1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-22 13:33:56 +03:00

treewide: drop "RUN_" from "RUN_WITH_UMASK"

RUN_WITH_UMASK was initially conceived for spawning externals progs with the
umask set. But nowadays we use it various syscalls and stuff that doesn't "run"
anything, so the "RUN_" prefix has outlived its usefulness.
This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2022-12-13 12:11:29 +01:00
parent d70eaf3067
commit 2053593fcc
20 changed files with 41 additions and 41 deletions

View File

@ -43,7 +43,7 @@
// src/basic/umask-util.h // src/basic/umask-util.h
#define _cleanup_umask_ #define _cleanup_umask_
#define RUN_WITH_UMASK(mask) \ #define WITH_UMASK(mask) \
for (_cleanup_umask_ mode_t _saved_umask_ = umask(mask) | S_IFMT; \ for (_cleanup_umask_ mode_t _saved_umask_ = umask(mask) | S_IFMT; \
FLAGS_SET(_saved_umask_, S_IFMT); \ FLAGS_SET(_saved_umask_, S_IFMT); \
_saved_umask_ &= 0777) _saved_umask_ &= 0777)

View File

@ -15,12 +15,12 @@ static inline void umaskp(mode_t *u) {
/* We make use of the fact here that the umask() concept is using only the lower 9 bits of mode_t, although /* We make use of the fact here that the umask() concept is using only the lower 9 bits of mode_t, although
* mode_t has space for the file type in the bits further up. We simply OR in the file type mask S_IFMT to * mode_t has space for the file type in the bits further up. We simply OR in the file type mask S_IFMT to
* distinguish the first and the second iteration of the RUN_WITH_UMASK() loop, so that we can run the first * distinguish the first and the second iteration of the WITH_UMASK() loop, so that we can run the first one,
* one, and exit on the second. */ * and exit on the second. */
assert_cc((S_IFMT & 0777) == 0); assert_cc((S_IFMT & 0777) == 0);
#define RUN_WITH_UMASK(mask) \ #define WITH_UMASK(mask) \
for (_cleanup_umask_ mode_t _saved_umask_ = umask(mask) | S_IFMT; \ for (_cleanup_umask_ mode_t _saved_umask_ = umask(mask) | S_IFMT; \
FLAGS_SET(_saved_umask_, S_IFMT); \ FLAGS_SET(_saved_umask_, S_IFMT); \
_saved_umask_ &= 0777) _saved_umask_ &= 0777)

View File

@ -828,7 +828,7 @@ static int copy_file_with_version_check(const char *from, const char *to, bool f
if (r < 0) if (r < 0)
return log_oom(); return log_oom();
RUN_WITH_UMASK(0000) { WITH_UMASK(0000) {
fd_to = open(t, O_WRONLY|O_CREAT|O_CLOEXEC|O_EXCL|O_NOFOLLOW, 0644); fd_to = open(t, O_WRONLY|O_CREAT|O_CLOEXEC|O_EXCL|O_NOFOLLOW, 0644);
if (fd_to < 0) if (fd_to < 0)
return log_error_errno(errno, "Failed to open \"%s\" for writing: %m", t); return log_error_errno(errno, "Failed to open \"%s\" for writing: %m", t);
@ -2073,7 +2073,7 @@ static int install_random_seed(const char *esp) {
/* Let's write this variable with an umask in effect, so that unprivileged users can't see the token /* Let's write this variable with an umask in effect, so that unprivileged users can't see the token
* and possibly get identification information or too much insight into the kernel's entropy pool * and possibly get identification information or too much insight into the kernel's entropy pool
* state. */ * state. */
RUN_WITH_UMASK(0077) { WITH_UMASK(0077) {
r = efi_set_variable(EFI_LOADER_VARIABLE(LoaderSystemToken), buffer, sizeof(buffer)); r = efi_set_variable(EFI_LOADER_VARIABLE(LoaderSystemToken), buffer, sizeof(buffer));
if (r < 0) { if (r < 0) {
if (!arg_graceful) if (!arg_graceful)
@ -2147,7 +2147,7 @@ static int verb_install(int argc, char *argv[], void *userdata) {
const char *arch = arg_arch_all ? "" : get_efi_arch(); const char *arch = arg_arch_all ? "" : get_efi_arch();
RUN_WITH_UMASK(0002) { WITH_UMASK(0002) {
if (install) { if (install) {
/* Don't create any of these directories when we are just updating. When we update /* Don't create any of these directories when we are just updating. When we update
* we'll drop-in our files (unless there are newer ones already), but we won't create * we'll drop-in our files (unless there are newer ones already), but we won't create

View File

@ -941,7 +941,7 @@ int bus_init_private(Manager *m) {
if (fd < 0) if (fd < 0)
return log_error_errno(errno, "Failed to allocate private socket: %m"); return log_error_errno(errno, "Failed to allocate private socket: %m");
RUN_WITH_UMASK(0077) WITH_UMASK(0077)
r = bind(fd, &sa.sa, sa_len); r = bind(fd, &sa.sa, sa_len);
if (r < 0) if (r < 0)
return log_error_errno(errno, "Failed to bind private socket: %m"); return log_error_errno(errno, "Failed to bind private socket: %m");

View File

@ -1376,7 +1376,7 @@ static int write_container_id(void) {
if (isempty(c)) if (isempty(c))
return 0; return 0;
RUN_WITH_UMASK(0022) WITH_UMASK(0022)
r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE); r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
if (r < 0) if (r < 0)
return log_warning_errno(r, "Failed to write /run/systemd/container, ignoring: %m"); return log_warning_errno(r, "Failed to write /run/systemd/container, ignoring: %m");

View File

@ -1103,7 +1103,7 @@ static int manager_setup_cgroups_agent(Manager *m) {
(void) sockaddr_un_unlink(&sa.un); (void) sockaddr_un_unlink(&sa.un);
/* Only allow root to connect to this socket */ /* Only allow root to connect to this socket */
RUN_WITH_UMASK(0077) WITH_UMASK(0077)
r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)); r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
if (r < 0) if (r < 0)
return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path); return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
@ -3674,7 +3674,7 @@ static int manager_run_environment_generators(Manager *m) {
if (!generator_path_any((const char* const*) paths)) if (!generator_path_any((const char* const*) paths))
return 0; return 0;
RUN_WITH_UMASK(0022) WITH_UMASK(0022)
r = execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC, gather_environment, r = execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC, gather_environment,
args, NULL, m->transient_environment, args, NULL, m->transient_environment,
EXEC_DIR_PARALLEL | EXEC_DIR_IGNORE_ERRORS | EXEC_DIR_SET_SYSTEMD_EXEC_PID); EXEC_DIR_PARALLEL | EXEC_DIR_IGNORE_ERRORS | EXEC_DIR_SET_SYSTEMD_EXEC_PID);
@ -3776,7 +3776,7 @@ static int manager_run_generators(Manager *m) {
goto finish; goto finish;
} }
RUN_WITH_UMASK(0022) WITH_UMASK(0022)
(void) execute_directories( (void) execute_directories(
(const char* const*) paths, (const char* const*) paths,
DEFAULT_TIMEOUT_USEC, DEFAULT_TIMEOUT_USEC,

View File

@ -2708,7 +2708,7 @@ static int make_tmp_prefix(const char *prefix) {
if (errno != ENOENT) if (errno != ENOENT)
return -errno; return -errno;
RUN_WITH_UMASK(000) WITH_UMASK(000)
r = mkdir_parents(prefix, 0755); r = mkdir_parents(prefix, 0755);
if (r < 0) if (r < 0)
return r; return r;
@ -2765,7 +2765,7 @@ static int setup_one_tmp_dir(const char *id, const char *prefix, char **path, ch
if (r < 0) if (r < 0)
return r; return r;
RUN_WITH_UMASK(0077) WITH_UMASK(0077)
if (!mkdtemp(x)) { if (!mkdtemp(x)) {
if (errno == EROFS || ERRNO_IS_DISK_SPACE(errno)) if (errno == EROFS || ERRNO_IS_DISK_SPACE(errno))
rw = false; rw = false;
@ -2778,7 +2778,7 @@ static int setup_one_tmp_dir(const char *id, const char *prefix, char **path, ch
if (!y) if (!y)
return -ENOMEM; return -ENOMEM;
RUN_WITH_UMASK(0000) WITH_UMASK(0000)
if (mkdir(y, 0777 | S_ISVTX) < 0) if (mkdir(y, 0777 | S_ISVTX) < 0)
return -errno; return -errno;
@ -2792,7 +2792,7 @@ static int setup_one_tmp_dir(const char *id, const char *prefix, char **path, ch
/* Trouble: we failed to create the directory. Instead of failing, let's simulate /tmp being /* Trouble: we failed to create the directory. Instead of failing, let's simulate /tmp being
* read-only. This way the service will get the EROFS result as if it was writing to the real * read-only. This way the service will get the EROFS result as if it was writing to the real
* file system. */ * file system. */
RUN_WITH_UMASK(0000) WITH_UMASK(0000)
r = mkdir_p(RUN_SYSTEMD_EMPTY, 0500); r = mkdir_p(RUN_SYSTEMD_EMPTY, 0500);
if (r < 0) if (r < 0)
return r; return r;

View File

@ -4469,7 +4469,7 @@ int unit_make_transient(Unit *u) {
/* Let's open the file we'll write the transient settings into. This file is kept open as long as we are /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
* creating the transient, and is closed in unit_load(), as soon as we start loading the file. */ * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
RUN_WITH_UMASK(0022) { WITH_UMASK(0022) {
f = fopen(path, "we"); f = fopen(path, "we");
if (!f) if (!f)
return -errno; return -errno;

View File

@ -130,7 +130,7 @@ int home_create_directory_or_subvolume(UserRecord *h, HomeSetup *setup, UserReco
switch (user_record_storage(h)) { switch (user_record_storage(h)) {
case USER_SUBVOLUME: case USER_SUBVOLUME:
RUN_WITH_UMASK(0077) WITH_UMASK(0077)
r = btrfs_subvol_make(d); r = btrfs_subvol_make(d);
if (r >= 0) { if (r >= 0) {

View File

@ -687,7 +687,7 @@ static int create_socket(char **ret) {
return r; return r;
sa_len = r; sa_len = r;
RUN_WITH_UMASK(0177) WITH_UMASK(0177)
if (bind(fd, &sa.sa, sa_len) < 0) if (bind(fd, &sa.sa, sa_len) < 0)
return -errno; return -errno;

View File

@ -178,7 +178,7 @@ int base_filesystem_create(const char *root, uid_t uid, gid_t gid) {
continue; continue;
} }
RUN_WITH_UMASK(0000) WITH_UMASK(0000)
r = mkdirat(fd, table[i].dir, table[i].mode); r = mkdirat(fd, table[i].dir, table[i].mode);
if (r < 0) { if (r < 0) {
log_full_errno(IN_SET(errno, EEXIST, EROFS) || table[i].ignore_failure ? LOG_DEBUG : LOG_ERR, errno, log_full_errno(IN_SET(errno, EEXIST, EROFS) || table[i].ignore_failure ? LOG_DEBUG : LOG_ERR, errno,

View File

@ -1357,7 +1357,7 @@ int copy_file_full(
if (r < 0) if (r < 0)
return r; return r;
RUN_WITH_UMASK(0000) { WITH_UMASK(0000) {
if (copy_flags & COPY_MAC_CREATE) { if (copy_flags & COPY_MAC_CREATE) {
r = mac_selinux_create_file_prepare(to, S_IFREG); r = mac_selinux_create_file_prepare(to, S_IFREG);
if (r < 0) if (r < 0)

View File

@ -89,7 +89,7 @@ int machine_id_setup(const char *root, bool force_transient, sd_id128_t machine_
etc_machine_id = prefix_roota(root, "/etc/machine-id"); etc_machine_id = prefix_roota(root, "/etc/machine-id");
RUN_WITH_UMASK(0000) { WITH_UMASK(0000) {
/* We create this 0444, to indicate that this isn't really /* We create this 0444, to indicate that this isn't really
* something you should ever modify. Of course, since the file * something you should ever modify. Of course, since the file
* will be owned by root it doesn't matter much, but maybe * will be owned by root it doesn't matter much, but maybe
@ -166,7 +166,7 @@ int machine_id_setup(const char *root, bool force_transient, sd_id128_t machine_
run_machine_id = prefix_roota(root, "/run/machine-id"); run_machine_id = prefix_roota(root, "/run/machine-id");
RUN_WITH_UMASK(0022) WITH_UMASK(0022)
r = id128_write(run_machine_id, ID128_FORMAT_PLAIN, machine_id); r = id128_write(run_machine_id, ID128_FORMAT_PLAIN, machine_id);
if (r < 0) { if (r < 0) {
(void) unlink(run_machine_id); (void) unlink(run_machine_id);

View File

@ -42,7 +42,7 @@ int update_reboot_parameter_and_warn(const char *parameter, bool keep) {
return 0; return 0;
} }
RUN_WITH_UMASK(0022) { WITH_UMASK(0022) {
r = write_string_file("/run/systemd/reboot-param", parameter, r = write_string_file("/run/systemd/reboot-param", parameter,
WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC); WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC);
if (r < 0) if (r < 0)

View File

@ -101,7 +101,7 @@ int socket_address_listen(
(void) mkdir_parents_label(p, directory_mode); (void) mkdir_parents_label(p, directory_mode);
/* Enforce the right access mode for the socket */ /* Enforce the right access mode for the socket */
RUN_WITH_UMASK(~socket_mode) { WITH_UMASK(~socket_mode) {
r = mac_selinux_bind(fd, &a->sockaddr.sa, a->size); r = mac_selinux_bind(fd, &a->sockaddr.sa, a->size);
if (r == -EADDRINUSE) { if (r == -EADDRINUSE) {
/* Unlink and try again */ /* Unlink and try again */

View File

@ -2326,7 +2326,7 @@ int varlink_server_listen_address(VarlinkServer *s, const char *address, mode_t
(void) sockaddr_un_unlink(&sockaddr.un); (void) sockaddr_un_unlink(&sockaddr.un);
RUN_WITH_UMASK(~m & 0777) { WITH_UMASK(~m & 0777) {
r = mac_selinux_bind(fd, &sockaddr.sa, sockaddr_len); r = mac_selinux_bind(fd, &sockaddr.sa, sockaddr_len);
if (r < 0) if (r < 0)
return r; return r;

View File

@ -17,7 +17,7 @@ TEST(install_file) {
assert_se(a = path_join(p, "foo")); assert_se(a = path_join(p, "foo"));
assert_se(b = path_join(p, "bar")); assert_se(b = path_join(p, "bar"));
RUN_WITH_UMASK(0077) WITH_UMASK(0077)
assert_se(write_string_file(a, "wups", WRITE_STRING_FILE_CREATE) >= 0); assert_se(write_string_file(a, "wups", WRITE_STRING_FILE_CREATE) >= 0);
assert_se(lstat(a, &stat1) >= 0); assert_se(lstat(a, &stat1) >= 0);

View File

@ -12,7 +12,7 @@ int main(int argc, char *argv[]) {
u = umask(0111); u = umask(0111);
n = 0; n = 0;
RUN_WITH_UMASK(0123) { WITH_UMASK(0123) {
assert_se(umask(000) == 0123); assert_se(umask(000) == 0123);
n++; n++;
} }
@ -20,7 +20,7 @@ int main(int argc, char *argv[]) {
assert_se(n == 1); assert_se(n == 1);
assert_se(umask(u) == 0111); assert_se(umask(u) == 0111);
RUN_WITH_UMASK(0135) { WITH_UMASK(0135) {
assert_se(umask(000) == 0135); assert_se(umask(000) == 0135);
n++; n++;
} }
@ -28,7 +28,7 @@ int main(int argc, char *argv[]) {
assert_se(n == 2); assert_se(n == 2);
assert_se(umask(0111) == u); assert_se(umask(0111) == u);
RUN_WITH_UMASK(0315) { WITH_UMASK(0315) {
assert_se(umask(000) == 0315); assert_se(umask(000) == 0315);
n++; n++;
break; break;

View File

@ -1499,7 +1499,7 @@ static int create_file(Item *i, const char *path) {
if (dir_fd < 0) if (dir_fd < 0)
return dir_fd; return dir_fd;
RUN_WITH_UMASK(0000) { WITH_UMASK(0000) {
mac_selinux_create_file_prepare(path, S_IFREG); mac_selinux_create_file_prepare(path, S_IFREG);
fd = RET_NERRNO(openat(dir_fd, bn, O_CREAT|O_EXCL|O_NOFOLLOW|O_NONBLOCK|O_CLOEXEC|O_WRONLY|O_NOCTTY, i->mode)); fd = RET_NERRNO(openat(dir_fd, bn, O_CREAT|O_EXCL|O_NOFOLLOW|O_NONBLOCK|O_CLOEXEC|O_WRONLY|O_NOCTTY, i->mode));
mac_selinux_create_file_clear(); mac_selinux_create_file_clear();
@ -1572,7 +1572,7 @@ static int truncate_file(Item *i, const char *path) {
if (fd == -ENOENT) { if (fd == -ENOENT) {
creation = CREATION_NORMAL; /* Didn't work without O_CREATE, try again with */ creation = CREATION_NORMAL; /* Didn't work without O_CREATE, try again with */
RUN_WITH_UMASK(0000) { WITH_UMASK(0000) {
mac_selinux_create_file_prepare(path, S_IFREG); mac_selinux_create_file_prepare(path, S_IFREG);
fd = RET_NERRNO(openat(dir_fd, bn, O_CREAT|O_NOFOLLOW|O_NONBLOCK|O_CLOEXEC|O_WRONLY|O_NOCTTY, i->mode)); fd = RET_NERRNO(openat(dir_fd, bn, O_CREAT|O_NOFOLLOW|O_NONBLOCK|O_CLOEXEC|O_WRONLY|O_NOCTTY, i->mode));
mac_selinux_create_file_clear(); mac_selinux_create_file_clear();
@ -1716,14 +1716,14 @@ static int create_directory_or_subvolume(
subvol = false; subvol = false;
else { else {
RUN_WITH_UMASK((~mode) & 0777) WITH_UMASK((~mode) & 0777)
r = btrfs_subvol_make_fd(pfd, bn); r = btrfs_subvol_make_fd(pfd, bn);
} }
} else } else
r = 0; r = 0;
if (!subvol || ERRNO_IS_NOT_SUPPORTED(r)) if (!subvol || ERRNO_IS_NOT_SUPPORTED(r))
RUN_WITH_UMASK(0000) WITH_UMASK(0000)
r = mkdirat_label(pfd, bn, mode); r = mkdirat_label(pfd, bn, mode);
creation = r >= 0 ? CREATION_NORMAL : CREATION_EXISTING; creation = r >= 0 ? CREATION_NORMAL : CREATION_EXISTING;
@ -1869,7 +1869,7 @@ static int create_device(Item *i, mode_t file_type) {
if (dfd < 0) if (dfd < 0)
return dfd; return dfd;
RUN_WITH_UMASK(0000) { WITH_UMASK(0000) {
mac_selinux_create_file_prepare(i->path, file_type); mac_selinux_create_file_prepare(i->path, file_type);
r = RET_NERRNO(mknodat(dfd, bn, i->mode | file_type, i->major_minor)); r = RET_NERRNO(mknodat(dfd, bn, i->mode | file_type, i->major_minor));
mac_selinux_create_file_clear(); mac_selinux_create_file_clear();
@ -1900,7 +1900,7 @@ static int create_device(Item *i, mode_t file_type) {
if (i->append_or_force) { if (i->append_or_force) {
fd = safe_close(fd); fd = safe_close(fd);
RUN_WITH_UMASK(0000) { WITH_UMASK(0000) {
mac_selinux_create_file_prepare(i->path, file_type); mac_selinux_create_file_prepare(i->path, file_type);
r = mknodat_atomic(dfd, bn, i->mode | file_type, i->major_minor); r = mknodat_atomic(dfd, bn, i->mode | file_type, i->major_minor);
mac_selinux_create_file_clear(); mac_selinux_create_file_clear();
@ -1971,7 +1971,7 @@ static int create_fifo(Item *i) {
if (pfd < 0) if (pfd < 0)
return pfd; return pfd;
RUN_WITH_UMASK(0000) { WITH_UMASK(0000) {
mac_selinux_create_file_prepare(i->path, S_IFIFO); mac_selinux_create_file_prepare(i->path, S_IFIFO);
r = RET_NERRNO(mkfifoat(pfd, bn, i->mode)); r = RET_NERRNO(mkfifoat(pfd, bn, i->mode));
mac_selinux_create_file_clear(); mac_selinux_create_file_clear();
@ -1996,7 +1996,7 @@ static int create_fifo(Item *i) {
if (i->append_or_force) { if (i->append_or_force) {
fd = safe_close(fd); fd = safe_close(fd);
RUN_WITH_UMASK(0000) { WITH_UMASK(0000) {
mac_selinux_create_file_prepare(i->path, S_IFIFO); mac_selinux_create_file_prepare(i->path, S_IFIFO);
r = mkfifoat_atomic(pfd, bn, i->mode); r = mkfifoat_atomic(pfd, bn, i->mode);
mac_selinux_create_file_clear(); mac_selinux_create_file_clear();
@ -2378,7 +2378,7 @@ static int mkdir_parents_rm_if_wrong_type(mode_t child_mode, const char *path) {
if (r == -ENOENT) if (r == -ENOENT)
r = rm_if_wrong_type_safe(S_IFDIR, parent_fd, &parent_st, t, AT_SYMLINK_NOFOLLOW); r = rm_if_wrong_type_safe(S_IFDIR, parent_fd, &parent_st, t, AT_SYMLINK_NOFOLLOW);
if (r == -ENOENT) { if (r == -ENOENT) {
RUN_WITH_UMASK(0000) WITH_UMASK(0000)
r = mkdirat_label(parent_fd, t, 0755); r = mkdirat_label(parent_fd, t, 0755);
if (r < 0) { if (r < 0) {
_cleanup_free_ char *parent_name = NULL; _cleanup_free_ char *parent_name = NULL;
@ -2416,7 +2416,7 @@ static int mkdir_parents_item(Item *i, mode_t child_mode) {
if (r < 0 && r != -ENOENT) if (r < 0 && r != -ENOENT)
return r; return r;
} else } else
RUN_WITH_UMASK(0000) WITH_UMASK(0000)
(void) mkdir_parents_label(i->path, 0755); (void) mkdir_parents_label(i->path, 0755);
return 0; return 0;

View File

@ -277,7 +277,7 @@ int manager_startup(Manager *m) {
(void) sockaddr_un_unlink(&sockaddr.un); (void) sockaddr_un_unlink(&sockaddr.un);
RUN_WITH_UMASK(0000) WITH_UMASK(0000)
if (bind(m->listen_fd, &sockaddr.sa, SOCKADDR_UN_LEN(sockaddr.un)) < 0) if (bind(m->listen_fd, &sockaddr.sa, SOCKADDR_UN_LEN(sockaddr.un)) < 0)
return log_error_errno(errno, "Failed to bind socket: %m"); return log_error_errno(errno, "Failed to bind socket: %m");