]>
Commit | Line | Data |
---|---|---|
e735f4d4 MP |
1 | /*** |
2 | This file is part of systemd. | |
3 | ||
4 | Copyright 2015 Lennart Poettering | |
5 | ||
6 | systemd is free software; you can redistribute it and/or modify it | |
7 | under the terms of the GNU Lesser General Public License as published by | |
8 | the Free Software Foundation; either version 2.1 of the License, or | |
9 | (at your option) any later version. | |
10 | ||
11 | systemd is distributed in the hope that it will be useful, but | |
12 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | Lesser General Public License for more details. | |
15 | ||
16 | You should have received a copy of the GNU Lesser General Public License | |
17 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
18 | ***/ | |
19 | ||
6300502b | 20 | #include <sched.h> |
e735f4d4 | 21 | #include <sys/prctl.h> |
e3bff60a MP |
22 | #include <sys/stat.h> |
23 | #include <unistd.h> | |
e735f4d4 | 24 | |
e735f4d4 | 25 | #include "btrfs-util.h" |
db2df898 MP |
26 | #include "capability-util.h" |
27 | #include "fd-util.h" | |
28 | #include "import-common.h" | |
86f210e9 | 29 | #include "signal-util.h" |
6300502b | 30 | #include "util.h" |
e735f4d4 | 31 | |
e735f4d4 MP |
32 | int import_make_read_only_fd(int fd) { |
33 | int r; | |
34 | ||
35 | assert(fd >= 0); | |
36 | ||
37 | /* First, let's make this a read-only subvolume if it refers | |
38 | * to a subvolume */ | |
39 | r = btrfs_subvol_set_read_only_fd(fd, true); | |
40 | if (r == -ENOTTY || r == -ENOTDIR || r == -EINVAL) { | |
41 | struct stat st; | |
42 | ||
43 | /* This doesn't refer to a subvolume, or the file | |
44 | * system isn't even btrfs. In that, case fall back to | |
45 | * chmod()ing */ | |
46 | ||
47 | r = fstat(fd, &st); | |
48 | if (r < 0) | |
49 | return log_error_errno(errno, "Failed to stat temporary image: %m"); | |
50 | ||
51 | /* Drop "w" flag */ | |
52 | if (fchmod(fd, st.st_mode & 07555) < 0) | |
53 | return log_error_errno(errno, "Failed to chmod() final image: %m"); | |
54 | ||
55 | return 0; | |
56 | ||
57 | } else if (r < 0) | |
58 | return log_error_errno(r, "Failed to make subvolume read-only: %m"); | |
59 | ||
60 | return 0; | |
61 | } | |
62 | ||
63 | int import_make_read_only(const char *path) { | |
64 | _cleanup_close_ int fd = 1; | |
65 | ||
66 | fd = open(path, O_RDONLY|O_NOCTTY|O_CLOEXEC); | |
67 | if (fd < 0) | |
68 | return log_error_errno(errno, "Failed to open %s: %m", path); | |
69 | ||
70 | return import_make_read_only_fd(fd); | |
71 | } | |
72 | ||
e3bff60a MP |
73 | int import_fork_tar_x(const char *path, pid_t *ret) { |
74 | _cleanup_close_pair_ int pipefd[2] = { -1, -1 }; | |
75 | pid_t pid; | |
e735f4d4 MP |
76 | int r; |
77 | ||
e3bff60a MP |
78 | assert(path); |
79 | assert(ret); | |
e735f4d4 | 80 | |
e3bff60a MP |
81 | if (pipe2(pipefd, O_CLOEXEC) < 0) |
82 | return log_error_errno(errno, "Failed to create pipe for tar: %m"); | |
e735f4d4 MP |
83 | |
84 | pid = fork(); | |
85 | if (pid < 0) | |
e3bff60a MP |
86 | return log_error_errno(errno, "Failed to fork off tar: %m"); |
87 | ||
e735f4d4 | 88 | if (pid == 0) { |
e735f4d4 | 89 | int null_fd; |
e3bff60a MP |
90 | uint64_t retain = |
91 | (1ULL << CAP_CHOWN) | | |
92 | (1ULL << CAP_FOWNER) | | |
93 | (1ULL << CAP_FSETID) | | |
94 | (1ULL << CAP_MKNOD) | | |
95 | (1ULL << CAP_SETFCAP) | | |
96 | (1ULL << CAP_DAC_OVERRIDE); | |
e735f4d4 MP |
97 | |
98 | /* Child */ | |
99 | ||
86f210e9 MP |
100 | (void) reset_all_signal_handlers(); |
101 | (void) reset_signal_mask(); | |
e735f4d4 MP |
102 | assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0); |
103 | ||
e3bff60a | 104 | pipefd[1] = safe_close(pipefd[1]); |
e735f4d4 | 105 | |
e3bff60a | 106 | if (dup2(pipefd[0], STDIN_FILENO) != STDIN_FILENO) { |
e735f4d4 MP |
107 | log_error_errno(errno, "Failed to dup2() fd: %m"); |
108 | _exit(EXIT_FAILURE); | |
109 | } | |
110 | ||
e3bff60a MP |
111 | if (pipefd[0] != STDIN_FILENO) |
112 | pipefd[0] = safe_close(pipefd[0]); | |
e735f4d4 MP |
113 | |
114 | null_fd = open("/dev/null", O_WRONLY|O_NOCTTY); | |
115 | if (null_fd < 0) { | |
116 | log_error_errno(errno, "Failed to open /dev/null: %m"); | |
117 | _exit(EXIT_FAILURE); | |
118 | } | |
119 | ||
120 | if (dup2(null_fd, STDOUT_FILENO) != STDOUT_FILENO) { | |
121 | log_error_errno(errno, "Failed to dup2() fd: %m"); | |
122 | _exit(EXIT_FAILURE); | |
123 | } | |
124 | ||
125 | if (null_fd != STDOUT_FILENO) | |
126 | null_fd = safe_close(null_fd); | |
127 | ||
e735f4d4 MP |
128 | fd_cloexec(STDIN_FILENO, false); |
129 | fd_cloexec(STDOUT_FILENO, false); | |
130 | fd_cloexec(STDERR_FILENO, false); | |
131 | ||
e3bff60a MP |
132 | if (unshare(CLONE_NEWNET) < 0) |
133 | log_error_errno(errno, "Failed to lock tar into network namespace, ignoring: %m"); | |
e735f4d4 | 134 | |
4c89c718 | 135 | r = capability_bounding_set_drop(retain, true); |
e3bff60a MP |
136 | if (r < 0) |
137 | log_error_errno(r, "Failed to drop capabilities, ignoring: %m"); | |
e735f4d4 | 138 | |
e3bff60a MP |
139 | execlp("tar", "tar", "--numeric-owner", "-C", path, "-px", NULL); |
140 | log_error_errno(errno, "Failed to execute tar: %m"); | |
141 | _exit(EXIT_FAILURE); | |
e735f4d4 MP |
142 | } |
143 | ||
e3bff60a MP |
144 | pipefd[0] = safe_close(pipefd[0]); |
145 | r = pipefd[1]; | |
146 | pipefd[1] = -1; | |
e735f4d4 | 147 | |
e3bff60a | 148 | *ret = pid; |
e735f4d4 MP |
149 | |
150 | return r; | |
151 | } | |
152 | ||
e3bff60a | 153 | int import_fork_tar_c(const char *path, pid_t *ret) { |
e735f4d4 MP |
154 | _cleanup_close_pair_ int pipefd[2] = { -1, -1 }; |
155 | pid_t pid; | |
156 | int r; | |
157 | ||
158 | assert(path); | |
159 | assert(ret); | |
160 | ||
161 | if (pipe2(pipefd, O_CLOEXEC) < 0) | |
162 | return log_error_errno(errno, "Failed to create pipe for tar: %m"); | |
163 | ||
164 | pid = fork(); | |
165 | if (pid < 0) | |
166 | return log_error_errno(errno, "Failed to fork off tar: %m"); | |
167 | ||
168 | if (pid == 0) { | |
169 | int null_fd; | |
e3bff60a | 170 | uint64_t retain = (1ULL << CAP_DAC_OVERRIDE); |
e735f4d4 MP |
171 | |
172 | /* Child */ | |
173 | ||
86f210e9 MP |
174 | (void) reset_all_signal_handlers(); |
175 | (void) reset_signal_mask(); | |
e735f4d4 MP |
176 | assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0); |
177 | ||
e3bff60a | 178 | pipefd[0] = safe_close(pipefd[0]); |
e735f4d4 | 179 | |
e3bff60a | 180 | if (dup2(pipefd[1], STDOUT_FILENO) != STDOUT_FILENO) { |
e735f4d4 MP |
181 | log_error_errno(errno, "Failed to dup2() fd: %m"); |
182 | _exit(EXIT_FAILURE); | |
183 | } | |
184 | ||
e3bff60a MP |
185 | if (pipefd[1] != STDOUT_FILENO) |
186 | pipefd[1] = safe_close(pipefd[1]); | |
e735f4d4 | 187 | |
e3bff60a | 188 | null_fd = open("/dev/null", O_RDONLY|O_NOCTTY); |
e735f4d4 MP |
189 | if (null_fd < 0) { |
190 | log_error_errno(errno, "Failed to open /dev/null: %m"); | |
191 | _exit(EXIT_FAILURE); | |
192 | } | |
193 | ||
e3bff60a | 194 | if (dup2(null_fd, STDIN_FILENO) != STDIN_FILENO) { |
e735f4d4 MP |
195 | log_error_errno(errno, "Failed to dup2() fd: %m"); |
196 | _exit(EXIT_FAILURE); | |
197 | } | |
198 | ||
e3bff60a | 199 | if (null_fd != STDIN_FILENO) |
e735f4d4 MP |
200 | null_fd = safe_close(null_fd); |
201 | ||
202 | fd_cloexec(STDIN_FILENO, false); | |
203 | fd_cloexec(STDOUT_FILENO, false); | |
204 | fd_cloexec(STDERR_FILENO, false); | |
205 | ||
206 | if (unshare(CLONE_NEWNET) < 0) | |
207 | log_error_errno(errno, "Failed to lock tar into network namespace, ignoring: %m"); | |
208 | ||
4c89c718 | 209 | r = capability_bounding_set_drop(retain, true); |
e735f4d4 MP |
210 | if (r < 0) |
211 | log_error_errno(r, "Failed to drop capabilities, ignoring: %m"); | |
212 | ||
13d276d0 | 213 | execlp("tar", "tar", "-C", path, "-c", ".", NULL); |
e735f4d4 MP |
214 | log_error_errno(errno, "Failed to execute tar: %m"); |
215 | _exit(EXIT_FAILURE); | |
216 | } | |
217 | ||
e3bff60a MP |
218 | pipefd[1] = safe_close(pipefd[1]); |
219 | r = pipefd[0]; | |
220 | pipefd[0] = -1; | |
e735f4d4 MP |
221 | |
222 | *ret = pid; | |
223 | ||
224 | return r; | |
225 | } |