static void test_netns(void) { _cleanup_close_pipe_ int s[2] = { -1, -1 }; pid_t pid1, pid2, pid3; int r, n = 0; siginfo_t si; if (geteuid() > 0) return; assert_se(socketpair(AF_UNIX, SOCK_DGRAM, 0, s) >= 0); pid1 = fork(); assert_se(pid1 >= 0); if (pid1 == 0) { r = setup_netns(s); assert_se(r >= 0); _exit(r); } pid2 = fork(); assert_se(pid2 >= 0); if (pid2 == 0) { r = setup_netns(s); assert_se(r >= 0); exit(r); } pid3 = fork(); assert_se(pid3 >= 0); if (pid3 == 0) { r = setup_netns(s); assert_se(r >= 0); exit(r); } r = wait_for_terminate(pid1, &si); assert_se(r >= 0); assert_se(si.si_code == CLD_EXITED); n += si.si_status; r = wait_for_terminate(pid2, &si); assert_se(r >= 0); assert_se(si.si_code == CLD_EXITED); n += si.si_status; r = wait_for_terminate(pid3, &si); assert_se(r >= 0); assert_se(si.si_code == CLD_EXITED); n += si.si_status; assert_se(n == 1); }
TarPull* tar_pull_unref(TarPull *i) { if (!i) return NULL; if (i->tar_pid > 1) { (void) kill_and_sigcont(i->tar_pid, SIGKILL); (void) wait_for_terminate(i->tar_pid, NULL); } pull_job_unref(i->tar_job); pull_job_unref(i->settings_job); pull_job_unref(i->checksum_job); pull_job_unref(i->signature_job); curl_glue_unref(i->glue); sd_event_unref(i->event); if (i->temp_path) { (void) rm_rf(i->temp_path, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME); free(i->temp_path); } if (i->settings_temp_path) { (void) unlink(i->settings_temp_path); free(i->settings_temp_path); } free(i->final_path); free(i->settings_path); free(i->image_root); free(i->local); return mfree(i); }
TarImport* tar_import_unref(TarImport *i) { if (!i) return NULL; if (i->tar_pid > 1) { (void) kill_and_sigcont(i->tar_pid, SIGKILL); (void) wait_for_terminate(i->tar_pid, NULL); } import_job_unref(i->tar_job); import_job_unref(i->checksum_job); import_job_unref(i->signature_job); curl_glue_unref(i->glue); sd_event_unref(i->event); if (i->temp_path) { (void) btrfs_subvol_remove(i->temp_path); (void) rm_rf_dangerous(i->temp_path, false, true, false); free(i->temp_path); } free(i->final_path); free(i->image_root); free(i->local); free(i); return NULL; }
TarExport *tar_export_unref(TarExport *e) { if (!e) return NULL; sd_event_source_unref(e->output_event_source); if (e->tar_pid > 1) { (void) kill_and_sigcont(e->tar_pid, SIGKILL); (void) wait_for_terminate(e->tar_pid, NULL); } if (e->temp_path) { (void) btrfs_subvol_remove(e->temp_path, BTRFS_REMOVE_QUOTA); free(e->temp_path); } import_compress_free(&e->compress); sd_event_unref(e->event); safe_close(e->tar_fd); free(e->buffer); free(e->path); free(e); return NULL; }
TarImport* tar_import_unref(TarImport *i) { if (!i) return NULL; sd_event_source_unref(i->input_event_source); if (i->tar_pid > 1) { (void) kill_and_sigcont(i->tar_pid, SIGKILL); (void) wait_for_terminate(i->tar_pid, NULL); } if (i->temp_path) { (void) rm_rf(i->temp_path, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME); free(i->temp_path); } import_compress_free(&i->compress); sd_event_unref(i->event); safe_close(i->tar_fd); free(i->final_path); free(i->image_root); free(i->local); free(i); return NULL; }
static void test_getpid_cached(void) { siginfo_t si; pid_t a, b, c, d, e, f, child; a = raw_getpid(); b = getpid_cached(); c = getpid(); assert_se(a == b && a == c); child = fork(); assert_se(child >= 0); if (child == 0) { /* In child */ a = raw_getpid(); b = getpid_cached(); c = getpid(); assert_se(a == b && a == c); _exit(EXIT_SUCCESS); } d = raw_getpid(); e = getpid_cached(); f = getpid(); assert_se(a == d && a == e && a == f); assert_se(wait_for_terminate(child, &si) >= 0); assert_se(si.si_status == 0); assert_se(si.si_code == CLD_EXITED); }
static void test_rename_process_multi(void) { pid_t pid; pid = fork(); assert_se(pid >= 0); if (pid > 0) { siginfo_t si; assert_se(wait_for_terminate(pid, &si) >= 0); assert_se(si.si_code == CLD_EXITED); assert_se(si.si_status == EXIT_SUCCESS); return; } /* child */ test_rename_process_now("one", 1); test_rename_process_now("more", 0); /* longer than "one", hence truncated */ (void) setresuid(99, 99, 99); /* change uid when running privileged */ test_rename_process_now("time!", 0); test_rename_process_now("0", 1); /* shorter than "one", should fit */ test_rename_process_one("", -EINVAL); test_rename_process_one(NULL, -EINVAL); _exit(EXIT_SUCCESS); }
void polkit_agent_close(void) { if (agent_pid <= 0) return; /* Inform agent that we are done */ kill(agent_pid, SIGTERM); kill(agent_pid, SIGCONT); (void) wait_for_terminate(agent_pid, NULL); agent_pid = 0; }
void pager_close(void) { if (pager_pid <= 0) return; /* Inform pager that we are done */ fclose(stdout); kill(pager_pid, SIGCONT); (void) wait_for_terminate(pager_pid, NULL); pager_pid = 0; }
int show_man_page(const char *desc, bool null_stdio) { const char *args[4] = { "man", NULL, NULL, NULL }; char *e = NULL; pid_t pid; size_t k; int r; siginfo_t status; k = strlen(desc); if (desc[k-1] == ')') e = strrchr(desc, '('); if (e) { char *page = NULL, *section = NULL; page = strndupa(desc, e - desc); section = strndupa(e + 1, desc + k - e - 2); args[1] = section; args[2] = page; } else args[1] = desc; pid = fork(); if (pid < 0) return log_error_errno(errno, "Failed to fork: %m"); if (pid == 0) { /* Child */ (void) reset_all_signal_handlers(); (void) reset_signal_mask(); if (null_stdio) { r = make_null_stdio(); if (r < 0) { log_error_errno(r, "Failed to kill stdio: %m"); _exit(EXIT_FAILURE); } } execvp(args[0], (char**) args); log_error_errno(errno, "Failed to execute man: %m"); _exit(EXIT_FAILURE); } r = wait_for_terminate(pid, &status); if (r < 0) return r; log_debug("Exit code %i status %i", status.si_code, status.si_status); return status.si_status; }
void ask_password_agent_close(void) { if (agent_pid <= 0) return; /* Inform agent that we are done */ (void) kill(agent_pid, SIGTERM); (void) kill(agent_pid, SIGCONT); (void) wait_for_terminate(agent_pid, NULL); agent_pid = 0; }
static int found_override(const char *top, const char *bottom) { _cleanup_free_ char *dest = NULL; int k; pid_t pid; assert(top); assert(bottom); if (null_or_empty_path(top) > 0) { notify_override_masked(top, bottom); return 0; } k = readlink_malloc(top, &dest); if (k >= 0) { if (equivalent(dest, bottom) > 0) notify_override_equivalent(top, bottom); else notify_override_redirected(top, bottom); return 0; } notify_override_overridden(top, bottom); if (!arg_diff) return 0; putchar('\n'); fflush(stdout); pid = fork(); if (pid < 0) { log_error("Failed to fork off diff: %m"); return -errno; } else if (pid == 0) { execlp("diff", "diff", "-us", "--", bottom, top, NULL); log_error("Failed to execute diff: %m"); _exit(1); } wait_for_terminate(pid, NULL); putchar('\n'); return 0; }
static void test_rename_process_one(const char *p, int ret) { siginfo_t si; pid_t pid; pid = fork(); assert_se(pid >= 0); if (pid == 0) { /* child */ test_rename_process_now(p, ret); _exit(EXIT_SUCCESS); } assert_se(wait_for_terminate(pid, &si) >= 0); assert_se(si.si_code == CLD_EXITED); assert_se(si.si_status == EXIT_SUCCESS); }
static void test_safe_fork(void) { siginfo_t status; pid_t pid; int r; BLOCK_SIGNALS(SIGCHLD); r = safe_fork("(test-child)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_NULL_STDIO|FORK_REOPEN_LOG, &pid); assert_se(r >= 0); if (r == 0) { /* child */ usleep(100 * USEC_PER_MSEC); _exit(88); } assert_se(wait_for_terminate(pid, &status) >= 0); assert_se(status.si_code == CLD_EXITED); assert_se(status.si_status == 88); }
DkrPull* dkr_pull_unref(DkrPull *i) { if (!i) return NULL; if (i->tar_pid > 1) { (void) kill_and_sigcont(i->tar_pid, SIGKILL); (void) wait_for_terminate(i->tar_pid, NULL); } pull_job_unref(i->images_job); pull_job_unref(i->tags_job); pull_job_unref(i->ancestry_job); pull_job_unref(i->json_job); pull_job_unref(i->layer_job); curl_glue_unref(i->glue); sd_event_unref(i->event); if (i->temp_path) { (void) rm_rf(i->temp_path, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME); free(i->temp_path); } free(i->name); free(i->reference); free(i->id); free(i->response_token); free(i->response_registries); strv_free(i->ancestry); free(i->final_path); free(i->index_url); free(i->image_root); free(i->local); free(i); return NULL; }
int main(int argc, char *argv[]) { const char *cmdline[9]; int i = 0, r = EXIT_FAILURE, q; pid_t pid; siginfo_t status; struct udev *udev = NULL; struct udev_device *udev_device = NULL; const char *device; bool root_directory; int progress_pipe[2] = { -1, -1 }; char dash_c[2+10+1]; if (argc > 2) { log_error("This program expects one or no arguments."); return EXIT_FAILURE; } log_set_target(LOG_TARGET_AUTO); log_parse_environment(); log_open(); umask(0022); parse_proc_cmdline(); test_files(); if (!arg_force && arg_skip) return 0; if (argc > 1) { device = argv[1]; root_directory = false; } else { struct stat st; struct timespec times[2]; /* Find root device */ if (stat("/", &st) < 0) { log_error("Failed to stat() the root directory: %m"); goto finish; } /* Virtual root devices don't need an fsck */ if (major(st.st_dev) == 0) return 0; /* check if we are already writable */ times[0] = st.st_atim; times[1] = st.st_mtim; if (utimensat(AT_FDCWD, "/", times, 0) == 0) { log_info("Root directory is writable, skipping check."); return 0; } if (!(udev = udev_new())) { log_oom(); goto finish; } if (!(udev_device = udev_device_new_from_devnum(udev, 'b', st.st_dev))) { log_error("Failed to detect root device."); goto finish; } if (!(device = udev_device_get_devnode(udev_device))) { log_error("Failed to detect device node of root directory."); goto finish; } root_directory = true; } if (arg_show_progress) if (pipe(progress_pipe) < 0) { log_error("pipe(): %m"); goto finish; } cmdline[i++] = "/sbin/fsck"; cmdline[i++] = "-a"; cmdline[i++] = "-T"; cmdline[i++] = "-l"; if (!root_directory) cmdline[i++] = "-M"; if (arg_force) cmdline[i++] = "-f"; if (progress_pipe[1] >= 0) { snprintf(dash_c, sizeof(dash_c), "-C%i", progress_pipe[1]); char_array_0(dash_c); cmdline[i++] = dash_c; } cmdline[i++] = device; cmdline[i++] = NULL; pid = fork(); if (pid < 0) { log_error("fork(): %m"); goto finish; } else if (pid == 0) { /* Child */ if (progress_pipe[0] >= 0) close_nointr_nofail(progress_pipe[0]); execv(cmdline[0], (char**) cmdline); _exit(8); /* Operational error */ } if (progress_pipe[1] >= 0) { close_nointr_nofail(progress_pipe[1]); progress_pipe[1] = -1; } if (progress_pipe[0] >= 0) { process_progress(progress_pipe[0]); progress_pipe[0] = -1; } q = wait_for_terminate(pid, &status); if (q < 0) { log_error("waitid(): %s", strerror(-q)); goto finish; } if (status.si_code != CLD_EXITED || (status.si_status & ~1)) { if (status.si_code == CLD_KILLED || status.si_code == CLD_DUMPED) log_error("fsck terminated by signal %s.", signal_to_string(status.si_status)); else if (status.si_code == CLD_EXITED) log_error("fsck failed with error code %i.", status.si_status); else log_error("fsck failed due to unknown reason."); if (status.si_code == CLD_EXITED && (status.si_status & 2) && root_directory) /* System should be rebooted. */ start_target(SPECIAL_REBOOT_TARGET, false); else if (status.si_code == CLD_EXITED && (status.si_status & 6)) /* Some other problem */ start_target(SPECIAL_EMERGENCY_TARGET, true); else { r = EXIT_SUCCESS; log_warning("Ignoring error."); } } else r = EXIT_SUCCESS; if (status.si_code == CLD_EXITED && (status.si_status & 1)) touch("/run/systemd/quotacheck"); finish: if (udev_device) udev_device_unref(udev_device); if (udev) udev_unref(udev); close_pipe(progress_pipe); return r; }
static void test_get_process_cmdline_harder(void) { char path[] = "/tmp/test-cmdlineXXXXXX"; _cleanup_close_ int fd = -1; _cleanup_free_ char *line = NULL; pid_t pid; if (geteuid() != 0) return; #ifdef HAVE_VALGRIND_VALGRIND_H /* valgrind patches open(/proc//cmdline) * so, test_get_process_cmdline_harder fails always * See https://github.com/systemd/systemd/pull/3555#issuecomment-226564908 */ if (RUNNING_ON_VALGRIND) return; #endif pid = fork(); if (pid > 0) { siginfo_t si; (void) wait_for_terminate(pid, &si); assert_se(si.si_code == CLD_EXITED); assert_se(si.si_status == 0); return; } assert_se(pid == 0); assert_se(unshare(CLONE_NEWNS) >= 0); fd = mkostemp(path, O_CLOEXEC); assert_se(fd >= 0); assert_se(mount(path, "/proc/self/cmdline", "bind", MS_BIND, NULL) >= 0); assert_se(unlink(path) >= 0); assert_se(prctl(PR_SET_NAME, "testa") >= 0); assert_se(get_process_cmdline(getpid(), 0, false, &line) == -ENOENT); assert_se(get_process_cmdline(getpid(), 0, true, &line) >= 0); assert_se(streq(line, "[testa]")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 1, true, &line) >= 0); assert_se(streq(line, "")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 2, true, &line) >= 0); assert_se(streq(line, "[")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 3, true, &line) >= 0); assert_se(streq(line, "[.")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 4, true, &line) >= 0); assert_se(streq(line, "[..")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 5, true, &line) >= 0); assert_se(streq(line, "[...")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 6, true, &line) >= 0); assert_se(streq(line, "[...]")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 7, true, &line) >= 0); assert_se(streq(line, "[t...]")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 8, true, &line) >= 0); assert_se(streq(line, "[testa]")); line = mfree(line); assert_se(write(fd, "\0\0\0\0\0\0\0\0\0", 10) == 10); assert_se(get_process_cmdline(getpid(), 0, false, &line) == -ENOENT); assert_se(get_process_cmdline(getpid(), 0, true, &line) >= 0); assert_se(streq(line, "[testa]")); line = mfree(line); assert_se(write(fd, "foo\0bar\0\0\0\0\0", 10) == 10); assert_se(get_process_cmdline(getpid(), 0, false, &line) >= 0); assert_se(streq(line, "foo bar")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 0, true, &line) >= 0); assert_se(streq(line, "foo bar")); line = mfree(line); assert_se(write(fd, "quux", 4) == 4); assert_se(get_process_cmdline(getpid(), 0, false, &line) >= 0); assert_se(streq(line, "foo bar quux")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 0, true, &line) >= 0); assert_se(streq(line, "foo bar quux")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 1, true, &line) >= 0); assert_se(streq(line, "")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 2, true, &line) >= 0); assert_se(streq(line, ".")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 3, true, &line) >= 0); assert_se(streq(line, "..")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 4, true, &line) >= 0); assert_se(streq(line, "...")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 5, true, &line) >= 0); assert_se(streq(line, "f...")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 6, true, &line) >= 0); assert_se(streq(line, "fo...")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 7, true, &line) >= 0); assert_se(streq(line, "foo...")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 8, true, &line) >= 0); assert_se(streq(line, "foo...")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 9, true, &line) >= 0); assert_se(streq(line, "foo b...")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 10, true, &line) >= 0); assert_se(streq(line, "foo ba...")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 11, true, &line) >= 0); assert_se(streq(line, "foo bar...")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 12, true, &line) >= 0); assert_se(streq(line, "foo bar...")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 13, true, &line) >= 0); assert_se(streq(line, "foo bar quux")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 14, true, &line) >= 0); assert_se(streq(line, "foo bar quux")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 1000, true, &line) >= 0); assert_se(streq(line, "foo bar quux")); line = mfree(line); assert_se(ftruncate(fd, 0) >= 0); assert_se(prctl(PR_SET_NAME, "aaaa bbbb cccc") >= 0); assert_se(get_process_cmdline(getpid(), 0, false, &line) == -ENOENT); assert_se(get_process_cmdline(getpid(), 0, true, &line) >= 0); assert_se(streq(line, "[aaaa bbbb cccc]")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 10, true, &line) >= 0); assert_se(streq(line, "[aaaa...]")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 11, true, &line) >= 0); assert_se(streq(line, "[aaaa...]")); line = mfree(line); assert_se(get_process_cmdline(getpid(), 12, true, &line) >= 0); assert_se(streq(line, "[aaaa b...]")); line = mfree(line); safe_close(fd); _exit(0); }
int bus_container_connect_kernel(sd_bus *b) { _cleanup_close_pair_ int pair[2] = { -1, -1 }; _cleanup_close_ int pidnsfd = -1, mntnsfd = -1, rootfd = -1; union { struct cmsghdr cmsghdr; uint8_t buf[CMSG_SPACE(sizeof(int))]; } control = {}; struct msghdr mh = { .msg_control = &control, .msg_controllen = sizeof(control), }; struct cmsghdr *cmsg; pid_t leader, child; siginfo_t si; int r; _cleanup_close_ int fd = -1; assert(b); assert(b->input_fd < 0); assert(b->output_fd < 0); r = container_get_leader(b->machine, &leader); if (r < 0) return r; r = namespace_open(leader, &pidnsfd, &mntnsfd, &rootfd); if (r < 0) return r; if (socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) < 0) return -errno; child = fork(); if (child < 0) return -errno; if (child == 0) { pid_t grandchild; pair[0] = safe_close(pair[0]); r = namespace_enter(pidnsfd, mntnsfd, rootfd); if (r < 0) _exit(EXIT_FAILURE); /* We just changed PID namespace, however it will only * take effect on the children we now fork. Hence, * let's fork another time, and connect from this * grandchild, so that kdbus only sees the credentials * of this process which comes from within the * container, and not outside of it */ grandchild = fork(); if (grandchild < 0) _exit(EXIT_FAILURE); if (grandchild == 0) { fd = open(b->kernel, O_RDWR|O_NOCTTY|O_CLOEXEC); if (fd < 0) _exit(EXIT_FAILURE); cmsg = CMSG_FIRSTHDR(&mh); cmsg->cmsg_level = SOL_SOCKET; cmsg->cmsg_type = SCM_RIGHTS; cmsg->cmsg_len = CMSG_LEN(sizeof(int)); memcpy(CMSG_DATA(cmsg), &fd, sizeof(int)); mh.msg_controllen = cmsg->cmsg_len; if (sendmsg(pair[1], &mh, MSG_NOSIGNAL) < 0) _exit(EXIT_FAILURE); _exit(EXIT_SUCCESS); } r = wait_for_terminate(grandchild, &si); if (r < 0) _exit(EXIT_FAILURE); if (si.si_code != CLD_EXITED) _exit(EXIT_FAILURE); _exit(si.si_status); } pair[1] = safe_close(pair[1]); r = wait_for_terminate(child, &si); if (r < 0) return r; if (si.si_code != CLD_EXITED) return -EIO; if (si.si_status != EXIT_SUCCESS) return -EIO; if (recvmsg(pair[0], &mh, MSG_NOSIGNAL|MSG_CMSG_CLOEXEC) < 0) return -errno; for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) { int *fds; unsigned n_fds; fds = (int*) CMSG_DATA(cmsg); n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int); if (n_fds != 1) { close_many(fds, n_fds); return -EIO; } fd = fds[0]; } b->input_fd = b->output_fd = fd; fd = -1; return bus_kernel_take_fd(b); }
int main(int argc, char *argv[]) { const char *cmdline[9]; int i = 0, r = EXIT_FAILURE, q; pid_t pid; siginfo_t status; _cleanup_udev_unref_ struct udev *udev = NULL; _cleanup_udev_device_unref_ struct udev_device *udev_device = NULL; const char *device, *type; bool root_directory; int progress_pipe[2] = { -1, -1 }; char dash_c[2+10+1]; struct stat st; if (argc > 2) { log_error("This program expects one or no arguments."); return EXIT_FAILURE; } log_set_target(LOG_TARGET_AUTO); log_parse_environment(); log_open(); umask(0022); q = parse_proc_cmdline(parse_proc_cmdline_item); if (q < 0) log_warning_errno(q, "Failed to parse kernel command line, ignoring: %m"); test_files(); if (!arg_force && arg_skip) return 0; udev = udev_new(); if (!udev) { log_oom(); return EXIT_FAILURE; } if (argc > 1) { device = argv[1]; root_directory = false; if (stat(device, &st) < 0) { log_error_errno(errno, "Failed to stat '%s': %m", device); return EXIT_FAILURE; } udev_device = udev_device_new_from_devnum(udev, 'b', st.st_rdev); if (!udev_device) { log_error("Failed to detect device %s", device); return EXIT_FAILURE; } } else { struct timespec times[2]; /* Find root device */ if (stat("/", &st) < 0) { log_error_errno(errno, "Failed to stat() the root directory: %m"); return EXIT_FAILURE; } /* Virtual root devices don't need an fsck */ if (major(st.st_dev) == 0) return EXIT_SUCCESS; /* check if we are already writable */ times[0] = st.st_atim; times[1] = st.st_mtim; if (utimensat(AT_FDCWD, "/", times, 0) == 0) { log_info("Root directory is writable, skipping check."); return EXIT_SUCCESS; } udev_device = udev_device_new_from_devnum(udev, 'b', st.st_dev); if (!udev_device) { log_error("Failed to detect root device."); return EXIT_FAILURE; } device = udev_device_get_devnode(udev_device); if (!device) { log_error("Failed to detect device node of root directory."); return EXIT_FAILURE; } root_directory = true; } type = udev_device_get_property_value(udev_device, "ID_FS_TYPE"); if (type) { r = fsck_exists(type); if (r == -ENOENT) { log_info("fsck.%s doesn't exist, not checking file system on %s", type, device); return EXIT_SUCCESS; } else if (r < 0) log_warning_errno(r, "fsck.%s cannot be used for %s: %m", type, device); } if (arg_show_progress) if (pipe(progress_pipe) < 0) { log_error_errno(errno, "pipe(): %m"); return EXIT_FAILURE; } cmdline[i++] = "/sbin/fsck"; cmdline[i++] = arg_repair; cmdline[i++] = "-T"; /* * Since util-linux v2.25 fsck uses /run/fsck/<diskname>.lock files. * The previous versions use flock for the device and conflict with * udevd, see https://bugs.freedesktop.org/show_bug.cgi?id=79576#c5 */ cmdline[i++] = "-l"; if (!root_directory) cmdline[i++] = "-M"; if (arg_force) cmdline[i++] = "-f"; if (progress_pipe[1] >= 0) { snprintf(dash_c, sizeof(dash_c), "-C%i", progress_pipe[1]); char_array_0(dash_c); cmdline[i++] = dash_c; } cmdline[i++] = device; cmdline[i++] = NULL; pid = fork(); if (pid < 0) { log_error_errno(errno, "fork(): %m"); goto finish; } else if (pid == 0) { /* Child */ if (progress_pipe[0] >= 0) safe_close(progress_pipe[0]); execv(cmdline[0], (char**) cmdline); _exit(8); /* Operational error */ } progress_pipe[1] = safe_close(progress_pipe[1]); if (progress_pipe[0] >= 0) { process_progress(progress_pipe[0]); progress_pipe[0] = -1; } q = wait_for_terminate(pid, &status); if (q < 0) { log_error_errno(q, "waitid(): %m"); goto finish; } if (status.si_code != CLD_EXITED || (status.si_status & ~1)) { if (status.si_code == CLD_KILLED || status.si_code == CLD_DUMPED) log_error("fsck terminated by signal %s.", signal_to_string(status.si_status)); else if (status.si_code == CLD_EXITED) log_error("fsck failed with error code %i.", status.si_status); else log_error("fsck failed due to unknown reason."); if (status.si_code == CLD_EXITED && (status.si_status & 2) && root_directory) /* System should be rebooted. */ start_target(SPECIAL_REBOOT_TARGET); else if (status.si_code == CLD_EXITED && (status.si_status & 6)) /* Some other problem */ start_target(SPECIAL_EMERGENCY_TARGET); else { r = EXIT_SUCCESS; log_warning("Ignoring error."); } } else r = EXIT_SUCCESS; if (status.si_code == CLD_EXITED && (status.si_status & 1)) touch("/run/systemd/quotacheck"); finish: safe_close_pair(progress_pipe); return r; }
static int fsck_progress_socket(void) { static const union sockaddr_union sa = { .un.sun_family = AF_UNIX, .un.sun_path = "/run/systemd/fsck.progress", }; int fd, r; fd = socket(AF_UNIX, SOCK_STREAM, 0); if (fd < 0) return log_warning_errno(errno, "socket(): %m"); if (connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) { r = log_full_errno(errno == ECONNREFUSED || errno == ENOENT ? LOG_DEBUG : LOG_WARNING, errno, "Failed to connect to progress socket %s, ignoring: %m", sa.un.sun_path); safe_close(fd); return r; } return fd; } int main(int argc, char *argv[]) { _cleanup_close_pair_ int progress_pipe[2] = { -1, -1 }; _cleanup_(sd_device_unrefp) sd_device *dev = NULL; const char *device, *type; bool root_directory; siginfo_t status; struct stat st; int r; pid_t pid; if (argc > 2) { log_error("This program expects one or no arguments."); return EXIT_FAILURE; } log_set_target(LOG_TARGET_AUTO); log_parse_environment(); log_open(); umask(0022); r = parse_proc_cmdline(parse_proc_cmdline_item); if (r < 0) log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m"); test_files(); if (!arg_force && arg_skip) { r = 0; goto finish; } if (argc > 1) { device = argv[1]; if (stat(device, &st) < 0) { r = log_error_errno(errno, "Failed to stat %s: %m", device); goto finish; } if (!S_ISBLK(st.st_mode)) { log_error("%s is not a block device.", device); r = -EINVAL; goto finish; } r = sd_device_new_from_devnum(&dev, 'b', st.st_rdev); if (r < 0) { log_error_errno(r, "Failed to detect device %s: %m", device); goto finish; } root_directory = false; } else { struct timespec times[2]; /* Find root device */ if (stat("/", &st) < 0) { r = log_error_errno(errno, "Failed to stat() the root directory: %m"); goto finish; } /* Virtual root devices don't need an fsck */ if (major(st.st_dev) == 0) { log_debug("Root directory is virtual or btrfs, skipping check."); r = 0; goto finish; } /* check if we are already writable */ times[0] = st.st_atim; times[1] = st.st_mtim; if (utimensat(AT_FDCWD, "/", times, 0) == 0) { log_info("Root directory is writable, skipping check."); r = 0; goto finish; } r = sd_device_new_from_devnum(&dev, 'b', st.st_dev); if (r < 0) { log_error_errno(r, "Failed to detect root device: %m"); goto finish; } r = sd_device_get_devname(dev, &device); if (r < 0) { log_error_errno(r, "Failed to detect device node of root directory: %m"); goto finish; } root_directory = true; } r = sd_device_get_property_value(dev, "ID_FS_TYPE", &type); if (r >= 0) { r = fsck_exists(type); if (r < 0) log_warning_errno(r, "Couldn't detect if fsck.%s may be used for %s, proceeding: %m", type, device); else if (r == 0) { log_info("fsck.%s doesn't exist, not checking file system on %s.", type, device); goto finish; } } if (arg_show_progress) { if (pipe(progress_pipe) < 0) { r = log_error_errno(errno, "pipe(): %m"); goto finish; } } pid = fork(); if (pid < 0) { r = log_error_errno(errno, "fork(): %m"); goto finish; } if (pid == 0) { char dash_c[sizeof("-C")-1 + DECIMAL_STR_MAX(int) + 1]; int progress_socket = -1; const char *cmdline[9]; int i = 0; /* Child */ (void) reset_all_signal_handlers(); (void) reset_signal_mask(); assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0); /* Close the reading side of the progress pipe */ progress_pipe[0] = safe_close(progress_pipe[0]); /* Try to connect to a progress management daemon, if there is one */ progress_socket = fsck_progress_socket(); if (progress_socket >= 0) { /* If this worked we close the progress pipe early, and just use the socket */ progress_pipe[1] = safe_close(progress_pipe[1]); xsprintf(dash_c, "-C%i", progress_socket); } else if (progress_pipe[1] >= 0) { /* Otherwise if we have the progress pipe to our own local handle, we use it */ xsprintf(dash_c, "-C%i", progress_pipe[1]); } else dash_c[0] = 0; cmdline[i++] = "/sbin/fsck"; cmdline[i++] = arg_repair; cmdline[i++] = "-T"; /* * Since util-linux v2.25 fsck uses /run/fsck/<diskname>.lock files. * The previous versions use flock for the device and conflict with * udevd, see https://bugs.freedesktop.org/show_bug.cgi?id=79576#c5 */ cmdline[i++] = "-l"; if (!root_directory) cmdline[i++] = "-M"; if (arg_force) cmdline[i++] = "-f"; if (!isempty(dash_c)) cmdline[i++] = dash_c; cmdline[i++] = device; cmdline[i++] = NULL; execv(cmdline[0], (char**) cmdline); _exit(FSCK_OPERATIONAL_ERROR); } progress_pipe[1] = safe_close(progress_pipe[1]); (void) process_progress(progress_pipe[0]); progress_pipe[0] = -1; r = wait_for_terminate(pid, &status); if (r < 0) { log_error_errno(r, "waitid(): %m"); goto finish; } if (status.si_code != CLD_EXITED || (status.si_status & ~1)) { if (status.si_code == CLD_KILLED || status.si_code == CLD_DUMPED) log_error("fsck terminated by signal %s.", signal_to_string(status.si_status)); else if (status.si_code == CLD_EXITED) log_error("fsck failed with error code %i.", status.si_status); else log_error("fsck failed due to unknown reason."); r = -EINVAL; if (status.si_code == CLD_EXITED && (status.si_status & FSCK_SYSTEM_SHOULD_REBOOT) && root_directory) /* System should be rebooted. */ start_target(SPECIAL_REBOOT_TARGET, "replace-irreversibly"); else if (status.si_code == CLD_EXITED && (status.si_status & (FSCK_SYSTEM_SHOULD_REBOOT | FSCK_ERRORS_LEFT_UNCORRECTED))) /* Some other problem */ start_target(SPECIAL_EMERGENCY_TARGET, "replace"); else { log_warning("Ignoring error."); r = 0; } } else r = 0; if (status.si_code == CLD_EXITED && (status.si_status & FSCK_ERROR_CORRECTED)) (void) touch("/run/systemd/quotacheck"); finish: return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; }
static int setup_machine_raw(uint64_t size, sd_bus_error *error) { _cleanup_free_ char *tmp = NULL; _cleanup_close_ int fd = -1; struct statvfs ss; pid_t pid = 0; siginfo_t si; int r; /* We want to be able to make use of btrfs-specific file * system features, in particular subvolumes, reflinks and * quota. Hence, if we detect that /var/lib/machines.raw is * not located on btrfs, let's create a loopback file, place a * btrfs file system into it, and mount it to * /var/lib/machines. */ fd = open("/var/lib/machines.raw", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY); if (fd >= 0) { r = fd; fd = -1; return r; } if (errno != ENOENT) return sd_bus_error_set_errnof(error, errno, "Failed to open /var/lib/machines.raw: %m"); r = tempfn_xxxxxx("/var/lib/machines.raw", NULL, &tmp); if (r < 0) return r; (void) mkdir_p_label("/var/lib", 0755); fd = open(tmp, O_RDWR|O_CREAT|O_EXCL|O_NOCTTY|O_CLOEXEC, 0600); if (fd < 0) return sd_bus_error_set_errnof(error, errno, "Failed to create /var/lib/machines.raw: %m"); if (fstatvfs(fd, &ss) < 0) { r = sd_bus_error_set_errnof(error, errno, "Failed to determine free space on /var/lib/machines.raw: %m"); goto fail; } if (ss.f_bsize * ss.f_bavail < VAR_LIB_MACHINES_FREE_MIN) { r = sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "Not enough free disk space to set up /var/lib/machines."); goto fail; } if (ftruncate(fd, size) < 0) { r = sd_bus_error_set_errnof(error, errno, "Failed to enlarge /var/lib/machines.raw: %m"); goto fail; } pid = fork(); if (pid < 0) { r = sd_bus_error_set_errnof(error, errno, "Failed to fork mkfs.btrfs: %m"); goto fail; } if (pid == 0) { /* Child */ (void) reset_all_signal_handlers(); (void) reset_signal_mask(); assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0); fd = safe_close(fd); execlp("mkfs.btrfs", "-Lvar-lib-machines", tmp, NULL); if (errno == ENOENT) return 99; _exit(EXIT_FAILURE); } r = wait_for_terminate(pid, &si); if (r < 0) { sd_bus_error_set_errnof(error, r, "Failed to wait for mkfs.btrfs: %m"); goto fail; } pid = 0; if (si.si_code != CLD_EXITED) { r = sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "mkfs.btrfs died abnormally."); goto fail; } if (si.si_status == 99) { r = sd_bus_error_set_errnof(error, ENOENT, "Cannot set up /var/lib/machines, mkfs.btrfs is missing"); goto fail; } if (si.si_status != 0) { r = sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "mkfs.btrfs failed with error code %i", si.si_status); goto fail; } r = rename_noreplace(AT_FDCWD, tmp, AT_FDCWD, "/var/lib/machines.raw"); if (r < 0) { sd_bus_error_set_errnof(error, r, "Failed to move /var/lib/machines.raw into place: %m"); goto fail; } r = fd; fd = -1; return r; fail: unlink_noerrno(tmp); if (pid > 1) kill_and_sigcont(pid, SIGKILL); return r; }
int bus_container_connect_socket(sd_bus *b) { _cleanup_close_ int pidnsfd = -1, mntnsfd = -1, rootfd = -1; pid_t leader, child; siginfo_t si; int r; assert(b); assert(b->input_fd < 0); assert(b->output_fd < 0); r = container_get_leader(b->machine, &leader); if (r < 0) return r; r = namespace_open(leader, &pidnsfd, &mntnsfd, &rootfd); if (r < 0) return r; b->input_fd = socket(b->sockaddr.sa.sa_family, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0); if (b->input_fd < 0) return -errno; b->output_fd = b->input_fd; bus_socket_setup(b); child = fork(); if (child < 0) return -errno; if (child == 0) { pid_t grandchild; r = namespace_enter(pidnsfd, mntnsfd, rootfd); if (r < 0) _exit(255); /* We just changed PID namespace, however it will only * take effect on the children we now fork. Hence, * let's fork another time, and connect from this * grandchild, so that SO_PEERCRED of our connection * comes from a process from within the container, and * not outside of it */ grandchild = fork(); if (grandchild < 0) _exit(255); if (grandchild == 0) { r = connect(b->input_fd, &b->sockaddr.sa, b->sockaddr_size); if (r < 0) { if (errno == EINPROGRESS) _exit(1); _exit(255); } _exit(EXIT_SUCCESS); } r = wait_for_terminate(grandchild, &si); if (r < 0) _exit(255); if (si.si_code != CLD_EXITED) _exit(255); _exit(si.si_status); } r = wait_for_terminate(child, &si); if (r < 0) return r; if (si.si_code != CLD_EXITED) return -EIO; if (si.si_status == 1) return 1; if (si.si_status != EXIT_SUCCESS) return -EIO; return bus_socket_start_auth(b); }
static int test_pppoe_server(sd_event *e) { sd_netlink *rtnl; sd_netlink_message *m; pid_t pid; int r, client_ifindex, server_ifindex; r = unshare(CLONE_NEWNET); if (r < 0 && errno == EPERM) return EXIT_TEST_SKIP; assert_se(r >= 0); assert_se(sd_netlink_open(&rtnl) >= 0); assert_se(sd_netlink_attach_event(rtnl, e, 0) >= 0); assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_NEWLINK, 0) >= 0); assert_se(sd_netlink_message_append_string(m, IFLA_IFNAME, "pppoe-server") >= 0); assert_se(sd_netlink_message_open_container(m, IFLA_LINKINFO) >= 0); assert_se(sd_netlink_message_open_container_union(m, IFLA_INFO_DATA, "veth") >= 0); assert_se(sd_netlink_message_open_container(m, VETH_INFO_PEER) >= 0); assert_se(sd_netlink_message_append_string(m, IFLA_IFNAME, "pppoe-client") >= 0); assert_se(sd_netlink_message_close_container(m) >= 0); assert_se(sd_netlink_message_close_container(m) >= 0); assert_se(sd_netlink_message_close_container(m) >= 0); assert_se(sd_netlink_call(rtnl, m, 0, NULL) >= 0); client_ifindex = (int) if_nametoindex("pppoe-client"); assert_se(client_ifindex > 0); server_ifindex = (int) if_nametoindex("pppoe-server"); assert_se(server_ifindex > 0); m = sd_netlink_message_unref(m); assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_SETLINK, client_ifindex) >= 0); assert_se(sd_rtnl_message_link_set_flags(m, IFF_UP, IFF_UP) >= 0); assert_se(sd_netlink_call(rtnl, m, 0, NULL) >= 0); m = sd_netlink_message_unref(m); assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_SETLINK, server_ifindex) >= 0); assert_se(sd_rtnl_message_link_set_flags(m, IFF_UP, IFF_UP) >= 0); assert_se(sd_netlink_call(rtnl, m, 0, NULL) >= 0); pid = fork(); assert_se(pid >= 0); if (pid == 0) { /* let the client send some discover messages before the server is started */ sleep(2); /* TODO: manage pppoe-server-options */ execlp("pppoe-server", "pppoe-server", "-F", "-I", "pppoe-server", "-C", "Test-AC", "-S", "Service-Default", "-S", "Service-First-Auxiliary", "-S", "Service-Second-Auxiliary", NULL); assert_not_reached("failed to execute pppoe-server. not installed?"); } client_run("pppoe-client", e); assert_se(kill(pid, SIGTERM) >= 0); assert_se(wait_for_terminate(pid, NULL) >= 0); assert_se(!sd_netlink_message_unref(m)); assert_se(!sd_netlink_unref(rtnl)); return EXIT_SUCCESS; }