#include <linux/fs.h>
#endif
+#include "data-fd-util.h"
#include "dirent-util.h"
#include "fd-util.h"
#include "fileio.h"
HomeSetupFlags flags,
HomeSetup *setup) {
- _cleanup_free_ char *chost = NULL, *cservice = NULL, *cdir = NULL, *chost_and_service = NULL, *j = NULL;
+ _cleanup_free_ char *chost = NULL, *cservice = NULL, *cdir = NULL, *chost_and_service = NULL, *j = NULL, *options = NULL;
int r;
assert(h);
if (!chost_and_service)
return log_oom();
+ if (asprintf(&options, "user=%s,uid=" UID_FMT ",forceuid,gid=" GID_FMT ",forcegid,file_mode=0%3o,dir_mode=0%3o",
+ user_record_cifs_user_name(h), h->uid, user_record_gid(h), user_record_access_mode(h),
+ user_record_access_mode(h)) < 0)
+ return log_oom();
+
+ if (h->cifs_domain)
+ if (strextendf_with_separator(&options, ",", "domain=%s", h->cifs_domain) < 0)
+ return log_oom();
+
+ if (h->cifs_extra_mount_options)
+ if (!strextend_with_separator(&options, ",", h->cifs_extra_mount_options))
+ return log_oom();
+
r = home_unshare_and_mkdir();
if (r < 0)
return r;
STRV_FOREACH(pw, h->password) {
- _cleanup_(unlink_and_freep) char *p = NULL;
- _cleanup_free_ char *options = NULL;
- _cleanup_fclose_ FILE *f = NULL;
+ _cleanup_close_ int passwd_fd = -EBADF;
pid_t mount_pid;
int exit_status;
- r = fopen_temporary_child(NULL, &f, &p);
- if (r < 0)
- return log_error_errno(r, "Failed to create temporary credentials file: %m");
-
- fprintf(f,
- "username=%s\n"
- "password=%s\n",
- user_record_cifs_user_name(h),
- *pw);
-
- if (h->cifs_domain)
- fprintf(f, "domain=%s\n", h->cifs_domain);
-
- r = fflush_and_check(f);
- if (r < 0)
- return log_error_errno(r, "Failed to write temporary credentials file: %m");
-
- f = safe_fclose(f);
-
- if (asprintf(&options, "credentials=%s,uid=" UID_FMT ",forceuid,gid=" GID_FMT ",forcegid,file_mode=0%3o,dir_mode=0%3o",
- p, h->uid, user_record_gid(h), user_record_access_mode(h), user_record_access_mode(h)) < 0)
- return log_oom();
-
- if (h->cifs_extra_mount_options)
- if (!strextend_with_separator(&options, ",", h->cifs_extra_mount_options))
- return log_oom();
+ passwd_fd = acquire_data_fd(*pw, strlen(*pw), /* flags= */ 0);
+ if (passwd_fd < 0)
+ return log_error_errno(passwd_fd, "Failed to create data FD for password: %m");
r = safe_fork("(mount)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_STDOUT_TO_STDERR, &mount_pid);
if (r < 0)
return r;
if (r == 0) {
/* Child */
+
+ r = fd_cloexec(passwd_fd, false);
+ if (r < 0) {
+ log_error_errno(r, "Failed to disable CLOEXEC on password FD: %m");
+ _exit(EXIT_FAILURE);
+ }
+
+ r = setenvf("PASSWD_FD", /* overwrite= */ true, "%d", passwd_fd);
+ if (r < 0) {
+ log_error_errno(errno, "Failed to set $PASSWD_FD: %m");
+ _exit(EXIT_FAILURE);
+ }
+
execl("/bin/mount", "/bin/mount", "-n", "-t", "cifs",
chost_and_service, HOME_RUNTIME_WORK_DIR,
"-o", options, NULL);
projects / thirdparty / systemd.git / commitdiff
