main: drop container/initrd env vars from inherited set

Leave the env vars used in the container/initrd logic set for PID1, but
don't inherit them to any children.

TODO

@@ -48,8 +48,6 @@ Features:
 
 * journal: if mmap() fails for mapping window try to unmap a a few older maps
 
-* add flag file for shutdownd so that clients can check whether a shutdown is queued
-
 * dbus upstream still refers to dbus.target and shouldn't
 
 * when a service has the same env var set twice we actually store it twice and return that in systemctl show -p... We should only show the last setting
@@ -65,10 +63,6 @@ Features:
 
 * Add ConditionReadWriteFileSystem= so that systemd-sysctl doesn't get executed when /proc/sys is read-only
 
-* unset container= and container_uuid= for child processes
-
-* when bind mounting /etc/machine-id, do so from /run/machine-id
-
 * introduce mix of BindTo and Requisite
 
 * journalctl: show multiline log messages sanely, expand tabs, and show all valid utf8 messages
@@ -172,8 +166,6 @@ Features:
 
 * as Tom Gundersen pointed out there's a always a dep loop if people use crypto file systems with random keys
 
-* unset container=, container_uuid= in PID1?
-
 * automatically escape unit names passed on the service (i.e. think "systemctl start serial-getty.service@serial/by-path/jshdfjsdfhkjh" being automatically escaped as necessary.
 
 * if we can not get user quota for tmpfs, mount a separate tmpfs instance
@@ -317,7 +309,6 @@ Features:
 External:
 
 * dbus:
-   - get process transport into dbus for systemctl -P/-H (PENDING)
    - dbus --user
    - natively watch for dbus-*.service symlinks (PENDING)
    - allow specification of socket mode/umask when allocating DBusServer

src/main.c

@@ -1333,9 +1333,10 @@ int main(int argc, char *argv[]) {
                arg_running_as == MANAGER_SYSTEM);
 
         if (arg_running_as == MANAGER_SYSTEM) {
-                /* Parse the data passed to us by the initrd and unset it */
+                /* Parse the data passed to us. We leave this
+                 * variables set, but the manager later on will not
+                 * pass them on to our children. */
                 parse_initrd_timestamp(&initrd_timestamp);
-                filter_environ("RD_");
 
                 /* Unset some environment variables passed in from the
                  * kernel that don't really make sense for us. */

src/manager.c

@@ -221,6 +221,21 @@ static int manager_setup_signals(Manager *m) {
         return 0;
 }
 
+static void manager_strip_environment(Manager *m) {
+        assert(m);
+
+        /* Remove variables from the inherited set that are part of
+         * the container interface:
+         * http://www.freedesktop.org/wiki/Software/systemd/ContainerInterface */
+        strv_remove_prefix(m->environment, "container=");
+        strv_remove_prefix(m->environment, "container_");
+
+        /* Remove variables from the inherited set that are part of
+         * the initrd interface:
+         * http://www.freedesktop.org/wiki/Software/systemd/InitrdInterface */
+        strv_remove_prefix(m->environment, "RD_");
+}
+
 int manager_new(ManagerRunningAs running_as, Manager **_m) {
         Manager *m;
         int r = -ENOMEM;
@@ -246,9 +261,12 @@ int manager_new(ManagerRunningAs running_as, Manager **_m) {
         m->signal_watch.fd = m->mount_watch.fd = m->udev_watch.fd = m->epoll_fd = m->dev_autofs_fd = m->swap_watch.fd = -1;
         m->current_job_id = 1; /* start as id #1, so that we can leave #0 around as "null-like" value */
 
-        if (!(m->environment = strv_copy(environ)))
+        m->environment = strv_copy(environ);
+        if (!m->environment)
                 goto fail;
 
+        manager_strip_environment(m);
+
         if (running_as == MANAGER_SYSTEM) {
                 m->default_controllers = strv_new("cpu", NULL);
                 if (!m->default_controllers)

src/shared/strv.c

@@ -386,6 +386,31 @@ char **strv_remove(char **l, const char *s) {
         return l;
 }
 
+char **strv_remove_prefix(char **l, const char *s) {
+        char **f, **t;
+
+        if (!l)
+                return NULL;
+
+        assert(s);
+
+        /* Drops every occurrence of a string prefixed with s in the
+         * string list, edits in-place. */
+
+        for (f = t = l; *f; f++) {
+
+                if (startswith(*f, s)) {
+                        free(*f);
+                        continue;
+                }
+
+                *(t++) = *f;
+        }
+
+        *t = NULL;
+        return l;
+}
+
 static int env_append(char **r, char ***k, char **a) {
         assert(r);
         assert(k);

src/shared/strv.h

@@ -39,6 +39,7 @@ char **strv_merge_concat(char **a, char **b, const char *suffix);
 char **strv_append(char **l, const char *s);
 
 char **strv_remove(char **l, const char *s);
+char **strv_remove_prefix(char **l, const char *s);
 char **strv_uniq(char **l);
 
 #define strv_contains(l, s) (!!strv_find((l), (s)))

src/shared/util.c

@@ -4276,24 +4276,6 @@ char *fstab_node_to_udev_node(const char *p) {
         return strdup(p);
 }
 
-void filter_environ(const char *prefix) {
-        int i, j;
-        assert(prefix);
-
-        if (!environ)
-                return;
-
-        for (i = 0, j = 0; environ[i]; i++) {
-
-                if (startswith(environ[i], prefix))
-                        continue;
-
-                environ[j++] = environ[i];
-        }
-
-        environ[j] = NULL;
-}
-
 bool tty_is_vc(const char *tty) {
         assert(tty);
 

src/shared/util.h

@@ -409,8 +409,6 @@ void dual_timestamp_deserialize(const char *value, dual_timestamp *t);
 
 char *fstab_node_to_udev_node(const char *p);
 
-void filter_environ(const char *prefix);
-
 bool tty_is_vc(const char *tty);
 bool tty_is_vc_resolve(const char *tty);
 int vtnr_from_tty(const char *tty);