From ef277c961fe1fe94bf592fd684884c5c3b3d7c82 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Tue, 26 Mar 2024 23:39:43 +0900 Subject: journalctl-authenticate: use open_tmpfile_linkable() and link_tmpfile() This also - use path_join(), - rename variables to more descriptive names. --- src/journal/journalctl-authenticate.c | 37 +++++++++++++++-------------------- 1 file changed, 16 insertions(+), 21 deletions(-) diff --git a/src/journal/journalctl-authenticate.c b/src/journal/journalctl-authenticate.c index c31c30a2db..9217454b88 100644 --- a/src/journal/journalctl-authenticate.c +++ b/src/journal/journalctl-authenticate.c @@ -58,11 +58,11 @@ static int format_journal_url( } int action_setup_keys(void) { + _cleanup_(unlink_and_freep) char *tmpfile = NULL; + _cleanup_close_ int fd = -EBADF; + _cleanup_free_ char *path = NULL; size_t mpk_size, seed_size, state_size; - _cleanup_(unlink_and_freep) char *k = NULL; - _cleanup_free_ char *p = NULL; uint8_t *mpk, *seed, *state; - _cleanup_close_ int fd = -EBADF; sd_id128_t machine, boot; uint64_t n; int r; @@ -86,21 +86,16 @@ int action_setup_keys(void) { if (r < 0) return log_error_errno(r, "Failed to get boot ID: %m"); - if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss", - SD_ID128_FORMAT_VAL(machine)) < 0) + path = path_join("/var/log/journal/", SD_ID128_TO_STRING(machine), "/fss"); + if (!path) return log_oom(); if (arg_force) { - r = unlink(p); - if (r < 0 && errno != ENOENT) - return log_error_errno(errno, "unlink(\"%s\") failed: %m", p); - } else if (access(p, F_OK) >= 0) + if (unlink(path) < 0 && errno != ENOENT) + return log_error_errno(errno, "Failed to remove \"%s\": %m", path); + } else if (access(path, F_OK) >= 0) return log_error_errno(SYNTHETIC_ERRNO(EEXIST), - "Sealing key file %s exists already. Use --force to recreate.", p); - - if (asprintf(&k, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss.tmp.XXXXXX", - SD_ID128_FORMAT_VAL(machine)) < 0) - return log_oom(); + "Sealing key file %s exists already. Use --force to recreate.", path); mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR); mpk = alloca_safe(mpk_size); @@ -123,18 +118,17 @@ int action_setup_keys(void) { FSPRG_GenState0(state, mpk, seed, seed_size); assert(arg_interval > 0); - n = now(CLOCK_REALTIME); n /= arg_interval; - fd = mkostemp_safe(k); + fd = open_tmpfile_linkable(path, O_WRONLY|O_CLOEXEC, &tmpfile); if (fd < 0) - return log_error_errno(fd, "Failed to open %s: %m", k); + return log_error_errno(fd, "Failed to open a temporary file for %s: %m", path); r = chattr_secret(fd, CHATTR_WARN_UNSUPPORTED_FLAGS); if (r < 0) log_full_errno(ERRNO_IS_NOT_SUPPORTED(r) ? LOG_DEBUG : LOG_WARNING, - r, "Failed to set file attributes on '%s', ignoring: %m", k); + r, "Failed to set file attributes on a temporary file for '%s', ignoring: %m", path); struct FSSHeader h = { .signature = { 'K', 'S', 'H', 'H', 'R', 'H', 'L', 'P' }, @@ -155,10 +149,11 @@ int action_setup_keys(void) { if (r < 0) return log_error_errno(r, "Failed to write state: %m"); - if (rename(k, p) < 0) - return log_error_errno(errno, "Failed to link file: %m"); + r = link_tmpfile(fd, tmpfile, path, /* flags = */ 0); + if (r < 0) + return log_error_errno(r, "Failed to link file: %m"); - k = mfree(k); + tmpfile = mfree(tmpfile); _cleanup_free_ char *hn = NULL, *key = NULL; -- cgit v1.2.3