From: Zbigniew Jędrzejewski-Szmek Date: Wed, 24 Nov 2021 12:03:25 +0000 (+0100) Subject: dissect-image: do not enable "verification" when trying to acquire metadata X-Git-Tag: v250-rc1~170^2~3 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=228475082018c817f0ed2b46ef542f6e16173690;p=thirdparty%2Fsystemd.git dissect-image: do not enable "verification" when trying to acquire metadata The whole point of acquiring metadata is quite often to figure out why the image does not pass verification. Refusing to provide metadata is just being hostile to the user. When called from other places (e.g. image_read_metadata()), verification is still performed. --- diff --git a/src/dissect/dissect.c b/src/dissect/dissect.c index 753d4aefd7a..a9632a3f163 100644 --- a/src/dissect/dissect.c +++ b/src/dissect/dissect.c @@ -433,7 +433,7 @@ static int action_dissect(DissectedImage *m, LoopDevice *d) { if (arg_json_format_flags & JSON_FORMAT_OFF) putc('\n', stdout); - r = dissected_image_acquire_metadata(m); + r = dissected_image_acquire_metadata(m, 0); if (r == -ENXIO) return log_error_errno(r, "No root partition discovered."); if (r == -EUCLEAN) diff --git a/src/shared/discover-image.c b/src/shared/discover-image.c index 60833cec455..9c07cda8eea 100644 --- a/src/shared/discover-image.c +++ b/src/shared/discover-image.c @@ -1216,7 +1216,9 @@ int image_read_metadata(Image *i) { if (r < 0) return r; - r = dissected_image_acquire_metadata(m); + r = dissected_image_acquire_metadata(m, + DISSECT_IMAGE_VALIDATE_OS | + DISSECT_IMAGE_VALIDATE_OS_EXT); if (r < 0) return r; diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c index d3e741a1a0e..c3345b3fad5 100644 --- a/src/shared/dissect-image.c +++ b/src/shared/dissect-image.c @@ -3009,7 +3009,7 @@ int dissected_image_load_verity_sig_partition( return 1; } -int dissected_image_acquire_metadata(DissectedImage *m) { +int dissected_image_acquire_metadata(DissectedImage *m, DissectImageFlags extra_flags) { enum { META_HOSTNAME, @@ -3026,7 +3026,7 @@ int dissected_image_acquire_metadata(DissectedImage *m) { [META_MACHINE_ID] = "/etc/machine-id\0", [META_MACHINE_INFO] = "/etc/machine-info\0", [META_OS_RELEASE] = ("/etc/os-release\0" - "/usr/lib/os-release\0"), + "/usr/lib/os-release\0"), [META_EXTENSION_RELEASE] = "extension-release\0", /* Used only for logging. */ [META_HAS_INIT_SYSTEM] = "has-init-system\0", /* ditto */ }; @@ -3079,10 +3079,9 @@ int dissected_image_acquire_metadata(DissectedImage *m) { t, UID_INVALID, UID_INVALID, - DISSECT_IMAGE_READ_ONLY| - DISSECT_IMAGE_MOUNT_ROOT_ONLY| - DISSECT_IMAGE_VALIDATE_OS| - DISSECT_IMAGE_VALIDATE_OS_EXT| + extra_flags | + DISSECT_IMAGE_READ_ONLY | + DISSECT_IMAGE_MOUNT_ROOT_ONLY | DISSECT_IMAGE_USR_NO_ROOT); if (r < 0) { log_debug_errno(r, "Failed to mount dissected image: %m"); diff --git a/src/shared/dissect-image.h b/src/shared/dissect-image.h index 8ad26bc45b6..48a9e0b4f9f 100644 --- a/src/shared/dissect-image.h +++ b/src/shared/dissect-image.h @@ -208,7 +208,7 @@ int dissected_image_decrypt_interactively(DissectedImage *m, const char *passphr int dissected_image_mount(DissectedImage *m, const char *dest, uid_t uid_shift, uid_t uid_range, DissectImageFlags flags); int dissected_image_mount_and_warn(DissectedImage *m, const char *where, uid_t uid_shift, uid_t uid_range, DissectImageFlags flags); -int dissected_image_acquire_metadata(DissectedImage *m); +int dissected_image_acquire_metadata(DissectedImage *m, DissectImageFlags extra_flags); DecryptedImage* decrypted_image_unref(DecryptedImage *p); DEFINE_TRIVIAL_CLEANUP_FUNC(DecryptedImage*, decrypted_image_unref);