shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-09-02 17:49:53 +03:00
Code Activity

core/exec-credential: introduce exec_context_get_credential_directory() helper function

Browse Source 
No functional change, just refactoring.
This commit is contained in:
Yu Watanabe
2023-08-25 16:11:02 +09:00
parent 43962c30fb
commit 133e4de23f
3 changed files with 35 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/core/exec-credential.c
View File

@ -94,6 +94,25 @@ static int get_credential_directory(
return 1; return 1;
} }
int exec_context_get_credential_directory(
const ExecContext *context,
const ExecParameters *params,
const char *unit,
char **ret) {
assert(context);
assert(params);
assert(unit);
assert(ret);
if (!exec_context_has_credentials(context)) {
*ret = NULL;
return 0;
}
return get_credential_directory(params->prefix[EXEC_DIRECTORY_RUNTIME], unit, ret);
}
int unit_add_default_credential_dependencies(Unit *u, const ExecContext *c) { int unit_add_default_credential_dependencies(Unit *u, const ExecContext *c) {
_cleanup_free_ char *p = NULL, *m = NULL; _cleanup_free_ char *p = NULL, *m = NULL;
int r; int r;

6
src/core/exec-credential.h
View File

@ -37,6 +37,12 @@ extern const struct hash_ops exec_load_credential_hash_ops;
bool exec_context_has_encrypted_credentials(ExecContext *c); bool exec_context_has_encrypted_credentials(ExecContext *c);
bool exec_context_has_credentials(const ExecContext *c); bool exec_context_has_credentials(const ExecContext *c);
int exec_context_get_credential_directory(
const ExecContext *context,
const ExecParameters *params,
const char *unit,
char **ret);
int unit_add_default_credential_dependencies(Unit *u, const ExecContext *c); int unit_add_default_credential_dependencies(Unit *u, const ExecContext *c);
int exec_context_destroy_credentials(const ExecContext *c, const char *runtime_root, const char *unit); int exec_context_destroy_credentials(const ExecContext *c, const char *runtime_root, const char *unit);

18
src/core/execute.c
View File

@ -2041,8 +2041,12 @@ static int build_environment(
our_env[n_env++] = x; our_env[n_env++] = x;
} }
if (exec_context_has_credentials(c) && p->prefix[EXEC_DIRECTORY_RUNTIME]) { _cleanup_free_ char *creds_dir = NULL;
x = strjoin("CREDENTIALS_DIRECTORY=", p->prefix[EXEC_DIRECTORY_RUNTIME], "/credentials/", u->id); r = exec_context_get_credential_directory(c, p, u->id, &creds_dir);
if (r < 0)
return r;
if (r > 0) {
x = strjoin("CREDENTIALS_DIRECTORY=", creds_dir);
if (!x) if (!x)
return -ENOMEM; return -ENOMEM;
@ -3217,12 +3221,10 @@ static int apply_mount_namespace(
if (context->mount_propagation_flag == MS_SHARED) if (context->mount_propagation_flag == MS_SHARED)
log_unit_debug(u, "shared mount propagation hidden by other fs namespacing unit settings: ignoring"); log_unit_debug(u, "shared mount propagation hidden by other fs namespacing unit settings: ignoring");
if (exec_context_has_credentials(context) && if (FLAGS_SET(params->flags, EXEC_WRITE_CREDENTIALS)) {
params->prefix[EXEC_DIRECTORY_RUNTIME] && r = exec_context_get_credential_directory(context, params, u->id, &creds_path);
FLAGS_SET(params->flags, EXEC_WRITE_CREDENTIALS)) { if (r < 0)
creds_path = path_join(params->prefix[EXEC_DIRECTORY_RUNTIME], "credentials", u->id); return r;
if (!creds_path)
return -ENOMEM;
} }
if (params->runtime_scope == RUNTIME_SCOPE_SYSTEM) { if (params->runtime_scope == RUNTIME_SCOPE_SYSTEM) {