diff options
| author | Luca Boccassi <bluca@debian.org> | 2024-02-16 23:05:03 +0100 |
|---|---|---|
| committer | Luca Boccassi <bluca@debian.org> | 2024-02-17 12:20:00 +0100 |
| commit | 622efc544dca2c287e5770d548d04a5f5d248a25 (patch) | |
| tree | 9e40350548cf3f11404dcb65bf02019526cd9f07 | |
| parent | core: add support for vpick for ExtensionImages= (diff) | |
| download | systemd-622efc544dca2c287e5770d548d04a5f5d248a25.tar.xz systemd-622efc544dca2c287e5770d548d04a5f5d248a25.zip | |
core: add support for vpick for ExtensionDirectories=
| -rw-r--r-- | man/systemd.exec.xml | 2 | ||||
| -rw-r--r-- | src/core/namespace.c | 21 | ||||
| -rwxr-xr-x | test/units/testsuite-50.sh | 13 |
3 files changed, 31 insertions, 5 deletions
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index a3ab77c4a9..05f5f20f44 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -588,6 +588,8 @@ <para>Note that usage from user units requires overlayfs support in unprivileged user namespaces, which was first introduced in kernel v5.11.</para> + <xi:include href="vpick.xml" xpointer="directory"/> + <xi:include href="system-or-user-ns.xml" xpointer="singular"/> <xi:include href="version-info.xml" xpointer="v251"/></listitem> diff --git a/src/core/namespace.c b/src/core/namespace.c index 600d1fffb5..e55982ffa5 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -550,7 +550,8 @@ static int append_extensions( * Bind mount them in the same location as the ExtensionImages, so that we * can check that they are valid trees (extension-release.d). */ STRV_FOREACH(extension_directory, extension_directories) { - _cleanup_free_ char *mount_point = NULL, *source = NULL; + _cleanup_(pick_result_done) PickResult result = PICK_RESULT_NULL; + _cleanup_free_ char *mount_point = NULL; const char *e = *extension_directory; bool ignore_enoent = false; @@ -567,9 +568,19 @@ static int append_extensions( if (startswith(e, "+")) e++; - source = strdup(e); - if (!source) - return -ENOMEM; + r = path_pick(/* toplevel_path= */ NULL, + /* toplevel_fd= */ AT_FDCWD, + e, + &pick_filter_image_dir, + PICK_ARCHITECTURE|PICK_TRIES, + &result); + if (r < 0) + return r; + if (!result.path) + return log_debug_errno( + SYNTHETIC_ERRNO(ENOENT), + "No matching entry in .v/ directory %s found.", + e); for (size_t j = 0; hierarchies && hierarchies[j]; ++j) { char *prefixed_hierarchy = path_join(mount_point, hierarchies[j]); @@ -587,7 +598,7 @@ static int append_extensions( *me = (MountEntry) { .path_malloc = TAKE_PTR(mount_point), - .source_malloc = TAKE_PTR(source), + .source_malloc = TAKE_PTR(result.path), .mode = MOUNT_EXTENSION_DIRECTORY, .ignore = ignore_enoent, .has_prefix = true, diff --git a/test/units/testsuite-50.sh b/test/units/testsuite-50.sh index 58b39d9f65..e34cbd915b 100755 --- a/test/units/testsuite-50.sh +++ b/test/units/testsuite-50.sh @@ -479,6 +479,19 @@ RemainAfterExit=yes EOF systemctl start testservice-50f.service systemctl is-active testservice-50f.service + +# Check vpick support in ExtensionDirectories= +VBASE="vtest$RANDOM" +VDIR="/tmp/${VBASE}.v" +mkdir "$VDIR" + +ln -s "${image_dir}/app0" "$VDIR/${VBASE}_0" +ln -s "${image_dir}/app1" "$VDIR/${VBASE}_1" + +systemd-run -P --property ExtensionDirectories="$VDIR" cat /opt/script1.sh | grep -q -F "extension-release.app2" + +rm -rf "$VDIR" + systemd-dissect --umount "${image_dir}/app0" systemd-dissect --umount "${image_dir}/app1" |