| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
As reported by Fossies.
|
|
|
|
|
|
|
|
|
| |
Addresses
https://github.com/systemd/systemd/pull/25608/commits/84be0c710d9d562f6d2cf986cc2a8ff4c98a138b#r1060130312,
https://github.com/systemd/systemd/pull/25608/commits/84be0c710d9d562f6d2cf986cc2a8ff4c98a138b#r1067927293, and
https://github.com/systemd/systemd/pull/25608/commits/84be0c710d9d562f6d2cf986cc2a8ff4c98a138b#r1067926416.
Follow-up for 84be0c710d9d562f6d2cf986cc2a8ff4c98a138b.
|
|
|
|
|
|
|
|
| |
If we don't find a single useful partition table, refusing dissection.
(Except in systemd-dissect, when we are supposed to show DDI
information, in that case allow this to run and show general DDI
information, i.e. size, UUID and name at least)
|
|
|
|
|
|
| |
This allows unprivileged validation of DDIs. Only superficial structure,
i.e. not mounting or so. This becomes particularly handy in the
integration tests, and to validate image policies.
|
| |
|
|
|
|
|
|
|
|
|
| |
Chasing symlinks is a core function that's used in a lot of places
so it deservers a less verbose names so let's rename it to chase()
and chaseat().
We also slightly change the pattern used for the chaseat() helpers
so we get chase_and_openat() and similar.
|
|
|
|
|
|
|
| |
Let's avoid any ambiguities around paths, and make them absolute when
accepting them, like we do in most our tools now. This makes us
independent of the current working directory and allows us to change it
without issues or pass around the paths elsewhere if need be.
|
|
|
|
|
| |
DDIs should not contain files owned by dynamic users or the nobody
users. Let's subtly highlight those entries in mtree output.
|
| |
|
|
|
|
|
|
|
|
|
| |
actions
Let's invoke dissected_image_decrypt_interactively() at once place only,
instead of in each function separately.
No actual changes, just some minor refactoring.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When attaching a loopback file this allows us to set an explicit name
for it. This is useful since it allows a caller to pre-select a string
that is directly attached to the loopback file. Via udev rules we'l
later make the device accessible through this name.
Note that "lo_file_name" is supposed to carry a file name of the backing
file, but the kernel actually does not care or enforce any of that, it
just stores the filename and returns it later. This makes it so useful,
as userspace has total control of that field.
"lo_file_name" should not be confused with the sysattr
"loop/backing_file" which is actually maintained by the kernel itself,
and always shows the file to the backing inode without userspace having
direct control over the returned string. Because the sysattr is
generated by the kernel it is subject to file system namespacing and
everything, while "lo_file_name" is not, it's really just a string
passed through the kernel.
|
|
|
|
|
|
|
|
|
|
| |
Sometimes it is useful attaching DDIs without mounting them. We could
use "losetup" for that, but doing this in systemd-dissect has various
benefits:
1. we superficially validate the DDI first
2. we set the sector size depending on what we determine
3. we synchronously create the per-partition block devices
|
|
|
|
|
|
|
|
|
|
|
| |
With this change we'll install a symlink /sbin/mount.ddi →
systemd-dissect. If invoked that way we'll do the equivalent of
systemd-dissect --mount.
This makes DDIs mountable directly via the "mount" command, by
specifying the "-t ddi" pseudo file system type. Moreover you can now
mount DDIs directly via /etc/fstab, by specifying "ddi" in the file
system column (3rd column).
|
|
|
|
|
| |
We already determine the architecture of disk images and make a choice,
and store it per partition. Let's make this accessible globally.
|
|\
| |
| | |
Copy symlink xattrs
|
| |
| |
| |
| |
| | |
Let's make copy_xattr() a little more generic in preparation for
copying symlink xattrs.
|
|/ |
|
| |
|
|
|
|
|
|
| |
Let's not leave the sector size unspecified: either set a user supplied
value, or auto-detect the right size by probing the disk image
accordingly.
|
| |
|
|
|
|
|
|
| |
recurse_dir() does not provide 'sx' on error.
Fixes #25862.
|
| |
|
|
|
|
|
| |
And while we are at it, make use of path_extract_filename() return value
that indicates whether the path was suffixed with a slash.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
-1 was used everywhere, but -EBADF or -EBADFD started being used in various
places. Let's make things consistent in the new style.
Note that there are two candidates:
EBADF 9 Bad file descriptor
EBADFD 77 File descriptor in bad state
Since we're initializating the fd, we're just assigning a value that means
"no fd yet", so it's just a bad file descriptor, and the first errno fits
better. If instead we had a valid file descriptor that became invalid because
of some operation or state change, the other errno would fit better.
In some places, initialization is dropped if unnecessary.
|
|
|
|
|
|
|
|
|
|
| |
directly on it
This is useful for operating in ephemeral, writable mode on any image,
including read-only ones. It also has the benefit of not keeping the
image file's filesystem busy.
Inspired by the discussions in #25648
|
| |
|
| |
|
|
|
|
| |
Fixes #25480.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
DISSECT_IMAGE_OPEN_PARTITION_DEVICES
Curently, these two flags were implied by dissect_loop_device(), but
that's not right, because this means systemd-gpt-auto-generator will
dissect the root block device with these flags set and that's not
desirable: the generator should not cause the partition devices to be
created (we don't intend to use them right-away after all, but expect
udev to find/probe them first, and then mount them though .mount units).
And there's no point in opening the partition devices, since we do not
intend to mount them via fds either.
Hence, rework this: instead of implying the flags, specify them
explicitly.
While we are at it, let's also rename the flags to make them more
descriptive:
DISSECT_IMAGE_MANAGE_PARTITION_DEVICES becomes
DISSECT_IMAGE_ADD_PARTITION_DEVICES, since that's really all this does:
add the partition devices via BLKPG.
DISSECT_IMAGE_OPEN_PARTITION_DEVICES becomes
DISSECT_IMAGE_PIN_PARTITION_DEVICES, since we not only open the devices,
but keep the devices open continously (i.e. we "pin" them).
Also, drop the DISSECT_IMAGE_BLOCK_DEVICE combination flag, since it is
misleading, i.e. it suggests it was appropriate to specify on all
dissected blocking devices, but that's precisely not the case, see the
systemd-gpt-auto-generator case. My guess is that the confusion around
this was actually the cause for this bug we are addressing here.
Fixes: #25528
|
|\
| |
| | |
repart: Don't descend into directories assigned to other partitions
|
| | |
|
| | |
|
|/
|
|
|
|
|
|
| |
image UUID
systemd-repart generates this in a suitably stable fashion, hence let's
actually use it as an identifier for the image. As a first step parse
it, and show it.
|
|
|
|
| |
file manifest
|
| |
|
|
|
|
|
| |
Let's complete support for DDI discovery, and also support 2nd stage
initrds.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We are not interested in the struct dirent data, hence there's no point
in passing RECURSE_DIR_ENSURE_TYPE. Let's drop it, and thus avoid some
extrac work on file systems where readdir() does not report .d_type.
Also drop RECURSE_DIR_SAME_MOUNT, because DDIs after all may contain
multiple partitions, and we mount them all together. The --list command
really should report the full set of files in an image.
|
| |
|
|\
| |
| | |
Split/rename util.c+h and def.h
|
| | |
|
|/
|
|
|
| |
Given this is just auxiliary info, let's make it a tiny bit less visible
then the main part of the path.
|
| |
|
|
|
|
|
| |
New option to print the paths of all the files and directories in the image to
stdout.
|
| |
|
| |
|
|
|
|
| |
No functional changes, just preparation for later commits.
|
| |
|