summaryrefslogtreecommitdiffstats
path: root/src/tmpfiles (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* tmpfiles: ignore EINVAL with --gracefulFrantisek Sumsal2023-10-281-1/+1
| | | | | | | | | | | | Add EINVAL to the list of ignored errnos, since acl_from_text() returns EINVAL if it can't translate the given string. ~# cat /tmp/tmpfiles-test.conf a+ /tmp/foo - - - - default:group:foo:rwx ~# build/systemd-tmpfiles /tmp/tmpfiles-test.conf --create --graceful Failed to parse ACL "default:group:foo:rwx", ignoring: Invalid argument Resolves: #29742
* tree-wide: fix typoYu Watanabe2023-10-261-1/+1
|
* Merge pull request #29553 from keszybz/analyze-cat-config-tldrLuca Boccassi2023-10-251-12/+18
|\ | | | | analyze/cat-config: add switch to print only "interesting" parts of conffiles
| * tmpfiles: add --tldrZbigniew Jędrzejewski-Szmek2023-10-241-12/+18
| | | | | | | | | | | | | | | | This is like --cat-config, but omits the comments and empty lines. The name is incoungrous with --cat-config, but I don't see a nice way to call it that wouldn't be annoyingly long. pager_open() is moved to cat_config() to remove some lines from run().
* | tree-wide: port various parsers over to read_stripped_line()Lennart Poettering2023-10-171-5/+3
|/
* treewide: fix typosJoerg Behrmann2023-09-191-1/+1
| | | | | | - mostly: usecase -> use case - continously -> continuously - single typos in docs/FILE_DESCRIPTOR_STORE.md
* io-util: introduce loop_write_full that takes a timeoutMike Yuan2023-09-071-1/+1
| | | | | Also drop do_poll as the use case is covered by timeout.
* tree-wide: drop "static inline" use in .c filesLennart Poettering2023-08-211-2/+2
| | | | | | | | | "static inline" makes sense in .h files. But in .c files it's useless decoration, the compiler should just make its own decisions there, and it can do that. hence, replace all remaining uses of "static line" by a simple" static" in all .c files (but keep them in .h files, where they make sense)
* tree-wide: use cocinnelle to apply _NEG_ macrosZbigniew Jędrzejewski-Szmek2023-08-161-1/+1
|
* copy: Add support for creating subvolumes to copy_tree_at()Daan De Meyer2023-08-141-1/+1
| | | | | | | The subvolumes set is a set of source inodes similar to how the denylist hashmap contains source inodes as keys. It indicates directories in the source tree that should become subvolumes in the target tree.
* btrfs-util: Move subvolume creation to basic/btrfs.hDaan De Meyer2023-08-141-1/+1
| | | | Also make btrfs_subvol_make() an openat style function.
* tmpfiles: move static vars into Context objectLennart Poettering2023-08-101-118/+248
| | | | Same as #28722, but for tmpfiles rather than sysusers
* tmpfiles: Consider ENOPKG as information not availableDaan De Meyer2023-08-041-0/+1
| | | | | We already handle the case where /etc/machine-id is empty. Let's make sure we also handle the case where /etc/machine-id is "uninitialized".
* meson: merge declarations of normal and test executablesYu Watanabe2023-08-031-4/+1
|
* meson: move declarations of hwdb, sysusers, and tmpfilesYu Watanabe2023-08-011-0/+26
|
* btrfs-util,tmpfiles: cleanup use of ERRNO_IS_NOT_SUPPORTED()Dmitry V. Levin2023-07-281-1/+1
| | | | | | | | | | | | Given that ERRNO_IS_NOT_SUPPORTED() also matches positive values, make sure this macro is not called with arguments that do not have errno semantics. In this case the arguments passed to ERRNO_IS_NOT_SUPPORTED() are the values returned by btrfs_subvol_make_fd() which is not expected to return any positive values, but let's be consistent anyway and move ERRNO_IS_NOT_SUPPORTED() invocations to the branches where the return values are known to be negative.
* tmpfiles: teach tmpfiles the new XDG_STATE_HOME variable tooLennart Poettering2023-06-281-2/+2
|
* tmpfiles: Don't log about harmless errors when trying to lock fileDaan De Meyer2023-06-201-2/+4
| | | | | Let's make sure we don't log if the file is a symlink or does not exist.
* tmpfiles: Fix BSD lock logging messagesDaan De Meyer2023-06-201-2/+2
|
* tree-wide: fix a couple of typosFrantisek Sumsal2023-06-151-1/+1
| | | | As reported by Fossies.org.
* chattr-util: Make chattr_full() an openat() style functionDaan De Meyer2023-06-061-1/+1
|
* tree-wide: use _cleanup_set_free_ and friendsYu Watanabe2023-05-313-4/+4
| | | | Instead of _cleanup_(set_freep) or so.
* fs-util: Add XOpenFlags with XO_LABEL flag to have xopenat() MAC label ↵Daan De Meyer2023-05-311-1/+5
| | | | files/dirs
* label: Introduce LabelOps to do pre/post labelling operationsDaan De Meyer2023-05-311-1/+1
| | | | | | | | | By default, label_ops is initialized with a NULL pointer which translates to noop labelling operations. In mac_selinux_init() and the new mac_smack_init(), we initialize label_ops with a MAC specific LabelOps pointer. We also introduce mac_init() to initialize any configured MACs and replace all usages of mac_selinux_init() with mac_init().
* label: Rename to label-util.hDaan De Meyer2023-05-301-1/+1
|
* tmpfiles: Allow C escapesWill Fancher2023-05-261-1/+1
| | | | Fixes #26955
* tmpfiles: add --gracefulZbigniew Jędrzejewski-Szmek2023-05-231-11/+35
| | | | See the man page diff for description.
* tmpfiles: align tableZbigniew Jędrzejewski-Szmek2023-05-231-28/+33
|
* dissect-image: port mount_image_privately_interactively() to use ↵Lennart Poettering2023-05-161-3/+3
| | | | | | | | | | /run/systemd/mount-rootfs/ too Let's use the same common directory as the unit logic uses. This means we have less to clean up, and opens the door to eventually allow unprivileged operation of the mount_image_privately_interactively() logic.
* tmpfiles: Add merge support for copy files actionDaan De Meyer2023-05-101-1/+1
| | | | | If '+' is specified with 'C', let's merge the tree with any existing tree.
* tmpfiles: add conditionalized execute bit (X) supportMike Yuan2023-04-271-5/+149
| | | | | | | | | | | | | | | | | | According to setfacl(1), "the character X stands for the execute permission if the file is a directory or already has execute permission for some user." After this commit, parse_acl() would return 3 acl objects. The newly-added acl_exec object contains entries that are subject to conditionalized execute bit mangling. In tmpfiles, we would iterate the acl_exec object, check the permission of the target files, and remove the execute bit if necessary. Here's an example entry: A /tmp/test - - - - u:test:rwX Closes #25114
* tree-wide: use TAKE_STRUCTDavid Tardon2023-04-141-2/+1
|
* image-policy: introduce parse_image_policy_argument() helperYu Watanabe2023-04-131-13/+8
| | | | | | | | | Addresses https://github.com/systemd/systemd/pull/25608/commits/84be0c710d9d562f6d2cf986cc2a8ff4c98a138b#r1060130312, https://github.com/systemd/systemd/pull/25608/commits/84be0c710d9d562f6d2cf986cc2a8ff4c98a138b#r1067927293, and https://github.com/systemd/systemd/pull/25608/commits/84be0c710d9d562f6d2cf986cc2a8ff4c98a138b#r1067926416. Follow-up for 84be0c710d9d562f6d2cf986cc2a8ff4c98a138b.
* tree-wide: hook up image dissection policy logic everywhereLennart Poettering2023-04-051-0/+17
|
* tmpfiles: Try to take a BSD lock on files as wellDaan De Meyer2023-03-301-0/+10
| | | | | | Similar to what we do for directories, just before we remove a file, let's try to take a BSD lock on it. If that fails, skip removing the file.
* chase-symlinks: Rename chase_symlinks() to chase()Daan De Meyer2023-03-242-7/+7
| | | | | | | | | Chasing symlinks is a core function that's used in a lot of places so it deservers a less verbose names so let's rename it to chase() and chaseat(). We also slightly change the pattern used for the chaseat() helpers so we get chase_and_openat() and similar.
* tmpfiles: show file type in octal, instead of hexYu Watanabe2023-03-181-1/+1
|
* basic: add RuntimeScope enumLennart Poettering2023-03-101-8/+16
| | | | | | | | | | | | In various tools and services we have a per-system and per-user concept. So far we sometimes used a boolean indicating whether we are in system mode, or a reversed boolean indicating whether we are in user mode, or the LookupScope enum used by the lookup path logic. Let's address that, in introduce a common enum for this, we can use all across the board. This is mostly just search/replace, no actual code changes.
* meson: Use dicts for test definitionsJan Janssen2023-02-211-2/+6
| | | | | | | Although this slightly more verbose it makes it much easier to reason about. The code that produces the tests heavily benefits from this. Test lists are also now sorted by test name.
* dissect-image: Return mount point fd if requestedDaan De Meyer2023-02-171-0/+1
|
* tmpfiles: avoid double specifier expansion in L linesDmitry V. Levin2022-01-291-6/+8
| | | | | | | | | | | Starting with commit 2f3b873a4973, when the path contains a specifier and the argument is omitted, tmpfiles used to perform specifier expansions twice: first specifier expansion was applied to the path itself, and afterwards the result of the first expansion was used in the constructed argument and expanded once again. Resolves: #26244 Fixes: 2f3b873a4973 ("tmpfiles: copy/link /usr/share/factory/ files when the source argument is omitted")
* tmpfiles: fix specifier expansion in arguments of C linesDmitry V. Levin2022-01-291-28/+35
| | | | | | | | | | | | | | | | | | | | | | Make sure the argument of "C" type undergoes specifier expansion before it's checked for validity. In particular, starting with commit ce610af143b2, the check for path existence used to fail in case of presence of any specifier in the argument. Also, starting with commit 2f3b873a4973, when the path contains a specifier and the argument is omitted, tmpfiles used to perform specifier expansions twice: first specifier expansion was applied to the path itself, and afterwards the result of the first expansion was used in the constructed argument and expanded once again. Finally, starting with commit 849958d1ba35, when the argument begins with %h specifier, tmpfiles used to complain that the source path is not absolute. Resolves: #25381 Fixes: ce610af143b2 ('tmpfiles: in C lines, make missing source graceful error') Fixes: 2f3b873a4973 ('tmpfiles: copy/link /usr/share/factory/ files when the source argument is omitted') Fixes: 849958d1ba35 ('tmpfiles: add new "C" line for copying files or directories')
* meson: Do not include headers in source listsJan Janssen2023-01-241-3/+2
| | | | | | Meson+ninja+compiler do this for us and are better at it. https://mesonbuild.com/FAQ.html#do-i-need-to-add-my-headers-to-the-sources-list-like-in-autotools
* tmpfile: make failure in path_extract_filename() non-criticalYu Watanabe2023-01-091-6/+6
|
* tmpfile: fix resource leakYu Watanabe2023-01-091-2/+3
| | | | Fixes CID#1501687.
* tmpfiles: avoid null free() for acl attributesSam James2023-01-061-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | When built with ACL support, we might be processing a tmpfiles entry where there's no cause for us to call parse_acls_from_arg, then we get to the end of parse_line without having ever populated i.{acl_access, acl_default}. Then we pass a null pointer into acl_free(). From UBSAN w/ GCC 13.0.0_pre20230101: ``` $ systemd-tmpfiles --clean /var/tmp/portage/sys-apps/acl-2.3.1-r1/work/acl-2.3.1/libacl/acl_free.c:44:14: runtime error: applying non-zero offset 18446744073709551608 to null pointer #0 0x7f65d868b482 in acl_free /var/tmp/portage/sys-apps/acl-2.3.1-r1/work/acl-2.3.1/libacl/acl_free.c:44 #1 0x55fe7e592249 in item_free_contents ../systemd-9999/src/tmpfiles/tmpfiles.c:2855 #2 0x55fe7e5a347a in parse_line ../systemd-9999/src/tmpfiles/tmpfiles.c:3158 #3 0x55fe7e5a347a in read_config_file ../systemd-9999/src/tmpfiles/tmpfiles.c:3897 #4 0x55fe7e590c61 in read_config_files ../systemd-9999/src/tmpfiles/tmpfiles.c:3985 #5 0x55fe7e590c61 in run ../systemd-9999/src/tmpfiles/tmpfiles.c:4157 #6 0x55fe7e590c61 in main ../systemd-9999/src/tmpfiles/tmpfiles.c:4218 #7 0x7f65d7ebe289 (/usr/lib64/libc.so.6+0x23289) #8 0x7f65d7ebe344 in __libc_start_main (/usr/lib64/libc.so.6+0x23344) #9 0x55fe7e591900 in _start (/usr/bin/systemd-tmpfiles+0x11900) ```
* fundamental: rework IN_SET() to require at least three argumentsLennart Poettering2023-01-021-1/+1
| | | | | | | If less than three parameters are passed a simple comparison is the better choice. Lo and behold this found two pretty bad typos.
* tmpfiles: port basename() → path_extract_filename()Lennart Poettering2022-12-231-2/+7
|
* tree-wide: have_effective_cap() may return negative errnoYu Watanabe2022-12-231-1/+1
|
* tree-wide: use -EBADF for fd initializationZbigniew Jędrzejewski-Szmek2022-12-192-22/+22
| | | | | | | | | | | | | | | | -1 was used everywhere, but -EBADF or -EBADFD started being used in various places. Let's make things consistent in the new style. Note that there are two candidates: EBADF 9 Bad file descriptor EBADFD 77 File descriptor in bad state Since we're initializating the fd, we're just assigning a value that means "no fd yet", so it's just a bad file descriptor, and the first errno fits better. If instead we had a valid file descriptor that became invalid because of some operation or state change, the other errno would fit better. In some places, initialization is dropped if unnecessary.