build-sys: use #if Y instead of #ifdef Y everywhere

[thirdparty/systemd.git] / src / core / dbus-execute.c

diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
index a8cdae5bf2f1df7519dbb0311c440ef36cc0b1ee..e0aa9fdd825fdb2c4cbf7ecbc748713dd69a19ff 100644 (file)
--- a/src/core/dbus-execute.c
+++ b/src/core/dbus-execute.c
@@ -19,7 +19,7 @@
 
 #include <sys/prctl.h>
 
-#ifdef HAVE_SECCOMP
+#if HAVE_SECCOMP
 #include <seccomp.h>
 #endif
 
@@ -42,7 +42,7 @@
 #include "path-util.h"
 #include "process-util.h"
 #include "rlimit-util.h"
-#ifdef HAVE_SECCOMP
+#if HAVE_SECCOMP
 #include "seccomp-util.h"
 #endif
 #include "securebits-util.h"
@@ -376,7 +376,7 @@ static int property_get_syscall_filter(
         _cleanup_strv_free_ char **l = NULL;
         int r;
 
-#ifdef HAVE_SECCOMP
+#if HAVE_SECCOMP
         Iterator i;
         void *id;
 #endif
@@ -393,7 +393,7 @@ static int property_get_syscall_filter(
         if (r < 0)
                 return r;
 
-#ifdef HAVE_SECCOMP
+#if HAVE_SECCOMP
         SET_FOREACH(id, c->syscall_filter, i) {
                 char *name;
 
@@ -429,7 +429,7 @@ static int property_get_syscall_archs(
         _cleanup_strv_free_ char **l = NULL;
         int r;
 
-#ifdef HAVE_SECCOMP
+#if HAVE_SECCOMP
         Iterator i;
         void *id;
 #endif
@@ -438,7 +438,7 @@ static int property_get_syscall_archs(
         assert(reply);
         assert(c);
 
-#ifdef HAVE_SECCOMP
+#if HAVE_SECCOMP
         SET_FOREACH(id, c->syscall_archs, i) {
                 const char *name;
 
@@ -1185,7 +1185,7 @@ int bus_exec_context_set_transient_property(
 
                 return 1;
 
-#ifdef HAVE_SECCOMP
+#if HAVE_SECCOMP
 
         } else if (streq(name, "SystemCallFilter")) {
                 int whitelist;
@@ -2193,7 +2193,7 @@ int bus_exec_context_set_transient_property(
                         if (streq(name, "UMask"))
                                 c->umask = m;
                         else
-                                for (i = 0; i < _EXEC_DIRECTORY_MAX; i++)
+                                for (i = 0; i < _EXEC_DIRECTORY_TYPE_MAX; i++)
                                         if (startswith(name, exec_directory_type_to_string(i))) {
                                                 c->directories[i].mode = m;
                                                 break;
@@ -2213,8 +2213,8 @@ int bus_exec_context_set_transient_property(
                         return r;
 
                 STRV_FOREACH(p, l) {
-                        if (!filename_is_valid(*p))
-                                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s is not valid %s", name, *p);
+                        if (!path_is_safe(*p) || path_is_absolute(*p))
+                                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path is not valid: %s", name, *p);
                 }
 
                 if (mode != UNIT_CHECK) {
@@ -2222,7 +2222,7 @@ int bus_exec_context_set_transient_property(
                         char ***dirs = NULL;
                         ExecDirectoryType i;
 
-                        for (i = 0; i < _EXEC_DIRECTORY_MAX; i++)
+                        for (i = 0; i < _EXEC_DIRECTORY_TYPE_MAX; i++)
                                 if (streq(name, exec_directory_type_to_string(i))) {
                                         dirs = &c->directories[i].paths;
                                         break;
@@ -2235,7 +2235,6 @@ int bus_exec_context_set_transient_property(
                                 unit_write_drop_in_private_format(u, mode, name, "%s=", name);
                         } else {
                                 r = strv_extend_strv(dirs, l, true);
-
                                 if (r < 0)
                                         return -ENOMEM;