]>
Commit | Line | Data |
---|---|---|
a032b68d | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
663996b3 | 2 | |
4c89c718 | 3 | #include <errno.h> |
4c89c718 MP |
4 | #include <stddef.h> |
5 | #include <stdint.h> | |
6 | #include <stdio.h> | |
663996b3 | 7 | #include <stdlib.h> |
663996b3 | 8 | #include <sys/prctl.h> |
db2df898 | 9 | #include <unistd.h> |
663996b3 | 10 | |
a032b68d MB |
11 | #include "sd-login.h" |
12 | ||
db2df898 | 13 | #include "copy.h" |
a032b68d | 14 | #include "env-util.h" |
db2df898 | 15 | #include "fd-util.h" |
6e866b33 MB |
16 | #include "fileio.h" |
17 | #include "io-util.h" | |
db2df898 | 18 | #include "locale-util.h" |
4c89c718 | 19 | #include "log.h" |
db2df898 | 20 | #include "macro.h" |
663996b3 | 21 | #include "pager.h" |
e3bff60a | 22 | #include "process-util.h" |
6e866b33 | 23 | #include "rlimit-util.h" |
86f210e9 | 24 | #include "signal-util.h" |
db2df898 | 25 | #include "string-util.h" |
8a584da2 | 26 | #include "strv.h" |
db2df898 | 27 | #include "terminal-util.h" |
bb4f798a | 28 | #include "util.h" |
663996b3 MS |
29 | |
30 | static pid_t pager_pid = 0; | |
31 | ||
1d42b86d MB |
32 | static int stored_stdout = -1; |
33 | static int stored_stderr = -1; | |
34 | static bool stdout_redirected = false; | |
35 | static bool stderr_redirected = false; | |
36 | ||
b012e921 | 37 | _noreturn_ static void pager_fallback(void) { |
d9dfd233 | 38 | int r; |
60f067b4 | 39 | |
3a6ce677 | 40 | r = copy_bytes(STDIN_FILENO, STDOUT_FILENO, UINT64_MAX, 0); |
d9dfd233 MP |
41 | if (r < 0) { |
42 | log_error_errno(r, "Internal pager failed: %m"); | |
663996b3 MS |
43 | _exit(EXIT_FAILURE); |
44 | } | |
60f067b4 | 45 | |
663996b3 MS |
46 | _exit(EXIT_SUCCESS); |
47 | } | |
48 | ||
6e866b33 MB |
49 | static int no_quit_on_interrupt(int exe_name_fd, const char *less_opts) { |
50 | _cleanup_fclose_ FILE *file = NULL; | |
51 | _cleanup_free_ char *line = NULL; | |
1d42b86d | 52 | int r; |
663996b3 | 53 | |
6e866b33 MB |
54 | assert(exe_name_fd >= 0); |
55 | assert(less_opts); | |
56 | ||
57 | /* This takes ownership of exe_name_fd */ | |
58 | file = fdopen(exe_name_fd, "r"); | |
59 | if (!file) { | |
60 | safe_close(exe_name_fd); | |
61 | return log_error_errno(errno, "Failed to create FILE object: %m"); | |
62 | } | |
63 | ||
64 | /* Find the last line */ | |
65 | for (;;) { | |
66 | _cleanup_free_ char *t = NULL; | |
67 | ||
68 | r = read_line(file, LONG_LINE_MAX, &t); | |
69 | if (r < 0) | |
70 | return log_error_errno(r, "Failed to read from socket: %m"); | |
71 | if (r == 0) | |
72 | break; | |
73 | ||
74 | free_and_replace(line, t); | |
75 | } | |
76 | ||
77 | /* We only treat "less" specially. | |
78 | * Return true whenever option K is *not* set. */ | |
79 | r = streq_ptr(line, "less") && !strchr(less_opts, 'K'); | |
80 | ||
81 | log_debug("Pager executable is \"%s\", options \"%s\", quit_on_interrupt: %s", | |
82 | strnull(line), less_opts, yes_no(!r)); | |
83 | return r; | |
84 | } | |
85 | ||
ea0999c9 | 86 | void pager_open(PagerFlags flags) { |
6e866b33 MB |
87 | _cleanup_close_pair_ int fd[2] = { -1, -1 }, exe_name_pipe[2] = { -1, -1 }; |
88 | _cleanup_strv_free_ char **pager_args = NULL; | |
f5caa8fa | 89 | _cleanup_free_ char *l = NULL; |
6e866b33 MB |
90 | const char *pager, *less_opts; |
91 | int r; | |
92 | ||
93 | if (flags & PAGER_DISABLE) | |
ea0999c9 | 94 | return; |
aa27b158 | 95 | |
663996b3 | 96 | if (pager_pid > 0) |
ea0999c9 | 97 | return; |
663996b3 | 98 | |
5a920b42 | 99 | if (terminal_is_dumb()) |
ea0999c9 | 100 | return; |
663996b3 | 101 | |
1d42b86d | 102 | if (!is_main_thread()) |
ea0999c9 | 103 | return (void) log_error_errno(SYNTHETIC_ERRNO(EPERM), "Pager invoked from wrong thread."); |
1d42b86d | 104 | |
6300502b MP |
105 | pager = getenv("SYSTEMD_PAGER"); |
106 | if (!pager) | |
107 | pager = getenv("PAGER"); | |
108 | ||
6e866b33 MB |
109 | if (pager) { |
110 | pager_args = strv_split(pager, WHITESPACE); | |
111 | if (!pager_args) | |
ea0999c9 | 112 | return (void) log_oom(); |
6e866b33 MB |
113 | |
114 | /* If the pager is explicitly turned off, honour it */ | |
115 | if (strv_isempty(pager_args) || strv_equal(pager_args, STRV_MAKE("cat"))) | |
ea0999c9 | 116 | return; |
6e866b33 | 117 | } |
6300502b | 118 | |
52ad194e MB |
119 | /* Determine and cache number of columns/lines before we spawn the pager so that we get the value from the |
120 | * actual tty */ | |
6300502b | 121 | (void) columns(); |
52ad194e | 122 | (void) lines(); |
663996b3 | 123 | |
f5e65279 | 124 | if (pipe2(fd, O_CLOEXEC) < 0) |
ea0999c9 | 125 | return (void) log_error_errno(errno, "Failed to create pager pipe: %m"); |
663996b3 | 126 | |
6e866b33 MB |
127 | /* This is a pipe to feed the name of the executed pager binary into the parent */ |
128 | if (pipe2(exe_name_pipe, O_CLOEXEC) < 0) | |
ea0999c9 | 129 | return (void) log_error_errno(errno, "Failed to create exe_name pipe: %m"); |
6e866b33 MB |
130 | |
131 | /* Initialize a good set of less options */ | |
132 | less_opts = getenv("SYSTEMD_LESS"); | |
133 | if (!less_opts) | |
134 | less_opts = "FRSXMK"; | |
f5caa8fa MB |
135 | if (flags & PAGER_JUMP_TO_END) { |
136 | l = strjoin(less_opts, " +G"); | |
137 | if (!l) | |
138 | return (void) log_oom(); | |
139 | less_opts = l; | |
140 | } | |
6e866b33 | 141 | |
478ed938 MB |
142 | /* We set SIGINT as PR_DEATHSIG signal here, to match the "K" parameter we set in $LESS, which enables SIGINT behaviour. */ |
143 | r = safe_fork("(pager)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGINT|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pager_pid); | |
1d42b86d | 144 | if (r < 0) |
ea0999c9 | 145 | return; |
1d42b86d | 146 | if (r == 0) { |
f5caa8fa | 147 | const char *less_charset; |
663996b3 | 148 | |
1d42b86d | 149 | /* In the child start the pager */ |
86f210e9 | 150 | |
6e866b33 MB |
151 | if (dup2(fd[0], STDIN_FILENO) < 0) { |
152 | log_error_errno(errno, "Failed to duplicate file descriptor to STDIN: %m"); | |
153 | _exit(EXIT_FAILURE); | |
154 | } | |
155 | ||
60f067b4 | 156 | safe_close_pair(fd); |
663996b3 | 157 | |
6e866b33 MB |
158 | if (setenv("LESS", less_opts, 1) < 0) { |
159 | log_error_errno(errno, "Failed to set environment variable LESS: %m"); | |
2897b343 | 160 | _exit(EXIT_FAILURE); |
6e866b33 | 161 | } |
663996b3 | 162 | |
a032b68d | 163 | /* Initialize a good charset for less. This is particularly important if we output UTF-8 |
d9dfd233 MP |
164 | * characters. */ |
165 | less_charset = getenv("SYSTEMD_LESSCHARSET"); | |
166 | if (!less_charset && is_locale_utf8()) | |
167 | less_charset = "utf-8"; | |
2897b343 | 168 | if (less_charset && |
6e866b33 MB |
169 | setenv("LESSCHARSET", less_charset, 1) < 0) { |
170 | log_error_errno(errno, "Failed to set environment variable LESSCHARSET: %m"); | |
2897b343 | 171 | _exit(EXIT_FAILURE); |
6e866b33 | 172 | } |
d9dfd233 | 173 | |
a032b68d MB |
174 | /* People might invoke us from sudo, don't needlessly allow less to be a way to shell out |
175 | * privileged stuff. If the user set $SYSTEMD_PAGERSECURE, trust their configuration of the | |
176 | * pager. If they didn't, use secure mode when under euid is changed. If $SYSTEMD_PAGERSECURE | |
177 | * wasn't explicitly set, and we autodetect the need for secure mode, only use the pager we | |
178 | * know to be good. */ | |
179 | int use_secure_mode = getenv_bool_secure("SYSTEMD_PAGERSECURE"); | |
180 | bool trust_pager = use_secure_mode >= 0; | |
181 | if (use_secure_mode == -ENXIO) { | |
182 | uid_t uid; | |
183 | ||
184 | r = sd_pid_get_owner_uid(0, &uid); | |
185 | if (r < 0) | |
186 | log_debug_errno(r, "sd_pid_get_owner_uid() failed, enabling pager secure mode: %m"); | |
187 | ||
188 | use_secure_mode = r < 0 || uid != geteuid(); | |
189 | ||
190 | } else if (use_secure_mode < 0) { | |
191 | log_warning_errno(use_secure_mode, "Unable to parse $SYSTEMD_PAGERSECURE, assuming true: %m"); | |
192 | use_secure_mode = true; | |
193 | } | |
194 | ||
195 | /* We generally always set variables used by less, even if we end up using a different pager. | |
196 | * They shouldn't hurt in any case, and ideally other pagers would look at them too. */ | |
197 | r = set_unset_env("LESSSECURE", use_secure_mode ? "1" : NULL, true); | |
198 | if (r < 0) { | |
199 | log_error_errno(r, "Failed to adjust environment variable LESSSECURE: %m"); | |
200 | _exit(EXIT_FAILURE); | |
201 | } | |
202 | ||
203 | if (trust_pager && pager_args) { /* The pager config might be set globally, and we cannot | |
204 | * know if the user adjusted it to be appropriate for the | |
205 | * secure mode. Thus, start the pager specified through | |
206 | * envvars only when $SYSTEMD_PAGERSECURE was explicitly set | |
207 | * as well. */ | |
6e866b33 MB |
208 | r = loop_write(exe_name_pipe[1], pager_args[0], strlen(pager_args[0]) + 1, false); |
209 | if (r < 0) { | |
210 | log_error_errno(r, "Failed to write pager name to socket: %m"); | |
211 | _exit(EXIT_FAILURE); | |
212 | } | |
213 | ||
214 | execvp(pager_args[0], pager_args); | |
215 | log_full_errno(errno == ENOENT ? LOG_DEBUG : LOG_WARNING, errno, | |
7c20daf6 | 216 | "Failed to execute '%s', using fallback pagers: %m", pager_args[0]); |
663996b3 MS |
217 | } |
218 | ||
a032b68d MB |
219 | /* Debian's alternatives command for pagers is called 'pager'. Note that we do not call |
220 | * sensible-pagers here, since that is just a shell script that implements a logic that is | |
221 | * similar to this one anyway, but is Debian-specific. */ | |
086111aa LB |
222 | static const char* pagers[] = { "pager", "less", "more", "(built-in)" }; |
223 | ||
224 | for (unsigned i = 0; i < ELEMENTSOF(pagers); i++) { | |
225 | /* Only less (and our trivial fallback) implement secure mode right now. */ | |
226 | if (use_secure_mode && !STR_IN_SET(pagers[i], "less", "(built-in)")) | |
a032b68d MB |
227 | continue; |
228 | ||
086111aa LB |
229 | r = loop_write(exe_name_pipe[1], pagers[i], strlen(pagers[i]) + 1, false); |
230 | if (r < 0) { | |
6e866b33 MB |
231 | log_error_errno(r, "Failed to write pager name to socket: %m"); |
232 | _exit(EXIT_FAILURE); | |
233 | } | |
663996b3 | 234 | |
086111aa LB |
235 | if (i < ELEMENTSOF(pagers) - 1) { |
236 | execlp(pagers[i], pagers[i], NULL); | |
237 | log_full_errno(errno == ENOENT ? LOG_DEBUG : LOG_WARNING, errno, | |
238 | "Failed to execute '%s', will try '%s' next: %m", pagers[i], pagers[i+1]); | |
239 | } else { | |
240 | /* Close pipe to signal the parent to start sending data */ | |
241 | safe_close_pair(exe_name_pipe); | |
242 | pager_fallback(); | |
243 | assert_not_reached(); | |
244 | } | |
6e866b33 | 245 | } |
663996b3 MS |
246 | } |
247 | ||
248 | /* Return in the parent */ | |
81c58355 MB |
249 | stored_stdout = fcntl(STDOUT_FILENO, F_DUPFD_CLOEXEC, 3); |
250 | if (dup2(fd[1], STDOUT_FILENO) < 0) { | |
251 | stored_stdout = safe_close(stored_stdout); | |
ea0999c9 | 252 | return (void) log_error_errno(errno, "Failed to duplicate pager pipe: %m"); |
81c58355 MB |
253 | } |
254 | stdout_redirected = true; | |
255 | ||
256 | stored_stderr = fcntl(STDERR_FILENO, F_DUPFD_CLOEXEC, 3); | |
257 | if (dup2(fd[1], STDERR_FILENO) < 0) { | |
258 | stored_stderr = safe_close(stored_stderr); | |
ea0999c9 | 259 | return (void) log_error_errno(errno, "Failed to duplicate pager pipe: %m"); |
81c58355 MB |
260 | } |
261 | stderr_redirected = true; | |
663996b3 | 262 | |
6e866b33 MB |
263 | exe_name_pipe[1] = safe_close(exe_name_pipe[1]); |
264 | ||
265 | r = no_quit_on_interrupt(TAKE_FD(exe_name_pipe[0]), less_opts); | |
6e866b33 | 266 | if (r > 0) |
3a6ce677 | 267 | (void) ignore_signals(SIGINT); |
663996b3 MS |
268 | } |
269 | ||
270 | void pager_close(void) { | |
271 | ||
272 | if (pager_pid <= 0) | |
273 | return; | |
274 | ||
275 | /* Inform pager that we are done */ | |
81c58355 MB |
276 | (void) fflush(stdout); |
277 | if (stdout_redirected) | |
278 | if (stored_stdout < 0 || dup2(stored_stdout, STDOUT_FILENO) < 0) | |
279 | (void) close(STDOUT_FILENO); | |
280 | stored_stdout = safe_close(stored_stdout); | |
281 | (void) fflush(stderr); | |
282 | if (stderr_redirected) | |
283 | if (stored_stderr < 0 || dup2(stored_stderr, STDERR_FILENO) < 0) | |
284 | (void) close(STDERR_FILENO); | |
285 | stored_stderr = safe_close(stored_stderr); | |
286 | stdout_redirected = stderr_redirected = false; | |
d9dfd233 | 287 | |
6300502b | 288 | (void) kill(pager_pid, SIGCONT); |
ea0999c9 | 289 | (void) wait_for_terminate(TAKE_PID(pager_pid), NULL); |
663996b3 MS |
290 | pager_pid = 0; |
291 | } | |
292 | ||
293 | bool pager_have(void) { | |
294 | return pager_pid > 0; | |
295 | } | |
5eef597e MP |
296 | |
297 | int show_man_page(const char *desc, bool null_stdio) { | |
298 | const char *args[4] = { "man", NULL, NULL, NULL }; | |
299 | char *e = NULL; | |
300 | pid_t pid; | |
301 | size_t k; | |
302 | int r; | |
5eef597e MP |
303 | |
304 | k = strlen(desc); | |
305 | ||
306 | if (desc[k-1] == ')') | |
307 | e = strrchr(desc, '('); | |
308 | ||
309 | if (e) { | |
310 | char *page = NULL, *section = NULL; | |
311 | ||
ea0999c9 MB |
312 | page = strndupa_safe(desc, e - desc); |
313 | section = strndupa_safe(e + 1, desc + k - e - 2); | |
5eef597e MP |
314 | |
315 | args[1] = section; | |
316 | args[2] = page; | |
317 | } else | |
318 | args[1] = desc; | |
319 | ||
6e866b33 | 320 | r = safe_fork("(man)", FORK_RESET_SIGNALS|FORK_DEATHSIG|(null_stdio ? FORK_NULL_STDIO : 0)|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); |
1d42b86d MB |
321 | if (r < 0) |
322 | return r; | |
323 | if (r == 0) { | |
5eef597e | 324 | /* Child */ |
5eef597e | 325 | execvp(args[0], (char**) args); |
f47781d8 | 326 | log_error_errno(errno, "Failed to execute man: %m"); |
5eef597e MP |
327 | _exit(EXIT_FAILURE); |
328 | } | |
329 | ||
1d42b86d | 330 | return wait_for_terminate_and_check(NULL, pid, 0); |
5eef597e | 331 | } |