git.ipfire.org Git - thirdparty/systemd.git/commit

author	Lennart Poettering <lennart@poettering.net>
	Fri, 28 Apr 2023 16:33:17 +0000 (18:33 +0200)
committer	Lennart Poettering <lennart@poettering.net>
	Wed, 3 May 2023 15:55:55 +0000 (17:55 +0200)
commit	8aefedce147bfc99cf96090e3bd7f4d2c6468fd7
tree	caac826a7beca2560e3689fc3506a586f5c0c9e5	tree \| snapshot
parent	f2c1d491a539035d6cc1fa53a7cef0cbc8d52902	commit \| diff

base-filesystem: add new helper base_filesystem_create_fd() that operates on an fd, instead of a path

This also changes the open flags from
O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW to
O_DIRECTORY|O_CLOEXEC. O_RDONLY is redundant, since O_RDONLY is zero
anyway, and O_DIRECTORY pins the acces mode enough: it doesn't allow
read()/write() anyway when specified. O_NONBLOCK is also pointless given
that O_DIRECTORY is specified, it has no meaning on directories. (It is
useful if we don't know much about the inode we are opening, and could
be a device node or fifo, but the O_DIRECTORY excludes that case.)

O_NOFOLLOW is dropped since there's really no point in blocking out the
initial entrypoint being a symlink. Once we pinned the the root of the
tree it might make sense to restrict symlink use below it, but for the
entrypoint itself it doesn't matter.

src/shared/base-filesystem.c		diff \| blob \| blame \| history
src/shared/base-filesystem.h		diff \| blob \| blame \| history
src/shared/switch-root.c		diff \| blob \| blame \| history