mirror of
https://github.com/systemd/systemd.git
synced 2024-12-22 17:35:35 +03:00
pid1: drop check that ensures /run/ has plenty space before reexec/reload
Now that we only support serialization into a memfd (rather than a file in /run/) there's no point to check the free space in /run/. Let's drop it. One error scenario gone. Yay.
This commit is contained in:
parent
d54bbc4cdc
commit
65d9ef40f2
@ -48,10 +48,6 @@
|
|||||||
#include "virt.h"
|
#include "virt.h"
|
||||||
#include "watchdog.h"
|
#include "watchdog.h"
|
||||||
|
|
||||||
/* Require 16MiB free in /run/systemd for reloading/reexecing. After all we need to serialize our state
|
|
||||||
* there, and if we can't we'll fail badly. */
|
|
||||||
#define RELOAD_DISK_SPACE_MIN (UINT64_C(16) * UINT64_C(1024) * UINT64_C(1024))
|
|
||||||
|
|
||||||
static UnitFileFlags unit_file_bools_to_flags(bool runtime, bool force) {
|
static UnitFileFlags unit_file_bools_to_flags(bool runtime, bool force) {
|
||||||
return (runtime ? UNIT_FILE_RUNTIME : 0) |
|
return (runtime ? UNIT_FILE_RUNTIME : 0) |
|
||||||
(force ? UNIT_FILE_FORCE : 0);
|
(force ? UNIT_FILE_FORCE : 0);
|
||||||
@ -1485,73 +1481,6 @@ static int method_refuse_snapshot(sd_bus_message *message, void *userdata, sd_bu
|
|||||||
return sd_bus_error_set(error, SD_BUS_ERROR_NOT_SUPPORTED, "Support for snapshots has been removed.");
|
return sd_bus_error_set(error, SD_BUS_ERROR_NOT_SUPPORTED, "Support for snapshots has been removed.");
|
||||||
}
|
}
|
||||||
|
|
||||||
static int get_run_space(uint64_t *ret, sd_bus_error *error) {
|
|
||||||
struct statvfs svfs;
|
|
||||||
|
|
||||||
assert(ret);
|
|
||||||
|
|
||||||
if (statvfs("/run/systemd", &svfs) < 0)
|
|
||||||
return sd_bus_error_set_errnof(error, errno, "Failed to statvfs(/run/systemd): %m");
|
|
||||||
|
|
||||||
*ret = (uint64_t) svfs.f_bfree * (uint64_t) svfs.f_bsize;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int verify_run_space(const char *message, sd_bus_error *error) {
|
|
||||||
uint64_t available = 0; /* unnecessary, but used to trick out gcc's incorrect maybe-uninitialized warning */
|
|
||||||
int r;
|
|
||||||
|
|
||||||
assert(message);
|
|
||||||
|
|
||||||
r = get_run_space(&available, error);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
if (available < RELOAD_DISK_SPACE_MIN)
|
|
||||||
return sd_bus_error_setf(error,
|
|
||||||
BUS_ERROR_DISK_FULL,
|
|
||||||
"%s, not enough space available on /run/systemd/. "
|
|
||||||
"Currently, %s are free, but a safety buffer of %s is enforced.",
|
|
||||||
message,
|
|
||||||
FORMAT_BYTES(available),
|
|
||||||
FORMAT_BYTES(RELOAD_DISK_SPACE_MIN));
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
int verify_run_space_and_log(const char *message) {
|
|
||||||
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
|
|
||||||
int r;
|
|
||||||
|
|
||||||
assert(message);
|
|
||||||
|
|
||||||
r = verify_run_space(message, &error);
|
|
||||||
if (r < 0)
|
|
||||||
return log_error_errno(r, "%s", bus_error_message(&error, r));
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int verify_run_space_permissive(const char *message, sd_bus_error *error) {
|
|
||||||
uint64_t available = 0; /* unnecessary, but used to trick out gcc's incorrect maybe-uninitialized warning */
|
|
||||||
int r;
|
|
||||||
|
|
||||||
assert(message);
|
|
||||||
|
|
||||||
r = get_run_space(&available, error);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
if (available < RELOAD_DISK_SPACE_MIN)
|
|
||||||
log_warning("Dangerously low amount of free space on /run/systemd/, %s.\n"
|
|
||||||
"Currently, %s are free, but %s are suggested. Proceeding anyway.",
|
|
||||||
message,
|
|
||||||
FORMAT_BYTES(available),
|
|
||||||
FORMAT_BYTES(RELOAD_DISK_SPACE_MIN));
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
static void log_caller(sd_bus_message *message, Manager *manager, const char *method) {
|
static void log_caller(sd_bus_message *message, Manager *manager, const char *method) {
|
||||||
_cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
|
_cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
|
||||||
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
|
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
|
||||||
@ -1585,10 +1514,6 @@ static int method_reload(sd_bus_message *message, void *userdata, sd_bus_error *
|
|||||||
|
|
||||||
assert(message);
|
assert(message);
|
||||||
|
|
||||||
r = verify_run_space("Refusing to reload", error);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
r = mac_selinux_access_check(message, "reload", error);
|
r = mac_selinux_access_check(message, "reload", error);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
@ -1631,10 +1556,6 @@ static int method_reexecute(sd_bus_message *message, void *userdata, sd_bus_erro
|
|||||||
|
|
||||||
assert(message);
|
assert(message);
|
||||||
|
|
||||||
r = verify_run_space("Refusing to reexecute", error);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
r = mac_selinux_access_check(message, "reload", error);
|
r = mac_selinux_access_check(message, "reload", error);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
@ -1718,10 +1639,6 @@ static int method_soft_reboot(sd_bus_message *message, void *userdata, sd_bus_er
|
|||||||
return sd_bus_error_set(error, SD_BUS_ERROR_NOT_SUPPORTED,
|
return sd_bus_error_set(error, SD_BUS_ERROR_NOT_SUPPORTED,
|
||||||
"Soft reboot is only supported by system manager.");
|
"Soft reboot is only supported by system manager.");
|
||||||
|
|
||||||
r = verify_run_space_permissive("soft reboot may fail", error);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
r = mac_selinux_access_check(message, "reboot", error);
|
r = mac_selinux_access_check(message, "reboot", error);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
@ -1826,10 +1743,6 @@ static int method_switch_root(sd_bus_message *message, void *userdata, sd_bus_er
|
|||||||
return sd_bus_error_set(error, SD_BUS_ERROR_NOT_SUPPORTED,
|
return sd_bus_error_set(error, SD_BUS_ERROR_NOT_SUPPORTED,
|
||||||
"Root switching is only supported by system manager.");
|
"Root switching is only supported by system manager.");
|
||||||
|
|
||||||
r = verify_run_space_permissive("root switching may fail", error);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
r = mac_selinux_access_check(message, "reboot", error);
|
r = mac_selinux_access_check(message, "reboot", error);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
@ -3124,9 +3124,6 @@ static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t
|
|||||||
case SIGTERM:
|
case SIGTERM:
|
||||||
if (MANAGER_IS_SYSTEM(m)) {
|
if (MANAGER_IS_SYSTEM(m)) {
|
||||||
/* This is for compatibility with the original sysvinit */
|
/* This is for compatibility with the original sysvinit */
|
||||||
if (verify_run_space_and_log("Refusing to reexecute") < 0)
|
|
||||||
break;
|
|
||||||
|
|
||||||
m->objective = MANAGER_REEXECUTE;
|
m->objective = MANAGER_REEXECUTE;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -3180,9 +3177,6 @@ static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t
|
|||||||
}
|
}
|
||||||
|
|
||||||
case SIGHUP:
|
case SIGHUP:
|
||||||
if (verify_run_space_and_log("Refusing to reload") < 0)
|
|
||||||
break;
|
|
||||||
|
|
||||||
m->objective = MANAGER_RELOAD;
|
m->objective = MANAGER_RELOAD;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
@ -32,7 +32,6 @@ BUS_ERROR_MAP_ELF_REGISTER const sd_bus_error_map bus_common_errors[] = {
|
|||||||
SD_BUS_ERROR_MAP(BUS_ERROR_SCOPE_NOT_RUNNING, EHOSTDOWN),
|
SD_BUS_ERROR_MAP(BUS_ERROR_SCOPE_NOT_RUNNING, EHOSTDOWN),
|
||||||
SD_BUS_ERROR_MAP(BUS_ERROR_NO_SUCH_DYNAMIC_USER, ESRCH),
|
SD_BUS_ERROR_MAP(BUS_ERROR_NO_SUCH_DYNAMIC_USER, ESRCH),
|
||||||
SD_BUS_ERROR_MAP(BUS_ERROR_NOT_REFERENCED, EUNATCH),
|
SD_BUS_ERROR_MAP(BUS_ERROR_NOT_REFERENCED, EUNATCH),
|
||||||
SD_BUS_ERROR_MAP(BUS_ERROR_DISK_FULL, ENOSPC),
|
|
||||||
SD_BUS_ERROR_MAP(BUS_ERROR_FILE_DESCRIPTOR_STORE_DISABLED,
|
SD_BUS_ERROR_MAP(BUS_ERROR_FILE_DESCRIPTOR_STORE_DISABLED,
|
||||||
EHOSTDOWN),
|
EHOSTDOWN),
|
||||||
SD_BUS_ERROR_MAP(BUS_ERROR_FROZEN_BY_PARENT, EDEADLK),
|
SD_BUS_ERROR_MAP(BUS_ERROR_FROZEN_BY_PARENT, EDEADLK),
|
||||||
|
@ -28,7 +28,6 @@
|
|||||||
#define BUS_ERROR_SCOPE_NOT_RUNNING "org.freedesktop.systemd1.ScopeNotRunning"
|
#define BUS_ERROR_SCOPE_NOT_RUNNING "org.freedesktop.systemd1.ScopeNotRunning"
|
||||||
#define BUS_ERROR_NO_SUCH_DYNAMIC_USER "org.freedesktop.systemd1.NoSuchDynamicUser"
|
#define BUS_ERROR_NO_SUCH_DYNAMIC_USER "org.freedesktop.systemd1.NoSuchDynamicUser"
|
||||||
#define BUS_ERROR_NOT_REFERENCED "org.freedesktop.systemd1.NotReferenced"
|
#define BUS_ERROR_NOT_REFERENCED "org.freedesktop.systemd1.NotReferenced"
|
||||||
#define BUS_ERROR_DISK_FULL "org.freedesktop.systemd1.DiskFull"
|
|
||||||
#define BUS_ERROR_NOTHING_TO_CLEAN "org.freedesktop.systemd1.NothingToClean"
|
#define BUS_ERROR_NOTHING_TO_CLEAN "org.freedesktop.systemd1.NothingToClean"
|
||||||
#define BUS_ERROR_UNIT_BUSY "org.freedesktop.systemd1.UnitBusy"
|
#define BUS_ERROR_UNIT_BUSY "org.freedesktop.systemd1.UnitBusy"
|
||||||
#define BUS_ERROR_UNIT_INACTIVE "org.freedesktop.systemd1.UnitInactive"
|
#define BUS_ERROR_UNIT_INACTIVE "org.freedesktop.systemd1.UnitInactive"
|
||||||
|
Loading…
Reference in New Issue
Block a user