From 498abadb8c91c708ace9f05b816678893f7ac31d Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 22 Oct 2021 16:01:42 +0200 Subject: [PATCH 1/3] homework: add macro for "/run/systemd/user-home-mount" We use this work dir a various places, and it's easy to mistype, hence let the compiler detect this for us, and introduce a macro for it. No code changes, just some search/replace. --- src/home/homework-cifs.c | 4 ++-- src/home/homework-luks.c | 14 +++++++------- src/home/homework-mount.c | 13 ++++++++----- src/home/homework.c | 2 +- src/home/homework.h | 2 ++ 5 files changed, 20 insertions(+), 15 deletions(-) diff --git a/src/home/homework-cifs.c b/src/home/homework-cifs.c index 3ac99f20ed..34cc3bbc9a 100644 --- a/src/home/homework-cifs.c +++ b/src/home/homework-cifs.c @@ -68,7 +68,7 @@ int home_setup_cifs( if (r == 0) { /* Child */ execl("/bin/mount", "/bin/mount", "-n", "-t", "cifs", - h->cifs_service, "/run/systemd/user-home-mount", + h->cifs_service, HOME_RUNTIME_WORK_DIR, "-o", options, NULL); log_error_errno(errno, "Failed to execute mount: %m"); @@ -89,7 +89,7 @@ int home_setup_cifs( return log_error_errno(SYNTHETIC_ERRNO(ENOKEY), "Failed to mount home directory with supplied password."); - setup->root_fd = open("/run/systemd/user-home-mount", O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOFOLLOW); + setup->root_fd = open(HOME_RUNTIME_WORK_DIR, O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOFOLLOW); } if (setup->root_fd < 0) return log_error_errno(errno, "Failed to open home directory: %m"); diff --git a/src/home/homework-luks.c b/src/home/homework-luks.c index e0b7279c71..53598165ee 100644 --- a/src/home/homework-luks.c +++ b/src/home/homework-luks.c @@ -1260,7 +1260,7 @@ int home_setup_luks( ip = force_image_path ?: user_record_image_path(h); - subdir = path_join("/run/systemd/user-home-mount/", user_record_user_name_and_realm(h)); + subdir = path_join(HOME_RUNTIME_WORK_DIR, user_record_user_name_and_realm(h)); if (!subdir) return log_oom(); @@ -1374,7 +1374,7 @@ int home_setup_luks( fail: if (mounted) - (void) umount_verbose(LOG_ERR, "/run/systemd/user-home-mount", UMOUNT_NOFOLLOW); + (void) umount_verbose(LOG_ERR, HOME_RUNTIME_WORK_DIR, UMOUNT_NOFOLLOW); if (dm_activated) (void) sym_crypt_deactivate_by_name(cd, setup->dm_name, 0); @@ -2242,7 +2242,7 @@ int home_create_luks( mounted = true; - subdir = path_join("/run/systemd/user-home-mount/", user_record_user_name_and_realm(h)); + subdir = path_join(HOME_RUNTIME_WORK_DIR, user_record_user_name_and_realm(h)); if (!subdir) { r = log_oom(); goto fail; @@ -2302,7 +2302,7 @@ int home_create_luks( root_fd = safe_close(root_fd); - r = umount_verbose(LOG_ERR, "/run/systemd/user-home-mount", UMOUNT_NOFOLLOW); + r = umount_verbose(LOG_ERR, HOME_RUNTIME_WORK_DIR, UMOUNT_NOFOLLOW); if (r < 0) goto fail; @@ -2372,7 +2372,7 @@ fail: root_fd = safe_close(root_fd); if (mounted) - (void) umount_verbose(LOG_WARNING, "/run/systemd/user-home-mount", UMOUNT_NOFOLLOW); + (void) umount_verbose(LOG_WARNING, HOME_RUNTIME_WORK_DIR, UMOUNT_NOFOLLOW); if (dm_activated) (void) sym_crypt_deactivate_by_name(cd, dm_name, 0); @@ -2474,7 +2474,7 @@ static int ext4_offline_resize_fs(HomeSetup *setup, uint64_t new_size, bool disc } if (setup->undo_mount) { - r = umount_verbose(LOG_ERR, "/run/systemd/user-home-mount", UMOUNT_NOFOLLOW); + r = umount_verbose(LOG_ERR, HOME_RUNTIME_WORK_DIR, UMOUNT_NOFOLLOW); if (r < 0) return r; @@ -2542,7 +2542,7 @@ static int ext4_offline_resize_fs(HomeSetup *setup, uint64_t new_size, bool disc } if (re_open) { - setup->root_fd = open("/run/systemd/user-home-mount", O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOFOLLOW); + setup->root_fd = open(HOME_RUNTIME_WORK_DIR, O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOFOLLOW); if (setup->root_fd < 0) return log_error_errno(errno, "Failed to reopen file system: %m"); } diff --git a/src/home/homework-mount.c b/src/home/homework-mount.c index da4f14e08d..89ae58e25f 100644 --- a/src/home/homework-mount.c +++ b/src/home/homework-mount.c @@ -5,6 +5,7 @@ #include "alloc-util.h" #include "homework-mount.h" +#include "homework.h" #include "mkdir.h" #include "mount-util.h" #include "path-util.h" @@ -38,7 +39,7 @@ int home_mount_node(const char *node, const char *fstype, bool discard, unsigned } else options = discard_option; - r = mount_nofollow_verbose(LOG_ERR, node, "/run/systemd/user-home-mount", fstype, flags|MS_RELATIME, strempty(options)); + r = mount_nofollow_verbose(LOG_ERR, node, HOME_RUNTIME_WORK_DIR, fstype, flags|MS_RELATIME, strempty(options)); if (r < 0) return r; @@ -52,11 +53,13 @@ int home_unshare_and_mount(const char *node, const char *fstype, bool discard, u if (unshare(CLONE_NEWNS) < 0) return log_error_errno(errno, "Couldn't unshare file system namespace: %m"); + assert(path_startswith(HOME_RUNTIME_WORK_DIR, "/run")); + r = mount_nofollow_verbose(LOG_ERR, "/run", "/run", NULL, MS_SLAVE|MS_REC, NULL); /* Mark /run as MS_SLAVE in our new namespace */ if (r < 0) return r; - (void) mkdir_p("/run/systemd/user-home-mount", 0700); + (void) mkdir_p(HOME_RUNTIME_WORK_DIR, 0700); if (node) return home_mount_node(node, fstype, discard, flags); @@ -74,13 +77,13 @@ int home_move_mount(const char *user_name_and_realm, const char *target) { /* If user_name_and_realm is set, then we'll mount a subdir of the source mount into the host. If * it's NULL we'll move the mount itself */ if (user_name_and_realm) { - subdir = path_join("/run/systemd/user-home-mount/", user_name_and_realm); + subdir = path_join(HOME_RUNTIME_WORK_DIR, user_name_and_realm); if (!subdir) return log_oom(); d = subdir; } else - d = "/run/systemd/user-home-mount/"; + d = HOME_RUNTIME_WORK_DIR; (void) mkdir_p(target, 0700); @@ -88,7 +91,7 @@ int home_move_mount(const char *user_name_and_realm, const char *target) { if (r < 0) return r; - r = umount_verbose(LOG_ERR, "/run/systemd/user-home-mount", UMOUNT_NOFOLLOW); + r = umount_verbose(LOG_ERR, HOME_RUNTIME_WORK_DIR, UMOUNT_NOFOLLOW); if (r < 0) return r; diff --git a/src/home/homework.c b/src/home/homework.c index 78ca979fae..f0ef2def7c 100644 --- a/src/home/homework.c +++ b/src/home/homework.c @@ -317,7 +317,7 @@ int home_setup_done(HomeSetup *setup) { } if (setup->undo_mount) { - q = umount_verbose(LOG_DEBUG, "/run/systemd/user-home-mount", UMOUNT_NOFOLLOW); + q = umount_verbose(LOG_DEBUG, HOME_RUNTIME_WORK_DIR, UMOUNT_NOFOLLOW); if (q < 0) r = q; } diff --git a/src/home/homework.h b/src/home/homework.h index 5fa4b653e2..df5356454b 100644 --- a/src/home/homework.h +++ b/src/home/homework.h @@ -83,3 +83,5 @@ int home_extend_embedded_identity(UserRecord *h, UserRecord *used, HomeSetup *se int user_record_authenticate(UserRecord *h, UserRecord *secret, PasswordCache *cache, bool strict_verify); int home_sync_and_statfs(int root_fd, struct statfs *ret); + +#define HOME_RUNTIME_WORK_DIR "/run/systemd/user-home-mount" From baa41cee77bdf6e441e2a52a7c01c369854bc43a Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 22 Oct 2021 15:51:49 +0200 Subject: [PATCH 2/3] homework: use bit fields where we deal with lots of separate boolean flags No actual code changes, just making a structure a bit shorter. --- src/home/homework.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/home/homework.h b/src/home/homework.h index df5356454b..7bd31b5cea 100644 --- a/src/home/homework.h +++ b/src/home/homework.h @@ -28,12 +28,12 @@ typedef struct HomeSetup { void *volume_key; size_t volume_key_size; - bool undo_dm; - bool undo_mount; - bool do_offline_fitrim; - bool do_offline_fallocate; - bool do_mark_clean; - bool do_drop_caches; + bool undo_dm:1; + bool undo_mount:1; /* Whether to unmount /run/systemd/user-home-mount */ + bool do_offline_fitrim:1; + bool do_offline_fallocate:1; + bool do_mark_clean:1; + bool do_drop_caches:1; uint64_t partition_offset; uint64_t partition_size; From 7cb791bcac6240f2f3aab1438aa11c9b4cfaa658 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 22 Oct 2021 16:08:26 +0200 Subject: [PATCH 3/3] homework: split home_unshare_and_mount() in two MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Previously the call did two things, and the second thing was optional (depending on first arg being NULL). Let's simplify this and just make it two distinct functions, where one calls the other. This should make things a bit more readable, given that we called a function called "…and_mount()" which didn't actually mount... No actual code changes, just some refactoring. --- src/home/homework-cifs.c | 2 +- src/home/homework-mount.c | 22 +++++++++++++++++----- src/home/homework-mount.h | 1 + 3 files changed, 19 insertions(+), 6 deletions(-) diff --git a/src/home/homework-cifs.c b/src/home/homework-cifs.c index 34cc3bbc9a..0a95b886b3 100644 --- a/src/home/homework-cifs.c +++ b/src/home/homework-cifs.c @@ -28,7 +28,7 @@ int home_setup_cifs( char **pw; int r; - r = home_unshare_and_mount(NULL, NULL, false, user_record_mount_flags(h)); + r = home_unshare_and_mkdir(); if (r < 0) return r; diff --git a/src/home/homework-mount.c b/src/home/homework-mount.c index 89ae58e25f..47345eb839 100644 --- a/src/home/homework-mount.c +++ b/src/home/homework-mount.c @@ -26,6 +26,9 @@ int home_mount_node(const char *node, const char *fstype, bool discard, unsigned const char *options, *discard_option; int r; + assert(node); + assert(fstype); + options = mount_options_for_fstype(fstype); discard_option = discard ? "discard" : "nodiscard"; @@ -47,7 +50,7 @@ int home_mount_node(const char *node, const char *fstype, bool discard, unsigned return 0; } -int home_unshare_and_mount(const char *node, const char *fstype, bool discard, unsigned long flags) { +int home_unshare_and_mkdir(void) { int r; if (unshare(CLONE_NEWNS) < 0) @@ -60,13 +63,22 @@ int home_unshare_and_mount(const char *node, const char *fstype, bool discard, u return r; (void) mkdir_p(HOME_RUNTIME_WORK_DIR, 0700); - - if (node) - return home_mount_node(node, fstype, discard, flags); - return 0; } +int home_unshare_and_mount(const char *node, const char *fstype, bool discard, unsigned long flags) { + int r; + + assert(node); + assert(fstype); + + r = home_unshare_and_mkdir(); + if (r < 0) + return r; + + return home_mount_node(node, fstype, discard, flags); +} + int home_move_mount(const char *user_name_and_realm, const char *target) { _cleanup_free_ char *subdir = NULL; const char *d; diff --git a/src/home/homework-mount.h b/src/home/homework-mount.h index 2a4591c1f4..893ecdc586 100644 --- a/src/home/homework-mount.h +++ b/src/home/homework-mount.h @@ -4,5 +4,6 @@ #include int home_mount_node(const char *node, const char *fstype, bool discard, unsigned long flags); +int home_unshare_and_mkdir(void); int home_unshare_and_mount(const char *node, const char *fstype, bool discard, unsigned long flags); int home_move_mount(const char *user_name_and_realm, const char *target);