shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-01 09:21:26 +03:00
Code

Merge pull request #7003 from yuwata/enable-dynamic-user

Browse Source 
timesyncd, journal-upload: Enable DynamicUser=
This commit is contained in:
Lennart Poettering 2017-10-10 10:05:43 +02:00 committed by GitHub
commit b74023db06
19 changed files with 43 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/basic/mkdir-label.c
View File

@ -25,8 +25,8 @@
#include "label.h"
#include "mkdir.h"
int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid) {
return mkdir_safe_internal(path, mode, uid, gid, mkdir_label);
int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid, bool follow_symlink) {
return mkdir_safe_internal(path, mode, uid, gid, follow_symlink, mkdir_label);
}
int mkdir_parents_label(const char *path, mode_t mode) {

20
src/basic/mkdir.c
View File

@ -22,6 +22,7 @@
#include <string.h>
#include <sys/stat.h>
#include "alloc-util.h"
#include "fs-util.h"
#include "macro.h"
#include "mkdir.h"
@ -29,7 +30,7 @@
#include "stat-util.h"
#include "user-util.h"
int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, mkdir_func_t _mkdir) {
int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, bool follow_symlink, mkdir_func_t _mkdir) {
struct stat st;
int r;
@ -42,6 +43,19 @@ int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, mkd
if (lstat(path, &st) < 0)
return -errno;
if (follow_symlink && S_ISLNK(st.st_mode)) {
_cleanup_free_ char *p = NULL;
r = chase_symlinks(path, NULL, CHASE_NONEXISTENT, &p);
if (r < 0)
return r;
if (r == 0)
return mkdir_safe_internal(p, mode, uid, gid, false, _mkdir);
if (lstat(p, &st) < 0)
return -errno;
}
if ((st.st_mode & 0007) > (mode & 0007) ||
(st.st_mode & 0070) > (mode & 0070) ||
(st.st_mode & 0700) > (mode & 0700) ||
@ -53,8 +67,8 @@ int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, mkd
return 0;
}
int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid) {
return mkdir_safe_internal(path, mode, uid, gid, mkdir);
int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid, bool follow_symlink) {
return mkdir_safe_internal(path, mode, uid, gid, follow_symlink, mkdir);
}
int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, mkdir_func_t _mkdir) {

6
src/basic/mkdir.h
View File

@ -22,17 +22,17 @@
#include <sys/types.h>
int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid);
int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid, bool follow_symlink);
int mkdir_parents(const char *path, mode_t mode);
int mkdir_p(const char *path, mode_t mode);
/* mandatory access control(MAC) versions */
int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid);
int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid, bool follow_symlink);
int mkdir_parents_label(const char *path, mode_t mode);
int mkdir_p_label(const char *path, mode_t mode);
/* internally used */
typedef int (*mkdir_func_t)(const char *pathname, mode_t mode);
int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, mkdir_func_t _mkdir);
int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, bool follow_symlink, mkdir_func_t _mkdir);
int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, mkdir_func_t _mkdir);
int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, mkdir_func_t _mkdir);

2
src/core/execute.c
View File

@ -1974,7 +1974,7 @@ static int setup_exec_directory(
}
/* First set up private root if it doesn't exist yet, with access mode 0700 and owned by root:root */
r = mkdir_safe_label(private_root, 0700, 0, 0);
r = mkdir_safe_label(private_root, 0700, 0, 0, false);
if (r < 0)
goto fail;

4
src/login/logind-dbus.c
View File

@ -1170,7 +1170,7 @@ static int method_set_user_linger(sd_bus_message *message, void *userdata, sd_bu
mkdir_p_label("/var/lib/systemd", 0755);
r = mkdir_safe_label("/var/lib/systemd/linger", 0755, 0, 0);
r = mkdir_safe_label("/var/lib/systemd/linger", 0755, 0, 0, false);
if (r < 0)
return r;
@ -1904,7 +1904,7 @@ static int update_schedule_file(Manager *m) {
assert(m);
r = mkdir_safe_label("/run/systemd/shutdown", 0755, 0, 0);
r = mkdir_safe_label("/run/systemd/shutdown", 0755, 0, 0, false);
if (r < 0)
return log_error_errno(r, "Failed to create shutdown subdirectory: %m");

4
src/login/logind-inhibit.c
View File

@ -86,7 +86,7 @@ int inhibitor_save(Inhibitor *i) {
assert(i);
r = mkdir_safe_label("/run/systemd/inhibit", 0755, 0, 0);
r = mkdir_safe_label("/run/systemd/inhibit", 0755, 0, 0, false);
if (r < 0)
goto fail;
@ -290,7 +290,7 @@ int inhibitor_create_fifo(Inhibitor *i) {
/* Create FIFO */
if (!i->fifo_path) {
r = mkdir_safe_label("/run/systemd/inhibit", 0755, 0, 0);
r = mkdir_safe_label("/run/systemd/inhibit", 0755, 0, 0, false);
if (r < 0)
return r;

2
src/login/logind-seat.c
View File

@ -93,7 +93,7 @@ int seat_save(Seat *s) {
if (!s->started)
return 0;
r = mkdir_safe_label("/run/systemd/seats", 0755, 0, 0);
r = mkdir_safe_label("/run/systemd/seats", 0755, 0, 0, false);
if (r < 0)
goto fail;

4
src/login/logind-session.c
View File

@ -179,7 +179,7 @@ int session_save(Session *s) {
if (!s->started)
return 0;
r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0);
r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0, false);
if (r < 0)
goto fail;
@ -948,7 +948,7 @@ int session_create_fifo(Session *s) {
/* Create FIFO */
if (!s->fifo_path) {
r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0);
r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0, false);
if (r < 0)
return r;

4
src/login/logind-user.c
View File

@ -141,7 +141,7 @@ static int user_save_internal(User *u) {
assert(u);
assert(u->state_file);
r = mkdir_safe_label("/run/systemd/users", 0755, 0, 0);
r = mkdir_safe_label("/run/systemd/users", 0755, 0, 0, false);
if (r < 0)
goto fail;
@ -334,7 +334,7 @@ static int user_mkdir_runtime_path(User *u) {
assert(u);
r = mkdir_safe_label("/run/user", 0755, 0, 0);
r = mkdir_safe_label("/run/user", 0755, 0, 0, false);
if (r < 0)
return log_error_errno(r, "Failed to create /run/user: %m");

2
src/machine/machine.c
View File

@ -128,7 +128,7 @@ int machine_save(Machine *m) {
if (!m->started)
return 0;
r = mkdir_safe_label("/run/systemd/machines", 0755, 0, 0);
r = mkdir_safe_label("/run/systemd/machines", 0755, 0, 0, false);
if (r < 0)
goto fail;

8
src/network/networkd.c
View File

@ -54,19 +54,19 @@ int main(int argc, char *argv[]) {
/* Always create the directories people can create inotify
* watches in. */
r = mkdir_safe_label("/run/systemd/netif", 0755, uid, gid);
r = mkdir_safe_label("/run/systemd/netif", 0755, uid, gid, false);
if (r < 0)
log_warning_errno(r, "Could not create runtime directory: %m");
r = mkdir_safe_label("/run/systemd/netif/links", 0755, uid, gid);
r = mkdir_safe_label("/run/systemd/netif/links", 0755, uid, gid, false);
if (r < 0)
log_warning_errno(r, "Could not create runtime directory 'links': %m");
r = mkdir_safe_label("/run/systemd/netif/leases", 0755, uid, gid);
r = mkdir_safe_label("/run/systemd/netif/leases", 0755, uid, gid, false);
if (r < 0)
log_warning_errno(r, "Could not create runtime directory 'leases': %m");
r = mkdir_safe_label("/run/systemd/netif/lldp", 0755, uid, gid);
r = mkdir_safe_label("/run/systemd/netif/lldp", 0755, uid, gid, false);
if (r < 0)
log_warning_errno(r, "Could not create runtime directory 'lldp': %m");

2
src/nspawn/nspawn-setuid.c
View File

@ -244,7 +244,7 @@ int change_uid_gid(const char *user, char **_home) {
if (r < 0)
return log_error_errno(r, "Failed to make home root directory: %m");
r = mkdir_safe(home, 0755, uid, gid);
r = mkdir_safe(home, 0755, uid, gid, false);
if (r < 0 && r != -EEXIST)
return log_error_errno(r, "Failed to make home directory: %m");

2
src/resolve/resolved.c
View File

@ -61,7 +61,7 @@ int main(int argc, char *argv[]) {
}
/* Always create the directory where resolv.conf will live */
r = mkdir_safe_label("/run/systemd/resolve", 0755, uid, gid);
r = mkdir_safe_label("/run/systemd/resolve", 0755, uid, gid, false);
if (r < 0) {
log_error_errno(r, "Could not create runtime directory: %m");
goto finish;

2
src/test/test-fs-util.c
View File

@ -221,7 +221,7 @@ static void test_readlink_and_make_absolute(void) {
char name_alias[] = "/tmp/test-readlink_and_make_absolute-alias";
char *r = NULL;
assert_se(mkdir_safe(tempdir, 0755, getuid(), getgid()) >= 0);
assert_se(mkdir_safe(tempdir, 0755, getuid(), getgid(), false) >= 0);
assert_se(touch(name) >= 0);
assert_se(symlink(name, name_alias) >= 0);

2
src/timesync/timesyncd.c
View File

@ -69,7 +69,7 @@ static int load_clock_timestamp(uid_t uid, gid_t gid) {
}
} else {
r = mkdir_safe_label("/var/lib/systemd/timesync", 0755, uid, gid);
r = mkdir_safe_label("/var/lib/systemd/timesync", 0755, uid, gid, true);
if (r < 0)
return log_error_errno(r, "Failed to create state directory: %m");

3
sysusers.d/systemd-remote.conf.m4
View File

@ -8,6 +8,3 @@
m4_ifdef(`HAVE_MICROHTTPD',
u systemd-journal-remote - "systemd Journal Remote"
)m4_dnl
m4_ifdef(`HAVE_LIBCURL',
u systemd-journal-upload - "systemd Journal Upload"
)m4_dnl

3
sysusers.d/systemd.conf.m4
View File

@ -12,9 +12,6 @@ u systemd-network - "systemd Network Management"
m4_ifdef(`ENABLE_RESOLVE',
u systemd-resolve - "systemd Resolver"
)m4_dnl
m4_ifdef(`ENABLE_TIMESYNCD',
u systemd-timesync - "systemd Time Synchronization"
)m4_dnl
m4_ifdef(`ENABLE_COREDUMP',
u systemd-coredump - "systemd Core Dumper"
)m4_dnl

3
units/systemd-journal-upload.service.in
View File

@ -14,11 +14,10 @@ After=network-online.target
[Service]
ExecStart=@rootlibexecdir@/systemd-journal-upload --save-state
User=systemd-journal-upload
DynamicUser=yes
SupplementaryGroups=systemd-journal
WatchdogSec=3min
PrivateTmp=yes
PrivateDevices=yes
ProtectSystem=strict
ProtectHome=yes
ProtectControlGroups=yes
ProtectKernelTunables=yes

3
units/systemd-timesyncd.service.in
View File

@ -23,11 +23,10 @@ RestartSec=0
ExecStart=!!@rootlibexecdir@/systemd-timesyncd
WatchdogSec=3min
User=systemd-timesync
DynamicUser=yes
CapabilityBoundingSet=CAP_SYS_TIME
AmbientCapabilities=CAP_SYS_TIME
PrivateTmp=yes
PrivateDevices=yes
ProtectSystem=strict
ProtectHome=yes
ProtectControlGroups=yes
ProtectKernelTunables=yes