summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/basic/copy.c2
-rw-r--r--src/basic/fd-util.c1
-rw-r--r--src/basic/fileio.c316
-rw-r--r--src/basic/fileio.h14
-rw-r--r--src/basic/fs-util.c2
-rw-r--r--src/basic/meson.build2
-rw-r--r--src/basic/tmpfile-util.c329
-rw-r--r--src/basic/tmpfile-util.h19
-rw-r--r--src/boot/bootctl.c1
-rw-r--r--src/core/unit.c1
-rw-r--r--src/coredump/coredump.c1
-rw-r--r--src/coredump/coredumpctl.c2
-rw-r--r--src/fuzz/fuzz-catalog.c2
-rw-r--r--src/fuzz/fuzz-journald-native-fd.c4
-rw-r--r--src/import/export-raw.c2
-rw-r--r--src/import/export-tar.c2
-rw-r--r--src/import/import-common.c1
-rw-r--r--src/import/import-fs.c4
-rw-r--r--src/import/import-raw.c2
-rw-r--r--src/import/import-tar.c1
-rw-r--r--src/import/pull-raw.c2
-rw-r--r--src/import/pull-tar.c2
-rw-r--r--src/journal-remote/journal-gatewayd.c1
-rw-r--r--src/journal-remote/journal-upload.c1
-rw-r--r--src/journal/catalog.c1
-rw-r--r--src/journal/journal-send.c2
-rw-r--r--src/journal/journal-verify.c1
-rw-r--r--src/journal/journalctl.c1
-rw-r--r--src/journal/journald-stream.c1
-rw-r--r--src/journal/test-catalog.c2
-rw-r--r--src/journal/test-compress.c2
-rw-r--r--src/journal/test-mmap-cache.c2
-rw-r--r--src/libsystemd-network/sd-dhcp-lease.c1
-rw-r--r--src/libsystemd/sd-bus/test-bus-watch-bind.c2
-rw-r--r--src/libsystemd/sd-device/device-private.c1
-rw-r--r--src/libsystemd/sd-event/test-event.c2
-rw-r--r--src/libsystemd/sd-hwdb/hwdb-util.c1
-rw-r--r--src/locale/keymap-util.c1
-rw-r--r--src/login/logind-dbus.c1
-rw-r--r--src/login/logind-inhibit.c1
-rw-r--r--src/login/logind-seat.c1
-rw-r--r--src/login/logind-session.c1
-rw-r--r--src/login/logind-user.c1
-rw-r--r--src/machine/machine-dbus.c1
-rw-r--r--src/machine/machine.c1
-rw-r--r--src/machine/machined-dbus.c1
-rw-r--r--src/network/fuzz-netdev-parser.c2
-rw-r--r--src/network/fuzz-network-parser.c2
-rw-r--r--src/network/networkd-link.c1
-rw-r--r--src/network/networkd-manager.c1
-rw-r--r--src/network/test-routing-policy-rule.c1
-rw-r--r--src/nspawn/nspawn-mount.c2
-rw-r--r--src/nspawn/nspawn.c1
-rw-r--r--src/portable/portable.c1
-rw-r--r--src/resolve/resolved-link.c1
-rw-r--r--src/resolve/resolved-resolv-conf.c1
-rw-r--r--src/resolve/test-resolved-etc-hosts.c2
-rw-r--r--src/shared/ask-password-api.c1
-rw-r--r--src/shared/dissect-image.c3
-rw-r--r--src/shared/exec-util.c1
-rw-r--r--src/shared/fileio-label.c15
-rw-r--r--src/shared/fileio-label.h1
-rw-r--r--src/shared/meson.build2
-rw-r--r--src/shared/path-lookup.c2
-rw-r--r--src/shared/tmpfile-util-label.c26
-rw-r--r--src/shared/tmpfile-util-label.h10
-rw-r--r--src/systemctl/systemctl.c2
-rw-r--r--src/sysusers/sysusers.c1
-rw-r--r--src/test/test-acl-util.c2
-rw-r--r--src/test/test-async.c2
-rw-r--r--src/test/test-chown-rec.c2
-rw-r--r--src/test/test-clock.c1
-rw-r--r--src/test/test-conf-parser.c2
-rw-r--r--src/test/test-copy.c1
-rw-r--r--src/test/test-dev-setup.c2
-rw-r--r--src/test/test-fd-util.c3
-rw-r--r--src/test/test-fdset.c2
-rw-r--r--src/test/test-fileio.c1
-rw-r--r--src/test/test-fs-util.c2
-rw-r--r--src/test/test-glob-util.c2
-rw-r--r--src/test/test-hostname-util.c1
-rw-r--r--src/test/test-id128.c2
-rw-r--r--src/test/test-serialize.c1
-rw-r--r--src/test/test-socket-util.c4
-rw-r--r--src/test/test-stat-util.c4
-rw-r--r--src/test/test-terminal-util.c4
-rw-r--r--src/test/test-tmpfiles.c1
-rw-r--r--src/test/test-unit-file.c3
-rw-r--r--src/test/test-xattr-util.c2
-rw-r--r--src/timedate/timedated.c1
90 files changed, 477 insertions, 389 deletions
diff --git a/src/basic/copy.c b/src/basic/copy.c
index 50240de8b6..34e01ea1cf 100644
--- a/src/basic/copy.c
+++ b/src/basic/copy.c
@@ -19,7 +19,6 @@
#include "copy.h"
#include "dirent-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "io-util.h"
#include "macro.h"
@@ -28,6 +27,7 @@
#include "string-util.h"
#include "strv.h"
#include "time-util.h"
+#include "tmpfile-util.h"
#include "umask-util.h"
#include "user-util.h"
#include "xattr-util.h"
diff --git a/src/basic/fd-util.c b/src/basic/fd-util.c
index 97dc40357c..2fae4da15b 100644
--- a/src/basic/fd-util.c
+++ b/src/basic/fd-util.c
@@ -23,6 +23,7 @@
#include "socket-util.h"
#include "stdio-util.h"
#include "util.h"
+#include "tmpfile-util.h"
int close_nointr(int fd) {
assert(fd >= 0);
diff --git a/src/basic/fileio.c b/src/basic/fileio.c
index d86ad58153..6ccbae02a9 100644
--- a/src/basic/fileio.c
+++ b/src/basic/fileio.c
@@ -20,19 +20,16 @@
#include "fd-util.h"
#include "fileio.h"
#include "fs-util.h"
-#include "hexdecoct.h"
#include "log.h"
#include "macro.h"
#include "missing.h"
#include "parse-util.h"
#include "path-util.h"
#include "process-util.h"
-#include "random-util.h"
#include "stdio-util.h"
#include "string-util.h"
#include "strv.h"
-#include "time-util.h"
-#include "umask-util.h"
+#include "tmpfile-util.h"
#include "utf8.h"
#define READ_FULL_BYTES_MAX (4U*1024U*1024U)
@@ -1128,39 +1125,6 @@ int search_and_fopen_nulstr(const char *path, const char *mode, const char *root
return search_and_fopen_internal(path, mode, root, s, _f);
}
-int fopen_temporary(const char *path, FILE **_f, char **_temp_path) {
- FILE *f;
- char *t;
- int r, fd;
-
- assert(path);
- assert(_f);
- assert(_temp_path);
-
- r = tempfn_xxxxxx(path, NULL, &t);
- if (r < 0)
- return r;
-
- fd = mkostemp_safe(t);
- if (fd < 0) {
- free(t);
- return -errno;
- }
-
- f = fdopen(fd, "we");
- if (!f) {
- unlink_noerrno(t);
- free(t);
- safe_close(fd);
- return -errno;
- }
-
- *_f = f;
- *_temp_path = t;
-
- return 0;
-}
-
int fflush_and_check(FILE *f) {
assert(f);
@@ -1192,163 +1156,6 @@ int fflush_sync_and_check(FILE *f) {
return 0;
}
-/* This is much like mkostemp() but is subject to umask(). */
-int mkostemp_safe(char *pattern) {
- _cleanup_umask_ mode_t u = 0;
- int fd;
-
- assert(pattern);
-
- u = umask(077);
-
- fd = mkostemp(pattern, O_CLOEXEC);
- if (fd < 0)
- return -errno;
-
- return fd;
-}
-
-int fmkostemp_safe(char *pattern, const char *mode, FILE **ret_f) {
- int fd;
- FILE *f;
-
- fd = mkostemp_safe(pattern);
- if (fd < 0)
- return fd;
-
- f = fdopen(fd, mode);
- if (!f) {
- safe_close(fd);
- return -errno;
- }
-
- *ret_f = f;
- return 0;
-}
-
-int tempfn_xxxxxx(const char *p, const char *extra, char **ret) {
- const char *fn;
- char *t;
-
- assert(ret);
-
- if (isempty(p))
- return -EINVAL;
- if (path_equal(p, "/"))
- return -EINVAL;
-
- /*
- * Turns this:
- * /foo/bar/waldo
- *
- * Into this:
- * /foo/bar/.#<extra>waldoXXXXXX
- */
-
- fn = basename(p);
- if (!filename_is_valid(fn))
- return -EINVAL;
-
- extra = strempty(extra);
-
- t = new(char, strlen(p) + 2 + strlen(extra) + 6 + 1);
- if (!t)
- return -ENOMEM;
-
- strcpy(stpcpy(stpcpy(stpcpy(mempcpy(t, p, fn - p), ".#"), extra), fn), "XXXXXX");
-
- *ret = path_simplify(t, false);
- return 0;
-}
-
-int tempfn_random(const char *p, const char *extra, char **ret) {
- const char *fn;
- char *t, *x;
- uint64_t u;
- unsigned i;
-
- assert(ret);
-
- if (isempty(p))
- return -EINVAL;
- if (path_equal(p, "/"))
- return -EINVAL;
-
- /*
- * Turns this:
- * /foo/bar/waldo
- *
- * Into this:
- * /foo/bar/.#<extra>waldobaa2a261115984a9
- */
-
- fn = basename(p);
- if (!filename_is_valid(fn))
- return -EINVAL;
-
- extra = strempty(extra);
-
- t = new(char, strlen(p) + 2 + strlen(extra) + 16 + 1);
- if (!t)
- return -ENOMEM;
-
- x = stpcpy(stpcpy(stpcpy(mempcpy(t, p, fn - p), ".#"), extra), fn);
-
- u = random_u64();
- for (i = 0; i < 16; i++) {
- *(x++) = hexchar(u & 0xF);
- u >>= 4;
- }
-
- *x = 0;
-
- *ret = path_simplify(t, false);
- return 0;
-}
-
-int tempfn_random_child(const char *p, const char *extra, char **ret) {
- char *t, *x;
- uint64_t u;
- unsigned i;
- int r;
-
- assert(ret);
-
- /* Turns this:
- * /foo/bar/waldo
- * Into this:
- * /foo/bar/waldo/.#<extra>3c2b6219aa75d7d0
- */
-
- if (!p) {
- r = tmp_dir(&p);
- if (r < 0)
- return r;
- }
-
- extra = strempty(extra);
-
- t = new(char, strlen(p) + 3 + strlen(extra) + 16 + 1);
- if (!t)
- return -ENOMEM;
-
- if (isempty(p))
- x = stpcpy(stpcpy(t, ".#"), extra);
- else
- x = stpcpy(stpcpy(stpcpy(t, p), "/.#"), extra);
-
- u = random_u64();
- for (i = 0; i < 16; i++) {
- *(x++) = hexchar(u & 0xF);
- u >>= 4;
- }
-
- *x = 0;
-
- *ret = path_simplify(t, false);
- return 0;
-}
-
int write_timestamp_file_atomic(const char *fn, usec_t n) {
char ln[DECIMAL_STR_MAX(n)+2];
@@ -1412,71 +1219,6 @@ int fputs_with_space(FILE *f, const char *s, const char *separator, bool *space)
return fputs(s, f);
}
-int open_tmpfile_unlinkable(const char *directory, int flags) {
- char *p;
- int fd, r;
-
- if (!directory) {
- r = tmp_dir(&directory);
- if (r < 0)
- return r;
- } else if (isempty(directory))
- return -EINVAL;
-
- /* Returns an unlinked temporary file that cannot be linked into the file system anymore */
-
- /* Try O_TMPFILE first, if it is supported */
- fd = open(directory, flags|O_TMPFILE|O_EXCL, S_IRUSR|S_IWUSR);
- if (fd >= 0)
- return fd;
-
- /* Fall back to unguessable name + unlinking */
- p = strjoina(directory, "/systemd-tmp-XXXXXX");
-
- fd = mkostemp_safe(p);
- if (fd < 0)
- return fd;
-
- (void) unlink(p);
-
- return fd;
-}
-
-int open_tmpfile_linkable(const char *target, int flags, char **ret_path) {
- _cleanup_free_ char *tmp = NULL;
- int r, fd;
-
- assert(target);
- assert(ret_path);
-
- /* Don't allow O_EXCL, as that has a special meaning for O_TMPFILE */
- assert((flags & O_EXCL) == 0);
-
- /* Creates a temporary file, that shall be renamed to "target" later. If possible, this uses O_TMPFILE – in
- * which case "ret_path" will be returned as NULL. If not possible a the tempoary path name used is returned in
- * "ret_path". Use link_tmpfile() below to rename the result after writing the file in full. */
-
- fd = open_parent(target, O_TMPFILE|flags, 0640);
- if (fd >= 0) {
- *ret_path = NULL;
- return fd;
- }
-
- log_debug_errno(fd, "Failed to use O_TMPFILE for %s: %m", target);
-
- r = tempfn_random(target, NULL, &tmp);
- if (r < 0)
- return r;
-
- fd = open(tmp, O_CREAT|O_EXCL|O_NOFOLLOW|O_NOCTTY|flags, 0640);
- if (fd < 0)
- return -errno;
-
- *ret_path = TAKE_PTR(tmp);
-
- return fd;
-}
-
int open_serialization_fd(const char *ident) {
int fd;
@@ -1496,35 +1238,6 @@ int open_serialization_fd(const char *ident) {
return fd;
}
-int link_tmpfile(int fd, const char *path, const char *target) {
- int r;
-
- assert(fd >= 0);
- assert(target);
-
- /* Moves a temporary file created with open_tmpfile() above into its final place. if "path" is NULL an fd
- * created with O_TMPFILE is assumed, and linkat() is used. Otherwise it is assumed O_TMPFILE is not supported
- * on the directory, and renameat2() is used instead.
- *
- * Note that in both cases we will not replace existing files. This is because linkat() does not support this
- * operation currently (renameat2() does), and there is no nice way to emulate this. */
-
- if (path) {
- r = rename_noreplace(AT_FDCWD, path, AT_FDCWD, target);
- if (r < 0)
- return r;
- } else {
- char proc_fd_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(fd) + 1];
-
- xsprintf(proc_fd_path, "/proc/self/fd/%i", fd);
-
- if (linkat(AT_FDCWD, proc_fd_path, AT_FDCWD, target, AT_SYMLINK_FOLLOW) < 0)
- return -errno;
- }
-
- return 0;
-}
-
int read_nul_string(FILE *f, char **ret) {
_cleanup_free_ char *x = NULL;
size_t allocated = 0, n = 0;
@@ -1565,33 +1278,6 @@ int read_nul_string(FILE *f, char **ret) {
return 0;
}
-int mkdtemp_malloc(const char *template, char **ret) {
- _cleanup_free_ char *p = NULL;
- int r;
-
- assert(ret);
-
- if (template)
- p = strdup(template);
- else {
- const char *tmp;
-
- r = tmp_dir(&tmp);
- if (r < 0)
- return r;
-
- p = strjoin(tmp, "/XXXXXX");
- }
- if (!p)
- return -ENOMEM;
-
- if (!mkdtemp(p))
- return -errno;
-
- *ret = TAKE_PTR(p);
- return 0;
-}
-
DEFINE_TRIVIAL_CLEANUP_FUNC(FILE*, funlockfile);
int read_line(FILE *f, size_t limit, char **ret) {
diff --git a/src/basic/fileio.h b/src/basic/fileio.h
index dae115e3bb..8ca717f309 100644
--- a/src/basic/fileio.h
+++ b/src/basic/fileio.h
@@ -66,27 +66,13 @@ int search_and_fopen_nulstr(const char *path, const char *mode, const char *root
int fflush_and_check(FILE *f);
int fflush_sync_and_check(FILE *f);
-int fopen_temporary(const char *path, FILE **_f, char **_temp_path);
-int mkostemp_safe(char *pattern);
-int fmkostemp_safe(char *pattern, const char *mode, FILE**_f);
-
-int tempfn_xxxxxx(const char *p, const char *extra, char **ret);
-int tempfn_random(const char *p, const char *extra, char **ret);
-int tempfn_random_child(const char *p, const char *extra, char **ret);
-
int write_timestamp_file_atomic(const char *fn, usec_t n);
int read_timestamp_file(const char *fn, usec_t *ret);
int fputs_with_space(FILE *f, const char *s, const char *separator, bool *space);
-int open_tmpfile_unlinkable(const char *directory, int flags);
-int open_tmpfile_linkable(const char *target, int flags, char **ret_path);
int open_serialization_fd(const char *ident);
-int link_tmpfile(int fd, const char *path, const char *target);
-
int read_nul_string(FILE *f, char **ret);
-int mkdtemp_malloc(const char *template, char **ret);
-
int read_line(FILE *f, size_t limit, char **ret);
diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c
index 94efca08ca..f70878fb8e 100644
--- a/src/basic/fs-util.c
+++ b/src/basic/fs-util.c
@@ -13,7 +13,6 @@
#include "alloc-util.h"
#include "dirent-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "log.h"
#include "macro.h"
@@ -27,6 +26,7 @@
#include "string-util.h"
#include "strv.h"
#include "time-util.h"
+#include "tmpfile-util.h"
#include "user-util.h"
#include "util.h"
diff --git a/src/basic/meson.build b/src/basic/meson.build
index 124a3e9f84..d49aa65d8f 100644
--- a/src/basic/meson.build
+++ b/src/basic/meson.build
@@ -159,6 +159,8 @@ basic_sources = files('''
terminal-util.h
time-util.c
time-util.h
+ tmpfile-util.c
+ tmpfile-util.h
umask-util.h
unaligned.h
unit-def.c
diff --git a/src/basic/tmpfile-util.c b/src/basic/tmpfile-util.c
new file mode 100644
index 0000000000..dba0492ba8
--- /dev/null
+++ b/src/basic/tmpfile-util.c
@@ -0,0 +1,329 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+
+#include <sys/mman.h>
+
+#include "alloc-util.h"
+#include "fd-util.h"
+#include "fs-util.h"
+#include "hexdecoct.h"
+#include "macro.h"
+#include "memfd-util.h"
+#include "missing_syscall.h"
+#include "path-util.h"
+#include "process-util.h"
+#include "random-util.h"
+#include "stdio-util.h"
+#include "string-util.h"
+#include "tmpfile-util.h"
+#include "umask-util.h"
+
+int fopen_temporary(const char *path, FILE **_f, char **_temp_path) {
+ FILE *f;
+ char *t;
+ int r, fd;
+
+ assert(path);
+ assert(_f);
+ assert(_temp_path);
+
+ r = tempfn_xxxxxx(path, NULL, &t);
+ if (r < 0)
+ return r;
+
+ fd = mkostemp_safe(t);
+ if (fd < 0) {
+ free(t);
+ return -errno;
+ }
+
+ f = fdopen(fd, "we");
+ if (!f) {
+ unlink_noerrno(t);
+ free(t);
+ safe_close(fd);
+ return -errno;
+ }
+
+ *_f = f;
+ *_temp_path = t;
+
+ return 0;
+}
+
+/* This is much like mkostemp() but is subject to umask(). */
+int mkostemp_safe(char *pattern) {
+ _cleanup_umask_ mode_t u = 0;
+ int fd;
+
+ assert(pattern);
+
+ u = umask(077);
+
+ fd = mkostemp(pattern, O_CLOEXEC);
+ if (fd < 0)
+ return -errno;
+
+ return fd;
+}
+
+int fmkostemp_safe(char *pattern, const char *mode, FILE **ret_f) {
+ int fd;
+ FILE *f;
+
+ fd = mkostemp_safe(pattern);
+ if (fd < 0)
+ return fd;
+
+ f = fdopen(fd, mode);
+ if (!f) {
+ safe_close(fd);
+ return -errno;
+ }
+
+ *ret_f = f;
+ return 0;
+}
+
+int tempfn_xxxxxx(const char *p, const char *extra, char **ret) {
+ const char *fn;
+ char *t;
+
+ assert(ret);
+
+ if (isempty(p))
+ return -EINVAL;
+ if (path_equal(p, "/"))
+ return -EINVAL;
+
+ /*
+ * Turns this:
+ * /foo/bar/waldo
+ *
+ * Into this:
+ * /foo/bar/.#<extra>waldoXXXXXX
+ */
+
+ fn = basename(p);
+ if (!filename_is_valid(fn))
+ return -EINVAL;
+
+ extra = strempty(extra);
+
+ t = new(char, strlen(p) + 2 + strlen(extra) + 6 + 1);
+ if (!t)
+ return -ENOMEM;
+
+ strcpy(stpcpy(stpcpy(stpcpy(mempcpy(t, p, fn - p), ".#"), extra), fn), "XXXXXX");
+
+ *ret = path_simplify(t, false);
+ return 0;
+}
+
+int tempfn_random(const char *p, const char *extra, char **ret) {
+ const char *fn;
+ char *t, *x;
+ uint64_t u;
+ unsigned i;
+
+ assert(ret);
+
+ if (isempty(p))
+ return -EINVAL;
+ if (path_equal(p, "/"))
+ return -EINVAL;
+
+ /*
+ * Turns this:
+ * /foo/bar/waldo
+ *
+ * Into this:
+ * /foo/bar/.#<extra>waldobaa2a261115984a9
+ */
+
+ fn = basename(p);
+ if (!filename_is_valid(fn))
+ return -EINVAL;
+
+ extra = strempty(extra);
+
+ t = new(char, strlen(p) + 2 + strlen(extra) + 16 + 1);
+ if (!t)
+ return -ENOMEM;
+
+ x = stpcpy(stpcpy(stpcpy(mempcpy(t, p, fn - p), ".#"), extra), fn);
+
+ u = random_u64();
+ for (i = 0; i < 16; i++) {
+ *(x++) = hexchar(u & 0xF);
+ u >>= 4;
+ }
+
+ *x = 0;
+
+ *ret = path_simplify(t, false);
+ return 0;
+}
+
+int tempfn_random_child(const char *p, const char *extra, char **ret) {
+ char *t, *x;
+ uint64_t u;
+ unsigned i;
+ int r;
+
+ assert(ret);
+
+ /* Turns this:
+ * /foo/bar/waldo
+ * Into this:
+ * /foo/bar/waldo/.#<extra>3c2b6219aa75d7d0
+ */
+
+ if (!p) {
+ r = tmp_dir(&p);
+ if (r < 0)
+ return r;
+ }
+
+ extra = strempty(extra);
+
+ t = new(char, strlen(p) + 3 + strlen(extra) + 16 + 1);
+ if (!t)
+ return -ENOMEM;
+
+ if (isempty(p))
+ x = stpcpy(stpcpy(t, ".#"), extra);
+ else
+ x = stpcpy(stpcpy(stpcpy(t, p), "/.#"), extra);
+
+ u = random_u64();
+ for (i = 0; i < 16; i++) {
+ *(x++) = hexchar(u & 0xF);
+ u >>= 4;
+ }
+
+ *x = 0;
+
+ *ret = path_simplify(t, false);
+ return 0;
+}
+
+int open_tmpfile_unlinkable(const char *directory, int flags) {
+ char *p;
+ int fd, r;
+
+ if (!directory) {
+ r = tmp_dir(&directory);
+ if (r < 0)
+ return r;
+ } else if (isempty(directory))
+ return -EINVAL;
+
+ /* Returns an unlinked temporary file that cannot be linked into the file system anymore */
+
+ /* Try O_TMPFILE first, if it is supported */
+ fd = open(directory, flags|O_TMPFILE|O_EXCL, S_IRUSR|S_IWUSR);
+ if (fd >= 0)
+ return fd;
+
+ /* Fall back to unguessable name + unlinking */
+ p = strjoina(directory, "/systemd-tmp-XXXXXX");
+
+ fd = mkostemp_safe(p);
+ if (fd < 0)
+ return fd;
+
+ (void) unlink(p);
+
+ return fd;
+}
+
+int open_tmpfile_linkable(const char *target, int flags, char **ret_path) {
+ _cleanup_free_ char *tmp = NULL;
+ int r, fd;
+
+ assert(target);
+ assert(ret_path);
+
+ /* Don't allow O_EXCL, as that has a special meaning for O_TMPFILE */
+ assert((flags & O_EXCL) == 0);
+
+ /* Creates a temporary file, that shall be renamed to "target" later. If possible, this uses O_TMPFILE – in
+ * which case "ret_path" will be returned as NULL. If not possible a the tempoary path name used is returned in
+ * "ret_path". Use link_tmpfile() below to rename the result after writing the file in full. */
+
+ fd = open_parent(target, O_TMPFILE|flags, 0640);
+ if (fd >= 0) {
+ *ret_path = NULL;
+ return fd;
+ }
+
+ log_debug_errno(fd, "Failed to use O_TMPFILE for %s: %m", target);
+
+ r = tempfn_random(target, NULL, &tmp);
+ if (r < 0)
+ return r;
+
+ fd = open(tmp, O_CREAT|O_EXCL|O_NOFOLLOW|O_NOCTTY|flags, 0640);
+ if (fd < 0)
+ return -errno;
+
+ *ret_path = TAKE_PTR(tmp);
+
+ return fd;
+}
+
+int link_tmpfile(int fd, const char *path, const char *target) {
+ int r;
+
+ assert(fd >= 0);
+ assert(target);
+
+ /* Moves a temporary file created with open_tmpfile() above into its final place. if "path" is NULL an fd
+ * created with O_TMPFILE is assumed, and linkat() is used. Otherwise it is assumed O_TMPFILE is not supported
+ * on the directory, and renameat2() is used instead.
+ *
+ * Note that in both cases we will not replace existing files. This is because linkat() does not support this
+ * operation currently (renameat2() does), and there is no nice way to emulate this. */
+
+ if (path) {
+ r = rename_noreplace(AT_FDCWD, path, AT_FDCWD, target);
+ if (r < 0)
+ return r;
+ } else {
+ char proc_fd_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(fd) + 1];
+
+ xsprintf(proc_fd_path, "/proc/self/fd/%i", fd);
+
+ if (linkat(AT_FDCWD, proc_fd_path, AT_FDCWD, target, AT_SYMLINK_FOLLOW) < 0)
+ return -errno;
+ }
+
+ return 0;
+}
+
+int mkdtemp_malloc(const char *template, char **ret) {
+ _cleanup_free_ char *p = NULL;
+ int r;
+
+ assert(ret);
+
+ if (template)
+ p = strdup(template);
+ else {
+ const char *tmp;
+
+ r = tmp_dir(&tmp);
+ if (r < 0)
+ return r;
+
+ p = strjoin(tmp, "/XXXXXX");
+ }
+ if (!p)
+ return -ENOMEM;
+
+ if (!mkdtemp(p))
+ return -errno;
+
+ *ret = TAKE_PTR(p);
+ return 0;
+}
diff --git a/src/basic/tmpfile-util.h b/src/basic/tmpfile-util.h
new file mode 100644
index 0000000000..802c85d6d9
--- /dev/null
+++ b/src/basic/tmpfile-util.h
@@ -0,0 +1,19 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+#pragma once
+
+#include <stdio.h>
+
+int fopen_temporary(const char *path, FILE **_f, char **_temp_path);
+int mkostemp_safe(char *pattern);
+int fmkostemp_safe(char *pattern, const char *mode, FILE**_f);
+
+int tempfn_xxxxxx(const char *p, const char *extra, char **ret);
+int tempfn_random(const char *p, const char *extra, char **ret);
+int tempfn_random_child(const char *p, const char *extra, char **ret);
+
+int open_tmpfile_unlinkable(const char *directory, int flags);
+int open_tmpfile_linkable(const char *target, int flags, char **ret_path);
+
+int link_tmpfile(int fd, const char *path, const char *target);
+
+int mkdtemp_malloc(const char *template, char **ret);
diff --git a/src/boot/bootctl.c b/src/boot/bootctl.c
index 608b35b715..2008341f63 100644
--- a/src/boot/bootctl.c
+++ b/src/boot/bootctl.c
@@ -38,6 +38,7 @@
#include "string-util.h"
#include "strv.h"
#include "terminal-util.h"
+#include "tmpfile-util.h"
#include "umask-util.h"
#include "utf8.h"
#include "util.h"
diff --git a/src/core/unit.c b/src/core/unit.c
index d58f2eaacf..122b399d66 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -48,6 +48,7 @@
#include "string-util.h"
#include "strv.h"
#include "terminal-util.h"
+#include "tmpfile-util.h"
#include "umask-util.h"
#include "unit-name.h"
#include "unit.h"
diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
index 8c2cf7daa6..79d627c465 100644
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -46,6 +46,7 @@
#include "string-table.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "user-util.h"
#include "util.h"
diff --git a/src/coredump/coredumpctl.c b/src/coredump/coredumpctl.c
index de26bee931..8fbe653f0c 100644
--- a/src/coredump/coredumpctl.c
+++ b/src/coredump/coredumpctl.c
@@ -17,7 +17,6 @@
#include "compress.h"
#include "def.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "journal-internal.h"
#include "journal-util.h"
@@ -35,6 +34,7 @@
#include "string-util.h"
#include "strv.h"
#include "terminal-util.h"
+#include "tmpfile-util.h"
#include "user-util.h"
#include "util.h"
#include "verbs.h"
diff --git a/src/fuzz/fuzz-catalog.c b/src/fuzz/fuzz-catalog.c
index e40fe60bfb..7ee9750141 100644
--- a/src/fuzz/fuzz-catalog.c
+++ b/src/fuzz/fuzz-catalog.c
@@ -2,9 +2,9 @@
#include "catalog.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "fuzz.h"
+#include "tmpfile-util.h"
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_(unlink_tempfilep) char name[] = "/tmp/fuzz-catalog.XXXXXX";
diff --git a/src/fuzz/fuzz-journald-native-fd.c b/src/fuzz/fuzz-journald-native-fd.c
index 95415d9f85..8e3e850fbb 100644
--- a/src/fuzz/fuzz-journald-native-fd.c
+++ b/src/fuzz/fuzz-journald-native-fd.c
@@ -1,13 +1,13 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
-#include "fuzz.h"
#include "fuzz-journald.h"
+#include "fuzz.h"
#include "journald-native.h"
#include "memfd-util.h"
#include "process-util.h"
+#include "tmpfile-util.h"
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
Server s;
diff --git a/src/import/export-raw.c b/src/import/export-raw.c
index 04ad129ca1..6a02b47a17 100644
--- a/src/import/export-raw.c
+++ b/src/import/export-raw.c
@@ -15,13 +15,13 @@
#include "copy.h"
#include "export-raw.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "import-common.h"
#include "missing.h"
#include "ratelimit.h"
#include "stat-util.h"
#include "string-util.h"
+#include "tmpfile-util.h"
#include "util.h"
#define COPY_BUFFER_SIZE (16*1024)
diff --git a/src/import/export-tar.c b/src/import/export-tar.c
index 3aab390637..ed546769f3 100644
--- a/src/import/export-tar.c
+++ b/src/import/export-tar.c
@@ -6,11 +6,11 @@
#include "btrfs-util.h"
#include "export-tar.h"
#include "fd-util.h"
-#include "fileio.h"
#include "import-common.h"
#include "process-util.h"
#include "ratelimit.h"
#include "string-util.h"
+#include "tmpfile-util.h"
#include "util.h"
#define COPY_BUFFER_SIZE (16*1024)
diff --git a/src/import/import-common.c b/src/import/import-common.c
index 24cab484a2..89f03010d1 100644
--- a/src/import/import-common.c
+++ b/src/import/import-common.c
@@ -16,6 +16,7 @@
#include "os-util.h"
#include "process-util.h"
#include "signal-util.h"
+#include "tmpfile-util.h"
#include "util.h"
int import_make_read_only_fd(int fd) {
diff --git a/src/import/import-fs.c b/src/import/import-fs.c
index bc2e631e7b..35ba6ba382 100644
--- a/src/import/import-fs.c
+++ b/src/import/import-fs.c
@@ -5,18 +5,18 @@
#include "alloc-util.h"
#include "btrfs-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "hostname-util.h"
#include "import-common.h"
#include "import-util.h"
#include "machine-image.h"
#include "mkdir.h"
+#include "parse-util.h"
#include "ratelimit.h"
#include "rm-rf.h"
#include "string-util.h"
+#include "tmpfile-util.h"
#include "verbs.h"
-#include "parse-util.h"
static bool arg_force = false;
static bool arg_read_only = false;
diff --git a/src/import/import-raw.c b/src/import/import-raw.c
index 2b96330c14..4b1161557d 100644
--- a/src/import/import-raw.c
+++ b/src/import/import-raw.c
@@ -10,7 +10,6 @@
#include "chattr-util.h"
#include "copy.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "hostname-util.h"
#include "import-common.h"
@@ -24,6 +23,7 @@
#include "ratelimit.h"
#include "rm-rf.h"
#include "string-util.h"
+#include "tmpfile-util.h"
#include "util.h"
struct RawImport {
diff --git a/src/import/import-tar.c b/src/import/import-tar.c
index 0bb086f142..4d0d9254d0 100644
--- a/src/import/import-tar.c
+++ b/src/import/import-tar.c
@@ -24,6 +24,7 @@
#include "ratelimit.h"
#include "rm-rf.h"
#include "string-util.h"
+#include "tmpfile-util.h"
#include "util.h"
struct TarImport {
diff --git a/src/import/pull-raw.c b/src/import/pull-raw.c
index 39d1747f7d..3a3e015df8 100644
--- a/src/import/pull-raw.c
+++ b/src/import/pull-raw.c
@@ -12,7 +12,6 @@
#include "copy.h"
#include "curl-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "hostname-util.h"
#include "import-common.h"
@@ -27,6 +26,7 @@
#include "rm-rf.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "utf8.h"
#include "util.h"
#include "web-util.h"
diff --git a/src/import/pull-tar.c b/src/import/pull-tar.c
index b19d4ea391..e7a208e904 100644
--- a/src/import/pull-tar.c
+++ b/src/import/pull-tar.c
@@ -10,7 +10,6 @@
#include "copy.h"
#include "curl-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "hostname-util.h"
#include "import-common.h"
@@ -25,6 +24,7 @@
#include "rm-rf.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "utf8.h"
#include "util.h"
#include "web-util.h"
diff --git a/src/journal-remote/journal-gatewayd.c b/src/journal-remote/journal-gatewayd.c
index 91e25a87ab..69bc447920 100644
--- a/src/journal-remote/journal-gatewayd.c
+++ b/src/journal-remote/journal-gatewayd.c
@@ -23,6 +23,7 @@
#include "parse-util.h"
#include "pretty-print.h"
#include "sigbus.h"
+#include "tmpfile-util.h"
#include "util.h"
#define JOURNAL_WAIT_TIMEOUT (10*USEC_PER_SEC)
diff --git a/src/journal-remote/journal-upload.c b/src/journal-remote/journal-upload.c
index 924ea4936e..e2cb76141f 100644
--- a/src/journal-remote/journal-upload.c
+++ b/src/journal-remote/journal-upload.c
@@ -26,6 +26,7 @@
#include "signal-util.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "util.h"
#define PRIV_KEY_FILE CERTIFICATE_ROOT "/private/journal-upload.pem"
diff --git a/src/journal/catalog.c b/src/journal/catalog.c
index 0f18d31add..e4ca959bd6 100644
--- a/src/journal/catalog.c
+++ b/src/journal/catalog.c
@@ -24,6 +24,7 @@
#include "strbuf.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "util.h"
const char * const catalog_file_dirs[] = {
diff --git a/src/journal/journal-send.c b/src/journal/journal-send.c
index a0621524a9..87056435fc 100644
--- a/src/journal/journal-send.c
+++ b/src/journal/journal-send.c
@@ -14,12 +14,12 @@
#include "alloc-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "io-util.h"
#include "memfd-util.h"
#include "socket-util.h"
#include "stdio-util.h"
#include "string-util.h"
+#include "tmpfile-util.h"
#include "util.h"
#define SNDBUF_SIZE (8*1024*1024)
diff --git a/src/journal/journal-verify.c b/src/journal/journal-verify.c
index 5569ddc313..5eff80a99f 100644
--- a/src/journal/journal-verify.c
+++ b/src/journal/journal-verify.c
@@ -17,6 +17,7 @@
#include "lookup3.h"
#include "macro.h"
#include "terminal-util.h"
+#include "tmpfile-util.h"
#include "util.h"
static void draw_progress(uint64_t p, usec_t *last_usec) {
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index 1d3766d971..14a02eda74 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -62,6 +62,7 @@
#include "strv.h"
#include "syslog-util.h"
#include "terminal-util.h"
+#include "tmpfile-util.h"
#include "unit-name.h"
#include "user-util.h"
diff --git a/src/journal/journald-stream.c b/src/journal/journald-stream.c
index ebe49850f5..7283001158 100644
--- a/src/journal/journald-stream.c
+++ b/src/journal/journald-stream.c
@@ -31,6 +31,7 @@
#include "stdio-util.h"
#include "string-util.h"
#include "syslog-util.h"
+#include "tmpfile-util.h"
#include "unit-name.h"
#define STDOUT_STREAMS_MAX 4096
diff --git a/src/journal/test-catalog.c b/src/journal/test-catalog.c
index e9a751bdfd..192bb0cb07 100644
--- a/src/journal/test-catalog.c
+++ b/src/journal/test-catalog.c
@@ -11,13 +11,13 @@
#include "catalog.h"
#include "fd-util.h"
#include "fs-util.h"
-#include "fileio.h"
#include "log.h"
#include "macro.h"
#include "path-util.h"
#include "string-util.h"
#include "strv.h"
#include "tests.h"
+#include "tmpfile-util.h"
#include "util.h"
static char** catalog_dirs = NULL;
diff --git a/src/journal/test-compress.c b/src/journal/test-compress.c
index bf35a5f4b9..1b050b7052 100644
--- a/src/journal/test-compress.c
+++ b/src/journal/test-compress.c
@@ -7,12 +7,12 @@
#include "alloc-util.h"
#include "compress.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "macro.h"
#include "path-util.h"
#include "random-util.h"
#include "tests.h"
+#include "tmpfile-util.h"
#include "util.h"
#if HAVE_XZ
diff --git a/src/journal/test-mmap-cache.c b/src/journal/test-mmap-cache.c
index 5c55b35f57..8f755efdde 100644
--- a/src/journal/test-mmap-cache.c
+++ b/src/journal/test-mmap-cache.c
@@ -6,9 +6,9 @@
#include <unistd.h>
#include "fd-util.h"
-#include "fileio.h"
#include "macro.h"
#include "mmap-cache.h"
+#include "tmpfile-util.h"
#include "util.h"
int main(int argc, char *argv[]) {
diff --git a/src/libsystemd-network/sd-dhcp-lease.c b/src/libsystemd-network/sd-dhcp-lease.c
index c2455c7133..1c6efc5563 100644
--- a/src/libsystemd-network/sd-dhcp-lease.c
+++ b/src/libsystemd-network/sd-dhcp-lease.c
@@ -26,6 +26,7 @@
#include "stdio-util.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "unaligned.h"
int sd_dhcp_lease_get_address(sd_dhcp_lease *lease, struct in_addr *addr) {
diff --git a/src/libsystemd/sd-bus/test-bus-watch-bind.c b/src/libsystemd/sd-bus/test-bus-watch-bind.c
index 40879b8537..4b3da30079 100644
--- a/src/libsystemd/sd-bus/test-bus-watch-bind.c
+++ b/src/libsystemd/sd-bus/test-bus-watch-bind.c
@@ -8,7 +8,6 @@
#include "alloc-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "mkdir.h"
#include "path-util.h"
@@ -16,6 +15,7 @@
#include "rm-rf.h"
#include "socket-util.h"
#include "string-util.h"
+#include "tmpfile-util.h"
static int method_foobar(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) {
log_info("Got Foobar() call.");
diff --git a/src/libsystemd/sd-device/device-private.c b/src/libsystemd/sd-device/device-private.c
index 8cc216c353..95a581e66e 100644
--- a/src/libsystemd/sd-device/device-private.c
+++ b/src/libsystemd/sd-device/device-private.c
@@ -24,6 +24,7 @@
#include "string-util.h"
#include "strv.h"
#include "strxcpyx.h"
+#include "tmpfile-util.h"
#include "user-util.h"
#include "util.h"
diff --git a/src/libsystemd/sd-event/test-event.c b/src/libsystemd/sd-event/test-event.c
index 50074a56be..6fd6d9f0b0 100644
--- a/src/libsystemd/sd-event/test-event.c
+++ b/src/libsystemd/sd-event/test-event.c
@@ -6,7 +6,6 @@
#include "alloc-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "log.h"
#include "macro.h"
@@ -17,6 +16,7 @@
#include "stdio-util.h"
#include "string-util.h"
#include "tests.h"
+#include "tmpfile-util.h"
#include "util.h"
static int prepare_handler(sd_event_source *s, void *userdata) {
diff --git a/src/libsystemd/sd-hwdb/hwdb-util.c b/src/libsystemd/sd-hwdb/hwdb-util.c
index 87259daadc..c5c329f2ac 100644
--- a/src/libsystemd/sd-hwdb/hwdb-util.c
+++ b/src/libsystemd/sd-hwdb/hwdb-util.c
@@ -16,6 +16,7 @@
#include "strbuf.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
static const char *default_hwdb_bin_dir = "/etc/udev";
static const char * const conf_file_dirs[] = {
diff --git a/src/locale/keymap-util.c b/src/locale/keymap-util.c
index 0bf62df22e..5a84438fbd 100644
--- a/src/locale/keymap-util.c
+++ b/src/locale/keymap-util.c
@@ -17,6 +17,7 @@
#include "mkdir.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
static bool startswith_comma(const char *s, const char *prefix) {
s = startswith(s, prefix);
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
index 0858fbd96c..0e441b5631 100644
--- a/src/login/logind-dbus.c
+++ b/src/login/logind-dbus.c
@@ -33,6 +33,7 @@
#include "special.h"
#include "strv.h"
#include "terminal-util.h"
+#include "tmpfile-util.h"
#include "unit-name.h"
#include "user-util.h"
#include "utmp-wtmp.h"
diff --git a/src/login/logind-inhibit.c b/src/login/logind-inhibit.c
index 71eea72da5..dc9e4d93dc 100644
--- a/src/login/logind-inhibit.c
+++ b/src/login/logind-inhibit.c
@@ -15,6 +15,7 @@
#include "parse-util.h"
#include "string-table.h"
#include "string-util.h"
+#include "tmpfile-util.h"
#include "user-util.h"
#include "util.h"
diff --git a/src/login/logind-seat.c b/src/login/logind-seat.c
index 3b06169c1d..c758ffd5fa 100644
--- a/src/login/logind-seat.c
+++ b/src/login/logind-seat.c
@@ -19,6 +19,7 @@
#include "stdio-util.h"
#include "string-util.h"
#include "terminal-util.h"
+#include "tmpfile-util.h"
#include "util.h"
int seat_new(Seat** ret, Manager *m, const char *id) {
diff --git a/src/login/logind-session.c b/src/login/logind-session.c
index 576a17a7f0..676ba37db8 100644
--- a/src/login/logind-session.c
+++ b/src/login/logind-session.c
@@ -30,6 +30,7 @@
#include "string-table.h"
#include "strv.h"
#include "terminal-util.h"
+#include "tmpfile-util.h"
#include "user-util.h"
#include "util.h"
diff --git a/src/login/logind-user.c b/src/login/logind-user.c
index 8d82944618..9f4835a8df 100644
--- a/src/login/logind-user.c
+++ b/src/login/logind-user.c
@@ -28,6 +28,7 @@
#include "stdio-util.h"
#include "string-table.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "unit-name.h"
#include "user-util.h"
#include "util.h"
diff --git a/src/machine/machine-dbus.c b/src/machine/machine-dbus.c
index da861c536c..c9580d99be 100644
--- a/src/machine/machine-dbus.c
+++ b/src/machine/machine-dbus.c
@@ -34,6 +34,7 @@
#include "signal-util.h"
#include "strv.h"
#include "terminal-util.h"
+#include "tmpfile-util.h"
#include "user-util.h"
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_class, machine_class, MachineClass);
diff --git a/src/machine/machine.c b/src/machine/machine.c
index e114541b3f..1120cd577b 100644
--- a/src/machine/machine.c
+++ b/src/machine/machine.c
@@ -26,6 +26,7 @@
#include "stdio-util.h"
#include "string-table.h"
#include "terminal-util.h"
+#include "tmpfile-util.h"
#include "unit-name.h"
#include "user-util.h"
#include "util.h"
diff --git a/src/machine/machined-dbus.c b/src/machine/machined-dbus.c
index 453ca30b64..64fa5f0344 100644
--- a/src/machine/machined-dbus.c
+++ b/src/machine/machined-dbus.c
@@ -25,6 +25,7 @@
#include "process-util.h"
#include "stdio-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "unit-name.h"
#include "user-util.h"
diff --git a/src/network/fuzz-netdev-parser.c b/src/network/fuzz-netdev-parser.c
index 207d67874f..37f7cf8ccd 100644
--- a/src/network/fuzz-netdev-parser.c
+++ b/src/network/fuzz-netdev-parser.c
@@ -1,10 +1,10 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "fuzz.h"
#include "networkd-manager.h"
+#include "tmpfile-util.h"
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_(manager_freep) Manager *manager = NULL;
diff --git a/src/network/fuzz-network-parser.c b/src/network/fuzz-network-parser.c
index 078b1e6d93..4b79500805 100644
--- a/src/network/fuzz-network-parser.c
+++ b/src/network/fuzz-network-parser.c
@@ -1,10 +1,10 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "fuzz.h"
#include "networkd-manager.h"
+#include "tmpfile-util.h"
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_(manager_freep) Manager *manager = NULL;
diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
index db2dbef52c..45908340ed 100644
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -25,6 +25,7 @@
#include "stdio-util.h"
#include "string-table.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "util.h"
#include "virt.h"
diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c
index 3b1ae0b41f..2a69e7b0a2 100644
--- a/src/network/networkd-manager.c
+++ b/src/network/networkd-manager.c
@@ -23,6 +23,7 @@
#include "path-util.h"
#include "set.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "virt.h"
/* use 8 MB for receive socket kernel queue. */
diff --git a/src/network/test-routing-policy-rule.c b/src/network/test-routing-policy-rule.c
index d112471587..f80f3c09a9 100644
--- a/src/network/test-routing-policy-rule.c
+++ b/src/network/test-routing-policy-rule.c
@@ -10,6 +10,7 @@
#include "networkd-manager.h"
#include "string-util.h"
#include "tests.h"
+#include "tmpfile-util.h"
static void test_rule_serialization(const char *title, const char *ruleset, const char *expected) {
char pattern[] = "/tmp/systemd-test-routing-policy-rule.XXXXXX",
diff --git a/src/nspawn/nspawn-mount.c b/src/nspawn/nspawn-mount.c
index 7fe73211e8..a9af889747 100644
--- a/src/nspawn/nspawn-mount.c
+++ b/src/nspawn/nspawn-mount.c
@@ -6,7 +6,6 @@
#include "alloc-util.h"
#include "escape.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "label.h"
#include "mkdir.h"
@@ -20,6 +19,7 @@
#include "stat-util.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "user-util.h"
#include "util.h"
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 8c6a74bea2..0fb42d1a74 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -93,6 +93,7 @@
#include "string-util.h"
#include "strv.h"
#include "terminal-util.h"
+#include "tmpfile-util.h"
#include "umask-util.h"
#include "user-util.h"
#include "util.h"
diff --git a/src/portable/portable.c b/src/portable/portable.c
index ca8043b41e..17a3e23ae0 100644
--- a/src/portable/portable.c
+++ b/src/portable/portable.c
@@ -26,6 +26,7 @@
#include "socket-util.h"
#include "string-table.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "user-util.h"
static const char profile_dirs[] = CONF_PATHS_NULSTR("systemd/portable/profile");
diff --git a/src/resolve/resolved-link.c b/src/resolve/resolved-link.c
index 0ae3b40018..bff5277b2d 100644
--- a/src/resolve/resolved-link.c
+++ b/src/resolve/resolved-link.c
@@ -16,6 +16,7 @@
#include "resolved-mdns.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
int link_new(Manager *m, Link **ret, int ifindex) {
_cleanup_(link_freep) Link *l = NULL;
diff --git a/src/resolve/resolved-resolv-conf.c b/src/resolve/resolved-resolv-conf.c
index 42225572f2..ad47d13d23 100644
--- a/src/resolve/resolved-resolv-conf.c
+++ b/src/resolve/resolved-resolv-conf.c
@@ -13,6 +13,7 @@
#include "resolved-resolv-conf.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util-label.h"
/* A resolv.conf file containing the DNS server and domain data we learnt from uplink, i.e. the full uplink data */
#define PRIVATE_UPLINK_RESOLV_CONF "/run/systemd/resolve/resolv.conf"
diff --git a/src/resolve/test-resolved-etc-hosts.c b/src/resolve/test-resolved-etc-hosts.c
index 1b22e38202..da10391d74 100644
--- a/src/resolve/test-resolved-etc-hosts.c
+++ b/src/resolve/test-resolved-etc-hosts.c
@@ -1,10 +1,10 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "log.h"
#include "resolved-etc-hosts.h"
+#include "tmpfile-util.h"
static void test_parse_etc_hosts_system(void) {
_cleanup_fclose_ FILE *f = NULL;
diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
index 37441a8f5b..246e27a135 100644
--- a/src/shared/ask-password-api.c
+++ b/src/shared/ask-password-api.c
@@ -41,6 +41,7 @@
#include "strv.h"
#include "terminal-util.h"
#include "time-util.h"
+#include "tmpfile-util.h"
#include "umask-util.h"
#include "utf8.h"
#include "util.h"
diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c
index ab956ede9e..b234ba15a2 100644
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -26,8 +26,8 @@
#include "id128-util.h"
#include "linux-3.13/dm-ioctl.h"
#include "missing.h"
-#include "mountpoint-util.h"
#include "mount-util.h"
+#include "mountpoint-util.h"
#include "os-util.h"
#include "path-util.h"
#include "process-util.h"
@@ -38,6 +38,7 @@
#include "string-table.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "user-util.h"
#include "xattr-util.h"
diff --git a/src/shared/exec-util.c b/src/shared/exec-util.c
index 10d774dfcd..972231d687 100644
--- a/src/shared/exec-util.c
+++ b/src/shared/exec-util.c
@@ -23,6 +23,7 @@
#include "string-util.h"
#include "strv.h"
#include "terminal-util.h"
+#include "tmpfile-util.h"
#include "util.h"
/* Put this test here for a lack of better place */
diff --git a/src/shared/fileio-label.c b/src/shared/fileio-label.c
index b5362b5cbc..22df9c9379 100644
--- a/src/shared/fileio-label.c
+++ b/src/shared/fileio-label.c
@@ -34,21 +34,6 @@ int write_env_file_label(const char *fname, char **l) {
return r;
}
-int fopen_temporary_label(const char *target,
- const char *path, FILE **f, char **temp_path) {
- int r;
-
- r = mac_selinux_create_file_prepare(target, S_IFREG);
- if (r < 0)
- return r;
-
- r = fopen_temporary(path, f, temp_path);
-
- mac_selinux_create_file_clear();
-
- return r;
-}
-
int create_shutdown_run_nologin_or_warn(void) {
int r;
diff --git a/src/shared/fileio-label.h b/src/shared/fileio-label.h
index 2347753fe4..2ef2c541de 100644
--- a/src/shared/fileio-label.h
+++ b/src/shared/fileio-label.h
@@ -12,6 +12,5 @@ static inline int write_string_file_atomic_label(const char *fn, const char *lin
return write_string_file_atomic_label_ts(fn, line, NULL);
}
int write_env_file_label(const char *fname, char **l);
-int fopen_temporary_label(const char *target, const char *path, FILE **f, char **temp_path);
int create_shutdown_run_nologin_or_warn(void);
diff --git a/src/shared/meson.build b/src/shared/meson.build
index 85c546eb5b..4971ce2d72 100644
--- a/src/shared/meson.build
+++ b/src/shared/meson.build
@@ -139,6 +139,8 @@ shared_sources = files('''
switch-root.h
sysctl-util.c
sysctl-util.h
+ tmpfile-util-label.c
+ tmpfile-util-label.h
tomoyo-util.c
tomoyo-util.h
udev-util.c
diff --git a/src/shared/path-lookup.c b/src/shared/path-lookup.c
index dc06502c81..442fde7b2d 100644
--- a/src/shared/path-lookup.c
+++ b/src/shared/path-lookup.c
@@ -6,7 +6,6 @@
#include <string.h>
#include "alloc-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "install.h"
#include "log.h"
@@ -18,6 +17,7 @@
#include "stat-util.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "user-util.h"
#include "util.h"
diff --git a/src/shared/tmpfile-util-label.c b/src/shared/tmpfile-util-label.c
new file mode 100644
index 0000000000..c12d7c1375
--- /dev/null
+++ b/src/shared/tmpfile-util-label.c
@@ -0,0 +1,26 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+
+#include <sys/stat.h>
+
+#include "selinux-util.h"
+#include "tmpfile-util-label.h"
+#include "tmpfile-util.h"
+
+int fopen_temporary_label(
+ const char *target,
+ const char *path,
+ FILE **f,
+ char **temp_path) {
+
+ int r;
+
+ r = mac_selinux_create_file_prepare(target, S_IFREG);
+ if (r < 0)
+ return r;
+
+ r = fopen_temporary(path, f, temp_path);
+
+ mac_selinux_create_file_clear();
+
+ return r;
+}
diff --git a/src/shared/tmpfile-util-label.h b/src/shared/tmpfile-util-label.h
new file mode 100644
index 0000000000..97a875161b
--- /dev/null
+++ b/src/shared/tmpfile-util-label.h
@@ -0,0 +1,10 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+#pragma once
+
+#include <stdio.h>
+
+/* These functions are split out of tmpfile-util.h (and not for example just flags to the functions they wrap) in order
+ * to optimize linking: This way, -lselinux is needed only for the callers of these functions that need selinux, but
+ * not for all */
+
+int fopen_temporary_label(const char *target, const char *path, FILE **f, char **temp_path);
diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
index 87ae4eb5d7..7f289ad374 100644
--- a/src/systemctl/systemctl.c
+++ b/src/systemctl/systemctl.c
@@ -37,7 +37,6 @@
#include "escape.h"
#include "exit-status.h"
#include "fd-util.h"
-#include "fileio.h"
#include "format-util.h"
#include "fs-util.h"
#include "glob-util.h"
@@ -73,6 +72,7 @@
#include "string-table.h"
#include "strv.h"
#include "terminal-util.h"
+#include "tmpfile-util.h"
#include "unit-def.h"
#include "unit-name.h"
#include "user-util.h"
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
index d0ab5a9b6c..384f89e5f5 100644
--- a/src/sysusers/sysusers.c
+++ b/src/sysusers/sysusers.c
@@ -20,6 +20,7 @@
#include "specifier.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util-label.h"
#include "uid-range.h"
#include "user-util.h"
#include "utf8.h"
diff --git a/src/test/test-acl-util.c b/src/test/test-acl-util.c
index a8d413533e..df879747f5 100644
--- a/src/test/test-acl-util.c
+++ b/src/test/test-acl-util.c
@@ -7,8 +7,8 @@
#include "acl-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "string-util.h"
+#include "tmpfile-util.h"
#include "user-util.h"
static void test_add_acls_for_user(void) {
diff --git a/src/test/test-async.c b/src/test/test-async.c
index 183f2be234..4f5307889e 100644
--- a/src/test/test-async.c
+++ b/src/test/test-async.c
@@ -3,8 +3,8 @@
#include <unistd.h>
#include "async.h"
-#include "fileio.h"
#include "macro.h"
+#include "tmpfile-util.h"
#include "util.h"
static bool test_async = false;
diff --git a/src/test/test-chown-rec.c b/src/test/test-chown-rec.c
index f635b4ff92..305d44f568 100644
--- a/src/test/test-chown-rec.c
+++ b/src/test/test-chown-rec.c
@@ -4,11 +4,11 @@
#include "alloc-util.h"
#include "chown-recursive.h"
-#include "fileio.h"
#include "log.h"
#include "rm-rf.h"
#include "string-util.h"
#include "tests.h"
+#include "tmpfile-util.h"
static const uint8_t acl[] = {
0x02, 0x00, 0x00, 0x00, 0x01, 0x00, 0x07, 0x00,
diff --git a/src/test/test-clock.c b/src/test/test-clock.c
index f5b9a72727..018e679b45 100644
--- a/src/test/test-clock.c
+++ b/src/test/test-clock.c
@@ -12,6 +12,7 @@
#include "fs-util.h"
#include "log.h"
#include "macro.h"
+#include "tmpfile-util.h"
static void test_clock_is_localtime(void) {
_cleanup_(unlink_tempfilep) char adjtime[] = "/tmp/test-adjtime.XXXXXX";
diff --git a/src/test/test-conf-parser.c b/src/test/test-conf-parser.c
index 497becff73..2921338f62 100644
--- a/src/test/test-conf-parser.c
+++ b/src/test/test-conf-parser.c
@@ -2,12 +2,12 @@
#include "conf-parser.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "log.h"
#include "macro.h"
#include "string-util.h"
#include "strv.h"
+#include "tmpfile-util.h"
#include "util.h"
static void test_config_parse_path_one(const char *rvalue, const char *expected) {
diff --git a/src/test/test-copy.c b/src/test/test-copy.c
index 4e265374ab..b17a1c53fe 100644
--- a/src/test/test-copy.c
+++ b/src/test/test-copy.c
@@ -15,6 +15,7 @@
#include "string-util.h"
#include "strv.h"
#include "tests.h"
+#include "tmpfile-util.h"
#include "user-util.h"
#include "util.h"
diff --git a/src/test/test-dev-setup.c b/src/test/test-dev-setup.c
index 523cfe43b1..9414ea6c3e 100644
--- a/src/test/test-dev-setup.c
+++ b/src/test/test-dev-setup.c
@@ -2,10 +2,10 @@
#include "capability-util.h"
#include "dev-setup.h"
-#include "fileio.h"
#include "fs-util.h"
#include "path-util.h"
#include "rm-rf.h"
+#include "tmpfile-util.h"
int main(int argc, char *argv[]) {
_cleanup_(rm_rf_physical_and_freep) char *p = NULL;
diff --git a/src/test/test-fd-util.c b/src/test/test-fd-util.c
index 157dc88320..a9ecfb6bfe 100644
--- a/src/test/test-fd-util.c
+++ b/src/test/test-fd-util.c
@@ -11,8 +11,9 @@
#include "process-util.h"
#include "random-util.h"
#include "string-util.h"
-#include "util.h"
#include "tests.h"
+#include "tmpfile-util.h"
+#include "util.h"
static void test_close_many(void) {
int fds[3];
diff --git a/src/test/test-fdset.c b/src/test/test-fdset.c
index 7d68a6b966..fb9d397569 100644
--- a/src/test/test-fdset.c
+++ b/src/test/test-fdset.c
@@ -5,8 +5,8 @@
#include "fd-util.h"
#include "fdset.h"
-#include "fileio.h"
#include "macro.h"
+#include "tmpfile-util.h"
#include "util.h"
static void test_fdset_new_fill(void) {
diff --git a/src/test/test-fileio.c b/src/test/test-fileio.c
index de95a1433f..da536fe5ab 100644
--- a/src/test/test-fileio.c
+++ b/src/test/test-fileio.c
@@ -16,6 +16,7 @@
#include "string-util.h"
#include "strv.h"
#include "tests.h"
+#include "tmpfile-util.h"
#include "util.h"
static void test_parse_env_file(void) {
diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c
index d5f652c938..4962471141 100644
--- a/src/test/test-fs-util.c
+++ b/src/test/test-fs-util.c
@@ -5,7 +5,6 @@
#include "alloc-util.h"
#include "fd-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "id128-util.h"
#include "macro.h"
@@ -16,6 +15,7 @@
#include "string-util.h"
#include "strv.h"
#include "tests.h"
+#include "tmpfile-util.h"
#include "user-util.h"
#include "util.h"
#include "virt.h"
diff --git a/src/test/test-glob-util.c b/src/test/test-glob-util.c
index d78d6223c0..b4f41445fe 100644
--- a/src/test/test-glob-util.c
+++ b/src/test/test-glob-util.c
@@ -7,11 +7,11 @@
#include "alloc-util.h"
#include "dirent-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "glob-util.h"
#include "macro.h"
#include "rm-rf.h"
+#include "tmpfile-util.h"
static void test_glob_exists(void) {
char name[] = "/tmp/test-glob_exists.XXXXXX";
diff --git a/src/test/test-hostname-util.c b/src/test/test-hostname-util.c
index 194a640eee..8ba47d316b 100644
--- a/src/test/test-hostname-util.c
+++ b/src/test/test-hostname-util.c
@@ -4,6 +4,7 @@
#include "fileio.h"
#include "hostname-util.h"
#include "string-util.h"
+#include "tmpfile-util.h"
#include "util.h"
static void test_hostname_is_valid(void) {
diff --git a/src/test/test-id128.c b/src/test/test-id128.c
index e3d07a69f3..ec50e057a3 100644
--- a/src/test/test-id128.c
+++ b/src/test/test-id128.c
@@ -7,10 +7,10 @@
#include "alloc-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "id128-util.h"
#include "macro.h"
#include "string-util.h"
+#include "tmpfile-util.h"
#include "util.h"
#define ID128_WALDI SD_ID128_MAKE(01, 02, 03, 04, 05, 06, 07, 08, 09, 0a, 0b, 0c, 0d, 0e, 0f, 10)
diff --git a/src/test/test-serialize.c b/src/test/test-serialize.c
index e306b1f1d6..a57d5db2b1 100644
--- a/src/test/test-serialize.c
+++ b/src/test/test-serialize.c
@@ -8,6 +8,7 @@
#include "serialize.h"
#include "strv.h"
#include "tests.h"
+#include "tmpfile-util.h"
char long_string[LONG_LINE_MAX+1];
diff --git a/src/test/test-socket-util.c b/src/test/test-socket-util.c
index 349d866442..f902f500e0 100644
--- a/src/test/test-socket-util.c
+++ b/src/test/test-socket-util.c
@@ -9,7 +9,6 @@
#include "escape.h"
#include "exit-status.h"
#include "fd-util.h"
-#include "fileio.h"
#include "in-addr-util.h"
#include "io-util.h"
#include "log.h"
@@ -17,8 +16,9 @@
#include "process-util.h"
#include "socket-util.h"
#include "string-util.h"
-#include "util.h"
#include "tests.h"
+#include "tmpfile-util.h"
+#include "util.h"
static void test_ifname_valid(void) {
log_info("/* %s */", __func__);
diff --git a/src/test/test-stat-util.c b/src/test/test-stat-util.c
index 3487ac785d..d16fdd90d1 100644
--- a/src/test/test-stat-util.c
+++ b/src/test/test-stat-util.c
@@ -6,12 +6,12 @@
#include "alloc-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "macro.h"
#include "missing.h"
#include "mountpoint-util.h"
-#include "stat-util.h"
#include "path-util.h"
+#include "stat-util.h"
+#include "tmpfile-util.h"
static void test_files_same(void) {
_cleanup_close_ int fd = -1;
diff --git a/src/test/test-terminal-util.c b/src/test/test-terminal-util.c
index 7edf7681c2..958d369430 100644
--- a/src/test/test-terminal-util.c
+++ b/src/test/test-terminal-util.c
@@ -5,11 +5,11 @@
#include "alloc-util.h"
#include "fd-util.h"
-#include "fileio.h"
-#include "tests.h"
#include "macro.h"
#include "strv.h"
#include "terminal-util.h"
+#include "tests.h"
+#include "tmpfile-util.h"
#include "util.h"
static void test_default_term_for_tty(void) {
diff --git a/src/test/test-tmpfiles.c b/src/test/test-tmpfiles.c
index 7f288e54ce..b526871655 100644
--- a/src/test/test-tmpfiles.c
+++ b/src/test/test-tmpfiles.c
@@ -14,6 +14,7 @@
#include "process-util.h"
#include "string-util.h"
#include "tests.h"
+#include "tmpfile-util.h"
#include "util.h"
int main(int argc, char** argv) {
diff --git a/src/test/test-unit-file.c b/src/test/test-unit-file.c
index 493ca50220..b1aa387110 100644
--- a/src/test/test-unit-file.c
+++ b/src/test/test-unit-file.c
@@ -7,8 +7,8 @@
#include <sys/capability.h>
#include <unistd.h>
-#include "alloc-util.h"
#include "all-units.h"
+#include "alloc-util.h"
#include "capability-util.h"
#include "conf-parser.h"
#include "fd-util.h"
@@ -26,6 +26,7 @@
#include "strv.h"
#include "test-helper.h"
#include "tests.h"
+#include "tmpfile-util.h"
#include "user-util.h"
#include "util.h"
diff --git a/src/test/test-xattr-util.c b/src/test/test-xattr-util.c
index 2d93e65be2..3e6df96c5d 100644
--- a/src/test/test-xattr-util.c
+++ b/src/test/test-xattr-util.c
@@ -8,11 +8,11 @@
#include "alloc-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fs-util.h"
#include "macro.h"
#include "string-util.h"
#include "tests.h"
+#include "tmpfile-util.h"
#include "xattr-util.h"
static void test_fgetxattrat_fake(void) {
diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c
index a79185a59a..e634481524 100644
--- a/src/timedate/timedated.c
+++ b/src/timedate/timedated.c
@@ -15,6 +15,7 @@
#include "clock-util.h"
#include "def.h"
#include "fileio-label.h"
+#include "fileio.h"
#include "fs-util.h"
#include "hashmap.h"
#include "list.h"