static int parse_new_root_from_proc_cmdline(void) { _cleanup_free_ char *what = NULL, *type = NULL, *opts = NULL, *line = NULL; char *w, *state; int r; size_t l; bool noauto, nofail; r = read_one_line_file("/proc/cmdline", &line); if (r < 0) { log_error("Failed to read /proc/cmdline, ignoring: %s", strerror(-r)); return 0; } opts = strdup("ro"); type = strdup("auto"); if (!opts || !type) return log_oom(); /* root= and roofstype= may occur more than once, the last instance should take precedence. * In the case of multiple rootflags= the arguments should be concatenated */ FOREACH_WORD_QUOTED(w, l, line, state) { _cleanup_free_ char *word; word = strndup(w, l); if (!word) return log_oom(); else if (startswith(word, "root=")) { free(what); what = fstab_node_to_udev_node(word+5); if (!what) return log_oom(); } else if (startswith(word, "rootfstype=")) { free(type); type = strdup(word + 11); if (!type) return log_oom(); } else if (startswith(word, "rootflags=")) { char *o; o = strjoin(opts, ",", word + 10, NULL); if (!o) return log_oom(); free(opts); opts = o; } else if (streq(word, "ro") || streq(word, "rw")) { char *o; o = strjoin(opts, ",", word, NULL); if (!o) return log_oom(); free(opts); opts = o; } }
static int add_root_mount(void) { _cleanup_free_ char *what = NULL; const char *opts; if (isempty(arg_root_what)) { log_debug("Could not find a root= entry on the kernel command line."); return 0; } what = fstab_node_to_udev_node(arg_root_what); if (!path_is_absolute(what)) { log_debug("Skipping entry what=%s where=/sysroot type=%s", what, strna(arg_root_fstype)); return 0; } if (!arg_root_options) opts = arg_root_rw > 0 ? "rw" : "ro"; else if (arg_root_rw >= 0 || !fstab_test_option(arg_root_options, "ro\0" "rw\0")) opts = strjoina(arg_root_options, ",", arg_root_rw > 0 ? "rw" : "ro"); else opts = arg_root_options; log_debug("Found entry what=%s where=/sysroot type=%s", what, strna(arg_root_fstype)); return add_mount(what, "/sysroot", arg_root_fstype, opts, 1, false, false, false, SPECIAL_INITRD_ROOT_FS_TARGET, "/proc/cmdline"); }
static int parse_fstab(void) { FILE *f; int r = 0; struct mntent *me; errno = 0; f = setmntent("/etc/fstab", "r"); if (!f) { if (errno == ENOENT) return 0; log_error("Failed to open /etc/fstab: %m"); return -errno; } while ((me = getmntent(f))) { char _cleanup_free_ *where = NULL, *what = NULL; int k; what = fstab_node_to_udev_node(me->mnt_fsname); where = strdup(me->mnt_dir); if (!what || !where) { r = log_oom(); goto finish; } if (is_path(where)) path_kill_slashes(where); log_debug("Found entry what=%s where=%s type=%s", what, where, me->mnt_type); if (streq(me->mnt_type, "swap")) k = add_swap(what, me); else { bool noauto, nofail, automount, isbind, isnetwork; noauto = !!hasmntopt(me, "noauto"); nofail = !!hasmntopt(me, "nofail"); automount = hasmntopt(me, "comment=systemd.automount") || hasmntopt(me, "x-systemd.automount"); isbind = mount_is_bind(me); isnetwork = mount_is_network(me); k = add_mount(what, where, me->mnt_type, me->mnt_opts, me->mnt_passno, false, noauto, nofail, automount, isbind, isnetwork, "/etc/fstab"); } if (k < 0) r = k; } finish: endmntent(f); return r; }
static int add_usr_mount(void) { _cleanup_free_ char *what = NULL; const char *opts; if (!arg_usr_what && !arg_usr_fstype && !arg_usr_options) return 0; if (arg_root_what && !arg_usr_what) { arg_usr_what = strdup(arg_root_what); if (!arg_usr_what) return log_oom(); } if (arg_root_fstype && !arg_usr_fstype) { arg_usr_fstype = strdup(arg_root_fstype); if (!arg_usr_fstype) return log_oom(); } if (arg_root_options && !arg_usr_options) { arg_usr_options = strdup(arg_root_options); if (!arg_usr_options) return log_oom(); } if (!arg_usr_what) return 0; what = fstab_node_to_udev_node(arg_usr_what); if (!path_is_absolute(what)) { log_debug("Skipping entry what=%s where=/sysroot/usr type=%s", what, strna(arg_usr_fstype)); return -1; } if (!arg_usr_options) opts = arg_root_rw > 0 ? "rw" : "ro"; else if (!fstab_test_option(arg_usr_options, "ro\0" "rw\0")) opts = strjoina(arg_usr_options, ",", arg_root_rw > 0 ? "rw" : "ro"); else opts = arg_usr_options; log_debug("Found entry what=%s where=/sysroot/usr type=%s", what, strna(arg_usr_fstype)); return add_mount(what, "/sysroot/usr", arg_usr_fstype, opts, 1, false, false, false, SPECIAL_INITRD_ROOT_FS_TARGET, "/proc/cmdline"); }
static int parse_proc_cmdline_item(const char *key, const char *value) { if (streq(key, "resume") && value) { free(arg_resume_dev); arg_resume_dev = fstab_node_to_udev_node(value); if (!arg_resume_dev) return log_oom(); } return 0; }
static int parse_fstab(void) { FILE *f; int r = 0; struct mntent *me; errno = 0; f = setmntent("/etc/fstab", "r"); if (!f) { if (errno == ENOENT) return 0; log_error("Failed to open /etc/fstab: %m"); return -errno; } while ((me = getmntent(f))) { char *where, *what; int k; what = fstab_node_to_udev_node(me->mnt_fsname); if (!what) { r = log_oom(); goto finish; } where = strdup(me->mnt_dir); if (!where) { r = log_oom(); free(what); goto finish; } if (is_path(where)) path_kill_slashes(where); log_debug("Found entry what=%s where=%s type=%s", what, where, me->mnt_type); if (streq(me->mnt_type, "swap")) k = add_swap(what, me); else k = add_mount(what, where, me); free(what); free(where); if (k < 0) r = k; } finish: endmntent(f); return r; }
static void test_fstab_node_to_udev_node(void) { char *n; n = fstab_node_to_udev_node("LABEL=applé/jack"); puts(n); assert_se(streq(n, "/dev/disk/by-label/applé\\x2fjack")); free(n); n = fstab_node_to_udev_node("PARTLABEL=pinkié pie"); puts(n); assert_se(streq(n, "/dev/disk/by-partlabel/pinkié\\x20pie")); free(n); n = fstab_node_to_udev_node("UUID=037b9d94-148e-4ee4-8d38-67bfe15bb535"); puts(n); assert_se(streq(n, "/dev/disk/by-uuid/037b9d94-148e-4ee4-8d38-67bfe15bb535")); free(n); n = fstab_node_to_udev_node("PARTUUID=037b9d94-148e-4ee4-8d38-67bfe15bb535"); puts(n); assert_se(streq(n, "/dev/disk/by-partuuid/037b9d94-148e-4ee4-8d38-67bfe15bb535")); free(n); n = fstab_node_to_udev_node("PONIES=awesome"); puts(n); assert_se(streq(n, "PONIES=awesome")); free(n); n = fstab_node_to_udev_node("/dev/xda1"); puts(n); assert_se(streq(n, "/dev/xda1")); free(n); }
int generator_write_timeouts( const char *dir, const char *what, const char *where, const char *opts, char **filtered) { /* Allow configuration how long we wait for a device that * backs a mount point to show up. This is useful to support * endless device timeouts for devices that show up only after * user input, like crypto devices. */ _cleanup_free_ char *node = NULL, *unit = NULL, *timeout = NULL; usec_t u; int r; r = fstab_filter_options(opts, "comment=systemd.device-timeout\0" "x-systemd.device-timeout\0", NULL, &timeout, filtered); if (r <= 0) return r; r = parse_sec_fix_0(timeout, &u); if (r < 0) { log_warning("Failed to parse timeout for %s, ignoring: %s", where, timeout); return 0; } node = fstab_node_to_udev_node(what); if (!node) return log_oom(); if (!is_device_path(node)) { log_warning("x-systemd.device-timeout ignored for %s", what); return 0; } r = unit_name_from_path(node, ".device", &unit); if (r < 0) return log_error_errno(r, "Failed to make unit name from path: %m"); return write_drop_in_format(dir, unit, 50, "device-timeout", "# Automatically generated by %s\n\n" "[Unit]\n" "JobRunningTimeoutSec=%s", program_invocation_short_name, timeout); }
static int parse_proc_cmdline_item(const char *key, const char *value, void *data) { if (streq(key, "resume")) { char *s; if (proc_cmdline_value_missing(key, value)) return 0; s = fstab_node_to_udev_node(value); if (!s) return log_oom(); free(arg_resume_device); arg_resume_device = s; } return 0; }
int generator_write_device_deps( const char *dir, const char *what, const char *where, const char *opts) { /* fstab records that specify _netdev option should apply the network * ordering on the actual device depending on network connection. If we * are not mounting real device (NFS, CIFS), we rely on _netdev effect * on the mount unit itself. */ _cleanup_free_ char *node = NULL, *unit = NULL; int r; if (!fstab_test_option(opts, "_netdev\0")) return 0; node = fstab_node_to_udev_node(what); if (!node) return log_oom(); /* Nothing to apply dependencies to. */ if (!is_device_path(node)) return 0; r = unit_name_from_path(node, ".device", &unit); if (r < 0) return log_error_errno(r, "Failed to make unit name from path \"%s\": %m", node); /* See mount_add_default_dependencies for explanation why we create such * dependencies. */ return write_drop_in_format(dir, unit, 50, "netdev-dependencies", "# Automatically generated by %s\n\n" "[Unit]\n" "After=" SPECIAL_NETWORK_ONLINE_TARGET " " SPECIAL_NETWORK_TARGET "\n" "Wants=" SPECIAL_NETWORK_ONLINE_TARGET "\n", program_invocation_short_name); }
int generator_hook_up_mkfs( const char *dir, const char *what, const char *where, const char *type) { _cleanup_free_ char *node = NULL, *unit = NULL, *escaped = NULL, *where_unit = NULL; _cleanup_fclose_ FILE *f = NULL; const char *unit_file; int r; node = fstab_node_to_udev_node(what); if (!node) return log_oom(); /* Nothing to work on. */ if (!is_device_path(node)) { log_error("Cannot format something that is not a device node: %s", node); return -EINVAL; } if (!type || streq(type, "auto")) { log_error("Cannot format partition %s, filesystem type is not specified", node); return -EINVAL; } r = unit_name_from_path_instance("systemd-mkfs", node, ".service", &unit); if (r < 0) return log_error_errno(r, "Failed to make unit instance name from path \"%s\": %m", node); unit_file = strjoina(dir, "/", unit); log_debug("Creating %s", unit_file); escaped = cescape(node); if (!escaped) return log_oom(); r = unit_name_from_path(where, ".mount", &where_unit); if (r < 0) return log_error_errno(r, "Failed to make unit name from path \"%s\": %m", where); f = fopen(unit_file, "wxe"); if (!f) return log_error_errno(errno, "Failed to create unit file %s: %m", unit_file); fprintf(f, "# Automatically generated by %s\n\n" "[Unit]\n" "Description=Make File System on %%f\n" "Documentation=man:[email protected](8)\n" "DefaultDependencies=no\n" "BindsTo=%%i.device\n" "After=%%i.device\n" /* fsck might or might not be used, so let's be safe and order * ourselves before both [email protected] and the mount unit. */ "Before=systemd-fsck@%%i.service\n" "Before=%s\n" "Before=shutdown.target\n" "\n" "[Service]\n" "Type=oneshot\n" "RemainAfterExit=yes\n" "ExecStart="SYSTEMD_MAKEFS_PATH " %s %s\n" "TimeoutSec=0\n", program_invocation_short_name, where_unit, type, escaped); // XXX: what about local-fs-pre.target? r = fflush_and_check(f); if (r < 0) return log_error_errno(r, "Failed to write unit file %s: %m", unit_file); return generator_add_symlink(dir, where_unit, "requires", unit); }
int generator_hook_up_mkswap( const char *dir, const char *what) { _cleanup_free_ char *node = NULL, *unit = NULL, *escaped = NULL, *where_unit = NULL; _cleanup_fclose_ FILE *f = NULL; const char *unit_file; int r; node = fstab_node_to_udev_node(what); if (!node) return log_oom(); /* Nothing to work on. */ if (!is_device_path(node)) { log_error("Cannot format something that is not a device node: %s", node); return -EINVAL; } r = unit_name_from_path_instance("systemd-mkswap", node, ".service", &unit); if (r < 0) return log_error_errno(r, "Failed to make unit instance name from path \"%s\": %m", node); unit_file = strjoina(dir, "/", unit); log_debug("Creating %s", unit_file); escaped = cescape(node); if (!escaped) return log_oom(); r = unit_name_from_path(what, ".swap", &where_unit); if (r < 0) return log_error_errno(r, "Failed to make unit name from path \"%s\": %m", what); f = fopen(unit_file, "wxe"); if (!f) return log_error_errno(errno, "Failed to create unit file %s: %m", unit_file); fprintf(f, "# Automatically generated by %s\n\n" "[Unit]\n" "Description=Make Swap on %%f\n" "Documentation=man:[email protected](8)\n" "DefaultDependencies=no\n" "BindsTo=%%i.device\n" "After=%%i.device\n" "Before=%s\n" "Before=shutdown.target\n" "\n" "[Service]\n" "Type=oneshot\n" "RemainAfterExit=yes\n" "ExecStart="SYSTEMD_MAKEFS_PATH " swap %s\n" "TimeoutSec=0\n", program_invocation_short_name, where_unit, escaped); r = fflush_and_check(f); if (r < 0) return log_error_errno(r, "Failed to write unit file %s: %m", unit_file); return generator_add_symlink(dir, where_unit, "requires", unit); }
static int create_disk( const char *name, const char *device, const char *password, const char *options) { _cleanup_free_ char *p = NULL, *n = NULL, *d = NULL, *u = NULL, *e = NULL, *filtered = NULL, *u_escaped = NULL, *password_escaped = NULL, *filtered_escaped = NULL, *name_escaped = NULL; _cleanup_fclose_ FILE *f = NULL; const char *dmname; bool noauto, nofail, tmp, swap, netdev; int r; assert(name); assert(device); noauto = fstab_test_yes_no_option(options, "noauto\0" "auto\0"); nofail = fstab_test_yes_no_option(options, "nofail\0" "fail\0"); tmp = fstab_test_option(options, "tmp\0"); swap = fstab_test_option(options, "swap\0"); netdev = fstab_test_option(options, "_netdev\0"); if (tmp && swap) { log_error("Device '%s' cannot be both 'tmp' and 'swap'. Ignoring.", name); return -EINVAL; } name_escaped = specifier_escape(name); if (!name_escaped) return log_oom(); e = unit_name_escape(name); if (!e) return log_oom(); r = unit_name_build("systemd-cryptsetup", e, ".service", &n); if (r < 0) return log_error_errno(r, "Failed to generate unit name: %m"); p = strjoin(arg_dest, "/", n); if (!p) return log_oom(); u = fstab_node_to_udev_node(device); if (!u) return log_oom(); u_escaped = specifier_escape(u); if (!u_escaped) return log_oom(); r = unit_name_from_path(u, ".device", &d); if (r < 0) return log_error_errno(r, "Failed to generate unit name: %m"); password_escaped = specifier_escape(password); if (!password_escaped) return log_oom(); f = fopen(p, "wxe"); if (!f) return log_error_errno(errno, "Failed to create unit file %s: %m", p); fprintf(f, "# Automatically generated by systemd-cryptsetup-generator\n\n" "[Unit]\n" "Description=Cryptography Setup for %%I\n" "Documentation=man:crypttab(5) man:systemd-cryptsetup-generator(8) man:[email protected](8)\n" "SourcePath=/etc/crypttab\n" "DefaultDependencies=no\n" "Conflicts=umount.target\n" "IgnoreOnIsolate=true\n" "After=%s\n", netdev ? "remote-fs-pre.target" : "cryptsetup-pre.target"); if (!nofail) fprintf(f, "Before=%s\n", netdev ? "remote-cryptsetup.target" : "cryptsetup.target"); if (password) { if (STR_IN_SET(password, "/dev/urandom", "/dev/random", "/dev/hw_random")) fputs_unlocked("After=systemd-random-seed.service\n", f); else if (!STR_IN_SET(password, "-", "none")) { _cleanup_free_ char *uu; uu = fstab_node_to_udev_node(password); if (!uu) return log_oom(); if (!path_equal(uu, "/dev/null")) { if (path_startswith(uu, "/dev/")) { _cleanup_free_ char *dd = NULL; r = unit_name_from_path(uu, ".device", &dd); if (r < 0) return log_error_errno(r, "Failed to generate unit name: %m"); fprintf(f, "After=%1$s\nRequires=%1$s\n", dd); } else fprintf(f, "RequiresMountsFor=%s\n", password_escaped); } } } if (path_startswith(u, "/dev/")) { fprintf(f, "BindsTo=%s\n" "After=%s\n" "Before=umount.target\n", d, d); if (swap) fputs_unlocked("Before=dev-mapper-%i.swap\n", f); } else fprintf(f, "RequiresMountsFor=%s\n", u_escaped); r = generator_write_timeouts(arg_dest, device, name, options, &filtered); if (r < 0) return r; filtered_escaped = specifier_escape(filtered); if (!filtered_escaped) return log_oom(); fprintf(f, "\n[Service]\n" "Type=oneshot\n" "RemainAfterExit=yes\n" "TimeoutSec=0\n" /* the binary handles timeouts anyway */ "KeyringMode=shared\n" /* make sure we can share cached keys among instances */ "ExecStart=" SYSTEMD_CRYPTSETUP_PATH " attach '%s' '%s' '%s' '%s'\n" "ExecStop=" SYSTEMD_CRYPTSETUP_PATH " detach '%s'\n", name_escaped, u_escaped, strempty(password_escaped), strempty(filtered_escaped), name_escaped); if (tmp) fprintf(f, "ExecStartPost=/sbin/mke2fs '/dev/mapper/%s'\n", name_escaped); if (swap) fprintf(f, "ExecStartPost=/sbin/mkswap '/dev/mapper/%s'\n", name_escaped); r = fflush_and_check(f); if (r < 0) return log_error_errno(r, "Failed to write file %s: %m", p); if (!noauto) { r = generator_add_symlink(arg_dest, d, "wants", n); if (r < 0) return r; r = generator_add_symlink(arg_dest, netdev ? "remote-cryptsetup.target" : "cryptsetup.target", nofail ? "wants" : "requires", n); if (r < 0) return r; } dmname = strjoina("dev-mapper-", e, ".device"); r = generator_add_symlink(arg_dest, dmname, "requires", n); if (r < 0) return r; if (!noauto && !nofail) { r = write_drop_in(arg_dest, dmname, 90, "device-timeout", "# Automatically generated by systemd-cryptsetup-generator \n\n" "[Unit]\nJobTimeoutSec=0"); if (r < 0) return log_error_errno(r, "Failed to write device drop-in: %m"); } return 0; }
static int create_disk( const char *name, const char *device, const char *password, const char *options) { _cleanup_free_ char *p = NULL, *n = NULL, *d = NULL, *u = NULL, *to = NULL, *e = NULL, *filtered = NULL; _cleanup_fclose_ FILE *f = NULL; bool noauto, nofail, tmp, swap; char *from; int r; assert(name); assert(device); noauto = fstab_test_yes_no_option(options, "noauto\0" "auto\0"); nofail = fstab_test_yes_no_option(options, "nofail\0" "fail\0"); tmp = fstab_test_option(options, "tmp\0"); swap = fstab_test_option(options, "swap\0"); if (tmp && swap) { log_error("Device '%s' cannot be both 'tmp' and 'swap'. Ignoring.", name); return -EINVAL; } e = unit_name_escape(name); if (!e) return log_oom(); r = unit_name_build("systemd-cryptsetup", e, ".service", &n); if (r < 0) return log_error_errno(r, "Failed to generate unit name: %m"); p = strjoin(arg_dest, "/", n, NULL); if (!p) return log_oom(); u = fstab_node_to_udev_node(device); if (!u) return log_oom(); r = unit_name_from_path(u, ".device", &d); if (r < 0) return log_error_errno(r, "Failed to generate unit name: %m"); f = fopen(p, "wxe"); if (!f) return log_error_errno(errno, "Failed to create unit file %s: %m", p); fputs( "# Automatically generated by systemd-cryptsetup-generator\n\n" "[Unit]\n" "Description=Cryptography Setup for %I\n" "Documentation=man:crypttab(5) man:systemd-cryptsetup-generator(8) man:[email protected](8)\n" "SourcePath=/etc/crypttab\n" "DefaultDependencies=no\n" "Conflicts=umount.target\n" "BindsTo=dev-mapper-%i.device\n" "IgnoreOnIsolate=true\n" "After=cryptsetup-pre.target\n", f); if (!nofail) fprintf(f, "Before=cryptsetup.target\n"); if (password) { if (STR_IN_SET(password, "/dev/urandom", "/dev/random", "/dev/hw_random")) fputs("After=systemd-random-seed.service\n", f); else if (!streq(password, "-") && !streq(password, "none")) { _cleanup_free_ char *uu; uu = fstab_node_to_udev_node(password); if (!uu) return log_oom(); if (!path_equal(uu, "/dev/null")) { if (is_device_path(uu)) { _cleanup_free_ char *dd = NULL; r = unit_name_from_path(uu, ".device", &dd); if (r < 0) return log_error_errno(r, "Failed to generate unit name: %m"); fprintf(f, "After=%1$s\nRequires=%1$s\n", dd); } else fprintf(f, "RequiresMountsFor=%s\n", password); } } } if (is_device_path(u)) fprintf(f, "BindsTo=%s\n" "After=%s\n" "Before=umount.target\n", d, d); else fprintf(f, "RequiresMountsFor=%s\n", u); r = generator_write_timeouts(arg_dest, device, name, options, &filtered); if (r < 0) return r; fprintf(f, "\n[Service]\n" "Type=oneshot\n" "RemainAfterExit=yes\n" "TimeoutSec=0\n" /* the binary handles timeouts anyway */ "ExecStart=" SYSTEMD_CRYPTSETUP_PATH " attach '%s' '%s' '%s' '%s'\n" "ExecStop=" SYSTEMD_CRYPTSETUP_PATH " detach '%s'\n", name, u, strempty(password), strempty(filtered), name); if (tmp) fprintf(f, "ExecStartPost=/sbin/mke2fs '/dev/mapper/%s'\n", name); if (swap) fprintf(f, "ExecStartPost=/sbin/mkswap '/dev/mapper/%s'\n", name); r = fflush_and_check(f); if (r < 0) return log_error_errno(r, "Failed to write file %s: %m", p); from = strjoina("../", n); if (!noauto) { to = strjoin(arg_dest, "/", d, ".wants/", n, NULL); if (!to) return log_oom(); mkdir_parents_label(to, 0755); if (symlink(from, to) < 0) return log_error_errno(errno, "Failed to create symlink %s: %m", to); free(to); if (!nofail) to = strjoin(arg_dest, "/cryptsetup.target.requires/", n, NULL); else to = strjoin(arg_dest, "/cryptsetup.target.wants/", n, NULL); if (!to) return log_oom(); mkdir_parents_label(to, 0755); if (symlink(from, to) < 0) return log_error_errno(errno, "Failed to create symlink %s: %m", to); } free(to); to = strjoin(arg_dest, "/dev-mapper-", e, ".device.requires/", n, NULL); if (!to) return log_oom(); mkdir_parents_label(to, 0755); if (symlink(from, to) < 0) return log_error_errno(errno, "Failed to create symlink %s: %m", to); if (!noauto && !nofail) { _cleanup_free_ char *dmname; dmname = strjoin("dev-mapper-", e, ".device", NULL); if (!dmname) return log_oom(); r = write_drop_in(arg_dest, dmname, 90, "device-timeout", "# Automatically generated by systemd-cryptsetup-generator \n\n" "[Unit]\nJobTimeoutSec=0"); if (r < 0) return log_error_errno(r, "Failed to write device drop-in: %m"); } return 0; }
static int create_device(void) { _cleanup_free_ char *u = NULL, *v = NULL, *d = NULL, *e = NULL, *u_escaped = NULL, *v_escaped = NULL, *root_hash_escaped = NULL; _cleanup_fclose_ FILE *f = NULL; const char *to; int r; /* If all three pieces of information are missing, then verity is turned off */ if (!arg_root_hash && !arg_data_what && !arg_hash_what) return 0; /* if one of them is missing however, the data is simply incomplete and this is an error */ if (!arg_root_hash) log_error("Verity information incomplete, root hash unspecified."); if (!arg_data_what) log_error("Verity information incomplete, root data device unspecified."); if (!arg_hash_what) log_error("Verity information incomplete, root hash device unspecified."); if (!arg_root_hash || !arg_data_what || !arg_hash_what) return -EINVAL; log_debug("Using root verity data device %s,\n" " hash device %s,\n" " and root hash %s.", arg_data_what, arg_hash_what, arg_root_hash); u = fstab_node_to_udev_node(arg_data_what); if (!u) return log_oom(); v = fstab_node_to_udev_node(arg_hash_what); if (!v) return log_oom(); u_escaped = specifier_escape(u); if (!u_escaped) return log_oom(); v_escaped = specifier_escape(v); if (!v_escaped) return log_oom(); r = unit_name_from_path(u, ".device", &d); if (r < 0) return log_error_errno(r, "Failed to generate unit name: %m"); r = unit_name_from_path(v, ".device", &e); if (r < 0) return log_error_errno(r, "Failed to generate unit name: %m"); root_hash_escaped = specifier_escape(arg_root_hash); if (!root_hash_escaped) return log_oom(); r = generator_open_unit_file(arg_dest, NULL, SYSTEMD_VERITYSETUP_SERVICE, &f); if (r < 0) return r; fprintf(f, "[Unit]\n" "Description=Integrity Protection Setup for %%I\n" "Documentation=man:systemd-veritysetup-generator(8) man:[email protected](8)\n" "SourcePath=/proc/cmdline\n" "DefaultDependencies=no\n" "Conflicts=umount.target\n" "BindsTo=%s %s\n" "IgnoreOnIsolate=true\n" "After=cryptsetup-pre.target %s %s\n" "Before=cryptsetup.target umount.target\n" "\n[Service]\n" "Type=oneshot\n" "RemainAfterExit=yes\n" "ExecStart=" ROOTLIBEXECDIR "/systemd-veritysetup attach root '%s' '%s' '%s'\n" "ExecStop=" ROOTLIBEXECDIR "/systemd-veritysetup detach root\n", d, e, d, e, u_escaped, v_escaped, root_hash_escaped); r = fflush_and_check(f); if (r < 0) return log_error_errno(r, "Failed to write file unit "SYSTEMD_VERITYSETUP_SERVICE": %m"); to = strjoina(arg_dest, "/cryptsetup.target.requires/" SYSTEMD_VERITYSETUP_SERVICE); (void) mkdir_parents(to, 0755); if (symlink("../" SYSTEMD_VERITYSETUP_SERVICE, to) < 0) return log_error_errno(errno, "Failed to create symlink %s: %m", to); return 0; }
static int create_disk( const char *name, const char *device, const char *password, const char *options) { _cleanup_free_ char *p = NULL, *n = NULL, *d = NULL, *u = NULL, *from = NULL, *to = NULL, *e = NULL; _cleanup_fclose_ FILE *f = NULL; bool noauto, nofail, tmp, swap; assert(name); assert(device); noauto = has_option(options, "noauto"); nofail = has_option(options, "nofail"); tmp = has_option(options, "tmp"); swap = has_option(options, "swap"); if (tmp && swap) { log_error("Device '%s' cannot be both 'tmp' and 'swap'. Ignoring.", name); return -EINVAL; } n = unit_name_from_path_instance("systemd-cryptsetup", name, ".service"); if (!n) return log_oom(); p = strjoin(arg_dest, "/", n, NULL); if (!p) return log_oom(); u = fstab_node_to_udev_node(device); if (!u) return log_oom(); d = unit_name_from_path(u, ".device"); if (!d) return log_oom(); f = fopen(p, "wxe"); if (!f) { log_error("Failed to create unit file %s: %m", p); return -errno; } fputs( "# Automatically generated by systemd-cryptsetup-generator\n\n" "[Unit]\n" "Description=Cryptography Setup for %I\n" "Documentation=man:[email protected](8) man:crypttab(5)\n" "SourcePath=/etc/crypttab\n" "Conflicts=umount.target\n" "DefaultDependencies=no\n" "BindsTo=dev-mapper-%i.device\n" "IgnoreOnIsolate=true\n" "After=systemd-readahead-collect.service systemd-readahead-replay.service\n", f); if (!nofail) fprintf(f, "Before=cryptsetup.target\n"); if (password) { if (streq(password, "/dev/urandom") || streq(password, "/dev/random") || streq(password, "/dev/hw_random")) fputs("After=systemd-random-seed.service\n", f); else if (!streq(password, "-") && !streq(password, "none")) fprintf(f, "RequiresMountsFor=%s\n", password); } if (is_device_path(u)) fprintf(f, "BindsTo=%s\n" "After=%s\n" "Before=umount.target\n", d, d); else fprintf(f, "RequiresMountsFor=%s\n", u); fprintf(f, "\n[Service]\n" "Type=oneshot\n" "RemainAfterExit=yes\n" "TimeoutSec=0\n" /* the binary handles timeouts anyway */ "ExecStart=" SYSTEMD_CRYPTSETUP_PATH " attach '%s' '%s' '%s' '%s'\n" "ExecStop=" SYSTEMD_CRYPTSETUP_PATH " detach '%s'\n", name, u, strempty(password), strempty(options), name); if (tmp) fprintf(f, "ExecStartPost=/sbin/mke2fs '/dev/mapper/%s'\n", name); if (swap) fprintf(f, "ExecStartPost=/sbin/mkswap '/dev/mapper/%s'\n", name); fflush(f); if (ferror(f)) { log_error("Failed to write file %s: %m", p); return -errno; } if (asprintf(&from, "../%s", n) < 0) return log_oom(); if (!noauto) { to = strjoin(arg_dest, "/", d, ".wants/", n, NULL); if (!to) return log_oom(); mkdir_parents_label(to, 0755); if (symlink(from, to) < 0) { log_error("Failed to create symlink %s: %m", to); return -errno; } free(to); if (!nofail) to = strjoin(arg_dest, "/cryptsetup.target.requires/", n, NULL); else to = strjoin(arg_dest, "/cryptsetup.target.wants/", n, NULL); if (!to) return log_oom(); mkdir_parents_label(to, 0755); if (symlink(from, to) < 0) { log_error("Failed to create symlink %s: %m", to); return -errno; } } e = unit_name_escape(name); if (!e) return log_oom(); free(to); to = strjoin(arg_dest, "/dev-mapper-", e, ".device.requires/", n, NULL); if (!to) return log_oom(); mkdir_parents_label(to, 0755); if (symlink(from, to) < 0) { log_error("Failed to create symlink %s: %m", to); return -errno; } if (!noauto && !nofail) { int r; free(p); p = strjoin(arg_dest, "/dev-mapper-", e, ".device.d/50-job-timeout-sec-0.conf", NULL); if (!p) return log_oom(); mkdir_parents_label(p, 0755); r = write_string_file(p, "# Automatically generated by systemd-cryptsetup-generator\n\n" "[Unit]\n" "JobTimeoutSec=0\n"); /* the binary handles timeouts anyway */ if (r) return r; } return 0; }
static int parse_fstab(const char *prefix, bool initrd) { _cleanup_free_ char *fstab_path = NULL; FILE *f; int r = 0; struct mntent *me; fstab_path = strjoin(strempty(prefix), "/etc/fstab", NULL); if (!fstab_path) return log_oom(); f = setmntent(fstab_path, "r"); if (!f) { if (errno == ENOENT) return 0; log_error("Failed to open %s/etc/fstab: %m", strempty(prefix)); return -errno; } while ((me = getmntent(f))) { _cleanup_free_ char *where = NULL, *what = NULL; int k; if (initrd && !mount_in_initrd(me)) continue; what = fstab_node_to_udev_node(me->mnt_fsname); where = strjoin(strempty(prefix), me->mnt_dir, NULL); if (!what || !where) { r = log_oom(); goto finish; } if (is_path(where)) path_kill_slashes(where); log_debug("Found entry what=%s where=%s type=%s", what, where, me->mnt_type); if (streq(me->mnt_type, "swap")) k = add_swap(what, me); else { bool noauto, nofail, automount, isbind; const char *pre, *pre2, *post, *online; noauto = !!hasmntopt(me, "noauto"); nofail = !!hasmntopt(me, "nofail"); automount = hasmntopt(me, "comment=systemd.automount") || hasmntopt(me, "x-systemd.automount"); isbind = mount_is_bind(me); if (initrd) { pre = pre2 = online = NULL; post = SPECIAL_INITRD_FS_TARGET; } else if (mount_in_initrd(me)) { pre = pre2 = online = NULL; post = SPECIAL_INITRD_ROOT_FS_TARGET; } else if (mount_is_network(me)) { pre = SPECIAL_REMOTE_FS_PRE_TARGET; pre2 = SPECIAL_NETWORK_TARGET; online = SPECIAL_NETWORK_ONLINE_TARGET; post = SPECIAL_REMOTE_FS_TARGET; } else { pre = SPECIAL_LOCAL_FS_PRE_TARGET; pre2 = online = NULL; post = SPECIAL_LOCAL_FS_TARGET; } k = add_mount(what, where, me->mnt_type, me->mnt_opts, me->mnt_passno, noauto, nofail, automount, isbind, pre, pre2, online, post, fstab_path); } if (k < 0) r = k; } finish: endmntent(f); return r; }
static int parse_fstab(bool initrd) { _cleanup_endmntent_ FILE *f = NULL; const char *fstab_path; struct mntent *me; int r = 0; fstab_path = initrd ? "/sysroot/etc/fstab" : "/etc/fstab"; f = setmntent(fstab_path, "re"); if (!f) { if (errno == ENOENT) return 0; log_error_errno(errno, "Failed to open %s: %m", fstab_path); return -errno; } while ((me = getmntent(f))) { _cleanup_free_ char *where = NULL, *what = NULL; bool noauto, nofail; int k; if (initrd && !mount_in_initrd(me)) continue; what = fstab_node_to_udev_node(me->mnt_fsname); if (!what) return log_oom(); if (is_device_path(what) && path_is_read_only_fs("sys") > 0) { log_info("Running in a container, ignoring fstab device entry for %s.", what); continue; } where = initrd ? strappend("/sysroot/", me->mnt_dir) : strdup(me->mnt_dir); if (!where) return log_oom(); if (is_path(where)) path_kill_slashes(where); noauto = fstab_test_yes_no_option(me->mnt_opts, "noauto\0" "auto\0"); nofail = fstab_test_yes_no_option(me->mnt_opts, "nofail\0" "fail\0"); log_debug("Found entry what=%s where=%s type=%s nofail=%s noauto=%s", what, where, me->mnt_type, yes_no(noauto), yes_no(nofail)); if (streq(me->mnt_type, "swap")) k = add_swap(what, me, noauto, nofail); else { bool automount; const char *post; automount = fstab_test_option(me->mnt_opts, "comment=systemd.automount\0" "x-systemd.automount\0"); if (initrd) post = SPECIAL_INITRD_FS_TARGET; else if (mount_in_initrd(me)) post = SPECIAL_INITRD_ROOT_FS_TARGET; else if (mount_is_network(me)) post = SPECIAL_REMOTE_FS_TARGET; else post = SPECIAL_LOCAL_FS_TARGET; k = add_mount(what, where, me->mnt_type, me->mnt_opts, me->mnt_passno, noauto, nofail, automount, post, fstab_path); } if (k < 0) r = k; } return r; }