From: Lennart Poettering Date: Wed, 23 Sep 2020 08:12:56 +0000 (+0200) Subject: tree-wide: switch remaining mount() invocations over to mount_nofollow_verbose() X-Git-Tag: v247-rc1~183^2~2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=21935150a0c42b91a322105f6a9129116bfc8e2e;p=thirdparty%2Fsystemd.git tree-wide: switch remaining mount() invocations over to mount_nofollow_verbose() (Well, at least the ones where that makes sense. Where it does't make sense are the ones that re invoked on the root path, which cannot possibly be a symlink.) --- diff --git a/src/core/execute.c b/src/core/execute.c index 07a4d3610fb..fd65dfb3feb 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -67,6 +67,7 @@ #include "memory-util.h" #include "missing_fs.h" #include "mkdir.h" +#include "mount-util.h" #include "mountpoint-util.h" #include "namespace.h" #include "parse-util.h" @@ -2652,11 +2653,13 @@ static int setup_credentials_internal( * the final version to the workspace, and make it writable, so that we can make * changes */ - if (mount(final, workspace, NULL, MS_BIND|MS_REC, NULL) < 0) - return -errno; + r = mount_nofollow_verbose(LOG_DEBUG, final, workspace, NULL, MS_BIND|MS_REC, NULL); + if (r < 0) + return r; - if (mount(NULL, workspace, NULL, MS_BIND|MS_REMOUNT|MS_NODEV|MS_NOEXEC|MS_NOSUID, NULL) < 0) - return -errno; + r = mount_nofollow_verbose(LOG_DEBUG, NULL, workspace, NULL, MS_BIND|MS_REMOUNT|MS_NODEV|MS_NOEXEC|MS_NOSUID, NULL); + if (r < 0) + return r; workspace_mounted = true; } @@ -2669,7 +2672,8 @@ static int setup_credentials_internal( if (try == 0) { /* Try "ramfs" first, since it's not swap backed */ - if (mount("ramfs", workspace, "ramfs", MS_NODEV|MS_NOEXEC|MS_NOSUID, "mode=0700") >= 0) { + r = mount_nofollow_verbose(LOG_DEBUG, "ramfs", workspace, "ramfs", MS_NODEV|MS_NOEXEC|MS_NOSUID, "mode=0700"); + if (r >= 0) { workspace_mounted = true; break; } @@ -2681,20 +2685,22 @@ static int setup_credentials_internal( return -ENOMEM; /* Fall back to "tmpfs" otherwise */ - if (mount("tmpfs", workspace, "tmpfs", MS_NODEV|MS_NOEXEC|MS_NOSUID, opts) >= 0) { + r = mount_nofollow_verbose(LOG_DEBUG, "tmpfs", workspace, "tmpfs", MS_NODEV|MS_NOEXEC|MS_NOSUID, opts); + if (r >= 0) { workspace_mounted = true; break; } } else { /* If that didn't work, try to make a bind mount from the final to the workspace, so that we can make it writable there. */ - if (mount(final, workspace, NULL, MS_BIND|MS_REC, NULL) < 0) { - if (!ERRNO_IS_PRIVILEGE(errno)) /* Propagate anything that isn't a permission problem */ - return -errno; + r = mount_nofollow_verbose(LOG_DEBUG, final, workspace, NULL, MS_BIND|MS_REC, NULL); + if (r < 0) { + if (!ERRNO_IS_PRIVILEGE(r)) /* Propagate anything that isn't a permission problem */ + return r; if (must_mount) /* If we it's not OK to use the plain directory * fallback, propagate all errors too */ - return -errno; + return r; /* If we lack privileges to bind mount stuff, then let's gracefully * proceed for compat with container envs, and just use the final dir @@ -2705,8 +2711,9 @@ static int setup_credentials_internal( } /* Make the new bind mount writable (i.e. drop MS_RDONLY) */ - if (mount(NULL, workspace, NULL, MS_BIND|MS_REMOUNT|MS_NODEV|MS_NOEXEC|MS_NOSUID, NULL) < 0) - return -errno; + r = mount_nofollow_verbose(LOG_DEBUG, NULL, workspace, NULL, MS_BIND|MS_REMOUNT|MS_NODEV|MS_NOEXEC|MS_NOSUID, NULL); + if (r < 0) + return r; workspace_mounted = true; break; @@ -2723,17 +2730,17 @@ static int setup_credentials_internal( if (workspace_mounted) { /* Make workspace read-only now, so that any bind mount we make from it defaults to read-only too */ - if (mount(NULL, workspace, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY|MS_NODEV|MS_NOEXEC|MS_NOSUID, NULL) < 0) - return -errno; + r = mount_nofollow_verbose(LOG_DEBUG, NULL, workspace, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY|MS_NODEV|MS_NOEXEC|MS_NOSUID, NULL); + if (r < 0) + return r; /* And mount it to the final place, read-only */ - if (final_mounted) { - if (umount2(workspace, MNT_DETACH|UMOUNT_NOFOLLOW) < 0) - return -errno; - } else { - if (mount(workspace, final, NULL, MS_MOVE, NULL) < 0) - return -errno; - } + if (final_mounted) + r = umount_verbose(LOG_DEBUG, workspace, MNT_DETACH|UMOUNT_NOFOLLOW); + else + r = mount_nofollow_verbose(LOG_DEBUG, workspace, final, NULL, MS_MOVE, NULL); + if (r < 0) + return r; } else { _cleanup_free_ char *parent = NULL; @@ -2847,7 +2854,8 @@ static int setup_credentials( * given that the we do this in a privately namespaced short-lived single-threaded process * that no one else sees this should be OK to do.*/ - if (mount(NULL, "/dev", NULL, MS_SLAVE|MS_REC, NULL) < 0) /* Turn off propagation from our namespace to host */ + r = mount_nofollow_verbose(LOG_DEBUG, NULL, "/dev", NULL, MS_SLAVE|MS_REC, NULL); /* Turn off propagation from our namespace to host */ + if (r < 0) goto child_fail; r = setup_credentials_internal( diff --git a/src/core/machine-id-setup.c b/src/core/machine-id-setup.c index 90f03db6804..6aecd36fe6c 100644 --- a/src/core/machine-id-setup.c +++ b/src/core/machine-id-setup.c @@ -15,6 +15,7 @@ #include "machine-id-setup.h" #include "macro.h" #include "mkdir.h" +#include "mount-util.h" #include "mountpoint-util.h" #include "namespace-util.h" #include "path-util.h" @@ -160,16 +161,18 @@ int machine_id_setup(const char *root, sd_id128_t machine_id, sd_id128_t *ret) { } /* And now, let's mount it over */ - if (mount(run_machine_id, etc_machine_id, NULL, MS_BIND, NULL) < 0) { - (void) unlink_noerrno(run_machine_id); - return log_error_errno(errno, "Failed to mount %s: %m", etc_machine_id); + r = mount_follow_verbose(LOG_ERR, run_machine_id, etc_machine_id, NULL, MS_BIND, NULL); + if (r < 0) { + (void) unlink(run_machine_id); + return r; } log_info("Installed transient %s file.", etc_machine_id); /* Mark the mount read-only */ - if (mount(NULL, etc_machine_id, NULL, MS_BIND|MS_RDONLY|MS_REMOUNT, NULL) < 0) - log_warning_errno(errno, "Failed to make transient %s read-only, ignoring: %m", etc_machine_id); + r = mount_follow_verbose(LOG_WARNING, NULL, etc_machine_id, NULL, MS_BIND|MS_RDONLY|MS_REMOUNT, NULL); + if (r < 0) + return r; finish: if (ret) @@ -227,8 +230,9 @@ int machine_id_commit(const char *root) { if (r < 0) return log_error_errno(r, "Failed to set up new mount namespace: %m"); - if (umount(etc_machine_id) < 0) - return log_error_errno(errno, "Failed to unmount transient %s file in our private namespace: %m", etc_machine_id); + r = umount_verbose(LOG_ERR, etc_machine_id, 0); + if (r < 0) + return r; /* Update a persistent version of etc_machine_id */ r = id128_write(etc_machine_id, ID128_PLAIN, id, true); diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c index 7c177839b3b..e1ecb448ea2 100644 --- a/src/core/mount-setup.c +++ b/src/core/mount-setup.c @@ -38,6 +38,7 @@ typedef enum MountMode { MNT_FATAL = 1 << 0, MNT_IN_CONTAINER = 1 << 1, MNT_CHECK_WRITABLE = 1 << 2, + MNT_FOLLOW_SYMLINK = 1 << 3, } MountMode; typedef struct MountPoint { @@ -61,9 +62,9 @@ typedef struct MountPoint { #endif static const MountPoint mount_table[] = { - { "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, - NULL, MNT_FATAL|MNT_IN_CONTAINER }, { "proc", "/proc", "proc", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, + NULL, MNT_FATAL|MNT_IN_CONTAINER|MNT_FOLLOW_SYMLINK }, + { "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL, MNT_FATAL|MNT_IN_CONTAINER }, { "devtmpfs", "/dev", "devtmpfs", "mode=755" TMPFS_LIMITS_DEV, MS_NOSUID|MS_NOEXEC|MS_STRICTATIME, NULL, MNT_FATAL|MNT_IN_CONTAINER }, @@ -184,13 +185,13 @@ static int mount_one(const MountPoint *p, bool relabel) { p->type, strna(p->options)); - if (mount(p->what, - p->where, - p->type, - p->flags, - p->options) < 0) { - log_full_errno(priority, errno, "Failed to mount %s at %s: %m", p->type, p->where); - return (p->mode & MNT_FATAL) ? -errno : 0; + if (FLAGS_SET(p->mode, MNT_FOLLOW_SYMLINK)) + r = mount(p->what, p->where, p->type, p->flags, p->options) < 0 ? -errno : 0; + else + r = mount_nofollow(p->what, p->where, p->type, p->flags, p->options); + if (r < 0) { + log_full_errno(priority, r, "Failed to mount %s at %s: %m", p->type, p->where); + return (p->mode & MNT_FATAL) ? r : 0; } /* Relabel again, since we now mounted something fresh here */ @@ -201,7 +202,7 @@ static int mount_one(const MountPoint *p, bool relabel) { if (access(p->where, W_OK) < 0) { r = -errno; - (void) umount(p->where); + (void) umount2(p->where, UMOUNT_NOFOLLOW); (void) rmdir(p->where); log_full_errno(priority, r, "Mount point %s not writable after mounting: %m", p->where); @@ -355,7 +356,7 @@ int mount_cgroup_controllers(void) { } /* Now that we mounted everything, let's make the tmpfs the cgroup file systems are mounted into read-only. */ - (void) mount("tmpfs", "/sys/fs/cgroup", "tmpfs", MS_REMOUNT|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME|MS_RDONLY, "mode=755" TMPFS_LIMITS_SYS_FS_CGROUP); + (void) mount_nofollow("tmpfs", "/sys/fs/cgroup", "tmpfs", MS_REMOUNT|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME|MS_RDONLY, "mode=755" TMPFS_LIMITS_SYS_FS_CGROUP); return 0; } @@ -397,13 +398,13 @@ static int relabel_cgroup_filesystems(void) { return log_error_errno(errno, "Failed to determine mount flags for /sys/fs/cgroup: %m"); if (st.f_flags & ST_RDONLY) - (void) mount(NULL, "/sys/fs/cgroup", NULL, MS_REMOUNT, NULL); + (void) mount_nofollow(NULL, "/sys/fs/cgroup", NULL, MS_REMOUNT, NULL); (void) label_fix("/sys/fs/cgroup", 0); (void) nftw("/sys/fs/cgroup", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL); if (st.f_flags & ST_RDONLY) - (void) mount(NULL, "/sys/fs/cgroup", NULL, MS_REMOUNT|MS_RDONLY, NULL); + (void) mount_nofollow(NULL, "/sys/fs/cgroup", NULL, MS_REMOUNT|MS_RDONLY, NULL); } else if (r < 0) return log_error_errno(r, "Failed to determine whether we are in all unified mode: %m"); diff --git a/src/core/namespace.c b/src/core/namespace.c index f2754f9d020..565dc468262 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -657,13 +657,12 @@ static int clone_device_node( if (r < 0 && errno != EEXIST) return log_debug_errno(errno, "mknod() fallback failed for '%s': %m", d); - /* Fallback to bind-mounting: - * The assumption here is that all used device nodes carry standard - * properties. Specifically, the devices nodes we bind-mount should - * either be owned by root:root or root:tty (e.g. /dev/tty, /dev/ptmx) - * and should not carry ACLs. */ - if (mount(d, dn, NULL, MS_BIND, NULL) < 0) - return log_debug_errno(errno, "Bind mounting failed for '%s': %m", d); + /* Fallback to bind-mounting: The assumption here is that all used device nodes carry standard + * properties. Specifically, the devices nodes we bind-mount should either be owned by root:root or + * root:tty (e.g. /dev/tty, /dev/ptmx) and should not carry ACLs. */ + r = mount_nofollow_verbose(LOG_DEBUG, d, dn, NULL, MS_BIND, NULL); + if (r < 0) + return r; add_symlink: bn = path_startswith(d, "/dev/"); @@ -710,10 +709,10 @@ static int mount_private_dev(MountEntry *m) { dev = strjoina(temporary_mount, "/dev"); (void) mkdir(dev, 0755); - if (mount("tmpfs", dev, "tmpfs", DEV_MOUNT_OPTIONS, "mode=755" TMPFS_LIMITS_DEV) < 0) { - r = log_debug_errno(errno, "Failed to mount tmpfs on '%s': %m", dev); + r = mount_nofollow_verbose(LOG_DEBUG, "tmpfs", dev, "tmpfs", DEV_MOUNT_OPTIONS, "mode=755" TMPFS_LIMITS_DEV); + if (r < 0) goto fail; - } + r = label_fix_container(dev, "/dev", 0); if (r < 0) { log_debug_errno(errno, "Failed to fix label of '%s' as /dev: %m", dev); @@ -722,10 +721,9 @@ static int mount_private_dev(MountEntry *m) { devpts = strjoina(temporary_mount, "/dev/pts"); (void) mkdir(devpts, 0755); - if (mount("/dev/pts", devpts, NULL, MS_BIND, NULL) < 0) { - r = log_debug_errno(errno, "Failed to bind mount /dev/pts on '%s': %m", devpts); + r = mount_nofollow_verbose(LOG_DEBUG, "/dev/pts", devpts, NULL, MS_BIND, NULL); + if (r < 0) goto fail; - } /* /dev/ptmx can either be a device node or a symlink to /dev/pts/ptmx. * When /dev/ptmx a device node, /dev/pts/ptmx has 000 permissions making it inaccessible. @@ -749,21 +747,17 @@ static int mount_private_dev(MountEntry *m) { devshm = strjoina(temporary_mount, "/dev/shm"); (void) mkdir(devshm, 0755); - r = mount("/dev/shm", devshm, NULL, MS_BIND, NULL); - if (r < 0) { - r = log_debug_errno(errno, "Failed to bind mount /dev/shm on '%s': %m", devshm); + r = mount_nofollow_verbose(LOG_DEBUG, "/dev/shm", devshm, NULL, MS_BIND, NULL); + if (r < 0) goto fail; - } devmqueue = strjoina(temporary_mount, "/dev/mqueue"); (void) mkdir(devmqueue, 0755); - if (mount("/dev/mqueue", devmqueue, NULL, MS_BIND, NULL) < 0) - log_debug_errno(errno, "Failed to bind mount /dev/mqueue on '%s', ignoring: %m", devmqueue); + (void) mount_nofollow_verbose(LOG_DEBUG, "/dev/mqueue", devmqueue, NULL, MS_BIND, NULL); devhugepages = strjoina(temporary_mount, "/dev/hugepages"); (void) mkdir(devhugepages, 0755); - if (mount("/dev/hugepages", devhugepages, NULL, MS_BIND, NULL) < 0) - log_debug_errno(errno, "Failed to bind mount /dev/hugepages on '%s', ignoring: %m", devhugepages); + (void) mount_nofollow_verbose(LOG_DEBUG, "/dev/hugepages", devhugepages, NULL, MS_BIND, NULL); devlog = strjoina(temporary_mount, "/dev/log"); if (symlink("/run/systemd/journal/dev-log", devlog) < 0) @@ -791,10 +785,9 @@ static int mount_private_dev(MountEntry *m) { if (r < 0) log_debug_errno(r, "Failed to unmount directories below '%s', ignoring: %m", mount_entry_path(m)); - if (mount(dev, mount_entry_path(m), NULL, MS_MOVE, NULL) < 0) { - r = log_debug_errno(errno, "Failed to move mount point '%s' to '%s': %m", dev, mount_entry_path(m)); + r = mount_nofollow_verbose(LOG_DEBUG, dev, mount_entry_path(m), NULL, MS_MOVE, NULL); + if (r < 0) goto fail; - } (void) rmdir(dev); (void) rmdir(temporary_mount); @@ -803,18 +796,18 @@ static int mount_private_dev(MountEntry *m) { fail: if (devpts) - (void) umount(devpts); + (void) umount_verbose(LOG_DEBUG, devpts, UMOUNT_NOFOLLOW); if (devshm) - (void) umount(devshm); + (void) umount_verbose(LOG_DEBUG, devshm, UMOUNT_NOFOLLOW); if (devhugepages) - (void) umount(devhugepages); + (void) umount_verbose(LOG_DEBUG, devhugepages, UMOUNT_NOFOLLOW); if (devmqueue) - (void) umount(devmqueue); + (void) umount_verbose(LOG_DEBUG, devmqueue, UMOUNT_NOFOLLOW); - (void) umount(dev); + (void) umount_verbose(LOG_DEBUG, dev, UMOUNT_NOFOLLOW); (void) rmdir(dev); (void) rmdir(temporary_mount); @@ -837,8 +830,9 @@ static int mount_bind_dev(const MountEntry *m) { if (r > 0) /* make this a NOP if /dev is already a mount point */ return 0; - if (mount("/dev", mount_entry_path(m), NULL, MS_BIND|MS_REC, NULL) < 0) - return log_debug_errno(errno, "Failed to bind mount %s: %m", mount_entry_path(m)); + r = mount_nofollow_verbose(LOG_DEBUG, "/dev", mount_entry_path(m), NULL, MS_BIND|MS_REC, NULL); + if (r < 0) + return r; return 1; } @@ -857,14 +851,16 @@ static int mount_sysfs(const MountEntry *m) { return 0; /* Bind mount the host's version so that we get all child mounts of it, too. */ - if (mount("/sys", mount_entry_path(m), NULL, MS_BIND|MS_REC, NULL) < 0) - return log_debug_errno(errno, "Failed to mount %s: %m", mount_entry_path(m)); + r = mount_nofollow_verbose(LOG_DEBUG, "/sys", mount_entry_path(m), NULL, MS_BIND|MS_REC, NULL); + if (r < 0) + return r; return 1; } static int mount_procfs(const MountEntry *m, const NamespaceInfo *ns_info) { const char *entry_path; + int r; assert(m); assert(ns_info); @@ -896,9 +892,10 @@ static int mount_procfs(const MountEntry *m, const NamespaceInfo *ns_info) { if (!opts) return -ENOMEM; - if (mount("proc", entry_path, "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, opts) < 0) { - if (errno != EINVAL) - return log_debug_errno(errno, "Failed to mount %s (options=%s): %m", mount_entry_path(m), opts); + r = mount_nofollow_verbose(LOG_DEBUG, "proc", entry_path, "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, opts); + if (r < 0) { + if (r != -EINVAL) + return r; /* If this failed with EINVAL then this likely means the textual hidepid= stuff is * not supported by the kernel, and thus the per-instance hidepid= neither, which @@ -908,8 +905,9 @@ static int mount_procfs(const MountEntry *m, const NamespaceInfo *ns_info) { return 1; } - if (mount("proc", entry_path, "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL) < 0) - return log_debug_errno(errno, "Failed to mount %s (no options): %m", mount_entry_path(m)); + r = mount_nofollow_verbose(LOG_DEBUG, "proc", entry_path, "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL); + if (r < 0) + return r; return 1; } @@ -928,8 +926,9 @@ static int mount_tmpfs(const MountEntry *m) { (void) mkdir_p_label(entry_path, 0755); (void) umount_recursive(entry_path, 0); - if (mount("tmpfs", entry_path, "tmpfs", m->flags, mount_entry_options(m)) < 0) - return log_debug_errno(errno, "Failed to mount %s: %m", entry_path); + r = mount_nofollow_verbose(LOG_DEBUG, "tmpfs", entry_path, "tmpfs", m->flags, mount_entry_options(m)); + if (r < 0) + return r; r = label_fix_container(entry_path, inner_path, 0); if (r < 0) @@ -1172,9 +1171,9 @@ static int apply_mount( assert(what); - if (mount(what, mount_entry_path(m), NULL, MS_BIND|(rbind ? MS_REC : 0), NULL) < 0) { + r = mount_nofollow_verbose(LOG_DEBUG, what, mount_entry_path(m), NULL, MS_BIND|(rbind ? MS_REC : 0), NULL); + if (r < 0) { bool try_again = false; - r = -errno; if (r == -ENOENT && make) { struct stat st; @@ -1202,13 +1201,8 @@ static int apply_mount( } } - if (try_again) { - if (mount(what, mount_entry_path(m), NULL, MS_BIND|(rbind ? MS_REC : 0), NULL) < 0) - r = -errno; - else - r = 0; - } - + if (try_again) + r = mount_nofollow_verbose(LOG_DEBUG, what, mount_entry_path(m), NULL, MS_BIND|(rbind ? MS_REC : 0), NULL); if (r < 0) return log_error_errno(r, "Failed to mount %s to %s: %m", what, mount_entry_path(m)); } @@ -1798,19 +1792,16 @@ int setup_namespace( goto finish; } if (r == 0) { - if (mount(root, root, NULL, MS_BIND|MS_REC, NULL) < 0) { - r = log_debug_errno(errno, "Failed to bind mount '%s': %m", root); + r = mount_nofollow_verbose(LOG_DEBUG, root, root, NULL, MS_BIND|MS_REC, NULL); + if (r < 0) goto finish; - } } } else { - /* Let's mount the main root directory to the root directory to use */ - if (mount("/", root, NULL, MS_BIND|MS_REC, NULL) < 0) { - r = log_debug_errno(errno, "Failed to bind mount '/' on '%s': %m", root); + r = mount_nofollow_verbose(LOG_DEBUG, "/", root, NULL, MS_BIND|MS_REC, NULL); + if (r < 0) goto finish; - } } /* Try to set up the new root directory before mounting anything else there. */ diff --git a/src/login/user-runtime-dir.c b/src/login/user-runtime-dir.c index ab25ebf41bf..84d8f1e8fde 100644 --- a/src/login/user-runtime-dir.c +++ b/src/login/user-runtime-dir.c @@ -13,6 +13,7 @@ #include "limits-util.h" #include "main-func.h" #include "mkdir.h" +#include "mount-util.h" #include "mountpoint-util.h" #include "path-util.h" #include "rm-rf.h" @@ -81,14 +82,14 @@ static int user_mkdir_runtime_path( (void) mkdir_label(runtime_path, 0700); - r = mount("tmpfs", runtime_path, "tmpfs", MS_NODEV|MS_NOSUID, options); + r = mount_nofollow_verbose(LOG_DEBUG, "tmpfs", runtime_path, "tmpfs", MS_NODEV|MS_NOSUID, options); if (r < 0) { - if (!ERRNO_IS_PRIVILEGE(errno)) { - r = log_error_errno(errno, "Failed to mount per-user tmpfs directory %s: %m", runtime_path); + if (!ERRNO_IS_PRIVILEGE(r)) { + log_error_errno(r, "Failed to mount per-user tmpfs directory %s: %m", runtime_path); goto fail; } - log_debug_errno(errno, + log_debug_errno(r, "Failed to mount per-user tmpfs directory %s.\n" "Assuming containerized execution, ignoring: %m", runtime_path); diff --git a/src/machine/machine-dbus.c b/src/machine/machine-dbus.c index 8dd4a3294a5..103c82a9a4b 100644 --- a/src/machine/machine-dbus.c +++ b/src/machine/machine-dbus.c @@ -31,6 +31,7 @@ #include "machine.h" #include "missing_capability.h" #include "mkdir.h" +#include "mount-util.h" #include "namespace-util.h" #include "os-util.h" #include "path-util.h" @@ -891,15 +892,17 @@ int bus_machine_method_bind_mount(sd_bus_message *message, void *userdata, sd_bu mount_slave_created = true; - if (mount(mount_slave, mount_slave, NULL, MS_BIND, NULL) < 0) { - r = sd_bus_error_set_errnof(error, errno, "Failed to make bind mount %s: %m", mount_slave); + r = mount_nofollow_verbose(LOG_DEBUG, mount_slave, mount_slave, NULL, MS_BIND, NULL); + if (r < 0) { + sd_bus_error_set_errnof(error, r, "Failed to make bind mount %s: %m", mount_slave); goto finish; } mount_slave_mounted = true; - if (mount(NULL, mount_slave, NULL, MS_SLAVE, NULL) < 0) { - r = sd_bus_error_set_errnof(error, errno, "Failed to remount slave %s: %m", mount_slave); + r = mount_nofollow_verbose(LOG_DEBUG, NULL, mount_slave, NULL, MS_SLAVE, NULL); + if (r < 0) { + sd_bus_error_set_errnof(error, r, "Failed to remount slave %s: %m", mount_slave); goto finish; } @@ -916,19 +919,22 @@ int bus_machine_method_bind_mount(sd_bus_message *message, void *userdata, sd_bu mount_tmp_created = true; - if (mount(chased_src, mount_tmp, NULL, MS_BIND, NULL) < 0) { - r = sd_bus_error_set_errnof(error, errno, "Failed to mount %s: %m", chased_src); + r = mount_nofollow_verbose(LOG_DEBUG, chased_src, mount_tmp, NULL, MS_BIND, NULL); + if (r < 0) { + sd_bus_error_set_errnof(error, r, "Failed to mount %s: %m", chased_src); goto finish; } mount_tmp_mounted = true; /* Third, we remount the new bind mount read-only if requested. */ - if (read_only) - if (mount(NULL, mount_tmp, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY, NULL) < 0) { - r = sd_bus_error_set_errnof(error, errno, "Failed to remount read-only %s: %m", mount_tmp); + if (read_only) { + r = mount_nofollow_verbose(LOG_DEBUG, NULL, mount_tmp, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY, NULL); + if (r < 0) { + sd_bus_error_set_errnof(error, r, "Failed to remount read-only %s: %m", mount_tmp); goto finish; } + } /* Fourth, we move the new bind mount into the propagation directory. This way it will appear there read-only * right-away. */ @@ -947,8 +953,9 @@ int bus_machine_method_bind_mount(sd_bus_message *message, void *userdata, sd_bu mount_outside_created = true; - if (mount(mount_tmp, mount_outside, NULL, MS_MOVE, NULL) < 0) { - r = sd_bus_error_set_errnof(error, errno, "Failed to move %s to %s: %m", mount_tmp, mount_outside); + r = mount_nofollow_verbose(LOG_DEBUG, mount_tmp, mount_outside, NULL, MS_MOVE, NULL); + if (r < 0) { + sd_bus_error_set_errnof(error, r, "Failed to move %s to %s: %m", mount_tmp, mount_outside); goto finish; } @@ -1005,10 +1012,9 @@ int bus_machine_method_bind_mount(sd_bus_message *message, void *userdata, sd_bu } mount_inside = strjoina("/run/host/incoming/", basename(mount_outside)); - if (mount(mount_inside, dest, NULL, MS_MOVE, NULL) < 0) { - r = log_error_errno(errno, "Failed to mount: %m"); + r = mount_nofollow_verbose(LOG_ERR, mount_inside, dest, NULL, MS_MOVE, NULL); + if (r < 0) goto child_fail; - } _exit(EXIT_SUCCESS);