dup2(fd
, STDERR_FILENO
);
2483 /* Count arguments */
2485 for (n
= 0; va_arg(ap
, char*); n
++)
2490 l
= alloca(sizeof(char *) * (n
+ 1));
2492 /* Fill in arguments */
2494 for (i
= 0; i
<= n
; i
++)
2495 l
[i
] = va_arg(ap
, char*);
2499 _exit(EXIT_FAILURE
);
2502 int setrlimit_closest(int resource
, const struct rlimit
*rlim
) {
2503 struct rlimit highest
, fixed
;
2507 if (setrlimit(resource
, rlim
) >= 0)
2513 /* So we failed to set the desired setrlimit, then let's try
2514 * to get as close as we can */
2515 assert_se(getrlimit(resource
, &highest
) == 0);
2517 fixed
.rlim_cur
= MIN(rlim
->rlim_cur
, highest
.rlim_max
);
2518 fixed
.rlim_max
= MIN(rlim
->rlim_max
, highest
.rlim_max
);
2520 if (setrlimit(resource
, &fixed
) < 0)
2526 bool http_etag_is_valid(const char *etag
) {
2530 if (!endswith(etag
, "\""))
2533 if (!startswith(etag
, "\"") && !startswith(etag
, "W/\""))
2539 bool http_url_is_valid(const char *url
) {
2545 p
= startswith(url
, "http://");
2547 p
= startswith(url
, "https://");
2554 return ascii_is_valid(p
);
2557 bool documentation_url_is_valid(const char *url
) {
2563 if (http_url_is_valid(url
))
2566 p
= startswith(url
, "file:/");
2568 p
= startswith(url
, "info:");
2570 p
= startswith(url
, "man:");
2575 return ascii_is_valid(p
);
2578 bool in_initrd(void) {
2579 static int saved
= -1;
2585 /* We make two checks here:
2587 * 1. the flag file /etc/initrd-release must exist
2588 * 2. the root file system must be a memory file system
2590 * The second check is extra paranoia, since misdetecting an
2591 * initrd can have bad bad consequences due the initrd
2592 * emptying when transititioning to the main systemd.
2595 saved
= access("/etc/initrd-release", F_OK
) >= 0 &&
2596 statfs("/", &s
) >= 0 &&
2597 is_temporary_fs(&s
);
2602 bool filename_is_valid(const char *p
) {
2616 if (strlen(p
) > FILENAME_MAX
)
2622 bool string_is_safe(const char *p
) {
2628 for (t
= p
; *t
; t
++) {
2629 if (*t
> 0 && *t
< ' ')
2632 if (strchr("\\\"\'\x7f", *t
))
2639 bool path_is_safe(const char *p
) {
2644 if (streq(p
, "..") || startswith(p
, "../") || endswith(p
, "/..") || strstr(p
, "/../"))
2647 if (strlen(p
)+1 > PATH_MAX
)
2650 /* The following two checks are not really dangerous, but hey, they still are confusing */
2651 if (streq(p
, ".") || startswith(p
, "./") || endswith(p
, "/.") || strstr(p
, "/./"))
2654 if (strstr(p
, "//"))
2660 /* hey glibc, APIs with callbacks without a user pointer are so useless */
2661 void *xbsearch_r(const void *key
, const void *base
, size_t nmemb
, size_t size
,
2662 int (*compar
) (const void *, const void *, void *), void *arg
) {
2671 p
= (void *)(((const char *) base
) + (idx
* size
));
2672 comparison
= compar(key
, p
, arg
);
2675 else if (comparison
> 0)
2683 void init_gettext(void) {
2684 setlocale(LC_ALL
, "");
2685 textdomain(GETTEXT_PACKAGE
);
2688 bool is_locale_utf8(void) {
2690 static int cached_answer
= -1;
2692 if (cached_answer
>= 0)
2695 if (!setlocale(LC_ALL
, "")) {
2696 cached_answer
= true;
2700 set
= nl_langinfo(CODESET
);
2702 cached_answer
= true;
2706 if (streq(set
, "UTF-8")) {
2707 cached_answer
= true;
2711 /* For LC_CTYPE=="C" return true, because CTYPE is effectly
2712 * unset and everything can do to UTF-8 nowadays. */
2713 set
= setlocale(LC_CTYPE
, NULL
);
2715 cached_answer
= true;
2719 /* Check result, but ignore the result if C was set
2722 STR_IN_SET(set
, "C", "POSIX") &&
2723 !getenv("LC_ALL") &&
2724 !getenv("LC_CTYPE") &&
2728 return (bool) cached_answer
;
2731 const char *draw_special_char(DrawSpecialChar ch
) {
2732 static const char *draw_table
[2][_DRAW_SPECIAL_CHAR_MAX
] = {
2735 [DRAW_TREE_VERTICAL
] = "\342\224\202 ", /* │ */
2736 [DRAW_TREE_BRANCH
] = "\342\224\234\342\224\200", /* ├─ */
2737 [DRAW_TREE_RIGHT
] = "\342\224\224\342\224\200", /* └─ */
2738 [DRAW_TREE_SPACE
] = " ", /* */
2739 [DRAW_TRIANGULAR_BULLET
] = "\342\200\243", /* ‣ */
2740 [DRAW_BLACK_CIRCLE
] = "\342\227\217", /* ● */
2741 [DRAW_ARROW
] = "\342\206\222", /* → */
2742 [DRAW_DASH
] = "\342\200\223", /* – */
2745 /* ASCII fallback */ {
2746 [DRAW_TREE_VERTICAL
] = "| ",
2747 [DRAW_TREE_BRANCH
] = "|-",
2748 [DRAW_TREE_RIGHT
] = "`-",
2749 [DRAW_TREE_SPACE
] = " ",
2750 [DRAW_TRIANGULAR_BULLET
] = ">",
2751 [DRAW_BLACK_CIRCLE
] = "*",
2752 [DRAW_ARROW
] = "->",
2757 return draw_table
[!is_locale_utf8()][ch
];
2760 int on_ac_power(void) {
2761 bool found_offline
= false, found_online
= false;
2762 _cleanup_closedir_
DIR *d
= NULL
;
2764 d
= opendir("/sys/class/power_supply");
2766 return errno
== ENOENT
? true : -errno
;
2770 _cleanup_close_
int fd
= -1, device
= -1;
2776 if (!de
&& errno
!= 0)
2782 if (hidden_file(de
->d_name
))
2785 device
= openat(dirfd(d
), de
->d_name
, O_DIRECTORY
|O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
2787 if (errno
== ENOENT
|| errno
== ENOTDIR
)
2793 fd
= openat(device
, "type", O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
2795 if (errno
== ENOENT
)
2801 n
= read(fd
, contents
, sizeof(contents
));
2805 if (n
!= 6 || memcmp(contents
, "Mains\n", 6))
2809 fd
= openat(device
, "online", O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
2811 if (errno
== ENOENT
)
2817 n
= read(fd
, contents
, sizeof(contents
));
2821 if (n
!= 2 || contents
[1] != '\n')
2824 if (contents
[0] == '1') {
2825 found_online
= true;
2827 } else if (contents
[0] == '0')
2828 found_offline
= true;
2833 return found_online
|| !found_offline
;
2836 static int search_and_fopen_internal(const char *path
, const char *mode
, const char *root
, char **search
, FILE **_f
) {
2843 if (!path_strv_resolve_uniq(search
, root
))
2846 STRV_FOREACH(i
, search
) {
2847 _cleanup_free_
char *p
= NULL
;
2851 p
= strjoin(root
, *i
, "/", path
, NULL
);
2853 p
= strjoin(*i
, "/", path
, NULL
);
2863 if (errno
!= ENOENT
)
2870 int search_and_fopen(const char *path
, const char *mode
, const char *root
, const char **search
, FILE **_f
) {
2871 _cleanup_strv_free_
char **copy
= NULL
;
2877 if (path_is_absolute(path
)) {
2880 f
= fopen(path
, mode
);
2889 copy
= strv_copy((char**) search
);
2893 return search_and_fopen_internal(path
, mode
, root
, copy
, _f
);
2896 int search_and_fopen_nulstr(const char *path
, const char *mode
, const char *root
, const char *search
, FILE **_f
) {
2897 _cleanup_strv_free_
char **s
= NULL
;
2899 if (path_is_absolute(path
)) {
2902 f
= fopen(path
, mode
);
2911 s
= strv_split_nulstr(search
);
2915 return search_and_fopen_internal(path
, mode
, root
, s
, _f
);
2918 void* greedy_realloc(void **p
, size_t *allocated
, size_t need
, size_t size
) {
2925 if (*allocated
>= need
)
2928 newalloc
= MAX(need
* 2, 64u / size
);
2929 a
= newalloc
* size
;
2931 /* check for overflows */
2932 if (a
< size
* need
)
2940 *allocated
= newalloc
;
2944 void* greedy_realloc0(void **p
, size_t *allocated
, size_t need
, size_t size
) {
2953 q
= greedy_realloc(p
, allocated
, need
, size
);
2957 if (*allocated
> prev
)
2958 memzero(q
+ prev
* size
, (*allocated
- prev
) * size
);
2963 bool id128_is_valid(const char *s
) {
2969 /* Simple formatted 128bit hex string */
2971 for (i
= 0; i
< l
; i
++) {
2974 if (!(c
>= '0' && c
<= '9') &&
2975 !(c
>= 'a' && c
<= 'z') &&
2976 !(c
>= 'A' && c
<= 'Z'))
2980 } else if (l
== 36) {
2982 /* Formatted UUID */
2984 for (i
= 0; i
< l
; i
++) {
2987 if ((i
== 8 || i
== 13 || i
== 18 || i
== 23)) {
2991 if (!(c
>= '0' && c
<= '9') &&
2992 !(c
>= 'a' && c
<= 'z') &&
2993 !(c
>= 'A' && c
<= 'Z'))
3004 int shall_restore_state(void) {
3005 _cleanup_free_
char *value
= NULL
;
3008 r
= get_proc_cmdline_key("systemd.restore_state=", &value
);
3014 return parse_boolean(value
) != 0;
3017 int proc_cmdline(char **ret
) {
3020 if (detect_container() > 0)
3021 return get_process_cmdline(1, 0, false, ret
);
3023 return read_one_line_file("/proc/cmdline", ret
);
3026 int parse_proc_cmdline(int (*parse_item
)(const char *key
, const char *value
)) {
3027 _cleanup_free_
char *line
= NULL
;
3033 r
= proc_cmdline(&line
);
3039 _cleanup_free_
char *word
= NULL
;
3042 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
|EXTRACT_RELAX
);
3048 /* Filter out arguments that are intended only for the
3050 if (!in_initrd() && startswith(word
, "rd."))
3053 value
= strchr(word
, '=');
3057 r
= parse_item(word
, value
);
3065 int get_proc_cmdline_key(const char *key
, char **value
) {
3066 _cleanup_free_
char *line
= NULL
, *ret
= NULL
;
3073 r
= proc_cmdline(&line
);
3079 _cleanup_free_
char *word
= NULL
;
3082 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
|EXTRACT_RELAX
);
3088 /* Filter out arguments that are intended only for the
3090 if (!in_initrd() && startswith(word
, "rd."))
3094 e
= startswith(word
, key
);
3098 r
= free_and_strdup(&ret
, e
);
3104 if (streq(word
, key
))
3118 int container_get_leader(const char *machine
, pid_t
*pid
) {
3119 _cleanup_free_
char *s
= NULL
, *class = NULL
;
3127 if (!machine_name_is_valid(machine
))
3130 p
= strjoina("/run/systemd/machines/", machine
);
3131 r
= parse_env_file(p
, NEWLINE
, "LEADER", &s
, "CLASS", &class, NULL
);
3139 if (!streq_ptr(class, "container"))
3142 r
= parse_pid(s
, &leader
);
3152 int namespace_open(pid_t pid
, int *pidns_fd
, int *mntns_fd
, int *netns_fd
, int *userns_fd
, int *root_fd
) {
3153 _cleanup_close_
int pidnsfd
= -1, mntnsfd
= -1, netnsfd
= -1, usernsfd
= -1;
3161 mntns
= procfs_file_alloca(pid
, "ns/mnt");
3162 mntnsfd
= open(mntns
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
);
3170 pidns
= procfs_file_alloca(pid
, "ns/pid");
3171 pidnsfd
= open(pidns
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
);
3179 netns
= procfs_file_alloca(pid
, "ns/net");
3180 netnsfd
= open(netns
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
);
3188 userns
= procfs_file_alloca(pid
, "ns/user");
3189 usernsfd
= open(userns
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
);
3190 if (usernsfd
< 0 && errno
!= ENOENT
)
3197 root
= procfs_file_alloca(pid
, "root");
3198 rfd
= open(root
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
|O_DIRECTORY
);
3204 *pidns_fd
= pidnsfd
;
3207 *mntns_fd
= mntnsfd
;
3210 *netns_fd
= netnsfd
;
3213 *userns_fd
= usernsfd
;
3218 pidnsfd
= mntnsfd
= netnsfd
= usernsfd
= -1;
3223 int namespace_enter(int pidns_fd
, int mntns_fd
, int netns_fd
, int userns_fd
, int root_fd
) {
3224 if (userns_fd
>= 0) {
3225 /* Can't setns to your own userns, since then you could
3226 * escalate from non-root to root in your own namespace, so
3227 * check if namespaces equal before attempting to enter. */
3228 _cleanup_free_
char *userns_fd_path
= NULL
;
3230 if (asprintf(&userns_fd_path
, "/proc/self/fd/%d", userns_fd
) < 0)
3233 r
= files_same(userns_fd_path
, "/proc/self/ns/user");
3241 if (setns(pidns_fd
, CLONE_NEWPID
) < 0)
3245 if (setns(mntns_fd
, CLONE_NEWNS
) < 0)
3249 if (setns(netns_fd
, CLONE_NEWNET
) < 0)
3253 if (setns(userns_fd
, CLONE_NEWUSER
) < 0)
3257 if (fchdir(root_fd
) < 0)
3260 if (chroot(".") < 0)
3264 return reset_uid_gid();
3267 int getpeercred(int fd
, struct ucred
*ucred
) {
3268 socklen_t n
= sizeof(struct ucred
);
3275 r
= getsockopt(fd
, SOL_SOCKET
, SO_PEERCRED
, &u
, &n
);
3279 if (n
!= sizeof(struct ucred
))
3282 /* Check if the data is actually useful and not suppressed due
3283 * to namespacing issues */
3286 if (u
.uid
== UID_INVALID
)
3288 if (u
.gid
== GID_INVALID
)
3295 int getpeersec(int fd
, char **ret
) {
3307 r
= getsockopt(fd
, SOL_SOCKET
, SO_PEERSEC
, s
, &n
);
3311 if (errno
!= ERANGE
)
3318 r
= getsockopt(fd
, SOL_SOCKET
, SO_PEERSEC
, s
, &n
);
3334 /* This is much like like mkostemp() but is subject to umask(). */
3335 int mkostemp_safe(char *pattern
, int flags
) {
3336 _cleanup_umask_ mode_t u
;
3343 fd
= mkostemp(pattern
, flags
);
3350 int open_tmpfile(const char *path
, int flags
) {
3357 /* Try O_TMPFILE first, if it is supported */
3358 fd
= open(path
, flags
|O_TMPFILE
|O_EXCL
, S_IRUSR
|S_IWUSR
);
3363 /* Fall back to unguessable name + unlinking */
3364 p
= strjoina(path
, "/systemd-tmp-XXXXXX");
3366 fd
= mkostemp_safe(p
, flags
);
3374 int fd_warn_permissions(const char *path
, int fd
) {
3377 if (fstat(fd
, &st
) < 0)
3380 if (st
.st_mode
& 0111)
3381 log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path
);
3383 if (st
.st_mode
& 0002)
3384 log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path
);
3386 if (getpid() == 1 && (st
.st_mode
& 0044) != 0044)
3387 log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path
);
3392 unsigned long personality_from_string(const char *p
) {
3394 /* Parse a personality specifier. We introduce our own
3395 * identifiers that indicate specific ABIs, rather than just
3396 * hints regarding the register size, since we want to keep
3397 * things open for multiple locally supported ABIs for the
3398 * same register size. We try to reuse the ABI identifiers
3399 * used by libseccomp. */
3401 #if defined(__x86_64__)
3403 if (streq(p
, "x86"))
3406 if (streq(p
, "x86-64"))
3409 #elif defined(__i386__)
3411 if (streq(p
, "x86"))
3414 #elif defined(__s390x__)
3416 if (streq(p
, "s390"))
3419 if (streq(p
, "s390x"))
3422 #elif defined(__s390__)
3424 if (streq(p
, "s390"))
3428 return PERSONALITY_INVALID
;
3431 const char* personality_to_string(unsigned long p
) {
3433 #if defined(__x86_64__)
3435 if (p
== PER_LINUX32
)
3441 #elif defined(__i386__)
3446 #elif defined(__s390x__)
3451 if (p
== PER_LINUX32
)
3454 #elif defined(__s390__)
3464 uint64_t physical_memory(void) {
3467 /* We return this as uint64_t in case we are running as 32bit
3468 * process on a 64bit kernel with huge amounts of memory */
3470 mem
= sysconf(_SC_PHYS_PAGES
);
3473 return (uint64_t) mem
* (uint64_t) page_size();
3476 void hexdump(FILE *f
, const void *p
, size_t s
) {
3477 const uint8_t *b
= p
;
3480 assert(s
== 0 || b
);
3485 fprintf(f
, "%04x ", n
);
3487 for (i
= 0; i
< 16; i
++) {
3492 fprintf(f
, "%02x ", b
[i
]);
3500 for (i
= 0; i
< 16; i
++) {
3505 fputc(isprint(b
[i
]) ? (char) b
[i
] : '.', f
);
3519 int update_reboot_param_file(const char *param
) {
3523 r
= write_string_file(REBOOT_PARAM_FILE
, param
, WRITE_STRING_FILE_CREATE
);
3525 return log_error_errno(r
, "Failed to write reboot param to "REBOOT_PARAM_FILE
": %m");
3527 (void) unlink(REBOOT_PARAM_FILE
);
3532 int umount_recursive(const char *prefix
, int flags
) {
3536 /* Try to umount everything recursively below a
3537 * directory. Also, take care of stacked mounts, and keep
3538 * unmounting them until they are gone. */
3541 _cleanup_fclose_
FILE *proc_self_mountinfo
= NULL
;
3546 proc_self_mountinfo
= fopen("/proc/self/mountinfo", "re");
3547 if (!proc_self_mountinfo
)
3551 _cleanup_free_
char *path
= NULL
, *p
= NULL
;
3554 k
= fscanf(proc_self_mountinfo
,
3555 "%*s " /* (1) mount id */
3556 "%*s " /* (2) parent id */
3557 "%*s " /* (3) major:minor */
3558 "%*s " /* (4) root */
3559 "%ms " /* (5) mount point */
3560 "%*s" /* (6) mount options */
3561 "%*[^-]" /* (7) optional fields */
3562 "- " /* (8) separator */
3563 "%*s " /* (9) file system type */
3564 "%*s" /* (10) mount source */
3565 "%*s" /* (11) mount options 2 */
3566 "%*[^\n]", /* some rubbish at the end */
3575 r
= cunescape(path
, UNESCAPE_RELAX
, &p
);
3579 if (!path_startswith(p
, prefix
))
3582 if (umount2(p
, flags
) < 0) {
3598 static int get_mount_flags(const char *path
, unsigned long *flags
) {
3601 if (statvfs(path
, &buf
) < 0)
3603 *flags
= buf
.f_flag
;
3607 int bind_remount_recursive(const char *prefix
, bool ro
) {
3608 _cleanup_set_free_free_ Set
*done
= NULL
;
3609 _cleanup_free_
char *cleaned
= NULL
;
3612 /* Recursively remount a directory (and all its submounts)
3613 * read-only or read-write. If the directory is already
3614 * mounted, we reuse the mount and simply mark it
3615 * MS_BIND|MS_RDONLY (or remove the MS_RDONLY for read-write
3616 * operation). If it isn't we first make it one. Afterwards we
3617 * apply MS_BIND|MS_RDONLY (or remove MS_RDONLY) to all
3618 * submounts we can access, too. When mounts are stacked on
3619 * the same mount point we only care for each individual
3620 * "top-level" mount on each point, as we cannot
3621 * influence/access the underlying mounts anyway. We do not
3622 * have any effect on future submounts that might get
3623 * propagated, they migt be writable. This includes future
3624 * submounts that have been triggered via autofs. */
3626 cleaned
= strdup(prefix
);
3630 path_kill_slashes(cleaned
);
3632 done
= set_new(&string_hash_ops
);
3637 _cleanup_fclose_
FILE *proc_self_mountinfo
= NULL
;
3638 _cleanup_set_free_free_ Set
*todo
= NULL
;
3639 bool top_autofs
= false;
3641 unsigned long orig_flags
;
3643 todo
= set_new(&string_hash_ops
);
3647 proc_self_mountinfo
= fopen("/proc/self/mountinfo", "re");
3648 if (!proc_self_mountinfo
)
3652 _cleanup_free_
char *path
= NULL
, *p
= NULL
, *type
= NULL
;
3655 k
= fscanf(proc_self_mountinfo
,
3656 "%*s " /* (1) mount id */
3657 "%*s " /* (2) parent id */
3658 "%*s " /* (3) major:minor */
3659 "%*s " /* (4) root */
3660 "%ms " /* (5) mount point */
3661 "%*s" /* (6) mount options (superblock) */
3662 "%*[^-]" /* (7) optional fields */
3663 "- " /* (8) separator */
3664 "%ms " /* (9) file system type */
3665 "%*s" /* (10) mount source */
3666 "%*s" /* (11) mount options (bind mount) */
3667 "%*[^\n]", /* some rubbish at the end */
3677 r
= cunescape(path
, UNESCAPE_RELAX
, &p
);
3681 /* Let's ignore autofs mounts. If they aren't
3682 * triggered yet, we want to avoid triggering
3683 * them, as we don't make any guarantees for
3684 * future submounts anyway. If they are
3685 * already triggered, then we will find
3686 * another entry for this. */
3687 if (streq(type
, "autofs")) {
3688 top_autofs
= top_autofs
|| path_equal(cleaned
, p
);
3692 if (path_startswith(p
, cleaned
) &&
3693 !set_contains(done
, p
)) {
3695 r
= set_consume(todo
, p
);
3705 /* If we have no submounts to process anymore and if
3706 * the root is either already done, or an autofs, we
3708 if (set_isempty(todo
) &&
3709 (top_autofs
|| set_contains(done
, cleaned
)))
3712 if (!set_contains(done
, cleaned
) &&
3713 !set_contains(todo
, cleaned
)) {
3714 /* The prefix directory itself is not yet a
3715 * mount, make it one. */
3716 if (mount(cleaned
, cleaned
, NULL
, MS_BIND
|MS_REC
, NULL
) < 0)
3720 (void) get_mount_flags(cleaned
, &orig_flags
);
3721 orig_flags
&= ~MS_RDONLY
;
3723 if (mount(NULL
, prefix
, NULL
, orig_flags
|MS_BIND
|MS_REMOUNT
|(ro
? MS_RDONLY
: 0), NULL
) < 0)
3726 x
= strdup(cleaned
);
3730 r
= set_consume(done
, x
);
3735 while ((x
= set_steal_first(todo
))) {
3737 r
= set_consume(done
, x
);
3738 if (r
== -EEXIST
|| r
== 0)
3743 /* Try to reuse the original flag set, but
3744 * don't care for errors, in case of
3745 * obstructed mounts */
3747 (void) get_mount_flags(x
, &orig_flags
);
3748 orig_flags
&= ~MS_RDONLY
;
3750 if (mount(NULL
, x
, NULL
, orig_flags
|MS_BIND
|MS_REMOUNT
|(ro
? MS_RDONLY
: 0), NULL
) < 0) {
3752 /* Deal with mount points that are
3753 * obstructed by a later mount */
3755 if (errno
!= ENOENT
)
3763 int fflush_and_check(FILE *f
) {
3770 return errno
? -errno
: -EIO
;
3775 int tempfn_xxxxxx(const char *p
, const char *extra
, char **ret
) {
3787 * /foo/bar/.#<extra>waldoXXXXXX
3791 if (!filename_is_valid(fn
))
3797 t
= new(char, strlen(p
) + 2 + strlen(extra
) + 6 + 1);
3801 strcpy(stpcpy(stpcpy(stpcpy(mempcpy(t
, p
, fn
- p
), ".#"), extra
), fn
), "XXXXXX");
3803 *ret
= path_kill_slashes(t
);
3807 int tempfn_random(const char *p
, const char *extra
, char **ret
) {
3821 * /foo/bar/.#<extra>waldobaa2a261115984a9
3825 if (!filename_is_valid(fn
))
3831 t
= new(char, strlen(p
) + 2 + strlen(extra
) + 16 + 1);
3835 x
= stpcpy(stpcpy(stpcpy(mempcpy(t
, p
, fn
- p
), ".#"), extra
), fn
);
3838 for (i
= 0; i
< 16; i
++) {
3839 *(x
++) = hexchar(u
& 0xF);
3845 *ret
= path_kill_slashes(t
);
3849 int tempfn_random_child(const char *p
, const char *extra
, char **ret
) {
3860 * /foo/bar/waldo/.#<extra>3c2b6219aa75d7d0
3866 t
= new(char, strlen(p
) + 3 + strlen(extra
) + 16 + 1);
3870 x
= stpcpy(stpcpy(stpcpy(t
, p
), "/.#"), extra
);
3873 for (i
= 0; i
< 16; i
++) {
3874 *(x
++) = hexchar(u
& 0xF);
3880 *ret
= path_kill_slashes(t
);
3884 int take_password_lock(const char *root
) {
3886 struct flock flock
= {
3888 .l_whence
= SEEK_SET
,
3896 /* This is roughly the same as lckpwdf(), but not as awful. We
3897 * don't want to use alarm() and signals, hence we implement
3898 * our own trivial version of this.
3900 * Note that shadow-utils also takes per-database locks in
3901 * addition to lckpwdf(). However, we don't given that they
3902 * are redundant as they they invoke lckpwdf() first and keep
3903 * it during everything they do. The per-database locks are
3904 * awfully racy, and thus we just won't do them. */
3907 path
= strjoina(root
, "/etc/.pwd.lock");
3909 path
= "/etc/.pwd.lock";
3911 fd
= open(path
, O_WRONLY
|O_CREAT
|O_CLOEXEC
|O_NOCTTY
|O_NOFOLLOW
, 0600);
3915 r
= fcntl(fd
, F_SETLKW
, &flock
);
3924 int is_symlink(const char *path
) {
3927 if (lstat(path
, &info
) < 0)
3930 return !!S_ISLNK(info
.st_mode
);
3933 int is_dir(const char* path
, bool follow
) {
3938 r
= stat(path
, &st
);
3940 r
= lstat(path
, &st
);
3944 return !!S_ISDIR(st
.st_mode
);
3947 int is_device_node(const char *path
) {
3950 if (lstat(path
, &info
) < 0)
3953 return !!(S_ISBLK(info
.st_mode
) || S_ISCHR(info
.st_mode
));
3956 ssize_t
fgetxattrat_fake(int dirfd
, const char *filename
, const char *attribute
, void *value
, size_t size
, int flags
) {
3957 char fn
[strlen("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1];
3958 _cleanup_close_
int fd
= -1;
3961 /* The kernel doesn't have a fgetxattrat() command, hence let's emulate one */
3963 fd
= openat(dirfd
, filename
, O_RDONLY
|O_CLOEXEC
|O_NOCTTY
|O_PATH
|(flags
& AT_SYMLINK_NOFOLLOW
? O_NOFOLLOW
: 0));
3967 xsprintf(fn
, "/proc/self/fd/%i", fd
);
3969 l
= getxattr(fn
, attribute
, value
, size
);
3976 static int parse_crtime(le64_t le
, usec_t
*usec
) {
3982 if (u
== 0 || u
== (uint64_t) -1)
3989 int fd_getcrtime(int fd
, usec_t
*usec
) {
3996 /* Until Linux gets a real concept of birthtime/creation time,
3997 * let's fake one with xattrs */
3999 n
= fgetxattr(fd
, "user.crtime_usec", &le
, sizeof(le
));
4002 if (n
!= sizeof(le
))
4005 return parse_crtime(le
, usec
);
4008 int fd_getcrtime_at(int dirfd
, const char *name
, usec_t
*usec
, int flags
) {
4012 n
= fgetxattrat_fake(dirfd
, name
, "user.crtime_usec", &le
, sizeof(le
), flags
);
4015 if (n
!= sizeof(le
))
4018 return parse_crtime(le
, usec
);
4021 int path_getcrtime(const char *p
, usec_t
*usec
) {
4028 n
= getxattr(p
, "user.crtime_usec", &le
, sizeof(le
));
4031 if (n
!= sizeof(le
))
4034 return parse_crtime(le
, usec
);
4037 int fd_setcrtime(int fd
, usec_t usec
) {
4043 usec
= now(CLOCK_REALTIME
);
4045 le
= htole64((uint64_t) usec
);
4046 if (fsetxattr(fd
, "user.crtime_usec", &le
, sizeof(le
), 0) < 0)
4052 int chattr_fd(int fd
, unsigned value
, unsigned mask
) {
4053 unsigned old_attr
, new_attr
;
4058 if (fstat(fd
, &st
) < 0)
4061 /* Explicitly check whether this is a regular file or
4062 * directory. If it is anything else (such as a device node or
4063 * fifo), then the ioctl will not hit the file systems but
4064 * possibly drivers, where the ioctl might have different
4065 * effects. Notably, DRM is using the same ioctl() number. */
4067 if (!S_ISDIR(st
.st_mode
) && !S_ISREG(st
.st_mode
))
4073 if (ioctl(fd
, FS_IOC_GETFLAGS
, &old_attr
) < 0)
4076 new_attr
= (old_attr
& ~mask
) | (value
& mask
);
4077 if (new_attr
== old_attr
)
4080 if (ioctl(fd
, FS_IOC_SETFLAGS
, &new_attr
) < 0)
4086 int chattr_path(const char *p
, unsigned value
, unsigned mask
) {
4087 _cleanup_close_
int fd
= -1;
4094 fd
= open(p
, O_RDONLY
|O_CLOEXEC
|O_NOCTTY
|O_NOFOLLOW
);
4098 return chattr_fd(fd
, value
, mask
);
4101 int read_attr_fd(int fd
, unsigned *ret
) {
4106 if (fstat(fd
, &st
) < 0)
4109 if (!S_ISDIR(st
.st_mode
) && !S_ISREG(st
.st_mode
))
4112 if (ioctl(fd
, FS_IOC_GETFLAGS
, ret
) < 0)
4118 int read_attr_path(const char *p
, unsigned *ret
) {
4119 _cleanup_close_
int fd
= -1;
4124 fd
= open(p
, O_RDONLY
|O_CLOEXEC
|O_NOCTTY
|O_NOFOLLOW
);
4128 return read_attr_fd(fd
, ret
);
4131 void sigkill_wait(pid_t
*pid
) {
4137 if (kill(*pid
, SIGKILL
) > 0)
4138 (void) wait_for_terminate(*pid
, NULL
);
4141 int syslog_parse_priority(const char **p
, int *priority
, bool with_facility
) {
4142 int a
= 0, b
= 0, c
= 0;
4152 if (!strchr(*p
, '>'))
4155 if ((*p
)[2] == '>') {
4156 c
= undecchar((*p
)[1]);
4158 } else if ((*p
)[3] == '>') {
4159 b
= undecchar((*p
)[1]);
4160 c
= undecchar((*p
)[2]);
4162 } else if ((*p
)[4] == '>') {
4163 a
= undecchar((*p
)[1]);
4164 b
= undecchar((*p
)[2]);
4165 c
= undecchar((*p
)[3]);
4170 if (a
< 0 || b
< 0 || c
< 0 ||
4171 (!with_facility
&& (a
|| b
|| c
> 7)))
4175 *priority
= a
*100 + b
*10 + c
;
4177 *priority
= (*priority
& LOG_FACMASK
) | c
;
4183 ssize_t
string_table_lookup(const char * const *table
, size_t len
, const char *key
) {
4189 for (i
= 0; i
< len
; ++i
)
4190 if (streq_ptr(table
[i
], key
))
4196 int rename_noreplace(int olddirfd
, const char *oldpath
, int newdirfd
, const char *newpath
) {
4200 ret
= renameat2(olddirfd
, oldpath
, newdirfd
, newpath
, RENAME_NOREPLACE
);
4204 /* renameat2() exists since Linux 3.15, btrfs added support for it later.
4205 * If it is not implemented, fallback to another method. */
4206 if (!IN_SET(errno
, EINVAL
, ENOSYS
))
4209 /* The link()/unlink() fallback does not work on directories. But
4210 * renameat() without RENAME_NOREPLACE gives the same semantics on
4211 * directories, except when newpath is an *empty* directory. This is
4213 ret
= fstatat(olddirfd
, oldpath
, &buf
, AT_SYMLINK_NOFOLLOW
);
4214 if (ret
>= 0 && S_ISDIR(buf
.st_mode
)) {
4215 ret
= renameat(olddirfd
, oldpath
, newdirfd
, newpath
);
4216 return ret
>= 0 ? 0 : -errno
;
4219 /* If it is not a directory, use the link()/unlink() fallback. */
4220 ret
= linkat(olddirfd
, oldpath
, newdirfd
, newpath
, 0);
4224 ret
= unlinkat(olddirfd
, oldpath
, 0);
4226 /* backup errno before the following unlinkat() alters it */
4228 (void) unlinkat(newdirfd
, newpath
, 0);
4236 int parse_mode(const char *s
, mode_t
*ret
) {
4244 l
= strtol(s
, &x
, 8);
4248 if (!x
|| x
== s
|| *x
)
4250 if (l
< 0 || l
> 07777)
4257 int mount_move_root(const char *path
) {
4260 if (chdir(path
) < 0)
4263 if (mount(path
, "/", NULL
, MS_MOVE
, NULL
) < 0)
4266 if (chroot(".") < 0)
4275 int getxattr_malloc(const char *path
, const char *name
, char **value
, bool allow_symlink
) {
4284 for (l
= 100; ; l
= (size_t) n
+ 1) {
4290 n
= lgetxattr(path
, name
, v
, l
);
4292 n
= getxattr(path
, name
, v
, l
);
4294 if (n
>= 0 && (size_t) n
< l
) {
4301 if (n
< 0 && errno
!= ERANGE
)
4305 n
= lgetxattr(path
, name
, NULL
, 0);
4307 n
= getxattr(path
, name
, NULL
, 0);
4313 int fgetxattr_malloc(int fd
, const char *name
, char **value
) {
4322 for (l
= 100; ; l
= (size_t) n
+ 1) {
4327 n
= fgetxattr(fd
, name
, v
, l
);
4329 if (n
>= 0 && (size_t) n
< l
) {
4336 if (n
< 0 && errno
!= ERANGE
)
4339 n
= fgetxattr(fd
, name
, NULL
, 0);
4345 int send_one_fd(int transport_fd
, int fd
, int flags
) {
4347 struct cmsghdr cmsghdr
;
4348 uint8_t buf
[CMSG_SPACE(sizeof(int))];
4350 struct msghdr mh
= {
4351 .msg_control
= &control
,
4352 .msg_controllen
= sizeof(control
),
4354 struct cmsghdr
*cmsg
;
4356 assert(transport_fd
>= 0);
4359 cmsg
= CMSG_FIRSTHDR(&mh
);
4360 cmsg
->cmsg_level
= SOL_SOCKET
;
4361 cmsg
->cmsg_type
= SCM_RIGHTS
;
4362 cmsg
->cmsg_len
= CMSG_LEN(sizeof(int));
4363 memcpy(CMSG_DATA(cmsg
), &fd
, sizeof(int));
4365 mh
.msg_controllen
= CMSG_SPACE(sizeof(int));
4366 if (sendmsg(transport_fd
, &mh
, MSG_NOSIGNAL
| flags
) < 0)
4372 int receive_one_fd(int transport_fd
, int flags
) {
4374 struct cmsghdr cmsghdr
;
4375 uint8_t buf
[CMSG_SPACE(sizeof(int))];
4377 struct msghdr mh
= {
4378 .msg_control
= &control
,
4379 .msg_controllen
= sizeof(control
),
4381 struct cmsghdr
*cmsg
, *found
= NULL
;
4383 assert(transport_fd
>= 0);
4386 * Receive a single FD via @transport_fd. We don't care for
4387 * the transport-type. We retrieve a single FD at most, so for
4388 * packet-based transports, the caller must ensure to send
4389 * only a single FD per packet. This is best used in
4390 * combination with send_one_fd().
4393 if (recvmsg(transport_fd
, &mh
, MSG_NOSIGNAL
| MSG_CMSG_CLOEXEC
| flags
) < 0)
4396 CMSG_FOREACH(cmsg
, &mh
) {
4397 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
4398 cmsg
->cmsg_type
== SCM_RIGHTS
&&
4399 cmsg
->cmsg_len
== CMSG_LEN(sizeof(int))) {
4407 cmsg_close_all(&mh
);
4411 return *(int*) CMSG_DATA(found
);
4414 void nop_signal_handler(int sig
) {
4419 puts(PACKAGE_STRING
"\n"
4424 bool fdname_is_valid(const char *s
) {
4427 /* Validates a name for $LISTEN_FDNAMES. We basically allow
4428 * everything ASCII that's not a control character. Also, as
4429 * special exception the ":" character is not allowed, as we
4430 * use that as field separator in $LISTEN_FDNAMES.
4432 * Note that the empty string is explicitly allowed
4433 * here. However, we limit the length of the names to 255
4439 for (p
= s
; *p
; p
++) {
4451 bool oom_score_adjust_is_valid(int oa
) {
4452 return oa
>= OOM_SCORE_ADJ_MIN
&& oa
<= OOM_SCORE_ADJ_MAX
;