From 3e5320e27d3e5f1bbbb7eb1c98dcec970d558017 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 17 Jun 2025 14:58:36 +0200 Subject: [PATCH] env-file: port write_env_file() to label_ops_pre() Let's make more use of label_ops_pre()/label_ops_post(), and replace write_env_file_label() by a flag to write_env_file(). This simplifies and normalizes the code. This also makes one relevant change: it sets the new WRITE_ENV_FILE_LABEL flag in firstboot.c when we write locale.conf, where we previously did not (but should have). This should address one detail of #37857. --- src/basic/env-file.c | 17 +++++++++++++++-- src/basic/env-file.h | 6 +++++- src/firstboot/firstboot.c | 7 ++++++- src/hostname/hostnamed.c | 8 ++++++-- src/locale/localed-util.c | 3 +-- src/shared/env-file-label.c | 35 ----------------------------------- src/shared/env-file-label.h | 12 ------------ src/shared/locale-setup.c | 8 ++++++-- src/shared/meson.build | 1 - src/test/test-env-file.c | 2 +- src/test/test-fileio.c | 4 ++-- 11 files changed, 42 insertions(+), 61 deletions(-) delete mode 100644 src/shared/env-file-label.c delete mode 100644 src/shared/env-file-label.h diff --git a/src/basic/env-file.c b/src/basic/env-file.c index bc23e94d18f..f9d63aefed0 100644 --- a/src/basic/env-file.c +++ b/src/basic/env-file.c @@ -5,10 +5,12 @@ #include "alloc-util.h" #include "env-file.h" #include "env-util.h" +#include "errno-util.h" #include "escape.h" #include "fd-util.h" #include "fileio.h" #include "fs-util.h" +#include "label.h" #include "log.h" #include "string-util.h" #include "strv.h" @@ -629,7 +631,7 @@ static void write_env_var(FILE *f, const char *v) { fputc_unlocked('\n', f); } -int write_env_file(int dir_fd, const char *fname, char **headers, char **l) { +int write_env_file(int dir_fd, const char *fname, char **headers, char **l, WriteEnvFileFlags flags) { _cleanup_fclose_ FILE *f = NULL; _cleanup_free_ char *p = NULL; int r; @@ -637,7 +639,18 @@ int write_env_file(int dir_fd, const char *fname, char **headers, char **l) { assert(dir_fd >= 0 || dir_fd == AT_FDCWD); assert(fname); + bool call_label_ops_post = false; + if (FLAGS_SET(flags, WRITE_ENV_FILE_LABEL)) { + r = label_ops_pre(dir_fd, fname, S_IFREG); + if (r < 0) + return r; + + call_label_ops_post = true; + } + r = fopen_tmpfile_linkable_at(dir_fd, fname, O_WRONLY|O_CLOEXEC, &p, &f); + if (call_label_ops_post) + RET_GATHER(r, label_ops_post(f ? fileno(f) : dir_fd, f ? NULL : fname, /* created= */ !!f)); if (r < 0) return r; @@ -672,5 +685,5 @@ int write_vconsole_conf(int dir_fd, const char *fname, char **l) { "# Written by systemd-localed(8) or systemd-firstboot(1), read by systemd-localed", "# and systemd-vconsole-setup(8). Use localectl(1) to update this file."); - return write_env_file(dir_fd, fname, headers, l); + return write_env_file(dir_fd, fname, headers, l, WRITE_ENV_FILE_LABEL); } diff --git a/src/basic/env-file.h b/src/basic/env-file.h index b44651fe1e9..b17a1804cfb 100644 --- a/src/basic/env-file.h +++ b/src/basic/env-file.h @@ -15,7 +15,11 @@ int load_env_file_pairs_fd(int fd, const char *fname, char ***ret); int merge_env_file(char ***env, FILE *f, const char *fname); -int write_env_file(int dir_fd, const char *fname, char **headers, char **l); +typedef enum WriteEnvFileFlags { + WRITE_ENV_FILE_LABEL = 1 << 0, +} WriteEnvFileFlags; + +int write_env_file(int dir_fd, const char *fname, char **headers, char **l, WriteEnvFileFlags flags); int write_vconsole_conf(int dir_fd, const char *fname, char **l); diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c index 2f0fd9efeda..5cac7e360dd 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c @@ -448,7 +448,12 @@ static int process_locale(int rfd) { locales[i] = NULL; - r = write_env_file(pfd, f, NULL, locales); + r = write_env_file( + pfd, + f, + /* headers= */ NULL, + locales, + WRITE_ENV_FILE_LABEL); if (r < 0) return log_error_errno(r, "Failed to write /etc/locale.conf: %m"); diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c index e194381ce1b..789ab2be78a 100644 --- a/src/hostname/hostnamed.c +++ b/src/hostname/hostnamed.c @@ -21,7 +21,6 @@ #include "daemon-util.h" #include "device-private.h" #include "env-file.h" -#include "env-file-label.h" #include "env-util.h" #include "extract-word.h" #include "fileio.h" @@ -860,7 +859,12 @@ static int context_write_data_machine_info(Context *c) { return 0; } - r = write_env_file_label(AT_FDCWD, "/etc/machine-info", NULL, l); + r = write_env_file( + AT_FDCWD, + "/etc/machine-info", + /* headers= */ NULL, + l, + WRITE_ENV_FILE_LABEL); if (r < 0) return r; diff --git a/src/locale/localed-util.c b/src/locale/localed-util.c index 9e990443e4d..0a96e7a3c9a 100644 --- a/src/locale/localed-util.c +++ b/src/locale/localed-util.c @@ -8,7 +8,6 @@ #include "alloc-util.h" #include "copy.h" #include "env-file.h" -#include "env-file-label.h" #include "errno-util.h" #include "extract-word.h" #include "fd-util.h" @@ -315,7 +314,7 @@ int vconsole_write_data(Context *c) { return 0; } - r = write_vconsole_conf_label(l); + r = write_vconsole_conf(AT_FDCWD, "/etc/vconsole.conf", l); if (r < 0) return r; diff --git a/src/shared/env-file-label.c b/src/shared/env-file-label.c deleted file mode 100644 index 7609250605f..00000000000 --- a/src/shared/env-file-label.c +++ /dev/null @@ -1,35 +0,0 @@ -/* SPDX-License-Identifier: LGPL-2.1-or-later */ - -#include - -#include "env-file.h" -#include "env-file-label.h" -#include "selinux-util.h" - -int write_env_file_label(int dir_fd, const char *fname, char **headers, char **l) { - int r; - - r = mac_selinux_create_file_prepare(fname, S_IFREG); - if (r < 0) - return r; - - r = write_env_file(dir_fd, fname, headers, l); - - mac_selinux_create_file_clear(); - - return r; -} - -int write_vconsole_conf_label(char **l) { - int r; - - r = mac_selinux_create_file_prepare("/etc/vconsole.conf", S_IFREG); - if (r < 0) - return r; - - r = write_vconsole_conf(AT_FDCWD, "/etc/vconsole.conf", l); - - mac_selinux_create_file_clear(); - - return r; -} diff --git a/src/shared/env-file-label.h b/src/shared/env-file-label.h deleted file mode 100644 index 5309eabff4e..00000000000 --- a/src/shared/env-file-label.h +++ /dev/null @@ -1,12 +0,0 @@ -/* SPDX-License-Identifier: LGPL-2.1-or-later */ -#pragma once - -#include "forward.h" - -/* These functions are split out of fileio.h (and not for example just flags to the functions they wrap) in order to - * optimize linking: This way, -lselinux is needed only for the callers of these functions that need selinux, but not - * for all */ - -int write_env_file_label(int dir_fd, const char *fname, char **headers, char **l); - -int write_vconsole_conf_label(char **l); diff --git a/src/shared/locale-setup.c b/src/shared/locale-setup.c index c23f1c4078b..c59bbe2abce 100644 --- a/src/shared/locale-setup.c +++ b/src/shared/locale-setup.c @@ -6,7 +6,6 @@ #include "alloc-util.h" #include "env-file.h" -#include "env-file-label.h" #include "env-util.h" #include "errno-util.h" #include "fd-util.h" @@ -212,7 +211,12 @@ int locale_context_save(LocaleContext *c, char ***ret_set, char ***ret_unset) { return 0; } - r = write_env_file_label(AT_FDCWD, "/etc/locale.conf", NULL, set); + r = write_env_file( + AT_FDCWD, + "/etc/locale.conf", + /* headers= */ NULL, + set, + WRITE_ENV_FILE_LABEL); if (r < 0) return r; diff --git a/src/shared/meson.build b/src/shared/meson.build index 33c550e5ba8..38dd3b498dd 100644 --- a/src/shared/meson.build +++ b/src/shared/meson.build @@ -68,7 +68,6 @@ shared_sources = files( 'efi-loader.c', 'elf-util.c', 'enable-mempool.c', - 'env-file-label.c', 'ethtool-util.c', 'exec-util.c', 'exit-status.c', diff --git a/src/test/test-env-file.c b/src/test/test-env-file.c index 69c8e48daaf..812c0cb762c 100644 --- a/src/test/test-env-file.c +++ b/src/test/test-env-file.c @@ -171,7 +171,7 @@ TEST(write_and_load_env_file) { assert_se(tempfn_random_child(NULL, NULL, &p) >= 0); assert_se(j = strjoin("TEST=", v)); - assert_se(write_env_file(AT_FDCWD, p, STRV_MAKE("# header 1", "", "# header 2"), STRV_MAKE(j)) >= 0); + assert_se(write_env_file(AT_FDCWD, p, STRV_MAKE("# header 1", "", "# header 2"), STRV_MAKE(j), /* flags= */ 0) >= 0); assert_se(cmd = strjoin(". ", p, " && /bin/echo -n \"$TEST\"")); assert_se(f = popen(cmd, "re")); diff --git a/src/test/test-fileio.c b/src/test/test-fileio.c index aa68155fe68..e0ae30bbb91 100644 --- a/src/test/test-fileio.c +++ b/src/test/test-fileio.c @@ -143,7 +143,7 @@ TEST(parse_env_file) { assert_se(fd >= 0); } - r = write_env_file(AT_FDCWD, p, NULL, a); + r = write_env_file(AT_FDCWD, p, /* headers= */ NULL, a, /* flags= */ 0); assert_se(r >= 0); r = load_env_file(NULL, p, &b); @@ -206,7 +206,7 @@ TEST(parse_multiline_env_file) { assert_se(fd >= 0); } - r = write_env_file(AT_FDCWD, p, NULL, a); + r = write_env_file(AT_FDCWD, p, /* headers= */ NULL, a, /* flags= */ 0); assert_se(r >= 0); r = load_env_file(NULL, p, &b); -- 2.47.3