shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-01-10 05:18:17 +03:00
Code

Merge pull request #21391 from poettering/homed-minimize

Browse Source 
homed: add ability to "minimize" home dirs, i.e. shrink to smallest possible size
This commit is contained in:
Lennart Poettering 2021-11-16 22:53:24 +01:00 committed by GitHub
commit 2939fff235
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 393 additions and 128 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/home/home-util.h
View File

@ -12,6 +12,13 @@
#define HOME_UID_MIN 60001
#define HOME_UID_MAX 60513
/* Put some limits on disk sizes: not less than 5M, not more than 5T */
#define USER_DISK_SIZE_MIN (UINT64_C(5)*1024*1024)
#define USER_DISK_SIZE_MAX (UINT64_C(5)*1024*1024*1024*1024)
/* The default disk size to use when nothing else is specified, relative to free disk space */
#define USER_DISK_SIZE_DEFAULT_PERCENT 85
bool suitable_user_name(const char *name);
int suitable_realm(const char *realm);
int suitable_image_path(const char *path);

430
src/home/homework-luks.c
View File

@ -25,6 +25,7 @@
#include "errno-util.h"
#include "fd-util.h"
#include "fileio.h"
#include "filesystems.h"
#include "fs-util.h"
#include "fsck-util.h"
#include "home-util.h"
@ -2513,16 +2514,16 @@ static int prepare_resize_partition(
int fd,
uint64_t partition_offset,
uint64_t old_partition_size,
uint64_t new_partition_size,
sd_id128_t *ret_disk_uuid,
struct fdisk_table **ret_table) {
struct fdisk_table **ret_table,
struct fdisk_partition **ret_partition) {
_cleanup_(fdisk_unref_contextp) struct fdisk_context *c = NULL;
_cleanup_(fdisk_unref_tablep) struct fdisk_table *t = NULL;
_cleanup_free_ char *path = NULL, *disk_uuid_as_string = NULL;
size_t n_partitions;
struct fdisk_partition *found = NULL;
sd_id128_t disk_uuid;
bool found = false;
size_t n_partitions;
int r;
assert(fd >= 0);
@ -2531,9 +2532,7 @@ static int prepare_resize_partition(
assert((partition_offset & 511) == 0);
assert((old_partition_size & 511) == 0);
assert((new_partition_size & 511) == 0);
assert(UINT64_MAX - old_partition_size >= partition_offset);
assert(UINT64_MAX - new_partition_size >= partition_offset);
if (partition_offset == 0) {
/* If the offset is at the beginning we assume no partition table, let's exit early. */
@ -2588,30 +2587,17 @@ static int prepare_resize_partition(
if (found)
return log_error_errno(SYNTHETIC_ERRNO(ENOTUNIQ), "Partition found twice, refusing.");
/* Found our partition, now patch it */
r = fdisk_partition_size_explicit(p, 1);
if (r < 0)
return log_error_errno(r, "Failed to enable explicit partition size: %m");
r = fdisk_partition_set_size(p, new_partition_size / 512U);
if (r < 0)
return log_error_errno(r, "Failed to change partition size: %m");
found = true;
continue;
} else {
if (fdisk_partition_get_start(p) < partition_offset + new_partition_size / 512U &&
fdisk_partition_get_end(p) >= partition_offset / 512)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Can't extend, conflicting partition found.");
}
found = p;
} else if (fdisk_partition_get_end(p) > partition_offset / 512U)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Can't extend, not last partition in image.");
}
if (!found)
return log_error_errno(SYNTHETIC_ERRNO(ENOPKG), "Failed to find matching partition to resize.");
*ret_table = TAKE_PTR(t);
*ret_disk_uuid = disk_uuid;
*ret_table = TAKE_PTR(t);
*ret_partition = found;
return 1;
}
@ -2638,7 +2624,13 @@ static int ask_cb(struct fdisk_context *c, struct fdisk_ask *ask, void *userdata
return 0;
}
static int apply_resize_partition(int fd, sd_id128_t disk_uuids, struct fdisk_table *t) {
static int apply_resize_partition(
int fd,
sd_id128_t disk_uuids,
struct fdisk_table *t,
struct fdisk_partition *p,
size_t new_partition_size) {
_cleanup_(fdisk_unref_contextp) struct fdisk_context *c = NULL;
_cleanup_free_ void *two_zero_lbas = NULL;
_cleanup_free_ char *path = NULL;
@ -2646,10 +2638,22 @@ static int apply_resize_partition(int fd, sd_id128_t disk_uuids, struct fdisk_ta
int r;
assert(fd >= 0);
assert(!t == !p);
if (!t) /* no partition table to apply, exit early */
return 0;
assert(p);
/* Before writing our partition patch the final size in */
r = fdisk_partition_size_explicit(p, 1);
if (r < 0)
return log_error_errno(r, "Failed to enable explicit partition size: %m");
r = fdisk_partition_set_size(p, new_partition_size / 512U);
if (r < 0)
return log_error_errno(r, "Failed to change partition size: %m");
two_zero_lbas = malloc0(1024U);
if (!two_zero_lbas)
return log_oom();
@ -2695,6 +2699,139 @@ static int apply_resize_partition(int fd, sd_id128_t disk_uuids, struct fdisk_ta
return 1;
}
/* Always keep at least 16M free, so that we can safely log in and update the user record while doing so */
#define HOME_MIN_FREE (16U*1024U*1024U)
static int get_smallest_fs_size(int fd, uint64_t *ret) {
uint64_t minsz, needed;
struct statfs sfs;
assert(fd >= 0);
assert(ret);
/* Determines the minimal disk size we might be able to shrink the file system referenced by the fd to. */
if (syncfs(fd) < 0) /* let's sync before we query the size, so that the values returned are accurate */
return log_error_errno(errno, "Failed to synchronize home file system: %m");
if (fstatfs(fd, &sfs) < 0)
return log_error_errno(errno, "Failed to statfs() home file system: %m");
/* Let's determine the minimal file syste size of the used fstype */
minsz = minimal_size_by_fs_magic(sfs.f_type);
if (minsz == UINT64_MAX)
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Don't know minimum file system size of file system type '%s' of home directory.", fs_type_to_string(sfs.f_type));
if (minsz < USER_DISK_SIZE_MIN)
minsz = USER_DISK_SIZE_MIN;
if (sfs.f_bfree > sfs.f_blocks)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Detected amount of free blocks is greater than the total amount of file system blocks. Refusing.");
/* Calculate how much disk space is currently in use. */
needed = sfs.f_blocks - sfs.f_bfree;
if (needed > UINT64_MAX / sfs.f_bsize)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "File system size out of range.");
needed *= sfs.f_bsize;
/* Add some safety margin of free space we'll always keep */
if (needed > UINT64_MAX - HOME_MIN_FREE) /* Check for overflow */
needed = UINT64_MAX;
else
needed += HOME_MIN_FREE;
*ret = DISK_SIZE_ROUND_UP(MAX(needed, minsz));
return 0;
}
static int resize_fs_loop(
UserRecord *h,
HomeSetup *setup,
int resize_type,
uint64_t old_fs_size,
uint64_t new_fs_size,
uint64_t *ret_fs_size) {
uint64_t current_fs_size;
unsigned n_iterations = 0;
int r;
assert(h);
assert(setup);
assert(setup->root_fd >= 0);
/* A bisection loop trying to find the closest size to what the user asked for. (Well, we bisect like
* this only when we *shrink* the fs if we grow the fs there's no need to bisect.) */
current_fs_size = old_fs_size;
for (uint64_t lower_boundary = new_fs_size, upper_boundary = old_fs_size, try_fs_size = new_fs_size;;) {
bool worked;
n_iterations++;
/* Now resize the file system */
if (resize_type == CAN_RESIZE_ONLINE) {
r = resize_fs(setup->root_fd, try_fs_size, NULL);
if (r < 0) {
if (!ERRNO_IS_DISK_SPACE(r) || new_fs_size > old_fs_size) /* Not a disk space issue? Not trying to shrink? */
return log_error_errno(r, "Failed to resize file system: %m");
log_debug_errno(r, "Shrinking from %s to %s didn't work, not enough space for contained data.", FORMAT_BYTES(current_fs_size), FORMAT_BYTES(try_fs_size));
worked = false;
} else {
log_debug("Successfully resized from %s to %s.", FORMAT_BYTES(current_fs_size), FORMAT_BYTES(try_fs_size));
current_fs_size = try_fs_size;
worked = true;
}
/* If we hit a disk space issue and are shrinking the fs, then maybe it helps to
* increase the image size. */
} else {
r = ext4_offline_resize_fs(setup, try_fs_size, user_record_luks_discard(h), user_record_mount_flags(h), h->luks_extra_mount_options);
if (r < 0)
return r;
/* For now, when we fail to shrink an ext4 image we'll not try again via the
* bisection logic. We might add that later, but give this involves shelling out
* multiple programs it's a bit too cumbersome to my taste. */
worked = true;
current_fs_size = try_fs_size;
}
if (new_fs_size > old_fs_size) /* If we are growing we are done after one iteration */
break;
/* If we are shrinking then let's adjust our bisection boundaries and try again. */
if (worked)
upper_boundary = MIN(upper_boundary, try_fs_size);
else
lower_boundary = MAX(lower_boundary, try_fs_size);
/* OK, this attempt to shrink didn't work. Let's try between the old size and what worked. */
if (lower_boundary >= upper_boundary) {
log_debug("Image can't be shrunk further (range to try is empty).");
break;
}
/* Let's find a new value to try half-way between the lower boundary and the upper boundary
* to try now. */
try_fs_size = DISK_SIZE_ROUND_DOWN(lower_boundary + (upper_boundary - lower_boundary) / 2);
if (try_fs_size <= lower_boundary || try_fs_size >= upper_boundary) {
log_debug("Image can't be shrunk further (remaining range to try too small).");
break;
}
}
log_debug("Bisection loop completed after %u iterations.", n_iterations);
if (ret_fs_size)
*ret_fs_size = current_fs_size;
return 0;
}
int home_resize_luks(
UserRecord *h,
HomeSetupFlags flags,
@ -2702,9 +2839,11 @@ int home_resize_luks(
PasswordCache *cache,
UserRecord **ret_home) {
uint64_t old_image_size, new_image_size, old_fs_size, new_fs_size, crypto_offset, new_partition_size;
uint64_t old_image_size, new_image_size, old_fs_size, new_fs_size, crypto_offset, crypto_offset_bytes,
new_partition_size, smallest_fs_size, resized_fs_size;
_cleanup_(user_record_unrefp) UserRecord *header_home = NULL, *embedded_home = NULL, *new_home = NULL;
_cleanup_(fdisk_unref_tablep) struct fdisk_table *table = NULL;
struct fdisk_partition *partition = NULL;
_cleanup_close_ int opened_image_fd = -1;
_cleanup_free_ char *whole_disk = NULL;
int r, resize_type, image_fd = -1;
@ -2712,11 +2851,15 @@ int home_resize_luks(
const char *ip, *ipo;
struct statfs sfs;
struct stat st;
enum {
INTENTION_DONT_KNOW = 0, /* These happen to match the return codes of CMP() */
INTENTION_SHRINK = -1,
INTENTION_GROW = 1,
} intention = INTENTION_DONT_KNOW;
assert(h);
assert(user_record_storage(h) == USER_LUKS);
assert(setup);
assert(ret_home);
r = dlopen_cryptsetup();
if (r < 0)
@ -2774,8 +2917,6 @@ int home_resize_luks(
new_image_size = old_image_size; /* we can't resize physical block devices */
} else {
uint64_t new_image_size_rounded;
r = stat_verify_regular(&st);
if (r < 0)
return log_error_errno(r, "Image %s is not a block device nor regular file: %m", ip);
@ -2786,25 +2927,40 @@ int home_resize_luks(
* apply onto the loopback file as a whole. When we operate on block devices we instead apply
* to the partition itself only. */
new_image_size_rounded = DISK_SIZE_ROUND_DOWN(h->disk_size);
if (FLAGS_SET(flags, HOME_SETUP_RESIZE_MINIMIZE)) {
new_image_size = 0;
intention = INTENTION_SHRINK;
} else {
uint64_t new_image_size_rounded;
if (old_image_size == h->disk_size ||
old_image_size == new_image_size_rounded) {
/* If exact match, or a match after we rounded down, don't do a thing */
log_info("Image size already matching, skipping operation.");
return 0;
new_image_size_rounded = DISK_SIZE_ROUND_DOWN(h->disk_size);
if (old_image_size >= new_image_size_rounded && old_image_size <= h->disk_size) {
/* If exact match, or a match after we rounded down, don't do a thing */
log_info("Image size already matching, skipping operation.");
return 0;
}
new_image_size = new_image_size_rounded;
intention = CMP(new_image_size, old_image_size); /* Is this a shrink */
}
new_image_size = new_image_size_rounded;
}
r = home_setup_luks(h, flags, whole_disk, setup, cache, &header_home);
r = home_setup_luks(
h,
flags,
whole_disk,
setup,
cache,
FLAGS_SET(flags, HOME_SETUP_RESIZE_DONT_SYNC_IDENTITIES) ? NULL : &header_home);
if (r < 0)
return r;
r = home_load_embedded_identity(h, setup->root_fd, header_home, USER_RECONCILE_REQUIRE_NEWER_OR_EQUAL, cache, &embedded_home, &new_home);
if (r < 0)
return r;
if (!FLAGS_SET(flags, HOME_SETUP_RESIZE_DONT_SYNC_IDENTITIES)) {
r = home_load_embedded_identity(h, setup->root_fd, header_home, USER_RECONCILE_REQUIRE_NEWER_OR_EQUAL, cache, &embedded_home, &new_home);
if (r < 0)
return r;
}
log_info("offset = %" PRIu64 ", size = %" PRIu64 ", image = %" PRIu64, setup->partition_offset, setup->partition_size, old_image_size);
@ -2816,24 +2972,31 @@ int home_resize_luks(
uint64_t partition_table_extra;
partition_table_extra = old_image_size - setup->partition_size;
if (new_image_size <= partition_table_extra)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "New size smaller than partition table metadata.");
new_image_size = partition_table_extra;
new_partition_size = DISK_SIZE_ROUND_DOWN(new_image_size - partition_table_extra);
} else {
uint64_t new_partition_size_rounded;
assert(S_ISBLK(st.st_mode));
new_partition_size_rounded = DISK_SIZE_ROUND_DOWN(h->disk_size);
if (FLAGS_SET(flags, HOME_SETUP_RESIZE_MINIMIZE)) {
new_partition_size = 0;
intention = INTENTION_SHRINK;
} else {
uint64_t new_partition_size_rounded;
if (h->disk_size == setup->partition_size ||
new_partition_size_rounded == setup->partition_size) {
log_info("Partition size already matching, skipping operation.");
return 0;
new_partition_size_rounded = DISK_SIZE_ROUND_DOWN(h->disk_size);
if (setup->partition_size >= new_partition_size_rounded &&
setup->partition_size <= h->disk_size) {
log_info("Partition size already matching, skipping operation.");
return 0;
}
new_partition_size = new_partition_size_rounded;
intention = CMP(new_partition_size, setup->partition_size);
}
new_partition_size = new_partition_size_rounded;
}
if ((UINT64_MAX - setup->partition_offset) < new_partition_size ||
@ -2841,13 +3004,63 @@ int home_resize_luks(
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "New partition doesn't fit into backing storage, refusing.");
crypto_offset = sym_crypt_get_data_offset(setup->crypt_device);
if (setup->partition_size / 512U <= crypto_offset)
if (crypto_offset > UINT64_MAX/512U)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "LUKS2 data offset out of range, refusing.");
crypto_offset_bytes = (uint64_t) crypto_offset * 512U;
if (setup->partition_size <= crypto_offset_bytes)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Weird, old crypto payload offset doesn't actually fit in partition size?");
if (new_partition_size / 512U <= crypto_offset)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "New size smaller than crypto payload offset?");
old_fs_size = (setup->partition_size / 512U - crypto_offset) * 512U;
new_fs_size = DISK_SIZE_ROUND_DOWN((new_partition_size / 512U - crypto_offset) * 512U);
/* Make sure at least the LUKS header fit in */
if (new_partition_size <= crypto_offset_bytes) {
uint64_t add;
add = DISK_SIZE_ROUND_UP(crypto_offset_bytes) - new_partition_size;
new_partition_size += add;
if (S_ISREG(st.st_mode))
new_image_size += add;
}
old_fs_size = setup->partition_size - crypto_offset_bytes;
new_fs_size = DISK_SIZE_ROUND_DOWN(new_partition_size - crypto_offset_bytes);
r = get_smallest_fs_size(setup->root_fd, &smallest_fs_size);
if (r < 0)
return r;
if (new_fs_size < smallest_fs_size) {
uint64_t add;
add = DISK_SIZE_ROUND_UP(smallest_fs_size) - new_fs_size;
new_fs_size += add;
new_partition_size += add;
if (S_ISREG(st.st_mode))
new_image_size += add;
}
if (new_fs_size == old_fs_size) {
log_info("New file system size identical to old file system size, skipping operation.");
return 0;
}
if (FLAGS_SET(flags, HOME_SETUP_RESIZE_DONT_GROW) && new_fs_size > old_fs_size) {
log_info("New file system size would be larger than old, but shrinking requested, skipping operation.");
return 0;
}
if (FLAGS_SET(flags, HOME_SETUP_RESIZE_DONT_SHRINK) && new_fs_size < old_fs_size) {
log_info("New file system size would be smaller than old, but growing requested, skipping operation.");
return 0;
}
if (CMP(new_fs_size, old_fs_size) != intention) {
if (intention < 0)
log_info("Shrink operation would enlarge file system, skipping operation.");
else {
assert(intention > 0);
log_info("Grow operation would shrink file system, skipping operation.");
}
return 0;
}
/* Before we start doing anything, let's figure out if we actually can */
resize_type = can_resize_fs(setup->root_fd, old_fs_size, new_fs_size);
@ -2868,13 +3081,13 @@ int home_resize_luks(
image_fd,
setup->partition_offset,
setup->partition_size,
new_partition_size,
&disk_uuid,
&table);
&table,
&partition);
if (r < 0)
return r;
if (new_fs_size > old_fs_size) {
if (new_fs_size > old_fs_size) { /* → Grow */
if (S_ISREG(st.st_mode)) {
/* Grow file size */
@ -2883,6 +3096,9 @@ int home_resize_luks(
return r;
log_info("Growing of image file completed.");
} else {
assert(S_ISBLK(st.st_mode));
assert(new_image_size == old_image_size);
}
/* Make sure loopback device sees the new bigger size */
@ -2894,7 +3110,7 @@ int home_resize_luks(
else
log_info("Refreshing loop device size completed.");
r = apply_resize_partition(image_fd, disk_uuid, table);
r = apply_resize_partition(image_fd, disk_uuid, table, partition, new_partition_size);
if (r < 0)
return r;
if (r > 0)
@ -2910,9 +3126,13 @@ int home_resize_luks(
log_info("LUKS device growing completed.");
} else {
r = home_store_embedded_identity(new_home, setup->root_fd, h->uid, embedded_home);
if (r < 0)
return r;
/* → Shrink */
if (!FLAGS_SET(flags, HOME_SETUP_RESIZE_DONT_SYNC_IDENTITIES)) {
r = home_store_embedded_identity(new_home, setup->root_fd, h->uid, embedded_home);
if (r < 0)
return r;
}
if (S_ISREG(st.st_mode)) {
if (user_record_luks_discard(h))
@ -2927,25 +3147,37 @@ int home_resize_luks(
}
}
/* Now resize the file system */
if (resize_type == CAN_RESIZE_ONLINE) {
r = resize_fs(setup->root_fd, new_fs_size, NULL);
if (r < 0)
return log_error_errno(r, "Failed to resize file system: %m");
} else {
r = ext4_offline_resize_fs(setup, new_fs_size, user_record_luks_discard(h), user_record_mount_flags(h), h->luks_extra_mount_options);
if (r < 0)
return r;
/* Now try to resize the file system. The requested size might not always be possible, in which case
* we'll try to get as close as we can get. The result is returned in 'resized_fs_size' */
r = resize_fs_loop(h, setup, resize_type, old_fs_size, new_fs_size, &resized_fs_size);
if (r < 0)
return r;
if (resized_fs_size == old_fs_size) {
log_info("Couldn't change file system size.");
return 0;
}
log_info("File system resizing completed.");
log_info("File system resizing from %s to %s completed.", FORMAT_BYTES(old_fs_size), FORMAT_BYTES(resized_fs_size));
if (resized_fs_size > new_fs_size) {
uint64_t add;
/* If the shrinking we managed to do is larger than what we wanted we need to adjust the partition/image sizes. */
add = resized_fs_size - new_fs_size;
new_partition_size += add;
if (S_ISREG(st.st_mode))
new_image_size += add;
}
new_fs_size = resized_fs_size;
/* Immediately sync afterwards */
r = home_sync_and_statfs(setup->root_fd, NULL);
if (r < 0)
return r;
if (new_fs_size < old_fs_size) {
if (new_fs_size < old_fs_size) { /* → Shrink */
/* Shrink the LUKS device now, matching the new file system size */
r = sym_crypt_resize(setup->crypt_device, setup->dm_name, new_fs_size / 512);
@ -2954,14 +3186,6 @@ int home_resize_luks(
log_info("LUKS device shrinking completed.");
if (S_ISREG(st.st_mode)) {
/* Shrink the image file */
if (ftruncate(image_fd, new_image_size) < 0)
return log_error_errno(errno, "Failed to shrink image file %s: %m", ip);
log_info("Shrinking of image file completed.");
}
/* Refresh the loop devices size */
r = loop_device_refresh_size(setup->loop, UINT64_MAX, new_partition_size);
if (r == -ENOTTY)
@ -2971,7 +3195,18 @@ int home_resize_luks(
else
log_info("Refreshing loop device size completed.");
r = apply_resize_partition(image_fd, disk_uuid, table);
if (S_ISREG(st.st_mode)) {
/* Shrink the image file */
if (ftruncate(image_fd, new_image_size) < 0)
return log_error_errno(errno, "Failed to shrink image file %s: %m", ip);
log_info("Shrinking of image file completed.");
} else {
assert(S_ISBLK(st.st_mode));
assert(new_image_size == old_image_size);
}
r = apply_resize_partition(image_fd, disk_uuid, table, partition, new_partition_size);
if (r < 0)
return r;
if (r > 0)
@ -2979,20 +3214,25 @@ int home_resize_luks(
if (S_ISBLK(st.st_mode) && ioctl(image_fd, BLKRRPART, 0) < 0)
log_debug_errno(errno, "BLKRRPART failed on block device, ignoring: %m");
} else {
r = home_store_embedded_identity(new_home, setup->root_fd, h->uid, embedded_home);
} else { /* → Grow */
if (!FLAGS_SET(flags, HOME_SETUP_RESIZE_DONT_SYNC_IDENTITIES)) {
r = home_store_embedded_identity(new_home, setup->root_fd, h->uid, embedded_home);
if (r < 0)
return r;
}
}
if (!FLAGS_SET(flags, HOME_SETUP_RESIZE_DONT_SYNC_IDENTITIES)) {
r = home_store_header_identity_luks(new_home, setup, header_home);
if (r < 0)
return r;
r = home_extend_embedded_identity(new_home, h, setup);
if (r < 0)
return r;
}
r = home_store_header_identity_luks(new_home, setup, header_home);
if (r < 0)
return r;
r = home_extend_embedded_identity(new_home, h, setup);
if (r < 0)
return r;
if (user_record_luks_discard(h))
(void) run_fitrim(setup->root_fd);
@ -3008,7 +3248,9 @@ int home_resize_luks(
print_size_summary(new_image_size, new_fs_size, &sfs);
*ret_home = TAKE_PTR(new_home);
if (ret_home)
*ret_home = TAKE_PTR(new_home);
return 0;
}

10
src/home/homework.h
View File

@ -53,10 +53,16 @@ typedef struct HomeSetup {
/* Various flags for the operation of setting up a home directory */
typedef enum HomeSetupFlags {
HOME_SETUP_ALREADY_ACTIVATED = 1 << 0, /* Open an already activated home, rather than activate it afresh */
HOME_SETUP_ALREADY_ACTIVATED = 1 << 0, /* Open an already activated home, rather than activate it afresh */
/* CIFS backend: */
HOME_SETUP_CIFS_MKDIR = 1 << 1, /* Create CIFS subdir when missing */
HOME_SETUP_CIFS_MKDIR = 1 << 1, /* Create CIFS subdir when missing */
/* Applies only for resize operations */
HOME_SETUP_RESIZE_DONT_SYNC_IDENTITIES = 1 << 2, /* Don't sync identity records into home and LUKS header */
HOME_SETUP_RESIZE_MINIMIZE = 1 << 3, /* Shrink to minimal size */
HOME_SETUP_RESIZE_DONT_GROW = 1 << 4, /* If the resize would grow, gracefully terminate operation */
HOME_SETUP_RESIZE_DONT_SHRINK = 1 << 5, /* If the resize would shrink, gracefully terminate operation */
} HomeSetupFlags;
int home_setup_done(HomeSetup *setup);

3
src/home/user-record-util.c
View File

@ -639,9 +639,6 @@ int user_record_set_disk_size(UserRecord *h, uint64_t disk_size) {
if (!h->json)
return -EUNATCH;
if (disk_size < USER_DISK_SIZE_MIN || disk_size > USER_DISK_SIZE_MAX)
return -ERANGE;
r = sd_id128_get_machine(&mid);
if (r < 0)
return r;

5
src/shared/resize-fs.c
View File

@ -119,3 +119,8 @@ uint64_t minimal_size_by_fs_name(const char *name) {
return UINT64_MAX;
}
/* Returns true for the only fs that can online shrink *and* grow */
bool fs_can_online_shrink_and_grow(statfs_f_type_t magic) {
return magic == (statfs_f_type_t) BTRFS_SUPER_MAGIC;
}

2
src/shared/resize-fs.h
View File

@ -13,3 +13,5 @@ int resize_fs(int fd, uint64_t sz, uint64_t *ret_size);
uint64_t minimal_size_by_fs_magic(statfs_f_type_t magic);
uint64_t minimal_size_by_fs_name(const char *str);
bool fs_can_online_shrink_and_grow(statfs_f_type_t magic);

24
src/shared/user-record.c
View File

@ -563,26 +563,6 @@ static int json_dispatch_storage(const char *name, JsonVariant *variant, JsonDis
return 0;
}
static int json_dispatch_disk_size(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
uint64_t *size = userdata;
uintmax_t k;
if (json_variant_is_null(variant)) {
*size = UINT64_MAX;
return 0;
}
if (!json_variant_is_unsigned(variant))
return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an integer.", strna(name));
k = json_variant_unsigned(variant);
if (k < USER_DISK_SIZE_MIN || k > USER_DISK_SIZE_MAX)
return json_log(variant, flags, SYNTHETIC_ERRNO(ERANGE), "JSON field '%s' is not in valid range %" PRIu64 "…%" PRIu64 ".", strna(name), USER_DISK_SIZE_MIN, USER_DISK_SIZE_MAX);
*size = k;
return 0;
}
static int json_dispatch_tasks_or_memory_max(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
uint64_t *limit = userdata;
uintmax_t k;
@ -1135,7 +1115,7 @@ static int dispatch_per_machine(const char *name, JsonVariant *variant, JsonDisp
{ "notBeforeUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, not_before_usec), 0 },
{ "notAfterUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, not_after_usec), 0 },
{ "storage", JSON_VARIANT_STRING, json_dispatch_storage, offsetof(UserRecord, storage), 0 },
{ "diskSize", JSON_VARIANT_UNSIGNED, json_dispatch_disk_size, offsetof(UserRecord, disk_size), 0 },
{ "diskSize", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_size), 0 },
{ "diskSizeRelative", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_size_relative), 0 },
{ "skeletonDirectory", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, skeleton_directory), 0 },
{ "accessMode", JSON_VARIANT_UNSIGNED, json_dispatch_access_mode, offsetof(UserRecord, access_mode), 0 },
@ -1484,7 +1464,7 @@ int user_record_load(UserRecord *h, JsonVariant *v, UserRecordLoadFlags load_fla
{ "notBeforeUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, not_before_usec), 0 },
{ "notAfterUSec", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, not_after_usec), 0 },
{ "storage", JSON_VARIANT_STRING, json_dispatch_storage, offsetof(UserRecord, storage), 0 },
{ "diskSize", JSON_VARIANT_UNSIGNED, json_dispatch_disk_size, offsetof(UserRecord, disk_size), 0 },
{ "diskSize", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_size), 0 },
{ "diskSizeRelative", JSON_VARIANT_UNSIGNED, json_dispatch_uint64, offsetof(UserRecord, disk_size_relative), 0 },
{ "skeletonDirectory", JSON_VARIANT_STRING, json_dispatch_path, offsetof(UserRecord, skeleton_directory), 0 },
{ "accessMode", JSON_VARIANT_UNSIGNED, json_dispatch_access_mode, offsetof(UserRecord, access_mode), 0 },

7
src/shared/user-record.h
View File

@ -10,13 +10,6 @@
#include "missing_resource.h"
#include "time-util.h"
/* But some limits on disk sizes: not less than 5M, not more than 5T */
#define USER_DISK_SIZE_MIN (UINT64_C(5)*1024*1024)
#define USER_DISK_SIZE_MAX (UINT64_C(5)*1024*1024*1024*1024)
/* The default disk size to use when nothing else is specified, relative to free disk space */
#define USER_DISK_SIZE_DEFAULT_PERCENT 85
typedef enum UserDisposition {
USER_INTRINSIC, /* root and nobody */
USER_SYSTEM, /* statically allocated users for system services */

33
test/units/testsuite-46.sh
View File

@ -69,6 +69,39 @@ inspect test-user
PASSWORD=xEhErW0ndafV4s homectl deactivate test-user
inspect test-user
# Do some resize tests, but only if we run on real kernels, as quota inside of containers will fail
if ! systemd-detect-virt -cq ; then
# grow while inactive
PASSWORD=xEhErW0ndafV4s homectl resize test-user 300M
inspect test-user
# minimize while inactive
PASSWORD=xEhErW0ndafV4s homectl resize test-user 0
inspect test-user
PASSWORD=xEhErW0ndafV4s homectl activate test-user
inspect test-user
# grow while active
PASSWORD=xEhErW0ndafV4s homectl resize test-user 300M
inspect test-user
# minimize while active
PASSWORD=xEhErW0ndafV4s homectl resize test-user 0
inspect test-user
# grow while active
PASSWORD=xEhErW0ndafV4s homectl resize test-user 300M
inspect test-user
# shrink to original size while active
PASSWORD=xEhErW0ndafV4s homectl resize test-user 256M
inspect test-user
PASSWORD=xEhErW0ndafV4s homectl deactivate test-user
inspect test-user
fi
PASSWORD=xEhErW0ndafV4s homectl with test-user -- test ! -f /home/test-user/xyz
PASSWORD=xEhErW0ndafV4s homectl with test-user -- test -f /home/test-user/xyz \
&& { echo 'unexpected success'; exit 1; }