core: add EXEC_DIRECTORY_TYPE_SHALL_CHOWN() helper

Let's make ConfigurationDirectory= a bit less "special-casey", by hiding
the fact that it's the only per-service dir we do not do chown()ing for
inside of a new EXEC_DIRECTORY_TYPE_SHALL_CHOWN() helper.

diff --git a/src/core/exec-invoke.c b/src/core/exec-invoke.c
index eda0aee7c2e565c4d38ca2015cdb52107952c8c9..feea7897eff7dda1f1a59ab6027b3e77f55dbf0f 100644 (file)
--- a/src/core/exec-invoke.c
+++ b/src/core/exec-invoke.c
@@ -2474,7 +2474,7 @@ static int setup_exec_directory(
                 } else {
                         _cleanup_free_ char *target = NULL;
 
-                        if (type != EXEC_DIRECTORY_CONFIGURATION &&
+                        if (EXEC_DIRECTORY_TYPE_SHALL_CHOWN(type) &&
                             readlink_and_make_absolute(p, &target) >= 0) {
                                 _cleanup_free_ char *q = NULL, *q_resolved = NULL, *target_resolved = NULL;
 
@@ -2526,7 +2526,7 @@ static int setup_exec_directory(
                                 if (r != -EEXIST)
                                         goto fail;
 
-                                if (type == EXEC_DIRECTORY_CONFIGURATION) {
+                                if (!EXEC_DIRECTORY_TYPE_SHALL_CHOWN(type)) {
                                         struct stat st;
 
                                         /* Don't change the owner/access mode of the configuration directory,
@@ -3636,7 +3636,8 @@ static int compile_suggested_paths(const ExecContext *c, const ExecParameters *p
          * directories. */
 
         for (ExecDirectoryType t = 0; t < _EXEC_DIRECTORY_TYPE_MAX; t++) {
-                if (t == EXEC_DIRECTORY_CONFIGURATION)
+
+                if (!EXEC_DIRECTORY_TYPE_SHALL_CHOWN(t))
                         continue;
 
                 if (!p->prefix[t])

diff --git a/src/core/execute.c b/src/core/execute.c
index 1fda693344fd32b3338e4b4f9b57f5f695a7776b..a081c429380462d85cf0fa4d36b793a8c38eaadd 100644 (file)
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -340,7 +340,7 @@ bool exec_directory_is_private(const ExecContext *context, ExecDirectoryType typ
         if (!context->dynamic_user)
                 return false;
 
-        if (type == EXEC_DIRECTORY_CONFIGURATION)
+        if (!EXEC_DIRECTORY_TYPE_SHALL_CHOWN(type))
                 return false;
 
         if (type == EXEC_DIRECTORY_RUNTIME && context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO)
@@ -1639,7 +1639,7 @@ int exec_context_get_clean_directories(
                                 return r;
 
                         /* Also remove private directories unconditionally. */
-                        if (t != EXEC_DIRECTORY_CONFIGURATION) {
+                        if (EXEC_DIRECTORY_TYPE_SHALL_CHOWN(t)) {
                                 j = path_join(prefix[t], "private", i->path);
                                 if (!j)
                                         return -ENOMEM;

diff --git a/src/core/execute.h b/src/core/execute.h
index 1f9b3f8f142358928a2513d9aa6ddd0a88fb6e60..1fc7e6d7853e24dd1d08a3e501e63a192b8bc304 100644 (file)
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -152,6 +152,12 @@ typedef enum ExecDirectoryType {
         _EXEC_DIRECTORY_TYPE_INVALID = -EINVAL,
 } ExecDirectoryType;
 
+static inline bool EXEC_DIRECTORY_TYPE_SHALL_CHOWN(ExecDirectoryType t) {
+        /* Returns true for the ExecDirectoryTypes that we shall chown()ing for the user to. We do this for
+         * all of them, except for configuration */
+        return t >= 0 && t < _EXEC_DIRECTORY_TYPE_MAX && t != EXEC_DIRECTORY_CONFIGURATION;
+}
+
 typedef struct ExecDirectoryItem {
         char *path;
         char **symlinks;