| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
For fs-verity.
|
| |
|
|
|
|
|
|
|
| |
This is useful if you need the file to be on a particular filesystem.
In particular, flatpak wants this to make tempfiles on /tmp for things
we need to write during flatpak run, such as the libseccomp output fd.
We've had "flatpak run" stop working in low disk situations without this,
so its nice to be able to fix it.
|
| |
|
|
|
| |
rpm-ostree at least uses `dirname()` and relied on the `#include <libgen.h>`
that we had previously.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At the top of glnx-fdio.h there's this comment:
/* When we include libgen.h because we need
* dirname() we immediately undefine
* basename() since libgen.h defines it as
* a macro to the XDG version which is really
* broken. */
and then it does #undef basename to try to
gain access to non-default basename implementation.
The problem is that this trick doesn't work on
some systems:
./libglnx/glnx-fdio.h: In function 'glnx_basename':
./libglnx/glnx-fdio.h:46:11: error: 'basename'
undeclared (first use in this function)
return (basename) (path);
Anyway, basename() is like 3 lines of code to
implement, so this commit just does that instead
of relying on glibc for it.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
`g-ir-scanner` is unaware of this GNUC extension and complains.
Saw that while building ostree.
While we're here, fix up a few other things:
- Tell the compiler the stat buffer is unused (I didn't see
a warning, just doing this on general principle)
- Return from `glnx_throw_errno_prefix()` directly; we do
preserve errno there, let's feel free to rely on it.
|
| |
|
|
|
|
|
|
| |
Often, the caller doesn't actually care about the details of the stat
struct itself, but just whether the entry exists or not. It does work
to just pass `NULL` directly to glibc in a quick test, but given that
the argument is tagged as `__nonnull` and that the documentation does
not explicitly specify this is supported, let's do this safely.
|
| |
|
|
|
|
| |
This is a very common pattern in both ostree/rpm-ostree. Make a better API for
this. I thought a lot about simply zeroing out `struct stat` but that feels
dangerous; none of the values have seem obviously `cannot be zero`.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FICLONE is the new alias for the formerly btrfs-specific ioctl; XFS
has experimental patches to support it.
Further, we should use copy_file_range() for the case where we're only doing a
limited copy. Both NFS and XFS (with reflink enabled) understand it.
Part of the reason I'm doing this is so that ostree's `/etc` merge will start
using XFS reflinks. But another major reason is to take the next step after and
copy this code into GLib as well, so that all of the general GLib users will
benefit; e.g. Nautilus will transparently do server copy offloads with NFS home
directories.
See also this coreutils thread about `copy_file_range()`:
<https://debbugs.gnu.org/cgi/bugreport.cgi?bug=24399>. I don't care about file
holes for our use cases, so it's fine.
Other changes while I'm here:
- Tweak the sendfile() case to match the newly inlined logic for cfr
- Add a TEMP_FAILURE_RETRY() around the read()
|
| |
|
|
|
|
| |
This is kind of long overdue. Reasons are the same as the other wrappers. I
debated adding `O_NOFOLLOW` support but the use cases for that are pretty
obscure, callers who want that can just use the syscall directly for now.
|
| |
|
|
| |
For consistency.
|
| |
|
|
|
| |
There are a number of versions of this in ostree at least, might as well wrap
it.
|
| |
|
|
|
| |
There are only two users of this in ostree, and one of them is
fairly bogus; we can just use `fstat()`.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mostly in ostree/rpm-ostree, we work in either raw `int fd`, or
`G{Input,Output}Stream`. One exception is the rpm-ostree `/etc/passwd`
handling, which uses `FILE*` since that's what glibc exposes.
And in general, there are use cases for `FILE*`; the raw `GUnixOutputStream` for
example isn't buffered, and doing so via e.g. `GBufferedOutputStream` means
allocating *two* GObjects and even worse going through multiple vfuncs for every
write.
`FILE*` is used heavily in systemd, and provides buffering. It is a bit cheaper
than gobjects, but has its own trap; by default every operation locks a mutex.
For more information on that, see `unlocked_stdio(3)`. However, callers can
avoid that by using e.g. `fwrite_unlocked`, which I plan to do for most users of
`FILE*` that aren't writing to one of the standard streams like `stdout` etc.
|
| |
|
|
| |
This was confusing `g-ir-scanner`.
|
| |
|
|
| |
There was a user of this in the libostree static delta code.
|
| |
|
|
|
| |
Besides doing `TEMP_FAILURE_RETRY` and `GError` conversion,
these also prefix the error with arguments.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
I originally tried to get this into GLib:
https://bugzilla.gnome.org/show_bug.cgi?id=783751
But that looks like it's going to fail due to MSVC. Let's add it here at least
so I can start using it tomorrow and not wait for the MSVC team to catch up.
I renamed `glnx-alloca.h` to `glnx-macros.h` as a more natural collective
home for things from systemd's `macro.h`.
Finally, I used a Coccinelle spatch similar to the one referenced
in the above BZ to patch our uses.
|
| |
|
|
|
|
| |
The glibc `posix_fallocate()` implementation has a bad fallback,
and further we need to handle `EOPNOTSUPP` for musl.
https://github.com/flatpak/flatpak/issues/802
|
| |
|
|
|
|
|
|
|
|
|
| |
Add an `initialized` member which means we work by default
in structs allocated with `g_new0` etc. and don't need
a special initializer. This also fixes a bug where
we need to support `src_dfd == -1` or `AT_FDCWD`.
This fixes flatpak which uses AT_FDCWD.
Modified-by: Colin Walters <walters@verbum.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The core problem with the previous tmpfile code
is we don't have an autocleanup that calls `unlinkat`
in the non-`O_TMPFILE` case. And even if we did, it'd
be awkward still since the `glnx_link_tmpfile_at()` call
*consumes* the tmpfile.
Fix this by introducing a struct with a cleanup macro. This simplifies a number
of the callers in libostree - a notable case is where we had two arrays, one of
fds, one of paths. It makes other places in libostree a bit more complex, but
that's because some of the commit code paths want to deal with temporary
*symlinks* too.
Most callers are better though - in libglnx itself, `glnx_file_copy_at()` now
correctly unlinks on failure for example.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NOTE: This changes the error handling API of `glnx_loop_write()` to be
"old school POSIX" instead of "systemd".
In ostree in a few places we use `g_output_stream_splice()`. I
thought this would use `splice()`, but actually it doesn't today.
They also, if a cancellable is provided, end up dropping into `poll()` for every
read and write. (In addition to copying data to/from userspace).
My opinion on this is - for *local files* that's dumb. In the big picture, you
really only need cancellation when copying gigabytes. Down the line, we could
perhaps add a `glnx_copy_bytes_cancellable()` that only did that check e.g.
every gigabyte of copied data. And when we do that we should use
`g_cancellable_set_error_if_cancelled()` rather than a `poll()` with the regular
file FD, since regular files are *always* readable and writable.
For my use case with rpm-ostree though, we don't have gigabyte sized files, and
seeing all of the `poll()` calls in strace is annoying. So let's have the
non-cancellable file copying API that's modern and uses both reflink and
`sendfile()` if available, in that order.
My plan at some point once this is tested more is to migrate this code
into GLib.
Note that in order to keep our APIs consistent, I switched the systemd-imported
code to "old school POSIX" error conventions. Otherwise we'd have *3* (POSIX,
systemd, and GError) and particularly given the first two are easily confused,
it'd be a recipe for bugs.
|
| |
|
|
|
|
|
|
| |
Add two inline wrappers around fstat() and fstatat() which handle
retrying on EINTR and return other errors using GError, to be consistent
with other glnx functions.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
I want the `RENAME_EXCHANGE` version for rpm-ostree, to atomically
swap `/usr/share/rpm` (a directory) with a new verison. While
we're here we might as well expose `RENAME_NOREPLACE` in case
something else wants it.
These both have fallbacks to the non-atomic version.
Closes: https://github.com/GNOME/libglnx/pull/36
|
| |
|
|
|
|
|
|
|
| |
I wanted to add a new one, and realized it was wrong. Luckily,
I think we were safe until now, since the set of bits for `(0, 1, 2)`
is actually distinct.
Although, hm, callers specifying `GLNX_FILE_COPY_OVERWRITE` may
have not actually been getting that.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We had a bug previously where we failed to clean up a temporary file
in an error path. This is a classic case where the new `O_TMPFILE`
API in Linux is nicer.
To implement this, as usual we start with some original bits from
systemd. But in this case I ended up having to heavily modify it
because systemd doesn't support "link into place and overwrite". They
don't actually use their tempfile code much at all in fact - as far as
I can tell, just in the coredump code.
Whereas in many apps, ostree included, a very common use case is
atomically updating an existing file, which is
`glnx_file_replace_contents_at()`, including subtleties like doing an
`fdatasync()` if the file already existed.
Implementing this then is slightly weird since we need to link() the
file into place, then rename() after.
It's still better though because if we e.g. hit `ENOSPC` halfway
through, we'll clean up the file automatically.
We still do keep the mode where we error out if the file exists.
Finally, the ostree core though does have a more unusual case where we
want to ignore EEXIST (allow concurrent object writers), so add
support for that now.
Note: One really confusing bug I had here was that `O_TMPFILE` ignores
the provided mode, and this caused ostree to write refs that weren't
world readable.
Rework things so we always call `fchmod()`, but as a consequence we're
no longer honoring umask in the default case. I doubt anyone will
care, and if they do we should probably fix ostree to consistently use
a mode inherited from the repo or something.
|
| |
|
|
|
| |
Migrated from libgsystem's `gs_stream_fstat()`. It's a small function
but I end up using it in OSTree a fair bit.
|
| |
|
|
|
| |
I plan to use this in rpm-ostree. Sad how many times this gets
reinvented. Should probably stick a copy in `glib-unix.h` or so.
|
| |
|
|
| |
This will be used for OSTree too.
|
| |
|
|
|
| |
Sort of similar to `g_file_replace_contents()` but `*at()`. Will be
used for further conversion of OSTree to `*at()`.
|
| |
|
|
|
| |
Most callers already included `string.h` which is why I didn't see
this earlier.
|
| |
|
|
| |
See https://github.com/GNOME/ostree/pull/78
|
| |
|
|
|
|
| |
We have to wrap the glibc version to ensure we get the right version,
otherwise depending on the variance of includes we may end up crashing
if we get the POSIX version.
|
| |
|
|
|
|
|
| |
This will allow deleting some code from OSTree for the config file
merging. We're reusing some code from systemd, which a nice modern
clean codebase, and among other things this gets us BTRFS reflinking
(if available) again.
|
|
|
We don't have this really in GLib, unfortunately. We do want
GCancellable, but we also want to operate on raw fds where possible.
The "read a file and validate as UTF-8" is a common use case of mine,
and this combines that with openat().
|
