1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 23:21:22 +03:00

Merge pull request #21326 from poettering/mkdir-tweaks

various tweaks to mkdir code
This commit is contained in:
Lennart Poettering 2021-11-16 22:55:11 +01:00 committed by GitHub
commit b049b48c4b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
65 changed files with 138 additions and 161 deletions

View File

@ -21,15 +21,16 @@ int mkdir_safe_internal(
mode_t mode, mode_t mode,
uid_t uid, gid_t gid, uid_t uid, gid_t gid,
MkdirFlags flags, MkdirFlags flags,
mkdir_func_t _mkdir) { mkdirat_func_t _mkdirat) {
struct stat st; struct stat st;
int r; int r;
assert(path); assert(path);
assert(_mkdir && _mkdir != mkdir); assert(mode != MODE_INVALID);
assert(_mkdirat && _mkdirat != mkdirat);
if (_mkdir(path, mode) >= 0) { if (_mkdirat(AT_FDCWD, path, mode) >= 0) {
r = chmod_and_chown(path, mode, uid, gid); r = chmod_and_chown(path, mode, uid, gid);
if (r < 0) if (r < 0)
return r; return r;
@ -41,24 +42,20 @@ int mkdir_safe_internal(
if ((flags & MKDIR_FOLLOW_SYMLINK) && S_ISLNK(st.st_mode)) { if ((flags & MKDIR_FOLLOW_SYMLINK) && S_ISLNK(st.st_mode)) {
_cleanup_free_ char *p = NULL; _cleanup_free_ char *p = NULL;
r = chase_symlinks(path, NULL, CHASE_NONEXISTENT, &p, NULL); r = chase_symlinks_and_stat(path, NULL, CHASE_NONEXISTENT, &p, &st, NULL);
if (r < 0) if (r < 0)
return r; return r;
if (r == 0) if (r == 0)
return mkdir_safe_internal(p, mode, uid, gid, return mkdir_safe_internal(p, mode, uid, gid,
flags & ~MKDIR_FOLLOW_SYMLINK, flags & ~MKDIR_FOLLOW_SYMLINK,
_mkdir); _mkdirat);
if (lstat(p, &st) < 0)
return -errno;
} }
if (!S_ISDIR(st.st_mode)) if (!S_ISDIR(st.st_mode))
return log_full_errno(flags & MKDIR_WARN_MODE ? LOG_WARNING : LOG_DEBUG, SYNTHETIC_ERRNO(ENOTDIR), return log_full_errno(flags & MKDIR_WARN_MODE ? LOG_WARNING : LOG_DEBUG, SYNTHETIC_ERRNO(ENOTDIR),
"Path \"%s\" already exists and is not a directory, refusing.", path); "Path \"%s\" already exists and is not a directory, refusing.", path);
if ((st.st_mode & 0007) > (mode & 0007) ||
(st.st_mode & 0070) > (mode & 0070) || if ((st.st_mode & ~mode & 0777) != 0)
(st.st_mode & 0700) > (mode & 0700))
return log_full_errno(flags & MKDIR_WARN_MODE ? LOG_WARNING : LOG_DEBUG, SYNTHETIC_ERRNO(EEXIST), return log_full_errno(flags & MKDIR_WARN_MODE ? LOG_WARNING : LOG_DEBUG, SYNTHETIC_ERRNO(EEXIST),
"Directory \"%s\" already exists, but has mode %04o that is too permissive (%04o was requested), refusing.", "Directory \"%s\" already exists, but has mode %04o that is too permissive (%04o was requested), refusing.",
path, st.st_mode & 0777, mode); path, st.st_mode & 0777, mode);
@ -79,24 +76,20 @@ int mkdir_safe_internal(
return 0; return 0;
} }
int mkdir_errno_wrapper(const char *pathname, mode_t mode) {
return RET_NERRNO(mkdir(pathname, mode));
}
int mkdirat_errno_wrapper(int dirfd, const char *pathname, mode_t mode) { int mkdirat_errno_wrapper(int dirfd, const char *pathname, mode_t mode) {
return RET_NERRNO(mkdirat(dirfd, pathname, mode)); return RET_NERRNO(mkdirat(dirfd, pathname, mode));
} }
int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags) { int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags) {
return mkdir_safe_internal(path, mode, uid, gid, flags, mkdir_errno_wrapper); return mkdir_safe_internal(path, mode, uid, gid, flags, mkdirat_errno_wrapper);
} }
int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir) { int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdirat_func_t _mkdirat) {
const char *p, *e = NULL; const char *p, *e = NULL;
int r; int r;
assert(path); assert(path);
assert(_mkdir != mkdir); assert(_mkdirat != mkdirat);
if (prefix) { if (prefix) {
p = path_startswith_full(path, prefix, /* accept_dot_dot= */ false); p = path_startswith_full(path, prefix, /* accept_dot_dot= */ false);
@ -145,7 +138,7 @@ int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, ui
s[n] = '\0'; s[n] = '\0';
if (!prefix || !path_startswith_full(prefix, path, /* accept_dot_dot= */ false)) { if (!prefix || !path_startswith_full(prefix, path, /* accept_dot_dot= */ false)) {
r = mkdir_safe_internal(path, mode, uid, gid, flags, _mkdir); r = mkdir_safe_internal(path, mode, uid, gid, flags, _mkdirat);
if (r < 0 && r != -EEXIST) if (r < 0 && r != -EEXIST)
return r; return r;
} }
@ -155,30 +148,30 @@ int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, ui
} }
int mkdir_parents(const char *path, mode_t mode) { int mkdir_parents(const char *path, mode_t mode) {
return mkdir_parents_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdir_errno_wrapper); return mkdir_parents_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdirat_errno_wrapper);
} }
int mkdir_parents_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags) { int mkdir_parents_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags) {
return mkdir_parents_internal(prefix, path, mode, uid, gid, flags, mkdir_errno_wrapper); return mkdir_parents_internal(prefix, path, mode, uid, gid, flags, mkdirat_errno_wrapper);
} }
int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir) { int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdirat_func_t _mkdirat) {
int r; int r;
/* Like mkdir -p */ /* Like mkdir -p */
assert(_mkdir != mkdir); assert(_mkdirat != mkdirat);
r = mkdir_parents_internal(prefix, path, mode, uid, gid, flags, _mkdir); r = mkdir_parents_internal(prefix, path, mode, uid, gid, flags, _mkdirat);
if (r < 0) if (r < 0)
return r; return r;
if (!uid_is_valid(uid) && !gid_is_valid(gid) && flags == 0) { if (!uid_is_valid(uid) && !gid_is_valid(gid) && flags == 0) {
r = _mkdir(path, mode); r = _mkdirat(AT_FDCWD, path, mode);
if (r < 0 && (r != -EEXIST || is_dir(path, true) <= 0)) if (r < 0 && (r != -EEXIST || is_dir(path, true) <= 0))
return r; return r;
} else { } else {
r = mkdir_safe_internal(path, mode, uid, gid, flags, _mkdir); r = mkdir_safe_internal(path, mode, uid, gid, flags, _mkdirat);
if (r < 0 && r != -EEXIST) if (r < 0 && r != -EEXIST)
return r; return r;
} }
@ -187,11 +180,11 @@ int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t ui
} }
int mkdir_p(const char *path, mode_t mode) { int mkdir_p(const char *path, mode_t mode) {
return mkdir_p_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdir_errno_wrapper); return mkdir_p_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdirat_errno_wrapper);
} }
int mkdir_p_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags) { int mkdir_p_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags) {
return mkdir_p_internal(prefix, path, mode, uid, gid, flags, mkdir_errno_wrapper); return mkdir_p_internal(prefix, path, mode, uid, gid, flags, mkdirat_errno_wrapper);
} }
int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m) { int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m) {

View File

@ -8,23 +8,17 @@ typedef enum MkdirFlags {
MKDIR_WARN_MODE = 1 << 1, MKDIR_WARN_MODE = 1 << 1,
} MkdirFlags; } MkdirFlags;
int mkdir_errno_wrapper(const char *pathname, mode_t mode);
int mkdirat_errno_wrapper(int dirfd, const char *pathname, mode_t mode); int mkdirat_errno_wrapper(int dirfd, const char *pathname, mode_t mode);
int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags); int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags);
int mkdir_parents(const char *path, mode_t mode); int mkdir_parents(const char *path, mode_t mode);
int mkdir_parents_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags); int mkdir_parents_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags);
int mkdir_p(const char *path, mode_t mode); int mkdir_p(const char *path, mode_t mode);
int mkdir_p_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags); int mkdir_p_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags);
/* mandatory access control(MAC) versions */
int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags);
int mkdir_parents_label(const char *path, mode_t mod);
int mkdir_p_label(const char *path, mode_t mode);
/* internally used */
typedef int (*mkdir_func_t)(const char *pathname, mode_t mode);
int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir);
int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir);
int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir);
int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m); int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m);
/* The following are used to implement the mkdir_xyz_label() calls, don't use otherwise. */
typedef int (*mkdirat_func_t)(int dir_fd, const char *pathname, mode_t mode);
int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdirat_func_t _mkdir);
int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdirat_func_t _mkdir);
int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdirat_func_t _mkdir);

View File

@ -21,7 +21,7 @@
#include "format-util.h" #include "format-util.h"
#include "io-util.h" #include "io-util.h"
#include "label.h" #include "label.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "mount-util.h" #include "mount-util.h"
#include "mount.h" #include "mount.h"
#include "mountpoint-util.h" #include "mountpoint-util.h"

View File

@ -1,7 +1,7 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */ /* SPDX-License-Identifier: LGPL-2.1-or-later */
#include "core-varlink.h" #include "core-varlink.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "strv.h" #include "strv.h"
#include "user-util.h" #include "user-util.h"
#include "varlink.h" #include "varlink.h"

View File

@ -33,7 +33,7 @@
#include "fd-util.h" #include "fd-util.h"
#include "fs-util.h" #include "fs-util.h"
#include "log.h" #include "log.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "process-util.h" #include "process-util.h"
#include "selinux-access.h" #include "selinux-access.h"
#include "serialize.h" #include "serialize.h"

View File

@ -71,7 +71,7 @@
#include "memory-util.h" #include "memory-util.h"
#include "missing_fs.h" #include "missing_fs.h"
#include "missing_ioprio.h" #include "missing_ioprio.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "mount-util.h" #include "mount-util.h"
#include "mountpoint-util.h" #include "mountpoint-util.h"
#include "namespace.h" #include "namespace.h"

View File

@ -4,7 +4,7 @@
#include "generator-setup.h" #include "generator-setup.h"
#include "macro.h" #include "macro.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "rm-rf.h" #include "rm-rf.h"
int lookup_paths_mkdir_generator(LookupPaths *p) { int lookup_paths_mkdir_generator(LookupPaths *p) {

View File

@ -60,7 +60,7 @@
#include "manager.h" #include "manager.h"
#include "manager-dump.h" #include "manager-dump.h"
#include "manager-serialize.h" #include "manager-serialize.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "mount-setup.h" #include "mount-setup.h"
#include "os-util.h" #include "os-util.h"
#include "pager.h" #include "pager.h"

View File

@ -58,7 +58,7 @@
#include "manager-dump.h" #include "manager-dump.h"
#include "manager-serialize.h" #include "manager-serialize.h"
#include "memory-util.h" #include "memory-util.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "parse-util.h" #include "parse-util.h"
#include "path-lookup.h" #include "path-lookup.h"
#include "path-util.h" #include "path-util.h"

View File

@ -17,7 +17,7 @@
#include "libmount-util.h" #include "libmount-util.h"
#include "log.h" #include "log.h"
#include "manager.h" #include "manager.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "mount-setup.h" #include "mount-setup.h"
#include "mount.h" #include "mount.h"
#include "mountpoint-util.h" #include "mountpoint-util.h"

View File

@ -21,7 +21,7 @@
#include "list.h" #include "list.h"
#include "loop-util.h" #include "loop-util.h"
#include "loopback-setup.h" #include "loopback-setup.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "mount-util.h" #include "mount-util.h"
#include "mountpoint-util.h" #include "mountpoint-util.h"
#include "namespace-util.h" #include "namespace-util.h"

View File

@ -14,7 +14,7 @@
#include "glob-util.h" #include "glob-util.h"
#include "inotify-util.h" #include "inotify-util.h"
#include "macro.h" #include "macro.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "path.h" #include "path.h"
#include "path-util.h" #include "path-util.h"
#include "serialize.h" #include "serialize.h"

View File

@ -28,7 +28,7 @@
#include "ip-protocol-list.h" #include "ip-protocol-list.h"
#include "label.h" #include "label.h"
#include "log.h" #include "log.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "parse-util.h" #include "parse-util.h"
#include "path-util.h" #include "path-util.h"
#include "process-util.h" #include "process-util.h"

View File

@ -37,7 +37,7 @@
#include "log.h" #include "log.h"
#include "macro.h" #include "macro.h"
#include "missing_audit.h" #include "missing_audit.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "path-util.h" #include "path-util.h"
#include "process-util.h" #include "process-util.h"
#include "rm-rf.h" #include "rm-rf.h"

View File

@ -37,7 +37,7 @@
#include "macro.h" #include "macro.h"
#include "main-func.h" #include "main-func.h"
#include "memory-util.h" #include "memory-util.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "parse-util.h" #include "parse-util.h"
#include "process-util.h" #include "process-util.h"
#include "signal-util.h" #include "signal-util.h"

View File

@ -5,7 +5,7 @@
#include "alloc-util.h" #include "alloc-util.h"
#include "dropin.h" #include "dropin.h"
#include "generator.h" #include "generator.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "parse-util.h" #include "parse-util.h"
#include "path-util.h" #include "path-util.h"
#include "proc-cmdline.h" #include "proc-cmdline.h"
@ -138,7 +138,7 @@ static int generate_wants_symlinks(void) {
if (!f) if (!f)
return log_oom(); return log_oom();
mkdir_parents_label(p, 0755); (void) mkdir_parents_label(p, 0755);
if (symlink(f, p) < 0) if (symlink(f, p) < 0)
r = log_error_errno(errno, r = log_error_errno(errno,

View File

@ -10,7 +10,7 @@
#include "fileio.h" #include "fileio.h"
#include "generator.h" #include "generator.h"
#include "log.h" #include "log.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "path-util.h" #include "path-util.h"
#include "process-util.h" #include "process-util.h"
#include "strv.h" #include "strv.h"
@ -31,7 +31,7 @@ static int add_symlink(const char *fservice, const char *tservice) {
from = strjoina(SYSTEM_DATA_UNIT_DIR "/", fservice); from = strjoina(SYSTEM_DATA_UNIT_DIR "/", fservice);
to = strjoina(arg_dest, "/getty.target.wants/", tservice); to = strjoina(arg_dest, "/getty.target.wants/", tservice);
mkdir_parents_label(to, 0755); (void) mkdir_parents_label(to, 0755);
r = symlink(from, to); r = symlink(from, to);
if (r < 0) { if (r < 0) {

View File

@ -10,7 +10,7 @@
#include "generator.h" #include "generator.h"
#include "log.h" #include "log.h"
#include "main-func.h" #include "main-func.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "proc-cmdline.h" #include "proc-cmdline.h"
#include "special.h" #include "special.h"
#include "string-util.h" #include "string-util.h"
@ -84,7 +84,7 @@ static int process_resume(void) {
if (!lnk) if (!lnk)
return log_oom(); return log_oom();
mkdir_parents_label(lnk, 0755); (void) mkdir_parents_label(lnk, 0755);
if (symlink(SYSTEM_DATA_UNIT_DIR "/systemd-hibernate-resume@.service", lnk) < 0) if (symlink(SYSTEM_DATA_UNIT_DIR "/systemd-hibernate-resume@.service", lnk) < 0)
return log_error_errno(errno, "Failed to create symlink %s: %m", lnk); return log_error_errno(errno, "Failed to create symlink %s: %m", lnk);

View File

@ -14,7 +14,7 @@
#include "import-util.h" #include "import-util.h"
#include "install-file.h" #include "install-file.h"
#include "main-func.h" #include "main-func.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "parse-argument.h" #include "parse-argument.h"
#include "ratelimit.h" #include "ratelimit.h"
#include "rm-rf.h" #include "rm-rf.h"

View File

@ -18,7 +18,7 @@
#include "install-file.h" #include "install-file.h"
#include "io-util.h" #include "io-util.h"
#include "machine-pool.h" #include "machine-pool.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "path-util.h" #include "path-util.h"
#include "qcow2-util.h" #include "qcow2-util.h"
#include "ratelimit.h" #include "ratelimit.h"

View File

@ -18,7 +18,7 @@
#include "install-file.h" #include "install-file.h"
#include "io-util.h" #include "io-util.h"
#include "machine-pool.h" #include "machine-pool.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "path-util.h" #include "path-util.h"
#include "process-util.h" #include "process-util.h"
#include "qcow2-util.h" #include "qcow2-util.h"

View File

@ -19,7 +19,7 @@
#include "machine-pool.h" #include "machine-pool.h"
#include "main-func.h" #include "main-func.h"
#include "missing_capability.h" #include "missing_capability.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "parse-util.h" #include "parse-util.h"
#include "path-util.h" #include "path-util.h"
#include "percent-util.h" #include "percent-util.h"

View File

@ -17,7 +17,7 @@
#include "import-util.h" #include "import-util.h"
#include "install-file.h" #include "install-file.h"
#include "macro.h" #include "macro.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "path-util.h" #include "path-util.h"
#include "pull-common.h" #include "pull-common.h"
#include "pull-job.h" #include "pull-job.h"

View File

@ -16,7 +16,7 @@
#include "import-util.h" #include "import-util.h"
#include "install-file.h" #include "install-file.h"
#include "macro.h" #include "macro.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "path-util.h" #include "path-util.h"
#include "process-util.h" #include "process-util.h"
#include "pull-common.h" #include "pull-common.h"

View File

@ -18,7 +18,7 @@
#include "keymap-util.h" #include "keymap-util.h"
#include "locale-util.h" #include "locale-util.h"
#include "macro.h" #include "macro.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "nulstr-util.h" #include "nulstr-util.h"
#include "process-util.h" #include "process-util.h"
#include "string-util.h" #include "string-util.h"

View File

@ -36,7 +36,7 @@
#include "logind-user-dbus.h" #include "logind-user-dbus.h"
#include "logind.h" #include "logind.h"
#include "missing_capability.h" #include "missing_capability.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "parse-util.h" #include "parse-util.h"
#include "path-util.h" #include "path-util.h"
#include "process-util.h" #include "process-util.h"

View File

@ -17,7 +17,7 @@
#include "io-util.h" #include "io-util.h"
#include "logind-dbus.h" #include "logind-dbus.h"
#include "logind-inhibit.h" #include "logind-inhibit.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "parse-util.h" #include "parse-util.h"
#include "path-util.h" #include "path-util.h"
#include "string-table.h" #include "string-table.h"

View File

@ -16,7 +16,7 @@
#include "logind-seat-dbus.h" #include "logind-seat-dbus.h"
#include "logind-seat.h" #include "logind-seat.h"
#include "logind-session-dbus.h" #include "logind-session-dbus.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "parse-util.h" #include "parse-util.h"
#include "path-util.h" #include "path-util.h"
#include "stdio-util.h" #include "stdio-util.h"

View File

@ -26,7 +26,7 @@
#include "logind-session-dbus.h" #include "logind-session-dbus.h"
#include "logind-session.h" #include "logind-session.h"
#include "logind-user-dbus.h" #include "logind-user-dbus.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "parse-util.h" #include "parse-util.h"
#include "path-util.h" #include "path-util.h"
#include "process-util.h" #include "process-util.h"

View File

@ -21,7 +21,7 @@
#include "logind-dbus.h" #include "logind-dbus.h"
#include "logind-user-dbus.h" #include "logind-user-dbus.h"
#include "logind-user.h" #include "logind-user.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "parse-util.h" #include "parse-util.h"
#include "path-util.h" #include "path-util.h"
#include "percent-util.h" #include "percent-util.h"

View File

@ -27,6 +27,7 @@
#include "logind-user-dbus.h" #include "logind-user-dbus.h"
#include "logind.h" #include "logind.h"
#include "main-func.h" #include "main-func.h"
#include "mkdir-label.h"
#include "parse-util.h" #include "parse-util.h"
#include "process-util.h" #include "process-util.h"
#include "selinux-util.h" #include "selinux-util.h"

View File

@ -12,7 +12,7 @@
#include "label.h" #include "label.h"
#include "limits-util.h" #include "limits-util.h"
#include "main-func.h" #include "main-func.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "mount-util.h" #include "mount-util.h"
#include "mountpoint-util.h" #include "mountpoint-util.h"
#include "path-util.h" #include "path-util.h"

View File

@ -19,7 +19,7 @@
#include "hashmap.h" #include "hashmap.h"
#include "machine-dbus.h" #include "machine-dbus.h"
#include "machine.h" #include "machine.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "parse-util.h" #include "parse-util.h"
#include "path-util.h" #include "path-util.h"
#include "process-util.h" #include "process-util.h"

View File

@ -18,10 +18,10 @@
#include "fd-util.h" #include "fd-util.h"
#include "format-util.h" #include "format-util.h"
#include "hostname-util.h" #include "hostname-util.h"
#include "label.h"
#include "machined-varlink.h" #include "machined-varlink.h"
#include "machined.h" #include "machined.h"
#include "main-func.h" #include "main-func.h"
#include "mkdir-label.h"
#include "process-util.h" #include "process-util.h"
#include "service-util.h" #include "service-util.h"
#include "signal-util.h" #include "signal-util.h"

View File

@ -11,7 +11,7 @@
#include "daemon-util.h" #include "daemon-util.h"
#include "firewall-util.h" #include "firewall-util.h"
#include "main-func.h" #include "main-func.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "networkd-conf.h" #include "networkd-conf.h"
#include "networkd-manager.h" #include "networkd-manager.h"
#include "signal-util.h" #include "signal-util.h"

View File

@ -10,7 +10,7 @@
#include "format-util.h" #include "format-util.h"
#include "fs-util.h" #include "fs-util.h"
#include "label.h" #include "label.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "mount-util.h" #include "mount-util.h"
#include "mountpoint-util.h" #include "mountpoint-util.h"
#include "nspawn-mount.h" #include "nspawn-mount.h"

View File

@ -1887,7 +1887,7 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid
int r; int r;
q = prefix_roota(root, path); q = prefix_roota(root, path);
r = mkdir_errno_wrapper(q, mode); r = RET_NERRNO(mkdir(q, mode));
if (r == -EEXIST) if (r == -EEXIST)
return 0; return 0;
if (r < 0) if (r < 0)
@ -2341,7 +2341,7 @@ static int setup_pts(const char *dest) {
/* Mount /dev/pts itself */ /* Mount /dev/pts itself */
p = prefix_roota(dest, "/dev/pts"); p = prefix_roota(dest, "/dev/pts");
r = mkdir_errno_wrapper(p, 0755); r = RET_NERRNO(mkdir(p, 0755));
if (r < 0) if (r < 0)
return log_error_errno(r, "Failed to create /dev/pts: %m"); return log_error_errno(r, "Failed to create /dev/pts: %m");
@ -2666,7 +2666,7 @@ static int setup_journal(const char *directory) {
/* don't create parents here — if the host doesn't have /* don't create parents here — if the host doesn't have
* permanent journal set up, don't force it here */ * permanent journal set up, don't force it here */
r = mkdir_errno_wrapper(p, 0755); r = RET_NERRNO(mkdir(p, 0755));
if (r < 0 && r != -EEXIST) { if (r < 0 && r != -EEXIST) {
if (try) { if (try) {
log_debug_errno(r, "Failed to create %s, skipping journal setup: %m", p); log_debug_errno(r, "Failed to create %s, skipping journal setup: %m", p);

View File

@ -6,7 +6,7 @@
#include "generator.h" #include "generator.h"
#include "log.h" #include "log.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "string-util.h" #include "string-util.h"
#include "util.h" #include "util.h"

View File

@ -11,7 +11,7 @@
#include "capability-util.h" #include "capability-util.h"
#include "daemon-util.h" #include "daemon-util.h"
#include "main-func.h" #include "main-func.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "resolved-bus.h" #include "resolved-bus.h"
#include "resolved-conf.h" #include "resolved-conf.h"
#include "resolved-manager.h" #include "resolved-manager.h"

View File

@ -33,7 +33,7 @@
#include "macro.h" #include "macro.h"
#include "memory-util.h" #include "memory-util.h"
#include "missing_syscall.h" #include "missing_syscall.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "process-util.h" #include "process-util.h"
#include "random-util.h" #include "random-util.h"
#include "signal-util.h" #include "signal-util.h"

View File

@ -292,7 +292,7 @@ int cg_create(const char *controller, const char *path) {
if (r < 0) if (r < 0)
return r; return r;
r = mkdir_errno_wrapper(fs, 0755); r = RET_NERRNO(mkdir(fs, 0755));
if (r == -EEXIST) if (r == -EEXIST)
return 0; return 0;
if (r < 0) if (r < 0)

View File

@ -20,6 +20,7 @@
#include "io-util.h" #include "io-util.h"
#include "macro.h" #include "macro.h"
#include "missing_syscall.h" #include "missing_syscall.h"
#include "mkdir-label.h"
#include "mountpoint-util.h" #include "mountpoint-util.h"
#include "nulstr-util.h" #include "nulstr-util.h"
#include "rm-rf.h" #include "rm-rf.h"

View File

@ -8,6 +8,7 @@
#include "dev-setup.h" #include "dev-setup.h"
#include "label.h" #include "label.h"
#include "log.h" #include "log.h"
#include "mkdir-label.h"
#include "nulstr-util.h" #include "nulstr-util.h"
#include "path-util.h" #include "path-util.h"
#include "umask-util.h" #include "umask-util.h"

View File

@ -46,7 +46,7 @@
#include "hostname-setup.h" #include "hostname-setup.h"
#include "id128-util.h" #include "id128-util.h"
#include "import-util.h" #include "import-util.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "mount-util.h" #include "mount-util.h"
#include "mountpoint-util.h" #include "mountpoint-util.h"
#include "namespace-util.h" #include "namespace-util.h"

View File

@ -13,7 +13,7 @@
#include "generator.h" #include "generator.h"
#include "log.h" #include "log.h"
#include "macro.h" #include "macro.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "path-util.h" #include "path-util.h"
#include "special.h" #include "special.h"
#include "specifier.h" #include "specifier.h"
@ -63,7 +63,7 @@ int generator_add_symlink(const char *dir, const char *dst, const char *dep_type
from = path_is_absolute(src) ? src : strjoina("../", src); from = path_is_absolute(src) ? src : strjoina("../", src);
to = strjoina(dir, "/", dst, ".", dep_type, "/", basename(src)); to = strjoina(dir, "/", dst, ".", dep_type, "/", basename(src));
mkdir_parents_label(to, 0755); (void) mkdir_parents_label(to, 0755);
if (symlink(from, to) < 0) if (symlink(from, to) < 0)
if (errno != EEXIST) if (errno != EEXIST)
return log_error_errno(errno, "Failed to create symlink \"%s\": %m", to); return log_error_errno(errno, "Failed to create symlink \"%s\": %m", to);

View File

@ -12,7 +12,7 @@
#include "hwdb-internal.h" #include "hwdb-internal.h"
#include "hwdb-util.h" #include "hwdb-util.h"
#include "label.h" #include "label.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "nulstr-util.h" #include "nulstr-util.h"
#include "path-util.h" #include "path-util.h"
#include "sort-util.h" #include "sort-util.h"

View File

@ -26,7 +26,7 @@
#include "locale-util.h" #include "locale-util.h"
#include "log.h" #include "log.h"
#include "macro.h" #include "macro.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "path-lookup.h" #include "path-lookup.h"
#include "path-util.h" #include "path-util.h"
#include "rm-rf.h" #include "rm-rf.h"
@ -461,7 +461,7 @@ static int create_symlink(
* the right place, or negative on error. * the right place, or negative on error.
*/ */
mkdir_parents_label(new_path, 0755); (void) mkdir_parents_label(new_path, 0755);
if (symlink(old_path, new_path) >= 0) { if (symlink(old_path, new_path) >= 0) {
unit_file_changes_add(changes, n_changes, UNIT_FILE_SYMLINK, new_path, old_path); unit_file_changes_add(changes, n_changes, UNIT_FILE_SYMLINK, new_path, old_path);

View File

@ -1,6 +1,7 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */ /* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once #pragma once
#include <fcntl.h>
#include <stdbool.h> #include <stdbool.h>
#include <sys/types.h> #include <sys/types.h>
@ -14,8 +15,6 @@ static inline int label_fix(const char *path, LabelFixFlags flags) {
return label_fix_container(path, path, flags); return label_fix_container(path, path, flags);
} }
int mkdir_label(const char *path, mode_t mode);
int mkdirat_label(int dirfd, const char *path, mode_t mode);
int symlink_label(const char *old_path, const char *new_path); int symlink_label(const char *old_path, const char *new_path);
int symlink_atomic_label(const char *from, const char *to); int symlink_atomic_label(const char *from, const char *to);
int mknod_label(const char *pathname, mode_t mode, dev_t dev); int mknod_label(const char *pathname, mode_t mode, dev_t dev);

View File

@ -209,6 +209,7 @@ shared_sources = files('''
macvlan-util.h macvlan-util.h
main-func.h main-func.h
mkdir-label.c mkdir-label.c
mkdir-label.h
mkfs-util.c mkfs-util.c
mkfs-util.h mkfs-util.h
module-util.h module-util.h

View File

@ -1,34 +1,10 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */ /* SPDX-License-Identifier: LGPL-2.1-or-later */
#include <stdio.h> #include "mkdir-label.h"
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include "label.h"
#include "macro.h"
#include "mkdir.h"
#include "selinux-util.h" #include "selinux-util.h"
#include "smack-util.h" #include "smack-util.h"
#include "user-util.h" #include "user-util.h"
int mkdir_label(const char *path, mode_t mode) {
int r;
assert(path);
r = mac_selinux_create_file_prepare(path, S_IFDIR);
if (r < 0)
return r;
r = mkdir_errno_wrapper(path, mode);
mac_selinux_create_file_clear();
if (r < 0)
return r;
return mac_smack_fix(path, 0);
}
int mkdirat_label(int dirfd, const char *path, mode_t mode) { int mkdirat_label(int dirfd, const char *path, mode_t mode) {
int r; int r;
@ -47,13 +23,13 @@ int mkdirat_label(int dirfd, const char *path, mode_t mode) {
} }
int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags) { int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags) {
return mkdir_safe_internal(path, mode, uid, gid, flags, mkdir_label); return mkdir_safe_internal(path, mode, uid, gid, flags, mkdirat_label);
} }
int mkdir_parents_label(const char *path, mode_t mode) { int mkdir_parents_label(const char *path, mode_t mode) {
return mkdir_parents_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdir_label); return mkdir_parents_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdirat_label);
} }
int mkdir_p_label(const char *path, mode_t mode) { int mkdir_p_label(const char *path, mode_t mode) {
return mkdir_p_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdir_label); return mkdir_p_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdirat_label);
} }

17
src/shared/mkdir-label.h Normal file
View File

@ -0,0 +1,17 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once
#include <fcntl.h>
#include <sys/types.h>
#include "mkdir.h"
int mkdirat_label(int dirfd, const char *path, mode_t mode);
static inline int mkdir_label(const char *path, mode_t mode) {
return mkdirat_label(AT_FDCWD, path, mode);
}
int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags);
int mkdir_parents_label(const char *path, mode_t mod);
int mkdir_p_label(const char *path, mode_t mode);

View File

@ -20,7 +20,7 @@
#include "label.h" #include "label.h"
#include "log.h" #include "log.h"
#include "macro.h" #include "macro.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "mount-setup.h" #include "mount-setup.h"
#include "mount-util.h" #include "mount-util.h"
#include "mountpoint-util.h" #include "mountpoint-util.h"

View File

@ -22,7 +22,7 @@
#include "libmount-util.h" #include "libmount-util.h"
#include "missing_mount.h" #include "missing_mount.h"
#include "missing_syscall.h" #include "missing_syscall.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "mount-util.h" #include "mount-util.h"
#include "mountpoint-util.h" #include "mountpoint-util.h"
#include "namespace-util.h" #include "namespace-util.h"

View File

@ -497,25 +497,30 @@ static int selinux_create_file_prepare_abspath(const char *abspath, mode_t mode)
} }
#endif #endif
int mac_selinux_create_file_prepare_at(int dirfd, const char *path, mode_t mode) { int mac_selinux_create_file_prepare_at(
int dir_fd,
const char *path,
mode_t mode) {
#if HAVE_SELINUX #if HAVE_SELINUX
_cleanup_free_ char *abspath = NULL; _cleanup_free_ char *abspath = NULL;
int r; int r;
assert(path); if (dir_fd < 0 && dir_fd != AT_FDCWD)
return -EBADF;
if (!label_hnd) if (!label_hnd)
return 0; return 0;
if (!path_is_absolute(path)) { if (isempty(path) || !path_is_absolute(path)) {
if (dirfd == AT_FDCWD) if (dir_fd == AT_FDCWD)
r = safe_getcwd(&abspath); r = safe_getcwd(&abspath);
else else
r = fd_get_path(dirfd, &abspath); r = fd_get_path(dir_fd, &abspath);
if (r < 0) if (r < 0)
return r; return r;
if (!path_extend(&abspath, path)) if (!isempty(path) && !path_extend(&abspath, path))
return -ENOMEM; return -ENOMEM;
path = abspath; path = abspath;
@ -527,27 +532,6 @@ int mac_selinux_create_file_prepare_at(int dirfd, const char *path, mode_t mode)
#endif #endif
} }
int mac_selinux_create_file_prepare(const char *path, mode_t mode) {
#if HAVE_SELINUX
int r;
_cleanup_free_ char *abspath = NULL;
assert(path);
if (!label_hnd)
return 0;
r = path_make_absolute_cwd(path, &abspath);
if (r < 0)
return r;
return selinux_create_file_prepare_abspath(abspath, mode);
#else
return 0;
#endif
}
int mac_selinux_create_file_prepare_label(const char *path, const char *label) { int mac_selinux_create_file_prepare_label(const char *path, const char *label) {
#if HAVE_SELINUX #if HAVE_SELINUX

View File

@ -1,6 +1,7 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */ /* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once #pragma once
#include <fcntl.h>
#include <stdbool.h> #include <stdbool.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/types.h> #include <sys/types.h>
@ -41,8 +42,10 @@ int mac_selinux_get_our_label(char **label);
int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *exec_label, char **label); int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *exec_label, char **label);
char* mac_selinux_free(char *label); char* mac_selinux_free(char *label);
int mac_selinux_create_file_prepare(const char *path, mode_t mode);
int mac_selinux_create_file_prepare_at(int dirfd, const char *path, mode_t mode); int mac_selinux_create_file_prepare_at(int dirfd, const char *path, mode_t mode);
static inline int mac_selinux_create_file_prepare(const char *path, mode_t mode) {
return mac_selinux_create_file_prepare_at(AT_FDCWD, path, mode);
}
int mac_selinux_create_file_prepare_label(const char *path, const char *label); int mac_selinux_create_file_prepare_label(const char *path, const char *label);
void mac_selinux_create_file_clear(void); void mac_selinux_create_file_clear(void);

View File

@ -176,7 +176,7 @@ static int smack_fix_fd(int fd, const char *abspath, LabelFixFlags flags) {
return 0; return 0;
} }
int mac_smack_fix_at(int dirfd, const char *path, LabelFixFlags flags) { int mac_smack_fix_at(int dir_fd, const char *path, LabelFixFlags flags) {
_cleanup_free_ char *p = NULL; _cleanup_free_ char *p = NULL;
_cleanup_close_ int fd = -1; _cleanup_close_ int fd = -1;
int r; int r;
@ -186,7 +186,14 @@ int mac_smack_fix_at(int dirfd, const char *path, LabelFixFlags flags) {
if (!mac_smack_use()) if (!mac_smack_use())
return 0; return 0;
fd = openat(dirfd, path, O_NOFOLLOW|O_CLOEXEC|O_PATH); if (dir_fd < 0) {
if (dir_fd != AT_FDCWD)
return -EBADF;
return mac_smack_fix(path, flags);
}
fd = openat(dir_fd, path, O_NOFOLLOW|O_CLOEXEC|O_PATH);
if (fd < 0) { if (fd < 0) {
if ((flags & LABEL_IGNORE_ENOENT) && errno == ENOENT) if ((flags & LABEL_IGNORE_ENOENT) && errno == ENOENT)
return 0; return 0;

View File

@ -14,7 +14,7 @@
#include "log.h" #include "log.h"
#include "macro.h" #include "macro.h"
#include "missing_socket.h" #include "missing_socket.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "selinux-util.h" #include "selinux-util.h"
#include "socket-util.h" #include "socket-util.h"
#include "umask-util.h" #include "umask-util.h"

View File

@ -13,7 +13,7 @@
#include "fd-util.h" #include "fd-util.h"
#include "log.h" #include "log.h"
#include "missing_syscall.h" #include "missing_syscall.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "mount-util.h" #include "mount-util.h"
#include "mountpoint-util.h" #include "mountpoint-util.h"
#include "path-util.h" #include "path-util.h"

View File

@ -5,7 +5,7 @@
#include "fd-util.h" #include "fd-util.h"
#include "fileio.h" #include "fileio.h"
#include "fs-util.h" #include "fs-util.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "pager.h" #include "pager.h"
#include "path-util.h" #include "path-util.h"
#include "pretty-print.h" #include "pretty-print.h"

View File

@ -15,7 +15,7 @@
#include "fs-util.h" #include "fs-util.h"
#include "log.h" #include "log.h"
#include "main-func.h" #include "main-func.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "mount-util.h" #include "mount-util.h"
#include "namespace-util.h" #include "namespace-util.h"
#include "selinux-util.h" #include "selinux-util.h"

View File

@ -12,7 +12,7 @@
#include "fd-util.h" #include "fd-util.h"
#include "fs-util.h" #include "fs-util.h"
#include "main-func.h" #include "main-func.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "network-util.h" #include "network-util.h"
#include "process-util.h" #include "process-util.h"
#include "signal-util.h" #include "signal-util.h"

View File

@ -42,7 +42,7 @@
#include "main-func.h" #include "main-func.h"
#include "missing_stat.h" #include "missing_stat.h"
#include "missing_syscall.h" #include "missing_syscall.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "mount-util.h" #include "mount-util.h"
#include "mountpoint-util.h" #include "mountpoint-util.h"
#include "offline-passwd.h" #include "offline-passwd.h"

View File

@ -30,7 +30,7 @@
#include "macro.h" #include "macro.h"
#include "main-func.h" #include "main-func.h"
#include "memory-util.h" #include "memory-util.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "path-util.h" #include "path-util.h"
#include "pretty-print.h" #include "pretty-print.h"
#include "process-util.h" #include "process-util.h"

View File

@ -17,7 +17,7 @@
#include "format-util.h" #include "format-util.h"
#include "fs-util.h" #include "fs-util.h"
#include "hexdecoct.h" #include "hexdecoct.h"
#include "mkdir.h" #include "mkdir-label.h"
#include "parse-util.h" #include "parse-util.h"
#include "path-util.h" #include "path-util.h"
#include "random-util.h" #include "random-util.h"

View File

@ -1933,7 +1933,7 @@ int run_udevd(int argc, char *argv[]) {
if (r < 0) if (r < 0)
return r; return r;
r = mkdir_errno_wrapper("/run/udev", 0755); r = RET_NERRNO(mkdir("/run/udev", 0755));
if (r < 0 && r != -EEXIST) if (r < 0 && r != -EEXIST)
return log_error_errno(r, "Failed to create /run/udev: %m"); return log_error_errno(r, "Failed to create /run/udev: %m");