machine-id-setup: do not read host's machine ID when root directory is specified

If a root directory is specified, and e.g. /var under the root directory
is a symlink to the host's /var, then we wrongly read host's machine ID,
even if O_NOFOLLOW is set.

Let's chase the path with CHASE_NOFOLLOW to refuse such case.

Also, refuse null ID, otherwise we may setup machine ID with NULL.

1 files changed, 5 insertions, 10 deletions

diff --git a/src/shared/machine-id-setup.c b/src/shared/machine-id-setup.c
index 4b4309037b..f27c3d768b 100644
--- a/src/shared/machine-id-setup.c
+++ b/src/shared/machine-id-setup.c
@@ -8,6 +8,7 @@
 #include "sd-id128.h"
 
 #include "alloc-util.h"
+#include "chase.h"
 #include "fd-util.h"
 #include "id128-util.h"
 #include "io-util.h"
@@ -27,22 +28,16 @@
 #include "virt.h"
 
 static int generate_machine_id(const char *root, sd_id128_t *ret) {
-        const char *dbus_machine_id;
         _cleanup_close_ int fd = -EBADF;
         int r;
 
         assert(ret);
 
         /* First, try reading the D-Bus machine id, unless it is a symlink */
-        dbus_machine_id = prefix_roota(root, "/var/lib/dbus/machine-id");
-        fd = open(dbus_machine_id, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
-        if (fd >= 0) {
-                if (id128_read_fd(fd, ID128_FORMAT_PLAIN, ret) >= 0) {
-                        log_info("Initializing machine ID from D-Bus machine ID.");
-                        return 0;
-                }
-
-                fd = safe_close(fd);
+        fd = chase_and_open("/var/lib/dbus/machine-id", root, CHASE_PREFIX_ROOT | CHASE_NOFOLLOW, O_RDONLY|O_CLOEXEC|O_NOCTTY, NULL);
+        if (fd >= 0 && id128_read_fd(fd, ID128_FORMAT_PLAIN | ID128_REFUSE_NULL, ret) >= 0) {
+                log_info("Initializing machine ID from D-Bus machine ID.");
+                return 0;
         }
 
         if (isempty(root) && running_in_chroot() <= 0) {